TEQSA’s corporate governance framework incorporates:

• regulatory and management decision-making bodies
• an integrated planning framework
• systems, policies and directives such as the Enterprise Risk Management Framework and accountable authority instructions
• an ethical and accountable organisational culture
• transparency in public reporting.

DECISION FORUMS AND COMMITTEES

Commission

The TEQSA Commission is responsible for making regulatory decisions, setting strategic directions, monitoring risk in the sector, and deciding on matters relating to the development of TEQSA’s quality assurance and regulatory framework, and its management of strategic relationships with key stakeholders.

In 2018-19, the Commissioners met on a fortnightly basis to consider and make decisions on regulatory matters.

Accountable authority

Section 132 of the TEQSA Act establishes the Commissioners as the accountable authority for the purposes of the Public Governance, Performance and Accountability Act 2013 (PGPA Act). This confers various responsibilities and powers on the accountable authority to promote high standards of accountability and performance. As the accountable authority, TEQSA Commissioners are responsible for the governance of TEQSA’s operations under the PGPA Act.

In 2018-19, Commissioners met on a quarterly basis as the accountable authority to review performance against the corporate plan and received monthly reports on the assessment workload and financial performance.

The appointment of Commissioners also includes their role as the accountable authority of TEQSA. Table 12 lists the members of the accountable authority and their period of tenure in the role.

Table 12: Details of accountable authority during 2018-19

In 2018-19, the SMT met fortnightly and received regular reports, including quarterly progress reports against the operational plan.The Senior Management Team (SMT) comprises the Chief Executive Officer (CEO), the Executive Director, Regulatory Operations and senior managers. The role of the SMT is to: provide advice to the CEO in discharging their statutory role; provide collective operational leadership for the agency; provide advice regarding decisions about TEQSA's operational requirements, strategic planning and risk management; and develop, for the consideration and approval of the accountable authority, drafts of the agency's corporate plan, annual report and annual budget. The SMT reviews TEQSA’s performance against the objectives set out in the corporate plan and makes regular reports to the Commission as the accountable authority.

Audit and Risk Committee

TEQSA’s Audit and Risk Committee has been established in compliance with section 42 of the PGPA Act and operates under an Audit and Risk Committee Charter approved by the accountable authority. In 2018-19 the committee comprised two external members (including the Chair) appointed by the accountable authority, and a TEQSA Commissioner.

The Audit and Risk Committee’s role is to provide independent assurance to the accountable authority on TEQSA’s financial and non-financial performance reporting responsibilities, risk oversight, and management. This includes reviewing the proposed internal audit coverage to ensure the approach is focused on TEQSA’s key areas of financial and operational risk.

In 2018-19, two internal audits were carried out:

• Provider Registration and Course Accreditation Review
• Provider Risk Assessment and Compliance Monitoring Review.

In 2018-19, the Audit and Risk Committee met on a quarterly basis.

Security Committee

In 2018-19, TEQSA’s Security Committee comprised the CEO (as Chief Security Officer), the Director Corporate, the Agency Security Advisor and the Information Technology Security Advisor. The committee met quarterly, to review all aspects of protective security affecting the agency, and assist the agency to meet its compliance, risk management, business continuity management and reporting requirements under the Australian Government Protective Security Policy Framework.

PLANNING AND MANAGEMENT

Corporate Planning

The TEQSA Corporate Plan 2018–22 was:

• submitted to the then Minister on 16 August 2018
• approved on 22 August 2018
• published on the TEQSA website by 28 August 2018
• provided to the Minister for Finance.

Enterprise Risk Management Framework

TEQSA accepts that there may be risk in any aspect of its operations and that having an appropriate strategy for risk is critical. TEQSA uses a risk-based approach for its day-to-day business and is committed to the continuous improvement of risk management practices in line with the Commonwealth Risk Management Policy and the Department of Finance Resource Management Guide 211 (ISO 31000:2009).

TEQSA’s Enterprise Risk Management Framework is underpinned by a strong organisational culture, a deep understanding of risk in relation to regulatory matters, a risk management policy and risk appetite statement, an enterprise risk register, a Fraud Control and Anti-Corruption Plan, and arrangements for staff training and support.

Protective security

TEQSA’s Agency Security Advisor is responsible for coordinating security functions in the agency and providing advice to the Chief Security Officer, management and staff on security matters. In 2018-19, TEQSA applied appropriate protective security measures, based on its risk profile, to ensure compliance with the majority of the mandatory requirements under the Protective Security Policy Framework. Mitigation plans have been established to address the remainder.

Ethical standards

TEQSA’s measures to promote ethical standards within the agency include:

• providing training for all staff in fraud awareness and conflicts of interest
• maintaining policies relating to ethical standards and behaviour relevant to TEQSA’s operational context; for example, in relation to email, internet use, fraud and disclosure of information
• building adherence to the Australian Public Service (APS) Code of Conduct and Values into the individual performance and development plans of TEQSA staff.

External scrutiny

TEQSA is subject to external scrutiny by:

• the Office of the Commonwealth Ombudsman
• the Australian National Audit Office
• the Administrative Appeals Tribunal
• the Attorney-General’s Department
• the Office of the Australian Information Commissioner
• parliamentary committees.

During 2018-19, the Commonwealth Ombudsman and parliamentary committees did not issue any reports on the operations of TEQSA. No judicial decisions, decisions of administrative tribunals, or decisions by the Australian Information Commissioner in 2018-19 had a significant impact on the operations of TEQSA.

The Australian National Audit Office is undertaking an audit of the agency's 2018-19 performance and will report its findings in 2019-20.

During 2018-19, TEQSA officials appeared at parliamentary committee hearings for:

• 2018-19 Supplementary Budget Estimates (25 October 2018)
• 2018-19 Additional Estimates (21 February 2019).

Fraud control

The Commonwealth Fraud Control Policy requires that accountable authorities provide an annual report about fraud to their Minister. Section 10 of the Public Governance Performance and Accountability Rule 2014 requires the agency to take all reasonable measures to prevent, detect and deal with fraud, including by undertaking fraud risk assessments and establishing a fraud-control plan.

TEQSA’s Fraud and Anti-Corruption Plan sets out TEQSA’s policy and approach to fraud control, procedures to effectively manage fraud and corruption risks and incidents, and relevant reporting obligations. The plan, reviewed annually by TEQSA’s Audit and Risk Committee, also provides for appropriate training and awareness-raising activities to support TEQSA staff in understanding their responsibilities in relation to fraud control.

TEQSA employees are subject to a robust employment screening process. It is compulsory for staff commencing with TEQSA to complete fraud awareness training. Staff with financial delegation are vetted by the Australian Government Security Vetting Agency (AGSVA) to a minimum of a baseline security clearance. As part of the vetting process, a financial history check is completed by AGSVA.

TEQSA adopts a zero-tolerance approach toward fraud and corruption, and aims to manage the fraud risk to a level as low as is reasonably practicable. TEQSA has no incidents of fraud to report for 2018-19. TEQSA remains committed to a proactive approach in fraud management, prevention and detection, in accordance with the Commonwealth Fraud Control Policy.

Service Charter

TEQSA is committed to excellence in service delivery and stakeholder engagement. The TEQSA Service Charter articulates the agency’s approach to engaging with stakeholders, its service standards and how it handles complaints. TEQSA works hard to ensure its quality assurance and regulatory approach is responsive and service-oriented. To ensure good practice in its handling of complaints, TEQSA ensures students, providers and the general public are informed of options for making complaints about a provider or about TEQSA. More information is contained in this report at Appendix H: Complaints handling. TEQSA has begun a review of its arrangements for handling complaints about providers, with the intention of further improving this area of service.

More broadly, TEQSA manages its relationships with providers in line with the APS Code of Conduct and Values, which emphasise professionalism and accountability.

For more information about the Service Charter is available at www.teqsa.gov.au/for-providers/resources/teqsa-service-charter.