Policy Compliance Framework
Compliance Framework
- Courses
- Future Students
- Current Students
- Research and Teaching
- Partners and Community
- About JCU
- Celebrating 50 Years
- Anton Breinl Research Centre
- Agriculture Technology and Adoption Centre
- Living on Campus
- Advanced Prawn Breeding Research Hub
- Advanced Analytical Centre
- Applying to JCU
- Alumni
- AMHHEC
- Australian/NZ Students
- Australian Lions Stinger Research
- Boating and Diving
- Australian Tropical Herbarium
- ATSIP
- Careers at JCU
- Association of Australian University Secretaries
- Careers and Employability
- Australian Quantum & Classical Transport Physics Group
- CITBA
- Centre for Tropical Bioinformatics and Molecular Biology
- Chancellery
- CMT
- CASE
- College of Business, Law and Governance
- College of Healthcare Sciences
- College of Medicine and Dentistry
- College of Science and Engineering
- CPHMVS
- COVID-19 Advice
- CSTFA
- Cyclone Testing Station
- The Centre for Disaster Studies
- Daintree Rainforest Observatory
- Diploma of Higher Education
- Discover Nature at JCU
- Division of Research and Innovation
- Division of Tropical Environments and Societies
- Division of Tropical Health and Medicine
- Staff Intranet
- Economic Geology Research Centre
- Elite Athletes
- Estate
- Financial and Business Services Office
- Fletcherview
- Foundation for Australian Literary Studies
- Gender Equity Action and Research
- GetReady4Uni
- Give to JCU
- Governance
- Information for JCU Cairns Graduates
- Graduate Research School
- Graduation
- JCU Ideas Lab
- Indigenous Education and Research Centre
- Indigenous Legal Needs Project
- IT Services
- International Students
- JCU College
- JCU Connect
- JCU Contact Information
- JCU Eduquarium
- JCU Global Experience
- JCU Motorsports
- JCU Prizes
- JCU Sport
- JCU Turtle Health Research
- Language and Culture Research Centre
- LTSE
- LearnJCU
- Library
- MARF
- Marine Geophysics Laboratory
- New students
- Off-Campus Students
- Office of the Provost
- Office of the Vice Chancellor and President
- Virtual Open Day
- Orpheus
- Outstanding Alumni Awards
- Parents and Partners
- Pathways to university
- Planning and Performance
- Planning for your future
- Placements
-
Policy
- Academic Governance
- Community, Marketing and Alumni
-
Corporate Governance
- Distinguished Professor Policy
- Bullying, Discrimination, Harassment, and Sexual Misconduct Policy
- Business Continuity Policy
- Child Safety Policy
- Staff Code of Conduct
- Code of Conduct – University Council
- Code of Conduct – University Council Explanatory Statement
- Compliance Policy
- Conduct of Council Elections Policy
- Conflicts of Interests Policy – University Council and its Committees
- Controlled and Non-Controlled Entities Policy
- Critical Incident Policy
- Domestic and Family Violence Policy
- General Practice Training Governance Policy
- Incident Management Policy
- Information Privacy Policy
- Legal Services Claims and Litigation Assistance Policy
- Emeritus Professor Policy
- Affiliation of a Residential College Policy
- Records Management Policy
- Social Media Policy
- Risk Management Policy
- Right to Information Policy
- University Archives - Access
- University Seal Policy
- Visiting Speaker and Event Policy
- Organisational Structure Policy
- Academic Freedom and Freedom of Speech Policy
- Foreign Interference Policy
- Equity
-
Estate and Facility Management
- Advertising on Campus
- Alcohol Consumption on University Property
- Approval of Works to University Buildings and Site Infrastructure
- Authorised Use of University Facilities, Premises and/or Grounds for Non-core Purposes
- Environmental Policy
- High Voltage Access Policy
- Memorial Plaques
- Noise on University Sites
- Pets on Campus
- Real Estate Dealings Policy
- Space Allocation and Management Policy
- Timetable and Class Registration Policy
- Tree Protection
- Vehicle Fleet Policy
- Weapons Policy
- Security Policy
-
Financial Management
- Appendices
-
Assets (FMPM 200 - FMPM 399)
- FMPM 200 Overview - Assets & Cash Management
- FMPM 210 Cash
- FMPM 220 Policy - Bank Accounts
- FMPM 230 - Petty Cash Advances
- FMPM 300 Investments
- FMPM 320 Plant and Equipment
- Financial FMPM 322 - Acquisitions of Plant and Equipment
- FMPM 260 Other Advances
- FMPM 330 Non-Capital Assets
- FMPM 280 Official Stores
- FMPM 290 Prepayments
- FMPM 323 - Disposal of Property, Plant and Equipment Procedure
- FMPM 324 Stocktake
- FMPM 350 Intangible Assets
- FMPM 270-2 Accounts Receivable - Student Debtors - Penalties
- FMPM 240 Travel Advances (Students)
- FMPM 330 Non-Capital Assets
- FMPM 270-1 Accounts Receivable
- FMPM 250 - Policy Salary Advances
- Equity (FMPM 500 - FMPM 599)
- Expenses (FMPM 700 - FMPM799)
- Financial Management and Control (FMPM 800 - FMPM 899)
- Further Applications (FMPM 900 - FMPM 999)
- Introduction (FMPM 100 - FMPM 199)
- Liabilities (FMPM 400 - FMPM 499)
- Revenue (FMPM 600 - FMPM 699)
-
Human Resources
- Academic Promotion Policy
- Awards for Excellence Policy
- Bullying, Discrimination, Harassment, and Sexual Misconduct Policy
- Community and Indigenous Language Allowance
- Competency Pay for Tradespersons Policy
- Early Retirement Policy
- Enterprise Agreement 2016
- Market Loading Policy
- Optional Working Hours System (Op-Time)
- Overpayment of Wages Policy
- Recruitment, Selection and Appointment Policy
- Relocation Assistance Policy
- Salary Packaging Program Policy
- Special Studies Program Policy
- Staff Study Assistance Policy
- Statement on Staff External Activities - Existing
- Supported Wage System (SWS) Policy
- Equal Employment Opportunity
- Conflict of Interest Policy
- Honorary Appointments Policy
- Remote Working Policy
- Human Resources Policy Glossary
- Digital Infrastructure
-
International
- Attendance Monitoring Policy - English Language and Foundation Programs
- Enrolment Requirements for International Student Visa-Holders Policy
- Management of Off-Campus Operations, Ventures and Partnerships
- Transfer of International Student Visa Holders to Other Educational Institutions
- US Federal Student Aid-SAP & Return to Title IV Policy
-
Learning and Teaching
- Annual Review of Subjects with Low Enrolments
- Blended Learning Policy
- Charter of Responsibilities for Academic Quality and Governance
- Curriculum Approval, Accreditation, Monitoring, Review and Improvement Policy
- English Language and Numeracy Policy
- Framework for Postgraduate Courses Policy
- First Year Experience and Retention Policy
- Graduate Attributes
- Graduate Certificate of Education (Academic Practice) Internal Sponsorship Policy
- Honours Assessment and Postgraduate Coursework Awards Policy
- Learning Teaching and Assessment Policy
- Policy Glossary
- Review of a Student’s Suitability to Continue a Course Involving Placement
- Student Digital Experience Policy
- Student Experience of Learning and Teaching (SELT) Policy
- Student Retention Policy
- Coursework Academic Integrity Policy
-
Quality and Planning
- Annual Report Policy
- Course Performance Reports and Division Academic Program Reports – Policy
- Financial and Operational Performance Management Policy
- Planning Management Policy
- Policy Development and Review Policy
- Reviews of Organisational Units and Thematic Areas - Policy and Procedures
- Quality Enhancement Framework
- Research Education
- Research Management
-
Student Services
- Academic Progression Policy
- Administration of Commonwealth Scholarships Policy
- Admissions Policy
- Attendance Monitoring Policy - English Language and Foundation Programs
- Award Finalisation and Graduation Policy
- Bullying, Discrimination, Harassment, and Sexual Misconduct Policy
- Copyright Policy and Procedure
- Coursework Scholarships, Bursaries, Grants and Prizes Policy
- Coursework Enrolment Policy
- Enrolment Requirements for International Student Visa-Holders Policy
- Intervention Strategy for Students Who Have Not Made Satisfactory Academic Progress
- Library Use Policy
- Student Review and Appeals Policy
- Student Code of Conduct
- Student Complaints Policy
- Student Fee Payments and Refunds Policy
- Student Results Policy
- Transfer of International Student Visa Holders to Other Educational Institutions
- Work Health and Safety
- Policy search
- PAHL
- Publications
- Professional Experience Placement
- Queensland Research Centre for Peripheral Vascular Disease
- Rapid Assessment Unit
- Researcher Development Portal
- Safety and Wellbeing
- Scholarships @ JCU
- SICEM
- Staff
- State of the Tropics
- Strategic Procure to Pay
- Student Equity and Wellbeing
- Student profiles
- SWIRLnet
- TARL
- TESS
- TREAD
- TropEco
- TQ Maths Hub
- TUDLab
- Unicare Centre and Unicampus Kids
- UAV
- VAVS Home
- Work Health and Safety
- WHOCC for Vector-borne & NTDs
- Media
- Copyright and Terms of Use
- Australian Institute of Tropical Health & Medicine
Print Friendly1. COMMITMENT TO COMPLIANCE
James Cook University (JCU) has a responsibility to identify and comply with range of legislative and regulatory requirements. An effective, organisation-wide compliance management system enables an organization to demonstrate its commitment to compliance with relevant laws, including legislative requirements, industry codes and organisational standards, as well as standards of good corporate governance, best practices, ethics and community expectations (AS ISO 19600:2015 Compliance Management Systems). .
The intent of a robust and integrated system of compliance is to provide assurance to the Vice Chancellor and University Council that the University is actively attentive to its legislative compliance obligations, considering impacts of any consequent changes, and ensuring that these are embedded in practice and procedures across the University.
1.1 Objectives
To achieve the objective of being a compliant organisation, JCU’s Compliance Framework aims to:
- demonstrate a commitment to the highest standards of ethics and compliance with all applicable laws, regulations, rules and policies and promote a culture of compliance;
- promote a culture of frank and open disclosure of compliance breaches without fear of victimisation or unfair treatment;
- document and continuously review and update business processes to ensure they comply with applicable laws and regulations;
- provide employees with training and assistance to become effectively involved in compliance activities to meet their obligations;
- maintain monitoring and reporting systems to identify instances of non-compliance or system failure and to protect the University, its staff and students from deliberate or inadvertent breaches and consequent penalty;
- take prompt action where necessary to address instances of non-compliance or other circumstances that present an unacceptable exposure to legal risk;
- assess compliance against pre-determined objectives and assessment criteria; and
- periodically review the compliance framework to ensure it is consistent with AS 3806 and generally accepted compliance management practice.
2. COMPLIANCE PROGRAM
JCU’s compliance framework comprises a set of components that provide the foundations and organisational arrangements for designing, implementing, monitoring, reviewing and continually improving legislative compliance management throughout the organisation. There are several policy and procedural documents, forms and registers which identify and manage JCU’s expectations around ethics and integrity in dealings with staff, students and others prescribed in the Code of Conduct, and the University’s obligations identified by this Compliance Framework.
The Compliance Framework has three pillars:
- inform (ensuring staff are aware of their obligations and the legislative changes that may impact their business unit’s activities);
- comply (an annual compliance declaration by Deputy Vice Chancellors, Provost, and the Vice Chancellor); and
- assure (internal and external audit and review activity) - providing a formal approach to continuous improvement. There will also be regular monitoring and review of the Framework’s performance.
The Framework consists of:
- the Compliance Policy established to identify intent, scope and responsibilities and accountabilities within the University for compliance;
- supporting procedures, forms and registers; and
- the University’s Compliance Register (Responsible Officers will have responsibility for ensuring compliance with particular legislative obligations).
The framework will enable:
- a robust and structured approach to compliance that is appropriate to JCU’s activities and operating environment; and
- an approach consistent with the principles of AS ISO 19600:2015 Compliance Management Systems.
In moving to this Compliance Framework, JCU is reflecting the principles of the Standard within these four key aspects:
- commitment (by the governing body and senior management);
- implementation (responsibilities clearly articulated and assigned);
- monitoring and measuring (performance of the program is monitored and clearly demonstrable); and
- continual improvement.
3. INFORM (Identifying the University’s Legislative Compliance Obligations)
As a large and complex statutory authority, the University has a significant number of compliance obligations, at both the Commonwealth and State level. To ensure that the University can comply with all of its obligations, it is important to identify legislation and other legislative instruments which impose a compliance obligation. These obligations may arise because the University is, for example, an employer, a provider of goods and services, a statutory body or a recipient of Commonwealth funding. Compliance obligations might include:
- reporting requirements (provision of statistics or information);
- requirements for accreditation, registration or licensing;
- complying with timeframes set down by the legislation for performing activities;
- a requirement to provide a specified service or range of services;
- restrictions or limitations on how these services can be offered; and
- financial obligations.
These obligations will be recorded in the University’s Compliance Register to be maintained by Legal and Assurance within the Office of the Chief of Staff. This Register will map the University’s obligations to business units and responsible officers. Identification of the University's statutory obligations, or changes in these obligations, will be an ongoing activity undertaken by the designated Responsible Officers and senior management. This will include Responsible Officers informing other employees of any amendments, initiating updates to the University’s Compliance Register (through Legal and Assurance), and undertaking any practical steps necessary to ensure compliance with existing, amended and new statutory obligations.
To ensure Responsible Officers and others are informed in a timely manner of Commonwealth and State legislative change across all areas of responsibility by jurisdiction and subject area, a subscription to a legislative alert service will be maintained. Policies, procedures and other documentation which reference legislation will be reviewed on any substantive change, particularly in those areas of actual or potential risk.
Where new or revised legislation creates obligations for the University, a Compliance Action Plan may be required. The template for a Compliance Action Plan is at appendix 1.
4. COMPLY (Management of Compliance)
Deputy Vice Chancellors, Provost and the Vice Chancellor will be required to annually sign a Compliance Declaration specific to their Division which confirms the level of compliance with relevant legislation, provides details of any actual or potential breaches and any action taken, and the outcomes and recommendations in response to legislative change (if any) respective to their Divisions. The aim is to proactively identify and report actual/potential breaches in accordance with the Annual Compliance Declaration Procedure..
Where there is non-compliance, a Compliance Action Plan will be developed by the relevant Division or at the University level in response, with timeframes and a risk assessment with mitigation strategies (where appropriate). This provides for a better understanding of the non-compliance risk exposure for specific activities rather than having a broad high risk around legislative compliance in general.
The annual Compliance Statement seeks to remind the University Executive of accountabilities in overseeing the University's statutory obligations relating to compliance.
4.1 Reporting Incidents of Non-Compliance
Responsible Officers are required to identify and maintain records of all non-compliance incidents or potential breaches within their designated areas. Formal reporting on non-compliance incidents and their management is to be made to the Chief of Staff as and when such incidents occur. The Chief of Staff will advise the Vice Chancellor, Chair of Audit Committee and Chancellor of incidents of significance or notifiable issues. Compliance breaches may be identified through audit activity, self-disclosure, third party complaints, compliance certifications, and review or notification by regulatory agencies and other authorities.
Information received from Responsible Officers during this process is used to advise University Council through Audit Committee of high risk non-compliance incidents or significant compliance trends. Actions may be taken on the basis of this reporting by senior management to clarify any non-compliance which has not been satisfactorily addressed by an organisational area.
A staff member who wishes to report any incident of non-compliance should approach either the relevant designated Responsible Officer if the incident relates to a specific obligation or their manager or supervisor if the incident relates to an operational matter. It is also open to a staff member to make a public interest disclosure in accordance with the relevant procedures, where circumstances warrant.
Reporting processes are outlined in the Legislative Alerts and Non-Compliance Reporting Procedure.
4.2 Corrective Actions
When a compliance breach is detected it is Management’s responsibility to:
- investigate the circumstances relating to the compliance breach;
- notify the compliance breach to the Responsible Officer;
- ensure that timely and adequate corrective actions are taken to reinstate compliance; and
- provide a copy of the Compliance Action Plan to the Chief of Staff.
Where a significant compliance breach occurs, and based on a risk assessment, a corrective action plan should be developed by Management in consultation with the Responsible Officer. The Responsible Officer will monitor the implementation of the corrective action plan to ensure that compliance is reinstated.
Where a Responsible Officer believes that Management’s response to a compliance breach is not appropriate, the matter should be escalated to the Chief of Staff for resolution.
5. ASSURE (Audit, Monitoring and Review)
The University is responsive to a number of external regulatory agencies for accreditation, certification and registration purposes (including vocational and professional bodies, the Tertiary Education Quality and Standards Authority, and others) and therefore subject to external audit or review, accreditation or self-review and reporting obligations. An assurance map will be compiled to capture these obligations.
The annual Internal Audit Work Plan may also include a rolling compliance audit, using a risk based approach, to assure the Vice Chancellor and Audit Committee that the University is maintaining or working towards compliance, or to assess whether any business improvement implemented to meet legislative change is fit for purpose and meets requirements.
In order to effectively manage compliance obligations, an annual review of compliance processes will be undertaken. This will include:-
- the review and updating of the compliance and risk registers;
- notification of any previously un-reported compliance breaches, issues or complaints; and
- audit of compliance processes, as applicable.
The risk of compliance failure should be reassessed whenever there are:-
- new or changed activities or services;
- changes to the structure or strategy of the University;
- significant external changes; or
- changes to compliance obligations.
5.1 Compliance Performance Reporting
Formal reporting mechanisms on compliance activities include:
- Annual Compliance Declarations by Deputy Vice Chancellors, Provost and the Vice Chancellor of compliance with legal, regulatory and other obligations;
- regular reporting, by the Office of the Chief of Staff to Vice Chancellor's Advisory Committee and Audit, Risk and Compliance Committee of Council on major developments, issues and compliance incidents including the status of implementation of corrective action plans;
- provision of an annual, risk-based plan of compliance activities to Audit, Risk and Compliance Committee for review and approval; and
- reviews of the Compliance Policy and the Compliance Framework (to align with reviews of the Risk Management Framework and Policy), including an assessment of their effectiveness and recommendations for improvement.
6. RESPONSIBILITIES FOR COMPLIANCE
The University Council is ultimately responsible for approving the Compliance Framework and Policy, and through Audit Committee oversees the adherence, monitoring and review of the University’s Compliance Framework. Audit Committee is also responsible for reviewing and making recommendations to Council regarding the Compliance Policy.
The Vice Chancellor is responsible for leading a compliance culture across the University through promoting and supporting the Compliance Policy and Framework. Detailed responsibilities for University staff include:
University Executive
The University Executive are responsible for ensuring that appropriate resources, systems and processes are in place to implement the Compliance Framework across the organisation, comply with legislative and regulatory requirements within their specific areas of operational responsibility, and ensure that any potential or actual legislative non-compliance has been identified and is being managed appropriately. Specifically:
- remaining aware of the compliance obligations (including monitoring for changes in legislation and regulation) within their areas of control;
- identifying individual staff members requiring training and ensuring their participation as required to ensure ongoing compliance;
- reporting non-compliance or potential non-compliance to the Responsible Officer and the Chief of Staff;
- undertaking corrective actions to compliance breaches in a timely manner;
- certifying compliance for their area of control; and
- encouraging behaviours that create and support compliance and a compliance culture.
Chief of Staff
The Chief of Staff has overall responsibility for the control and coordination of the Compliance Framework and for coordinating the implementation of the compliance process in all areas of the University with compliance responsibilities through Legal and Assurance. Specifically:
- developing, implementing and ensuring continuous improvement of the Compliance Framework;
- overall coordination of the Compliance Program and ensuring that all responsible areas of the University fulfil their compliance responsibilities;
- identifying, in conjunction with Responsible Officers, compliance requirements and training needs and promoting awareness of compliance obligations;
- maintaining the University’s Compliance Register;
- providing advice to relevant staff and Responsible Officers on new or changed legislation, its content and application to the University where appropriate;
- reporting compliance breaches to management and University Executive and ensuring that appropriate and timely corrective actions are undertaken;
- conducting regular compliance audits; and
- reporting to vice Chancellor's Advisory Committee and Audit, Risk and Compliance Committee of Council.
Responsible Officers
Responsible Officers will work closely with the Chief of Staff and will have responsibility for providing guidance and support to all employees; monitoring legislation, regulations and codes for any changes or new statutory requirements; reporting non-compliance issues, whether systemic, recurring or one-off; and ensure that legislative requirements are met within their Divisions. Specifically:
- ensuring that the compliance requirements for their areas of compliance responsibility are identified, understood and documented (in the Compliance and Risk Register where appropriate).
- monitoring identified legislation and regulations for change and ensuring that compliance continues to be maintained, including providing advice to the University General Counsel if such change impacts the University’s Compliance Register;
- providing guidance and support to staff on compliance with legislative obligations (including new or changed obligations) relevant to their areas of responsibility;
- monitoring and reporting non-compliance;
- advising the relevant Deputy Vice Chancellor, Provost or Vice Chancellor on completing the Annual Compliance Declaration; and
- encouraging behaviours that create and support compliance and a compliance culture.
Managers and staff
Commitment must be demonstrated by managers by making themselves fully aware of the University’s legislative obligations within their area of accountability or span of control. All staff are responsible for:
- adherence to the compliance obligations relevant to their position;
- performing their duties in a lawful and safe manner;
- undertaking training as required on compliance activities and initiatives;
- undertaking corrective actions to compliance breaches in a timely manner; and
- reporting and escalating compliance concerns, issues, complaints and failures.
7. SUMMARY OF KEY COMPLIANCE ACTIVITIES
The table below summarises the key actions, reviews and reports required by JCU’s Compliance Framework. It details who is responsible for each activity and the required timing. In dependent review may also be sought to confirm the University’s approach to compliance is consistent with best practice.
Action | Description | Responsibility | Timing |
Review Compliance Policy | Review the currency and effectiveness of JCU’s Compliance Policy | Council to approve on advice of Vice Chancellor and Audit Committee (review to be coordinated by Chief of Staff) | Every two years in August |
Review Compliance Framework | Review the currency and effectiveness of JCU’s Compliance Framework | Audit Committee to consider on advice of Vice Chancellor (coordinated by Chief of Staff) | Every two years in August |
University’s Compliance Register | Identify and review legislative obligations and nomination of Responsible Officers | Vice Chancellor's Advisory Committee to initiate, Audit Committee to review (coordinated by University General Counsel) | Annually in July |
University’s Risk Register | Review current status of Compliance Action Plans, potential or actual breaches and other relevant issues | Vice Chancellor's Advisory Committee (Responsible Officers to coordinate) Audit Committee (coordinated by Chief of Staff) | Every 6 months by VCAC and Audit, Risk and Compliance Committee in November |
Compliance Declarations | Review current status of key risks, Risk Treatment Plans, incidents and other relevant issues | Vice Chancellor's Advisory Committee and Audit Committee (coordinated by Chief of Staff) | Annually in November |
Training | Ensure staff are aware of the Compliance Framework, Policy and Procedures and their obligations. | Chief of Staff (Responsible Officers to assist) | Introduction for all new staff at on-line induction with more detailed session for Responsible Officers within three months of commencing. |
Related Policy Instruments
Legislative Alerts and Non-Compliance Reporting Procedure
Appendices
Appendix 1 Compliance Action Plan template
Administration
NOTE: Printed copies of this policy are uncontrolled, and currency can only be assured at the time of printing.
Approval Details
Policy Sponsor | Vice Chancellor |
Approval Authority | Council |
Date for next review | 1/08/2022 |
Revision History
Version | Approval date | Implementation date | Details | Author |
| 20-1 | 30/07/2020 | 01/08/2020 | Minor amendments and revisions after internal audit review. | Chief of Staff |
| 18-1 | 06/12/2018 | 18/01/2019 | Minor amendments to clarify responsibilities regarding completion of annual Compliance Statement, administrative amendments and amendment to review of Compliance Framework from annually to every two years. | Chief of Staff |
16-1 | 08/12/2016 | 16/02/2017 | Revisions to Framework | Chief of Staff |
15-1 | 10/04/2015 | 4/06/2015 | Framework established | Chief of Staff |
Keywords | Compliance, standards of compliance, compliance framework |
| Contact person | Chief of Staff |