Annual Legal Compliance Certification by Legal Compliance Officers

A. Forms

B. Guidelines for Completing the Annual Compliance Certification Process

C. Objectives of the Process
 

A. Forms - Monash only

• Form B: Certification by Supervisors of Designated Legal Compliance Officers (pdf, 29 KB)
• Form A: Certification by Designated Legal Compliance Officers (pdf, 28 KB)
• Continuous Improvement Form (Microsoft Word, 26 KB)

B. Guidelines for Completing the Annual Compliance Certification Process

1. Legal compliance officers designated with overall responsibility for ensuring the University complies with legislation in a particular area are requested to complete Form A and return it to the Executive Manager, Compliance by the last working day of January each year.
2. Supervisors of the legal compliance officers are requested to complete Form B and return it to the Executive Manager, Compliance by the last working day of January each year. 

The certification form requires supervisors to attach further information in cases where a shortcoming has been identified in the compliance program for the designated area of law.  The Continuous Improvement Form is provided for this purpose.

C. Objectives of the Process

Laws serve many purposes not least being that they regulate behaviour thus allowing individuals and organisations to plan and conduct their affairs with a greater degree of certainty than might otherwise be possible. Therefore, compliance is an aid to good management, not an impediment. An organisation that is not complying with a particular area of the law on an ongoing basis will experience or can expect to experience at least one of the following consequences:

• civil litigation by aggrieved clients, staff members or other people;
• prosecutions by government regulators for breaches of the law;
• loss of reputation impacting on recruitment, market share, funding, etc;
• deaths or serious injuries to staff, clients and others;
• inefficient operations;
• failure to attain strategic goals and operational targets;
• low staff morale.

Monash has always taken its legal and ethical responsibilities seriously but the Audit Committee believes that the risk of legal non-compliance is greater than ever before and that an annual compliance certification process will prove valuable by encouraging relevant staff to focus more on:

• Promoting an ethical and positive compliance culture in relation to the law and ensuring that Monash staff, students and stakeholders obligated or protected by the law are aware of relevant laws, regulations, codes and University policies.
• Identifying legal compliance risks for organization-wide structures, systems and processes and facilitating the identification, assessment and management of risks at the level of cost centres.
• The provision of generic policies, procedures, education and training to guide the behaviour of staff, and where appropriate, students and others.
• Facilitating the development of specific and targeted policies, procedures, education and training at the cost centre level.
• Monitoring compliance with the law and related University policies and procedures throughout the organisation.

Reporting

Officers designated with overall responsibility for ensuring the University has complied with the law in a particular area or their supervisors will be required to present a compliance report to the Audit Committee on an annual or longer basis. It is therefore important for officers and supervisors to retain copies of completed annual certification forms (A and B) and to do so for five (5) years.

The University’s Executive Manager, Compliance will report to each meeting of Audit Committee on progress by designated officers and their supervisors towards achieving proposed remedial actions recorded on their annual certification forms (A and B). This will ensure that a culture of continuous improvement in relation to compliance activities is evident as well as stated.

Compliance Program Continuous Improvement Form

This form is to be used by the supervisors of officers designated with overall responsibility for ensuring the University has complied with the law in a particular area. It is a supplement to certification Form B.

Those involved in this certification process are asked to note that:

1. The law and its interpretation are dynamic and therefore an organisation can never constantly be fully compliant.
2. Good compliance practice is strongly linked to good management practice because both are concerned with proactively pursuing continuous improvements that will facilitate the achievement of objectives efficiently and effectively rather than only reacting when things go wrong.
3. Part of any continuous improvement program involves benchmarking the existing program against some standard in order that shortcomings can be identified, remedial actions planned and improvements recorded and reported over time.

Therefore, when signatories note shortcomings in their compliance program on this form they are NOT stating that the organisation is not compliant with the law or that they or their staff have not been diligent in their efforts to create a culture of compliance within the organisation. They are indicating that there is more that can be done to improve the internal structures and systems necessary to support compliance and are committing themselves over the following 12 month period to implementing the remedial actions they have outlined on the form.

When completing the form be aware that:

• ·Numerous instances of a particular category of non-compliance are invariably indicative of a systemic problem that will probably necessitate improving some aspect of the compliance program for the designated area of the law.
• Timeframes need not always be tight. As noted above, compliance is a dynamic, ongoing process and parliaments, regulators and the courts usually allow for its achievement within reasonable timeframes. Priority should be given to remedial actions where the shortcoming in the compliance program has resulted, or could result, in breaches with serious consequences.

Sources of Information and Data

When completing the Compliance Program Continuous Improvement form relevant information may be drawn from a range of sources. A key aid will be the document entitled Best Practice Guidelines for AS3806.

Other sources might include:

• AS3806-1998 The Australian Standard® for Compliance Programs;
• risk analyses by the designated officer and supervisor;
• internal or external review findings and recommendations;
• internal (e.g. branch or unit) records system;
• internal and external auditors’ findings and recommendations;
• client satisfaction surveys;
• regulators’ publications and web sites;
• professional networks and professional association publications;
• client complaints captured by the internal complaints handling system; and
• the Executive Manager, Compliance.

Quarterly reports will contain valuable information and data, particularly that part of the report dealing with areas of potential non-compliance (the risk register). However, quarterly reports do not cover all areas of a compliance program.