BOQ.0001.0021.3657

BOQF Technology Commercial Policy Bank of Queensland

Version 7, June 2017 BOQ.0001.0021.3658

TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY Approver Group Chief Risk Officer

Owner Group Chief Risk Officer

Functional Owner General Manager Portfolio Management and CRO St Andrews

Level of Policy Level 3 Credit Policy

Audience (if restricted) n/a

Revision History Version Approval Author Description Date

4 17/9/2013 Perry Cecilio Updated policy to incorporate Risk Grading Policy requirements

5 21/04/2015 Gavin Stocks/Wayne Updated policy removing DAA Policy Exceptions Power table to Group DAA Policy and update approval parameters to better specify level of authority required to approve program arrangements. Inclusion of reference to the Prohibited and Restricted Industries Appendix (separate document)

6 25/11/2015 Perry Cecilio Policy reviewed and updated with existing BOQ Asset Finance and Leasing Credit Policy being combined

7 29/06/2017 Will Sprague Annual review

Mandatory Stakeholders General Manager Technology Finance BOQF Senior Manager Specialist Operations BOQF Chief Risk Officer, BOQ Business

Contents

BOQ.0001.0021.3659

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

1 Introduction ...... 6 1.1 About this Policy ...... 6 Description ...... 6 Scope ...... 6 Purpose ...... 6 Related Policies ...... 6 Credit Philosophy ...... 7 Credit Responsibilities ...... 7 Policy Exception ...... 7 Currency ...... 7 Contact with Regulators ...... 7 2 Origination ...... 8 2.1 Origination Principles ...... 8 Acceptable Origination Channels ...... 8 Approval ...... 8 Vendor Recourse ...... 8 Vendor not at Arms-Length ...... 8 2.2 Lending Products ...... 9 Standard Commercial Lending Products ...... 9 Assignments ...... 9 2.3 Borrowers and Purpose...... 10 General Principles ...... 10 Acceptable Borrowers ...... 10 Unacceptable Borrowers ...... 11 Acceptable Purposes ...... 11 Unacceptable Purposes ...... 11 Negative Information ...... 11 Suspicious Activity ...... 12 2.4 Equipment ...... 12 General Principles ...... 12 Acceptable Equipment ...... 12 Equipment Outside Policy ...... 12 2.5 Business Continuity ...... 13 Minimum Period in Current Business ...... 13 New Owners ...... 13 Change of Ownership ...... 13 2.6 Guarantees ...... 13 Incorporated Borrowers ...... 13 Details of Cross Guarantee ...... 14 Service Entities ...... 14 Overseas Guarantees ...... 14 Advice to Guarantors ...... 15 Independent Legal Advice ...... 15 Release of Guarantees and Collateral ...... 15 Commercial in confidence © Bank of Queensland Limited All rights reserved 3 BOQ.0001.0021.3660

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

2.7 Financial and Other Credit Information ...... 16 Minimum Financial Information Requirements for all Applicants ...... 16 Primary Sources of Financial Information ...... 16 Validating Primary Sources of Financial Information ...... 17 Secondary Sources of Financial Information ...... 17 Validating Financial Commitments ...... 17 Information Requirements ...... 18 Additional Information Requirements ...... 18 2.8 PPSR Registration ...... 18 General ...... 18 Registration Rules ...... 18 Exceptions ...... 18 2.9 Insurance ...... 19 General ...... 19 Types of Insurance Required ...... 19 When Insurance Details are Required ...... 19 Validating Insurance...... 20 Self-Insurance ...... 20 Expired Insurance ...... 21 2.10 Structure ...... 21 Transaction Term ...... 21 Quote/Pricing ...... 22 Repayment Frequency ...... 22 Remittance by Direct Debit ...... 23 Credit Facility Limits ...... 23 Use of Security Deposits/Advance Payments ...... 23 2.11 Sale and Leaseback/Hireback ...... 23 Sale and Leaseback – Other Finance Company ...... 24 Refinancing of Competitor Contacts...... 24 2.12 Third Party Suppliers ...... 25 2.13 Residual Value Policy ...... 25 3 Evaluation ...... 25 3.1 Introduction ...... 25 Basic Credit Principles ...... 25 Customer Grouping ...... 26 3.2 Credit Evaluation Requirements ...... 27 Standard Evaluation ...... 27 3.3 Validating Identity ...... 27 All Borrowers and Guarantors ...... 27 Validation Scores ...... 28 Borrower Identification and Legislation ...... 28 3.4 Validating Credit History ...... 29 Independent Credit Checks ...... 29 Credit Reports ...... 29 Credit References ...... 30

Commercial in confidence © Bank of Queensland Limited All rights reserved 4 BOQ.0001.0021.3661

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

3.5 Analysis of Financial Information ...... 30 Spreadsheet Analysis ...... 30 Risk Grading ...... 30 Technology Finance Customer Risk Rating Guidelines ...... 31 Other Analysis Tools ...... 31 3.6 Industry Risk ...... 31 3.7 Validating Clear Title and Possession ...... 32 Tax Invoices ...... 32 Encumbered or Refinanced Equipment ...... 32 Sale and Leaseback/Hireback ...... 33 4 Vendor Annual Reviews ...... 33 4.1 About Vendor Annual Reviews ...... 33 4.2 Vendor Programs ...... 34 Indirect Exposures ...... 34 Vendor Review Log ...... 34 Format ...... 34 Review Criteria ...... 34 Correlation Risk ...... 34 Secondary Source Provider ...... 36 5 Approvals ...... 36 Requirement for Proper Credit Control...... 36 Approved Applications - Validity ...... 36 Alterations to Existing Approvals ...... 36 5.2 Amendments, Waivers and Resubmissions ...... 37 Amendments/Waivers ...... 37 Resubmissions ...... 37 5.3 Restructures and Extensions ...... 37 Restructuring of Existing Facilities ...... 37 5.4 Declined Applications ...... 38 6 Documentation ...... 38 6.1 Lending Documents ...... 38 General Principles ...... 38 Authorised Signatory ...... 39 Credit Agreements and Related Documents ...... 39 Document Filing and Storage ...... 39 Non-standard Documentation ...... 39 Changes to Standard Documentation ...... 39 7 ATTACHMENT A – Analysis and Grading of Insurance Companies ...... 40 8 ATTACHMENT B – Analysis & Grading of Other Financial Institutions ...... 41 8.1 Financial Summary Template ...... 42 9 Attachment C – Small Exposure Approval Matrix ...... 43 9.1 Small Exposure Approval Matrix ...... 43 10 Attachment D – ANZ Commonwealth & State Government Entities Approval Matrix...... 44 10.1 ANZ Commonwealth and State Government Entities Approval Matrix ...... 44 Commercial in confidence © Bank of Queensland Limited All rights reserved 5 BOQ.0001.0021.3662

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

11 Attachment E – Religious Mainstream Private Schools Approval Matrix ...... 45 11.1 Religious Mainstream Private Schools Approval Matrix ...... 45

1 Introduction

1.1 About this Policy

Description

Technology Finance (formerly known as Vendor Finance and/or Asset Finance and Leasing) offers a range of products to customers seeking to finance equipment where the equipment is obtained from certain manufacturers or authorised distributors/resellers. These suppliers, known as Vendors, have committed to introduce to Technology Finance their business customers seeking finance for equipment under agreed terms and conditions. These relationships enable the Vendor to offer a competitive finance solution to its business customers, while ensuring a reliable and consistent stream of business to these units. The Technology Finance Commercial Credit Policy (“this Policy”) is the platform upon which Technology Finance commercial credit risk management is based. It supports our strategies and performance objectives, by defining our lending requirements and standards. Note:  All references to Technology Finance, in this Policy relate to the legal entities BOQ Finance (Aust) Ltd, BOQ Finance (NZ) Ltd and BOQ Asset Finance & Leasing Pty Ltd only. Technology Finance transactions will be written under these legal entities.  In this Policy, the term “DAA holder” refers to any member of staff with a suitable Delegated Approval Authority. Scope

This Policy applies to Technology Finance products, supporting facilities and activities and to all employees, contractors and third parties connected with these lending activities. This Policy only covers Technology Finance Commercial Lending activities. Technology Finance Consumer lending activities are not covered in this Policy. For policy guidance in relation to Escrow facilities offered by Technology Finance reference must be made to the Equipment Finance Credit Policy. Purpose

The purpose of this Policy is to  establish a uniform framework and language to standardise Technology Finance’s approach to credit risk management including the determination of risk ratings, the initial and continual evaluation of borrowers, as well as the independent monitoring and reporting of credit risks, exposures and limits  clearly state the minimum credit policy standards to be applied to the Technology Finance commercial business  provide guidance to staff to cope with exceptional situations  provide a basis for continued development and enhancement of credit policy  document the fundamental policies, roles and responsibilities of Technology Finance as it relates to originations, underwriting and vendor management. Related Policies

The following policies should also be referenced in conjunction with this policy  Commercial Lending Credit Policy  Equipment Finance Credit Policy Commercial in confidence © Bank of Queensland Limited All rights reserved 6 BOQ.0001.0021.3663

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

 AML/CTF Program  Privacy Policy  BOQF Residual Management Policy  BOQ Risk Grading Policy  Group Delegated Approval Authority Policy  Regulatory Affairs Framework and Communication Protocols  Aggregation and Grouping Policy. Credit Philosophy

 Technology Finance’s credit philosophy is to conduct business with creditworthy entities that demonstrate an ability and willingness to repay a obligation within the terms and conditions established at the outset of a or lease, while providing an adequate return to BOQ’s shareholders.  Technology Finance regards the primary source of repayment (“first way out”) as cash flow from the customer’s recurring business operations, with the value of the asset financed providing a “second way out”. The “second way out” is to be formalised by registration of a PPSR financing statement where indicated in this document.  Technology Finance strives to develop and maintain a credit risk culture that balances business development, profitability, credit quality and capital management.  The amount of credit extended to any one entity shall be considered and examined relative to the total portfolio of similar products to assure that a reasonable diversification of risk is maintained.  Equally important to approving sound transactions are the ongoing maintenance and close monitoring of the portfolio. Technology Finance will be proactive in the identification and reporting of weaknesses and negative trends in the portfolio, as well as early detection of potential problem , leases and/or industries. The goal is to minimise losses by strategically planning maximum recovery in the early stages of a problem credit facility.  Technology Finance segregates sales, marketing and credit authority in order to assure independent and objective credit decisions in an environment that is free from undue pressures to approve transactions in order to meet volume targets. Credit Responsibilities

Technology Finance is primarily responsible for upholding the credit quality of credit exposures within its portfolio. Front line staff who are closely responsible for a credit relationship are obligated to provide DAA holders with all material information about any potential or existing credit concerns regarding direct or indirect exposure at all times. All relationships that result in risk exposure must have an individual to whom responsibility is assigned. Frontline staff, underwriters and portfolio managers will be held responsible for the credit extensions with which they are directly involved. Policy Exception

Only a DAA holder with the appropriate discretion can approve a transaction involving a policy exception. The approving DAA holder must note the nature of the exception and the mitigates leading to the decision in the credit file. Currency

References in this Policy to dollar amounts apply equally to Australian and New Zealand currencies. Contact with Regulators

Bank of Queensland is regulated by various prudential and government bodies including APRA, ASIC, AUSTRAC and ATO. To ensure that BOQ’s relationship with regulators are enhanced, and meeting of regulatory obligations is maintained at the highest standard, all regulatory contact and communications is centrally managed by the Regulatory Affairs function within Group Risk.

Commercial in confidence © Bank of Queensland Limited All rights reserved 7 BOQ.0001.0021.3664

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

The Regulatory Affairs Framework and Communication Protocols document provides an overview of how the Regulatory Affairs framework, communications with BOQ’s Regulators and regulatory change is managed and maintained and applies to all employees. 2 Origination

2.1 Origination Principles

In its credit origination activities, Technology Finance seeks to:  Extend credit on a sound and collectible basis while providing an adequate return to its shareholders;  Employ well-defined policies and procedures designed to minimise credit and operational risks to protect depositors and other stakeholders;  Invest BOQ’s funds in a prudent and profitable manner to protect stakeholders;  Serve the legitimate credit needs of our communities;  Maintain appropriate documentation; and  Ensure compliance with relevant laws and regulations. Acceptable Origination Channels

In general, Technology Finance will only accept applications from accredited vendor partners. All vendor partners must be accredited in accordance with the Vendor Accreditation Process. Vendor partners can be:  Large multinational corporations (i.e. the manufacturers or distributors of the equipment); or  Privately owned companies or subsidiaries of large groups (i.e. an authorised distributor). If however the vendor partner meets one of the following criteria, the accreditation requirement doesn’t apply: a) Infrequent nature of supply b) Nominal reliance risk (Refer section ‘Correlation Risk’) c) Bundling of equipment supply with an existing accredited vendor. Approval

Accreditation applications for Vendor Programs or Annual Review must be approved by a suitable DAA holder with the delegated authority to approve both:  the proposed level of Internal Guidance Limit (IGL), and  secured or unsecured delegation sufficient to cover any Loss Reserve Limit and/or Residual Value Limit, or similar, as relevant to the individual IGL proposal. All credit transactions must be approved by a suitable DAA holder before they are committed. Vendor Recourse

If Technology Finance declines to take the residual risk in a transaction, the vendor may offer to guarantee the residual value in order to facilitate an operating lease structure for its customer. Technology Finance must review the vendor’s ability to support this guarantee and approve an RV guarantee limit. Any transaction for which the vendor is to provide recourse in part or in full requires the prior consent of the Head of Credit Risk NSW/ACT or higher credit authority. Vendor not at Arms-Length

If any of the following exists between the Vendor and the Borrower (or Guarantor), the application must be referred to Credit Risk prior to a formal submission.  Common ownership or control, or

Commercial in confidence © Bank of Queensland Limited All rights reserved 8 BOQ.0001.0021.3665

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

 Common directorship, or  Common security, or  The presence of a guarantee, or  Common sources of cashflow and repayment or  A family relationship exists Extra care must be taken to ensure: a) Transactions are not generating a bogus or fraudulent sale; and b) The equipment is being sold to Technology Finance at the standard recommended retail price or agreed discounted price, i.e. the price has not been inflated, or “jacked”. 2.2 Lending Products

Standard Commercial Lending Products

 Operating lease / Rental  Finance lease  Commercial hire purchase  Commercial loan  Escrow facility (refer to Equipment Finance Credit Policy) Assignments

2.2.2.1 About Assignments During the finance term, a Borrower (Assignor) can assign the right to use the equipment to another party (Assignee). Under an assignment, the Assignee acquires the sole rights to use the financed equipment and at the same time, has the prime responsibility for repaying the debt. However, the Assignor and any guarantors under the original contract remain obligated in the following events: If the Assignor: a) has decided to sell the equipment as surplus to requirements, or b) has sold a business together with all assets, including the equipment under finance to the Assignee and the Assignee has agreed to continue the finance payments, or c) is experiencing financial difficulties and/or has defaulted on the contract and, in an effort to reduce cash outflows, has arranged for the Assignee to assume the payment obligation in return for the sole rights to use the asset. In the case of (c) above, the Collections area must be advised of all developments to avoid any unnecessary or contradictory contact with the clients. 2.2.2.2 Approval of an Assignment Approval of an assignment is subject to the following conditions:  normal lending guidelines and delegated authorities  the remaining finance term, existing repayments and residual value or balloon cannot be varied from the original agreement  The Assignor and all guarantors to the original contract guarantee that the Assignee will meet the payment obligations under the agreement  Assignee to be added as an additional grantor to any existing PPSR registration. 2.2.2.3 Requests to Transfer Obligations In general, the guarantees of the original parties to the contract are not waived in the case of an assignment. However, should the Borrower (Assignor) require all of the obligations under the original agreement to be transferred to the incoming party (Assignee), with no remaining obligations to themselves, then the application is treated as, effectively, a new business application, not an

Commercial in confidence © Bank of Queensland Limited All rights reserved 9 BOQ.0001.0021.3666

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

Assignment. That is, the justification for an approval is based solely on the strength of the Assignee, without regard to financial position of the original parties. Reasons for waiving the guarantee of the original parties must be provided and found acceptable to Credit Risk. 2.2.2.4 Assignment Documentation An Assignment document must be executed by:  the original Borrower (Assignor)  all Guarantors to the original agreement between the Borrower (Assignor) and Technology Finance  the incoming Borrower (Assignee). All incoming Guarantors of the Assignee must execute a Guarantee and Indemnity document. 2.3 Borrowers and Purpose

General Principles

In general, Technology Finance will only finance assets for business use for commercial clients that are registered for business in Australia or New Zealand, and have well-established, legal, stable activities with good credit history and generating positive operating cash flows from regular and recurring income streams. The standard and quantity of analysis applied to an application varies directly with the amount of finance requested and the level of risk associated. For instance, an application from a state government entity will require less analysis than a small business operator, given that a government body clearly represents a lower credit risk than a private entity. The background to the transaction and purpose of the finance must make sense in the context of the applicant’s overall business. For instance, a small real estate business requiring one or two computers is reasonable, but a request by that same business for finance of twenty computers without satisfactory justification is not reasonable and should be rejected in the first instance. Technology Finance retains right of refusal over all transactions. This policy is necessary to allow for the possibility that, even should a credit application meet standard credit criteria, there may some reasons Technology Finance is unwilling or unable to approve it. Generally, the credit analysis will review the background of an applicant including credit history and other references, and an assessment of the applicant’s financial position and ability to meet the proposed repayment schedule in addition to other existing financial commitments. Acceptable Borrowers

Technology Finance’s target commercial customers are located in Australia or New Zealand, generally in capital cities and larger regional centres, and consist of:  SME businesses  Large Corporations  Public sector entities. All borrowers must meet the requirements of the Commercial Lending Credit Policy (including the Prohibited and Restricted Industries Appendix) with the exception that a borrower may be located in Australia or New Zealand as appropriate or a registered branch of a foreign entity (e.g. a New Zealand branch of an Australian company). 2.3.2.1 Lending to a Trust The following must be stated in the contract when the applicant is a trust:  The name of the applicant in the following format: “XXX Pty Ltd (ACN 123 456 789) in its own right and as trustee for XXX Trust”  The ABN of the Trust

Commercial in confidence © Bank of Queensland Limited All rights reserved 10 BOQ.0001.0021.3667

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

Note: Trusts are established for a set period, which can be up to 80 years in Australia, after which the trust is dissolved. Although it is highly unlikely that a trust will be dissolved during the term of any finance, DAA holders should be aware of this possibility when lending to trusts. Unacceptable Borrowers

In addition to the requirement of section ‘Acceptable Borrowers’ of the Commercial Lending Credit Policy the following are considered unacceptable borrowers.  Current or discharged bankrupts  strata plans  sects or “fringe” religious groups  entities or persons under external administration, under any type of regulatory investigation or under wind-up orders  entities or persons on anti-money laundering databases  businesses which do not generate cash from established operations, e.g. “start-up”  businesses or “greenfield” developments (except as permitted in section ‘Minimum Period in Current Business’)  unit trusts where the unit holder is a Superannuation Fund  persons under the age of 18 years  persons serving sentences for criminal convictions  persons or entities that have been declared insolvent  any person or entity for whom BOQ has incurred a loss and/or with which BOQ is in dispute  non-residents of Australia or New Zealand  joint borrowers where a party will not receive a direct commercial benefit under the proposed facility  Amusement parlour operators  Entertainment sector (night clubs, bars)  Gymnasium and health club operators  Accredited vendors for own use. Acceptable Purposes

The purpose of any finance must be stated on each application and must be compatible with the customer’s business operations. Acceptable purposes include:  Finance acquisition of acceptable equipment for business purposes from approved vendors  Sale and leaseback/hireback ( subject to separate guidance given throughout this policy)  Refinancing subject to conditions specified in Section ’Encumbered or Refinanced Equipment’ of this policy. Note: Where the DAA holder suspects that the request for finance does not relate to an acceptable business purpose the application is to be declined pending further clarification. Unacceptable Purposes

 Financing of encumbered assets  Recapitalised and leveraged cash flow lending  Tax optimised/avoidance lending  Financing of consumables  Transactions which are or may be illegal or incompatible with BOQ’s standing with the community or that may adversely impact the reputation of the BOQ Group. Note: Financing of maintenance and services is not encouraged, but is permitted under policy as part of the financing of “soft costs” (see section ’Equipment outside of Policy’), provided that the reliance risk on the relevant suppliers is deemed to be low. Negative Information

When a BOQF staff member is made aware of negative or detrimental information (from whatever source) regarding an existing Technology Finance borrower or vendor source, said information must be provided to Credit Risk immediately, who will determine what action is required.

Commercial in confidence © Bank of Queensland Limited All rights reserved 11 BOQ.0001.0021.3668

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

All negative information must be thoroughly reviewed to determine its validity and the result of the investigation and outcome must be properly documented and placed in the credit file. Suspicious Activity

All operating units are required to report suspicious activities to the Financial Crimes Unit (FCU) as soon as the unit is aware of such suspicious activity or information. Suspicious activities are actions that constitute known or suspected violations of law (e.g. theft, money- laundering, and extortion), contravene BOQ’s Code of Conduct (e.g. conflict of ) or unethical business practices. If a BOQF staff member becomes aware of a suspicious activity, they should immediately complete a Suspicious Matter Alert.. 2.4 Equipment

General Principles

In general, Technology Finance provides secured financing of assets that are: a) New (unless allowed elsewhere in this policy or approved under a Vendor Programme) b) Portable i.e. not a fixture c) Have a tangible value. The value inherent in the financed assets provides a measure of security which helps to offset the credit risk in transaction, thus reducing the potential loss in a situation. The assets which Technology Finance are predominantly chosen according to the following criteria:  The useful life of the asset exceeds the term of the contract  Existence of a stable and sufficiently large used equipment market  Where the recovery value is low, e.g. IT assets, the financed assets must be either of considerable, even “key” value to the client, or the underlying creditworthiness of the client must more than offset the lack of asset value. In general there are higher risks associated with the following situations the asset:  is difficult to identify  is difficult to repossess (e.g. due to geographic location)  has an inherently high degree of technological obsolescence  is subject to a very high rate of depreciation  is highly specialised or customised with relevance to a very narrow band of customers Technology Finance will typically avoid entering into a relationship with any potential vendor where the above equipment risks are evident. If a relationship is to be considered, it must be absolutely understood by all parties that the creditworthiness of the counterparty must be sufficiently strong and/or the terms of the transaction sufficiently favourable to justify an approval. Acceptable Equipment

The equipment that is to be financed MUST be:  able to be taken as security without prior encumbrance  new (except where permitted under sale and leaseback or an approved vendor partner program);  located in Australia or New Zealand  for acceptable purposes (refer section ‘Acceptable Purposes’ of this policy) Equipment Outside Policy

 Non-tangible items (i.e. soft costs) where the total soft costs, including the cost of any software, are more than 20% of the total amount financed

Commercial in confidence © Bank of Queensland Limited All rights reserved 12 BOQ.0001.0021.3669

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

 Transactions for telecommunications equipment involving or suspected of involving call or call bundling. These are transactions where the supplier of the equipment offers material rebates to offset the cost of renting/financing the equipment – typically this involves equipment being sold at over inflated prices, the offer of a number of freebies and the promise of a monthly rebate – for example, telecommunications equipment with the offer of significant call credits each month. 2.5 Business Continuity

Minimum Period in Current Business

Unless otherwise stated in this Section, all Borrowers must have been operating in the same business for a minimum of 2 consecutive years (unless otherwise stated in an approved vendor programme or approval under Matrix). If the Borrower is unable to satisfy the business continuity requirements, but the application is supported by a Guarantee from an associated entity or person(s), then the application is within Policy provided that:  the Guarantor can satisfy the business continuity requirements in its own right, and  the business type of the Guarantor is consistent with that of the Borrower, and  the Guarantor’s financial position has been included in the Credit Risk evaluation of the application, and supports the request in its own right. New Owners

Where there are new owners for an established business then the time in business is deemed to have commenced with the date of the change of ownership. For example, if a business that has been established for 5 years was only purchased 6 months prior to application, then the period in current business is deemed to be 6 months, not 5 years, on the basis that the new owner has only been running the business for 6 months. Change of Ownership

Technology Finance documentation states that it shall be entitled to immediately terminate any facility for any borrower if any person or persons who between them beneficially hold or control, at the date of the Agreement, more than 50% of the voting, income or capital participation rights of the borrower, subsequently cease to do so. Where there is a change of ownership event, all relevant details must be obtained and recorded in the credit file. Approval of the change of ownership is required from a DAA holder with the level of DAA commensurate with the exposure. 2.6 Guarantees

Incorporated Borrowers

2.6.1.1 Private Companies (including Trusts) and Unlisted Public Companies Unless otherwise stated in an approved vendor program or approval under Matrix, the following guarantees are not required if the Borrower is a proprietary limited (Pty Ltd) company, a private company in New Zealand or an unlisted public company (Ltd):  all Directors and /or beneficial owners  all related individuals and entities of the Borrower whose financial contribution is considered necessary to support the Borrower in meeting its financial obligations. Note: It is the responsibility of the DAA holder empowered to approve the transaction to consider if a requirement exists to take a guarantee/s from directors/beneficiaries and/or related individuals/entities based upon the risk characteristics of the proposal including such things as, but not

Commercial in confidence © Bank of Queensland Limited All rights reserved 13 BOQ.0001.0021.3670

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY limited to, the size of transaction, the corporate structure, the deal structure and the financial strength of the borrower. 2.6.1.2 Companies Limited by Guarantee A guarantee is not required for a company limited by guarantee. 2.6.1.3 Associations A guarantee is not required from elected committee members of associations, including clubs, churches, charities, etc. 2.6.1.4 Listed Public Companies Director/shareholder guarantees are not required if the Borrower is a public company that is listed on the Australian Securities Exchange, New Zealand Stock Exchange or a subsidiary of a listed public company. Inter-company cross guarantees are generally not required, but may be necessary for large transactions, particularly where the borrowing entity is the holding company and/or is not a major trading entity within the group. Details of Cross Guarantee

ASIC may issue a Class Order [CO 98/1418], so that certain wholly-owned subsidiaries within a group may be relieved from the requirement to prepare and lodge audited financial statements under the Corporations Act 2001, if they enter into a Deed of Cross Guarantee (DOCG or “Deed”) with their parent entity and meet certain other conditions. Reference must be made to Credit Risk for guidance in relation to all DOCG applications. It may be appropriate for the guarantee of the shareholder/parent entity to be waived in the following circumstances however the final decision in this regard is the responsibility of Credit Risk:  a DOCG is still in place at the time of the transaction (confirm on ASIC website)  the existence of the Deed is noted in the shareholding company’s audited annual report Note: A DOCG is not the same as a direct guarantee and indemnity, as Technology Finance cannot legally approach the Closed Group for restitution at the time of a payment default by its Borrower, even if the Borrower is part of the Closed Group. In addition, parties can be released from a DOCG (known as Revocation Deed) at any time without notice and without the consent of any creditors. Usually such a release would only occur subject to notice by public advertisement in a major daily newspaper being made before or within one month after the date on which the original of the Revocation Deed is lodged with ASIC. Service Entities

Where the borrower is a service entity of a trust, company or partnership, e.g. medical or legal practice, then the guarantees of the principals and main trading entity or entities are not required. The DAA holder empowered to approve the proposal will consider the requirement for additional guarantees, if deemed appropriate, depending on the risk characteristics of the proposal including such thing as the size of transaction, the corporate structure, the deal structure and the financial strength of the borrower. Overseas Guarantees

Where the Borrower is a local subsidiary of a company that is based overseas, Technology Finance may accept a guarantee from that overseas parent company, subject to any of the following:  The parent company is registered with ASIC and has an ARBN (Australian Registered Body Number), or  The parent company is listed on a major international stock exchange with nothing adverse known, or  The parent company has a current investment grade or higher credit rating with a major ratings agency (S&P, Moody’s, Fitch); rating to be less than 12 months old and not on CreditWatch negative. Commercial in confidence © Bank of Queensland Limited All rights reserved 14 BOQ.0001.0021.3671

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

The guarantee must be signed by either (a) a member of the board of directors of the parent company, or (b) an authorised officer of the parent company, where satisfactory evidence of signing authority has been provided prior to settlement or otherwise subject to legal opinion as to validity and enforceability being obtained through BOQF Legal (cost to be borne by borrower unless specifically waived by BOQF CRO or higher credit authority). Note: This policy does not apply to Australian corporations with a New Zealand parent corporation, and vice versa. In those cases the acceptability of a guarantee from the parent entity is based on standard policy considerations. Advice to Guarantors

Vendor Finance staff must not give advice (e.g. legal or financial advice) about Guarantees to any potential Guarantors under any circumstances, except to recommend to them to obtain independent legal advice. Independent Legal Advice

2.6.6.1 When Independent Legal Advice is Required Reference must be made to the Commercial Lending Credit Policy section ‘Independent Legal Advice’ which sets out in full BOQ requirements in this regard, including when such advice is mandatory and where advice is discretionary. 2.6.6.2 Evidence of Independent Legal Advice If a Guarantor is required to obtain independent legal advice, they must provide a letter signed by their solicitor as evidence that they have obtained that advice. The identity of the solicitor who wrote the letter must be confirmed. Confirmation may be obtained through telephone listings, the relevant state law society or other acceptable means at Credit Risk’s discretion if appropriate. Release of Guarantees and Collateral

2.6.7.1 Releasing Guarantees In general, guarantees are not to be released. However, certain circumstances may arise in which a release is acceptable, for example:  The guarantor was an owner of a business that is the current borrower, but the business has been sold or the guarantor’s share of the business has been sold  The guarantor has retired from the business  Death or terminal illness of a guarantor  The guarantor is no longer involved in day-to-day operations and/or no longer has a controlling interest  The sale of a corporate guarantor  The winding down of operations of a corporate guarantor. Credit Department should seek to substitute the original guarantor with a new one if available, provided that the new guarantor is acceptable to Credit Department. Only an appropriate DAA holder may authorise the release of guarantees. Prior to approval, the following must be evaluated to the satisfaction of the appropriate DAA holder:  the reason that the release is sought is logical, and  the financial impact of the release on credit risk is acceptable, and  the Borrower has an acceptable payment history. If the DAA holder determines that the release of a guarantor increases BOQ’s risk in the transaction to an unacceptable degree, and there is no satisfactory alternative, the request for release is to be denied. Note: Guarantees must never be released without first obtaining the consent of all guarantors.

Commercial in confidence © Bank of Queensland Limited All rights reserved 15 BOQ.0001.0021.3672

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

2.6.7.2 Releasing Collateral In general, a request for a release of collateral will only be permitted if the facility is repaid in full. However, collateral may be released and the facility allowed to continue if:  There remains a satisfactory level of security in the opinion of the approver, or  Collateral that is released, retired or amortised is replaced by additional acceptable collateral, or  The borrower agrees to pay down the balance of the facility by an amount which leaves a balance owing commensurate with the remaining security, or  Technology Finance agrees to rewrite the facility under terms appropriate to the remaining security, or  Some combination of the above options. Prior to approval, the following must be evaluated to the satisfaction of the appropriate DAA holder:  the reason that the release is sought is acceptable, and  the financial impact of the release on credit risk is acceptable, and  the Borrower has an acceptable payment history. Only a suitable empowered DAA holder may authorise the release of collateral. 2.7 Financial and Other Credit Information

Minimum Financial Information Requirements for all Applicants

Except where it is specifically waived by an appropriate authority or allowed under Matrix approval, Technology Finance requires the following minimum financial information:  a primary source of financial information for all Borrowers, and  a primary source of financial information for all Guarantors Primary Sources of Financial Information

DAA holders must use at least 1 primary source of financial information when evaluating an application. Primary sources are limited to:  Audited or unaudited (but externally prepared) Annual Financial Report  “Final” Profit & Loss Statement and Balance Sheet, prepared by an independent accountant  For Sole Traders and Partnerships, where a “Final” Profit & Loss Statement and Balance Sheet is not usually prepared, a Business Taxation Return prepared by an independent accountant. Financial statements are used for initial credit analysis and updated statements are subsequently used to monitor a business borrower’s financial condition during the annual review process. Current financial information is also required on all guarantors and any other related entities that may impact the borrower’s ability to repay the loan.

Commercial in confidence © Bank of Queensland Limited All rights reserved 16 BOQ.0001.0021.3673

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

Validating Primary Sources of Financial Information

The following table provides the requirements for primary sources of financial information:

Primary Source of Minimum Requirements Maximum Age Financial Information

Audited or externally  minimum of 2 consecutive 18 months past the most financial years recent financial year end at Prepared unaudited annual the date of the approval report  in the name of the Borrower (or Group if NB: Credit facility limits expire Final Profit & Loss applicable) once the financial statements Statement and Balance  in a form which includes are more than 21 months Sheet all relevant notes to the based on balance date accounts including Auditor’s report (If applicable)

Secondary Sources of Financial Information

DAA holders may use the following secondary sources of financial information to support their evaluation of an application.  ”Draft” Profit & Loss Statement and Balance Sheet, prepared by an independent accountant  “Interim” (part year) Profit & Loss Statement and Balance Sheet, prepared by an independent accountant.  Management accounts (full year or part year Profit & Loss Statement and Balance Sheet), which have been prepared by the Borrower  Bank statements  Forward projections and cash flow budgets  Aged schedules of Trade Debtors and Trade Creditors  A current ATO Integrated Client Account Statement or ATO Portal Statement  A signed and dated Personal Statement of Position for all Borrowers and Guarantors who are Individuals  A detailed schedule of the Borrower’s and Guarantor’s current financial commitments with banks and other lenders. 2.7.4.1 Pro forma Financial Statements The use of pro forma financials should be limited to the following situations:  Significant restructuring of the balance sheet  Material acquisition  Merger of two companies. In these situations the analyst should use the pro-forma balance sheet and the historical (combined if merger or acquisition) income statement. The analyst should adjust the income statement for the pro forma interest expense if applicable. Validating Financial Commitments

Financial commitments should be validated by reconciling them with:  the primary and secondary sources of financial information  Veda Advantage credit reports  PPSR grantor search  Any external credit references that have been obtained. Inconsistencies must be investigated and account for any undisclosed commitments when assessing the Borrower’s financial position

Commercial in confidence © Bank of Queensland Limited All rights reserved 17 BOQ.0001.0021.3674

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

Information Requirements

The following information must be obtained prior to requesting an underwriting decision, but is not limited to:  Veda Advantage Credit Reports on the borrower and guarantors (for individuals it is necessary to obtain the Commercial Credit Assess file ) to satisfy the KYC requirement  Completed application with customer details, pricing information, and loan structure and term (including anticipated drawdown quantities and timeframe)  Details on the equipment and if not immediately apparent, how the equipment is used in the customer’s business, finance term, cost (approximate, if invoice in unavailable until settlement), source of business, details of any soft cost components in the transaction  Financial statements as required above  PPSR grantor search  Details of any explicit support for the borrower entity (additional security, covenants, parent/affiliate guarantees). Additional Information Requirements

The following additional information may also be required subject to the nature of the proposal:  ASIC or NZ Company Office filings  Prospectuses  Rating Agency reports  Research Reports  Aggregate BOQ Group exposure to counterparty, affiliates, and group  Credit history of the borrower  Quality of earnings  Public information/press releases  Collateral description, quality assessment and valuation (if applicable). 2.8 PPSR Registration

General

Where an asset or group of assets has sufficient value to warrant strengthening of the “second way out” position, a PPSR Financing Statement must be lodged on the PPSR and requisite proof obtained. Registration Rules

2.8.2.1 All Commercial Deals are to be Registered on the PPSR as PMSI charges All origination platforms are to ensure that 15 day PMSI rule is achieved in every instance Exceptions

2.8.3.1 Registration of Commercial IT Contracts as Master Rental Agreement (MRA) Level Large commercial exposures are registered on PPSR as a PMSI once the MRA has been executed subject to: 1. Business to ensure that release of PPSR security only occurs once all drawdowns under the MRA have been repaid in full and no further drawdowns are anticipated 2. Registrations on PPSR are cancelled if no subsequent draw down under the MRA occurs within three months

Commercial in confidence © Bank of Queensland Limited All rights reserved 18 BOQ.0001.0021.3675

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

2.8.3.2 Contract with a Primary Asset Value/Total Contract Value at Funding not required to be Registered BOQVF - $10,000 Contracts to be executed on PPSR compliant documents. 2.8.3.3 PMSI Exception Sale and Leaseback/Hireback applications are unable to be registered as PMSI on PPSR. Where a PPSR registration is required, a “Perfected” PPSR registration is to be lodged. 2.9 Insurance

General

Technology Finance has an interest in the equipment under finance and needs to ensure the maximum value of that equipment can be recovered should the equipment be damaged or lost. Therefore all equipment that is financed must be appropriately insured. The insurance must be valid at the time of settlement and must be provided by an underwriter with operations located in Australia or New Zealand. The underwriter must be acceptable to BOQ. Types of Insurance Required

The borrower must provide and maintain both of the following types of insurance covers at their expense: 1. Property Insurance The property insurance policy must cover the lending entity against the loss, theft or destruction of, or damage to the equipment financed for its full replacement value, naming the lending entity as interested party. 2. Public Liability and Third Party Property Insurance The borrower is required to provide public liability and third party property insurance policy for bodily injury or damage to property arising in connection with the goods up to the amount approved by Technology Finance. It is not mandatory for customers to supply details and/or evidence of this type of insurance, nor is it mandatory that the lending entity be noted on the policy. However, Credit Risk have the authority to insist on such details/evidence at its discretion on a case-by-case basis. When Insurance Details are Required

Technology Finance legal documentation with its clients stipulates that all equipment under finance needs to be insured. However, as there is a cost involved in ensuring the borrower complies with Technology Finance’s insurance policy requirement, a threshold material dollar amount has been introduced to reduce this cost without exposing Technology Finance to excessive risk. The following table lists the requirements for insurance information and verification.

Total Customer Exposure Minimum Requirement

Total exposure not more than $100k No specific insurance details are required.

Total exposure over $100k, but less Details of insurance cover to be provided prior to settlement than $250k but no confirmation required.

Total exposure $250k or more Certificate of Currency (COC) or copy of Insurance Policy required prior to settlement.

Note: 1. The cost of software may be excluded when determining the amount financed applicable to this table Commercial in confidence © Bank of Queensland Limited All rights reserved 19 BOQ.0001.0021.3676

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

2. Where details of insurance are required, the same information must be provided as is required to be shown in the COC or Policy (refer section ‘Validating Insurance’). 3. Cover notes are not acceptable evidence of insurance cover for commercial finance transactions. However, cover notes may be permitted by a suitable DAA holder in the case of (a) an existing customer who has already provided evidence of insurance for other Technology Finance transactions, (b) a customer approved for self-insurance or (c) a new customer where an exception is warranted in the opinion of the DAA holder. 2.9.3.1 Exemptions from the above Regardless of the amount financed, no insurance details or evidence of insurance are required where the borrower is a local, state or federal government body, or a corporation that self-insures. Note: This clause is subject to section ’Self-Insurance’ of this policy. Validating Insurance

A Certificate of Currency (COC) or copy of Insurance Policy must include the following:  Name of insured party (borrower)  Type of insurance provided  Insurer’s name and address  Policy number  Period of cover/expiry date (Note: cover must not end prior to the date of settlement)  Lending entity to be noted as the interested party/additional party.  Sum insured (Note: must be no less than the amount financed) Note: A description of the equipment is preferred but is not mandatory. The COC may describe the specific transaction being settled or the total Net Investment to a customer. A COC or Policy issued in the parent company’s name is acceptable as long as: a) The insured is listed as “Parent Company Name and Subsidiaries”, and b) The parent/subsidiary relationship is evident from either: i. the latest, audited financial statements, or ii. ASIC records, or iii. another satisfactory source. Self-Insurance

2.9.5.1 Minimum Criteria

 DAA holders may approve a customer for self-insurance up to the limit of their DAA provided that the customer is either a Government entity or a corporate customer with a Technology Finance Risk Rating of “5” or better (i.e. Customer Risk Rating (CRR) of “8” or better).  Corporate customers with a BOQ Technology Finance Risk Rating of “6” or worse (i.e. CRR “9” or worse) may be approved for self-insurance by the Head of Credit Risk NSW/ACT, or higher DAA holder commensurate with the level of exposure.  DAA holders must note that a customer has been approved for self-insurance on the credit approval and in the Self-Insurance Register.  In the event an existing self-insurance customer no longer meets the standard required for self-insurance status, e.g. Customer Rating falls below minimum, then normal insurance requirements will immediately apply for that customer.  The Head of Credit Risk NSW/ACT or higher authority may cancel the self-insurance status of any customer at any time, so that the normal insurance requirements will apply for that customer. Such cancellation must be noted in the credit file and in the Self- Insurance Register, with a copy of the cancellation decision forwarded to Settlements Department for information.

Commercial in confidence © Bank of Queensland Limited All rights reserved 20 BOQ.0001.0021.3677

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

2.9.5.2 Non-Government Schools

 Non-government schools are not permitted to self-insure regardless of their Customer Rating.  Non-government schools are required to meet the requirements of sections ‘When Insurance Detail are Required’ and ‘Validating Insurance” with the exception that they will not be required to note the interested party on the Property Insurance policy if they choose not to do so. 2.9.5.3 Self-Insurance Letter

 A customer that self-insures must provide written confirmation and indemnity in a format acceptable to Technology Finance prior to settlement.  A generic self-insurance letter has been drafted by BOQ Legal Department. This letter can be adjusted to suit the situation, as follows: 1. The letter can be addressed to whomever is the owner of the goods under the rental agreement with the appropriate address for that entity, as disclosed in the Rental Agreement. 2. The letter can be signed by either 2 directors, or 1 director and 1 company secretary, in accordance with the Corporations Act, or an authorised officer or under power of attorney.  An updated self-insurance letter must be provided to Technology Finance by the borrower for each financing unless a valid self-insurance letter is on file. Expired Insurance

Under Technology Finance’s standard documentation, it is the customer’s responsibility to renew insurance each year. Where COC is required, a new contract can be settled for an existing customer with expired insurance provided that the expiration date was no more than three months prior to the settlement date and the following actions are taken:  The sales coordinator has advised the customer of the requirement to renew insurance and customer has agreed in writing to comply and provide a COC.  The sales coordinator records in writing the date the customer was contacted and the outcome of the conversation.  The sales coordinator is required to follow up within two weeks of contacting the customer to ensure that the COC is obtained. Any non-compliance with the above must be referred to Credit Department. 2.10 Structure

Transaction Term

The following table sets out the minimum and maximum terms that apply to all Technology Finance applications unless specifically approved under a Vendor Programme. The maturities of any transaction must be in line with the standard depreciation of the assets to be financed in that transaction. Residual values must be calculated according to agreed depreciation curves as determined by Residual Asset Manager.

Commercial in confidence © Bank of Queensland Limited All rights reserved 21 BOQ.0001.0021.3678

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

Facility Minimum Standard Maximum Terms Term All Lending Products and equipment 12 months 60 months unless otherwise stated in this Section (Exceptions subject to Head of Credit Risk NSW/ACT approval or higher DAA holder)

Refinance/Rewrite 12 months 36 months (subject to standard terms based on the equipment type) Sale and Leaseback / Hire back 12 months 60 months (maximum age of equipment at commencement is 6 months)

Refinance of Residual Values and Balloons 6 months 12 months (“good” BOQ/Technology Finance accounts only)  Computer hardware (desktops, 12 months 60 months laptops, peripherals) and software  Mobile communication devices Computer servers 12 months 60 months Office equipment (including copiers, 12 months 60 months faxes printers) Point of sale 12 months 60 months

Telephone systems 12 months 60 months

Medical 12 months 84 months (depending on type)

All assets financed must comply with Asset Risk requirements, particularly in relation to Residual Value (RV) positions taken as notified by an appropriate RV DAA holder from time to time. Quote/Pricing

All Technology Finance quotes and proposals must be entered into the BOQ Technology Finance Pricing Model. Repayment Frequency

Only the following repayment frequency structures are available:  Equal monthly instalments, payable in advance or in arrears  Quarterly payable in advance  Quarterly in arrears (Note: not available for SME borrowers or Associations without prior approval of Head of Credit Risk NSW/ACT or higher DAA holder)  Half-yearly or annual instalments, payable in advance (available for Government or Major Corporate clients only). This structure requires approval of Head of Credit Risk NSW/ACT or higher DAA holder. 2.10.3.1 Risk Management Repayment Structures

 DAA holders should consider the following structure to assist in reducing credit risk for large dollar transactions, where the applicant may only qualify marginally for the amount:  Increased payments during the early months of the term followed by lower instalments at the end of the term, in order to accelerate loan amortisation (also known as “High/Low” payment structure. Commercial in confidence © Bank of Queensland Limited All rights reserved 22 BOQ.0001.0021.3679

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

2.10.3.2 Bill and Collect Billing and collecting of customer payments by a vendor is only permitted where is it part of the structure of an approved vendor program. Remittance by Direct Debit

Borrowers are encouraged to make all scheduled repayments by Direct Debit. Requirement for Direct Debit payment will be at the discretion of the approver. Credit Facility Limits

Credit Risk may approve a credit facility limit for commercial customers, which is larger than the customer’s immediate finance needs and reflects Credit Risk’s view of the customer’s creditworthiness. These limits are particularly useful when a customer has numerous, ongoing equipment finance requirements. These limits are uncommitted and available to be drawn down by the customer over a period of 12 months from the date of approval, unless a shorter period is specified in the approval. The customer is then able to submit requests for drawdowns under the limit within that period. Standard validity criteria apply. There are two types of credit facility limits: 1. Reducing Limit Reducing limits may be approved by suitable DAA holders. Usage of a reducing limit is measured by totalling the sum of amounts financed. It is not a “come and go” or “redraw” style facility. Once the customer has drawn down amounts equivalent to the reducing limit, then no further drawdowns may take place under that limit. Once the limit has expired or is fully utilised, any subsequent requests for finance will require a new credit facility and approval by a suitable DAA holder. 2. Revolving Limit Revolving limits allow the redraw of amortised principal provided that the approved limit is not exceeded and is still valid. Usage of a revolving limit is measured by the outstanding principal balance of all transactions for a customer. Revolving Limits are only available to counterparties with Technology Finance Risk Rating of “5” or better (i.e. CRR “8” or better), and can only be approved by a suitable DAA holder. Use of Security Deposits/Advance Payments

In the normal course of business, a customer may be required to pay a security deposit or an advance payment as part of the credit approval. In general, these funds shouldn’t be used to reduce or eliminate the delinquency of a customer. This requirement is also applicable even if Technology Finance is contractually authorised to apply these funds at its discretion. Notwithstanding the above, there are specific circumstances when these funds can be applied as a payment and/or used to reduce the amount of the obligation to Technology Finance, as follows:  The funds are equal to or greater than the remaining payments on the schedule.  When used as a partial or full payment to satisfy, in full, the obligation; If used as a partial payment the receipt of the shortfall is required before the application of these funds.  Reduction of the exposure at the point of termination of the schedule. 2.11 Sale and Leaseback/Hireback

Sale and leaseback/hireback is only permitted in the following circumstances:  Transaction will be considered for preferred vendors and/or larger companies to facilitate acquisitions of equipment owned by a client or another finance company

Commercial in confidence © Bank of Queensland Limited All rights reserved 23 BOQ.0001.0021.3680

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

 Transactions may be utilised when an approved customer is importing equipment and Technology Finance does not want to establish ownership until the equipment arrives. The customer must arrange their own trade finance in such cases.  Transaction will not be considered if there is any possibility of an underlying distress or need for cash on the part of the customer. Acceptance parameters  Equipment must have been purchased new  Maximum age of equipment to be financed is 6 months  Residual values to be based on age of equipment must be approved by Residual Management section  Proof of payment to be supplied upfront  Credit searches are to be performed to ensure there are no pre-existing GSA and/or SSA charges that may interfere with possession. If a charge exists the Sales Coordinator will be responsible for obtaining a PPSR Deed of Release / Priority prior to settlement. Sale and Leaseback – Other Finance Company

In the event that equipment is purchased from another leasing company and leased back to a customer the following will apply:  Purchase price will either be an independently validated market value or the buyout to the other finance company  Technology Finance will be invoiced directly by the other finance company (to ensure appropriate title).  Depending on risks/circumstances, the equipment may also be inspected by Technology Finance or professionally valued  Any PPSR the OFC holds against the client are to be discharged or a PPSR release provided for settlement Refinancing of Competitor Contacts

Technology Finance will accept an application to refinance existing “commercial “contracts with competitor finance companies only if the application is part of establishing a long term, substantial relationship with the Borrower. Product Specifications Equipment Price: Technology Finance will only accept a “new” contract where the initial contract was based on a verified recommended retail pricing (or less) on all assets being financed Residual Values: Refer to BOQF Residual Management Policy. Residual values on refinanced equipment require approval by a suitable RV DAA holder as the equipment is typically not new. Commercial Use: Commercial entity only with signed statutory business use declaration. Documentation: Standard rental agreement or if not, agreement documentation approved by BOQ Legal. Pricing: Standard finance pricing matrix applies Maximum Term: Age of asset at end of lease term not to exceed Standard Maximum Term for given asset. (Age of asset determined from date of original purchase of the asset.) Credit Approval: Normal lending criteria apply to credit applications. Specific refinancing amounts must be clearly identified in any credit application. Asset Description: The equipment description on the original “Finance company” contract must be identical to that included on the new Technology Finance documentation.

Commercial in confidence © Bank of Queensland Limited All rights reserved 24 BOQ.0001.0021.3681

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

Delivery Address: To be re-confirmed by the customer. Special Conditions:  Updated Insurance Certificate of Currency must be provided direct to Technology Finance  Any PPSR interests held against the client are to be discharged or a PPSR release provided for settlement “New” Customer: Our “new” customer must provide satisfactory evidence that the old contracts have been paid out. 2.12 Third Party Suppliers

If an accredited vendor submits an application for a customer of theirs or a customer makes an application, where all or part of the equipment requested is being sourced from a third party supplier that is not accredited with Technology Finance, then the following searches of the supplier’s details must be performed prior to transacting with the vendor:  Confirm that the supplier is not on the VF internal banned list  ABN search to validate the supplier’s ABN  Confirmation that the sale of goods falls within the “ordinary course of business”  If the supplier is a company, an ASIC search to validate the ASIC history of the business and the details of Directors, Shareholders and other company officers  White pages or Yellow Pages search to validate the supplier’s name, address and telephone number  If the DAA holder cannot validate the supplier’s ABN, ordinary course of business or ASIC details, then the application is to be declined.   All third party suppliers require approval of a suitable DAA holder. 2.13 Residual Value Policy

The BOQF Residual Management Policy applies to transactions where unguaranteed residual positions are taken.

3 Evaluation

3.1 Introduction

Basic Credit Principles

Technology Finance aims to assess a borrower’s ability and willingness to repay its debt obligations with a focus on historical and projected cash flow. Credit decisions will be based on an independent evaluation of credit information, taking into account the findings of due diligence. Prior to approval of any facility, the borrower and the proposed transaction must be evaluated t o assess the risks inherent in the transaction and structure the facility to mitigate these risks. This evaluation includes an assessment of the equipment and its value to Technology Finance as security. All qualitative and quantitative factors relevant to the creditworthiness of the borrower are analysed in the context of the “five Cs” of Credit:

Character -- Will the client pay? Examines business background:

Commercial in confidence © Bank of Queensland Limited All rights reserved 25 BOQ.0001.0021.3682

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

General history Credit history Integrity, quality, stability and depth of management Ownership structure and succession arrangements Nature and size of operations Capacity -- Can the client pay? Examine the ability of the business to repay our debt: Profit and loss Liquidity Cash flows Level of financial commitments Capital -- What financial resources does the client have? Examines the net worth position:

Gearing Nature of debt facilities; is there a secured lender? Working capital Collateral -- What is the value of the “second way out”?

Examine the level of security provided by the equipment financed: Salvage value over time

Secondary markets; ease of re-sale?

Conditions -- What is the commercial environment in which the client operates and what is the impact of this environment on BOQ’s risk? Examine business and industry conditions: Nature of the industry: mature, growth, declining? Many players or few? Business Cycle? How does the performance of the client compare to the rest of the industry in terms of Marketing, Operations, Finance and accounting, Management and personnel? Advantages/Disadvantages over competitors? Macro-economic issues affecting the industry Customer Grouping

Customers must be grouped in terms of the Aggregation and Grouping Policy to determine Total Aggregate Exposure (TAE) and Total Business Related Exposure (TBRE) based on loan limits (including redraw) for:  Risk Grading purposes;  Credit Assessment purposes, including determining whether a decision is within Delegated Approval Authority (DAA). For each application the listing of Parent codes must be checked to ascertain if there are Technology Finance exposures to entities within the same group. Where Technology Finance are aware or have reason to believe there is existing group exposure to an applicant within the BOQ Group, they must contact the appropriate BOQ personnel (i.e. Group

Commercial in confidence © Bank of Queensland Limited All rights reserved 26 BOQ.0001.0021.3683

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

Control Point) in order to confirm the number and type of facilities, the level of that exposure and the payment history rating for those facilities. Notes: If customer exposure is greater than $1.0m then the analyst must check with BOQ and BOQEF to confirm if they have any exposure, whether such exposure is indicated or not. 3.2 Credit Evaluation Requirements

Standard Evaluation

Exposure up to Exposure over Exposure over REQUIREMENTS $50k $50k to $250k $250k

MOODY’S RISK ANALYST NO NO YES YES IBISWORLD INDUSTRY REPORT NO NO (if available) Default Default CUSTOMER RATING YES Grading Grading

LGD GRADING YES YES YES

Standard Standard ROE TECHNOLOGY FINANCE PRICING Margin Margin Pricing run MODEL

VEDA CREDIT REPORT YES YES YES

Required if Technology OTHER BOQ/BOQEF EXPOSURE NO NO Finance Exposure > $1M Refer Small Credit Apps Full submission PROPOSAL TO BE COMPLETED Exposure Matrix (unless matrices (unless matrices Approval below apply) below apply) 3.2.2 Abridged Evaluation

Technology Finance accepts the application of a “no financials” matrix evaluation process for a small group of Borrowers that present a low credit risk profile. A matrix is a policy, it is not a DAA. The limitations of a Lenders DAA outrank the exceptions that a matrix provides. Only Lenders with appropriate DAAs can approve applications using a matrix. The following matrices can be utilised at the discretion of the DAA holder:  Small Exposure Approval Matrix for new and existing customers with a small exposure – Refer to Appendix C of this policy for full matrix details.  ANZ Commonwealth and State Government Entities Approval Matrix for customers who are Australian or New Zealand Commonwealth or State Government entities – Refer to Appendix D of this policy for full matrix details.  Religious Mainstream Private Schools Approval Matrix for Mainstream Religious Order Private Schools Matrix for new and existing customers – Refer to Appendix E of this policy for full matrix details. 3.3 Validating Identity

All Borrowers and Guarantors

Technology Finance will only conduct business with customers who are involved in legitimate business activities and whose income, wealth and funds are derived from legitimate sources. Technology Finance is therefore required to perform checks to confirm the identity of its clients.

Commercial in confidence © Bank of Queensland Limited All rights reserved 27 BOQ.0001.0021.3684

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

The purposes of these checks are:  to ensure appropriate customer identification;  to gain a better understanding of the customer and their business needs;  to identify transactions of a suspicious nature, such as theft, fraud, money laundering and terrorist financing. Validation Scores

The following table details the method of validation for all possible borrowers.

Entity Type Source of ID Information to be Recorded Individual known to BOQ Existing information held.  Surname  Given names  Date of Birth Individuals not known to The following sources in order of The following information as priority: recorded on the source of ID: BOQ 1. Australian Drivers Licence.  Surname 2. Australian Proof of Identity or  Given Names Proof of Age card.  Date of Birth 3. Current Australian passport 4. Current Visa issued by the Australian Government 5. Current passport (non- Australian) 6. Birth Certificate

Sole trader – ABN allocated As for individuals As for individuals Partnership – ABN Australian Business Register Partnership name as recorded on allocated Australian Business Register.

Australian Company National Names Index ACN (administered by ASIC) Australian Registrable body National Names Index ARBN (administered by ASIC) Other Body Corporate Constitution or equivalent Name of the entity as specified in the source document. Unincorporated association Australian Business Register – ABN or other body of persons [business.gov.au] (e.g. Trust) in Australia New Zealand Company NZ Companies Office NZ Company Number Unincorporated Association New Zealand Business Number NZBN of other body of persons (e.g. (nzbn.govt.nz) Trust) in New Zealand

Borrower Identification and Legislation

Proper identification of applicants reduces the potential for fraudulent transactions and criminal activity. All borrowers and guarantors must be properly identified in order to ensure that Technology Finance is dealing with the actual individuals or entities stated in the application and to comply with relevant state and federal legislation. In order to ensure that Technology Finance obtains all the details necessary to comply with this legislation, all customers must complete a Customer Data Collection Form as part of the application process. Additional requirements may be needed to comply with existing legislation

Commercial in confidence © Bank of Queensland Limited All rights reserved 28 BOQ.0001.0021.3685

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

3.3.3.1 Privacy Act All applicants for finance must complete a declaration confirming that the information they have provided is true and correct. This declaration will also outline the applicant’s rights under relevant privacy laws. Technology Finance must adhere to the BOQ Privacy Policy to ensure compliance with privacy laws in all states and territories where it operates. 3.3.3.2 Anti-Money Laundering and Counter Terrorism Financing Act This Act seeks to reduce the incidence of money laundering and thereby reduce the likelihood that borrowed funds will be used to aid terrorist organisations or other criminal activities. BOQ and its subsidiaries are subject to this legislation. In order to fulfil its obligations under the law, BOQ has developed the AML/CTF Program Part A (general) and AML/CTF Program Part B (customer identification). 3.4 Validating Credit History

Independent Credit Checks

Technology Finance does not permit the approval of an application until the DAA holder has validated and considered the credit history of the Borrower. Credit Reports

3.4.2.1 Credit Reports are Mandatory Prior to approval, the following must be obtained:  Privacy Notification and Consent form for each Individual, and  Credit Report from Veda Advantage for each Borrower and Guarantor. 3.4.2.2 Exception A fresh Veda Advantage credit report is not required where a credit report is already held on file and the report is no more than 1 month old. However, DAA holders reserve the right to require fresh reports at their discretion. 3.4.2.3 Credit Report must be Satisfactory All credit reports must be clear of any adverse information. 3.4.2.4 Anomalies/Adverse Listings The following table must be referred to by DAA holders when reviewing Veda Advantage credit reports:

Anomaly / Adverse listing: Action to take: Cross Reference Obtain a credit report on the Cross Reference Reconcile against the application from the Borrower and investigate any discrepancies Possible Match Obtain a credit report on the Possible Match and investigate the reasons for it New File Investigate the reasons for it; if no valid reason the file is declined Recent enquiry with another Investigate whether the enquiry refers to the financier for a similar amount to this same application and if so, the reasons for application decline or cancellation

Commercial in confidence © Bank of Queensland Limited All rights reserved 29 BOQ.0001.0021.3686

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

Adverse information including Investigate and request a satisfactory explanation; if Defaults, Judgements, Writs & no valid reason the file is declined Summonses

Credit References

3.4.3.1 Existing Technology Finance and/or BOQ Borrowers If the applicant is known to be an existing Borrower, it must be confirmed that the existing Technology Finance/BOQ facilities have been well conducted and are up to date. 3.4.3.2 New Technology Finance/BOQ Borrowers If the applicant is a new Borrower to Technology Finance and BOQ Group, best endeavours should be made to obtain a satisfactory verbal or written reference from at least one other member of the National Credit Reference Scheme. If no such reference is available, then the decision to approve must be supported by sufficiently strong financial data and other background information. 3.4.3.3 Credit Reference Must be Satisfactory All credit references obtained must be rated “satisfactory” or better in order to add value to an application. 3.5 Analysis of Financial Information

Spreadsheet Analysis

The assessment of a commercial transaction typically includes analysis of the borrower’s financial statements as a means of evaluating its performance, market position, strategy, management, legal and environmental issues, risk rating and considerations of industry dynamics affecting its performance. If the Borrower is part of a group, then the group’s consolidated financial statements are generally also assessed. The financial measures that are typically assessed at the time of application, as well as on an ongoing basis may include, but are not limited to, the following:  Total Debt/Capitalisation  Leverage (both senior debt leverage and total leverage)  Historical and/or projected EBITDA  Cash flow analysis  Liquidity  Interest Cover. Risk Grading

Risk Grading must be under taken in terms of the policy guidance contained within the Risk Grading Policy. 3.5.2.1 Validity of Grading

Transactions where total exposure is $250,000 or more must be graded in accordance with the Risk Grading Policy. For transactions with exposures of less than $250,000, the following default Technology Finance Risk Ratings are applied: Religious Mainstream Schools 5 (CRR 7) Federal & State Government Entities 3 (CRR 5) Local Councils 4 (CRR 6) Other 8 (CRR 12)

Commercial in confidence © Bank of Queensland Limited All rights reserved 30 BOQ.0001.0021.3687

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

3.5.2.2 RiskAnalyst The current spreadsheet tool for Commercial business is “RiskAnalyst”. This web-based application is a product of Moody’s and enables the analyst to enter and store financial and non-financial data and generate a variety of ratios and other indicators of the financial soundness of a business and assess Customer Ratings. RiskAnalyst produces a summary financial table and summary sheet. RiskAnalyst is required for exposures of $250,000 or more. Technology Finance Customer Risk Rating Guidelines

The following rating override guidelines will apply within Technology Finance in line with current practices to maintain consistency. These guidelines are not meant to take precedence over the Risk Grading Policy.  Governments and Government Entities – should be rated in terms of Appendix D of the Risk Grading Policy. However unless the essential principles outlined can be established with certainty, a downgrade override to no better than CRR 5 will be applied.  Local Councils – should be rated in terms of Appendix D of the Risk Grading Policy but downgraded to no better than CRR 6 in line with current practice  Private Schools of Mainstream Religious Groups (Not-for-Profit Entities) – should be rated in terms of Appendix F of the Risk Grading Policy but can only be upgraded to no better than CRR 7  Financial Institutions – should be rated in terms of Appendix E of the Risk Grading Policy. Since Moody’s RiskAnalyst is not a suitable analytical tool for these entities, the current practices can be applied for analysing and grading insurance companies (refer Attachment A of this policy) and other financial institutions (refer Attachment B of this policy). The final rating under this methodology should not be higher than the resulting CRR under the Risk Grading Policy  Other – Rating upgrade authority is limited to 2 points except for the above (all other upgrades >2 points require approval by appropriate DAA holder) except for the above and large corporations, which can be upgraded in line with external rating. Highest Customer Rating will be limited to CRR 2. These grading guidelines will apply to Technology Finance and will be effective until superseded by an overall BOQ grading principle, which may be developed to achieve consistency within the bank on full implementation of the Risk grading Policy. Other Analysis Tools

3.5.4.1 Credit Risk Monitor Technology Finance also has access to another analysis tool called “Credit Risk Monitor”. CRM is designed for commercial credit analysis, providing real-time financial information analysis and news on over 40,000 public companies worldwide. The CRM tool may be used at the discretion of DAA holders. Access to CRM is limited to DAA holders. 3.6 Industry Risk

Credit reviews for commercial customers should include a section on the industry in which the Borrower operates their business. An industry assessment should be considered, particularly if there are concerns about the present industry conditions. An industry section will be considered for exposure of $250,000 and over, and may include discussion of the following elements:  Industry life cycle (start-up, early, growth, mature, declining)  Local, regional or national markets  Key drivers  Susceptibility to economic fluctuations; cyclicality Commercial in confidence © Bank of Queensland Limited All rights reserved 31 BOQ.0001.0021.3688

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

 Substitutes or complements for the industry’s products  Competitiveness of and within the industry  Regulatory environment  Barriers to entry  Capital or labour intensive  Rate of technological obsolescence of its products. To assist in completing the industry section, IBISWORLD reports for Australian industries may be accessed, if available. There are no available NZ industry reports however the IBISWorld Australian industry reports can be used for purposes of industry risk analysis, if deemed applicable. 3.7 Validating Clear Title and Possession

This Section applies to all applications where the Supplier is:  a Private Seller of the equipment (Private Sale)  a Business not selling the goods in the ordinary course of business, or  the Borrower (Sale and Leaseback/Hireback). Tax Invoices

Technology Finance requires evidence of clear title & possession on all equipment that it finances. Technology Finance accepts Invoices and Tax Invoices from Accredited Vendors/Suppliers as satisfactory evidence of clear title & possession when the goods are being sold in the ordinary course of business. 3.7.1.1 Addressing Tax Invoices Technology Finance requires Invoices and Tax Invoices for Lease, Commercial Hire Purchase and Rentals to be addressed to the appropriate legal entity noting that the equipment is “For Delivery to” the Borrower. Invoices and Tax Invoices for loans must be addressed to the Borrower. Encumbered or Refinanced Equipment

In cases where the equipment being acquired is encumbered, Technology Finance requires evidence from the holder of the encumbrance that they have released it. This situation may occur where a company wishes to finance some equipment on a sale and leaseback/-hireback basis, but another lender already holds comprehensive security over the assets of the company and therefore over the asset to be financed. Where the holder of the encumbrance requires the payout of a loan prior to release the encumbrance, then Technology Finance requires:  A PPSR Deed of Release from the holder of the encumbrance, identifying the equipment and disclosing the payout figure and expiry date, and  A disbursement authority from the Borrower or Vendor/Supplier authorising Technology Finance to pay out the holder of the encumbrance from the Settlement funds. Note: This documentation is not required if a supplier is a bank, finance company or licensed auctioneer. In addition, the following requirements must be observed:  Applications to refinance existing commercial contracts with competitor finance companies may be accepted only if it is part of establishing a long term substantial relationship.  For new contracts, the price for all assets to be financed must be verified with amount not to exceed recommended retail price.  Residual values to be based on age of equipment as approved by Residual  Management section. Residual risk may be insured by an acceptable underwriter.  Equipment description must be identical with the original finance company contract description. Commercial in confidence © Bank of Queensland Limited All rights reserved 32 BOQ.0001.0021.3689

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

Sale and Leaseback/Hireback

This Section applies to all applications where the Borrower is also the seller of the equipment (Also see section ‘Structure’ and separate section headed ‘Sale and Leaseback/Hireback’ of this policy)/ Minimum documentation requirements:  Provision of original Invoices;  Invoice(s) from Company to Technology Finance together with Contract for Sale;  Confirmation that all subject assets are free of encumbrance, are fully owned and that the organisation has clear and good title to the goods;  Confirmation of payment;  Confirmation of installation;  In the event there is a GSA over all of the Company’s assets, or an SSA in an equivalent collateral class that could include goods being refinanced an appropriate PPSR Deed of Release / Priority is to be obtained;  Confirmation of Net Book Value from Company’s Accountant (presuming appropriate write- down for Depreciation) to be confirmed/authorised by Asset Management. 4 Vendor Annual Reviews

4.1 About Vendor Annual Reviews

Annual reviews for vendors are required for any of the following: 1) Vendor Programs where:  Indirect exposure greater than or equal to $7.5 million or  Indirect exposure greater than or equal to $2.5million with correlation risk rated “High”. 2) RV Guarantee limits for a vendor (see also section ‘Vendor Recourse’ of this policy) 3) Other recourse provided by vendor Note: A review of a vendor may be conducted at any time at the discretion of Credit Risk or the Technology Finance area, including tracking the behaviour and profitability of the portfolio. This policy should not interfere or take the place of any regular review established below the levels discussed. The annual review is a written summary of the current status of a credit facility and the vendor to include, at a minimum, an assessment of the following:  Vendor’s current financial condition and any changes from prior periods  Loan/portfolio performance  Condition and/or value of the collateral  Re-assessment of assigned risk rating  Trends in the internal or external environment affecting the vendor  Any policy exceptions and the status of factors cited to mitigate any policy exceptions when the credit was approved  Conclusion as to the vendor’s ability to perform on the existing credit facility as structured. The annual review date is tracked in the system and advised to Credit Department through Sales when it comes due. Each completed review is to be ratified by an appropriately empowered DAA holder. The annual review will coincide with renewal or extension of credit facilities unless required earlier as a condition of approval. There is no requirement to complete an annual credit review once the facility expires and vendor relationship is considered on the wind down unless the approver has otherwise required the review.

Commercial in confidence © Bank of Queensland Limited All rights reserved 33 BOQ.0001.0021.3690

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

4.2 Vendor Programs

Indirect Exposures

The limit for indirect exposures is calculated as follows: Total outstanding balance of funded and committed financings to all obligors under the related investment program including any incremental outstanding balance required for the processing of new business during the period being approved. PLUS All direct exposure to the vendor LESS Projected pay downs. All programs to all subsidiaries and other affiliated entities of the vendor must be included in calculating indirect exposure. When calculating the amount for approval purposes, new volume expectations are not included where outstanding’s are less than $7.5m. For outstanding’s of $7.5m or greater, the review should include the new volume needs plus the outstanding portfolio when establishing a limit. Vendor Review Log

Technology Finance will maintain a Vendor Review Log to list all Vendors that are subject to the greater than $7.5 million rule and complete all required Annual Reviews in a timely manner. Format

The format of vendor reviews is as per the Vendor Review template. Review Criteria

Although reviews are conducted in the standard format, special attention should be paid to:  Performance of the customer base  Financial performance of vendor  Service tie-in (correlation risk)  Profitability. Correlation Risk

When considering a vendor program, Technology Finance must be aware if there are any services that are provided by a vendor and the potential impact on the end user if the vendor were to fail to provide those services for any reason. These services create what are known as “reliance risks”. The extent to which the end user relies on services performed by the vendor is referred to as the “correlation risk”. Each vendor annual review must consider the level of correlation risk in the program and must propose a rating for the level on a scale from Low to High. Following are definitions of the rating scale: High Risk: Vendor service is uniquely essential to the customer’s use of the equipment and not available from third parties if the vendor ceased providing the service. Residual values would experience a significant decline from current market values. Medium risk: Original vendor services/support for equipment is preferred, however similar service/support is available from other parties; OR third parties would likely assume source services/support without any significant interruptions if the original source ceased to provide it. Residual Commercial in confidence © Bank of Queensland Limited All rights reserved 34 BOQ.0001.0021.3691

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

values might have some degradation from current market values. Low Risk: Source service/support for the equipment is not unique or is not critical to the customer’s use of the equipment. Any necessary service/support is available from other sources. Residual values would not likely be adversely affected. 4.2.5.1 Types of Reliance Risks There are various types of reliance risks to be considered when determining Correlation Risk, including, but not limited to the following examples. Operational Reliance Risk With certain special purpose equipment or specialised software, there is continuing involvement of a third party, such as the vendor or source. Examples include:  Some auto tracking equipment that requires the source of the software to maintain a GPS location on each tag and make that information available on the web  Certain satellite communication equipment that requires the maintenance of satellites in order to work properly  Some software products that require the source to maintain an ever changing database. The customer’s desktop system will communicate with the database in order to function properly. A cessation of service in such cases would almost certainly result in non-payment from affected borrowers. Manufacturer risk The risk that the manufacturer will not be available or able to supply spare parts and repair equipment under warranty; a manufacturer with a limited operating history and/or weak financial condition represents a high manufacturer risk Installation risk The risk that the equipment will not be properly installed and therefore will not work properly; usually involves a dealer or installer Merchantability or Fitness for a Particular Purpose The risk that the equipment will not do what the customer needs it to do or that the equipment is not working. These are implied warranties from the seller and are difficult to disclaim. Service and repair risk The risk that the source is not able or willing to perform normal servicing and repairs as needed. If the equipment is not serviced properly it may stop working and if so, not only does the security value of the equipment fall, but the customer will almost certainly stop making repayments. Issues with software If the equipment utilises software in order to make it work properly, failure of that software could lead to the customer ceasing payment due to non-performance. DAA holders must consider which of the following categories of software we are dealing with and the associated risks:  Operating system  Standard Application Software  Specialised Software  Customised Software  Subsequent Release risk Although documentation may contain “hell and high water” clauses, extra care should be taken when dealing with any of the above situations.

Commercial in confidence © Bank of Queensland Limited All rights reserved 35 BOQ.0001.0021.3692

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

Secondary Source Provider

Every vendor review should contain a section on a secondary source provider which would be available to take over the services/support provided by the original vendor should that vendor fail to provide those services for whatever reason. The “Secondary Source Handling Section” of the vendor review should include the following:  Identify what performance may be required of a secondary source  Identify who could step in to continue to provide those services to the end user. Specify if there is only one potential provider identified or if multiple providers exist  Identify key transition issues, positive or negative, should the services need to be transitioned to a secondary source provider  Conclude whether the service tie-in represents a high, medium or low correlation risk. It should be noted that there may be several sources involved in the supply of financed assets as follows:  Manufacturer  Dealer / Reseller  Solution Provider  Installer. The secondary source handling section may need to address each of these sources. 5 Approvals

Requirement for Proper Credit Control

All credit transactions must be appropriately approved by a duly authorised DAA holder before they are committed Verbal or written commitment must NOT be issued to the counterparty until proper approval has been obtained. Approved Applications - Validity

Single or one-off transaction approvals remain valid up to 3 months from date of approval unless otherwise indicated. Uncommitted credit facility limit approvals remain valid for 12 months from date of approval unless approved for a shorter period. Note: Credit facility limits expire once the borrower’s financial statements are more than 21 months old (based on borrower’s financial year end balance date). Alterations to Existing Approvals

If the Borrower seeks any of the following amendments to an approval prior to settlement, the application must be referred back to the original DAA holder for approval of the amendment:  change the name of the Borrower or availability of any of the Guarantors  weaken the security position (including changes to the equipment)  increase the term of the advance  increase the residual value or balloon, or  vary any Special Conditions of the approval extension of expiry date of credit facilities up to 90 days where there are extenuating circumstances (such as non-availability of financial statements).

In the absence of the original DAA holder, then the application must be referred to a person holding an equivalent or higher DAA.

If the amendment results in the approval being outside the DAA of the original approver, then it must be referred to a Credit Risk officer with the required DAA.

Commercial in confidence © Bank of Queensland Limited All rights reserved 36 BOQ.0001.0021.3693

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

5.2 Amendments, Waivers and Resubmissions

Amendments/Waivers

Material waivers and/or amendments typically include:  Loosening of approval conditions or financial covenants  An extension of maturity date  A decrease in collateral  Deferral of scheduled amortization. Non-material waivers and/or amendments typically include:  minor change in calculation of financial covenants that does not impact assessment of the ability of the borrower to repay the facility according to the terms of the facility  short term extension of a maturity date to allow for renewal for a performing borrower with no material change in borrower risk profile  non-recurring, non-material accommodation of the borrower to achieve an objective that does not impact the risk profile or repayment capacity of the borrower. All amendments and waivers must be approved by the appropriate delegated approval. Resubmissions

Resubmission requests for transactions already declined or where a credit approval is no longer valid will only be considered if accompanied by additional information providing material arguments for approval. Resubmissions must be referred to the original decision maker for that file, if available, in the first instance. In the absence of the original DAA holder, then the application must be referred to a person holding an equivalent or higher DAA. 5.3 Restructures and Extensions

Restructuring of Existing Facilities

5.3.1.1 General From time to time a customer may require a modification of the original terms of their agreement with Technology Finance. These modifications can be in a formal or informal format depending on the circumstances and may be accomplished in one of the following methods:  Extensions/Deferment of Payment: Payments deferred to the end of the schedule with no change to the monthly payment amount.  Restructure: The monthly payment amount is changed but the length of the remaining obligation is unchanged.  Rewrite: The monthly payment amount and the length of the term are changed and/or additional collateral is pledged.  Informal modification: This is a temporary increase in the monthly payment, to enable the customer to cure the delinquency in a short period of time. No documentation or addendum to the schedule(s) is made and no change is entered onto the system.

Commercial in confidence © Bank of Queensland Limited All rights reserved 37 BOQ.0001.0021.3694

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

Extensions, Restructures or Rewrites (modification) are a collection tool allowing both Lessee and Lessor the ability to resolve a delinquency or a potential delinquency in a positive and productive manner. Extensions, Restructures or Rewrites should never be used to temporarily fix a problem account, thereby lowering delinquency only to have the account subsequently become delinquent. These tools are only for use when, in the best judgement of the Credit approval authority, the tool will permit the permanent resolution of the account. 5.3.1.2 Basic Requirements 1. Business must be a going concern 2. A completed Extension Request should be submitted to an appropriate DAA holder based on the exposure level. 3. There must be reasonable justification in the customer correspondence indicating the Lessee’s ability and willingness to pay future payments. Reasonable justification must include the reason why the Lessee is delinquent, as well as corrective measures that are being taken to resolve the Lessee’s cash flow problems. 4. Updated financial information is required for exposures greater than $100,000. 5. All outstanding fees (i.e. late fees, misc. charges, etc.) must be paid at the time of the modification. 6. All Extensions, Restructures or Rewrites will be approved by the appropriate Credit Authority before authorising the Lessee to send in the extension fee and signed acknowledgement. 7. Approval of a suitable Residual Value DAA holder of any request to revise the residual value. 8. The maximum permitted extension is three (3) payments in a twelve (12) month period or six (6) payments over the term of the facility. 9. PPSR registrations are to be extended to cover any increase in term. 5.3.1.3 Authorisation Required

Restructured or extended transactions must be credit approved. Approval required is Head of Credit Risk NSW and ACT or higher DAA authority holder. 5.3.1.4 Records Records must be kept identifying all accounts that have been so modified and reflecting the current status of the modified schedules. 5.4 Declined Applications

Decline decisions must be conveyed in a professional manner without reference to the applicant’s internal risk rating. Unless there is significant new information pertinent to the transaction, declined applications cannot be reconsidered for approval by a lower DAA holder until 12 months after the decision to decline. 6 Documentation

6.1 Lending Documents

General Principles

The following are the basic documentation principles:  To ensure the timely and accurate execution and maintenance of legal and credit documentation for all credit exposures

Commercial in confidence © Bank of Queensland Limited All rights reserved 38 BOQ.0001.0021.3695

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

 To recognise that proper credit and legal documentation is necessary to promote sound credit decisions and ongoing monitoring, and that the maintenance of that information in an accessible and usable format is necessary.  All standard documentation must be approved by BOQ Legal Counsel Authorised Signatory

All executed documents must be signed by individuals with approved authority. These authorities do not constitute credit approval authority, but the authority to execute documents. Prior to signing any documents, the authorised signatory must ensure that the commitment or release has been duly approved by the appropriate DAA holder. Credit Agreements and Related Documents

The credit agreement or lease agreement, and all related documents, represent the contract between lender and the borrower. All legal documentation must be accurate and properly identify and communicate all terms, conditions and covenants of the transaction. Each credit transaction is unique and therefore each credit agreement must be reviewed to identify the required legal documentation. For each credit product, there will be general and specific legal documentation requirements. Frontline staff must ensure that all approval terms and conditions (including Technology Finance Pricing Model, appropriately approved if required) are satisfied and all duly executed document requirements (including appropriate insurance as per Section ’Insurance’ of this policy) are obtained prior to transactions being settled. Document Filing and Storage

Technology Finance requires that all documentation, application, evaluation and validation records be held on file. Credit files are merged with the contracts and other transaction documentation and, once settled, are scanned into the Virtual Office document management system. Originals are stored offsite. For all manually assessed commercial transactions, all material documents must be scanned into a Customer Master File in Virtual Office (refer to Credit Master File Procedure for file naming convention located in G:\Credit\Credit\Credit Originations CFS and DFS\Customer Masterfile\Customer Masterfile Procedure). Access to credit files is restricted to authorised personnel in the credit, audit or collection units. Non-standard Documentation

Non-standard or one-off customer requirements must be referred to BOQ Legal Counsel for legal opinion. If BOQ Legal Counsel issues a negative opinion on these requirements, then the transaction is to be declined or renegotiated. Changes to Standard Documentation

Specific procedures regarding changes to standard documents are covered by guidelines issued by BOQ Finance management from time to time. A customer request to amend standard documents should only be considered if there are compelling commercial reasons to proceed with the transaction. Changes are generally discouraged.

Commercial in confidence © Bank of Queensland Limited All rights reserved 39 BOQ.0001.0021.3696

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

7 ATTACHMENT A – Analysis and Grading of Insurance Companies For purposes of completeness, outlined below is Technology Finance’s practice in respect of assigning Customer Risk Rating (CRR) to Insurance Companies.  CRR will be based on the external rating of the Insurance Company  If no direct external rating, CRR will be based on the Parent Company external rating plus subsidiary penalty adjustment (1 point if same name and 2 points if not)  If there is no external rating, Customer Rating will default to CRR 11 (equivalent to S&P’s “BB” rating and Moody’s “Ba2” rating). This is considered a conservative approach on the basis that insurance companies are regulated by APRA.  All credit staff that are assessing a transaction have unlimited authority to downgrade the CRR based on other financial or fact based information, subject to compliance with BOQ Risk Grading Policy and DAA Policy. Since Moody’s RiskAnalyst is deemed to be not suitable for analysis of insurance companies, the financial summary below may be utilised to identify the key financial highlights and ratios in assessing these entities. Income Statement

Net Premium Earned Net Investment Income Net Claims expenses Underwriting Expenses NPBT NPAT Balance Sheet Cash Investment Assets Reinsurance and Other Recoveries Intangibles Total Assets Unearned Premium Gross Policy Liabilities Outstanding Claims Total Debt Total Liabilities Net Worth

APRA Minimum Capital Required (MCR) APRA Tier 1 Capital (Capital Base) Ratios

Loss Ratio (Claims/Premium) Expense Ratio (Underwriting/Premium) Combined Ratio Investment Income / Premium

Commercial in confidence © Bank of Queensland Limited All rights reserved 40 BOQ.0001.0021.3697

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

Return on Investment

8 ATTACHMENT B – Analysis & Grading of Other Financial Institutions

For purposes of completeness, outlined below is Technology Finance’s practice in respect of assigning Customer Risk Rating (CRR) to other financial institutions:

 CRR will be based on the external rating of the Financial Institution.  If no direct external rating, CRR will be based on the Parent Company external rating if guaranteed, otherwise penalise by 1 point if same name or 2 points if not.  If there is no external rating, Rating will be CRR 11 at best (equivalent to S&P’s “BB”  rating and Moody’s “Ba2” rating) if regulated by APRA and worse, if not regulated.  All credit staff that are assessing a transaction have unlimited authority to downgrade the CRR based on other financial or fact based information, subject to compliance with BOQ Risk Grading Policy and DAA Policy. Since Moody’s RiskAnalyst is deemed to be not suitable for analysis of financial institutions, the financial summary below may be utilised to identify the key financial highlights and ratios in assessing these entities.

Commercial in confidence © Bank of Queensland Limited All rights reserved 41 BOQ.0001.0021.3698

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

8.1 Financial Summary Template

$'Million FYE FYE FYE 12 12 Months 12 Months 12 Months Interest Income Non-Interest Income Investment Income Total Revenue Bad Expense Interest Expense Operating Expenses Non-operating Expenses Total Expenses Net Profit Before Income Tax Net Profit After Income Tax Assets: Cash and Liquid Assets Due from Financial Institutions Financial Assets Derivative Financial Instruments Loans and Advances Property, Plant and Equipment Intangible Assets Equity Accounted Investments Other Assets Total assets Liabilities: Due to Other Financial Institutions Deposits Derivative Financial Instruments Accounts Payable and Other Liab Current Tax Liabilities Borrowings Including Sub Notes Other liabilities Total liabilities Shareholders' Equity: Issued Capital Reserves Retained Earnings Other Equity Total equity Financial Ratios Net Profit Margin Net Interest Margin Loan Loss Ratio ROE Capital Adequacy Ratio - indicative MLH Ratio - indicative

Commercial in confidence © Bank of Queensland Limited All rights reserved 42 BOQ.0001.0021.3699

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

9 Attachment C – Small Exposure Approval Matrix

9.1 Small Exposure Approval Matrix

Lenders with an appropriate DAA can apply the following abridged evaluation to Borrowers in all acceptable industries. The following minimum evaluation criteria must be met otherwise standard evaluation procedure applies. NOTE: This matrix is not a DAA. The limitations of a Lenders DAA override all matrix evaluation criteria. For example, a Lender cannot use a matrix to approve an amount of exposure, or type of asset, that their DAA does not otherwise permit. Evaluation Criteria Requirements

New IT related and Print Equipment including standard soft cost Not to exceed 20% of the total amount financed (except as Equipment Type allowed in approved Vendor programme or payout / refinance provided age of equipment plus refinancing term do not exceed Standard term

Maximum Technology $250,000 Finance Matrix Exposure (Total Technology Finance Exposure)

Product Type Operating Lease / Rental Agreement Only

Business Continuity 2 years

Not required Guarantees

Veda Advantage credit Clear of any adverse on Borrower report (single paid trade default or telco default under $1k acceptable)

Financial Information and Serviceability Analysis Not Required

Standard Term and Repayment Apply – in terms of relevant Term and Structure BOQF policy (unless specifically approved under a Vendor Programme)

 All other Technology Finance Policy requirements apply Other  No Sale & Leaseback or Private Sale  Residual Value complies with Technology Finance Standard residual matrix

Commercial in confidence © Bank of Queensland Limited All rights reserved 43 BOQ.0001.0021.3700

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

10 Attachment D – ANZ Commonwealth & State Government Entities Approval Matrix

10.1 ANZ Commonwealth and State Government Entities Approval Matrix

Lenders with an appropriate DAA can apply the following abridged evaluation to Borrowers in all acceptable industries. The following minimum evaluation criteria must be met otherwise standard evaluation procedure applies. NOTE: This matrix is not a DAA. The limitations of a Lenders DAA override all matrix evaluation criteria. For example, a Lender cannot use a matrix to approve an amount of exposure, or type of asset, that their DAA does not otherwise permit. Evaluation Criteria Requirements

Equipment Type New Only - Acceptable Equipment

Maximum Technology Finance $2,000,000 Exposure

Operating Lease / Rental agreement/Finance Lease and SSA Product Type (Secured loan) Only

Residual Value Standard RV’s for Technology Finance contracts

Self-insurance allowed Insurance (Insurance premium can be financed for less than 50% of total amount financed)

Business Continuity Not Required

Guarantees Not Required

Veda Advantage credit report Not Required

Financial Information and Serviceability Analysis Not Required

The ABR search using the entity’s ABN must show entity type ABN Search as “Commonwealth or State Government Entity” (refer exclusions below)

Transaction structure Within the requirements of the relevant BOQF policy

 Landlord’s right of entry not required Other  Local councils and GBE’s not included in this matrix

Commercial in confidence © Bank of Queensland Limited All rights reserved 44 BOQ.0001.0021.3701

BOQF TECHNOLOGY FINANCE COMMERCIAL CREDIT POLICY

11 Attachment E – Religious Mainstream Private Schools Approval Matrix

11.1 Religious Mainstream Private Schools Approval Matrix

Lenders with an appropriate DAA can apply the following abridged evaluation to Borrowers in all acceptable industries. The following minimum evaluation criteria must be met otherwise standard evaluation procedure applies. NOTE: This matrix is not a DAA. The limitations of a Lenders DAA override all matrix evaluation criteria. For example, a Lender cannot use a matrix to approve an amount of exposure, or type of asset, that their DAA does not otherwise permit. Evaluation Criteria Requirements

Equipment Type New Only - IT and Office Equipment Only

Maximum Technology Finance Exposure $500,000

Product Type Operating Lease / Rental agreement Only

Residual Value Standard - Education RV’s for Technology Finance contracts

Guarantees Not Required

Clear of any adverse on Borrower Veda Advantage credit report (unless adverse was considered acceptable previously)

Financial Information and Serviceability Analysis Not Required

Transaction structure Within the requirements of the relevant BOQF policy, but 36 months preferred

Must be on the DET Gazette List Verification (for NZ originations, must be on the Ministry of Education website)

 Catholic Church  Presbyterian Confirmed Religious Affiliation  Anglican  Baptist  Seventh Day Adventist  Uniting Church

 Landlord’s right of entry not required Other  All other Vendor Finance Policy requirements apply  No Sale & Leaseback or Private Sale

Commercial in confidence © Bank of Queensland Limited All rights reserved 45