BSB61015 Advanced Diploma of Leadership and Management Assessment Resource – BSBCOM603 Plan and establish compliance management systems | Page 1 of 37 V 3.1: May 2020, Approved: QAC, Next Review:...

Compliance management systems
1. Internal and external compliance requirements
i. Preparing a research plan:
Introduction- Charity care is a no- profit organization that tends to work in two major areas community care and computer care. It has grown quickly and thus could not work on compliance management system efficiently. As an external consultant, there is need to prepare a research plan for the identification of problem so as to bring about relevant and most appropriate solution for the same.
Objective- To prepare a research plan so as to identify the internal as well as external compliance requirements for charity care.
Research methods-
In order to conduct the research, several Survey tools will be used which are broadly of two types-
Qualitative- This includes personal interview, case study, focus group, record keeping, as well as observation.
Quantitative- it is further divided into experimental and non experimental data research. For our research plan, we would use non-experimental research method such as audit reports, book keeping, organizational compliance performance figures, and compliance culture

2. Developing survey tools to capture organizational data:
To capture organizational data so as to select compliance system components suitable for organization, we need to collect data which can be done using following methods-
· Primary data collection method-
i. Questionnaire based on case study
ii. Face to face interview

iii. Focused group
iv. feedback
· Secondary data collection method
i. Audit report
ii. Internet
3. Collecting organizational data on compliance performance
i. The overall budget for the compliance management system will be $9,00,000
ii. Organizational requirements and criteria for the compliance management system-
Internal compliance management system requirement-
Risk management policy: There are appropriate procedures for risk assessment and risk treatment. The risks need to be identified, analysed, treated, monitored and reviewed. The process of risk management requires communication with all stakeholders at each stage.
Sexual harassment policy: The sexual harassment in form of behaviours like patting, pinching, touching, derogatory comments, dirty jokes, offensive text or messages, display of offensive posters is unacceptable and the Charity Care educates all the employees in such issues to avoid the incidents.
Credit card policy: Possible abuse of credit card is guarded and the card is issued only to board members, volunteers and staff members. Any breach found in the credit card use will be reported to the police by CEO.
Expense reimbursement policy: Tax invoices are mandatory for any reimbursement. For cash advances, signs are compulsory. Charity Care reimburses its staff for all kinds of authorised and reasonable expenses incurred by them such as travel expenses, meals for them, accommodation and hospitality.
Financial handling policy: There is a debt collection process, according to a decision matrix. The debt overdue for 90 days or more are liable to the legal action and is responsibility of the Manager to report.
Expenses policy: Business meals and entertainment expenses are reimbursed and should be documented in expense report. However, the meals/drinks and entertainments should not be lavish and extravagant.
Equal employment opportunity policy: Complying with the Federal Legislation, the organisation provides equal opportunities for job to all the people including indigenous people, women, disabled and those belonging to any ethnic groups. For the job applicants the recruitment procedures are fair, with merit based access to jobs.
Work health and safety policy: All the employees are provided safe working environment and has a goal of no injuries. In case of injuries, the incident report form is required to be filled and submitted at WHS Office, reporting the details like date of incident, location and type of incident.
External compliance requirements include: -
ASIC requirements: Charity Care is registered under Corporations Act 2011 which is administered by ASIC.
GST act: Charity Care is registered under GST
Competition and consumer act: Charity care follows regulations as stated by the competition and consumer act.
Privacy law: The privacy and confidentiality of all the employees and clients is protected under Privacy act 1988 and privacy principles (State Procurement Board, 2020). It is mandatory to take consent while using the sensitive information. Client’s information is never disclosed to other organisations without their consent.
Industry compliance requirements-
Collection act: controls how charities and community purpose organisations conduct appeals for public support or fundraising in Queensland. Any organisation that wants to publicly fundraise for a charitable or community purpose is governed by this act.
Criteria for the compliance management-
Compliance management system to be implemented in charity care would require enforcement of the pre stated compliance guidelines as already documented by charity care but are not enforced. Also, there is need to add several more compliance guidelines along with processes including information management and recordkeeping. Also, there is need to follow –
· internal and external
· accreditation guidelines
· policies and procedures
· legislation
· codes of practice
Also, voluntary compliance requirements such as environmental or community considerations must be adapted and strictly followed.
4. For each identified compliance requirement, researching the:
· Areas of the organisation most affected by the compliance requirements
Most affected areas include HR policies, organisation culture, Record keeping, asset management, business manager, financial management and payroll system. Lending limits, buying decisions and networking as well as communication will also be affected by the compliance requirements.
· Organisational compliance data
Compliance data of organisation as provided by CEO includes audit report, tender agreements, tax documents, financial fraud, training numbers, number of complaints received from customers, complaint handling, accident figures, lost/theft of asset, misuse of delivery truck, irrational decision of lending money, unavailability of all receipts, compliance guidelines and wrong accounting statements.
· Risks involved for non-compliance with requirements
In case of compliance failure or breaches, auditor may suspend activities and business for specific time period causing loss of fortune to the charity care. Also, there may be reputational harm to charity care leading to decreased donations and decreased business impacting the overall organisation. Issues such as theft, lost of asset, mismanagement of finances and inefficient book keeping comes under non-compliance causing major loss to firm in business making.
· Penalties for breaching compliance requirements
Breaching the compliance of recordkeeping comes under company’s act and cause major harm to company for the process of licensing. Other breaches such as WHS breach may lead to health hazard, fire act breach may cause severe accident in company, Worker compensation act breach may lead to employee turnover rate to be high, financial non-compliance may cause financial losses to firm, fraud related to asset and finances may be reported for further actions against the guilty.
· Ways of ensuring ongoing compliance with the requirements
Organization can source information on compliance obligations from a variety of organizations and publications such as
· Monitoring regulator’s websites
· Subscribing to mail lists and information services
· Becoming a member of professional groups
· Seeking advice from a legal advisor
5. Reviewing the established criteria for the compliance management system, and using these to:
· Identification of available options for a compliance management system for all of the identified compliance requirements
· Record keeping requirements - AS ISO 15489:2004 Records management. DIRKS (Designing and Implementing Record Keeping Systems) outline 8 steps for records and information management.
· AS ISO 10002:2006 Guidelines for complaints handling encourages open communication and feedback. Also, Creating customer focus as well as addressing customer needs and building customer satisfaction.
· Guidelines for managing information and records related to compliance
· Communication processes for compliance matters
· Processes for identifying, reporting and responding compliance breaches
· Reporting procedures for managing compliance
· Roles, responsibilities and accountabilities for compliance
· Comparison of the identified compliance management options against each other and the established criteria can be done as follows-
Compliance management options includes computerized financing system, asset management system, payroll check, record keeping system, networking system , communication process and strictly following of guidelines associated with compliance. These all options play vital and different roles. Impact of each option is varying. They need to be applied as per established criteria to achieve compliance goals in the organization. Also, these can be compared based on cost, effectiveness, feasibility, alignment with industrial requirements and benefits achieved from them.
· Recommendation on system components
The computerized financial management system is required, Effective leadership at the senior management to eliminate all the frauds and improve the operations at every level. The recruitment of new employees should be the responsibility of recruitment team and job descriptions need to be specified clearly. It should be done with proper public advertisement and interview process for testing the skills and knowledge.The standard No.12 helps in maintaining effective records either in hardcopies or digitally (State Archives and Records Authority of New South Wales, 2018). The organizations are accountable to comply with this standard in New South Wales.
Summary Report
1. COMPLIANCE REQUIREMENTS
    Internal compliance requirement
    external compliance requirement
    Industry requirement
    Risk management policy
    ASIC requirements
    Collection act
    Sexual harassment policy
    GST act and BAS regulations
    
    Credit card policy
    Competition and consumer act
    
    Expense reimbursement policy
    Income tax act
    
    Financial handling policy
    Privacy law.
    
    Expenses policy
    
    
    Equal employment opportunity policy
    
    
    Work health and safety policy
    
    

2. COMPLIANCE EFFECTS:
Audit report: Audit report as given by CEO indicated non compliance in several areas which needs to be worked upon at earliest so as to meet the compliance. Several areas of charity care got affected by the compliance such as,
a. TAX- Notifications from ATO regarding delayed tax is observed while researching the compliance requirements of charity care. Also, charity care does have expenses policy where all taxable expenses can be claimed. For this, there is needed to take invoice for all expenses to be claimed under tax. If tax law is well complied, there won’t be problems regarding claims as well it will provide tax benefits to charity care under fringe tax benefits law.
b. Financial reporting- As per charity receivable policy, there must be proper financial reporting within 30 days of receiving so as to continue credit. Also reminder for same is sent. Compliance to this helps to maintain free flow of credit and maintains a transparency of financial matters.
c. WHS- Work health and safety policy is well applied and adapted by the charity care as per requirement but associated tools are not kept available like fire extinguisher, medical aid provider, first aid kit etc. Compliance to this helps to maintain good employee relations giving them a sense of safety at workplace.
d. Asset management and security- Identification code on assets is missing in charity care. Also the listed assets are not at specified location. There has been misuse of asset in organization and the security for same is not well maintained allowing people to freely come and go to room where assets are kept. Compliance to this will affect company in great way by keeping a track of assets and managing them well over longer time raising profits.
e. Cash handling-misappropriation of funds- Several lends is provided irrationally by charity care. Also the funds transactions do not always match with the database reason being missing the receipts sending to head office or updating in records as required. Compliance to this will increase market value of charity care along with utilizing cash and funds in efficient manner.
f. Recordkeeping- Accounts in charity care are kept on accrual basis being busy in process. Transactions are also not well maintained which is a serious compliance issue under industry law of collect. Compliance to this is mandatory for license renewal and continuation of business.
g. Fraud- credit card policy as adapted by charity care states that the fraud associated with same needs to be controlled by informing the concerned authorities at earliest. Also, there is a fraud associated with laptops as some of them are missing. Compliance to this will help to control possible frauds.
h. Ethics- Misuse or personal use of business assets is unethical. Also the ethical compliance states that the warehouse manager who is buying laptops from a relative without comparing the market prices is unethical. There must be ethical practices in business to avoid compliance breach.
Risks
a. Legal- The Australian securities and Investments Commission(ASIC) is Australia’s corporate markets and financial services regulator. It is an independent commonwealth government body with most of its work being carried out under the corporations act 2001.
ASIC administers many acts or parts, as well as relevant regulations made under them:Corporation act 2001 and Australian Securities and Investments Commission Act 2001
Basic financial records that company may be required by law to keep: General Ledger, Cash records, Debtor and sales records, Creditor and purchase records, Wage and superannuation records, A register property plan and equipment, Inventory records, Investment records, Tax returns and calculations, Deeds, contracts and agreement.
b. Loss of assets- Loss of assets may happen because of improper management and handling or assets. This is risk for organisation as the profits earned will reduce along with harm to funds in general. Asset management system must be applied to avoid this risk. Also, locked system...