How do CommBiz roles and permissions work?

  • CommBiz User roles and permissions are assigned to control and manage what Users can see and do on a CommBiz Service. 

    When a CommBiz Service is established, Administrators are appointed to manage how Users operate on the Service. 

    The Administrator of the Service can create more Users and assign them roles to suit their needs. 

    Users can be assigned multiple roles and accesses to a Service. There are 3 types of roles an Administrator can assign to a User: 

    1. CommBiz Defined Roles – these are standard permissions that give general access to the Service and accounts
    2. User Defined Roles – permissions and accesses that can be assigned to a group of people
    3. Custom Permissions – specific permissions and accesses unique to each User

    There are some permissions where an Administrator will need to submit a Maintenance Request. Forms may generate and will need to be signed, by account owners, and returned to us to before we can give that permission to the User. Those permissions are: 

    • Authoriser;
    • Service Delegate; and
    • Card Administrator

    When creating a new User, the Administrators can choose to copy the permissions of an existing CommBiz User (if one exists).

CommBiz Defined Roles

CommBiz defined roles are roles with standard permissions in CommBiz. 

User permission
What this permission can do
Users assigned this role can view all accounts and account information available on CommBiz including statements, transactions and account balances.
Users can create payments and Service Requests for all accounts linked to the CommBiz Service, including requests a change of account address or request to stop cheques.
Authoriser* °
Authorisers can authorise payments, Maintenance Requests and other Service Requests, in accordance with the electronic method of operation (EMOO)°, for accounts they’re Authorisers on.

Authorisers must be identified on CommBiz and can only be appointed by an Administrator, who submits an Add or Edit Account Authority Maintenance Request. This determines who can authorise  CommBiz payments, CommBiz Maintenance and Service Requests (known as the Electronic Account Authority or EAA), and how many Authorisers are required to process payments and any payment limits that may apply to the accounts (known as the Electronic Method of Operation or EMOO). 
Administrators manage and maintain the CommBiz Service, including adding, removing and maintaining Users, submitting Maintenance Requests to add and maintain accounts, and updating and ordering token devices.

An Administrator is appointed when the CommBiz Service is set-up. Administrators can then appoint other Administrators to the help manage the CommBiz Service. 
Service Delegate* °
Service Delegates are appointed to electronically authorise some Maintenance Requests without the need to generate paperwork. Service Delegates are also responsible for appointing Card Administrators who manage Card Facilities linked to the CommBiz Service.

Service Delegates can only be appointed by an Administrator, who submits a Service Delegate Maintenance Request. This determines who the Service Delegates are and how many Service Delegates are required to electronically authorise requests.
Card Administrator* °
Card Administrators maintain Card Facilities that are linked to the Service, including setting card limits, ordering new cards, reissuing pins and cancelling cards.

Card Administrators can only be appointed by an Administrator who submits a Card Administrator Maintenance Request that determines who has access to the Card Self Service functions. This Maintenance Request will then need to be authorised by an existing Service Delegate(s). 
Data Sharing Delegate
Appointed by each entity linked to your CommBiz Service to give, amend and manage authorisations on behalf of each such entity to share data with accredited data recipients under the Consumer Data Right for all accounts (other than Third Party Accounts).

* Users must also have View access to accounts

° Administrator will need to submit a Maintenance Request to assign this role

User Defined Roles

  • User Defined Roles are roles created by the Administrator as templates with specific permissions which can be given to multiple Users. If the Administrator changes the permissions of a role, the changes will apply to all Users the role is assigned to.

    For example: 

    Administrators may create a role called ‘Payroll’ with specific permissions associated with payroll activities, like viewing balance history of accounts linked to CommBiz. They can then assign this role to one or many existing or new Users who would need to perform those activities.

Custom Permissions

  • Administrators can assign custom permissions which are a set of specific permissions and access, unique to each User, to meet their business need.=

    For Example: 

    Administrators can nominate specific accounts to be viewed by the User or restrict Users to create payments only using details saved in the address book.