Westpac appointed Richard Heeley as chief information officer on June 24, 2026, with the Macquarie Group banking technology executive due to start later this year and replace retiring CIO Scott Collary at the Australian bank. The move is not just another senior reshuffle in financial services; it is a signal that Westpac’s next technology fight will be won or lost in the unglamorous layers of infrastructure, resilience, cyber security, and engineering discipline. For customers, that means fewer excuses for app outages and clunky digital services. For IT leaders, it is another reminder that banking technology has become the front line of competition rather than a support function in the basement.
Westpac’s choice of Heeley is telling because it comes from Macquarie’s banking and financial services arm, one of the more aggressively digital players in Australian finance. Macquarie has spent years presenting its retail banking operation less like a branch network with an app attached and more like a technology platform that happens to sell deposits, mortgages, and payments.
That distinction matters. Big-bank CIO appointments used to be about keeping the lights on, negotiating vendor contracts, and making sure the mainframe did not embarrass the board during earnings season. Those jobs still matter, but they are no longer enough. A modern bank CIO has to manage cloud migration, cyber risk, data architecture, developer productivity, regulatory scrutiny, customer-facing reliability, and the political problem of simplifying decades of inherited systems without breaking the business.
Heeley’s résumé fits that brief. He is currently CIO for banking and financial services at Macquarie Group and has previously worked at Nationwide Building Society, Barclays, and JP Morgan Chase. That is a career built inside institutions where technology is constrained by regulation, legacy platforms, fraud pressure, and customers who have no patience for downtime.
Westpac CEO Anthony Miller framed the appointment around acceleration. Heeley will oversee infrastructure, cyber security, and engineering, while working alongside Westpac’s data, digital, AI, and UNITE leadership. That organizational map is the story: Westpac is separating but also binding together the hard machinery of the bank and the more visible digital experience customers touch every day.
The handover therefore looks less like a rescue mission and more like the next stage of a long rebuild. Westpac’s own language points to “recent progress” in modernizing core systems, lifting resilience, and strengthening cyber and technology capabilities. That is executive-speak, but it also reveals the operating reality: the bank believes it has laid foundations, and now wants a CIO who can turn those foundations into faster delivery.
This is the tricky phase of any major transformation. The early work often involves consolidation, governance, and stabilization. The next phase is where the business asks for visible outcomes: better app experiences, faster product releases, more personalized services, lower operating risk, and a cleaner technology base that does not require heroic effort to change.
That is where banks often stumble. Simplification is easy to endorse and hard to execute because every legacy system has a constituency. Every old workflow exists for a reason, even if the reason expired years ago. Every application retirement looks obvious until someone discovers it still feeds a regulatory report, a credit decision, or a reconciliation process.
At Macquarie, Heeley was associated with a digital-first banking environment where user experience, cloud-based systems, data consolidation, and fraud detection were central to the operating model. Macquarie has publicly described its banking and financial services business as, at its core, a technology business. That phrase can sound like marketing, but in banking it has a practical meaning: the product is increasingly inseparable from the platform.
Westpac is a different beast. It is one of Australia’s largest banks, with a broad customer base, deep legacy complexity, and a brand that carries both trust and expectation. A technology leader arriving from Macquarie brings useful experience, but the job at Westpac is not to copy and paste another bank’s architecture. It is to impose enough engineering clarity on a larger institution that modernization becomes repeatable rather than episodic.
That may be why Miller emphasized platforms “at scale.” Scale is where banking technology rhetoric meets reality. It is one thing to build a sleek digital bank experience; it is another to do it while supporting millions of customers, multiple brands, regulatory obligations, cyber threats, fraud detection, payments rails, call-center dependencies, and the deeply interlocked systems that accumulate inside a century-old financial institution.
Banks have always cared about security, but the modern threat environment has turned resilience into a customer promise. Account takeover, scams, phishing, credential theft, ransomware, supply-chain attacks, API abuse, and data leakage are not back-office concerns. They shape whether customers believe a bank is competent.
For a CIO, that creates a difficult tension. Customers want faster features, easier onboarding, fewer friction points, and smarter digital services. Security teams want controls, monitoring, segmentation, identity discipline, software hygiene, and stricter third-party oversight. The best banking platforms make those goals reinforce each other; the worst make them enemies.
Heeley’s challenge will be to help Westpac avoid treating cyber security as a brake on digital transformation. In a bank, security has to be designed into the platform rather than bolted onto the release process. The institutions that get this right can ship faster because they trust their controls. The institutions that get it wrong either move slowly or move recklessly.
That is not simply a matter of hiring developers. It means platform engineering, automated testing, secure software supply chains, better observability, disciplined incident management, API governance, cloud cost controls, and fewer manual handoffs between teams. It also means reducing the number of systems that require specialized knowledge held by a shrinking group of veterans.
For WindowsForum readers, this is where the bank’s story intersects with the daily life of enterprise IT. Most large organizations are not short of transformation decks; they are short of clean execution paths. They run mixed estates, inherited identity systems, legacy integrations, vendor dependencies, and operational processes that are difficult to automate because nobody fully owns the end-to-end flow.
Banking magnifies those problems. A failed release can lock customers out of accounts. A misconfigured permission can become a reportable incident. A poorly understood dependency can create an outage at the worst possible moment. The CIO’s job is to make the technology estate less surprising.
AI in banking depends on boring foundations. Clean data lineage, strong access controls, reliable platforms, robust identity, auditable models, secure APIs, and resilient infrastructure all matter more than the demo. If the underlying estate is fragmented, AI becomes another layer of complexity pasted over unreliable machinery.
This is where the CIO and the data-and-AI leadership need to operate as partners. The AI team can define customer and employee use cases, model governance, data strategy, and responsible deployment. The CIO must make sure the platforms underneath are secure, scalable, observable, and cost-effective.
The risk is that banks chase AI optics while underinvesting in the platform work that makes AI safe and useful. The opportunity is that AI can become a forcing function for modernization. If Westpac wants better personalization, fraud detection, customer support, and internal productivity, it will need the architecture to support those ambitions without creating new operational and regulatory headaches.
A bank can have a strong CIO, a strong digital chief, a strong data leader, and a strong transformation office, yet still move slowly if responsibilities blur. Who owns the platform? Who owns the customer journey? Who decides when a legacy system is retired? Who pays for shared capabilities? Who arbitrates between speed, cost, resilience, and regulatory risk?
These are not org-chart niceties. They determine whether modernization becomes a coherent operating model or a collection of competing programs. Westpac appears to be trying to define a model in which Heeley owns core technology execution while other executives drive business transformation, data, digital experience, and AI. That can work, but only if the boundaries are clear and the incentives line up.
The strongest signal from the appointment is that Westpac wants a CIO who can operate in that cross-functional environment. Heeley will not be judged only by uptime statistics or infrastructure cost. He will be judged by whether technology becomes a more effective delivery engine for the bank’s broader strategy.
Miller’s statement that Heeley will help deliver a “first-class digital banking experience” is the customer-facing promise. But first-class digital banking is not just about interface polish. It is the visible result of hundreds of technical decisions customers never see.
A fast app depends on clean APIs, responsive back-end services, and good monitoring. A smooth mortgage or account-opening journey depends on integrated systems, reliable document handling, identity verification, and sensible workflow design. A strong fraud response depends on data quality, real-time analytics, and operational teams that can act quickly.
This is why modern banking technology is so difficult. The customer experience is the sum of the bank’s architecture. If the architecture is brittle, the app eventually tells on it.
That creates a strategic problem for incumbents. Their advantages are trust, balance sheet strength, regulatory experience, customer relationships, and scale. Their disadvantages are legacy complexity, slow delivery, and the high cost of change. The CIO’s job is to preserve the advantages while shrinking the disadvantages.
Macquarie has been a notable reference point because it has positioned its retail banking experience around digital capability. Westpac recruiting from that environment suggests it wants more of that execution style inside its own walls. But the larger prize is not to look like Macquarie; it is to make Westpac’s size less of a drag on innovation.
That is a hard cultural shift. Large banks are designed to avoid catastrophic mistakes, and for good reason. But the same controls that protect customers can also calcify delivery. The best technology organizations in regulated industries learn how to move faster because their controls are better, not because they ignore them.
If systems fail, the damage is immediate and public. If cyber controls fail, the damage can be existential. If modernization fails, the bank becomes more expensive to run and slower to compete. If digital delivery fails, customers quietly move their daily banking habits elsewhere.
That is why Heeley’s appointment is more than a personnel note. Westpac is placing a senior technology leader into a role where execution will be visible in both customer experience and operational risk. The bank’s language about resilience and simplification reflects an industry-wide recognition: technology debt is not just an IT problem; it is a business constraint.
The hardest part is that success may be quiet. Good infrastructure does not trend on social media. Good cyber hygiene is often invisible. Good engineering culture is measured in fewer incidents, faster recovery, cleaner releases, and reduced friction. The CIO gets noticed when things break, but the board needs to value the work that prevents the breakage.
Westpac Hires a Builder, Not a Caretaker
Westpac’s choice of Heeley is telling because it comes from Macquarie’s banking and financial services arm, one of the more aggressively digital players in Australian finance. Macquarie has spent years presenting its retail banking operation less like a branch network with an app attached and more like a technology platform that happens to sell deposits, mortgages, and payments.That distinction matters. Big-bank CIO appointments used to be about keeping the lights on, negotiating vendor contracts, and making sure the mainframe did not embarrass the board during earnings season. Those jobs still matter, but they are no longer enough. A modern bank CIO has to manage cloud migration, cyber risk, data architecture, developer productivity, regulatory scrutiny, customer-facing reliability, and the political problem of simplifying decades of inherited systems without breaking the business.
Heeley’s résumé fits that brief. He is currently CIO for banking and financial services at Macquarie Group and has previously worked at Nationwide Building Society, Barclays, and JP Morgan Chase. That is a career built inside institutions where technology is constrained by regulation, legacy platforms, fraud pressure, and customers who have no patience for downtime.
Westpac CEO Anthony Miller framed the appointment around acceleration. Heeley will oversee infrastructure, cyber security, and engineering, while working alongside Westpac’s data, digital, AI, and UNITE leadership. That organizational map is the story: Westpac is separating but also binding together the hard machinery of the bank and the more visible digital experience customers touch every day.
The New CIO Inherits a Bank Mid-Transformation
Heeley is not arriving at a blank slate. Scott Collary, who is retiring later this year, has been credited by Westpac with improving stability, resilience, and protection across the bank’s technology estate. Collary joined Westpac in 2020 and later became CIO, steering the function through a period when banks were under mounting pressure to harden cyber defenses and modernize digital services without disrupting critical operations.The handover therefore looks less like a rescue mission and more like the next stage of a long rebuild. Westpac’s own language points to “recent progress” in modernizing core systems, lifting resilience, and strengthening cyber and technology capabilities. That is executive-speak, but it also reveals the operating reality: the bank believes it has laid foundations, and now wants a CIO who can turn those foundations into faster delivery.
This is the tricky phase of any major transformation. The early work often involves consolidation, governance, and stabilization. The next phase is where the business asks for visible outcomes: better app experiences, faster product releases, more personalized services, lower operating risk, and a cleaner technology base that does not require heroic effort to change.
That is where banks often stumble. Simplification is easy to endorse and hard to execute because every legacy system has a constituency. Every old workflow exists for a reason, even if the reason expired years ago. Every application retirement looks obvious until someone discovers it still feeds a regulatory report, a credit decision, or a reconciliation process.
Macquarie’s Digital DNA Is the Subtext
Macquarie is not Westpac’s twin. It is smaller in retail banking scale, operates with a different culture, and has been able to shape parts of its digital banking stack in a more modern way than older universal banks. That makes Heeley’s move interesting but not automatically transferable.At Macquarie, Heeley was associated with a digital-first banking environment where user experience, cloud-based systems, data consolidation, and fraud detection were central to the operating model. Macquarie has publicly described its banking and financial services business as, at its core, a technology business. That phrase can sound like marketing, but in banking it has a practical meaning: the product is increasingly inseparable from the platform.
Westpac is a different beast. It is one of Australia’s largest banks, with a broad customer base, deep legacy complexity, and a brand that carries both trust and expectation. A technology leader arriving from Macquarie brings useful experience, but the job at Westpac is not to copy and paste another bank’s architecture. It is to impose enough engineering clarity on a larger institution that modernization becomes repeatable rather than episodic.
That may be why Miller emphasized platforms “at scale.” Scale is where banking technology rhetoric meets reality. It is one thing to build a sleek digital bank experience; it is another to do it while supporting millions of customers, multiple brands, regulatory obligations, cyber threats, fraud detection, payments rails, call-center dependencies, and the deeply interlocked systems that accumulate inside a century-old financial institution.
Cyber Security Is Now Part of the Product
The most important phrase in Westpac’s announcement may not be “digital banking experience.” It may be “cyber security.” The fact that cyber sits directly inside the description of Heeley’s remit shows how far the CIO role has moved from classic enterprise IT.Banks have always cared about security, but the modern threat environment has turned resilience into a customer promise. Account takeover, scams, phishing, credential theft, ransomware, supply-chain attacks, API abuse, and data leakage are not back-office concerns. They shape whether customers believe a bank is competent.
For a CIO, that creates a difficult tension. Customers want faster features, easier onboarding, fewer friction points, and smarter digital services. Security teams want controls, monitoring, segmentation, identity discipline, software hygiene, and stricter third-party oversight. The best banking platforms make those goals reinforce each other; the worst make them enemies.
Heeley’s challenge will be to help Westpac avoid treating cyber security as a brake on digital transformation. In a bank, security has to be designed into the platform rather than bolted onto the release process. The institutions that get this right can ship faster because they trust their controls. The institutions that get it wrong either move slowly or move recklessly.
Engineering Culture Is the Quiet Battleground
The inclusion of engineering in Heeley’s responsibilities is also significant. Banks have spent years saying they want to behave more like software companies, but the phrase only means something if engineering teams are given the tools, standards, and authority to improve how software is built and operated.That is not simply a matter of hiring developers. It means platform engineering, automated testing, secure software supply chains, better observability, disciplined incident management, API governance, cloud cost controls, and fewer manual handoffs between teams. It also means reducing the number of systems that require specialized knowledge held by a shrinking group of veterans.
For WindowsForum readers, this is where the bank’s story intersects with the daily life of enterprise IT. Most large organizations are not short of transformation decks; they are short of clean execution paths. They run mixed estates, inherited identity systems, legacy integrations, vendor dependencies, and operational processes that are difficult to automate because nobody fully owns the end-to-end flow.
Banking magnifies those problems. A failed release can lock customers out of accounts. A misconfigured permission can become a reportable incident. A poorly understood dependency can create an outage at the worst possible moment. The CIO’s job is to make the technology estate less surprising.
AI Raises the Stakes for the Plumbing
Westpac has already created a senior data, digital, and AI leadership function, with Andrew McMullan appointed in 2025 to lead those areas. Heeley will work alongside that function rather than absorb it. That split is sensible, but it also creates a management test.AI in banking depends on boring foundations. Clean data lineage, strong access controls, reliable platforms, robust identity, auditable models, secure APIs, and resilient infrastructure all matter more than the demo. If the underlying estate is fragmented, AI becomes another layer of complexity pasted over unreliable machinery.
This is where the CIO and the data-and-AI leadership need to operate as partners. The AI team can define customer and employee use cases, model governance, data strategy, and responsible deployment. The CIO must make sure the platforms underneath are secure, scalable, observable, and cost-effective.
The risk is that banks chase AI optics while underinvesting in the platform work that makes AI safe and useful. The opportunity is that AI can become a forcing function for modernization. If Westpac wants better personalization, fraud detection, customer support, and internal productivity, it will need the architecture to support those ambitions without creating new operational and regulatory headaches.
UNITE Becomes the Test of Executive Alignment
Westpac’s announcement references Heeley working closely with the UNITE, data, digital, and AI teams, including executives Peter Herbert and Andrew McMullan. That wording matters because transformation programs often fail less from technology weakness than from executive misalignment.A bank can have a strong CIO, a strong digital chief, a strong data leader, and a strong transformation office, yet still move slowly if responsibilities blur. Who owns the platform? Who owns the customer journey? Who decides when a legacy system is retired? Who pays for shared capabilities? Who arbitrates between speed, cost, resilience, and regulatory risk?
These are not org-chart niceties. They determine whether modernization becomes a coherent operating model or a collection of competing programs. Westpac appears to be trying to define a model in which Heeley owns core technology execution while other executives drive business transformation, data, digital experience, and AI. That can work, but only if the boundaries are clear and the incentives line up.
The strongest signal from the appointment is that Westpac wants a CIO who can operate in that cross-functional environment. Heeley will not be judged only by uptime statistics or infrastructure cost. He will be judged by whether technology becomes a more effective delivery engine for the bank’s broader strategy.
The Customer Experience Is Still the Final Exam
Customers do not care who owns infrastructure, cyber security, engineering, data, or AI. They care whether the app works, payments arrive, fraud alerts are timely, identity checks are not maddening, and digital services do not collapse during peak usage. That is the blunt reality behind every bank technology appointment.Miller’s statement that Heeley will help deliver a “first-class digital banking experience” is the customer-facing promise. But first-class digital banking is not just about interface polish. It is the visible result of hundreds of technical decisions customers never see.
A fast app depends on clean APIs, responsive back-end services, and good monitoring. A smooth mortgage or account-opening journey depends on integrated systems, reliable document handling, identity verification, and sensible workflow design. A strong fraud response depends on data quality, real-time analytics, and operational teams that can act quickly.
This is why modern banking technology is so difficult. The customer experience is the sum of the bank’s architecture. If the architecture is brittle, the app eventually tells on it.
The Australian Banking Race Is a Technology Race
Westpac’s move should also be read in the context of Australian banking competition. The major banks are under pressure from each other, from digital-first challengers, from fintechs, and from customer expectations shaped by non-bank technology platforms. Customers now compare banking apps not just with other banks, but with the best digital services they use anywhere.That creates a strategic problem for incumbents. Their advantages are trust, balance sheet strength, regulatory experience, customer relationships, and scale. Their disadvantages are legacy complexity, slow delivery, and the high cost of change. The CIO’s job is to preserve the advantages while shrinking the disadvantages.
Macquarie has been a notable reference point because it has positioned its retail banking experience around digital capability. Westpac recruiting from that environment suggests it wants more of that execution style inside its own walls. But the larger prize is not to look like Macquarie; it is to make Westpac’s size less of a drag on innovation.
That is a hard cultural shift. Large banks are designed to avoid catastrophic mistakes, and for good reason. But the same controls that protect customers can also calcify delivery. The best technology organizations in regulated industries learn how to move faster because their controls are better, not because they ignore them.
The CIO Role Has Become a Board-Level Risk Office
There was a time when a bank CIO could be treated as an operational executive. That era is gone. The CIO now sits at the intersection of customer trust, regulatory risk, cyber exposure, strategic differentiation, and cost management.If systems fail, the damage is immediate and public. If cyber controls fail, the damage can be existential. If modernization fails, the bank becomes more expensive to run and slower to compete. If digital delivery fails, customers quietly move their daily banking habits elsewhere.
That is why Heeley’s appointment is more than a personnel note. Westpac is placing a senior technology leader into a role where execution will be visible in both customer experience and operational risk. The bank’s language about resilience and simplification reflects an industry-wide recognition: technology debt is not just an IT problem; it is a business constraint.
The hardest part is that success may be quiet. Good infrastructure does not trend on social media. Good cyber hygiene is often invisible. Good engineering culture is measured in fewer incidents, faster recovery, cleaner releases, and reduced friction. The CIO gets noticed when things break, but the board needs to value the work that prevents the breakage.
What Westpac’s Heeley Bet Really Signals
Westpac’s CIO appointment is a useful marker for where banking technology is heading: away from standalone digital showcases and toward deeper platform reform. The bank is not merely hiring someone to supervise systems. It is hiring someone to make systems less of a strategic bottleneck.- Richard Heeley is set to join Westpac later in 2026 after serving as CIO for banking and financial services at Macquarie Group.
- Heeley will replace Scott Collary, who is retiring after helping stabilize and strengthen Westpac’s technology function.
- Westpac is putting infrastructure, cyber security, and engineering at the center of the CIO mandate rather than treating them as back-office utilities.
- The appointment is designed to support Westpac’s broader modernization agenda, including core systems, resilience, digital banking, data, and AI.
- The real measure of success will be whether Westpac can simplify its technology estate while improving customer experience and reducing operational risk.
References
- Primary source: Finextra Research
Published: 2026-06-29T10:24:30.406390
Loading…
www.finextra.com - Related coverage: mpamag.com
Loading…
www.mpamag.com - Related coverage: simplywall.st
Loading…
simplywall.st - Related coverage: westpac.com.au
Loading…
www.westpac.com.au - Related coverage: fintechfutures.com
Loading…
www.fintechfutures.com - Related coverage: stocktitan.net
Loading…
www.stocktitan.net