Frequently asked questions: Multi user authorisation and privilege delegation



What is multi user authorisation?

A major benefit of the multiple account user and privilege delegation features is the ability for customers to enforce dual or multiple authorisations for account transactions online, as you would currently do with multiple account signatories in the offline environment. 


Back to Top 


What happens if the required number of Authorisers do not approve a transaction?

If an Internet Banking profile defines that more than one person must authorise transactions and requests on behalf of the customer, the following actions will be held in a pending state for 90 days to allow sufficient time for the transaction to be authorised:


  • any value transaction, including uploads of a Payments File
  • any transaction limit increase or decrease
  • any delegation of authority to another User, and subsequent changes to Delegated User authority
Please note any transaction still requiring additional authorisations after 90 days in the pending state, will be automatically deleted.


Back to Top 


If I am an Authoriser, how will I know when a transaction is pending authorisation?

Authorisers on the account can be notified of any pending authorisation requests via Secure Mail, Normal email (via the email address registered for the customer), SMS (via the mobile number registered for the customer) and the notifications area on the Home menu.


Back to Top 


Can there be more than one Authoriser on an account?

Yes.  More authorisers can be created than the number of authorisers required to approve each transaction.  For example, all four company directors may be defined as authorisers in the Internet Banking service, but only two of these four need to authorise transactions and requests at any time.


Back to Top 


What types of account users can be created in Internet Banking?

Because an Internet Banking profile can have one or more people associated with it, different types of account users will exist.  There are four types of people who can access Accounts through Internet Banking

  • a Customer with authority to operate on the account individually; or
  • a Related Account User, who is a signatory on the Account, has authority to operate on the Account individually or has authority to operate on the Account as one of a two or more persons to sign method of operation and has been granted Internet Banking access to the Account by both the Customer and BOQ; or
  • an Authoriser, who is a signatory on an Account that requires more than one person to operate on the Account, and where Internet Banking access has been established for each signatory to the Account; or
  • a Delegated User, who has been granted Internet Banking access to the Account by a Customer, Related Account User, Authoriser or another Delegated User.


Back to Top 


Who can create a Delegated User?

BOQ customers, Authorisers and Delegated Users will be able to use Internet Banking to delegate access to one or more Delegated Users.  The person who creates the Delegated User will also set the Delegated User’s Personal Access Code (PAC).


Back to Top 


Is there an application form for Delegated Users?

No.  The Delegated User will not be required to sign an authority or any other registration form as part of their set-up, however if they are given access to make value transactions*, they must satisfy the Customer Identification Requirements at a branch.  The new Delegated User will have “view only” access until the Customer Identification Requirements are met.


The Customer (Account Holder) should consider carefully whether to allow Delegated Users to Delegate their Internet Banking rights.  As the Account Holder you will be responsible for the actions of all Users accessing your Internet Banking profile, including Delegated Users.


* A value transaction is any transaction where an amount greater than zero is transferred from a nominated account.

Back to Top 


What levels of user access can I give a Delegated User?

Customers/Authoriser/Delegated Users can choose from a number of different levels of access for each account and for each Delegated User:


Access Level  Definition
None No information will be displayed to the User.
View Only Can create payees, billers and payers but not execute payments.
Create No View Can setup payments for processing and is not counted as an authoriser and cannot authorise payments created by other users.  Balances, pending payments and transaction history are not viewable.
Create View Can setup payments for processing but is not counted as an authoriser and cannot authorise payments created by other users.
Execute View Full access for account within limits and payment actions allowed.
Execute No View Full access for account within limits and payment actions allowed. Balances, pending payments and transaction history are not viewable.


Note: As new Access Levels have been introduced any existing levels will map as follows: None = none, View = Create View and Execute = Execute View.
If you wish to use these new Delegated User features you will be required to edit your existing Delegated User profiles via Internet Banking.


Back to Top 


Why do I see the word "Restricted" where the account balance is usually displayed?

The word "Restricted" is displayed for any accounts where the access rights for the account for the Delegated User contain one of; 'None', 'Create No View' or 'Execute No View'.


Back to Top 



Can a Delegated User view secure mail messages?

If a delegated user has a view component for every function on each account they can access, they will be able to view all secure mail messages sent and received. This will include secure mail messages which are related to accounts that the delegated user may not have access to.


Return to FAQs 



If your question is not answered by these FAQs or you have other questions regarding BOQ Internet Banking, please contact our Customer Contact Centre on 1300 55 72 72  (+617 3336 2420 if you are calling from outside Australia) or email us.