Assessment Guidelines BSBCOM603 (Plan and establish compliance management systems)

First of all, please read the case scenario (charity care) Provided.

You are an external consultant hired to conduct research into an appropriate compliance
management system for the organisation. Once you have found one fit for purpose you will present
your findings. You must:

● research internal and external compliance requirements

● analyse qualitative and quantitative information to evaluate compliance management options
● prepare a report for senior management identifying an appropriate compliance system for the
organisation.

Below are the headings for your report. For the activity to be considered complete you will need to
have addressed each of the topics that comprise these headings.

1. Research internal and external compliance requirements

i. Preparing a research plan: (in this section, discuss the research tasks you
are going to undertake. After that, please mention the proposed research
methods; including survey tools to gather qualitative and quantitative
information on, for example, organizational compliance performance
figures, compliance culture, etc.)
2. Developing survey tools to capture organizational data: (in this sections, please
mention and discussed what are the tools you are going to use to collect required data to
select compliance system components appropriate to organization. For example:
Questionnaire based on Case study, Audit report, feedback, internet.)
3. Collecting organizational data on compliance performance
i. the overall budget for the compliance management system: (In this section,
discuss required budgets for the compliance management system)
ii. organizational requirements and criteria for the compliance management system:
(in this section, please discuss about internal and external compliance
requirements and criteria for the compliance management, including information
management and recordkeeping requirements
Internal compliance requirements include: -
 Risk management policy
 Sexual harassment policy
 Credit card policy
 Expense reimbursement policy
 Financial handling policy
  Expenses policy
 Equal employment opportunity policy
 Work health and safety policy
external compliance requirements include: -
 ASIC requirements
 GST act and BAS regulations
 Income tax act
 Competition and consumer act
 Privacy law.
b. industry compliance requirements.
 Collection act
4. For each identified compliance requirement, researching the:
a. areas of the organisation most affected by the compliance requirements (In this
section, please look at the case scenario given and identify the most affected areas by
the compliance requirements. For example; recordkeeping, HR policies etc.)
b. organisational compliance data, including, for example, financial fraud, accident figures,
training numbers, customer complaints, etc.
c. risks involved for non-compliance with requirements
d. penalties for breaching compliance requirements
e. ways of ensuring ongoing compliance with the requirements.
5. Reviewing the established criteria for the compliance management system, and using these
to:
a. identify available options for a compliance management system for all of the identified
compliance requirements
b. compare the identified compliance management options against each other and the
established criteria
c. make a recommendation on system components
2. Using the information you have gathered from steps iv-vi above, prepare a summary report in
line with the headings listed below: -

1. COMPLIANCE REQUIREMENTS

a) internal compliance requirements, including information management and recordkeeping

requirements
 Risk management policy
 Sexual harassment policy
 Credit card policy
 Expense reimbursement policy
 Financial handling policy
 Expenses policy
 Equal employment opportunity policy
 Work health and safety policy
b. external compliance requirements
 ASIC requirements
 GST act and BAS regulations
 Income tax act
 Competition and consumer act
 Privacy law.
C. industry compliance requirements.
 Collection act
Internal compliance external compliance Industry requirement
requirement requirement
Internal requirements:

External requirement:

Industry requirements:

2. COMPLIANCE EFFECTS: (Describe the effects of each requirement in terms of :)

Audit report:

Areas affected, Such as

a. TAX
b. Financial reporting
c. WHS
d. Asset management and security
e. Cash handling-misappropriation of funds
f. Recordkeeping
g. Fraud
h. Ethics

Risks
a. Legal
b. Loss of assets
c. Penalties

Please use above mentioned points to fill this table based on the information given in the case
scenario (Charity care). For example

S.N Areas affected Risks Risk

Minimisation
1. Record keeping Legal risk Continuous
monitor record
keeping
activities
2. Financial fraud Penalties under Report up to
Tax law date GST. Keep
record of all the
transactions
with receipt.
 3. COMPLIANCE SYSTEMS:
a. discuss available systems, options or components, including discussion of relevant
standards for each option; e.g. risk management and implementation of a risk
management system
 Risk management

 Records management

 Guidelines for complaints handling

b. compare systems or components in terms of:
i. cost
ii. effectiveness
iii. efficiency
iv. feasibility
v. match to organisational culture
c. recommend system or components.

3.The CEO of Charity-Care has now asked you to prepare an implementation plan for your
compliance management system. Your plan will need to include:
b. specifications
c. action schedule
d. budget, with a breakdown of costs for each component of the system.

Action plan Description Timeframe Budget

Collect the Collecting information 2 day As per the company

information regarding internal and financial policy
external requirements
Risk management Identify the way about
managing the
potential risk as per
applicable rules and
regulation

Information analysis

Record keeping
management

Reporting

Evaluate the culture

A. COMPLIANCE MANAGEMENT SYSTEM

For the proposed compliance management system:

a. describe the management information system requirements

b. identify all components of the compliance management system, including any

documentation required to be developed
c. document the specifications of each component.
In this section (A, B, C), please discuss the following points:
 Asset management and security, including cash handling and fraud
 Legislative compliance (Tax, financial reporting, WHS and privacy policy)
 Recordkeeping (Confidentiality of records)
 Ethics
 Duty of care

B. PERSONNEL
For the proposed compliance management system:

 Determine personnel requirements for staffing

a. Working with existing staff
b. Extensions to job descriptions

 select suitable personnel from those available within the case study and assign key
responsibilities to each positions

Position Key responsibilities

Warehouse manager Related to Asset management and

 security

Retail manager Related Asset security and account

information

Woollongabba comm. Centre manager Duty of care and cash handling

Spring Hill community centre manager Asset management

Payroll clerk Authorizations

Accounts receivable clerk Financial Record

Accounts payable clerk Financial Record

Receptionists (Springhill and Privacy

Woollongabba)

Bookkeeper Reconciliation

C. TRAINING
Identify and describe:

a. the results of the training needs analysis to determine the level of required learning
for the company’s employees

b. the training requirements for implementing the proposed compliance management

system
 Company compliance policy
 Computerized financial accounting system
c. suitable training options for staff.
Staff/Position Suitable training options

Warehouse manager Company compliance policy

Emergency system
Retail manager

Computerized payroll system

Payroll clerk

Computerized accounting system

Accounts receivable clerk

Computerized accounting system

Accounts payable clerk
 Computerized accounting system
Bookkeeper

D. PROCESSES
Identify and describe:

a. a complaints management system

b. a strategy for developing a compliance management culture
 Better communication (e.g. effective standard of compliance is published)
 Training

Senior management focus on the communication of the value of compliance
and demonstration of management’s commitment to compliance
c. processes and procedures for identifying and managing compliance breaches,
including integration with existing policies and procedures
 Customer complaints procedures
 Notification procedures
d. processes and procedures for meeting compliance reporting requirements
 Internal control
 Policy and procedures
e. processes and procedures for internal and external liaison processes
f. performance indicators to be measured by the system so that it can be objectively
evaluated, for example:
i. individual compliance/non-compliance
ii. training numbers
iii. numbers of complaints iv. numbers of breaches
v. ratio of payroll errors/breaches to number of transactions.

E. ADMINISTRATION
Include:

a. the budget required to resource implementation (including human resources for

developing, implementing, reviewing and maintaining the proposed compliance
management system)
b. an action schedule outlining target milestones for all aspects of
implementation, including training, review and maintenance.
Implementation description Timeline Budget
Identify area of the components Comply with
compliance of compliance financial policyof
should be organization
followed as per
standards.
 4. As you have prepared the implementation plan of your compliance management system, you
are now to meet with your assessor (representing the relevant internal approval authority) to
present and defend your implementation plan, receive approval and agree on a relevant
standard to be audited against for external approval particularly on the basis of:
a. adherence to budget

b. the ability of the plan to contribute to a culture of compliance in the

organisation.

Review the observation checklist I to ensure you will present, defend, discuss and get approval of
your implementation plan as per what your assessor will be looking into.

5. The CEO of Charity-Care, based on the recommendation of your assessor, has now approved
your implementation plan for your compliance management system.

In order to build credibility for the organisation among clients, customers, and suppliers, as well as
government and regulatory authorities, you have been asked to meet with an external auditor –
representing an accredited certification body (your assessor). S/he will help you take the first steps
towards certifying the organisation with respect to, for example, AS/NZS 3806:2006 Compliance
programmes, AS ISO 10002:2006 Guidelines for complaints handling, AS/NZS ISO 31000:2009 Risk
Management – Principles and guidelines or AS ISO 15489:2004 Records management.

You will need to satisfy the auditor that the planned implementation will be compliant with the
principles set out in the relevant standards. Example questions that an auditor could ask with
respect to AS/NZS 3806:2006 Compliance programmes, for instance, could include:

How does the planned implementation of the compliance management system:?

a. Ensure commitment by top management to effective compliance throughout the

organisation?

b. Ensure the compliance policy aligns with business goals?

c. Ensure appropriate resources are allocated to the compliance program?

d. Ensure endorsement by top management?

e. Ensure compliance obligations are identified and assessed?

 f. Ensure responsibilities for compliance are set?

g. Ensure training needs are met?

h. Ensure appropriate behaviours are encouraged?

i. Ensure controls are put in place to achieve desired behaviours and outcomes?

j. Ensure performance of the compliance program is monitored, measured and

reported?

k. Ensure that the organisation can demonstrate compliance through documentation?

l. Ensure the program is continuously reviewed and improved?

You will need to answer the auditor’s questions with specific reference to the implementation plan
for the compliance management system as you have developed it. Make sure you have reviewed the
observation checklist II before you meet the external auditor.

6. As you are an external consultant hired to research, plan, implement and monitor a
compliance management system for Charity-Care, you will need to follow your plan to
train/induct personnel in their specific duties in relation to your implementation plan.
You will then need to monitor your plan by meeting with those personnel (at least two of your
classmates) at a later date to gather information on performance in accordance with your plan.

7. Finally, the CEO has asked you to provide an evaluation of the implementation of your plan.
To meet organisational requirements, you will need to prepare a report for the Charity-Care
senior management with the recommended headings below

Rep ort headings:

1. EXECUTIVE SUMMARY
Summarise content, results of monitoring.

2. ESTABLISHMENT OF SYSTEM
Describe steps taken to implement the system.

3. MONITORING METHODOLOGY

Describe the methods and approaches used to monitor performance of the system.

4. RESULTS AND ANALYSIS

Describe and analyse results of your monitoring activities.

5. CONCLUSION
Discuss overall compliance, including specific problem components of the system and success
areas. Make specific recommendations for improvement with reference to relevant standards.
identify most affected areas given in case scenario

 Record keeping
 Financial


what are the standards for complaint handling?

Risk management standard

External requirement for non for profit business organization?

Internal requirement for not for profit business organization?

Standards of record management?