By applying for, and holding, a CDF Online facility and CDF Online user access, the Account Holder and Authorising Parties consent to, and agree to be bound by, the following terms and conditions:

1. CDF Online is a hosted facility provided by the Diocese of Sandhurst Development Fund (DDF) to the Account Holder, providing online access to accounts held with DDF.
2. The Account Holder and Authorising Parties are responsible for adding, removing and managing all nominated CDF Online Users, and all actions undertaken by these users.
3. Account Holders are responsible for communicating changes or cancellation of CDF Online User access to each user.
4. CDF Online users may be added or removed, have their designated access capability amended, or their profile altered by the Account Holder, or approved authorising parties, by providing a written request at least 1 business day before the change is required. DDF provides forms for these requests on our website.
5. CDF Online offers users the ability to perform the following services, based on their designated access capabilities:
   1. Enable the nominated CDF Online users to perform credit and debit transactions on nominated accounts, including the transfer of funds between DDF accounts and accounts held externally to DDF, such as an Australian Authorised Deposit-Taking Institution (ADI) – an example of an ADI is a bank or credit union.
   2. Enable the nominated CDF Online users to perform BPAY payments
   3. Where the Account Holder has a Direct Debit User ID with the National Australia Bank (Direct Debit Facility), enable nominated CDF Online users to create, amend, authorise and cancel Direct Debit transactions from external accounts held with an ADI. Signed Direct Debit authorities must be held by the Account Holder and available for reference for each transaction.
   4. Enable the nominated CDF Online users to create, amend, authorise and cancel Periodical Payment authorities within CDF Online. Signed Periodical Payment authorities must be held by the Account Holder and available for reference for each transaction.

6. Each CDF Online user must be fully identified in line with the CDF identification requirements. Individuals who are not identified will not be provided with CDF online access. DDF includes our identification requirements in all forms related to adding a new CDF Online User.
7. Each CDF Online user will be provided with a unique CDF Online Login code and temporary password which will provide them with access to the accounts as delegated by the Account Holder of approved Authorising Parties. 
8. CDF Online Users must not provide their Login Code or Password details to any other person.

• Anyone who has access to Login Code and password details may be able to transact on these accounts and it is the responsibility of the Account Holder and the CDF Online Users who have been provided with login credentials to protect this information.
• The Account Holder is liable for all transactions processed when a CDF Online User breaches the integrity of the accounts by providing their Login Code and Password details to another party. DDF accepts no liability for these transactions.
• Inform DDF immediately if there is any suspicion that the security of login credentials has been breached.

9. Each CDF Online user has a designated access capability, it is the responsibility of the Account Holder and Authorising Parties to determine the designated access level applicable to the user, and the accounts this user has access to. Data Entry Access and Enquiry Access can be provided to any user; however Full Access may only be applied to account signatories.

These designated access capabilities are:

Data Entry User (Limited user):

• This user can submit transactions and view account transaction history, including current balances.
• This user cannot authorise transactions, nor make changes to accounts or CDF Online settings.

Enquiry Access User (View Only user):

• This user can view account transaction history, including current balances.
• This user cannot submit or authorise transactions, nor enquire or make changes to accounts or CDF online settings.

Full Access (Full user):

• This user can submit and authorise credit and debit transactions (known as value transactions) and view transaction history, including current balances.
• This user must be an account signatory.
• Each user is required to provide an Australian mobile phone number to receive one-time passwords by SMS to authorise a transaction.
• Each user is required to provide a valid email address which will be used to send notifications of transactions requiring authorisation.

10. Individuals accessing accounts for multiple organisations (for example a Business Manager who assists with multiple Schools or Parishes within a Diocese) may request a Global User ID. This user ID provides access to all accounts to which this user has access, using one Login code.
11. CDF Online Authorisations are required to match the Account Authority as advised when an account is opened. Therefore, if an account requires a minimum of 2 people to transact, this will require 2 CDF Online users to process transactions - one user to submit the transaction, the second to authorise the transaction (must have Full Access). It is the responsibility of the account holder to ensure there are CDF Online users available to process and authorise transactions within this guideline. DDF is unable to approve or authorise transactions in lieu of a second authorising user.
12. Each CDF Online Data Entry user or Full Access user has a transaction limit; this dictates the maximum transaction amount this user can process per transaction. It is the responsibility of the Account Holder and Authorising Parties to determine the user’s transaction limit.  If a transaction limit is not specified at the time of establishing a new CDF Online User, the default limit of $2,000 will be applied.

• Note – this transaction limit can be applied multiple times until the daily online withdrawal limit for each account has been reached.

13. CDF requires the Account Holder to set a Daily Online Withdrawal Limit for each account. This is the maximum amount which can be withdrawn from the account each day, across all nominated CDF Online Users. It is the responsibility of the Account Holder and Authorising Parties to determine the Daily Withdrawal Limit of every account with CDF Online access. If a Daily Online withdrawal limit is not specified at the time of opening a new account, the default limit will be set as $2,000.
14. CDF requires the Account Holder to set an Authorisation Limit for each Full Access user. This is the maximum amount this user can authorise per day across all accounts. It is the responsibility of the Account Holder and Authorising Parties to determine the user’s Authorisation limit.

• Each user is required to provide an Australian mobile phone number to receive one-time passwords by SMS to authorise a transaction, and an email address to receive notifications of transactions requiring authorisation.
• Transactions which are not authorised by the scheduled date will expire and need to be re-submitted.
• If a minimum authorisation limit is not specified, the default limit will be set as $2,000.

15. Account Holders and Authorising Parties may temporarily, or permanently, amend CDF Online User transaction limits, Daily Online Withdrawal Limits, and Authorisation Limits by providing a written request at least 1 business day before the change is required. Urgent requests may be processed on the same day dependent on DDF capacity. DDF provides forms for these requests on our website.
16. Fully authorised transfers to/from external accounts performed before 5:00 p.m. (AEST). on a business day will be processed to the account overnight; transfers to/from external accounts performed after 5:00 p.m. (AEST) will be processed to the account on the following business day.
17. Account Holders accept full responsibility on behalf of the nominated users for ensuring the details of payments made or collected are correct and acknowledge that DDF has no liability for any direct electronic payment including any BPAY payment made or collected via CDF Online in accordance with details provided.
18. Account Holders accept full responsibility and liability for duplicated transactions when processed by nominated users. Care should be taken when uploading batched payments. It is the responsibility of the Account Holder to communicate instances of duplicated transactions to their payees, and to refund any duplicated debits.