COVID-19 Advice for the JCU Community - Last updated: 7 December 2021, 8am (AEST)

Policy Annual Compliance Declaration Procedure

Annual Compliance Declaration Procedure


Print Friendly and PDFPrint Friendly

Intent

The Annual Compliance Declaration Procedure (ACD) outlines the process for managing the University’s compliance obligations to satisfy the “Comply” pillar as part of the JCU Compliance Framework. The ACD procedure provides assurance to the Vice Chancellor that James Cook University (JCU) is satisfying its legislative compliance obligations in line with the Risk Management Policy and the Compliance Policy.

A further intent of this procedure is to develop a higher degree of confidence in the University’s compliance status (legislation, policy), to reduce legal risk and to build stronger linkages between compliance obligation registers and non-compliance reporting processes.

Scope

This procedure applies to the Compliance Obligation Owners (COOs), and the Office of the Chief of Staff.

The ACD procedure does not apply to JCU Controlled Entities, as they are required to have their own mechanisms in place to support relevant compliance monitoring to their management and boards.

Definitions

Except as otherwise specified in this Procedure, the meaning of terms used are as per the Policy Glossary.

Compliance

Adhering to the requirements of laws, industry and organisational standards and codes, principles of good governance and accepted community and ethical standards.

Compliance failure

An act or an omission whereby the University does not meet its compliance obligations, processes or behavioural obligations.

Legal risk

The potential for financial loss or reputational damage if the University fails to be aware of and implement legislative or regulatory requirements that could impact operations, results in a breach of compliance, or through action or inaction gives rise to potential litigation against the organisation, its staff or students.

Obligation

A requirement specified by laws, regulations, codes or organisational standards.

Procedure

1. Key Responsibilities

1.1  The following staff have particular responsibilities under this procedure:

a)  Compliance Obligation Owner (COO). The COO is assigned a particular legislative obligation and is responsible for ensuring those legislative compliance obligations are met. The COO is appointed by the Office of the Chief Staff who provides guidance and support in the process. The COO is to ensure the effective monitoring of legislation, regulations and codes for any changes or new statutory requirements; reporting non-compliance issues and ensuring that legislative requirements are met within their areas of compliance.

b) Chief of Staff. The Chief of Staff has overall responsibility for the control and coordination of the Compliance Framework and for coordinating the implementation of the compliance process in all areas of the University, supported by the Risk and Compliance Officer.

2. Annual Compliance Declaration

2.1  The Annual Compliance Declaration seeks to remind the University Executive of accountabilities in overseeing the University's statutory obligations. The ACD procedure underpins the Comply pillar within the JCU Compliance Framework. The ACD process provides added assurance by:

  • confirming the level of compliance with relevant legislation  notified through the Legislative Alerts and Non-Compliance Reporting Procedure);
  • providing details of any actual or potential breaches and any action taken; and
  • recording outcomes and recommendations in response to any legislative change (if any).

2.2  The ACD is designed to be an evidence-based process that can be periodically tested by Internal Audit, external audit or an investigation process to expose any compliance failures and provide assurance under the “Assure” pillar of the Compliance Framework.

2.3  Where non-compliance may be identified through the checklist an understanding of the non-compliance risk exposure for specific activities that may have the potential to impact on the University and its operations will be identified through completion of the Internal Non-Compliance Report at appendix 2.

3. Checklist

3.1  The ACD Checklist is a self-assessment to ensure that the COOs have acknowledged the compliance status within their respective areas of responsibility.

3.2  The Risk and Compliance Officer will coordinate the distribution of the ACD Checklists to the COOs in August each year.

3.3  Upon receipt, the COOs complete the ACD Checklist and collect any information that is required as evidence of compliance, and assign any responsibilities to Responsible Officers for the collection of information in preparation for sign-off.

3.4  Where there is non-compliance, corrective actions must be applied in response, detailing the applicable timeframes, accountabilities and risk assessment with mitigation strategies (where appropriate), and complete the Internal Non-Compliance Report at appendix 2.

3.5  The COOs will then sign the Annual Compliance Declaration Checklist. These are then returned to the Office of the Chief of Staff for review by mid-October, in preparation for reporting to Vice Chancellor’s Advisory Committee and Audit, Risk and Compliance Committee in November each year.

3.6  The ACD Procedure is detailed in a process flow diagram (appendix 1).

4. Systemic non-compliance

4.1  If any areas of non-compliance are deemed to be Systemic, the Chief of Staff will draft and communicate a Compliance Action Plan. A risk assessment will be conducted in the Enterprise Risk Register in Riskware.

4.2  If Risk Rating is Medium or High, a Risk Treatment Plan must be developed to address remediation. Remedial action timeframes are:

  • Medium risk <12 months
  • High risk < 6 months

Related policy instruments

Compliance Policy

Compliance Action Plan

Compliance Framework

Legislative Alerts and Non-Compliance Reporting Procedure

Risk Management Policy

Other related documents

Risk and Compliance Intranet Site

Schedules/Appendices

Appendix 1 - Process Flow Annual Compliance Declaration

Appendix 2 - Internal Non-Compliance Report

Administration

NOTE:  Printed copies of this procedure are uncontrolled, and currency can only be assured at the time of printing.

Approval Details

Policy Domain

Corporate Governance

Policy Sponsor

Vice Chancellor

Approval Authority

Vice Chancellor

Date for next Major Review

1 August 2023

Revision History

Version

Approval date

Implementation date

Details

Author

21-1

27/09/2021

29/09/2021

Procedure established to implement the Compliance Policy

Risk and Compliance Officer

Keywords

Annual Compliance Declaration, Compliance Framework, Compliance Register, Legislation, Non-Compliance, Obligation Owner, Responsible Officer, Reporting, Risk Management

Contact Person

Risk and Compliance Officer