Managing compliance obligations

Identifying QUT's compliance obligations

As a large and complex statutory authority, QUT has a significant number of compliance obligations, at both the Commonwealth and State level. To ensure that the University can comply with all of its obligations, it is important to identify legislation and other legislative instruments which impose a compliance obligation. These obligations may arise because QUT is, for example, an employer, a provider of goods and services, a statutory body or a recipient of Commonwealth funding. Compliance obligations might include:

• reporting requirements (provision of statistics or information);
• requirements for accreditation, registration or licensing;
• complying with timeframes set down by the legislation for performing activities;
• a requirement to provide a specified service or range of services;
• restrictions or limitations on how these services can be offered;
• financial obligations.

Register of Compliance Obligations

A comprehensive list of the University's compliance obligations is kept in the Register of Compliance Obligations. The Register of Compliance Obligations is maintained by the Policy and Compliance Manager (3138 2902 or compliance@qut.edu.au).

Identification of the University's compliance obligations is an ongoing activity undertaken by designated responsible officers, senior management and the Policy and Compliance Manager.

Responsibilities for managing compliance

The Compliance Policy details responsibilities for compliance.

Officers designated as responsible officers are primarily responsible for the management of compliance with their relevant obligations. Senior and operational managers also have a responsibility to manage compliance obligations which affect their organisational area, including workplace health and safety and equity obligations.

Management of compliance

Reasonable management of compliance obligations would incorporate, as a minimum, the following activities:

• the identification, development and/or documentation of the relevant procedures and processes necessary to ensure compliance and to manage non-compliance;
• a systematic approach to continuous improvement of these procedures and processes on a regular basis;
• adequate recordkeeping of compliance issues and non-compliance incidents;
• adequate monitoring and reporting of non-compliance incidents.

Developing procedures and processes to ensure compliance

Responsible officers should ensure that there are in place procedures to ensure both compliance with obligations and the management of non-compliance incidents. Examples of such procedures may include:

• obtaining accreditation, registration or licensing from the relevant authority;
• reporting to a relevant authority on statistics, or activities relating to compliance;
• developing a policy or procedure at either the University or organisational area level;
• employing or training particular staff to undertake compliance-related duties;
• creating a particular committee or working group to oversee compliance-related activities;
• maintaining records on activities undertaken by staff or students in accordance with the legislation;
• offering regular training programs for staff or the University community on the obligation;
• developing a procedure for reporting of non-compliance incidents within the organisational area.

Compliance procedures should not be "add-on" activities which require additional resources, but should, wherever possible, integrate with the normal business activities of the relevant organisational unit. The most effective compliance procedures are those which utilise or enhance existing procedures.

Continuous improvement of procedures and processes

Responsible officers should ensure that procedures for managing compliance with obligations are regularly reviewed and improved as required. This provides assurance that the procedures in place remain relevant to, and adequate for, proper management of the obligation. Continuous improvement activities may include:

• a one-off or trial training program run by an organisational area;
• establishment of advisory service for particular activities or commencement of a new obligation;
• any audits undertaken on specific activities;
• any policies, procedures or processes developed and/or documented;
• establishment of any working parties or committees for specific issues;
• any projects undertaken relating to compliance activities;
• compliance process reviews and improvements.

Recordkeeping and reporting

Responsible officers are required to report on management of non-compliance incidents on an annual basis as part of the strategic planning and risk management processes. Responsible officers should keep adequate records of compliance activities, including non-compliance, to satisfy the University's reporting requirements and the statutory recordkeeping requirements of the State Government.

Further information and advice

Further information or advice on managing compliance obligations can be obtained from the Policy and Compliance Manager on 3138 2902 or compliance@qut.edu.au.