What We Do
Who We Serve
Platform
Insights
About
Contact UsLogin

Gallantree Platform

Security engineered for institutional trust.

The Gallantree Platform is built for the security expectations of trustees, rating agencies, and institutional investors. Controls are enforced in the platform itself, not bolted on, and are continuously monitored through our internal compliance system.

Request a DemoPlatform Overview
Paste ID here (user, loan, etc)
BH
Dashboard
Organisations
Loans
Treasury
Credit
Capital Programs
Administration
Application InformationRefresh
ISO 27001 A.12 — Operations Security
Base RatesAccess ManagementApplication Information
OVERALL HEALTH
DEGRADED
All monitored sections
DATABASE
CONNECTED
ac-8dp7zzq-shard-00
MEMORY
89%
INTEGRATIONS
11/12
Third-party APIs

Security Considerations

Controls enforced in the platform, not around it

Every layer of the Gallantree Platform is designed with security and auditability in mind. These controls are not optional add-ons, they are foundational to how the system operates.

Geolocation Fencing

Access is geographically restricted to approved jurisdictions. Session requests originating outside permitted regions are blocked at the edge, with full logging for review.

Role-Based Permissions

Granular permission model covering every workflow, record, and report. Access is provisioned by role and reviewed continuously, aligned to segregation of duties requirements.

SSO & Multi-Factor Authentication

Enterprise single sign-on with enforced multi-factor authentication. Session lifetimes, device binding, and re-authentication policies are configurable per user group.

Encryption at Rest & in Transit

All data is encrypted at rest using managed keys and protected in transit with modern TLS. Key rotation, custody, and recovery follow documented operational procedures.

Comprehensive Audit Trail

Every access event, data change, approval, and export is captured in an immutable audit log. Trails are preserved for the full retention period and made available to auditors and trustees.

Segregation of Duties

Critical workflows enforce separation between originators, approvers, and executors. Attempts to bypass controls are blocked and surfaced in real time to compliance reviewers.

Session & Device Controls

Idle timeouts, concurrent session limits, and trusted-device enforcement ensure that credentials alone cannot grant persistent access to sensitive records.

Independent Penetration Testing

Scheduled external penetration testing against the platform. Findings are remediated and tracked through our internal compliance register with board-level visibility.

Aligned to ISO 27001

Information security management, by the book.

Gallantree operates an Information Security Management System aligned to ISO 27001. Our policies, access controls, operational procedures, and supplier management practices map directly to Annex A controls and are evidenced inside our internal compliance platform.

A.5

Information Security Policies

A.8

Asset Management

A.9

Access Control

A.12

Operations Security

A.14

System Acquisition & Development

A.16

Incident Management

A.17

Business Continuity

A.18

Compliance

Internal Compliance Platform

We run our own compliance platform, end to end.

Every control, policy, and attestation described on this page is managed inside a purpose-built compliance platform that we operate for ourselves. It is the same discipline we apply to our credit programs, turned inward.

BH
Hi, Brett Hales
What would you like to do today?
Compliance
Training modules and attestations
Employment
People, leave, payroll and super
Policies
Policy register and review cycles
Registers
Incidents, breaches, risks, decisions
Asset Management
Device registry and lifecycle
Research
Market and counterparty research
Committees
Agendas, minutes, resolutions
Internal Audit
Audit planning, findings, evidence
Vendor Management
Contracts, reviews, compliance
Approved Documents
Company-approved library
1:1 Check-Ins
Leader and team cadence
Business Development
Micro CRM for key contacts

Security that stands up to institutional scrutiny

Request a walkthrough of our security architecture and compliance platform.

Get in TouchPlatform Overview

Let's get started

Move forward
with Gallantree

Clear next steps for institutions ready to originate, structure and invest in Australian credit with confidence.

Book a demo

See the Gallantree platform in action.

Talk to an expert

Discuss your credit programs and approach.

Explore insights

Read our research and market commentary.

Stay informed

Receive updates direct to your inbox.

Building Australia's structured credit infrastructure.

About

Our StoryTeamCareers

What We Do

Fixed IncomeCreditCredit UnderwritingProducts

Who We Serve

Institutional InvestorsLenders

Insights

ResearchMarket Commentary

Connect

Contact UsPlatformDevelopers

Gallantree Fiduciary Services Pty Ltd holds Australian Financial Services Licence No. 568476 issued by ASIC. Gallantree Capital Pty Ltd is a Corporate Authorised Representative (CAR) of Gallantree Fiduciary Services Pty Ltd. Gallantree is not an Authorised Deposit-taking Institution (ADI) and is not regulated by APRA. Its obligations do not represent deposits or other liabilities of any ADI and are not guaranteed by the Commonwealth of Australia or any other person. The information on this website is provided to wholesale clients only within the meaning of section 761G of the Corporations Act 2001 (Cth) and is not intended for retail investors. Any information provided is general advice only and does not take into account your objectives, financial situation, or needs. Investments are subject to risk, including possible loss of principal.

DisclaimerPrivacy PolicyTerms of UseAFSL DisclosureCompliance

Stay Connected:

|

© 2026 Gallantree Group Pty Ltd. All rights reserved.