ASX Reminder – New Continuous Disclosure Rules Start 1 May

Following several months of public consultation, the ASX has now released the final changes to the continuous disclosure rules for listed entities. These changes relate to both the Listing Rules 3.1 – 3.1B but more substantially the ASX Guidance Note 8 on the topic.

This is the first revision of ASX Guidance Note 8  since 2005 and therefore takes into account disclosure issues which emerged during the global financial crisis and various court rulings, including High Court rulings. As all of this has resulted in such a major revision of Guidance Note 8, it has tripled in size to 78 pages. Fortunately for busy executives, the ASX has also released an abridged version of the Guidance Note with only 15 pages.

Key points to note

Importantly, these changes to the ASX continuous disclosure rules highlight:

- while the fundamental principles of continuous disclosure in Listing Rules 3.1 – 3.1B have not changed, ASX now provides much needed clarification and numerous examples of what they expect about a whole range of continuous disclosure issues stemming from these Listing Rules;

- as ASIC also regulates continuous disclosure under the Corporations Act, and acts as enforcer of the ASX listing rules, the updated ASX Guidance Note also reflects ASIC’s expectations of listed entities in this area;

- a number of (minor) consequential changes have been made to Listing Rule 3.1 – 3.1B plus other associated Listing Rules and ASX Guidance Notes; and

- the changes are due to come into effect from 1 May 2013.

What does ASIC think?

As part this ASX release, ASIC has taken the opportunity:

- to remind listed entities of the importance to market integrity of the continuous disclosure regime, which it co-regulates;

- to emphasise the need to have the “right systems” in place, particularly given the increasing prevalence of social media and the instant sharing of information; and

- to stress that this updated ASX Guidance Note be carefully considered, so that “appropriate processes” can be adopted to minimise the risk that ASIC will seek to take continuous disclosure enforcement action against non-complying entities. For more information, see ASIC welcomes updated guidance on continuous disclosure.

Action by Listed Entities

As these updated continuous disclosure rules are scheduled to start on 1 May 2013, all listed entities would be wise to review and update their continuous disclosure policies so as to ensure they have the “right systems” and “appropriate processes” in place to mitigate the risk of non-compliance.  If you have not already done so, now is the time.

How can CompliSpace help?

If you require assistance with reviewing and updating your continuous disclosure policy, please contact CompliSpace via our contact details below.

CompliSpace clients who have subscribed to our ASX corporate governance policies will be receiving an update to their continuous disclosure policy.

We combine specialist governance, risk and compliance consulting services with practical, technology-enabled solutions, so that we can provide our clients with comprehensive programs covering areas such as ASX governance policies, enterprise risk management, human resources and workplace safety.

CompliSpace content is delivered online, in a format that allows clients to quickly and efficiently tailor the content to their own particular specifications.  Our clients include a wide range of ASX listed entities and Australian Financial Services licensees.

We are committed to helping organisations to implement sustainable governance solutions.  If you are looking to streamline your existing governance, risk or compliance programs and make them more relevant to your organisation, contact us via the details below:

Contact Details

P: +61 (2) 9299 6105 (Sydney) / +61 (8) 9288 1826 (Perth)

E:  contactus@complispace.com.au

W: www.complispace.com.au

This blog is a guide to keep readers updated with the latest information. It is not intended as legal advice or as advice that should be relied on by readers. The information contained in this blog may have been updated since its posting, or it may not apply in all circumstances. If you require specific or legal advice, please contact us on (02) 9299 6105 and we will be happy to assist.

April 2013: Financial Services Blog

Risk Management Systems of Responsible Entities (Consultation Paper 204)

There are over 500 Responsible Entities (REs) in Australia operating about 4000 funds with the largest ten investment management groups collectively managing $531 billion (roughly a quarter of all funds under management in Australia).

On 21 March 2013 ASIC released Consultation Paper 204 Risk Management Systems of Responsible Entities which incorporates a draft of a proposed Regulatory Guide (RG).  This proposed RG sets out a series of new prescriptive risk requirements for REs, as well as good practice guidance.

If introduced, these requirements will change the way that many REs are required to be resourced and governed.

In a nutshell, it is proposed that the Corporations Act S912A(1)(h) will be amended by class order to include more targeted requirements for risk management  systems of REs including:

- The need to address “all material risks”, including but not limited to, strategic risk, governance risk, operational risk, investment risk and liquidity risk;

- Introduction of more prescriptive risk processes including requirements to;

• determine appropriate treatments for each identified risk;

• document how each risk will be treated;

• ensure staff follow processes designed to control risks;

• ensure compliance with risk management systems and controls is monitored;

• establish clear escalation policies, processes and procedures for exception reporting;

• maintain effective information management and record keeping systems; and

• ensure effective risk management reporting;

- Linking of these processes to business objectives and operations;

- The conduct of stress testing and/or scenario analysis of investment risk and liquidity risk;

- Regular reviews of risk systems (at least annually);

- The requirement to publish a risk appetite statement; and

- The requirement to articulate the risk tolerance for each material risk identified.

In addition the draft RG outlines a number of “good practice guidelines” including:

- REs establish a designated risk management function and/or risk management committee;

- Separation of the responsibility for risk assessment and the responsibility for compliance with risk management systems so as to avoid conflicts of interest;

- Use of internal and/or external audit to review compliance with, and the effectiveness of, their risk management systems.

The RG is open for comment until 3 May 2013.  Once a final draft is approved the RG will be released in August 2013, together with any accompanying regulatory documents.

Debenture shake-up following Banksia collapse

They said it would never happen again after the Westpoint collapse in 2005, but it has.  Melbourne-based Banksia, popular with retirees, ran a business of asking investors to loan them money at a specified rate of interest (normally better than the rate you would get in your local CBA or Westpac). As well as offering debentures, Banksia also lent funds to members of the public by financing residential and commercial mortgages.

Sounds like something a bank would do, so what’s the problem? Well, whilst Banksia looks and even sounds like a bank, unfortunately for its investors, a bank it is not. This means no supervision by APRA , less regulatory oversight and no depositors protection provisions or Financial Claims Scheme.

In response ASIC has released CP 199 – Debentures Reform to Strength Regulation.

The key proposals contained within CP 199 include:

- Requiring debenture issuers who raise funds from retail investors and on lend those funds to comply with mandatory capital and liquidity requirements;

- Giving trustees greater power to obtain the information that they need from the debenture issuer (and the debenture holders’ auditors); and

- Requiring that every six months the debenture issuer’s auditor reports to the trustee, and answers any trustee questions (placing more responsibility on both auditors and trustees).

Is it enough? Time will tell, but as comments were due by 28 March expect an updated RG in the not too distant future.

ASIC increase OTC derivative reforms 

Many GFC post-mortems have focused on the role which over-the-counter (OTC) derivatives, such as interest rate swaps, played in the crisis. Global commitment to OTC derivatives reform continues with Australia signing up to these commitments back in September 2009 at the Pittsburgh G20 Leaders summit.

By way of background, in October 2012 ASIC, APRA and the RBA published a report on the Australian OTC derivatives market (REP 309) and in December last year, legislation was passed giving ASIC new rule-writing powers over licensed trade repositories and reporting of derivative transactions.

Last month ASIC released CP 201 Derivative Trade Repositories, which sets out its proposed approach to granting Australian derivative trade repository licences and how to apply for them. Draft rules swiftly followed last week through CP 205, addressing which institutions will need to report to trade repositories, what information will need to be reported, and when the reporting obligation will start for different classes of reporting entities.

Under ASIC’s proposals it looks like major financial institutions (being those with at least $50 billion of notional outstanding positions in OTC derivatives on 30 September 2013) would be subject to a reporting obligation in some asset classes from 31 December 2013 and smaller financial institutions would be subject to a reporting obligation in some asset classes from 30 June 2014.

Submissions to CP 205 are due by 1 May 2013.

How CompliSpace can help

Australian Financial Services Licence holders are inundated with a raft of corporate governance obligations and an ever-growing compliance burden, which can easily distract focus away from core business activities.

CompliSpace delivers industry specific web-based policies, programs and procedures that can be quickly tailored and configured to suit an organisation’s needs and are kept up-to-date with legal and regulatory changes by our team of specialists.

Our team of compliance professionals and lawyers combine extensive expertise with practical technology-enabled solutions to simplify the complexity of the regulatory environment and allow our clients to focus on allocating resources toward improving financial performance.

Contact Details

P: +61 (2) 9299 6105 (Sydney) / +61 (8) 9288 1826 (Perth)

E:  contactus@complispace.com.au

W: www.complispace.com.au

This blog is a guide to keep readers updated with the latest information. It is not intended as legal advice or as advice that should be relied on by readers. The information contained in this blog may have been updated since its posting, or it may not apply in all circumstances. If you require specific or legal advice, please contact us on (02) 9299 6105 and we will be happy to assist.

March 2013: Workplace Relations Update for Executives On-the-Go

In this blog we cover:

• Workplace Gender Equality Act (this affects you if you have over 100 employees)
• Superannuation changes from 1 July 2013
• WHS, negligence and host employers
• Vicarious liability and harassment
• Charities: new governance regulation

Workplace Gender Equality Act – Greater Expectations

Employers with 100 or more employees should be busy preparing their first report to the new Workplace Gender Equality Agency (WGEA).  The first report to the Agency must be lodged between 1 April 2013 and 31 May 2013.  Failure to submit will result in public naming and inability to apply for government tenders.

Unlike the reports under the Equal Opportunity for Women in the Workplace Act which it replaces, the new Act requires active participation, not just number crunching. Consultation is a “principal object” under the Act, so apart from reporting on gender composition and providing remuneration data, an organisation will be required to provide information on the consultation it conducted with employees to obtain information on gender equality in the workplace.

To add more pressure on employers these annual reports will be available to employees (and shareholders, and unions) who will have the opportunity to comment, including an ability to comment to the WGEA.  In short, under the new regime there is going to be much more transparency and those organisations that attempt to fake compliance are going to find themselves at much higher levels of risk.

However, there is some good news.  The first report under the new Act is considered a “transition” report which will still focus on number crunching.  The real disclosures will be required in the 2013/2014 reporting period. Further information and the report format are available on the WGEA website.

Superannuation Changes

A number of changes to superannuation will occur from 1 July 2013. The federal government has been working hard to push through changes which are designed to boost retirement savings and hence, ease the future burden on taxpayers.  But, as always, this is a balancing act in terms of how much pain employers must bear.

The main changes from 1 July 2013 which directly affect employers include:

• The superannuation guarantee charge (SGC) is increased from 9% to 9.25%.  The next increase will occur in 1 July 2014 (another 0.25%), then annual increases of 0.5% up to a total 12% SGC by July 2019.

• Removing the age limit (currently 70) on employer contributions to mature age employees. Employers will be required to contribute to complying super funds for eligible employees aged 70 and older. This only applies from 1 July and is not retrospective (that is, you do not have to back pay to the time the employee turned 70).

• Default super funds (the super funds where an employee has not instructed the employer about which fund they want their super to go to), will be able to offer the lower-cost MySuper product as one of the options in the default fund, provided it has been authorised by APRA.  From 1 January 2014 superannuation funds will have to allocate default contributions into a MySuper product.

More information is available from the ATO’s employers’ superannuation site.

Note that where the employee is paid on a base salary, plus super basis, the increase in the SGC is borne by the employer.  Where the employer is voluntarily paying more than 9.25% super, they can generally choose to absorb the 0.25% increase without increasing the employee’s overall super contribution by 0.25%.  Future pay negotiations with existing employees (pay rises, including enterprise agreements) can include reducing future increases by the amount of the super increases.

Small businesses with 19 or less employees can use the free Small Business Superannuation Clearing House to help them allocate super contributions to multiple funds.

WHS, Negligence and “Host” Employers

In the tricky area of joint responsibility for the safety of workers, some guidance was provided by a recent NSW Court of Appeal case on how much a host employer needs to do to protect a worker who is employed by another party, but who is working on their premises.  While it was a negligence matter rather than a WHS prosecution, the Court’s approach discussed risk assessments and reasonable precautions.

In this case, a labour hire company hired out its workers to the “host” employer to move furniture. While the workers were carrying a cabinet on a trolley up a flight of stairs, one of the workers lost his footing and slipped, injuring his back.

The Court held that the host employer’s duty of care was very similar to that of an employer, and required them to take precautions against a risk of harm which a reasonable person in their position would take against a foreseeable risk.

In this case, the Court took a very common sense approach, finding that there was nothing out of the ordinary about the stairs which would have warranted the host employer taking precautions.  They went on to accept the concept that the host employer did not need to give instructions on how to carry out an ordinary everyday activity.

While this case saw a win for the host employer, care must be taken in translating this into the WHS Act arena, and definitely in interpreting the decision in relation to the duties of the actual employer.

While a host employer need not provide any precautions against ordinary stairs, an actual employer is obliged, as part of their manual handling policy, to provide instruction, training and monitoring to ensure that workers know how to carry heavy objects safely.

Harassment and an Employer’s Vicarious Liability

In a recent case, the Federal Court found Oracle Corporation vicariously liable (and fined them $18,000) for one of its employees sexually harassing another employee, over a period of time.  The employee was not fined.

This case is particularly notable because the employer had:

• Communicated a clear policy that harassment was prohibited
• Online harassment training for all staff every two years
• An established complaints procedure
• Investigated the complaint promptly and appropriately
• Taken appropriate action against the perpetrator

The judge held that the employer had not identified in their harassment policy that:

• sexual harassment is unlawful
• the legal basis making the conduct unlawful, and
• that the employer could be held vicariously liable for an employee’s sexual harassment.

This case is concerning because recent similar cases in NSW and Queensland had found that the employer was not vicariously liable for having fulfilled the same obligations (without reference to the specific wording of the policies), instead fining the harassing employee.

Most employers will be scratching their heads at this decision, wondering why the judge would think that being told that your employer would be held vicariously liable for your (prohibited) actions would stop you sexually harassing someone.

Charities: New Governance Regulation

For those of you who have involvement in charities which are receiving, or will be seeking, federal tax benefits, the federal government has finally released the governance regulations under the Australian Charities and Not for Profit Commission (ACNC) Act.  These will apply from 1 July 2013.  CompliSpace recently published a detailed blog providing an analysis with respect to these regulations.   Click here to read the blog>>>

How CompliSpace can help

All of the recent cases highlight the need for employers to have:

• legally compliant policies which are regularly reviewed for currency and relevance
• employee inductions, training, and testing to implement and embed those policies
• regular communication with employees to remind them of the policies
• a means of obtaining assurance that the policies are actually being followed.

CompliSpace’s comprehensive range of cost effective human resources policies, procedures, training and testing modules, ensure that managers and staff know what is expected of them and have key tools and information at their fingertips at all times. This enables a business to meet its workplace relations obligations while building a positive corporate culture, capturing knowledge and saving time.  For more information, contact us on the details below:

Contact Details

P: +61 (2) 9299 6105 (Sydney) / +61 (8) 9288 1826 (Perth)

E:  contactus@complispace.com.au

W: www.complispace.com.au

This blog is a guide to keep readers updated with the latest information. It is not intended as legal advice or as advice that should be relied on by readers. The information contained in this blog may have been updated since its posting, or it may not apply in all circumstances. If you require specific or legal advice, please contact us on (02) 9299 6105 and we will be happy to assist.

Newsflash: Not-for-Profit Governance Standards Enacted

As you may recall the Australian Charities and Not-for-profits Commission (ACNC) released a consultation paper on the Development of Governance Standards in December 2012 with the closing date for submissions being 15 February 2013.  

On 1 March 2013 (just two weeks after the close date), having considered approximately 100 received submissions, the government has signed off on the Australian Charities and Not-for-profits Commission Amendment Regulation 2013 (No.1).   

Unfortunately very little has changed between the consultation paper and the regulations being passed.

The five governance standards (down from six in the consultation paper), together with our observations, are as follows:

Governance Standard 1 – Purposes and not-for-profit nature of a registered entity

This standard does little more than require a registered entity to commit to a “purpose” and to give key stakeholders confidence that it is acting to further its purpose.   No doubt lawyers will be sharpening their pens to ensure that an entity’s “governing rules” are in order.   There is no guidance as to how key stakeholders may be given “confidence” that a registered entity is actually complying with its purpose.

Governance Standard 2 – Accountability to Members

The object of this standard is to ensure the accountability and transparency of a registered entity to its members.  Whilst providing that a registered entity must take reasonable steps to ensure that its members have an adequate opportunity to raise concerns about its governance practices, the standard simply outlines some “suggestions” as to how this may be achieved. For example, holding an annual general meeting, providing members with an annual report, or providing for election of its responsible entities (for “responsible entities” read “directors and officers” – more on this incredibly confusing use of language later).

Unfortunately, this concept of ‘accountability’ is restricted to members.  Given that in many organisations it is the directors that are the members, this concept of accountability becomes rather circular and not particularly useful.   There is no general requirement for organisations to have a complaints handling system in place which would have ensured accountability to a wider range of stakeholders.

Governance Standard 3 – Compliance with Australian Laws

This standard states the bleeding obvious, being that registered entities need to comply with Australian laws.  It then goes on to establish a “lowest common denominator” effect stating that registered entities must not engage in conduct that involves a criminal offence or civil fine of 60 penalty units (currently $10,200) or more.   In our respectful opinion, this hardly meets the stated objective of the standard which is to give the public trust and confidence that a registered entity is compliant.  The simple solution (as adopted by just about every other regulator) of requiring a registered entity to be able to demonstrate that they have processes in place to ensure compliance with laws (hardly a burden) seems to have been purposefully ignored.

Governance Standard 4 – Suitability of Responsible Entities

A “Responsible Entity” is a term defined in the ACNC Act 205-30 which actually refers to a director or trustee.  Our experience to date is that this concept of an “individual” being referred to as an “entity” is causing a great deal of confusion, especially as the not-for-profit or charity itself is referred to as “Registered Entity”.  So as it currently stands we have “Responsible Entities” governing “Registered Entities”.

Apart from the poor use of language this standard really doesn’t meet its stated objective of maintaining, protecting and enhancing public trust and confidence in the governance and operation of a registered entity.  In our opinion all it does is establish yet another  “lowest common denominator” test.  The only requirement for becoming a “Responsible Entity” (think director or trustee) is that you are not disqualified from managing a corporation or disqualified by the ACNC Commissioner.  Well that’s certainly giving the public trust and confidence! No skill requirements or “fit and proper person” requirements required.

For those that studied the early consultation paper you will notice that the provisions with respect to the “Disqualified Responsible Entity Register” have been moved into Governance Standard 5 at 45.150.

Governance Standard 5 – Duties of Responsible Entities (think Directors or Trustees)

Apart from absorbing the previous Governance Standard 4 – “Responsible Management of Financial Affairs” that appeared in the consultation paper, there has been little change to this standard.  In essence, it seeks to rewrite the current directors liability provisions of the Corporations Act into the ACNC regime and adds in a requirement to ensure that a registered entity’s financial affairs are managed in a responsible manner.

Under this governance standard it is the “Registered Entity” that is required to comply with the Duties of “Responsible Entities” (think directors and trustees) not the “Responsible Entities” themselves.  This places the onus on the Registered Entity to ensure that the “Responsible Entities” are made subject to the duties (we said it was confusing!).

For those charities which are moving from being ASIC regulated (from 1 July 2013) to ACNC regulated “Registered Entities” (about 6000 in number), this standard presents a “Get out of Jail Free” card, as there are no longer any fines or jail sentences for breaching directors and officers.  For the other 50,000 “Registered Entities” currently subject to state laws (usually the smaller and less complex charities) their “Responsible Entities” are still subject to quite serious sanctions e.g. the NSW incorporated associations legislation provides a maximum two year jail sentence for directors and officers.

In Conclusion

Now the new governance standards are in place the journey can start towards creating a system that actually works in practice.  The watered down nature of the standards means that they have effectively established a “lowest hurdle” and unfortunately provide little guidance as to contemporary governance standards that the Australia public expects from the sector. This being the case, our expectation is that, just as we have seen with regulatory regimes such as those established for Australian Financial Services Licensees and ASX listed entities, over the next 5-10 years we will see multiple amendments and refinements to this initial legislation.

Enterprise Risk Management Maturity Assessment Tool

Go straight to the Enterprise Risk Management Maturity Assessment Tool >>>

Enterprise Risk Management (ERM) has shot to prominence in recent years, and is now considered an essential element in the governance framework of any organisation.

The implementation of ERM programs is one of the hottest topics in boardrooms at the moment with more and more pressure being placed on executive teams to deliver ERM programs that add real value and deliver a clear return on investment.

Last year we published a series of blogs dealing with Pitfalls to Avoid When Implementing an Enterprise Risk Management Program which ignited much debate on social media sites and was subsequently republished by Corporate Risk & Insurance Magazine.

One of the key pitfalls we identified was a lack of understanding of the concept of Risk Maturity. As a fellow Australian Risk Practitioner Chantal Wiessner commented at the time:

“I would add that some organisations think they can design and implement a policy and framework and build a risk mature culture in 12 months, or in some hilarious cases 3-6 months. Implementing effective risk management practices is as iterative as risk management itself”.

CompliSpace’s free Enterprise Risk Management Maturity Assessment Tool is designed to assist directors and senior executives identify where their organisation sits in the enterprise risk management journey.

Go straight to the Enterprise Risk Management Maturity Assessment Tool >>>

Those organisations that complete the assessment will receive an individual assessment score out of 150 together with feedback as to the maturity of enterprise risk management within their organisation.

We hope you find this useful. Given the complexity of this area and vast divergence of views held by practitioners around the globe we are sure that not everyone will agree with the structure and content of this tool. That’s OK! If you have ideas as to how we can improve the tool, or if you know of a better tool, let us know by adding a comment to this blog or contacting us directly (details below).

If you are interested in Enterprise Risk Management you may also be interested in the following blogs which have been published by CompliSpace:

If You’re Not Practicing Enterprise Risk Management (ERM) You Should Be!

The New International Risk Management Standard AS/NZ ISO 31000 – What You Need To Know

Australian Business Continuity Management Standard AS/NZS 5050:2010 – A Risk Perspective

Risk Perspectives – Is poor policy management holding back your organisation?

An Employer’s Guide to Managing Social Media Risks in the Workplace

Risk Perspectives – The Commercial Litigator’s Cookbook

Integrating Business Continuity with your Enterprise Risk Program

Compliance – An Expensive Black hole or a Strategic Imperative?

How CompliSpace can help

CompliSpace combines specialist risk management consulting services with practical, technology-enabled solutions. Our risk management programs, which are designed in accordance with the International Risk Management standard ISO 31000, are delivered online and in a format that allows clients to quickly and efficiently tailor the content to their own particular specifications.

If you are looking to streamline your existing governance, risk or compliance programs and make them more relevant to your organisation give us a call. We are passionate about helping organisations to implement sustainable governance, risk and compliance solutions.

Contact Details

P: +61 (2) 9299 6105 (Sydney) / +61 (8) 9288 1826 (Perth)

E:  contactus@complispace.com.au

W: www.complispace.com.au

This blog is a guide to keep readers updated with the latest information. It is not intended as legal advice or as advice that should be relied on by readers. The information contained in this blog may have been updated since its posting, or it may not apply in all circumstances. If you require specific or legal advice, please contact us on (02) 9299 6105 and we will be happy to assist.

Australian Business Continuity Management Standard AS/NZS 5050:2010 – A Risk Perspective

Global surveys of small to medium-sized enterprises (SMEs) over the past few years candidly point to the fact the vast majority of SMEs are not prepared for a business disruption-related risk event.  Over 50% do not have a Business Continuity Management (BCM) plan in place and of those that do have a BCM plan, only about a quarter have actually been tested.

This is a major concern given that the median cost of downtime for an SME in the Asia Pacific is $14,500 per day, and while 65% of businesses believe it would take them between 1 week and 1 month to recover from a major disruption, a return to normal trading can often take 12 months or more. Simply put, without the pre-planning involved in the BCM process, most organisations will not survive a major business disruption event.

For those new to BCM the concept is pretty simple. By anticipating what types of disruptions may occur (e.g. office fire, flood) a BCM Plan can be developed to ensure that, as far as possible, the likelihood of the disruption event happening is reduced, and if it does occur, critical functions can be maintained or restored in a timely fashion, thus minimising the operational, financial, legal, reputational and other consequences arising from the disruption.

On 28 June 2010 the new Australian Business Continuity Standard AS/NZS 5050:2010 was published, joining the North American NFPA 1600 and the British BS 25999 as one of three internationally recognised business continuity management standards. AS/NZS 5050 was released shortly after the International Risk Standard ISO AS/NZS 31000 (November 2009) and, for those familiar with ISO 31000, follows the same three part model – Principles, Framework and Process – all with a BCM focus.

While the “risk based” focus of AS/NZS 5050:2010 has raised a few eyebrows within the wider BCM community, the general consensus of opinion appears to be that it provides a quality contribution to BCM thinking. It certainly provides useful guidance  for organisations that have already taken steps to implement an enterprise risk management framework based on ISO 31000, or its precedessor AS/NZ 4360.

In our view, one of the clear advantages of AS/NZS 5050 is the very fact that it is based firmly around the ISO 31000 international risk standard and, therefore, clearly establishes the link between enterprise risk management and business continuity management.

Too often in our experience, we see organisations that have engaged specialised BCM consultants to develop a business continuity plan, only to end up with a thick and complicated document unceremoniously uploaded as a PDF on the company’s intranet where it sits quietly, unread, waiting for trouble to strike. This is great for ticking regulatory boxes, but doesn’t help much if you can’t access your office and no one has been trained to deal with such a situation.  In compliance speak this is known as “lip service”.

Given that a large number of Australian businesses are embracing the new International Risk Standard ISO 31000, either through commercial expediency, or as a result of legal and regulatory obligations, we believe that AS/NZS 5050 provides a good roadmap for effectively integrating business continuity management practices into existing corporate governance infrastructure. AS/NZS 5050 may not tick all the traditional business continuity boxes (and may ruffle the feathers of associations that have built their business model around other standards), however, there is no law that says that you can’t pick the best parts of the other BCM international standards and use them to your advantage.

In Australia 78% of managers are concerned that their data recovery operations would fail in the wake of a serious incident.  This is a major concern given that IT Disaster Recovery tends to be dealt with well before most SMEs start to plan for other contingencies, such as loss of office access, or loss of a key supplier. If you have an out-of-date BCM plan, or have no such plan in place, you should seriously consider adopting the new Australian Business Continuity Management Standard.

As commercial due diligence standards continue to soar in the wake of the global financial crisis and recent natural disasters, and if you don’t think formal risk and BCM controls are necessary, you may be surprised when your marketing manager taps you on the shoulder, because your ability to clearly demonstrate your organisation’s commitment in this area may be the difference between winning or losing the next big deal.

Did you find this article helpful?  If you did, and would like to receive more articles like it, sign up to CompliSpace’s email list to receive our tailored industry blog updates, and event and webinar invitations.  Sign up here>>>

How Can CompliSpace Help?

CompliSpace combines specialist governance, risk and compliance (GRC) consulting services with practical, technology-enabled solutions. Our BCM module has been built in-line with AS/NZS 5050:2010 to ensure that clients are provided with a best practice solution.

If you have any questions about topics raised in this blog, or if you would like to find out how CompliSpace can assist you to streamline your existing governance, risk or compliance programs and make them more relevant to your organisation please feel free to contact us on the details below.

Contact Details

P: +61 (2) 9299 6105 (Sydney) / +61 (8) 9288 1826 (Perth)

E:  contactus@complispace.com.au

W: www.complispace.com.au

This blog is a guide to keep readers updated with the latest information. It is not intended as legal advice or as advice that should be relied on by readers. The information contained in this blog may have been updated since its posting, or it may not apply in all circumstances. If you require specific or legal advice, please contact us on (02) 9299 6105 and we will be happy to assist.

WHS – Personal Liability Exposure for Volunteers

While the Model Workplace Health & Safety (WHS) laws have been in place in some jurisdictions for over a year, one of the questions we are still frequently asked is “What is the personal liability exposure of volunteer directors and officers?” To address this issue CompliSpace has published a WHS whitepaper specifically designed for not-for-profit entities.

Download the WHS whitepaper here>>>

The Volunteer Director and Officer Due Diligence Obligation

Many not-for-profit organisations have volunteer board members and officers.  These volunteers have the obligation to exercise ‘due diligence’ to ensure their organisation complies with its health and safety obligations.  This obligation of ‘due diligence’ requires the volunteer director and officer to:

a)      acquire and maintain up-to-date knowledge of work health and safety matters;

b)      gain an understanding of the nature of the operations of their organisation, and understand generally the hazards and risks associated with its operations;

c)       ensure that the organisation has appropriate resources and processes to eliminate or minimise risks to health and safety arising from its operations;

d)      ensure that the organisation has appropriate processes for receiving and considering information regarding incidents, hazards and risks, and responding in a timely way to that information;

e)      ensure that the organisation has, and implements, processes for complying with any WHS duty or obligation; and

f)       verify the provision and use of the above resources and processes.

Personal Liability of a Volunteer Director and Officer

The good news is that volunteer directors and officers cannot be prosecuted under the Model Laws for failing to comply with their due diligence obligations.  This immunity, which means volunteer members are protected from criminal liability and fines under the Model Laws, is designed to ensure voluntary participation on       not-for-profit boards is not discouraged.

The immunity of volunteer board members is, however, not complete.  Significantly:

• it does not affect the prosecution of volunteer officers in their capacity as a worker, if they do not take reasonable care as a worker; and

• it does not provide protection against civil proceedings that may be taken by a worker claiming damages as a result of a volunteer board member’s breach of statutory duty and/or negligence in failing to meet his or her duty of care to exercise ‘due diligence’.

In short, while the immunity from criminal prosecution and fines will provide volunteer members with some comfort, if they choose to ignore their core obligation to exercise due diligence they still might find that their personal assets are on the line.

CompliSpace’s whitepaper provides an important briefing for directors, company secretaries and other officers of not-for-profit organisations.  Download the whitepaper here>>>

How CompliSpace can help

The WHS obligations listed above highlight the need for not-for-profit organisations to have:

• legally compliant policies which are regularly reviewed for currency and relevance
• employee inductions, training, and testing to implement and embed those policies
• regular communication with employees to remind them of the policies
• a means of obtaining assurance that the policies are actually being followed.

CompliSpace’s comprehensive range of cost effective WHS and HR policies, procedures, training and testing modules, ensure that managers and staff know what is expected of them and have key tools and information at their fingertips at all times. This enables an organisation to meet its workplace relations obligations while building a positive corporate culture, capturing knowledge and saving time.  For more information, contact us on the details below:

Contact Details

P: +61 (2) 9299 6105 (Sydney) / +61 (8) 9288 1826 (Perth)

E:  contactus@complispace.com.au

W: www.complispace.com.au

This blog is a guide to keep readers updated with the latest information. It is not intended as legal advice or as advice that should be relied on by readers. The information contained in this blog may have been updated since its posting, or it may not apply in all circumstances. If you require specific or legal advice, please contact us on (02) 9299 6105 and we will be happy to assist.