In late 2017, the Australian Federal Government announced a series of reforms to the operations of charities that occur overseas, including basic religious charities, in the form of proposed External Conduct Standards (in addition to the ACNC Governance Standards).
The External Conduct Standards are now law, having commenced on 23 July 2019. They are set out in the Australian Charities and Not-for-profits Commission Amendment (2018 Measures No. 2) Regulations 2018 (the Regulations).The Regulations are made possible through section 50‑5 of the Australian Charities and Not-for-profits Commission Act 2012 (the Act), which specifically authorises the creation of minimum External Conduct standards.
The purpose of the External Conduct Standards (“ECSs”) is to ensure that Charities meet appropriate standards of governance and behaviour when operating outside Australia, including adherence to international obligations under the Financial Action Task Force Recommendations and other international treaties. By extension, the ECSs are designed to promote greater transparency and confidence in the community that funds sent, and services provided, by charities outside Australia are reaching legitimate beneficiaries and are being used for legitimate purposes.
So what do the ECSs mean for the overseas operations of your charity?
Primarily, it is pertinent to note that the steps a charity will need to take to comply with the ECSs is dependent upon its particular circumstances, including its size, the source of its funding, the needs of the public and the activities of the charity, including the extent and significance of their activities outside Australia, and the resources it provides to parties outside Australia. The implications of the ECSs will also vary depending upon where funds are being sent; money sent to an area with a high terrorism financing risk will necessitate greater and more extensive internal processes and policies to mitigate the risks.
The ECSs are applicable to any registered charity that is operating outside Australia, or working with third parties that are operating outside Australia.
A registered charity or third party is deemed to operate outside Australia if it “operates outside Australia in whole or in part”. The key is where the front line charitable service delivery takes place. If this is outside Australia, the assumption you should make is that ECSs apply. Regulation 50.4(2) has a minor carve out but its scope is quite limited.
The four External Conduct Standards can be summarised as follows:
- Standard 1 – activities and control of resources (including funds)
- Standard 2 – annual review of overseas activities and record-keeping
- Standard 3 – anti-fraud and anti-corruption
- Standard 4 – protection of vulnerable individuals
Standard 1: activities and control of resources (including funds)
The overarching object of the first External Conduct Standard is to ensure public confidence that a registered not-for-profit organisation is governed in such a way that it remains solvent, minimises risks to assets, ensures the entity and its resources are furthering its purposes, and operates in a manner consistent with its purposes and status as a not-for-profit entity.
Here is the text of the standard:
(3) The registered entity must:
(a) take reasonable steps to ensure that its activities outside Australia are carried out in a way that is consistent with its purpose and character as a not‑for‑profit entity; and
(b) maintain reasonable internal control procedures to ensure that resources (including funds) are used outside Australia in a way that is consistent with its purpose and character as a not‑for‑profit entity; and
(c) take reasonable steps to ensure that the resources (including funds) given to third parties outside Australia (or within Australia for use outside Australia) are applied:
(i) in accordance with the entity’s purpose and character as a not‑for‑profit entity; and
(ii) with reasonable controls and risk management processes in place.
Note: Paragraphs (a) and (b) are intended to ensure that a registered entity has procedures in place to manage the risks associated with its own operations and activities. Paragraph (c) is intended to ensure that reasonable controls are in place with respect to resources given to third parties.
(4) The registered entity must comply, in relation to its activities outside Australia, with Australian laws relating to any of the following:
(a) money laundering;
(b) the financing of terrorism;
(c) sexual offences against children;
(d) slavery and slavery‑like conditions;
(e) trafficking in individuals and debt bondage;
(f) people smuggling;
(g) international sanctions;
(5) The registered entity must maintain reasonable internal control procedures to ensure compliance with subsection (4).
The obligations imposed by this Standard can be divided into internal operations and third party operations.
Internally, the charity must take reasonable steps to ensure that its activities outside Australia are conducted in such a way that is consistent with its charitable purposes and character as a NFP. Moreover, it must maintain reasonable internal control procedures to ensure consistency with its charitable purposes and character as a NFP. Finally, the activities conducted overseas must comply with a number of Australian laws including money laundering, terrorism, child-sex offences, slavery, trafficking, taxation and bribery.
With regards to third parties, the registered charity must take reasonable steps to seek ensure that resources provided to third parties who operate outside Australia accord with the entity’s purpose and their NFP status, and have in place reasonable control and risk management procedures.
Application tips: Standard 1 will see the need for:
- Financial Management Policies about approvals and processes for the movement of resources outside Australia (including monitoring about resources finding their way to the front line charitable service delivery);
- MOU arrangements with third parties covering:
- Agreed purpose for the application of the resources (including covenants that the resources will not be applied for private benefit);
- Agreed control and risk management steps the third party is taking to ensure the resources are applied to the agreed purpose; and
- Agreed reporting providing evidence about the resources being applied for the agreed purpose (and compliance with the agreed control and risk management steps.
Standard 2: Annual review of overseas activities and record-keeping
The purpose of the second External Conduct Standard is to ensure transparency and accountability to the Australian public with regards to overseas activities.
Here is the text of the standard:
(3) The registered entity must obtain and keep records necessary to prepare a summary of its activities outside Australia on a country by country basis for each financial year during which it:
(a) operates outside Australia; or
(b) gives resources (including funds) to third parties outside Australia (or within Australia for use outside Australia).
Example: Records should be obtained and kept about the following information:
(a) the kinds of activities that the registered entity conducted outside Australia;
(b) details of how the registered entity’s activities outside Australia enabled it to pursue and achieve its purpose;
(c) details of any procedures and processes that the registered entity used to monitor its overseas activities;
(d) a list of the third parties that the registered entity worked with outside Australia;
(e) details of any documented claims of inappropriate behaviour by the registered entity’s employees or responsible entities outside Australia, and subsequent actions taken by the registered entity as a result.
(4) The records obtained and kept must include information on the registered entity’s expenditure relating to its activities outside Australia on a country by country basis for the financial year.
In accordance with this Standard, an entity must obtain and keep records necessary to prepare a summary of its activities. This must occur on a country by country basis for each financial year that the entity operates outside Australia and/or gives resources to third parties outside Australia or within Australia for overseas use.
Application tips: Standard 2 will see the need for:
- Record keeping year by year – that does not have to be produced unless asked for.
A failure to record keep is black-letter non-compliance that may open a charity to de-registration if not complied with.
Standard 3: anti-fraud and anti-corruption
The overarching object of the third External Standard is identical to that of the first Standard, that is, ensuring public confidence in the management of the entity.
The text of the standard is as follows:
(3) The registered entity must take reasonable steps to:
(a) minimise any risk of corruption, fraud, bribery or other financial impropriety by its responsible entities, employees, volunteers and third parties outside Australia; and
(b) identify and document any perceived or actual material conflicts of interest for their employees, volunteers, third parties and responsible entities outside Australia.
Note: A responsible entity of a registered entity must also disclose all material conflicts of interest as one of their duties under governance standard 5—see section 45.25.
The charity must take reasonable steps to minimise the risk of corruption, fraud, bribery and other financial impropriety by its responsible entities, employees, volunteers and third parties outside Australia. Significantly, “minimise risk” is not synonymous with eliminate risk, particularly if doing so would be “unreasonable or impede the ability of the entity to promote its purposes” (Explanatory Memorandum).
In addition to this, the entity must identify and document (not just disclose) any perceived or actual material conflicts of interest for entities, employees, volunteers and third parties outside Australia.
Application tips: ECS 3:
- Policy and processes to minimise any risk of corruption, fraud, bribery or other financial impropriety by its responsible entities, employees, volunteers and third parties outside Australia;
- Evidence that that policy and process is being followed;
- Covenants in agreements or arrangements with employees, volunteers and third parties outside Australia to comply with relevant parts of policy and process including the Conflicts of Interest Policy;
- Broadened Conflicts of Interest Policy covering employees, volunteers and third parties outside Australia; and
- The use of a Conflicts Register where conflicts are documented and manner of management of the conflict recorded.
Standard 4: Protection of vulnerable individuals
This final Standard seeks to protect vulnerable individuals outside Australia from exploitation and abuse.
The text of the standard is a follows:
(3) The registered entity must take reasonable steps to ensure the safety of vulnerable individuals outside Australia to the extent that those individuals are being provided with services, or accessing benefits, under programs provided by:
(a) the registered entity; or
(b) a third party in collaboration with the registered entity.
(4) The registered entity must take reasonable steps to ensure the safety of vulnerable individuals outside Australia to the extent that those individuals are engaged by:
(a) the registered entity; or
(b) a third party in collaboration with the registered entity;
to provide services or benefits on behalf of the registered entity or the third party.
If the charity is providing vulnerable individuals outside of Australia with services or operating a program by itself or in collaboration with a third party overseas that provides a vulnerable individual with access to benefits, then the entity must take reasonable steps to ensure the safety of such vulnerable persons.
If vulnerable individuals are engaged by the charity or a third party in collaboration with the charity to provide services or benefits on behalf of the charity or the third party outside Australia, then the charity must also take reasonable steps to ensure the safety of such vulnerable persons.
A vulnerable individual is defined (by Regulation 4) as;
- a child; or
- an individual who is or may be unable to take care of themselves, or is unable to protect themselves against harm or exploitation.
It is significant to note that the Standard is not take reasonable steps to “minimise risk” but to “ensure the safety”. As the Standard will be tested against what is reasonable in all the circumstances, it is likely to be a higher bar than minimising risk. The reasonable steps required will be dependent on factors including but not limited to the size of the registered entity and the risks posed to the vulnerable individuals (EM).
The ACNC has published guidance on the ECSs here.
Our charity law team is regularly advising on what charities might need to be doing to comply with the ECSs. Please contact us today if your charity requires assistance in compliance.