Compliance Policy
Intent
This Policy establishes that аÄÃÅÁùºÏ²Ê¹ÙÍø will meet all its obligations under applicable laws, regulations, relevant codes of practice and other corporate compliance documents adopted by the Council or University Executive. This Policy is underpinned by and to be read in conjunction with the аÄÃÅÁùºÏ²Ê¹ÙÍø Compliance Framework, Staff and Council Codes of Conduct and their subsequent procedures.
Scope
This policy applies to all members of Council, Staff, Students, and Affiliates of аÄÃÅÁùºÏ²Ê¹ÙÍø (аÄÃÅÁùºÏ²Ê¹ÙÍø or the University) while engaged in activities undertaken as part of their study, research and, work, with аÄÃÅÁùºÏ²Ê¹ÙÍø. The policy extends to wherever that activity takes place. Every director, manager, officer, contractor and agent of аÄÃÅÁùºÏ²Ê¹ÙÍø has a responsibility to uphold the University’s values and to actively participate in improving standards of compliance.
Definitions
Except as otherwise specified in this Policy, the meaning of terms in this Policy are as per the Policy Glossary.
Affiliate | Is a person (other than a Staff member or Student, including HDR candidates) who is affiliated with аÄÃÅÁùºÏ²Ê¹ÙÍø by letter of appointment or invitation to work, research or study at the University for a particular activity and typically for a prescribed timeframe and who is bound to comply with the University’s policies during that period (for example, volunteers, visiting scholars and adjunct appointees). |
Code | A statement of recommended practice developed internally by the University or externally by another body (may be mandatory or voluntary). |
Compliance | Adhering to the requirements of laws, industry and organisational standards and codes, principles of good governance and accepted community and ethical standards. |
Compliance failure | An act or an omission whereby the University does not meet its compliance obligations, processes or behavioural obligations. |
Legal risk | The potential for financial loss or reputational damage if the University fails to be aware of and implement legislative or regulatory requirements that could impact operations, results in a breach of compliance, or through action or inaction gives rise to potential litigation against the organisation, its staff or students. |
Obligation | A requirement specified by laws, regulations, codes or organisational standards. |
Obligation Owner | Staff appointed as being responsible for compliance with particular legislation. |
Policy
1. Commitment
1.1 The University is committed to ensuring that it complies with all applicable laws and regulations, and that it strives to meet the requirements of those standards and codes of practice that apply to its day-to-day activities and responsibilities. The establishment of the аÄÃÅÁùºÏ²Ê¹ÙÍø Compliance Framework is underpinned by integrity and high ethical standards and provides a comprehensive, integrated and effective compliance program that is consistent with AS ISO 19600:2015 Compliance management systems (based on AS3806:2006 Compliance Programs) and generally accepted compliance management practice.
2. Objectives
2.1 The University’s Compliance Framework:
- demonstrates a commitment to the highest standards of ethics and compliance with all applicable laws, regulations, rules and policies and promote a culture of compliance;
- promotes a culture of frank and open disclosure of compliance breaches without fear of victimisation or unfair treatment;
- documents and continuously reviews and updates business processes to ensure they comply with applicable laws and regulations;
- provides employees with training and assistance to become effectively involved in compliance activities to meet their obligations;
- maintains monitoring and reporting systems to identify instances of non-compliance or system failure and to protect the University, its staff and students from deliberate or inadvertent breaches and consequent penalty;
- takes prompt action where necessary to address instances of non-compliance or other circumstances that present an unacceptable exposure to legal risk; and,
- assesses compliance against predetermined objectives and assessment criteria.
3. Compliance Framework
3.1 аÄÃÅÁùºÏ²Ê¹ÙÍø’s compliance framework is a set of components that provides the foundations and organisational arrangements for designing, implementing, monitoring, reviewing and continually improving legislative compliance management throughout the organisation.
3.2 The Compliance Framework has three pillars:
- inform (ensuring staff are aware of their obligations and the legislative changes that may impact their business units/activities);
- comply (an annual Compliance Declaration by obligation owners as identified in the Compliance Register); and
- assure (internal and external audit and review activity).
The Framework outlines a formal approach to continuous improvement. The ongoing performance of the Framework will be monitored and reviewed. The monitor and review mechanisms are:
- this Policy;
- supporting procedures and forms and registers that complement the Risk Management Framework and Plan and the Code of Conduct (such as fraud prevention, managing conflicts of interest, and breach reporting); and
- the University’s Compliance Register (a Responsible Officer will be appointed for each obligation and will be accountable for compliance with designated obligations).
3.3 The framework will enable:
- a robust, structured and risk based approach to compliance that is appropriate to аÄÃÅÁùºÏ²Ê¹ÙÍø’s activities and operating environment; and
- an approach consistent with the principles of ISO 19600:2015 Compliance management systems.
4. Responsibilities
4.1 Council. Council is ultimately responsible for approving the Compliance Policy.
4.2 Audit, Risk and Committee. The Audit, Risk and Compliance Committee is responsible for:
- monitoring and reviewing the University’s Compliance Framework in accordance with the Committee’s Charter, and
- reviewing and making recommendations to Council regarding the Compliance Policy.
4.3 Vice Chancellor. The Vice Chancellor is responsible for leading a compliance culture across the University through promoting and supporting the Compliance Policy and Framework.
4.4 University Executive. The University Executive are responsible for ensuring that appropriate resources, systems and processes are in place to implement the Compliance Framework across the organisation, compliance with legislative and regulatory requirements within their specific areas of operational responsibility, and ensuring that any potential or actual legislative non-compliances are identified and appropriately managed.
4.5 Chief of Staff. The Chief of Staff has overall responsibility for the control and coordination of the Compliance Framework and for coordinating the implementation of the compliance process across the University, supported by the Risk and Compliance Officer.
4.6 Obligation Owners. Obligation Owners will work closely with the Risk and Compliance Officer with the Chief of Staff office and will have responsibility for: providing guidance and support to all employees; monitoring legislation, regulations and codes for any changes or new statutory requirements; reporting non-compliance issues, whether systemic, recurring or one-off; and ensuring that legislative requirements are met within their Divisions.
4.7 Managers and Staff. Managers must demonstrate their commitment to compliance by making themselves fully aware of the University’s legal and other obligations within their area of accountability or span of control. All staff are responsible for adherence to the compliance obligations relevant to their position; performing their duties in a lawful and safe manner; undertaking training in accordance with the compliance program; and reporting and escalating compliance concerns, issues, complaints and failures.
Related policy instruments
Annual Compliance Declaration Procedure
Annual TEQSA Compliance Health Check Procedure
Complaints about the Vice Chancellor Procedure
Fraud and Corruption Procedure
Legislative Alerts and Non-Compliance Reporting Procedure
Public Interest Disclosure Procedure
Risk Management Framework and Plan
Related documents and legislation
Administration
NOTE: Printed copies of this policy are uncontrolled, and currency can only be assured at the time of printing.
Approval Details
Policy Domain | Corporate Governance |
Policy Sub-domain | Risk, Assurance, Regulatory and Compliance |
Policy Custodian | Vice Chancellor |
Approval Authority | Council |
Date for next Major Review | 1/12/2023 |
Revision History
Version | Approval date | Approved by | Implementation date | Details | Author |
21-1 | 02/12/2021 | Council | 17/12/2021 | Minor policy revision | Chief of Staff |
20-1 | 30/07/2020 | 01/08/2020 | Minor amendments after scheduled policy revision. Clarification of Scope and addition of definition of ‘Affiliate’ | Chief of Staff | |
18-1 | 06/12/2018 | 18/01/2019 | Scheduled policy review resulting in minor amendments to reflect changed title of Committee and clarify roles required to complete Compliance Declaration. | Chief of Staff | |
16-1 | 08/12/2016 | 16/02//2017 | Policy revision | Chief of Staff | |
15-1 | 10/04/2015 | 4/06/2015 | Policy Establishment | Chief of Staff |
Keywords | Compliance, standards of compliance, compliance framework, obligations |
Contact person | Chief of Staff |