Module Scope
- Does the CCE administer employment relationships in accordance with Fair Work legislation and does it provide employees with their entitlements?
- Does the CCE comply with the public governance laws, workplace laws and, if applicable, public service laws that apply specifically to the CCE's upper management?
- Does the CCE follow the procedure set out in the fair work laws for making, changing or terminating an enterprise agreement, bargaining representation and dealing with bargaining disputes?
- Do the accountable authorities and officials of the CCE comply with various governance duties and obligations under the Public Governance, Performance and Accountability Act 2013 (Cth)?
- Do the officials of the CCE ensure their actions and statements conform with their duty to act in good faith and for a proper purpose?
- Does the CCE have policies and procedures in place to ensure that accountable authorities comply with their duties to govern the Commonwealth entity, to establish and maintain systems relating to risk and control, to encourage cooperation with others?
- Does the CCE use and manage all resources in accordance with the Commonwealth Resource Management Framework (CRMF)?
- Does the CCE comply with all requirements and conditions under enabling and other legislation that attach to funding?
- Does the CCE only spend or commit money in accordance with enabling legislation and the Public Governance, Performance and Accountability Act 2013 (Cth)?
- Does the CCE maintain the security of its data and any personal information in its custody in line with legislative requirements?
- Does the accountable authority ensure that appropriate records are kept and mandatory reports are made of its non-financial performance?
The Corporate Commonwealth Entities module has 4 sub modules:
- Employment
- Governance
- Reporting , Record Keeping and Information Security
- Resource Management
A Commonwealth Corporate Entity (CCE) is an incorporated entity established by commonwealth legislation, but which is not directly controlled by government. CCEs have varying structures, functions and powers, however, as commonwealth entities they share the responsibility to be accountable to the Australian parliament and ultimately the Australian people.
Employment
Collectively CCEs employ thousands of people. The EMPLOYMENT sub module informs CCE employers about effective administration of employment relationships. It outlines rules and obligations as they apply to CCE’s and provides practical advice and assistance to the CCE wanting to ensure compliance and regulatory accountability.
The EMPLOYMENT sub module covers all legislated obligations of Commonwealth Corporate Entities (CCEs) towards their employees from recruitment through to termination and industrial disputes. The module provides the practical assistance and guidance to ensure that these obligations are complied with and best practice processes are implemented and maintained by the CCE. The module also covers possible exemptions to the obligations, if applicable, and how they may or may not apply to the CCE. The specific topic areas comprehensively covered by the module are;
The legislative basis for the EMPLOYMENT sub obligations:
- The Fair Work Act 2009 (Cth) is the primary piece of federal employment legislation in Australia. The Act contains the National Employment Standards (NES), and creates the Fair Work Commission (FWC) and the Fair Work Ombudsman (FWO); and
- In addition to The Fair Work Act every CCE employer is required to comply with a range of other Commonwealth, state and territory laws, including;
- The Long Service Leave (Commonwealth Employees) Act 1976 (Cth);
- Age Discrimination Act 2004 (Cth);
- Sex Discrimination Act 1984 (Cth);
- Racial Discrimination Act 1975 (Cth);
- Disability Discrimination Act 1992 (Cth);
- The Safety, Rehabilitation and Compensation Act 1988 (Cth);
- The Privacy Act 1988 (Cth); and
- The Archives Act 1983 (Cth).
- A CCE may be empowered under enabling legislation to employ some, none or all of their staff as public servants. The employment of public servants is administered in accordance with Australian Public Service (APS) legislation.
The regulatory authorities that monitor commonwealth employment are legislatively enabled to administer authority in specific areas;
- The Fair Work Commission;
- The Fair Work Ombudsman;
- Comcare;
- The Safety, Rehabilitation and Compensation Commission;
- The Australian Public Service Commissioner which is responsible for upholding high standards of integrity and conduct within the public service;
- The Merit Protection Commissioner conducts independent reviews with the goal of ensuring that decisions to recruit and promote APS personnel are based on merit;
- The Australian Human Rights Commission (AHRC); and
- The Office of the Australian Information Privacy Commissioner Overview of obligations.
The module identifies and expands on the core employment obligations of CCE’s including;
- Upper management;
- The CCE must ensure that staff at the upper management level are aware of their specific responsibilities and duties as an accountable authority and as officials of the CCE.
- Enterprise agreements;
- The CCE must comply with the procedures set out in Fair Work legislation for bargaining; for making, varying or terminating an enterprise agreement; and for dealing with bargaining disputes. Once an enterprise agreement that applies to the CCE has been approved by the FWC, the CCE must comply with its terms and conditions.
- Recruitment;
- The CCE must implement a fair recruitment process in accordance with the requirements of Fair Work laws and all other applicable legislation.
- Employment and training contracts;
- The CCE must ensure that terms and conditions of employment are lawful and compliant with Fair Work legislation and, if applicable, public service legislation.
- Remuneration and working hours;
- The CCE must manage remuneration processes in accordance with Fair Work laws and other relevant legislation.
- Leave and flexible work arrangements;
- While modern awards, enterprise agreements, CCE enabling legislation and public service legislation may provide additional conditions and entitlements a CCE must always provide employees with at least the minimum entitlements that are prescribed by the NES.
- Public service career management;
- Apprenticeships, cadetships, and graduate programs;
- Retirement;
- Right of return for election candidates; and
- Non on-going employment.
- Fair treatment in the workplace;
- The CCE must take reasonable steps to provide a workplace that is free from bullying, discrimination and coercion; that protects whistleblowers from reprisal action and adverse action; and that does not dismiss employees who are temporarily absent from work due to prescribed illness or injury.
- Terminating employment;
- Lawful grounds;
- Procedurally fair processes; and
- Entitlements
- Industrial action;
- Protected industrial action;
- Protected partial bans;
- Protected action ballots and visits by permit holders; and
- Stop orders when appropriate.
- Workers compensation;
- Commonwealth workers compensation scheme;
- Making required notifications and payments to Comcare; and
- Engaging with injured workers.
- Record keeping;
- Accuracy;
- Transfer of records when required;
- Privacy; and
- Access
The module also advises mitigating actions the CCE should take to rectify instances of non-compliance to prevent re-occurrence. Ongoing breaches of employment obligations can have consequences to individuals and offending organisations including;
- Reinstatement of dismissed employees;
- Compensation to employees;
- Civil penalties;
- Dismissal;
- Demotion; and
- Deductions from future payments.
There is significant overlap between employment obligations in the private and public sectors and within the public sector between CCE employers and public service employers.
The EMPLOYMENT sub module is focused specifically on the employment obligations of CCE’s. The module expands both on ways in which CCE employment obligations are the same and ways in which CCE employment obligations differ to general private and public sector employers.
The module does not comprehensively cover general employment obligations in either the private or public sector.
Governance
The GOVERNANCE sub module informs officials and accountable authorities of CCEs about their obligations to effectively administer all aspects of governance in accordance with the requirements of the Public Governance, Performance and Accountability framework. The sub module provides practical advice and assistance to the CCE about implementing governance procedures and processes that will ensure compliance and regulatory accountability throughout all levels of the CCE organisation.
In broad general terms governance is about accountability, transparency, leadership, integrity and stewardship. On a more practical level it is also about compliance, and the discharge and satisfaction of specific duties and obligations arising under legislation and law.
The GOVERNANCE sub module comprehensively covers these broad concept of governance, gives advice and instructions to ensure compliance with the more practical aspects of governance and provides an overview of the laws and regulations from which the governance obligations are derived.
The module comprehensively covers various governance related topics with some overlap within the topics, including;
- The duties of officials and the duties of accountable authorities. The Public Governance, Performance and Accountability (PGPA) framework imposes duties and obligations on accountable authorities and officials in relation to conduct, administration, review and maintenance of the governance framework including;
- Roles and responsibilities;
- Governing requirements;
- Encouraging cooperation;
- Managing risk;
- Reporting and notification requirements;
- Disclosure of material personal interests;
- Complying with Accountable Authority Instructions (AAIs);
- Complying with key aspects of the overarching Commonwealth Resource Management Framework (CRMF);
- Duty to use care and diligence, act honestly, act in good faith and for proper purposes; and
- A duty to not use a position, or information gained through a position improperly.
- The governance of risk management and insurance;
- Developing and communicating the right culture;
- Encouraging all staff to contribute to risk mitigation processes;
- Consider and address risk when assessing all activities and programs;
- Implementation and maintenance of appropriate processes and internal controls;
- The Commonwealth Risk Management (CRM) framework, although not mandatory, should be applied as a measure of good practice;
- Regular analysis and review; and
- Maintaining appropriate insurances.
- Performance planning and budget governance;
- Strategic planning and practical procedures to ensure compliance at the governance level (rather than the operational level);
- Development and submission of a corporate plan and budget estimates; and
- Cooperation with other commonwealth entities to create efficiencies, operate programs and share resources.
- The governance of financial reporting;
- Financial information and non-financial information; and
- Developing performance information and record keeping.
- The audit committee;
- The role and responsibilities with regard to financial reporting and risk management processes.
- Performance Reporting;
- Promoting an operational culture that seeks, recognises and awards performance, including ethical behaviour, focused delivery and a commitment to quality outcomes.
- Performance assessments and records;
- Timely financial and non-financial information assists stakeholders to make informed decisions;
- Detailed internal and external reviews of governance should be undertaken at critical decision points such as when there is a change in legislation, or when a purpose or outcome changes; and
- Effective reviews cover both compliance and performance issues.
The module also advises all accountable authorities and officials to review the following instruments and rules to fully appreciate the scope and importance of their duties and obligations;
- Legislation enabling the CCE;
- The Public Governance Performance & Accountability Act and related instruments;
- The Public Service Act 1999 (Cth) (if applicable);
- Other relevant legislation such as the Work Health and Safety Act 2011 (Cth);
- Accountable Authority Instructions (AAIs);
- Relevant commonwealth Resource Management Guides (RMGs); and
- Delegations and approvals.
The module covers potential consequences of failures to comply with governance duties and obligations including breaches of finance law and serious breaches of other legislation outside of the PGPA framework which can result in civil and criminal penalties.
The GOVERNANCE sub module expands on CCE governance obligations of accountable authorities and officials based on the Public Governance Performance and Accountability framework. There are also additional duties and obligations on CCEs based on general law requirements and other regulations. These additional duties and obligations are not specifically covered by the module.
The module covers the governance obligations of accountable authorities and officials of corporate commonwealth entities (CCEs). It does not specifically cover the obligations of commonwealth companies or other commonwealth entities other than CCEs.
Reporting, Record Keeping and Information Security
The REPORTING, RECORD KEEPING AND INFORMATION SECURITY sub module informs CCEs about their obligations to effectively administer all aspects of reporting, record keeping and information security in accordance with legislative requirements. The module provides practical advice and assistance to the CCE about implementing procedures and processes that will ensure compliance and regulatory accountability throughout all levels of the CCE organisation.
The REPORTING, RECORD KEEPING AND INFORMATION SECURITY sub module covers all legislated obligations of Commonwealth Corporate Entities (CCEs) related to reporting, record keeping and information security from formulating plans and compiling reports through to dealing with complaints and potential penalties for breaches. The module provides the practical assistance and guidance to ensure that these obligations are complied with and that best practice processes are implemented and maintained. The module also covers the role of the regulator with regard to reporting, record keeping and information security as well as exemptions to the obligations, if applicable, and how they may or may not apply to the CCE. The specific topic areas comprehensively covered by the module are;
- The legislative landscape from which the primary obligations are derived;
- Public Governance, Performance and Accountability Act 2013 (Cth)
- Public Governance, Performance and Accountability (Financial Reporting) Rules 2015 (Cth)
- Archives Act 1983 (Cth)
- Privacy Act 1988 (Cth)
- Freedom of Information Act 1982 (Cth)
- Crimes Act 1914 (Cth)
- Electronic Transactions Act 1999 (Cth)
- Public Service Act 1999 (Cth)
- The agencies that regulate the sector;
- The Department of Finance;
- National Archives of Australia (NAA);
- Office of the Australian Information Commissioner (OAIC);
- Australian Public Service Commissioner;
- Attorney-General’s Department; and
- The Australian Signals Directorate.
- With regard to accountability the accountable authority of a CCE has specific obligations related to annual and occurrence based reporting. In order to comply with these obligations the CCE must keep records of financial and non-financial activities. Financial activities need to be recorded in accordance with the Australian Accounting Standards and the Public Governance, Performance and Accountability (Financial Reporting) Rule 2015 (Cth).
- Effective reporting is based on sound record-keeping systems in accordance with NAA principles and standards. The module provides details of these standards and how they should be implemented by the CCE, including;
- Information Management Standard;
- Digital Continuity 2020 Policy;
- AS ISO 15489 Records Management;
- ISO 16175 Digital records;
- Australian Government Recordkeeping Metadata Standard (AGRkMS);
- Minimum metadata set;
- AGLS Metadata Standard;
- AS/NZS 5478 Recordkeeping metadata property reference set standard (RMPRS); and
- Australian Governments’ Interactive Functions Thesaurus (AGIFT).
- The CCE must implement entirely digital work processes, including authorisations, and ensure that all information is created and managed in a digital format under the Digital Continuity 2020 Policy.
- The disposal and transfer of records must be done in accordance with NAA requirements.
- If the CCE collects or records personal information about individuals, it will usually be subject to privacy legislation. The CCE has obligations under the Australian Privacy Principles, including;
- Consideration of personal information privacy;
- Collection and dealing with personal information;
- Integrity of personal information;
- Access to, and correction of personal information;
- Tax requirements; and
- Consumer credit reporting.
- The voluntary guidelines on data-matching in Australian Government Administration are issued by the OAIC and provide guidance on using data matching as an administrative tool in a way that complies with privacy legislation and good privacy practice. Guidelines to observe include;
- Circumstances when the guidelines apply;
- Necessary steps prior to data matching;
- Notification of the public of participation in a data matching program;
- Notification of individuals of proposed administrative action;
- Destruction of information no longer required and the requirement not to create new data sets; and
- Duty to evaluate and enable the OAIC to review data matching programs.
- CCE’s have obligations to provide access to documents under Freedom of Information (FOI) legislation, unless exemptions apply, including;
- Disclosure log;
- Information publication scheme;
- Access to records in the open access period;
- Access for the NAA;
- Access for Ministers; and
- Records that may be used as evidence.
- The Australian Information Commissioner has powers to investigate matters related to privacy and FOI. The module details the characteristics of an effective complaints management process and an effective FOI review process for a CCE to implement and maintain.
- The Protective Security Policy Framework (PSPF) is concerned with the protection of assets, including information assets. This module outlines PSPF strategies and other security strategies that deal specifically with information security.
- Sound information governance is aligned with business outcomes and risks. The module covers the steps the CCE should take to develop policies and procedures to support information governance and digital management;
- Develop information and records management framework, strategy and policies;
- Develop a business systems assessment framework;
- Appoint an information governance committee and a chief information governance officer;
- Undertake information reviews; and
- Undertake staff training regimes.
- The consequences of failing to comply with reporting, record keeping and information security obligations range from reprimands and fines under relevant employment framework to imprisonment for serious breaches of criminal codes.
The REPORTING, RECORD KEEPING AND INFORMATION SECURITY sub module covers reporting, record keeping and information security obligations with specific reference to Commonwealth Corporate Entities (CCEs). It covers many obligations that are generally applicable to all government entities without that being the primary intention of the module.
The REPORTING, RECORD KEEPING AND INFORMATION SECURITY sub module does not cover the rights or entitlements of individuals who have suffered damages or losses due to breaches of obligations by a CCE. The module does not cover the process that an individual would follow to report the breach or their loss.
Resource Management
Collectively CCE’s administer significant public sector resources. The RESOURCE MANAGEMENT sub module informs CCE’s about effective administration and allocation of resources. It outlines rules and obligations primarily contained within the Commonwealth Resource Management Framework (CRMF) as they apply to CCE’s and provides practical advice and assistance to the CCE wanting to ensure compliance and regulatory accountability.
Corporate Commonwealth Entities (CCEs) are established for specific functions and purposes, which they perform or achieve by applying resources obtained from the commonwealth and the public. Resources are always finite or limited, so the primary obligations of CCE’s is to ensure that resources are managed and allocated such that objectives are met, financial sustainability is achieved and risk is contained. It is the role of accountable authorities, officials and staff of CCEs to ensure these objectives are met.
The commonwealth has established the Commonwealth Resource Management Framework (CRMF) to assist in achieving these objectives - a core body of legislation, instruments, guides and policies which together set out requirements and expectations in relation to the use and management of public resources by CCEs and provide a system of accountability and transparency for monitoring and assessing that use and management.
The RESOURCE MANAGEMENT sub module covers all legislated obligations of Commonwealth Corporate Entities (CCEs) with regard to resource management. The module provides the practical assistance and guidance to ensure that obligations are complied with and best practice processes are implemented and maintained by the CCE. The module also covers possible exemptions to the obligations, if applicable, and how they may or may not apply to the CCE.
In addition to the CRMF the module covers other legislation relevant to resource management including;
- Lands Acquisition Act 1989 (Cth);
- Public Works Committee Act 1969 (Cth);
- Various environmental statutes;
- Legislation enabling the CCE;
- The Public Governance Performance Accountability 2014 Act and rules;
- Accountable Authority Instructions (AAIs);
- Commonwealth Resource Management Guides (RMGs); and
- Relevant delegations and approvals.
The RESOURCE MANAGEMENT sub module covers the primary functions of resource management including;
- Resource gathering - the acquisition or gathering of resources from parliament or the public;
- Resource use - the allocation and expenditure of resources; and
- Resource administration – the holding of resources pending use.
And the obligation requirements to fulfil the primary functions of resource management;
- Establishing objectives;
- Planning to meeting objectives;
- Maintaining financial sustainability; and
- Limiting risk.
In addition to these general functions and obligations the module also covers specific or specialised obligations that apply to CCE’s and which are covered under these topics in the module;
- Financial grants;
- Spending on gratuities, entertainment, hospitality and travel;
- Contracts;
- Property transactions;
- Land and buildings; and
- Insurance.
The module covers obligations of CCEs managing both monetary and non-monetary resources. Non-monetary resources are usually fixed assets that are managed over time until eventually disposed of, whereas monetary resources are managed until consumed as part of performing functions, conducting activities and/ or pursuing purposes. Under the CRMF there are specific policy and legislative restrictions on the management of various resources, and these are dealt with in the module;
- Cash management;
- Property management other than land; and
- Intellectual property.
The module covers CCEs obligations and responsibility to mitigate potential issues by providing practical advice and assistance with regard to;
- Quarantining or stopping the relevant activity (if recurring);
- Rectifying the problem and mitigating /eliminating the risk or recurrence; and
- Notifying relevant parties such as the audit committee, or the responsible Minister.
The module also covers various consequences resulting from failing to comply with resource management obligations. The severity of the consequence usually depends on the nature of the obligation and the nature of the non-compliance;
- Breaches of the Commonwealth Resource Management Framework (CRMF) requirements have various consequences which depend on the type of non-compliance.
- Breaches of other legislation that imposes obligations on CCEs or officials may attract both criminal and civil penalties;
- Certain deliberate, misleading and dishonest acts or omissions in relation to resource management may attract criminal consequences under the Crimes Act 1914 (Cth) and Criminal Code (Cth). Many of those consequences are only relevant to CCEs and officials when there is an element of deliberate intent or knowledge of wrong-doing.
- Breach of finance law does not attract a fine or penalty, but can have other important consequences, namely;
- Notification to the Minister;
- Notification to the auditors;
- Reporting in financial statements;
- Sanctions; and
- Officials sanctions.
The Commonwealth Resource Management Framework (CRMF) and other relevant legislation covered by the module apply generally to all commonwealth departments and entities.
The RESOURCE MANAGEMENT sub module focuses on resource management as it applies specifically to Commonwealth Corporate Entities (CCEs). The module does not cover resource management generally within the commonwealth or government sector.