COMPLIANCE MANAGEMENT SYSTEM

BSBCOM603 Plan and establish compliance management systems – Assessment 1 Last Updated: October 2016, V. No. 1.1

Page 1 of 6

Task 1: (Portfolio) Organisational
requirements

Submission details

The Assessment Task is due on the date specified by your trainer. Any variations to this

arrangement must be approved in writing by your trainer.

Submit this document with any required evidence attached. See specifications below

for details.

You must submit both soft copies and printed copies of your answers.

Soft copies-

Upload on the eLearning to the specific submission folder with a cover page clearly indicating

your name, student id, assessment no and the unit name or put those information in the header

and footer of your documents.

Printed copies-

Submit to your Trainer with the “Assessment Cover Sheet” (Filled out and signed appropriately)

attached on top of your documents.

The Trainer/Assessor may further prompt and question in order to receive answers of

appropriate quality or if further clarification required and to validate authenticity of your

submitted work.

Assessment description

In this assessment task, you are required to review your own organisation or the Charity-Care

case study, as well as the scenario below to determine compliance requirements that are

applicable. Using this information you will need to identify and select an appropriate compliance

management system for implementation in the organisation. You will use the products of this

assessment task to complete Assessment Tasks 2 and 3.

BSBCOM603 Plan and establish compliance management systems – Assessment 1 Last Updated: October 2016, V. No. 1.1

Page 2 of 6

Scenario

You are an external consultant hired to conduct research into and propose an

appropriate compliance management system for an organisation.

You must:

● research internal and external compliance requirements

● analyse qualitative and quantitative information to evaluate compliance

management options

● prepare a report for senior management identifying an appropriate

compliance system for the organisation.

BSBCOM603 Plan and establish compliance management systems – Assessment 1 Last Updated: October 2016, V. No. 1.1

Page 3 of 6

Headings for summary report:

1. COMPLIANCE REQUIREMENTS:

a. internal compliance requirements

b. external compliance requirements

c. industry compliance requirements.

2. COMPLIANCE EFFECTS:

a. areas affected

b. risks

c. penalties

d. risk minimisation.

3. COMPLIANCE SYSTEMS:

a. discuss available systems, options or components, including discussion

of relevant standards for each option, for example risk management

and implementation of a risk management system

b. compare systems or components in terms of:

i. cost

ii. effectiveness

iii. efficiency

iv. feasibility

v. match to organisational culture

c. recommend system or components.

Procedure

1. Consider the scenario above in relation to the organisation in which you work. If you do not

have an appropriate workplace upon which to base this assessment task, you can use the

Charity-Care case study provided.

2. Meet with relevant personnel in your organisation to receive information on:

a. the overall budget for the compliance management system, including budget for

research

BSBCOM603 Plan and establish compliance management systems – Assessment 1 Last Updated: October 2016, V. No. 1.1

Page 4 of 6

b. organisational requirements and criteria for the compliance management system.

Note: If you are basing your assessment on the Charity-Care case study, you will need to

meet with your assessor to receive this information.

3. Develop a research plan which outlines:

a. research tasks to be undertaken

b. proposed research methods; including survey tools to gather qualitative and

quantitative information on, for example, organisational compliance performance

figures, compliance culture, etc.

c. a plan and budget for conducting research.

4. Develop survey tools to capture organisational data.

5. Collect organisational data on compliance performance.

Note: If you are basing your assessment on the Charity-Care case study, you will need to

meet with your assessor to receive this information.

6. Research and identify the compliance requirements that are applicable to the organisation,

including:

a. internal compliance requirements as described by organisational policy and

procedure documents

b. external compliance requirements as described by state/territory regulatory bodies

and statutory requirements, and the Australian standards for compliance, records

management and risk management

c. industry specific compliance requirements.

7. For each identified compliance requirement, research the:

a. areas of the organisation most affected by the compliance requirements

b. organisational compliance data, including, for example, financial fraud, accident

figures, training numbers, customer complaints, etc.

c. risks involved for non-compliance with requirements

d. penalties for breaching compliance requirements

e. ways of ensuring ongoing compliance with the requirements.

8. Review the established criteria for the compliance management system, and use these to:

a. identify available options for a compliance management system for all of the

identified compliance requirements

BSBCOM603 Plan and establish compliance management systems – Assessment 1 Last Updated: October 2016, V. No. 1.1

Page 5 of 6

b. compare the identified compliance management options against each other and the

established criteria.

9. Using the information you have gathered from steps 6–8 above, develop a summary report

in line with the headings required in the scenario.

10. Write a reflection on the process you undertook to research and prepare the report. Include

description of:

a. the type of research undertaken

b. the development of the research plan

c. the development of survey tools to collect required data to select compliance

d. how the budget was assigned

e. analysis of qualitative and quantitative data.

11. Submit documentation as per specifications below. Keep copies for your records. You will

need to draw on this documentation to complete Assessment Tasks 2 and 3.

Specifications

You must provide:

● a written report

● a research plan, including assigned tasks and budget allocations

● a written reflection.

Your assessor will be looking for demonstration of:

● research skills to:

○ conduct literature and internet searches

○ assist with various types of research surveys

○ assist with the analysis and organisation of research data, including qualitative and

quantitative data, using appropriate techniques.

● research management skills to:

○ develop research plans

○ manage other personnel involved in the research activity

○ manage time

○ manage finances.

BSBCOM603 Plan and establish compliance management systems – Assessment 1 Last Updated: October 2016, V. No. 1.1

Page 6 of 6

● literacy skills to write reports containing complex concepts

● knowledge of research methods and techniques suitable for conducting compliance related

research projects

● knowledge of quantitative and qualitative data analysis techniques relevant to compliance

related research

● knowledge of relevant Australian and international standards

● knowledge of elements or components of compliance program/management systems

● knowledge of relevant organisational policies and procedures.

BSBCOM603 Plan and establish compliance management systems – Assessment 2 Last Updated: October 2016, V. No. 1.1

Page 1 of 7

Task 2: (Project) Implementation
planning

Submission details

The Assessment Task is due on the date specified by your trainer. Any variations to this

arrangement must be approved in writing by your trainer.

Submit this document with any required evidence attached. See specifications below

for details.

You must submit both soft copies and printed copies of your answers.

Soft copies-

Upload on the eLearning to the specific submission folder with a cover page clearly indicating

your name, student id, assessment no and the unit name or put those information in the header

and footer of your documents.

Printed copies-

Submit to your Trainer with the “Assessment Cover Sheet” (Filled out and signed

appropriately) attached on top of your documents.

The Trainer/Assessor may further prompt and question in order to receive answers of

appropriate quality or if further clarification required and to validate authenticity of your

submitted work.

Assessment description

In this assessment task, following on from Assessment Task 1, you are required to plan and

document the compliance management system to be implemented in the organisation, and

gain approval from both the CEO, or relevant internal approval authority, and an external

auditor, prior to beginning the implementation process. You will need to respond to 2

scenarios, one for internal approval, and one for external approval.

BSBCOM603 Plan and establish compliance management systems – Assessment 2 Last Updated: October 2016, V. No. 1.1

Page 2 of 7

Scenario: Internal approval

You are an external consultant hired to conduct research into and propose an

appropriate compliance management system for an organisation.

The CEO, or relevant internal approval authority, has now asked you to prepare an

implementation plan for your compliance management system. Your plan will

need to include:

● specifications

● action schedule

● budget, with a breakdown of costs for each component of the system.

BSBCOM603 Plan and establish compliance management systems – Assessment 2 Last Updated: October 2016, V. No. 1.1

Page 3 of 7

Your plan, to fulfil organisational requirements, must be in the following format:

1. COMPLIANCE MANAGEMENT SYSTEM

For the proposed compliance management system:

a. describe the management information systems requirements

b. identify all components of the compliance management system

including any documentation required to be developed

c. document the specifications of each component.

2. PERSONNEL

For the proposed compliance management system:

a. determine personnel requirements for staffing

b. select suitable personnel from those available within the case study

c. assign key responsibilities to each position.

3. TRAINING

Identify and describe:

a. the training requirements for implementing the proposed compliance

management system

b. suitable training options for staff.

4. PROCESSES

Identify and describe:

a. a complaints management system

b. a strategy for developing a compliance management culture

c. processes and procedures for identifying and managing compliance

breaches, including integration with existing policies and procedures

d. processes and procedures for meeting compliance reporting

requirements.

e. performance indicators to be measured by the system so that it can be

objectively evaluated, for example:

i. individual compliance/non-compliance

ii. training numbers

iii. numbers of complaints

iv. numbers of breaches

v. ratio of payroll errors/breaches to number of transactions.

BSBCOM603 Plan and establish compliance management systems – Assessment 2 Last Updated: October 2016, V. No. 1.1

Page 4 of 7

5. ADMINISTRATION

Include:

a. the budget required to resource implementation (including human

resources for developing, implementing, reviewing and maintaining

the proposed compliance management system)

b. an action schedule outlining target milestones for all aspects of

implementation, including training, review and maintenance.

You will need to meet with your CEO, or relevant internal approval authority, to

present and defend your implementation plan, particularly on the basis of:

● adherence to budget

● the ability of the plan to contribute to a culture of compliance in the

organisation.

Note: If you are basing your assessment on the Charity-Care case study, you will

need to meet with your assessor in place of the CEO.

BSBCOM603 Plan and establish compliance management systems – Assessment 2 Last Updated: October 2016, V. No. 1.1

Page 5 of 7

Scenario 2: External approval

As in the above scenario, you are an external consultant hired to conduct research

into and propose an appropriate compliance management system for an

organisation.

The CEO, or relevant internal approval authority, has now approved your

implementation plan for your compliance management system.

In order to build credibility for the organisation among clients, customers and

suppliers as well as government and regulatory authorities, you have been asked

to meet with an external auditor (representing an accredited certification body) to

take the first steps towards certifying the organisation with respect to for example,

AS 3806:2006 Compliance programs, AS ISO 10002:2006 Guidelines for complaints

handling, AS/NZS ISO 31000:2009 Risk Management – Principles and Guidelines or AS

ISO 15489:2004 Records management.

You will need to satisfy the auditor that the planned implementation will be

compliant with the principles set out in the relevant standards. Example questions

that an auditor could ask with respect to AS 3806:2006 Compliance programs, for

instance, could include:

● How does the planned implementation of the compliance management

system:

○ Ensure commitment by top management to effective compliance

throughout the organisation?

○ Ensure the compliance policy aligns with business goals?

○ Ensure appropriate resources are allocated to the compliance program?

○ Ensure endorsement by top management?

○ Ensure compliance obligations are identified and assessed?

BSBCOM603 Plan and establish compliance management systems – Assessment 2 Last Updated: October 2016, V. No. 1.1

Page 6 of 7

○ Ensure responsibilities for compliance are set?

○ Ensure training needs are met?

○ Ensure appropriate behaviours are encouraged?

○ Ensure controls are put in place to achieve desired behaviours and

outcomes?

○ Ensure performance of the compliance program is monitored,

measured and reported?

○ Ensure that the organisation can demonstrate compliance through

documentation?

○ Ensure the program is continuously reviewed and improved?1

You will need to answer the auditor’s questions with specific reference to the

implementation plan for the compliance management system as you have

developed it.

Note: You will need to meet with your assessor (as the external assessor) or a

person assigned to role-play an external auditor.

Procedure

1. Review the two scenarios above in concert with the recommendations you made in

Assessment Task 1.

2. Arrange with your assessor a time, place and method to present your implementation

plan for approval and agree on a relevant standard to be audited against for external

approval.

3. Present a summary of your report to the CEO for approval. Prepare to answer questions

on your proposed plan from your CEO, or other internal approver, (who may be your

assessor) on how your planned system adheres to budgetary constraints set in

Assessment Task 1 and contributes to an organisational culture of compliance.

4. Answer questions from an external auditor (your assessor) on how the proposed

compliance management system adheres to principles of the relevant standard agreed in

advance with your assessor.

5. Submit documentation as per specifications below. Keep copies for your records. You

will need to draw on this documentation to complete Assessment Task 3.

1 Adapted from AS 3806:2006 Compliance programs, Standards Australia, p. 7.

BSBCOM603 Plan and establish compliance management systems – Assessment 2 Last Updated: October 2016, V. No. 1.1

Page 7 of 7

Specifications

You must provide:

● a written implementation plan, including specifications, budget and action schedule.

Your assessor will be looking for:

● your ability to contribute to a positive culture of compliance within an organisation

● interpersonal skills to relate to internal and external personnel

● literacy skills to write reports containing complex concepts

● knowledge of relevant Australian and international standards

● knowledge of elements of compliance program/management systems

● knowledge of relevant organisational policies and procedures

BSBCOM603 Plan and establish compliance management systems – Assessment 3 Last Updated: October 2016, V. No. 1.1

Page 1 of 4

Task 3: (Written Report) Establish,
monitor and review plan

Submission details

The Assessment Task is due on the date specified by your trainer. Any variations to this

arrangement must be approved in writing by your trainer.

Submit this document with any required evidence attached. See specifications below

for details.

You must submit both soft copies and printed copies of your answers.

Soft copies-

Upload on the eLearning to the specific submission folder with a cover page clearly indicating

your name, student id, assessment no and the unit name or put those information in the header

and footer of your documents.

Printed copies-

Submit to your Trainer with the “Assessment Cover Sheet” (Filled out and signed appropriately)

attached on top of your documents.

The Trainer/Assessor may further prompt and question in order to receive answers of

appropriate quality or if further clarification required and to validate authenticity of your

submitted work.

Assessment description

In this assessment task, following on from Assessment Task 2, you are required to establish the

compliance management system within the organisation, and then report on your monitoring

and review of the system.

BSBCOM603 Plan and establish compliance management systems – Assessment 3 Last Updated: October 2016, V. No. 1.1

Page 2 of 4

Scenario

You are an external consultant hired to research, plan, implement and monitor a

compliance management system.

You will need to follow your plan to train personnel in their specific duties in

relation to your implementation plan.

You will then need to monitor your plan by meeting with those personnel at a later

date to gather information on performance in accordance with your plan.

Finally, the CEO has asked you provide an evaluation of the implementation of

your plan. To meet organisational requirements, you will need to prepare a report

for senior management.

Report headings:

1. EXECUTIVE SUMMARY

Summarise content, results of monitoring.

2. ESTABLISHMENT OF SYSTEM

Describe steps taken to implement the system.

3. MONITORING METHODOLOGY

Describe the methods and approaches used to monitor performance of the

system.

4. RESULTS AND ANALYSIS

Describe and analyse results of your monitoring activities.

5. CONCLUSION

Discuss overall compliance, including specific problem components of the

system and success areas. Make specific recommendations for improvement

with reference to relevant standards.

Procedure

1. Review the scenario above.

2. In accordance with your implementation plan, developed and approved in Assessment

Task 2, meet with the managers and operations personnel that you have assigned to

BSBCOM603 Plan and establish compliance management systems – Assessment 3 Last Updated: October 2016, V. No. 1.1

Page 3 of 4

positions implementing the compliance management systems to train them in their

specific duties:

a. explain the components of the compliance management system

b. describe the compliance management responsibilities for all personnel

c. outline each person’s duties with regard to reporting , including what methods,

tools, templates they should use to supply information to you. For example, you

might use negotiated performance measures such as KPIs and scorecards,

questionnaires and surveys, oral questioning, etc. Consider performance with

respect to , for example, achieving performance targets for outcomes such as a

particular number of complaints, achieving performance targets for processes or

management such as regular reporting, following procedures.

Be prepared to clarify misunderstandings and answer questions.

Note: If you are basing your assessment on the Charity-Care case study, your assessor

will need to assist with this step.

3. In accordance with your plan, meet with the managers and operations personnel that

have been implementing the compliance management system and:

a. monitor the operation of the compliance management system, using the methods

and approaches you outlined in your initial meeting with personnel

b. review and evaluate the implementation of the compliance management system.

Analyse relevant qualitative and quantitative data. Use benchmarking data, if

available, to compare the organisation to like organisations

Note: If you are basing your assessment on the Charity-Care case study, your assessor

will need to assist with this step.

4. Develop a management report in accordance with the requirements outlined in the

scenario above.

5. Submit documentation as per specifications below. Keep copies for your records.

Specifications

You must provide:

● a written management report.

Your assessor will be looking for:

● ability to contribute to a positive culture of compliance within an organisation

BSBCOM603 Plan and establish compliance management systems – Assessment 3 Last Updated: October 2016, V. No. 1.1

Page 4 of 4

● research skills to assist with the analysis and organisation of research data, including

qualitative and quantitative data, using appropriate techniques

● interpersonal skills to relate to internal and external personnel

● literacy skills to write reports containing complex concepts

● knowledge of quantitative and qualitative data analysis techniques relevant to compliance

related research

● knowledge of relevant Australian and international standards

● knowledge of elements of compliance program/management systems

● knowledge of relevant organisational policies and procedures

BSBCOM603 Plan and establish compliance management systems – Assessment Case Study Last Updated: October 2016, V. No. 1.1

Page 1 of 28

Charity-Care Case study

Background

You are an external consultant hired to conduct research into and propose an

appropriate compliance management system for a large non-profit charity ‘Charity-

Care’. Charity-Care is based in Brisbane and is a public company that is limited by

guarantee under the Corporations Act 2001. It is registered as a charity under the

Collections Act 1966. The organisation has grown quickly to its current size from its

single centre opening just two years ago. Charity-Care is registered for GST and has

an ABN 21 745 368 027.

Charity-Care employs about 50 employees who are assisted in various charity tasks

by community volunteers. Charity-Care operates two major front line community

services:

● Community-Care – two 100sqm first floor drop-in office centres operating in

Spring Hill on Brisbane’s Northside and Wooloongabba on Brisbane’s

Southside and provides counselling services, short term ‘rent loans’ and $20

supermarket gift food vouchers for people in need. Each centre has a manager,

receptionist, office clerk and four counselling staff, and is fitted out with a

reception/waiting room, two counselling offices and a staff general office area

that includes a kitchenette. Private information is collected on people seeking

the counselling services and recorded in a central database that can be accessed

from all centre computers. Volunteer staff operate the call centre and visits

seeking donations from local businesses and households.

● Computer-Care – a retail business on the CBD fringe that specialises in selling

re-conditioned second-hand ex-government computers to needy families for

children’s educational purposes. The small 70sqm shop is supported by a

1,000sqm warehouse and repair centre in Fairfield, a Brisbane suburb. 50% of

the computers are picked up from the shop and 50% are delivered from the

warehouse. Computers for repair are dropped off and picked up from the

warehouse. Repair costs are paid by the customers to the service centre staff.

There is a manager of the Computer-Care initiative who manages both the shop

with its 15 employees as well as the warehouse (eight employees) and service

centre (four employees).

Head office for Charity-Care is based in Fortitude Valley. This is where the CEO and

you as the business manager have offices. There is a board room, reception/waiting

BSBCOM603 Plan and establish compliance management systems – Assessment Case Study Last Updated: October 2016, V. No. 1.1

Page 2 of 28

area and an open office area where the accounts payable, accounts receivable, payroll

clerk and bookkeeper each have a workstation.

Key personnel

● Charity-Care CEO – Joan Murphy

● Charity-Care business manager – Jo Tully

● Computer-Care warehouse manager – Jack O’Toole

● Computer-Care retail manager – Mary Taylor

● Woolloongabba Community-Care centre manager – Judith Moore

● Woolloongabba Community-Care centre receptionist – Peggy White

● Spring Hill Community-Care centre manager – Helen Ng

● Spring Hill Community-Care centre receptionist – Julie Jones

● Charity-Care bookkeeper – Jenny Aviel

● Charity-Care payroll clerk – Tom Brown

● Charity-Care accounts receivable clerk – Maggie Saldais

● Charity-Care accounts payable clerk – John Tomlin

BSBCOM603 Plan and establish compliance management systems – Assessment Case Study Last Updated: October 2016, V. No. 1.1

Page 3 of 28

Organisation structure

Funding

Community-Care

Community-Care receives regular funds from a philanthropist entrepreneur who

gives a portion of the annual profits from his electrical retail business to the charity.

In this last year this has amounted to about $800,000 p.a. The call centre raises about

$300,000 per annum from local businesses and households.

Board of
Directors

Joan Murphy
CEO

Computer-Care

Jack O’Toole
Warehouse

Manager

Repair
Staff

Warehouse
Staff

Delivery
Staff

Volunteers

Mary Taylor
Retail Manager

Sales
Staff

Community-Care

Judith Moore
Woolloongabba
Centre Manager

Peggy White
Receptionist

Counsellors

Office
Staff

Volunteers

Helen Ng
Spring Hill

Centre Manager

Julie Jones
Receptionist

Counsellors

Office
Staff

Volunteers

Head Office

Jo Tully
Business
Manager

Maggie Saldais
Accounts

Receivable

John Tomlin
Accounts
Payable

Tom Brown
Payroll

Jenny Aviel
Bookkeeper

BSBCOM603 Plan and establish compliance management systems – Assessment Case Study Last Updated: October 2016, V. No. 1.1

Page 4 of 28

Computer-Care

Computer-Care turns over $1,700,000 per annum: $1,400,000 from the retail business

and $300,000 in repair charges. The profit margins are small but the overall net profit

is $150,000 p.a. supported significantly by the landlord of the fringe CBD shop

providing it rent-free for the first five years.

Policy framework

The CEO has explained to you that the organisation has grown quickly and the

management and compliance systems have not had a chance to catch up. Issues were

found with the last audit and there has been some disquiet from the association’s

stakeholders about the way the association has been managed – particularly with the

cash handling processes and keeping of transaction records. The business manager is

totally focused on providing the best possible outcomes for the clients. He is very

passionate about making sure they are looked after but does not really worry too

much about issues of control or compliance. The culture of the business is focussed

on having a good time while helping the community.

The CEO went on to say that many policies are documented; however, there still

remains some training and motivational issues in relation to implementing them

appropriately. Some of the policies include:

● risk management policy

● sexual harassment policy

● credit card policy

● expense reimbursement

● financial handling policy

● expenses policy

● equal employment opportunity policy

● work health and safety policy.

In asking you to help plan and establish the compliance management system for

Charity-Care the CEO has handed you the current documents relating to the policies

and procedures. The CEO has also explained that the association has many

compliance requirements under the associations act, tax law, and tender agreement.

The CEO has also asked you to look into the option of implementing a computerised

financial management and payroll system.

BSBCOM603 Plan and establish compliance management systems – Assessment Case Study Last Updated: October 2016, V. No. 1.1

Page 5 of 28

Audit report

You review the previous year’s audit report to management and note some of the

issues that the CEO explained still have to be considered and dealt with where

needed. The CEO said that the last external audit cost a fortune because there were so

many issues with internal controls.

Issues uncovered during the audit include:

● Over 40% of the computer spare parts for Charity-Care are purchased from

‘Compute IT’ – a business that is owned by the warehouse manager’s family.

● The banking of the repair payments from customers does not agree with the

total of the receipts issued.

● A cheque was paid to ‘Cheap Computers r Us’ for $2,300 but there was no

evidence that the goods had been received.

● There are accuracy errors with stock takes in the computer retail store.

● There are laptops missing from the warehouse. Possible fraud.

● There is a lack of prescribed levels on lending limits.

● There has been inappropriate use of organisation’s assets.

● There are assets on the asset register that are not in their listed location.

Particularly in regard to printers.

● Some significant transactions are being recorded in the wrong accounting

period according to accrual accounting standards.

● There are some notifications from the ATO regarding late lodgement of tax and

monthly BAS returns.

A visit to the warehouse uncovered the following:

● The warehouse manager said, “Not all customers want us to give them a receipt.

They just pay the money and go. That’s why our banking doesn’t always agree with our

cash receipts duplicates.”

● When you asked about the suppliers that the warehouse manager purchases

spare parts from he said, “Compute IT are great with delivery times and I know the

owners really well so I get everything at a good price.”

● The warehouse manager explained further that, “Computers move through here so

fast it is hard to keep up. So we don’t always record movement in and out of the laptop

store room. We just count it at stock take time.”

BSBCOM603 Plan and establish compliance management systems – Assessment Case Study Last Updated: October 2016, V. No. 1.1

Page 6 of 28

● When asked about the cash handling the warehouse manager said, “We are a

long way from head office here. So, sometimes I use the proceeds from the repairs to

purchase equipment for the warehouse or to repair machinery that needs fixing.”

● One of the warehouse staff said that while most of the goods come into the

warehouse via the goods-inward system, sometimes the deal is too good and

they go to the supplier and purchase the goods direct and put them into stock.

Since the goods come into the warehouse from the charity’s van, it is not

checked by the goods-inward clerk, “A bit like the time we got five laptops from

Cheap Computers ‘r Us for a killer price.”

● At your visit to the warehouse you notice that the laptops are all kept in one

place in a room but there is no lock on the door and it is located near the exit to

the building. The manager has already explained how he gets “…volunteers that

come and help with the stock management when they get a large delivery. They clean

up the computers and make them ready for sale. It’s great. They just come and go as

they are able to.”

● One of the repair staff said, “The warehouse manager lets me take the delivery truck

for the weekend sometimes. Especially if I have some things to move from home. He does

not have an issue with it. I think it’s great!”

A visit to the retail store uncovered the following:

● Speaking with the manager of the computer retail store you discover that stock

takes are done late Friday afternoon rather than Saturday afternoon when the

store is shut and, to speed things up, the count is done by individuals and not

by teams of two as required in the policy and procedures.

● The retail manager did not think there was any need to have a contingency

plan for a fire or any other disaster. She explained that nothing had happened

to date and could not see anything bad happening in the future.

● The retail store manager said in response to the job descriptions for the staff,

“All Charity-Care employees are pretty switched on. None of the managers need to tell

them what to do because they all know. Anyway we are all so hands-on that the

employees can ask us personally if there is a problem. They don’t need job descriptions.”

● The retail store manager said that, “Some days it is so busy that we miss the bank.

On those days we hide the cash takings in the draw under the cash register.”

● One of the sales people said in response to a question you asked about business

people coming in to the shop to buy computers, “Yeah, we usually charge those

people a bit more than when families buy computers. We don’t give them the same good

deal we give families because business people can afford it.”

BSBCOM603 Plan and establish compliance management systems – Assessment Case Study Last Updated: October 2016, V. No. 1.1

Page 7 of 28

A visit to the counselling centres uncovered the following:

● When inquiring about the way the data was kept on people seeking counselling

services you noted that there was no password login on the computer or on the

client database. The receptionist at Spring Hill was able to show you the name,

address, phone number, counsellor notes on all the clients that had visited in

the past week.

● The Spring Hill receptionist also explained that sometimes the counsellors were

too busy to see people and that she would have a chat to the client in the

waiting room. She said that “I have learned a lot from hearing the counsellors chat in

the tea room and I have a pretty good idea of how to handle people with social and

family needs.”

● You asked the receptionist at Spring Hill about the how the banking of the

donations is done and she explained that she gets the same people who collect

the money to prepare the bank deposits and take it to the bank. “I just don’t have

the time … and besides I can’t leave here,” she said.

● When talking with one of the counsellors you note that they say, “We don’t

really have a limit to lend to in relation to rent loans for clients. We all just use our best

judgement.”

● In asking about the records relating to the rent loan scheme the counsellor

showed you the form they complete. “I just look up the number on the last loan I

gave and add a number to it to get the new number. I enter this number at the top of the

form here.”

● The managers reported that there was no real forward planning budget. “We

just ring in and get approval for any expenditure we want to do,” was the

Woolloongabba centre manager’s response.

● In commenting on the number of printers in the Spring Hill centre the manager

said, “We do twice the amount of paper work here as the Woolloongabba centre so I got

them to send over two of their printers.” You also note that there is no asset

identification code on the printers.

● None of the employees reported that they were ever tested by managers in

regard to their knowledge about privacy issues of client data and said that they

had not received any information regarding client complaints about their work.

At the head office:

● The CEO said that the business manager is the one who should to sign off on all

employment positions; however, you note that the warehouse manager had

told you that “I just employ the people I need to help with the computer repairs. It’s

BSBCOM603 Plan and establish compliance management systems – Assessment Case Study Last Updated: October 2016, V. No. 1.1

Page 8 of 28

very technical and the business manager wouldn’t know a good repairman from a bad

one.”

● The business manager explained that sometimes the monthly financial reports

are not received from the satellite operations until well past the 20th of the

following month when they should be out on the 10th.

● You ask the CEO about job descriptions and she says that she has prepared all

the job descriptions for the managers but has left it to the business manager to

prepare the job descriptions for the operational staff.

● When you asked the bookkeeper about her recent training and professional

development she said that she had been too busy for the past couple of years to

do any. “The last professional development I did was a few years ago in regard to

changes in the Fringe Benefits Tax law,” she said.

● The bookkeeper also explained that she keeps the details of what is owed under

the rent loan system but the centres also keep a separate set of records about

monies paid out and monies received. “Reconciling these two sets of records is a

nightmare,” she said, “It’s so much work reconciling accounts that the centres are

very protective whenever I ask to do one. They think I don’t trust them, but it’s just my

job. The managers tend to back up the centre staff and not us at head office trying to

run the checks.”

● The bookkeeper explained that while they are supposed to be keeping the

accounts on an accrual basis, “…sometimes it just gets too busy to do the end of

month adjustments so we don’t always do it.”

● The bookkeeper explained that no one comes to check on her work, “Everyone is

so focused on providing help for the clients, no one really knows or cares about the

recording of the financial information. Sometimes I wish we had a better computerised

accounting system that integrated all aspects automatically. The lack of support for the

importance of control systems is pretty demoralising. Sometimes I feel like saying, ‘If

they don’t care why should I?’”

● The bookkeeper explained that she seemed to get most of the client complaint

calls. She would take down all the details and pass it on to the previous

business manager. She was not sure how these complaints were dealt with but

she thought that the number of complaints was increasing.

● The payroll clerk explained that he had not been given any training on the

computerised payroll system so he did most of the work manually and only

entered the totals into the system. He also said that he got no paperwork

regarding pay rate changes, just a verbal chat with the previous business

manager, “I just took down notes as she spoke.” He further explained, “I keep all the

staff records in the filing cabinets that are used by the accounts clerks as well.

BSBCOM603 Plan and establish compliance management systems – Assessment Case Study Last Updated: October 2016, V. No. 1.1

Page 9 of 28

Sometimes they forget to lock them and I find them open in the morning when I come to

work.”

● The payroll clerk explained that sometimes the timesheets come to him for

payment but they are not signed. He tries to get them signed but sometimes

there is no time so he just processes them without a signature.

● The accounts clerks said that, “Everyone just sticks with what they know best. No

one rotates or changes roles. It’s too much to learn anyway.”

BSBCOM603 Plan and establish compliance management systems – Assessment Case Study Last Updated: October 2016, V. No. 1.1

Page 10 of 28

Charity-Care Policies and Procedures

Work health and safety policy

Charity-Care cares about the safety of its people and recognises that injuries result in

needless suffering to individuals and their families.

We Charity-Care is committed to providing a safe and healthy work environment for

its employees, contractors and visitors.

All Charity-Care employees, whatever their role, carry the primary responsibility to

ensure that the work they undertake or supervise is carried out safely and without

injury. Charity-Care’s first priority must always be the well-being of its employees.

No task is so important that a person’s safety is put at risk. All accidents are

preventable and Charity-Care is therefore, committed to the goal of ‘no injuries’.

In the event of a workplace hazard or injury, an incident/hazard report form must be

completed and submitted to the workplace health and safety office. The form must

detail:

● incident date

● name of person submitted report

● time of incident/hazard

● location of incident/hazard

● incident/hazard type

● description of incident/hazard

● persons involved

● witnesses

● injuries sustained

● description of injuries

● actions taken to minimise hazard or reduce risk post incident.

Equal employment opportunity policy

In keeping with the federal government legislation to promote equal employment

opportunity Charity-Care is committed to the promotion of equal opportunity for all

BSBCOM603 Plan and establish compliance management systems – Assessment Case Study Last Updated: October 2016, V. No. 1.1

Page 11 of 28

persons including women, people of Aboriginal and Torres Strait Island descent,

people of all racial and ethnic groups and people with disabilities.

Equal employment opportunity means that merit and equity will form the basis of all

employment, training, and promotion decisions that affect employees at the

workplace.

Charity-Care accepts that as an employer it has a responsibility to eliminate and

ensure the continued absence from within its structure any source of direct or

indirect discrimination on the basis of any factors not related to work performance

including race, colour, national or ethnic origin, nationality, sex, marital status,

pregnancy, age, status as a parent or carer, political conviction, social origin or

impairment.

In practice, Charity-Care’s EEO policy means:

● For job applicants:

○ fair recruitment procedures

○ opportunities for non-traditional jobs for women and men

○ merit-based access to jobs for members of designated groups including

people of Aboriginal and Torres Strait Island descent, people of all racial

and ethnic groups and people with disabilities.

● For employees:

○ no unjustified barriers to advancement for all members of staff

○ elimination of unjustified discrimination in selection and promotion

processes

○ appropriate training and development opportunities for all staff,

including women and members of designated groups

○ opening up of business decision making processes to staff.

Charity-Care is committed to the principles of the legislation and seeks your support

in implementing the equal opportunity program.

Expenses policy

The purpose of this policy is to ensure you are properly reimbursed for out of pocket

expenses related to direct expenses for work-related activities, and that Charity-Care

is able to claim on taxable expenses.

BSBCOM603 Plan and establish compliance management systems – Assessment Case Study Last Updated: October 2016, V. No. 1.1

Page 12 of 28

Meals and entertainment

As a general rule, meals and entertainment necessary for the conduct of business

should not be lavish, extravagant or unreasonably costly.

The business meal/drink

A meal is classed as a business meal and is reimbursable when the purpose of the

meal is a business discussion in line with business goals.

One employee may not entertain another except when a client is present or:

● When one employee is away from home.

● When the discussion cannot, for reasons of privacy or other pertinent business

purposes, be conducted on business premises.

In order to qualify for business use, the entertainment must:

● Be fully documented and explained in the expense report.

● Be for a business purpose and not just general goodwill.

Reimbursement of small expenses/temporary cash advance

In some situations, it may be necessary to use cash and claim the reimbursement of

these expenses via a cheque requisition or petty cash.

● Always obtain a tax invoice or Charity-Care may not be able to reimburse you.

● Parking expenses incurred while working will be reimbursed against receipts.

● Until previous cash advances have been accounted for, further cash advances

are not allowed. You must reconcile all cash advances and attach appropriate

receipts with an expense statement.

● You will be required to sign for the advance before it is issued.

● An expense reimbursement form must be completed and submitted with

receipts to claim reimbursement. The form must detail:

○ employee name

○ date of purchase

○ department

○ expense type

○ description

○ client ID number

BSBCOM603 Plan and establish compliance management systems – Assessment Case Study Last Updated: October 2016, V. No. 1.1

Page 13 of 28

○ purchase amount.

Financial handling policy

Authority to sign cheques

Purpose

To spell out procedures that must be followed in the signing of cheques on behalf of

Charity-Care.

Procedure

● All cheques must contain two eligible signatures.

● Eligible signatories are board members or staff members who have been

previously nominated and endorsed by the board.

● Any two of the above have the authority to sign cheques.

● Signatories cannot sign a cheque made payable to themselves.

● A list of all cheques issued each month will be provided to the treasurer.

Expense reimbursement

Purpose

To spell out procedures that must be followed in the reimbursement of expenses

incurred on behalf of Charity-Care.

Policy

Charity-Care will reimburse its staff (including volunteers) any reasonable and

authorised expenses incurred by them on behalf of Charity-Care or in the course of

Charity-Care business.

Procedure

1. Charity-Care will not reimburse staff for:

○ Expenses claimed by an employee as a tax deduction.

○ Expenses normally recoverable from a third party.

○ Claims for purchases that are required to be made under a Charity-Care

purchase order.

○ Expenses that are not incurred for business purposes.

BSBCOM603 Plan and establish compliance management systems – Assessment Case Study Last Updated: October 2016, V. No. 1.1

Page 14 of 28

○ Late payment interest on credit cards.

○ Parking, traffic, or other fines and penalties.

2. In travel expenses:

○ Employees will be reimbursed for the most direct and economical mode

of travel available, considering all of the circumstances.

○ Employees will not be reimbursed for additional costs incurred by taking

indirect routes or making stopovers for personal reasons.

○ Use of an employee’s own vehicle for work-related travel will be

reimbursed by way of an all-inclusive mileage allowance.

○ Trip cancellation insurance will be reimbursed.

3. For accommodation:

○ Employees will be reimbursed for moderate accommodation expenses,

considering all of the circumstances.

○ Employees will not be reimbursed for items of a personal nature charged

to a hotel account.

○ When accommodation is provided by an employee’s friend or relative to

whom the employee gives money or a gift as compensation or as a sign of

appreciation, the employee may claim an overnight accommodation

expense in accordance with per diem rates.

4. For the employee’s own meals:

○ Employees will be reimbursed for reasonable and appropriate meal

expenses actually incurred while on Charity-Care business.

5. When the staff member is offering hospitality on behalf of Charity-Care:

○ Employees will be reimbursed for hospitality expenses incurred in the

course of Charity-Care business, as appropriate.

○ Appropriate hospitality charges include events hosted or sponsored for

the purpose of promoting Charity-Care’s work or enhancing its image,

and include meals that are related to the transaction of Charity-Care

business.

○ When Charity-Care employees dine together while on Charity-Care

business, it is appropriate for the senior person (if any) to arrange

payment and submit the claim for reimbursement.

6. Reimbursement of reasonable but unauthorised expenses may be made at the

discretion of the Business Manager.

BSBCOM603 Plan and establish compliance management systems – Assessment Case Study Last Updated: October 2016, V. No. 1.1

Page 15 of 28

7. Advance payments may be authorised where appropriate. Such payments will

be subtracted from the amount of any later reimbursements. If expenditure is

not for whatever reason incurred then any advance payments made, or any

unspent portion of such payments, must be returned.

8. Staff are authorised to approve expenses to the amount specified in their

individual job description, and for expenditure above this level must seek

specific authorisation from their supervisors.

9. Receipts, invoices, vouchers, tickets, or other evidence of such expenditure

must be retained for all purchases and expenses.

10. Staff incurring authorised expenditure must submit requests for

reimbursement to the designated person, using the expense reimbursement

form. The completed form must be signed by the applicant.

11. Expense reimbursement forms must be presented with all relevant original

receipts, invoices, vouchers, tickets, or other evidence …

BSBCOM603 Plan and establish

compliance management systems
Presentation 1

Purpose of this presentation
At the end of this session, you should know how
to:
 Identify the need for compliance.
 Interpret compliance standards and

requirements.
 Establish compliance culture.
 Identify the compliance manager’s role.

Stages of compliance
program development

Commitment Implementation Monitoring and measuring
Continuous

improvement

Presenter
Presentation Notes
AS 3806-2006 Compliance Programs outlines 4 stages based on 12 principles for compliance:

1. Commit to obligations
2. Align with organisational strategy and objectives
3. Allocate resources
4. Endorse strategy
5. Identify obligations
6. Establish responsibilities
7. Provide training
8. Create culture
9. Establish controls
10. Measure performance
11. Demonstrate compliance
12. Continuously improve

Compliance standards
 Compliance requirements:

 internal and external
 accreditation guidelines
 policies and procedures
 legislation
 codes of practice.

 Can also include voluntary compliance
requirements such as environmental or community
considerations.

Presenter
Presentation Notes
Organisation’s can source information on compliance obligations from a variety of organisations and publications such as

Monitoring regulator’s websites
Subscribing to mail lists and information services
Becoming a member of professional groups
Seeking advice from a legal advisor
Attending industry forums

Compliance standards
 Compliance must also incorporate Risk

management as outlined in:
 Australian/New Zealand

Standard
AS/NZS/ISO
31000:2009
Risk management –
Principles and
guidelines
(formerly AS/NZS
4360:2004)

Risk assessment

Establishing the context

Risk identification

Risk analysis

Risk evaluation

Risk treatment

M
on

ito
rin

g
an

d
re

vi
ew

Co
m

m
un

ic
at

io
n

an
d

co
ns

ul
ta

tio
n

Presenter
Presentation Notes
The steps of risk identification and analysis contribute significantly in compliance management. A organisation must be able to assess the risk presented to it by failure to comply with obligations and requirements.

Risk analysis requires consideration of:

How likely the risk is to occur
The expected consequences of the risk occurring

Compliance standards
 Compliance requirements are outlined in

legislation including:
 Occupational Health and Safety
 Privacy
 Corporations Act
 ASIC Act
 The Fair Work Act.

Presenter
Presentation Notes
The Australian Securities and Investments Commission governs the operation of business and corporations by ensuring directors and office holders carry out their duties properly. They administer the:
Corporations Act 2001
Australian Securities and Investments Commission Act 2001

www.asic.gov.au is a good source of information on company compliance requirements, particularly with regard to financial operations.

Compliance culture
 Senior management is responsible for establishing a

culture where:

‘…the values, ethics and beliefs exist and
interact with the organisation’s structures and
control systems to produce behavioral norms
that are conducive to compliance outcomes.’

Presenter
Presentation Notes
Compliance culture must be established by example – management must model the expected behaviour.
�Expectations and standards must be communicated throughout the organisation so that everyone understands what is required.

Priority must be placed on compliance by investing resource in the appropriate systems and training.

The compliance manager
 The role of the compliance manager requires

significant technical and interpersonal skills:
 research skills
 communication

Presenter
Presentation Notes
Research process
Problem identification
Research design
Data collection
Analyse and interpret data
Dissemination of results

Communication
Methods of communication:
Presentation
Written communication
Reporting

The next step
You should now be able to:
 Identify the need for compliance.
 Interpret compliance standards and

requirements.
 Establish compliance culture.
 Identify the compliance manager’s role.

  • Establish compliance culture
  • Purpose of this presentation
  • Stages of compliance �program development
  • Compliance standards
  • Compliance standards
  • Compliance standards
  • Compliance culture
  • The compliance manager
  • The next step

BSBCOM603 Plan and establish

compliance management systems
Presntation 2

Purpose of this presentation
At the end of this session, you should know how
to:
 Identify elements of compliance system.
 Identify personnel requirements.
 Identify resource requirements.
 Document the compliance system.

Compliance systems
 Elements of compliance systems:

 strategy
 processes
 people.

 Systems must consider:

 cost
 efficiency
 feasibility.

Strategy

People Processes

Presenter
Presentation Notes
Record keeping requirements – AS ISO 15489:2004 Records management:
DIRKS (Designing and Implementing Record Keeping Systems) outlines 8 steps for records and information management.

Gathering information for compliance – AS ISO 10002:2006 Guidelines for complaints handling:
Encouraging open communication and feedback.
Creating customer focus.
Addressing customer needs and building customer satisfaction.

Personnel requirements
 Roles and responsibilities.
 Consultants and advisors.
 Training:

 formal and informal.

Senior
Management

Line Manager

Employees

Line Manager

Employees

Line Manager

Employees

Chief
Compliance

Officer

Compliance
Management

Team

Presenter
Presentation Notes
Consultants and advisors may provide compliance information, including assistance with requirements specific to your industry or business type. These include:
Legal advisors.
OHS experts.
IT system designers.
Auditors.
Technical experts.

Training is required to ensure everyone across the organisation understands their compliance responsibilities. This includes:
Induction training for new employees.
Information workshops and update sessions for existing employees.
Ongoing coaching, mentoring and supervision.

Resource requirements
 Resources can be obtained through collaboration

between departments and business units.
 Consider the unique resource needs of individuals.
 The investment of resource into compliance

management is ongoing – what will you need for the
future?

Presenter
Presentation Notes
Resources include:
Human resource.
Infrastructure.
Technology.
Reference materials.
Legal/technical advice.

Documenting systems
 Compliance strategy.
 Policies and procedures:

 process and procedures
 roles and responsibilities
 relevant legislation.

 Organisational chart:
 lines of authority
 communication flow.

Presenter
Presentation Notes
Review the example Compliance Management System document provided in Appendix 1 of the Student Workbook

The next step
You should now be able to:
 Identify elements of a compliance system.
 Identify personnel requirements.
 Identify resource requirements.
 Document the compliance system.

  • Plan compliance systems
  • Purpose of this presentation
  • Compliance systems
  • Personnel requirements
  • Resource requirements
  • Documenting systems
  • The next step

BSBCOM603 Plan and establish

compliance management systems
Presentation 3

Purpose of this presentation
At the end of this session, you should know
how to:
 implement the plan
 monitor the system
 review the system
 prepare reports.

Implementation plan
 Develop an action plan.

What
• What needs to be done?

How
• What constraints are there?

When
• What time limits are there?

Who
• Who should or could do the task?

Presenter
Presentation Notes
Implementing a compliance management system needs to be approached as a project with specific requirements:
project scope
performance standards
agreed timelines
goals and objectives
project description
completion requirements
timelines
Staffing

Monitor system

Establish
performance

standards

Monitor and
evaluate

performance
Take corrective

action

 Know what you are measuring.
 Gather information and compare it with standards.
 Fix it!

Presenter
Presentation Notes
KPI’s should be established to look at program progress in areas such as:
Effectiveness of staff training
Levels of compliance failures
Number of complaints
Nature of feedback
Consequences/penalties of compliance breaches

Corrective action may include:
Revising KPI’s to be more realistic
Allowing more time for KPI’s to be achieved
Altering procedures and processes to avoid repeat occurrences/breaches
Increasing/modifying staff training to raise awareness of particular issues

Review systems
 Comparing performance with:

 past performance
 internal standards
 industry standards
 best practice standards.

 Benchmarking.

Presenter
Presentation Notes
Benchmarking determines the position of the business in relation to ”best practice” for products and processes. This may be within a specific industry, or look to examples from multiple industries as relevant.

Benchmarking also requires consideration to be given to strategic directions and goals – is achieving “best practice” in this area moving us toward our goals? Is it worth resource investment?

Reports
 Reporting must consider:

 audience
 format
 Language
 organisational requirements.

Presenter
Presentation Notes
Compliance reports should include:
Issues that must be reported to a government agency or regulatory body
Significant changes to compliance obligations, expected impact and action to taken to meet them
Compliance performance assessment
Compliance breaches and rectification action taken
Overall program effectiveness, major achievements, trends

The next step
You should now be able to:
 Implement the plan.
 Monitor the system.
 Review the system.
 Prepare reports.

  • Implement compliance systems
  • Purpose of this presentation
  • Implementation plan
  • Monitor system
  • Review systems
  • Reports
  • The next step
Order a unique copy of this paper
(550 words)

Approximate price: $22