Commitment 7.2:
We meet our legal and compliance obligations.
Compliance Indicators
Compliance with the Commitments will be assessed against the following Compliance Indicators. All of the applicable Compliance Indicators must be met by every ACFID Member to be considered compliant with the Code. Each of the Compliance Indicators has one or more compliance Verifiers. Verifiers are the description of evidence that is required to substantiate compliance with each Compliance Indicator. Guidance is also provided.
7.2.1 Members are registered and meet their reporting and legal obligations to the relevant authorities.
- Registration with the Australian Charities and Not-for-Profit Commission (ACNC).
- Up-to-date reporting (Financial and Annual Information Statement).
- Registers or documented records of compliance, including but not necessarily restricted to legal obligations and registrations.
Guidance
ACNC registration and reporting requirements are clearly outlined on the ACNC website which can be found in the Resources Section below.
All signatory organisations, regardless of size, are subject to a complex range of requirements and legislation – such as corporations laws, rules of incorporation of associations, fundraising and charitable institutions, privacy, equal employment opportunity principles, occupational health and safety standards, human rights and anti-discrimination, intellectual property, child protection and copyright, as well as other external obligations – such as code compliance or certifications. Registers of documented records of compliance may be presented in various ways, but will need to show that the organisation has a comprehensive understanding of its compliance obligations and actions that are due to meet those obligations. It might be presented as a table of legal and regulatory obligations, deadlines for compliance, details of regulatory bodies, who within your organisation is responsible for ensuring obligations are met, and the process they will follow to ensure compliance. An example of a Compliance Register can be found in the Resources Section below.
7.2.2 Members have organisation-wide requirements for the protection of privacy.
A privacy policy that meets the requirements of privacy legislation and which is available on the organisation’s website.
Guidance
A privacy policy should relate to the full range of a Member’s stakeholders – its supporters, workers, volunteers and the children and communities it works with. The Australian Privacy Principles and the Payment Card Industry Data Security Standard also apply to Members and should be addressed in a privacy policy. Members will find links to the privacy policies of other ACFID Members by looking at their websites.
Good Practice Indicators
The following Good Practice Indicators describe a higher standard of practice than that set out in the Compliance Indicators. While Members do not need to meet the Good Practice Indicators to be considered compliant with the Code, they will self-assess against these indicators once every three years. This provides a clear pathway for Members to strengthen and improve practice over time.
- A senior staff member with the responsibility of maintaining a register of legal and compliance obligations is appointed.
- Periodic reports are provided to the organisation governing body on legal and compliance obligations.
Good Practice Guidance
Here are some practical suggestions for your organisation to further deepen and improve practice over time.
In Australia
- All charities must be registered with the Australian Charities and Not-for-profits Commission – the ACNC.
- Your governing body and senior staff should be well informed of all the legal and regulatory obligations of your organisation in Australia and the countries you operate in. This information should be updated regularly to ensure it remains current.
- Seek legal advice from a legal firm familiar with the legal and regulatory frameworks for not-for-profit organisations or, as a minimum, seek some guidance from your auditors
- Seek guidance from the ACNC and other centres such as the Victorian Government’s Not-for-profit Compliance Support Centre or see Justice Connect.
- Establish a documented register of all of your legal and regulatory obligations, deadlines for compliance, details of regulatory bodies, who within your organisation is responsible for ensuring obligations are met, and the process they will follow to ensure compliance
- Prepare a written Annual Report for your governing body that reports your compliance with the requirements in your register of obligations
- Undertake an annual review of all obligations to ensure that compliance is being maintained and to identify any changes in requirements
- Delegate responsibility (through the governing body and/or executive) to a senior staff member (or one of its own members) to do this, for example, to the Company Secretary, Finance Manager or Office Manager.
- The delegated person should be accountable for providing this information to the governing body and ensuring the organisation remains compliant with its obligations.
- Include this responsibility in their job description and through staff performance appraisals.
- Your executive must ensure the delegated person has the necessary support throughout your organisation and its different operations to meet compliance obligations.
- Larger and more complex signatory organisations will require more rigorous and comprehensive systems and processes to ensure compliance across a multiple number of staff, volunteers, activities and locations.
- Where multiple staff are involved in compliance management, the following is recommended:
- A written or electronic manual outlining all compliance requirements, the respective responsibilities of all operational areas of the organisation, the systems to ensure ongoing compliance and how up to date is the compliance information
- A process for a regular (i.e. annual) internal audit of compliance obligations
- Regular staff training to ensure they are fully aware of their individual and organisational responsibilities.
- Where your organisation is involved in research, refer to the ACFID Guidelines and Principles for Ethical Research and Evaluation in Development.
In other countries
- The governing body and senior staff should be well informed of all legal and regulatory obligations of your organisation in each of the countries you operate in. The information should be updated regularly to ensure it remains current.
- Consult with your partners to understand all local legal and regulatory obligations which may impact operations and programming
- Undertake due diligence on all partner organisations to ensure they operate in compliance with the legal requirements of that country
- Seek legal advice from a legal firm familiar with the legal and regulatory frameworks for foreign and local NGOs or, as a minimum, seek some guidance from your auditors
- Include in Partnership Agreements the obligation for partners to keep up to date with local legal and regulatory requirements, to share this information with your organisation and to maintain their compliance
- Develop a documented register of all legal requirements in-country, updated annually and shared between the in-country partner and your Australian based organisation.
- Support any training required for partners to strengthen their capacity to meet any required obligations (e.g. such as relating to employment or child protection)
- These obligations may differ depending on whether your organisation has its own office and staff or is supporting the work of local partner organisations. In some countries, such as Ethiopia, there are complex and strictly applied regulations for foreign NGOs which have serious implications for partners if compliance is not met. Many countries, at the very least, require formal registration of foreign NGOs.
- If you employ local staff in other countries, ensure all employee obligations are met, for example, taxation, health insurance and pension contributions and if there is a need to terminate the employment of a local staff member, local legal processes are followed.