Risk isn’t something to be feared or quashed, according to AUSTRAC’s Leanne Fry. If anything, risk ‘changes the game’ and is a friend, not a foe – like a rewarding, yet challenging relationship.
Indeed, managing risk – and reward - is all in a day’s work for Fry, who’s the chief innovation and information security officer for AUSTRAC, an agency responsible for preventing, detecting and responding to criminal abuse of the financial system to protect the community from serious and organised crime.
Through a series of highs and lows (including a few health issues and personal setbacks), Fry has learned to ‘keep calm and carry on’ during a crisis and to navigate the roadblocks - a personality trait that’s proving invaluable for leading the IT, innovation and IT security helm at AUSTRAC.
“Risk – it’s such a key capability both personally and applied in your job," Fry explains.
"If you want to change the game, you need to be really adept at understanding and mitigating risk. I’ve taken personal risk (including financial) with many of the role changes I’ve made – but as one of my mentors said to me, ‘What do you do if you make a wrong decision? You make another one really fast.'
“We face risk every day with our network, systems and project delivery. One of the US astronauts described their advanced training as ‘training for failure.’
"That resonated with me – become ‘match fit’ at risk and you’re likely to be more confident at changing the game.”
Get to know Fry and you’ll soon discover she’s a communicator, a risk-taker, a change-agent and an intensely loyal and collaborative leader who’s obsessed with learning – and she’s not afraid to ask questions.
As a matter of fact, she first learned “the power of asking questions” during her early years as a solicitor in Sydney.
“I remember how stressful it was, knowing all that I didn’t know, which was a lot.
"That was my first experience of not being afraid to ask questions. I had to get my ego under control and acknowledge I wasn’t silly, stupid or ignorant, but that I simply didn’t know things because I hadn’t done them before,” she says, explaining the legal secretaries knew more than she did.
“So, asking someone for guidance and advice wasn’t hard – and it’s been a very good life lesson. In law, a lot of it is process, so once you’ve done it, then you know it. But when you come in as a fairly green, yet fully qualified solicitor, there’s a lot to learn. That was a really good start for me in working with people.”
Admittedly, a law degree – and her time as a solicitor - helped prepare her for her future roles in life – both in the private sector (particularly her pivotal years at Lendlease), and now at AUSTRAC.
“It teaches you to think. It teaches you to assess information, process information, make decisions. I did practice as a solicitor for a couple of years before deciding there was more to life, and so set off into the private sector.”
Since then, Fry has achieved some notable firsts, particularly in legal publishing where she was responsible for authoring a major multi-volume loose-leaf edition of an iconic precedent work, as well as in private sector at Lendlease, where she helped create one of the first corporate intranets in Australia.
Then AUSTRAC came calling – and an exciting role opened up for Fry in the federal government.
Certainly, her big double role as chief innovation and information security officer has allowed her to blend her love of technology, security and innovation.
“I saw early on how critical technology is to delivering services and products, changing the way organisations work, and now protecting them as well,” she says, explaining you can’t have innovation without security.
“I think there are two sides of the coin: innovation changes things, while security keeps things safe. You can’t have one without the other. They need to be kept in balance so that sometimes requires robust conversations about risk and return.
“Innovation needs to deliver value so you need to understand the drivers for it. This can be more challenging in government than a private enterprise where there are very clear customer and market imperatives. For me, it’s a close partner to strategy – where do you need to be and what might be possible to get you there?”
In that combined role, Fry leads the analytics, innovation, development, IT security information and infrastructure teams, and is responsible for ensuring AUSTRAC has the necessary advanced analytics and customer service capability in place to innovate.
The dual role creates tension – but it’s a good thing, she explains.
'“Having that within the one IT portfolio is a very nice creative tension. We’ve got people really pushing boundaries, and then we’ve got people saying, ‘No, but the rules matter,’ and so we must abide by the rules. It creates tension, but it’s a really good thing to have.”
Specifically, as part of the security function of her role, Fry deals with the oversight of cyber incident responses; reports to the chief security officer and executives on cyber activities and incidents; uplifts the organisation’s understanding and capability in cyber security through communication and education; and manages business continuity in relation to cyber threats.
“I’m working closely with industry and our partners to drive AUSTRAC’s innovation for both processes and products," she says.
"Key external projects at present are putting in place a secure information sharing capability for the regional FIUs (financial intelligence units) and exploring with the financial sector the application of privacy preserving technology to identify financial crime.”
More broadly, she oversees six teams, totalling 100 people, and substantially insources technology.
“We’re both a financial intelligence unit, but also a regulator," Fry says.
"We deal with money laundering, terrorism, and are a financing regulator, so we work with the big banks and the remittance sector to help them be the front line against organised and financial crime.”
One of her big achievements – and early wins - at AUSTRAC was her involvement with the Fintel Alliance.
“I joined AUSTRAC in its first wave of transformation to deliver Fintel Alliance, our public-private partnership," Fry says.
“It was my privilege to work with a group of committed clever people to create the roadmap for it and deliver the foundational technology that enabled it to come to life.
"We’re continuing to build off those foundations with tools and skills to improve how our agency works and the outcomes we deliver.”
Today, she’s working on two pivotal projects that continue to see her blend her love of security and innovation.
First, she is working with ASEAN partners to develop a secure information platform that will enable collaboration across any stage of the information sharing journey.
Second, she is developing the use of privacy preserving technology to boost data sharing practices.
“We have many privacy issues in sharing data - particularly between the big four banks," Fry explains.
"They can share the data with us, but they can’t share it amongst themselves. The legislation prohibits that - so we’re looking at whether privacy preserving technology will enable us to change the way we identify risk, and share that identification of risk.
"It’s very challenging – not easy at all, but it’s great to have the license to work on those sorts of projects.”
And let’s face it: The hard-working Fry can’t stand still for even a nanosecond – as security threats – and the risk agenda – continue to escalate in the age of digital.
“We’ve seen a big increase in cyber activity, and as a result, our responses need to be precise and fast. Hardening our own systems remains a priority. In this digital age, I don’t believe technology belongs to the IT team – executives and others must become cyber and digitally savvy. Using AI and intelligent agents to help our work is an area of great opportunity.”
Another area of opportunity is the digital transformation push of the agency.
“AUSTRAC has a great culture of collaboration and innovation," she says.
"The agency is open to changing the game when it will mean we can do our job more effectively. I work with talented passionate people who care that we deliver.
“My vision for the role is to provide the strategic guidance the agency needs – looking over the horizon and translating what’s coming into capability plans for the agency.
"Our next challenge is to complete the transformation of our regulatory systems – the systems that interface into our reporting population. It’s a big program.”
Other things on her radar – mitigating risk posed by emerging technologies.
“Things I am watching are protection of data and the impact of the GDPR framework globally, impact of cloud on our organisation, mobile devices and where they are extending, and AI and machine learning," Fry says.
"Our priority is making sure our people are informed and skilled to identify risks.”
Seasoned change maker
While “the interlinked aspect of risk and reward” plays a pivotal role in her life, other common themes to emerge include her love of learning and change, and desire to push boundaries.
“At Lendlease our then chairman once said: ‘We can’t have too many people who dare to be different – if you aren’t such a person, become one',” she says, explaining she took that advice personally and it became part of her operating rhythm to push boundaries.
“The other aspect that’s important to me is I like change, but I like learning and that’s usually what precipitates a move for me. That I like to keep learning: new environment, new product, new service, new space,” she says.
“I like to look over the horizon and I like strategy - I’m very keen on where we need to go, and not just on what we’re doing today, but what’s coming next and how that’s going to impact us, and how we moot out the positive aspect of that and grab it with both hands.”