Kelly Henney

Kelly Henney is the Australian Leader of the Technology segment’s Information Governance, Privacy & Security practice. Kelly specialises in artificial intelligence governance, privacy, cyber risk, digital identity, cloud security, defence and resilience, and digital transformation, advising organisations on managing regulatory complexity while enabling innovation and sustainable growth.

Kelly works with boards and executive leadership teams to design and implement integrated governance frameworks across AI, privacy, data protection, digital risk and cybersecurity, including alignment to ISO/IEC42001, ISO 27001, PCI DSS and NIST. She brings extensive experience advising on regulatory investigations, enforcement response, data breaches and enterprise-wide transformation programs, helping organisations align legal compliance with operational and technical implementation.

Amid Australia’s evolving privacy and AI regulatory landscape, Kelly helps clients strengthen governance, regulatory readiness and digital trust. She advises clients across financial services, banking and capital markets, asset and wealth management, government and regulatory bodies, mining, technology, and retail sectors.

Kelly is a regular speaker on AI governance, privacy and digital risk and advises boards on emerging technology risk and responsible innovation. She is a board member of the International Association of Privacy Professionals (‘IAPP’), serves on the advisory board and editorial board of the LexisNexis Privacy Law Bulletin and is recognised as a LinkedIn Top Voice for AI, privacy and data.

Prior to joining FTI Technology, Kelly served as the Australian Privacy and Data Protection Leader and Trusted AI Leader at a Big Four consulting firm. She also practised as a corporate lawyer and held roles in banking and finance, bringing a strong commercial and legal perspective to her advisory work.

Relevant Experience:

• Advises major financial institutions and asset managers on integrated AI governance and privacy compliance frameworks aligned to Australia’s Privacy Act Amendment Act 2024
• Led enterprise-wide privacy and digital transformation programs for ASX-listed organisations across banking, mining and retail sectors
• Developed a proprietary Data Protection Navigator — an innovative digital privacy assessment tool used by clients to evaluate and strengthen their data protection posture
• Guided organisations through regulatory investigations, enforcement actions and data breach responses under Australian privacy and cybersecurity legislation
• Established a market-leading integrated Privacy-AI governance practice, advising boards and C-suite executives on responsible AI adoption and emerging technology risk

Awards & Recognition:

• Australia Day Medal (2012)