• Section 1 - Background and Purpose
• Section 2 - Scope
• Section 3 - Policy Statement
• Section 4 - Procedure
• Compliance Framework
• Compliance Register
• Maintaining the Compliance Register
• Roles and Responsibilities
• Identification and Rectification of Non-Compliance
• Complaints Handling
• Reporting
• Section 5 - Definitions
• Section 6 - Stakeholders

Section 1 - Background and Purpose

(1) The purpose of this Policy is to promote and facilitate excellence in governance and continuing improvement in compliance with all applicable laws and regulations.

(2) La Trobe University is committed to ensuring that it complies with all applicable laws and regulations.

Section 2 - Scope

(3) Applies to:

1. All campuses 
2. All staff

Section 3 - Policy Statement

(4) La Trobe University is committed to ensuring that it complies with all applicable laws and regulations, and that it will strive to meet the requirements of those standards and codes of practice that apply to its day-to-day activities and responsibilities.

Section 4 - Procedure

Compliance Framework

(5) The compliance framework documents the system and compliance process through which La Trobe University can monitor, review and comply with its legislative and regulatory obligations.

Compliance Register

(6) The Compliance Register is the key means, at an organisational level, for:

1. Identifying and recording the key legislative and regulatory requirements for La Trobe University;
2. Recording the key compliance activities required of the University; and
3. Identifying any training required to achieve or assist in meeting compliance.

Maintaining the Compliance Register

(7) The process is conducted over an annual cycle:

1. October: Compliance Register circulated to Colleges and Divisions for review and completion;
2. November: Return of Compliance Registers to Risk Management Division and confirmation of risk rating and prioritisation;
3. December: Annual certification;
4. Quarterly: Review compliance performance and reporting to the Corporate Governance, Audit and Risk Committee on the status of the Compliance register and matters arising; and
5. Annually:Review of the effectiveness of the Compliance program and framework.

Roles and Responsibilities

Management

(8) It is the responsibility of management to implement the compliance process for their specific areas of operational control.

Staff

(9) It is the responsibility of staff to ensure that they are aware of the compliance requirements pertaining to their role within the University, ensure that their actions are compliant with all applicable laws and regulations to undertake training in accordance with the compliance program and to report and escalate compliance concerns, issues, complaints and failures.

Corporate Governance, Audit and Risk Committee

(10) The role of the Corporate Governance, Audit and Risk Committee (CGARC) is to provide oversight, on behalf of the Council, of the Compliance Framework, including:

1. Accountability for the effective operation of the Framework;
2. Monitoring the key compliance requirements of the University; and
3. Ensuring that outstanding compliance breaches are rectified appropriately.

Risk Management Division

(11) The Risk Management Division (including Internal Audit) is responsible for the overall management of the Compliance Framework, including:

1. Establishment and maintenance of the Compliance Register;
2. Liaison with Colleges, Schools and Divisions in the development and review of the Compliance Register; 
3. Review risk analysis and prioritisation of compliance requirements;
4. Ongoing review and continuous improvement of compliance functions;
5. Investigation of compliance breaches;
6. Capture of information relating to changing laws, regulations and standards, through approaches such as:
   1. Liaison with Legal and Governance;
   2. Participation in professional groups;
   3. Regular ‘survey’ of the environment and the University community; and
7. Recommendation and facilitation of rectification activities.

Responsible Officers

(12) Responsible Officers are managers with specific responsibility for ensuring compliance with individual legislation and regulations. This includes:

1. Ensuring that the compliance requirements for their areas of compliance responsibility are identified, understood and documented;
2. Monitoring identified legislation and regulations for change and ensuring that compliance continues to be maintained;
3. Providing guidance and support to staff on the administration of the legislation;
4. Determining training requirements; and
5. Monitoring and reporting non-compliance.

Identification and Rectification of Non-Compliance

(13) Material non-compliances are identified and investigated in order to determine their cause, their potential impacts upon the University and to determine the mechanisms for rectification.

(14) Notification of non-compliance is made to the Risk Management Division as soon as practicable following discovery. The Director, Risk Management will determine requirements for further investigation and assign responsibilities for rectification. 

Complaints Handling

(15) A number of processes are established for handling complaints relating to compliance or breaches of laws and regulations, including:

1. Student Complaints Management Policy, Procedures and Guidelines;
2. Anti-Bullying and Harassment (Students) Procedure; 
3. Occupational Health and Safety Policy and related procedures; and
4. Fraud and Corruption Management Policy and Procedures.

(16) A number of contact points are available for the notification of complaints and suspected compliance breaches:

Reporting

(17) The Risk Management Division provides a report to the Corporate Governance, Audit and Risk Committee on a quarterly basis detailing:

1. The current Compliance Register;
2. Details of compliance breaches identified in the previous quarter;
3. Risk management activities aimed at improving compliance;
4. Current status of rectification; and
5. Status of compliance related training activities.

Section 5 - Definitions

(18) Nil.

Section 6 - Stakeholders