Compliance Policy
| Document Number | 000838 |
|---|---|
| Date Approved | 30 November 2007 |
1. INTRODUCTION
The University of Newcastleis committed to delivering its strategic and operational objectives in accord with the law and principles of good governance, and with efficiency, fairness, impartiality, integrity, honesty and compassion[1]. To do this, it must comply with a diverse range of state and commonwealth legislation; statutory and regulatory requirements, and reporting obligations.This policy will assist the University to meet its legal obligations to students, staff and wider community. It conforms to the Australian Standard AS 3806 – 1998 Compliance Programs.
This Compliance Policy must be read in conjunction with the University’s Compliance Framework and the Compliance Register of Obligations, which lists the University of Newcastle’s primary compliance obligations. That register is maintained within the University’s Enterprise Risk Management System.
2. POLICY INTENT
This policy enables the University to manage its legal compliance risks and assists it to conduct its activities and business lawfully and responsibly.
3. SCOPE
This policy applies to all faculties and divisions, business units and subsidiaries of the University of Newcastle, and to all persons employed or engaged by the University.
4. DEFINITIONS
In the context of this policy:
compliance means the process of adhering to the law; to industry and organisational standards and codes; to principles of good governance and to accepted community and ethical standards;
compliance culture means the sum of values, ethics and beliefs that exist throughout an organisation and which interact with the organisation’s structures and control systems to produce behavioral norms that are conducive to compliance outcomes;
compliance failure means an act or a failure to act whereby an organisation fails to meet its compliance obligations, processes or behavioral obligations;
compliance program means a series of activities designed to achieve compliance;
Compliance Register of Obligations is the list of compliance requirements that have been identified by the University and maintained by the Risk Management Unit.
Council means the University of Newcastle Council - the governing body that has overall responsibility for the direction and control of the University;
Executive Committee (EC) means the senior management group comprising the Vice- Chancellor; Deputy Vice-Chancellors and Pro-Vice Chancellors which acts as an advisory body to the Vice-Chancellor;
staff member means a person, whether remunerated or not, who works on the University’s behalf; it includes part-time staff, full-time staff, sub-contractors, temporary staff, conjoint staff and volunteers.
(Source: Australian Standard Compliance Programs, AS 3806 - 2006)
5. POLICY PROVISIONS
5.1. Commitment
i. The University is committed to the maintenance and continuous improvement of a compliance framework and processes, and to the development of a compliance culture throughout the University.
ii. The University will allocate appropriate resources to the development, implementation and continuous improvement of its compliance program.
iii. Council is responsible for overseeing the University’s compliance with external legislation, statutory and regulatory requirements, reporting obligations, and University legislation and policies.
iv. The Vice-Chancellor is responsible for approving the University’s Compliance Policy and associated Compliance Procedure and Compliance Register of Obligations and for ensuring that these are aligned with the University’s strategic and operational objectives and with relevant state and federal legislation.
v. Compliance is a shared responsibility between the University, its designated Risk Management Unit and all staff.
vi. The Risk Management Unit will have overarching responsibility for coordinating the maintenance of, and promulgating the Compliance Register of Obligations; for providing support and training to staff where appropriate; and for monitoring and reporting on compliance.
vii. Managers will be accountable for the recognition and management of compliance risks in their area and for reporting compliance.
viii. All staff must be aware of compliance responsibilities that apply to their area of work or activities, and ensure that their actions on behalf of the University comply with relevant laws.
5.2. Implementation
i. Compliance responsibilities will be identified and promulgated through the Compliance Register of Obligations.
ii. Managers and staff will receive appropriate training to encourage behaviours that create and support compliance.
5.3. Monitoring and Measurement
i. Controls will be implemented to monitor compliance obligations against the requirements of the Compliance Register. The Risk Management Unit will be responsible for auditing the Compliance Register and monitoring compliance. It will report annually to Council, via the Audit and Risk Committee.
ii. Behaviours that create and support compliance will be encouraged. Behaviours that compromise compliance will be investigated.
5.4. Continuous Improvement
i. The Compliance Policy, Procedure and Register of Obligations will be reviewed on an ongoing basis by the Risk Management Unit to ensure continuous improvement.
6. ESSENTIAL SUPPORTING DOCUMENTS
Australian Standard Compliance Programs (AS 3806 )
Compliance Framework
Compliance Register of Obligations
7. RELATED DOCUMENTS
Code of Conduct 000059
Compliance Register of Obligations (located within the Enterprise Risk Management System)
Appendix A - AS 3806 Principles Diagram
Source: Implementing and Auditing Best Practice Compliance Programs, SAI Global Training Manual
[1] University of Newcastle Code of Conduct – Staff Policy 000059.
| Approval Authority | Council |
|---|---|
| Date Approved | 30 November 2007 |
| Date for Review | 30 November 2010 |
| Policy Contact Position | Risk and Compliance Manager |
