Audit snapshot

Why did we do this audit?

  • The Australian higher education sector receives over $15 billion of Australian Government funding a year, and the annual contribution of international students to the Australian economy is estimated at around $35 billion.
  • There has been significant public interest regarding the integrity of admissions standards, academic misconduct (including contract cheating), and the integration of international students into Australian campuses.
  • These issues have a direct impact on the reputation of the higher education sector and the interests of students, the protection of which is the key regulatory purpose of the Tertiary Education Quality and Standards Agency (TEQSA).

Key facts

  • In 2018, 1.56 million students were enrolled in courses leading to an Australian higher education award. About 480 000 were international students.
  • As at December 2019, 181 higher education providers were on the National Register administered by TEQSA, including 37 public universities. TEQSA registered nine new providers in 2018–19.
  • TEQSA accredited 54 new higher education courses in 2018–19.

What did we find?

  • The effectiveness of TEQSA's regulation of higher education was mixed.
  • TEQSA's processes to assign and maintain risk ratings to higher education providers were largely effective.
  • TEQSA's approvals processes were effective but not always timely. TEQSA met its statutory timeframes for initial registration and accreditation approvals in all but one instance.
  • TEQSA's compliance and enforcement activities were partially effective.
  • TEQSA has provided appropriate support to the sector to address the majority of key sector-wide risks.

What did we recommend?

  • The Auditor-General made five recommendations to TEQSA. They relate to the development of a comprehensive compliance monitoring framework supported by appropriate operational processes, and improving the documentation, timeliness and public reporting of some of TEQSA's compliance activities.
  • TEQSA agreed to the five recommendations.

Summary and recommendations

1. In 2018, 1.56 million students were enrolled in courses leading to an Australian higher education award.1 In that year, international students represented about 31 per cent of total student numbers of Australian higher education providers.2

2. The Tertiary Education Quality and Standards Agency (TEQSA) was established in 2012 by the Tertiary Education Quality and Standards Agency Act 2011 (TEQSA Act). TEQSA’s purpose is to ‘protect student interests and the reputation of Australia’s higher education sector through a proportionate, risk-reflective approach to quality assurance that supports diversity, innovation and excellence’.3 TEQSA’s core regulatory functions include the registration of higher education providers and the accreditation4 (approval) of the courses offered by those providers.5 In 2019–20 TEQSA received $17.5 million of Australian Government funding.

3. For registration and accreditation purposes, providers and courses must comply with the Higher Education Standards Framework (Threshold Standards) 2015, which sets out the minimum standards to operate in the higher education sector. Providers teaching international students must also comply with a further set of 11 standards (the international student standards) under the National Code of Practice for Providers of Education and Training to Overseas Students under the Education Services for Overseas Students Act 2000 (ESOS Act).

Rationale for undertaking the audit

4. The higher education sector receives over $15 billion of Australian Government funding a year, and the annual contribution of international students to the Australian economy is estimated to be around $35 billion. There has been significant public interest in the integrity of admissions standards, academic misconduct (including contract cheating) and the integration of international students into Australian campuses. These issues have a direct impact on the reputation of the higher education sector and the interests of students, the protection of which is TEQSA’s key regulatory purpose.

Audit objective and criteria

5. The objective of the audit was to assess the effectiveness of TEQSA’s regulation of higher education. To form a conclusion against the audit objective, the Australian National Audit Office (ANAO) adopted the following criteria:

  • Did TEQSA have an effective process to assign and maintain appropriate risk ratings to higher education providers?
  • Did TEQSA have effective and timely approvals processes, including for registering higher education providers and accrediting courses?
  • Did TEQSA have effective compliance and enforcement processes?
  • Did TEQSA provide appropriate support to the higher education sector to address key sector-wide risks?

Conclusion

6. The effectiveness of TEQSA’s regulation of higher education was mixed.

7. TEQSA’s processes to assign and maintain risk ratings to higher education providers were largely effective. Risk indicators and data were aligned with the relevant provisions of the Tertiary Education Quality and Standards Agency Act 2011 and the majority of the higher education threshold standards. Limitations in source data meant that, for the majority of providers, risk assessments were usually based on two-year old data.

8. TEQSA’s approvals processes were effective but not always timely. Key approvals were undertaken consistent with legislative requirements regarding relevant higher education standards. TEQSA met the statutory timeframes for initial registration and accreditation approvals in all but one instance. TEQSA did not meet its targets for re-registration and re-accreditation approvals for low-risk providers.

9. TEQSA’s compliance and enforcement processes were partially effective. It has undertaken a small number of enforcement actions to address non-compliance with statutory requirements. While TEQSA has an appropriate suite of compliance activities, documentation of most of its recent compliance assessments was poor and it has yet to implement a compliance monitoring framework. TEQSA’s public reporting of enforcement actions was appropriate but it does not report on the number of compliance assessments undertaken or their outcomes.

10. TEQSA provided appropriate support to the sector to address the majority of key sector-wide risks.

Supporting findings

Risk assessment

11. The indicators and data used by TEQSA to assess individual provider risk are aligned with the key areas of risk to providing quality higher education, as outlined in the TEQSA Act. However, the accuracy of provider risk assessments is reduced as the source data used in the assessments is usually two years old. This can impact on the accuracy of the provider risk profile.

12. The 2019 risk ratings were assigned in accordance with TEQSA’s process. TEQSA did not document consideration of complaints in its risk assessments and did not make any adjustments to any risk ratings because of complaints.

13. Risk ratings were reviewed in a timely way through an annual risk assessment cycle.

Regulatory approvals processes

14. Key approvals processes were undertaken consistent with legislative requirements regarding applicable higher education standards. Decisions were informed by analysis of, and advice about, providers’ compliance with the standards.

15. The risk mitigation measures attached to key approvals were appropriate as they aligned with the risk of non-compliance with relevant standards identified through the assessment process.

16. TEQSA’s performance statement in its 2018–19 annual report provides an adequate level of information regarding timeliness of key TEQSA Act approval processes, including comparisons to previous years. It also includes information on approval outcomes, although the information could be presented in a more consistent way to allow comparisons between different types of approvals.

17. The timeliness of approvals was mixed. TEQSA met the statutory timeframes for initial registration and accreditation approvals in all but one instance. It did not meet its targets for re-registration and re-accreditation approvals for low-risk providers.

Compliance and enforcement

18. TEQSA has not undertaken any periodic compliance planning, but it is in the early stages of developing priorities to guide future compliance activity. TEQSA’s completed compliance assessment activity has not been informed by provider risk ratings. Compliance activity has mainly been informed by media and provider self-reporting.

19. TEQSA’s key compliance activities have been partially effective. TEQSA has an appropriate suite of compliance activities and, from late 2019, has commenced an increased number of compliance assessments. However, these assessments have not always been adequately documented. Reports submitted by providers as part of formal conditions have not been assessed in a timely manner and TEQSA has not established a transparent process for managing material change notifications.

20. TEQSA has undertaken a small number of enforcement actions to address non-compliance with statutory requirements.

21. TEQSA did not report on the number of compliance activities commenced or completed or the outcomes of compliance processes. TEQSA provides limited reporting on the outcomes of some of its enforcement processes.

Sector-wide risks

22. TEQSA has regularly engaged with a wide range of key stakeholders for a variety of purposes, including to identify emerging risks to the Australian higher education sector.

23. TEQSA has taken appropriate action to support the sector to address the majority of identified key risks. It has not yet taken any specific actions to respond to cyber security risk.

24. TEQSA has reported on its actions to address identified risks but has not reported on the outcomes of the actions undertaken.

Recommendations

Recommendation no.1

Paragraph 4.6

TEQSA establishes and implements a comprehensive compliance monitoring framework, supported by appropriate operational processes.

Tertiary Education Quality and Standards Agency response: Agreed.

Recommendation no.2

Paragraph 4.21

TEQSA ensures that it adequately documents its analysis and the outcomes of each stage of its compliance assessments in a timely manner.

Tertiary Education Quality and Standards Agency response: Agreed.

Recommendation no.3

Paragraph 4.28

TEQSA ensures material submitted by providers as part of formal conditions is assessed in a timely manner.

Tertiary Education Quality and Standards Agency response: Agreed.

Recommendation no.4

Paragraph 4.35

TEQSA establishes and implements a transparent process for managing material change notifications, including documenting the assessment of all notifications.

Tertiary Education Quality and Standards Agency response: Agreed.

Recommendation no.5

Paragraph 4.54

TEQSA ensures that its annual performance reporting includes information on the number of provider compliance activities undertaken and the outcomes of compliance activity.

Tertiary Education Quality and Standards Agency response: Agreed.

Summary of entity response

25. TEQSA’s summary response is provided below. Its full response can be found in Appendix 1.

The Tertiary Education Quality and Standards Agency (TEQSA) welcomes the Australian National Audit Office’s performance audit report on its regulation of higher education and thanks the audit team for their efforts and diligence in conducting the audit.

TEQSA has only recently had its resourcing increased following a period of significant reduction in resourcing and reduced capacity. One recent initiative was to establish a dedicated Compliance and Investigations team. The timing of the audit presented an opportunity to reflect on areas for improvement and we are pleased that the findings confirm areas of focus where TEQSA already has work well underway.

In finding TEQSA’s regulatory activities to be effective or largely effective in all but one instance, the ANAO’s report confirms that TEQSA is meeting its purpose under the TEQSA Act to regulate higher education according to the principles of regulatory necessity, risk and proportionality. TEQSA acknowledges the areas for improvement and recommendations in relation to its compliance and enforcement activities.

TEQSA accepts all five recommendations in relation to its compliance and enforcement activities, with action already planned or underway to make improvements consistent with these recommendations. This includes work already undertaken to strengthen TEQSA’s existing compliance monitoring framework, improvements to the planning of compliance assessments and ensuring the timely assessment of material submitted by providers. TEQSA has also implemented processes for consistent handling of material change notifications and reporting of compliance activity, with a full regulatory operations report to be published in July 2020.

Key messages from this audit for all Australian Government entities

Below is a summary of key messages, including instances of good practice, which have been identified in this audit and may be relevant for the operations of other Australian Government entities.

Governance and risk management

Policy/program implementation

Performance and impact measurement

Records management

1. Background

Higher education in Australia

1.1 In 2018, 1.56 million students were enrolled in courses leading to an Australian higher education award.6 Just over 90 per cent of these students were enrolled at public universities. The Australian higher education sector received $15.6 billion of direct Australian Government funding in 2018, the bulk of which was to public universities through the Commonwealth Grants Scheme.

1.2 The Australian higher education sector includes a diverse range of providers with significant variation in size, revenue and course offerings. Around three-quarters of higher education providers are non-universities. Table 1.1 illustrates the variation in the size of providers operating in the sector.

Table 1.1: Number of higher education student enrolments by provider type, 2017

Number of Students

University (public and private)

Non university for-profit providers

Non university not-for-profit providers

TAFE

<100

1

17

26

1

100–500

1

23

14

6

500–5000

2

27

10

4

>5000

39

1

0

0

Share of total students

91.0%

5.6%

3.0%

0.4%

         

Source: Tertiary Education Quality and Standards Agency (TEQSA), Statistics Report on TEQSA registered higher education providers, 2019, p. 7.

1.3 Annual growth in total student numbers has averaged 3.5 per cent in the last four years. Figure 1.1 shows most of the growth has been due to significant increases in international students.7

Figure 1.1: Annual change in higher education enrolments (student headcount), 2015–2018

 

Source: Australian National Audit Office (ANAO) analysis of Department of Education Higher Education Statistics.

1.4 International students represented about 31 per cent of total student numbers of Australian higher education providers in 2018.8 About a quarter of these international students are studying outside Australia but are enrolled with Australian providers. China is the largest source country accounting for about a third of international students, with India being the second largest source country.

1.5 Fees paid by international students to Australian higher education providers were $10.4 billion in 2018, with the overall contribution of international students to the Australian economy estimated at around $36 billion a year, making it Australia’s fourth largest export industry.9 In 2017 international student fees represented 21 per cent of total provider revenue in the public university sector, and 34 per cent in the for-profit higher education sector. Recent reports by some State Auditors-General have noted the need for universities to actively monitor developments that might impact on this growth and to manage their international student recruitment programs to increase the diversity of the source countries that make up their international student base.10

TEQSA and the regulation of the higher education sector

1.6 Until 2012 the higher education sector was subject to the National Protocols for Higher Education, which were broad, principles-based guidelines that higher education providers were required to meet. State and territory governments were responsible for the registration and accreditation of higher education providers with periodic quality auditing of these providers by the Australian Universities Quality Agency. The 2008 Review of Australian Higher Education concluded that these arrangements were ‘complex, fragmented and inefficient’ and recommended the establishment of ‘an independent national regulatory body responsible for regulating all types of tertiary education’.11

1.7 The Tertiary Education Quality and Standards Agency (TEQSA) was established in 2012 by the Tertiary Education Quality and Standards Agency Act 2011 (TEQSA Act). Reflecting the objectives of the TEQSA Act, TEQSA’s purpose is to ‘protect student interests and the reputation of Australia’s higher education sector through a proportionate, risk-reflective approach to quality assurance that supports diversity, innovation and excellence’.12 TEQSA is governed by two to five Commissioners, supported by a Chief Executive Officer.

1.8 TEQSA’s core regulatory functions include the registration of higher education providers and the accreditation13 (approval) of the courses offered by those providers.14 Registration and course accreditation can be for up to seven years, after which providers must seek re-registration and re-accreditation.15 For registration and accreditation purposes, providers and courses must comply with the Higher Education Standards Framework (Threshold Standards) 2015, which sets out the minimum standards to operate in the higher education sector. The 103 ‘threshold standards’ are grouped into seven domains, covering:

  • student participation and attainment (which includes student admissions and assessment policies);
  • learning environment;
  • teaching (which includes course design and staffing);
  • research and research training;
  • institutional quality assurance (which includes course approval processes, academic integrity and misconduct, and third-party delivery arrangements);
  • corporate and academic governance and accountability; and
  • representation, information and information management (which includes marketing materials, student recruitment agents, student information and the obligation to maintain secure information technology systems (cyber security).16

1.9 Under the Education Services for Overseas Students Act 2000 (ESOS Act), providers teaching international students must also comply with a further set of 11 standards (the international student standards) under the National Code of Practice for Providers of Education and Training to Overseas Students. TEQSA administers the ESOS Act and the international student standards in regard to the higher education sector. These standards cover:

  • marketing information and practices;
  • student information, including admissions requirements, course information and fees;
  • content of enrolment agreements;
  • education agents;
  • younger overseas students;
  • student support services;
  • student transfers between providers;
  • student visa requirements, including monitoring student progress and attendance;
  • deferring, suspending or cancelling enrolment;
  • complaints and appeals processes; and
  • course requirements, including staffing, education resources and third party arrangements.

1.10 TEQSA regulates the offshore operations of providers that offer courses that result in Australian higher education awards. TEQSA advised the ANAO that 53 providers had offshore locations, 51 of which involved delivery of some aspects of teaching or related student services by contracted third parties.

1.11 In exercising its regulatory powers, TEQSA must comply with specified regulatory principles outlined in the TEQSA Act. These principles require that TEQSA’s actions must not burden a provider more than is reasonably necessary; must be risk-based; and must be proportionate to the provider’s actual (or risk of) non-compliance with the relevant standards. TEQSA must take a ‘risk management approach’ when making key regulatory decisions under the ESOS Act.

1.12 The Australian Government’s funding of TEQSA has fluctuated over time, as shown in Figure 1.2. In the May 2018 budget the government announced that TEQSA would move to 100 per cent cost recovery. Cost recovery arrangements have been progressively delayed and are now due to be implemented from July 2020.

Figure 1.2: TEQSA funding levels

 

Source: ANAO analysis of TEQSA portfolio budget statements.

Quality in the higher education sector

1.13 As noted in paragraph 1.7, TEQSA aims to protect Australia’s reputation for quality higher education. The annual Quality Indicators for Learning and Teaching (QILT) are a collection of Australian Government-endorsed surveys that assess higher education outcomes across student experience, graduate employment, graduate satisfaction and employer satisfaction. As shown in Appendix 2, QILT results have remained stable for the last four years.

Rationale for undertaking the audit

1.14 The higher education sector receives over $15 billion of Australian Government funding a year, and the annual contribution of international students to the Australian economy is estimated to be around $35 billion. There has been significant public interest in the integrity of admissions standards, academic misconduct (including contract cheating) and the integration of international students into Australian campuses. These issues have a direct impact on the reputation of the higher education sector and the interests of students, the protection of which is TEQSA’s key regulatory purpose.

Audit approach

Audit objective and criteria

1.15 The objective of the audit was to assess the effectiveness of TEQSA’s regulation of higher education. To form a conclusion against the audit objective, the ANAO adopted the following criteria:

  • Did TEQSA have an effective process to assign and maintain appropriate risk ratings to higher education providers? (Chapter 2)
  • Did TEQSA have effective and timely approvals processes, including for registering higher education providers and accrediting courses? (Chapter 3)
  • Did TEQSA have effective compliance and enforcement processes? (Chapter 4)
  • Did TEQSA provide appropriate support to the higher education sector to address key sector-wide risks? (Chapter 5)

Audit methodology

1.16 In undertaking the audit, the ANAO:

  • analysed TEQSA records for:
    • the assignment of 2019 risk ratings to registered providers;
    • a selection of registration, course accreditation and other regulatory approvals decisions made by TEQSA in 2018–19;
    • publicly reported timeliness statistics for 2018–19 decisions;
    • all provider compliance assessments and enforcement activities undertaken from 1 January 2018;
    • engagement with providers and stakeholder peak bodies regarding key sector-wide risks and what actions TEQSA took to support the sector to address these risks;
    • the 2019 stakeholder survey;
  • interviewed the TEQSA Commissioners, TEQSA staff, Department of Education17 staff, Chair and Deputy Chair of the Higher Education Standards Panel and a range of stakeholder peak bodies; and
  • analysed the eight submissions received through the ANAO audit contribution facility.

1.17 The audit was conducted in accordance with ANAO Auditing Standards at a cost to the ANAO of approximately $609,000.

1.18 The team members for this audit were Angus Martyn, Michael Commens, William Richards, Elizabeth Robinson, Song Khor, Ben Siddans and Deborah Jackson.

2. Risk assessment

Areas examined

This chapter examines the effectiveness of the Tertiary Education Quality and Standards Agency’s (TEQSA’s) processes to assign and maintain appropriate risk ratings to higher education providers.

Conclusion

TEQSA’s processes to assign and maintain risk ratings to higher education providers were largely effective. Risk indicators and data were aligned with the relevant provisions of the Tertiary Education Quality and Standards Agency Act 2011 and the majority of the higher education threshold standards. Limitations in source data meant that, for the majority of providers, risk assessments were usually based on two-year old data.

Areas for improvement

The ANAO has made two suggestions for improvement. Documenting how complaints against providers are considered would improve the transparency of TEQSA’s risk assessment process. There is also scope to increase provider compliance history as an input into the process through improving compliance assessment activities.

2.1 Risk management is an integral component of good regulatory administration and underpins almost all regulatory activity. It can be used to guide the development of management systems, processes and structures to support regulatory administration, the monitoring and management of regulatory compliance and the efficient allocation of available resources. ISO 31000 Risk management – Guidelines and the Commonwealth Risk Management Policy provide guidance to entities on managing risk.18

2.2 TEQSA assigns risk ratings to registered higher education providers through an annual risk assessment process. According to TEQSA’s Risk Assessment Framework, the annual assessments and assignment of risk ratings provide a snapshot of providers across the sector to help TEQSA prioritise its assurance activities.19 TEQSA’s risk assessment framework states that it is informed by the ISO 31000 Risk management – Guidelines.20 In order to assess the effectiveness of TEQSA’s processes to assign and maintain provider risk ratings, the ANAO examined whether:

  • the indicators of risk and data used in the risk assessment process covered the key areas of risks to providing quality higher education;
  • TEQSA assigned risk ratings in accordance with its documented process; and
  • TEQSA reviewed risk ratings in a timely manner.

Did the indicators and data used in the risk assessment process cover the key areas of risk to providing quality higher education?

The indicators and data used by TEQSA to assess individual provider risk are aligned with the key areas of risk to providing quality higher education, as outlined in the TEQSA Act. However, the accuracy of provider risk assessments is reduced as the source data used in the assessments is usually two years old. This can impact on the accuracy of the provider risk profile.

Risks indicators

2.3 The Tertiary Education Quality and Standards Agency Act 2011 (TEQSA Act) sets out the basic principles for regulation, including the principle of reflecting risk. The TEQSA Act states that TEQSA will comply with the principle of reflecting risk if its exercise of power has regard to the entity’s history, including its history of:

  • students’ experiences;
  • scholarship, teaching and research;
  • financial status and capacity; and
  • compliance with the threshold standards.21

2.4 When it first commenced operation in 2012, TEQSA’s process to assign annual risk ratings to providers involved an assessment against 46 individual indicators of risk. In 2013, following the Review of Higher Education Regulation22 and a stakeholder consultation process initiated by TEQSA, it reduced the number to 12 indicators that focused on four areas of risk (see Table 2.1).23

2.5 As shown in Table 2.1, the four areas of risk and the individual risk indicators used in the 2019 risk assessment cycle are appropriately aligned with the TEQSA Act provisions relating to risk noted in paragraph 2.3.

Table 2.1: Alignment between risks and risk indicators

TEQSA Act risk

Area of risk

Risk indicator

TEQSA’s description of risk

Students’ experiences

Student load, experience and outcomes

Student load

A significant increase in student load has the potential to impact on the quality of student experience unless planned for and managed.

Students’ experiences

Student load, experience and outcomes

Attrition rate

High attrition rates indicate potential quality issues in admission processes, teaching and learning processes, and overall student experience.

Students’ experiences

Student load, experience and outcomes

Progression rate

Low progression rates indicate potential quality issues in admission processes, teaching and learning processes, and overall student experience.

Students’ experiences

Student load, experience and outcomes

Completions

Low or decreasing completions indicate potential quality issues in admission processes, teaching and learning processes, and overall student experience.

Students’ experiences

Student load, experience and outcomes

Graduate satisfaction

Low graduate satisfaction across the institution reflects overall student experience and signals potential issues in relation to the quality of the course.

Students’ experiences

Student load, experience and outcomes

Graduate destinations

Very low employment or further study rates signal that students may not be well-equipped with the necessary graduate attributes to successfully transition into the next stage of their chosen profession or study.

Scholarship, teaching and research

Academic staff profile

Senior academic leaders

A low number of senior academic leaders embedded within the organisation may compromise the strength of the organisation’s academic capability.

Scholarship, teaching and research

Academic staff profile

Student to staff ratio

A high ratio of students to teaching and learning staff provides a broad indication of potential constraints on the level of support available to students, the quality of the learning experience and the average teaching workload.

Scholarship, teaching and research

Academic staff profile

Casual academic staff

A significantly high proportion of casual staff increases the risk of these staff not being appropriately supported and resourced to provide a continuity of support for students, anchor academic activities, engage in scholarly activities and be active contributing members in a community of scholarship.

Financial status and capacity

Financial viability and sustainability

Financial viability

Considers risk to a provider’s current and immediate to short-term strength and capacity. Measures include profitability, liquidity, gearing, debt servicing and cash flow.

Financial status and capacity

Financial viability and sustainability

Financial sustainability

Provides a longer-term view of a provider’s strength and capacity. Measures include revenue change, assets, employee benefits, enrolments and revenue diversification.

Compliance with the threshold standards

Regulatory history and standing

Outcomes of recent regulatory and compliance assessmentsa

Indicates a provider’s willingness and/or ability to comply with the threshold standards which is a basic requirement of registration.

       

Note a: Outcomes of recent regulatory and compliance assessments is not one of TEQSA’s 11 risk indicators but has been included in the above table to demonstrate how TEQSA seeks to assess risks to compliance with the threshold standards.

Source: ANAO analysis of TEQSA’s Risk Assessment Framework.

2.6 TEQSA’s risk assessment process is not intended to identify all sources of provider risk. It is designed to focus on the key risks that can be readily measured on a regular basis.24 ANAO analysis of the 11 risk indicators used in the 2019 risk assessment process shows that the indicators are aligned to the majority of the higher education threshold standards. However, the indicators do not cover some of the threshold standards, such as those relating to third party delivery of higher education, information management (which includes cyber security), corporate governance, research performance and equity and diversity.25 In a recent TEQSA consultative process, some stakeholders suggested that TEQSA could more explicitly consider additional issues in its risk assessment process, including through developing indicators.26 These issues included academic third party arrangements, information management, academic integrity, source country and revenue concentration.27 As at the end of 2019, TEQSA had yet to decide whether it will expand the range of indicators to explicitly cover more of the threshold standards.

2.7 In addition, TEQSA’s risk indicators do not account for the significant differences between providers. For example, significant non-compliance at a large, internationally recognised provider is likely to have a greater impact on the reputation of the sector and impact a greater number of students than if similar non-compliance occurred at a small non-university provider. However, TESQA advised the ANAO that it does not use a consequence matrix as part of its risk assessment process and it has not prescribed a methodology or approach for considering the consequences of non-compliance or the impact on students and sector reputation when determining provider risk ratings.28 As TEQSA’s purpose is to protect the interests of students and reputation of the higher education sector, it is important that TEQSA takes into account the consequences of non-compliance on the reputation of the sector and/or impact on students in its other operations, particularly its compliance activities (which is covered in Chapter 4).

Data

2.8 TEQSA’s analysis of risk indicators is largely based on analysis of data from several sources, including Quality Indicators in Learning and Teaching (QILT) data, the Higher Education Information Management System (HEIMS) and the Provider Information Request (PIR).29

2.9 Data from HEIMS and PIR is provided to TEQSA under a longstanding memorandum of understanding with the Department of Education (Education). As part of this process, Education validates the data prior to providing it to TEQSA. Validation involves a series of system checks, which are designed to check that the data is consistent with other data submitted by the provider and aligns with policy and program requirements. A separate verification process is undertaken with providers twice a year to confirm the accuracy of submitted data. Education’s data quality processes were outside the scope of this audit and were not tested by the ANAO.

2.10 ANAO analysis of data collected for use in TEQSA’s risk assessments found that it aligns with key risks set out in the TEQSA Act. For example, risks associated with students’ experiences are reflected in graduate satisfaction and graduate destinations data, while financial risks are reflected in financial data used to calculate financial viability and financial sustainability indicators.

2.11 Most of the data used in the assessments is two years old. This can impact on the accuracy of the provider risk profile, and is particularly significant for the student growth indicator.30 ANAO analysis shows growth patterns can change significantly year to year, meaning the data used by TEQSA to calculate the student growth indicator is not always reflective of current growth patterns.31 Education’s Transforming the Collection of Student Information project, due to be implemented from 2020, should improve the timeliness of student data by up to six months. TEQSA is also proposing to expand the scope of the PIR collection and standardise data elements between HEIMS and PIR in order to reduce the instances of incomplete data, especially for some non-university providers.

2.12 The TEQSA Act states that TEQSA will be reflecting risk if it has regard to the provider’s compliance with the threshold standards. TEQSA’s relatively limited provider compliance assessment activity leading up to the 2019 risk assessment cycle meant that compliance history did not feature strongly in 2019 provider risk assessments. Compliance assessments are discussed in greater detail in Chapter 4.

Were the 2019 risk ratings assigned in accordance with TEQSA’s process?

The 2019 risk ratings were assigned in accordance with TEQSA’s process. TEQSA did not document consideration of complaints in its risk assessments and did not make any adjustments to any risk ratings because of complaints.

2.13 TEQSA’s risk assessment framework seeks to enable a consistent, structured and systematic approach to assessing risk across all providers. The framework states that this is achieved by using a standard format and a set of 11 risk indicators (see Table 2.1) across areas of institutional practice and outcomes that are central to all providers.

2.14 TEQSA’s annual risk assessment process assigns each provider two risk ratings:

  • overall risk to students (overall student risk); and
  • overall risk to the provider’s financial position (overall financial risk).

2.15 Under the framework, assignment of provider risk ratings is a three stage process:

  • Stage one — analyse risk indicator data and calculate initial risk ratings against each of the 11 indicators and, subsequently, risk ratings for overall student and financial risks;
  • Stage two — adjust initial indicator ratings and overall student and financial risk ratings based on analysis of contextual issues, including provider complaints and compliance and regulatory history; and
  • Stage three — advise providers of their risk assessment, including draft overall student and financial risk ratings, review provider responses and finalise overall student and financial risk ratings.

2.16 The ANAO examined each of the stages to form a conclusion on whether TEQSA assigned risk ratings in accordance with its process.

Stage one — calculation of initial overall student risk rating and financial risk rating

2.17 The first stage of TEQSA’s risk assessment process involves the calculation of an initial overall student risk rating and financial risk rating using the risk indicators set out in Table 2.1.32 The student risk rating is derived from nine of the indicators; the financial risk rating uses two.33

2.18 Each risk indicator has a series of ‘thresholds’. The provider’s risk rating (either low, moderate or high) for an indicator depends on where it is in relation to the thresholds. For example, a provider whose percentage yearly student growth falls below the lowest threshold is given a rating of low risk. TEQSA allocates a numerical score to the provider’s result against each indicator according to whether the provider is a low, moderate or high risk. Where data is missing or incomplete, TEQSA may ‘suspend’ a particular risk indicator. In these cases, a score equivalent to a moderate risk is allocated to the indicator. TEQSA then totals the provider’s score for each of the nine indicators to determine the overall student risk rating.

2.19 For overall financial risk TEQSA calculates a numerical score for financial viability and financial sustainability using a variety of financial metrics, including operating margin, liquidity, diversity of revenue and change in total revenue. TEQSA then applies a formula to determine the overall risk according to documented thresholds.

2.20 The ANAO’s analysis found that the relevant data was accurate and TEQSA’s risk indicator calculations were done consistently with its established processes.

Stage two — adjustments to risk ratings

2.21 TEQSA’s risk assessment process provides for adjustments to risk indicators and overall ratings for a number of reasons, including provider context and the receipt of additional information, such as through the provider registration and international student management system (PRISMS) and complaints about providers.34

2.22 In the 2019 risk assessment cycle TEQSA made 402 adjustments to risk indicator ratings across 142 of the 173 providers. Adjustments were made across all 11 risk indicators, with the most common being student load indicator (40 adjustments), senior academic leader indicator (74 adjustments) and financial sustainability indicator (47 adjustments). TEQSA adequately documented the reasons for the adjustments.

2.23 TEQSA made 163 adjustments to individual risk ratings across 27 providers because of incomplete data. According to the risk assessment process, when indicator data is missing or incomplete TEQSA should ‘suspend’ that indicator and apply a score equivalent to a moderate risk. In the majority (148 of 163) of cases TEQSA followed the process. In 15 cases TEQSA took an alternative course (for example, scoring the indicator as a high risk). TEQSA clearly documented the rationale for doing so in all but two cases.35

2.24 TEQSA’s risk process guidance sets out that it should consider complaints and regulatory history as part of provider risk assessments and that adverse regulatory findings or a significant number of complaints on the same issue or theme are to be noted in the risk assessment.

2.25 Between January 2018 and October 2019 TEQSA received 474 complaints categorised as being related to a provider, 300 identified the provider involved. The ANAO reviewed complaints for the 10 providers with the highest number of complaints recorded in this period. Across the 10 providers 96 complaints were received, however none of the provider risk assessments for those providers included analysis of, or commentary regarding, the complaints.

2.26 TEQSA did not make any adjustments due to complaints during the 2018 and 2019 risk assessment cycles. TEQSA advised the ANAO that this was because internal discussions about provider complaints did not identify any issues relating to complaints received and that TEQSA does not consider complaints in its risk assessment process if the provider has not been notified of the complaint. However, TEQSA did not document its internal discussions regarding the relevance of recorded complaints to provider’s risk ratings.

2.27 Regulatory history was documented in the risk assessments for all providers. However for 20 universities and 22 non-universities TEQSA had not completed any regulatory activities in the three years prior to 31 October 2019, limiting its ability to analyse regulatory history as part of these provider’s risk assessments.

2.28 The ANAO identified 33 risk assessments where an evaluation of regulatory history and compliance or provider context led to adjustments to the overall student risk.36 The reasons for the adjustments — for example, that there was no data available as the provider was newly registered or the provider was subject to an incomplete compliance assessment — were clearly documented. In one case TEQSA did not adjust the student risk rating of a university provider despite an ongoing compliance assessment and did not document the reasons for not adjusting the rating.

2.29 TEQSA clearly documented its consideration of other aspects of a provider’s operations, often noting where there is significant international student growth and/or high concentrations of international students from particular source countries. For example, the ANAO identified six university providers with onshore international growth that, from 2016 to 2017, exceeded 15 per cent. Four of the six providers were assessed as low risk. In these cases TEQSA documented issues relating to international student growth and high concentrations of international students from particular source countries but did not make any adjustments.

Stage three — provider engagement and final risk ratings

2.30 TEQSA shares the risk assessment with each provider, inviting them to respond and, if they choose, provide additional context or information on strategies and any risk controls they have in place. Typically the risk assessment documentation shared with the provider includes information on indicators where TEQSA has identified a particular issue or concern — for example low response rates on QILT graduate outcomes surveys or significant increases in offshore international students.

2.31 TEQSA has stated that it occasionally sees patterns of over-concentration of international students generally or of students from one country, and in those circumstances would always recommend diversification where possible.37 ANAO analysis of 2019 risk assessments identified correspondence with eleven non-university providers and two universities that noted international student growth or revenue concentration, but no recommendations to diversify were made.

2.32 For the 2019 risk cycle TEQSA received 125 provider responses to risk assessments, which resulted in the adjustment of 23 overall risk ratings involving 22 providers (as shown in Table 2.2). Reasons for the changes were documented in all cases, with most due to the receipt of additional contextual information or more recent data.

Table 2.2: Final risk assessment adjustments

Direction of change

Student riska

Financial risk

High to moderate

4

2

Moderate to low

12

4

High to suspendedb

0

1

Total

16

7

     

Note a: One provider had an adjustment to both their student and financial risk ratings.

Note b: One provider had an adjustment from high to suspended due to TEQSA having no confidence in data. This is consistent with TEQSA’s documented process.

Source: ANAO analysis.

Risk assessment outcomes

2.33 TEQSA completed 173 provider risk assessments in the 2019 risk cycle, an increase from 168 in 2018 due to an increase in the number of registered providers. The proportion of providers at each risk rating for the 2018 and 2019 risk cycles is shown in Table 2.3.

Table 2.3: Proportion of providers at each risk rating level

 

Student risk

Financial risk

Risk rating

2018 (% of total)

2019 (% of total)

2018 (% of total)

2019 (% of total)

Suspended

8.3

9.8

10.7

12.7

Low risk

51.8

54.9

52.4

56.1

Moderate risk

27.4

26.6

30.4

22.5

High risk

12.5

8.7

6.5

8.7a

         

Note a: Includes one non-university provider that was rated as no confidence in data as TEQSA was unable to validate the data provided. A no confidence data rating attracts the same number of points as a high risk rating.

Source: ANAO analysis of TEQSA risk assessment outcomes.

2.34 In 2019 approximately 85 per cent of universities received low risk ratings for both student risk and financial risk. One university received a high risk rating for both risk ratings; no other university received a high risk rating in 2018 or 2019 (see Figure 2.1).

Figure 2.1: University providers’ overall risk ratings, 2018 and 2019

 

Source: ANAO analysis of TEQSA risk assessment outcomes.

2.35 The non-university provider ratings were more evenly distributed among the overall risk ratings in 2019 (see Figure 2.2). About 15 per cent also had ‘suspended’ ratings due to lack of data. In most cases this was either because the provider was newly registered and, as such, there was no data available, or there were low response rates to QILT surveys.

Figure 2.2: Non-university providers’ overall risk ratings, 2018 and 2019

 

Note: In 2019 there was one provider rated as no confidence in data for risk to financial position as TEQSA was unable to validate the data provided. This attracts the same points as high risk and has been included within the high risk ratings.

Source: ANAO analysis of TEQSA risk assessment outcomes.

Were the risk ratings reviewed in a timely way?

Risk ratings were reviewed in a timely way through an annual risk assessment cycle.

2.36 Risk assessments should be regularly reviewed to ensure that current risk settings remain appropriate and emerging risks are identified.

2.37 TEQSA’s provider risk assessments are reviewed every year and provide an annual point in time view of the overall student and financial risks. TEQSA’s annual risk assessment process is sufficiently timely as it aligns with the annual HEIMS and PIR data collections, which form the basis of provider risk assessments.

2.38 The TEQSA risk assessment framework states that TEQSA can update a risk assessment outside the annual cycle. TEQSA advised the ANAO that updating a risk assessment outside the annual process is rare and occurred only once in 2018–19. This involved an update of an existing risk assessment in March 2019 following the completion of a compliance assessment. The update did not change the provider’s student risk rating (high) or financial risk (moderate).

3. Regulatory approvals processes

Areas examined

This chapter examines whether the Tertiary Education Quality and Standards Agency (TEQSA) has effective and timely approvals processes for its key regulatory functions, including provider registration and course accreditation.

Conclusion

TEQSA’s approvals processes were effective but not always timely. Key approvals were undertaken consistent with legislative requirements regarding relevant higher education standards. TEQSA met the statutory timeframes for initial registration and accreditation approvals in all but one instance. TEQSA did not meet its targets for re-registration and re-accreditation approvals for low-risk providers.

Areas for improvement

The ANAO has made three suggestions for improvement: better documenting the rationale for the scope of application assessments in assessment plans; providing selected guidance to staff and experts on analytical approaches for assessing whether standards have been met; and ensuring advice to decision-makers includes analysis of relevant complaints against the provider received by TEQSA.

3.1 TEQSA’s registration approval process is its key mechanism to ensure that only providers meeting the relevant higher education standards are permitted to operate in the Australian higher education sector.38 Similarly, TEQSA’s course accreditation process allows it to regulate the specific courses being offered by the majority of registered providers.39 Sub-standard providers or courses represent a potential threat to Australia’s reputation for quality higher education. Protecting this reputation is a key object of the Tertiary Education Quality and Standards Agency Act 2011 (TEQSA Act) and Education Services for Overseas Students Act 2000 (ESOS Act).

3.2 To assess whether TEQSA’s processes were effective and timely, the ANAO examined whether:

  • key approvals processes were undertaken consistent with legislative requirements regarding applicable higher education standards;
  • any conditions or other measures placed on regulatory approvals were appropriate to mitigate risks;
  • TESQA effectively reports on the timeliness and outcomes of its key approvals processes; and
  • approvals processes were completed in a timely way.

Were key approvals processes undertaken consistent with legislative requirements regarding applicable higher education standards?

Key approvals processes were undertaken consistent with legislative requirements regarding applicable higher education standards. Decisions were informed by analysis of, and advice about, providers’ compliance with the standards.

3.3 Consistent and transparent approvals processes, with decisions based on adequate evidence that is assessed against clear requirements, is essential for any regulator. To assess TEQSA’s approvals process, the ANAO examined40:

  • how TEQSA decided what higher education standards relevant applications would be assessed against;
  • what evidence was analysed to assess applications;
  • whether appropriate assessment advice was provided to the relevant TEQSA decision-makers;
  • how decisions were documented; and
  • how extensions to approval periods (which did not require applications) were granted.

3.4 To assist readability, approvals under the TEQSA Act and ESOS Act are dealt with separately.

Tertiary Education Quality and Standards Agency Act 2011

3.5 The key types of TEQSA Act approvals are:

  • initial registration of an entity on the National Register of Higher Education Providers;
  • periodic re-registration of an existing registered provider;
  • initial accreditation of a course of study; and
  • periodic re-accreditation of an existing accredited course.

3.6 Approvals can be granted by TEQSA for up to seven years before re-registration or re-accreditation is required. TEQSA can also extend the period of approval without requiring a provider to go through a formal application and assessment process.

Scope of TEQSA Act assessments and the ‘core plus’ model

3.7 The main statutory requirement for registration and accreditation approvals is that TEQSA is ‘satisfied’ that the provider or course meets the relevant threshold standards.41 Some of the individual standards do not apply to particular approvals — for example, the standards on corporate and academic governance do not apply to course accreditation decisions.

3.8 Following the 2013 Review of Higher Education Regulation, the Minister for Education (Minister) issued TEQSA with a statutory direction to, among other things, implement ‘simplified processes’ for provider registrations and course accreditation approvals. From mid-2013 TEQSA commenced development of its ‘core plus’ model, which was implemented from 2014. Under this model, providers with lower risk ratings may be assessed only against a core sub-set of the threshold standards relevant to registration and course accreditation. Table 3.1 shows the number of core standards applying to each application type. Initial registrations are not shown in Table 3.1 as prospective providers are deemed to be high risk given the lack of a ‘track record’ in higher education and are assessed against all relevant standards.

Table 3.1: Number of core standards for application types under the core plus model

Application type

Number of standards

Number of core standards

Re-registration

75

23

Course accreditation

87

38

Course re-accreditation

87

28

     

Source: ANAO analysis of threshold standards and TEQSA application guides.

3.9 The specific core standards and TEQSA’s indicative evidence requirements for the above application types are set out in Appendix 4. While the concept of the core plus model is consistent with the statutory ‘basic principles of regulation’ applying to TEQSA, TEQSA has not reviewed the extent to which compliance with the core standards provides sufficient assurance that an applicant is meeting all relevant threshold standards.42

3.10 TEQSA provided tailored guidance to prospective applicants about the evidence required to support an application. Following review of the applications and other contextual information, TEQSA developed plans setting out the intended scope of each assessment.43 Key matters contained in the assessment plans included the particular standards that the application would be assessed against, whether TEQSA would visit the current or proposed campus or delivery site, and whether one or more experts would be retained to assist the assessment of the application.44

3.11 The assessment plans reviewed by the ANAO did not always provide a rationale for restricting the scope of the assessment to core standards or alternatively extending the scope by adding specific additional standards.45 The plans reviewed included at least a basic rationale for: seven of 12 plans for re-registration; four of nine plans for initial course accreditations; and one of four plans for re-accreditations. The rationale did not generally refer to the relevant provider’s risk rating. Having a more consistent level of information supporting the intended assessment scope would assist in the transparency of the overall approvals process. In late 2019 TEQSA introduced new assessment scoping templates and processes for re-registration approvals that are designed to achieve a better focus on identified risks and streamline evidence requirements.

Sources of evidence

3.12 TEQSA provided a list of evidence required to support an application, such as relevant policies, student and third-party contract agreements and records of key corporate and academic governance bodies, to applicants via a standard template. In some cases, TEQSA sought additional or clarifying documentation from providers during the assessment process. Evidence was also sometimes obtained via a site visit, as shown in Table 3.2. Other than for re-registrations, most processes also involved one or more experts contracted in by TEQSA providing an initial assessment of the application against the relevant standards.

Table 3.2: Site visits and expert reports for assessments

Application type

Site visit

No site visit

Expert’s report

No expert’s report

Registration

11

2a

13

0

Re-registration

6

6

5

7

Course accreditationb

1

8

7

2

Course re-accreditation

0

6

4

2

         

Note a: The two registration processes with no site visits involved a teleconference with relevant applicants.

Note b: The totals for course accreditation and re-accreditation assessments exclude those instances where the approval process also included a registration or re-registration assessment.

Source: ANAO analysis of relevant assessment plans and assessment reports.

3.13 Where two experts were contracted to assess the same course(s) for accreditation purposes, ANAO analysis showed that the experts sometimes disagreed on whether all relevant threshold standards were being met. Such disagreements were resolved in various ways, including seeking further information from applicants and interviewing provider senior staff during site visits where these were undertaken. In a recent internal review of TEQSA processes, TEQSA staff also noted that it could be difficult to determine whether a standard has been met. The above indicates that there would be value in TEQSA identifying which standards should be the subject of assessment guidance for staff and contracted experts to minimise variations in analytical approaches.

3.14 Where TEQSA considered rejecting applications, placing statutory conditions or approving for less than the maximum seven years, TEQSA’s process was to provide the proposed decision to the applicant and consider any response before providing advice and recommendations on a final decision to the relevant decision-maker(s).46 Seventy-four per cent of providers who responded to the 2019 TEQSA stakeholder survey rated TEQSA as excellent or good in providing opportunities for input before final decisions were made; nine per cent rated TEQSA as poor or very poor.

Advice to decision-makers

3.15 The TEQSA Commissioners were the decision-makers for initial registration and re-registrations and any concurrent accreditation and re-accreditation applications. Stand-alone course accreditation or re-accreditation decisions were delegated to a TEQSA officer.

3.16 Across all assessment types reviewed by the ANAO, decision-makers were provided with clear advice on whether the applications met the threshold standards. The advice also contained a recommendation whether to approve or reject the application, as well as any conditions or other matters to be imposed on an approval. Where rejection, imposing a condition or a shorter approval period was recommended, the advice included a rationale why this recommendation was consistent with the TEQSA Act regulatory principles.

3.17 While TEQSA’s internal guidance lists provider complaints as an input into assessments, TEQSA did not consistently document whether it had considered the relevance of any complaints it had received about a provider as part of the assessment process. For example, TEQSA received 11 complaints about a regional university over 2016–18 but there was no reference to these in the October 2018 re-registration advice provided to decision-makers.47 To improve the transparency of advice provided to decision-makers, TEQSA could include summary information on how any complaints were considered as part the assessment process. TEQSA’s inclusion of provider complaints in its newly adopted assessment scoping template has the potential to assist this.

Decisions

3.18 The decision-maker accepted the key recommendation whether to approve or reject an application in all but one of the decisions reviewed by the ANAO.48 In that one case, TEQSA Commissioners decided against approving the registration application of a private provider and appropriately documented the reasons. The outcomes of key TEQSA Act regulatory processes in 2018–19 are shown in Table 3.3.

Table 3.3: Outcomes of key TEQSA Act regulatory approval processes in 2018–19

Application type

Approved

Not approved

Withdrawn before final decision

Registration

9

4

8

Re-registration

16

0

0

Course accreditation

54

5

47

Course re-accreditation

40

0

12

       

Note: The above includes approvals resulting from Administrative Appeal Tribunal orders made in 2018–19. Numbers are based on individual applications. TEQSA accreditation and re-accreditation decisions may cover more than one application from the same provider.

Source: ANAO analysis of TEQSA customer relationships management (CRM) data.

3.19 Where applications were not approved, the relevant providers were given a detailed statement of reasons as part of the formal notice of decision. Where applications were approved, but with statutory conditions or a shorter approval period imposed, the providers were given a statement of reasons or other information containing a rationale or context for this. Sixty-five per cent of responding 2019 stakeholder survey providers rated TEQSA as excellent or good in providing a clear explanation for decisions; thirteen per cent rated TEQSA as poor or very poor.

Extensions

3.20 In 2018 TEQSA adopted a policy for extension of registration and accreditation approval periods. The policy targeted providers with low risk ratings. Extending approval periods was intended to assist TEQSA to manage its assessment workload by delaying the need for potentially resource-intensive assessments. It also enabled TEQSA to align the end dates of different types of approvals (such as registration and accreditation) periods, allowing it to run a combined future approval process.

3.21 During 2018–19 TEQSA Commissioners considered a range of providers with low risk ratings as possible candidates for extensions to registration periods. Advice to Commissioners included information on ongoing compliance assessments and resulted in some of the providers, including universities, not being offered extensions. Six providers, including four universities, were granted extensions of either two or three years. Six providers were also granted extensions to course accreditation periods: in one case the extension was six months to allow existing students to finish relevant courses before the provider exited the higher education sector. All accreditation extensions were for periods of less than two years.

Review of processes

3.22 In mid-2019 TEQSA commenced a review of its existing processes in an effort to improve quality, efficiency and timeliness in light of an expected 90 per cent increase in applications in 2019–20.49 Key changes to approvals processes resulting from the review include:

  • internal restructuring to increase specialisation of assessment teams;
  • providing feedback to providers on ‘issues of concern’ earlier in the application assessment process;
  • where an application is accompanied by a third-party expert report commissioned by the provider, TEQSA may decide not to obtain its own expert report to assess applications; and
  • increasing the number of providers having their registration and accreditation approval periods extended without going through formal renewal approvals processes.

3.23 Restructuring of assessment teams was completed in late 2019, with other changes due to be progressively implemented during 2020.

Education Services for Overseas Students Act 2000

3.24 The key types of approvals are:

  • initial registration of an entity on the Commonwealth Register of Institutions and Courses for Overseas Students (CRICOS)50; and
  • periodic re-registration of an existing provider.

3.25 Approvals can be granted for up to seven years before re-registration is required. TEQSA can also extend the period of approval, but only for the purpose of aligning the period with the provider’s period of registration under the TEQSA Act.

Scope of ESOS Act assessments

3.26 The ANAO reviewed nine initial registration assessments and 10 re-registration assessments. All applications were assessed by TEQSA against all the applicable international student standards.51 TEQSA’s ESOS Act processes did not require the development of an assessment plan. While some assessment reports provided to the decision-maker did include reference to provider risk ratings, other areas of risk or regulatory history, TEQSA did not document whether the scope of assessments was informed by these matters.

Sources of evidence

3.27 For initial CRICOS registrations, evidence requirements were contained in the application form. For re-registrations, requirements were sent to providers via a standard form template.

3.28 Unlike TEQSA Act assessment and approval processes, ESOS Act assessments did not involve input from experts. Site visits were generally not undertaken, but for CRICOS initial registration applications reviewed by the ANAO, five of the nine applicants had been recently visited through the TEQSA Act registration process.

3.29 The international student standards require self-accrediting providers to undertake an ‘independent audit’ of their compliance with the National Code (international student standards) and the ESOS Act to ‘inform the re-registration of the provider’.52 The CRICOS re-registration applications of all three universities examined by the ANAO included copies of the audit reports and the universities’ written plans for responding to the findings. In two of the three cases, TEQSA’s assessment of the re-registration application was largely based on the audit report findings.53

3.30 Applicants were given the opportunity to provide additional information or amend relevant policies where there was insufficient supporting evidence or TEQSA’s initial assessment of applications concluded that the provider was either not, or at risk of not being, compliant with the relevant standards.

Advice to decision-makers

3.31 Decisions on initial registration and re-registrations were made by TEQSA officers. Advice was provided to decision-makers via an assessment outcomes report. While the formatting of the assessment analysis and amount of detail in the reports varied considerably, they all contained advice on the extent to which the applicant was compliant with the relevant standards.

3.32 TEQSA did not consistently document whether it considered the relevance of any complaints it had received about a provider as part of the ESOS Act assessment process. For example, TEQSA received 11 complaints about a regional university over 2017–18 but there was no reference to these in the January 2019 CRICOS re-registration assessment report provided to the decision-maker.54

Decisions

3.33 Decisions were documented by the delegate signing the assessment outcomes report. All decisions reviewed by the ANAO were consistent with the key recommendations contained in the assessment advice. There were, however, some inconsistencies in dates. For example, one university was formally advised of its successful CRICOS re-registration in late May 2019, but the assessment report was not signed by the delegate until late June 2019. Similarly, another provider was formally advised of its successful CRICOS registration in March 2019, but the assessment report was not signed by the delegate until June 2019 following rectification by the provider of some outstanding non-compliance matters.

Table 3.4: Outcomes of key ESOS Act regulatory approval processes in 2018–19

Application type

Approved

Not approved

Withdrawn before final decision

CRICOS registration

9

0

0

CRICOS re-registration

38

0

0

       

Source: ANAO analysis of TEQSA CRM data.

Extensions

3.34 In 2018–19 TEQSA granted extensions to CRICOS registration periods for four providers, one of which was a private university.55 Two of the providers had moderate risk ratings and two had low risk ratings. The form of assessment advice provided to the decision-maker varied, but contained some consideration of risk issues. Extensions were between six months and three years, reflecting that registrations can only be extended for the purpose of aligning the CRICOS registration period with the provider’s period of registration under the TEQSA Act.

Other types of ESOS Act approvals

3.35 For providers that already have CRICOS registration, there are a range of matters that require TEQSA approval, including:

  • increasing the maximum number of students it is authorised to teach;
  • adding one or more courses to those it is authorised to teach; and
  • adding a new delivery site or relocating an existing site.

3.36 The ESOS Act does not explicitly set out what TEQSA must consider in deciding whether to approve applications for these matters. However, TEQSA has internal guidelines to assist the consistent assessment of applications. These cover matters such as staffing levels, suitability of teaching premises and IT resources. TEQSA’s assessment of applications was consistent with these guidelines.

3.37 TEQSA approved five intensive English language programs and one Foundation program in 2018–19. TEQSA used contracted experts to inform its assessment of the applications. Assessments were largely undertaken consistent with TEQSA processes, although in one case there was no record of the delegate’s decision.

Did regulatory approvals include risk mitigation measures where appropriate?

The risk mitigation measures attached to key approvals were appropriate as they aligned with the risk of non-compliance with relevant standards identified through the assessment process.

3.38 Both the TEQSA Act and ESOS Act require TEQSA to take a risk-based approach in making decisions whether to approve applications. This requires TEQSA to accept some level of risk in approving some applications. The ANAO assessed whether TEQSA used conditions or other risk mitigation mechanisms appropriate to the risks identified in the application processes.

3.39 Of the 58 approved TEQSA Act and ESOS Act registration or accreditation application assessments reviewed in detail by the ANAO, TEQSA assessed six applications as not meeting one or more relevant higher education standards. Another 26 were assessed as ‘at risk’ of not meeting one or more standards or otherwise having ‘residual risks’.

3.40 For the six applications where a standard was assessed as not being met:

  • in three cases, the approval contained one or more conditions designed to address the non-compliance — in two of these, student enrolments were prohibited until the non-compliance was corrected;
  • in two cases, TEQSA gave the applicants the opportunity to voluntarily correct the non-compliance post approval, which the provider did to TEQSA’s satisfaction; and
  • in one case, the provider entered into a formal agreement with TEQSA to undertake, and report on, a range of defined actions within specific timeframes to rectify non-compliance issues.

3.41 These approaches represent appropriate responses to the risks associated with the identified non-compliance issues.

3.42 TEQSA took a variety of approaches in the 25 cases that were assessed as at risk of not meeting the standards or having residual risk. Statutory conditions were imposed on 12 and non-statutory information requests were attached to the approval for the remainder.56 The conditions and requests were appropriate as they aligned with actual and/or risks of non-compliance with relevant standards identified through the assessment process. For example, in response to assessment concerns about the adequacy of academic leadership and high student to staff ratios, TEQSA imposed conditions requiring a provider to provide periodic staffing information to TEQSA. In another case, TEQSA’s assessment highlighted slow progress by a provider in improving its governance processes and academic policy framework, including relating to third party arrangements. As a consequence, TEQSA imposed conditions requiring reporting of evidence of improved student performance, increased staff scholarly activities and academic review, and compliance monitoring of the provider’s offshore operations.

3.43 Another risk mitigation mechanism adopted by TEQSA was the granting of shorter approval periods. Notably, all initial TEQSA Act registration applications approved by TEQSA in 2018–19 were for five rather than seven years, and five of the 12 TEQSA Act re-registration approvals examined by the ANAO were for four years or less.57

3.44 For TEQSA Act approvals, assessment reports clearly described why the proposed conditions or shorter approval periods were consistent with the TEQSA Act regulatory principles. Applicants were given the opportunity to respond to proposed statutory conditions or shorter approval periods before the assessment was finalised. As outlined in paragraph 4.26, TEQSA has not always undertaken timely assessments of whether the material supplied by providers under conditions indicates whether any further monitoring or compliance activity is required.

3.45 TEQSA also seeks to mitigate risks associated with providers newly registered under the TEQSA Act by holding follow-up site visits 15–18 months after initial registration. Of the eight new providers registered between October 2016 and August 2018, five had follow-up visits at November 2019. TEQSA advised the ANAO that visits were scheduled for the other three in early 2020.

Did TESQA effectively report on the timeliness and outcomes of its key approvals processes?

TEQSA’s performance statement in its 2018–19 annual report provides an adequate level of information regarding timeliness of key TEQSA Act approval processes, including comparisons to previous years. It also includes information on approval outcomes, although the information could be presented in a more consistent way to allow comparisons between different types of approvals.

3.46 Under the Public Governance, Performance and Accountability Act 2013, an entity is required to report on its activities, including its planned outcomes, in the annual performance statement in its annual report. The information can be used by Parliament and the public to assess whether the entity has been successful in achieving its planned outcomes. The ANAO examined the information on outcomes of approvals processes and timeliness of decisions included in TEQSA’s 2018–19 performance statement.

3.47 Outcomes of key approval processes and timeliness of decisions, including comparisons to the previous year, are reported in the performance statement in TEQSA’s annual report under action 1.2 ‘Implement mechanisms to ensure efficient assessment of applications’. The performance indicator for this action is ‘quality assurance and regulation does not unnecessarily impede the efficient operation of higher education providers’, which is derived from one of the indicators in the Australian Government’s Regulator Performance Framework. TEQSA’s performance against this indicator was measured by provider views about TEQSA’s regulation (via the 2019 stakeholder survey) and TEQSA’s compliance with statutory timeframes and internal targets.

3.48 In the performance statement, TEQSA reported that fifty-nine per cent of responding providers rated it as good or excellent in assuring and regulating the sector without unnecessarily impeding the efficient operation of higher education providers. TEQSA’s good or excellent rating by for-profit providers was considerably lower at 43 per cent. TEQSA published the results of the 2019 stakeholder survey and the 2019 Regulator Performance Framework report on its website in December 2019.

3.49 The 2018–19 performance statement provides clear information about the number of TEQSA Act applications received, approval decisions made and applications withdrawn. However, outcomes from different types of applications are reported inconsistently. Registration application outcomes are reported by approved, rejected or withdrawn, but re-registration outcomes are reported by the proportion of ‘adverse’ decisions (either rejected, or approved with conditions or an approval period of less than seven years). There would be value in reporting ‘adverse’ registration and re-registration decisions in the same way to make it easier to compare outcomes between the two processes.

3.50 The performance statement also notes that seven provider appeals to the Administrative Appeals Tribunal were ‘resolved by agreement’ in 2018–19. The result in five of the cases was that TEQSA’s original decisions to not approve the applications were set aside and the providers were registered.58 The two other cases resulted in changes to the conditions TEQSA had originally placed on the approvals.

Were 2018–19 approvals completed in a timely way?

The timeliness of approvals was mixed. TEQSA met the statutory timeframes for initial registration and accreditation approvals in all but one instance. It did not meet its targets for re-registration and re-accreditation approvals for low-risk providers.

3.51 Completing approval processes in a timely way is important to allow current and prospective providers to plan and undertake their business with a reasonable degree of certainty. The ANAO:

  • assessed TEQSA’s performance on timeliness against relevant statutory timeframes and internal targets and benchmarks (shown in Table 3.5); and
  • compared its performance to previous years.

Table 3.5: Regulatory approvals: statutory timeframes and 2018–19 internal targets

Approval type

Timeframe or target

Specific requirement

Accreditation or registration

Statutory timeframe

Complete preliminary assessment of a course accreditation or provider registration application within 30 days of receiving application.

Accreditation or registration

Statutory timeframe

Make a decision on a course accreditation or provider registration application within nine months of provider paying the fee for substantive assessment of the application.

Decision review

Statutory timeframe

Complete an internal review of original decision and make a decision within 90 days of receiving the application for review.

Re-registration

2018–19 internal target

At least 90 per cent of re-registration decisions regarding low risk providers are made within six months of receiving application.

Re-accreditation

2018–19 internal target

At least 90 per cent of course re-accreditation decisions regarding low risk providers are made within three months of receiving application.

     

Source: TEQSA 2018–19 Annual Report.

3.52 The ANAO was able to replicate TEQSA’s timeliness reporting in the 2018–19 performance statement using the data in TEQSA’s CRM database. The ANAO also gained reasonable assurance regarding the accuracy of the approval completion dates in CRM by verifying that the dates matched the dates on approvals documentation collected by the ANAO.

3.53 In all but one case TEQSA met the statutory timeframes for 2018–19 initial registration and accreditation approvals processes. However, timeframes for 2018–19 re-registration and re-accreditation approvals were much longer. Figure 3.1 shows TEQSA’s performance over the last 4 years.

Figure 3.1: Timeliness of TEQSA Act approval decisions 2015–16 to 2018–19

 

Source: ANAO analysis of TEQSA CRM data and annual reports.

3.54 TEQSA advised the ANAO that the reduction in registration and accreditation approval timeframes in 2018–19 reflected TEQSA’s decision to prioritise these over re-registration and re-accreditation approvals. A provider continues to be registered and have its courses accredited if its current approval period expires due to a delay in a TEQSA decision. Nevertheless, one provider told the ANAO that:

a delay [in a re-registration decision] has meant that the [provider] has been unable to define clearly nor articulate its strategic and business direction with any certainty. Also, [it] is unable to attract senior academic staff, the main reason being the pending status of institutional re-registration. These matters place the [provider] in a constrained position to maximise academic improvement and operational sophistication.59

3.55 TEQSA’s prioritisation of registration and accreditation assessments meant that it did not meet its internal target for making 90 per cent of re-registration decisions regarding low-risk providers within six months. None of the nine relevant decisions were made within this timeframe, with four decisions taking 12 months or more.

3.56 While not reported in the performance statement, equal numbers of providers responding to the 2019 stakeholder survey rated TEQSA’s timeliness of TEQSA Act decision-making as good or excellent compared to poor or very poor (27 per cent in both cases). There was a similar result for ESOS Act (CRICOS) decisions: 34 per cent good or excellent and 27 poor or very poor.

4. Compliance and enforcement

Areas examined

This chapter examines whether the Tertiary Education Quality and Standards Agency’s (TEQSA’s) compliance and enforcement processes were effective.

Conclusion

TEQSA’s compliance and enforcement processes were partially effective. It has undertaken a small number of enforcement actions to address non-compliance with statutory requirements. While TEQSA has an appropriate suite of compliance activities, documentation of most of its recent compliance assessments was poor and it has yet to implement a compliance monitoring framework. TEQSA’s public reporting of enforcement actions was appropriate but it does not report on the number of compliance assessments undertaken or their outcomes.

Areas for improvement

The ANAO has made five recommendations designed to improve the effectiveness of TEQSA’s compliance activities.

4.1 Regulators have a responsibility to give confidence to Parliament, the Government and the community that regulated entities are complying with their statutory obligations and that appropriate enforcement action is taken when a regulated entity fails to meet its obligations. This is necessary if TEQSA is to demonstrate that it is achieving its purpose of protecting the interests of students and the reputation of the higher education sector. In order to assess the effectiveness of TEQSA’s approach to compliance and enforcement the ANAO examined whether:

  • TEQSA’s compliance plans and priorities were informed by relevant risk ratings;
  • TEQSA undertook effective compliance activities;
  • TEQSA took appropriate enforcement action to address non-compliance with statutory requirements; and
  • TESQA effectively reported on the outcomes of its compliance and enforcement processes.

Were TEQSA’s compliance plans and priorities informed by relevant risk ratings?

TEQSA has not undertaken any periodic compliance planning, but it is in the early stages of developing priorities to guide future compliance activity. TEQSA’s completed compliance assessment activity has not been informed by provider risk ratings. Compliance activity has mainly been informed by media and provider self-reporting.

4.2 Developing a monitoring framework that includes risk based compliance planning can assist a regulator to give confidence to key stakeholders, including Parliament, that compliance activities are appropriately targeted, regulatory risks are being managed and the level of residual risk is acceptable.

4.3 TEQSA has a principles based policy document on compliance and enforcement. The policy outlines that TEQSA’s aim is to achieve high levels of compliance while minimising burden on providers and administrative costs for TEQSA, including through promoting and supporting a culture of effective self-assurance within providers. The policy states that TEQSA monitors all providers through annual risk assessments (discussed in Chapter 2) and by gathering information and intelligence from other sources, including complaints about providers and media reporting. TEQSA also assesses registered providers’ compliance with relevant education standards through the periodic re-registration and course-accreditation approval processes covered in Chapter 3.60 As noted in paragraphs 3.39 to 3.42, TEQSA may place reporting conditions on these approvals, enabling it to monitor a provider’s performance where the approvals process has identified compliance risks. TEQSA also seeks to support providers to improve compliance in relation to a range of identified sector-wide risks through its activities covered in paragraphs 5.7 to 5.32.

4.4 As at December 2019 TEQSA’s compliance and enforcement policy was not supported by implemented operational plans or procedures. TEQSA has not undertaken annual or other periodic compliance planning, nor has its compliance assessment activity been informed by specific priorities.61 Completed compliance assessments have largely been in response to adverse media coverage or providers reporting to TEQSA issues relating to compliance with the threshold standards rather than risk ratings assigned to providers by TEQSA. As shown in Table 4.1, two of 29 assessments involved providers that had a high risk rating for student and/or financial risk. Eighteen assessments involved providers with low risk ratings against both. TEQSA has not undertaken regular compliance monitoring aimed at detecting non-compliance.62

Table 4.1: Analysis of risk ratings of providers with a completed compliance assessment

 

 

Overall risk to student position

Overall risk to financial position

 

High

Moderate

Low

High

1

0

0

Moderate

1

2

2

Low

0

0

18

         

Note: TEQSA completed 29 compliance assessments, however four compliance assessments related to providers with a suspended overall risk rating for students and/or financial position. One additional compliance assessment was of an unregistered provider.

Source: ANAO analysis.

4.5 TEQSA has begun to develop elements of a compliance monitoring framework, which was at a relatively early stage in December 2019. The elements include:

  • identifying draft regulatory risk priorities to potentially inform future compliance assessment and intelligence gathering activities;
  • a draft compliance monitoring program to guide a more pro-active approach to compliance assessments, including coverage of providers with low and medium risk ratings; and
  • improving internal processes by centralising compliance and investigation work, developing policies, procedures, templates and training, and reviewing complaint management processes to better inform compliance activities.

Recommendation no.1

4.6 TEQSA establishes and implements a comprehensive compliance monitoring framework, supported by appropriate operational processes.

Tertiary Education Quality and Standards Agency response: Agreed.

4.7 TEQSA agrees that strengthening the compliance monitoring framework is important and a number of well progressed strategies to improve compliance monitoring capabilities have been completed or are underway. In August 2019, all compliance work outside the application cycle was centralised within TEQSA. This builds on other assessment processes that inform compliance with statutory requirements, which include:

  • Annual Risk Assessment including the provider response
  • Renewal of registration
  • Renewal of accreditation
  • Renewal of CRICOS registration & other CRICOS assessments

Were TEQSA’s compliance activities effective?

TEQSA’s key compliance activities have been partially effective. TEQSA has an appropriate suite of compliance activities and, from late 2019, has commenced an increased number of compliance assessments. However, these assessments have not always been adequately documented. Reports submitted by providers as part of formal conditions have not been assessed in a timely manner and TEQSA has not established a transparent process for managing material change notifications.

4.8 The Tertiary Education Quality and Standards Agency Act 2011 (TEQSA Act) provides TEQSA with the power to review, examine or investigate any aspect of an entity’s operations to assess whether the TEQSA Act, its associated provisions and/or the threshold standards have been or are being complied with, including by conducting compliance assessments and quality assessments. The Education Services for Overseas Students Act 2000 (ESOS Act) gives TEQSA a similar power regarding compliance with the ESOS Act and international student standards.63

4.9 To form a conclusion on the effectiveness of TEQSA’s compliance activities the ANAO examined the following:

  • all compliance assessments completed between 1 January 2018 and 15 January 2020;
  • monitoring and assessment of conditions placed on provider registrations and course accreditations; and
  • management of material change notifications.

Compliance assessments

4.10 TEQSA’s compliance and enforcement policy states that TEQSA may initiate assessments on the basis of complaints about providers, intelligence gained from media monitoring or from other sources that suggest possible non-compliance. The policy also states that for providers identified for additional investigation and/or enforcement action, TEQSA will develop a compliance and enforcement action plan relevant to the nature and potential consequences of the issues of concern.

4.11 Between 1 January 2018 and 15 January 2020 TEQSA completed 29 compliance assessments.64 Responsibility for all compliance assessments was transferred to a compliance and investigations team in August 2019 and since then TEQSA has commenced and completed 11 of the 29 assessments.

Completed compliance assessments

4.12 Eighteen of the 29 completed compliance assessments were initiated in response to media reports, referrals from third party organisations or self-reporting by a provider. Eleven assessments were initiated as a result of internal processes.

4.13 The assessments often involved a review of multiple threshold and/or international student standards. The most common issues covered by the 29 assessments were:

  • third party arrangements, where courses are delivered by parties other than the registered provider (13 assessments);
  • student wellbeing, safety and support (12 assessments);
  • corporate and/or academic governance (nine assessments); and
  • admissions standards, including for international students (four assessments).

4.14 Twenty-six of the 29 assessments had an assessment plan, with TEQSA using a standard ‘compliance and investigation plan’ template from November 2019. The stage at which the plans were developed and the information contained therein varied significantly. Nine of the plans were developed on or after the day of formal completion of the assessment. In 10 of the assessments key fields of the plan, such as the stakeholder engagement record and the compliance assessment priorities, were blank. Additionally there were four assessment plans which did not identify the relevant standards or legislative provisions being assessed.

4.15 Assessment of evidence and resulting advice to decision-makers was documented in a variety of ways. Where the assessment was provided to Commissioners (eight assessments were presented to Commissioners) or assessments were subsumed into regulatory approval processes such as provider re-registration, assessments were well documented. Where the decision-maker was a lower-level delegate (21 assessments were closed by lower level delegates), the summary of the assessment provided little or no information about what evidence was reviewed and how it was assessed.

4.16 Good recordkeeping supports efficiency and accountability through the creation, and retention of accurate, reliable, and accessible records. As such, it is important for TEQSA to adequately document its compliance activities, including compliance assessments. As mentioned in paragraph 2.3, one of the elements that TEQSA should consider in assessing risk is provider compliance history. The quality of documentation of compliance activities impacts on the quality of risk assessments.

4.17 Of the completed compliance assessments, three were closed without making any findings due to an overlap with other regulatory processes, including re-registration approvals and conditions. Of the remaining 26, 19 were closed with no adverse findings against the provider. These included two instances where the assessment was discontinued prior to any substantive assessment taking place. One of the closed assessments related to the Australian National University (ANU) data breach, which was widely reported in June 2019.65 The compliance assessment was closed on the basis that ANU was working with Australian government security agencies and TEQSA’s limitations in resources to undertake cyber security investigations.66 This may be appropriate given the involvement of other entities. However, there was no evidence that TEQSA had requested ANU to provide updates on any actions it was taking to address issues related to compliance with the threshold standards.67 Given the nature of the ANU data breach and TEQSA’s role, TEQSA should be monitoring ANU’s compliance with the relevant threshold standards and the actions taken to respond to this issue.

4.18 In seven cases, completed assessments noted evidence of non-compliance or significant risk of non-compliance. The issues identified mainly related to the quality of teaching and student academic outcomes. As of 5 February 2020 TEQSA had taken the following action in response to these findings:

  • in two cases TEQSA rejected the applications to renew the registration of the provider;
  • in three cases TEQSA imposed conditions on the provider, the conditions mostly related to obligations to report to TEQSA on progress implementing improvements and governance activities;
  • in one case TEQSA committed to continuing to monitor the provider via site visits and requests for information; and
  • in one case TEQSA noted the findings will be considered when assessing the upcoming registration application of the provider.

4.19 The time taken to complete compliance assessments varied significantly and ranged from eight to 925 days. Since the transfer of all compliance assessments to the compliance and investigation team the length of assessments has decreased. However, planning and assessment documentation in the assessments commenced after 1 August 2019 was less detailed. All of the latter assessments were closed with no adverse findings and only one was presented to the Commission.

Ongoing compliance assessments

4.20 As of 15 January 2020 TEQSA had 77 ongoing compliance assessments involving 52 providers. The most common issue being assessed was third party arrangements (in 16 ongoing compliance assessments). Four assessments were commenced on or before 31 December 2018, with the oldest dating from 1 July 2018. A commencement date was not recorded for six assessments. The status of 34 compliance assessments was not documented in TEQSA’s tracking of assessments.

Recommendation no.2

4.21 TEQSA ensures that it adequately documents its analysis and the outcomes of each stage of its compliance assessments in a timely manner.

Tertiary Education Quality and Standards Agency response: Agreed.

4.22 TEQSA agrees with this recommendation, noting that plans were put in place to address this issue in the agency’s 2019–20 Operational Plan, which includes the development and documentation of policies, processes and procedures to support TEQSA’s compliance work. This work has commenced and is on track for completion by June 2020.

Conditions

4.23 TEQSA may impose statutory conditions on the registration and course accreditation of providers in order to address concerns or areas of risk relating to a provider’s higher education activities. Failure to comply with conditions is a breach of the TEQSA Act.68

4.24 TEQSA has developed a standard process for assessing providers’ compliance with conditions, which includes requirements to assess material submitted by providers and, for periodic reports, advise the provider of the outcomes of TEQSA’s assessment.

4.25 Between 1 January 2018 and 30 June 2019 TEQSA placed 80 conditions with reporting requirements on the registration (35 conditions) and course accreditation (45 conditions) of 23 providers. Conditions ranged from one off reporting on the appointment of a suitably qualified academic through to cyclical reporting on provider performance, quality assurance and internal governance.

4.26 As at 5 December 2019 TEQSA had received reports from 23 providers relating to 79 of the 80 conditions.69 Of these, TEQSA had assessed the provider reports regarding 66 conditions. Fifty of the 66 conditions were assessed as being met. TEQSA’s assessment of submitted reports was not sufficiently timely in some cases. The time taken to commence assessment following submission of reports by providers ranged from 60 to 505 days, with a median of 151 days. As at 5 December 2019 reports from five providers relating to 13 conditions had not been assessed. For these, the median time elapsed since submission was 337 days.

4.27 In TEQSA’s 2019 annual stakeholder survey 37 per cent of providers rated the timeliness of TEQSA’s feedback on whether the organisation was meeting expected standards as good or excellent; 25 per cent rated TEQSA as poor or very poor.

Recommendation no.3

4.28 TEQSA ensures material submitted by providers as part of formal conditions is assessed in a timely manner.

Tertiary Education Quality and Standards Agency response: Agreed.

4.29 With the commencement of new resources in 2018, TEQSA undertook a project to review the impact of conditions and treatment plans on provider compliance with the higher education standards framework. To prepare data for the project, a review of compliance with all existing conditions on provider registrations and accreditations was undertaken. In total, 162 assessments of compliance with conditions were commenced or completed in 2018-19. This work resulted in 87 conditions being revoked, eight conditions varied and 82 new conditions being imposed.

Material changes

4.30 The TEQSA Act requires registered higher education providers to notify TEQSA within 14 days of becoming aware of an event that will significantly affect the provider’s ability to meet the threshold standards or an event that will require an update to the National Register of Higher Education Providers.70

4.31 TEQSA’s material change notification policy sets out a number of events that may warrant a material change notification including:

  • changes that may impact on provider governance;
  • changes that may impact on the good standing of a provider;
  • changes that may impact on financial viability;
  • delivery with other parties;
  • major course changes (for providers without self-accrediting authority); and
  • other changes that may impact on students.71

4.32 TESQA records a number of its regulatory and compliance activities in its customer relationship management (CRM) system, including material change notifications. ANAO analysis of CRM records found inconsistent and incomplete activity records. For example, material changes are not categorised consistently or in accordance with the categories set out in TEQSA’s policy, and actions taken by TEQSA in response to a material change are often not recorded. According to the CRM database, TEQSA received 256 material change notifications in 2018–19 across the six categories set out above. The most common notifications related to provider governance — notably, changes to senior management or academic leaders.

4.33 ANAO analysis of material change notifications showed that TEQSA did not adequately document its assessment of notifications and whether further action was required. For example, TEQSA received 26 notifications relating to third party arrangements but only initiated compliance assessments for six providers, five of which were rated as low risk.72 TEQSA did not document why substantive action was taken for these six notifications, but not the other 20.

4.34 In December 2019 TEQSA commenced implementing a standard approach to responding to material change notifications. As of 15 January 2020 this consists of a standard email acknowledging receipt of the information and an email to relevant staff detailing a high level process for triaging and actioning a material change notification.

Recommendation no.4

4.35 TEQSA establishes and implements a transparent process for managing material change notifications, including documenting the assessment of all notifications.

Tertiary Education Quality and Standards Agency response: Agreed.

4.36 TEQSA acknowledges the requirement to improve the management of material change notifications. TEQSA has implemented a process to manage such notifications in a transparent and efficient way. This process will be reviewed to ensure that improved processes are established, with the development of document templates, a process map and staff training. The ability for providers to lodge material change updates via the online provider portal will also be explored during 2020.

4.37 Senior management also reports relevant material changes to the TEQSA Commission on a monthly basis.

Did TEQSA take enforcement action to address non-compliance with statutory requirements?

TEQSA has undertaken a small number of enforcement actions to address non-compliance with statutory requirements.

4.38 When a regulated entity fails to meet compliance obligations, a regulator should assess the extent of the non-compliance and the potential for harm and initiate proportionate action to address the risks posed. TEQSA’s compliance and enforcement policy states that while TEQSA’s principal objective is to encourage and facilitate voluntary compliance, TEQSA will, where necessary, take enforcement action.

4.39 The TEQSA and ESOS Acts set out a range of offences, civil penalty provisions and administrative sanctions available to TEQSA for providers who breach the Acts, fail to meet the threshold standards or breach a condition imposed on registration or accreditation.

4.40 To assess whether TEQSA had taken appropriate enforcement actions, the ANAO reviewed TEQSA’s enforcement decisions and enforcement actions between 1 January 2018 and 30 June 2019.

Criminal prosecutions and civil penalties

4.41 The TEQSA Act includes a number of offences that may result in criminal prosecutions and civil penalties including:

  • offering a regulated higher education award if unregistered;
  • offering a higher education award without a course of study;
  • a regulated entity who is not a university representing itself as a university; and
  • a breach of a condition of registration or course accreditation.

4.42 TEQSA has not undertaken any civil penalty actions or criminal prosecutions since commencing operations in 2012.

Registration cancellations

4.43 The TEQSA Act includes provisions for the cancellation of provider registration including for when a provider is wound up; has failed to meet the threshold standards; has failed to provide an accredited course; or has breached a condition imposed on its registration or the accreditation of a course.

4.44 TEQSA cancelled the registration of one provider in 2018–19 due to the provider entering into voluntary administration and not offering an accredited higher education course.

Enforceable undertakings

4.45 The TEQSA and ESOS Acts include provisions for TEQSA to accept enforceable undertakings by the provider that they will comply with the relevant Act and its associated provisions by taking specific action, or refraining from taking specific action. Enforceable undertakings typically include reporting conditions and other actions providers must take to satisfy TEQSA of their ongoing compliance with the TEQSA Act and associated provisions.

4.46 Since 1 January 2018 TEQSA has entered into enforceable undertakings with two providers. The first involved third party arrangements and concerns relating to the academic qualifications of staff; the second related to refunding students enrolled in unaccredited courses. In one of these, the selection of an enforceable undertaking as the most appropriate enforcement action was supported by internal advice to the Commission about the application of the TEQSA Act regulatory principles to the circumstances of the case. It was unclear what advice underpinned the second enforceable undertaking as this was not documented. In both cases the providers were required to submit information and periodic reports demonstrating compliance with the enforceable undertaking. TEQSA’s assessment of provider compliance with conditions is discussed in paragraphs 4.23 to 4.27.

4.47 TEQSA also accepted a voluntary undertaking from another provider in relation to compliance with threshold standards.73

Did TESQA effectively report on the outcomes of its compliance and enforcement processes?

TEQSA did not report on the number of compliance activities commenced or completed or the outcomes of compliance processes. TEQSA provides limited reporting on the outcomes of some of its enforcement processes.

4.48 As previously noted, under the Public Governance, Performance and Accountability Act 2013 an entity is required to report on its activities, including its planned outcomes, in the annual performance statement in its annual report. The ANAO examined the information on the outcomes of TEQSA’s compliance and enforcement processes included in TEQSA’s 2018–19 performance statement.

4.49 Outcomes from compliance and enforcement activities are reported in the performance statement in TEQSA’s annual report under the TEQSA actions of:

  • Action 4.1 – Undertake compliance assessments of those providers that continue to present substantial risks to students; and
  • Action 4.2 – Take enforcement action against entities in cases involving extensive non-compliance with the legislation administered by TEQSA.

4.50 The performance indicator for action 4.1 is that ‘regulatory actions undertaken by TESQA are proportionate to the risks being managed’. TEQSA’s performance against this indicator was measured by provider views about TEQSA’s regulation (via the 2019 stakeholder survey). Sixty-three per cent of providers rated TEQSA as good or excellent in relation to the regulatory actions being proportionate to the risks being managed.

4.51 The performance statement does not provide any information on the number of compliance assessments commenced or completed or the outcomes of completed assessments. By comparison, the Australian Skills Quality Authority, which regulates the vocational education and training sector, reports on the percentage of registered providers subject to compliance audits and those with adverse findings. A TEQSA business plan for 2019–20 indicates that it intends to publish an inaugural annual compliance report in July 2020.

4.52 The performance indicator for action 4.2 is that ‘the majority of stakeholders rate TEQSA’s performance over the last 12 months in assuring the quality of Australian higher education as good or excellent’. TEQSA achieved that target, with seventy-six per cent of providers rating TEQSA as good or excellent. There is no clear relationship between action 4.2 and the performance indicator. TEQSA has also reported on the outcomes of two enforcement actions for action 4.2. One action resulted in the imposition of a condition, the other related to the cancelling of a provider’s registration following that provider going into voluntary administration.

4.53 Performance statement reporting on Action 1.4 – Enhance TEQSA’s approach to monitoring, assessment and management of risks is also relevant in that it linked provider risk assessments with subsequent compliance approaches. The 2018–19 report stated that TEQSA met with high risk providers and subsequently developed ‘action plans’ relating to those providers for whom it had ‘residual concerns’ following the risk assessment process. However, this activity took place following the 2017 risk cycle and would have been more appropriately referenced in TEQSA’s 2017–18 performance statement.

Recommendation no.5

4.54 TEQSA ensures that its annual performance reporting includes information on the number of provider compliance activities undertaken and the outcomes of compliance activity.

Tertiary Education Quality and Standards Agency response: Agreed.

4.55 TEQSA has already implemented a regular compliance activities report to the Commission and this will be included in the TEQSA annual report for 2019-20. An inaugural annual TEQSA compliance report will be published in July 2020, reflecting on the regulatory operations for the 2019-20 operational year. This report will include details of TEQSA’s compliance and enforcement activities and priorities.

5. Sector-wide risks

Areas examined

This chapter examines whether the Tertiary Education Quality and Standards Agency (TEQSA) provided appropriate support to the higher education sector to address key sector-wide risks.

Conclusion

TEQSA provided appropriate support to the sector to address the majority of key sector-wide risks.

Area for improvement

The ANAO has made one suggestion that TEQSA improve its performance reporting by including information demonstrating how its activities align with key sector-wide risks.

5.1 One of TEQSA’s objectives is to ‘support providers to deliver high quality education, protect student interests and enhance the reputation and competitiveness of Australia’s higher education sector’.74 In order to achieve this objective, TEQSA’s 2019–23 corporate plan states that it will ‘consult with stakeholders and identify issues and delivery strategies where required’ and ‘publish information about quality assurance and regulatory matters’. In order to assess TEQSA’s performance in supporting the sector to address key sector-wide risks, the ANAO examined whether it:

  • sought input from key stakeholders to assist in early detection of emerging risks;
  • took timely action to address identified risks, including by providing advice to the responsible Minister; and
  • effectively reported on the outcomes of its actions to address identified risks.

Did TEQSA seek input from key stakeholders to assist in early detection of emerging risks?

TEQSA has regularly engaged with a wide range of key stakeholders for a variety of purposes, including to identify emerging risks to the Australian higher education sector.

5.2 TEQSA’s approach to stakeholder engagement is set out in its stakeholder engagement framework. According to the framework, stakeholder engagement allows TEQSA to gain a greater understanding of issues within the sector and better inform stakeholders on how to meet their regulatory requirements. A key way through which TEQSA gains an understanding of relevant issues is its annual stakeholder survey.

5.3 As part of the survey, providers were asked to rate what they considered to be the most important threats to the strength and reputation of the sector.75 The risks with the highest perceived threat are shown in Figure 5.1. Contract cheating services, cyber security issues and reliance on income from overseas students were rated as either high or medium threats by more than 80 per cent of responding providers. Perceptions of TEQSA ‘stereotyping’ private providers (essentially the non-university sector) also rated highly. As noted in paragraph 1.2, about three quarters of registered entities are private providers.

Figure 5.1: Provider risk rating of identified threats in the higher education sector

 

Source: TEQSA Stakeholder survey 2019: Report of findings.

5.4 In addition to the survey, TEQSA regularly engages with stakeholders through roundtables, workshops, advisory group meetings and TEQSA’s annual conference. Following feedback received from the 2018 stakeholder survey, TEQSA increased its engagement with student peak bodies and the independent provider sector in 2018–19.

5.5 The ANAO sought feedback on TEQSA’s engagement of the sector from key stakeholder groups representing students and providers and received responses from seven organisations. The responses were generally positive regarding TEQSA’s engagement with the sector and the opportunities this gave stakeholders to provide feedback to TEQSA on issues of concern to them.

5.6 TEQSA also engages with other Australian Government entities on issues relating to international students through the Education Regulators and Immigration Committee.76 The committee’s purpose is to safeguard the integrity and sustainability of the international education sector by identifying and developing actions to respond to issues of concern as well as shape and influence whole of government operations. In mid-2019 committee members agreed to improve the sharing of data and the identification and management of shared risks. A work plan incorporating project priorities and timeframes was also agreed. As at December 2019 reasonable progress had been made against the plan, and the majority of the more immediate tasks had been completed.

Did TEQSA undertake appropriate action to address identified risks, including by providing advice to the responsible Minister?

TEQSA has taken appropriate action to support the sector to address the majority of identified key risks. It has not yet taken any specific actions to respond to cyber security risk.

5.7 In the 2019 TEQSA stakeholder survey 73 per cent of providers indicated that TEQSA was doing a good or excellent job of ‘helping the sector as a whole to manage risks’. To assess TEQSA’s performance in addressing identified sector-wide risks, the ANAO examined TEQSA’s activities on the key risks identified in the stakeholder survey77 or where the Minister for Education (the Minister) had requested TEQSA take specific action.78

Academic integrity and contract cheating

5.8 As noted in Figure 5.1, providers identified contract cheating as the highest perceived risk to the sector. Standard 5.2 of the Higher Education Standards Framework (Threshold Standards) requires providers to have policies that promote academic integrity. Providers are required to take action to mitigate foreseeable risks to academic integrity including cheating and plagiarism.

5.9 In November 2014 Australian media reported that students at a number of providers had engaged in cheating through the purchase of assignments. TEQSA briefed the Minister in December 2014 on the allegations and released a public report in March 2015. The report concluded that only a very small number of students had been involved in contract cheating practices and that providers had generally put considerable effort into promoting academic integrity among students and staff, and had designed assessment processes to minimise opportunities for cheating.

5.10 The threshold standards were updated in 2015 with more explicit and detailed requirements in relation to providers upholding academic integrity.79 In 2016 TEQSA commissioned a review of provider practices regarding academic integrity. Drawing on the findings of the review, TEQSA issued a good practice note to assist providers to address contract cheating. The Minister was again briefed in June 2017, including in relation to creating criminal sanctions for advertising or providing cheating services. Following the Minister’s agreement, a draft Bill on contract cheating was released for consultation by the Department of Education in mid-2019 and subsequently introduced in Parliament in December 2019.

5.11 TEQSA has taken a number of other actions to respond to this risk. In 2019 it issued a revised guidance note on the threshold standards relating to academic integrity. During late 2019 TEQSA started a series of national workshops to assist providers in preventing, detecting and responding to contract cheating. TEQSA aims to develop and release a toolkit using the information gathered from these workshops. Further, TEQSA’s 2019 Student Academic Integrity and Cheating project plan states that TEQSA intends to build on its media monitoring capacity and develop a suite of social media based monitoring tools to identify and combat cheating. No timeline for the development of the monitoring tools was documented.

Cyber security

5.12 Providers identified cyber security as one of the highest perceived risks to the sector (see Figure 5.1). Threshold standard 7.3.3 requires providers to securely maintain information systems and records as necessary to prevent unauthorised or fraudulent access to private or sensitive information.

5.13 Following the publicity generated in June 2019 regarding the breach of the Australian National University’s (ANU’s) information technology network, TEQSA met with the Australian Cyber Security Centre, part of the Australian Signals Directorate, to discuss the ANU data breach and IT security across the higher education sector. TEQSA also offered to assist the Australian Signals Directorate in raising awareness and disseminating information in supporting the sector to improve cyber security capabilities.

5.14 In August 2019 the Minister announced the establishment of a taskforce to develop guidelines for the better protection of universities against foreign interference, with cyber security being one of the four focus areas for the taskforce. The Australian Government released the resulting Guidelines to counter foreign interference in the Australian university sector in mid-November 2019. In relation to cyber security, the guidelines are intended to provide ‘additional guidance on which universities can draw to assess risk … and to safeguard their data.’ The guidelines state that they are not intended to place additional compliance or regulatory burdens on universities. The Minister advised TEQSA that the guidelines will be implemented autonomously by universities and fall outside the scope of regulations such as the Higher Education Standards Framework. Nevertheless, TEQSA retains regulatory responsibility in relation to threshold standard 7.3.3. As at December 2019 TEQSA had not taken any specific actions regarding risks of non-compliance with this standard.

5.15 TEQSA’s guidance notes and good practice guides do not address cyber security. The ANAO’s analysis of assessment advice provided to decision-makers for 2018–19 registration approvals showed that only four of 13 assessments that considered threshold standard 7.3.3 provided commentary on why providers were assessed as compliant.80 For re-registrations, threshold standard 7.3.3 was considered in the assessment of four of 12 assessments reviewed by the ANAO. Only one of the four provided commentary on why providers were found to be compliant with the standard. As such, it is not clear how TEQSA gained reasonable assurance regarding provider cyber security processes. TEQSA’s process to assign risk ratings to providers also does not include specific consideration of cyber security issues.

International students

5.16 Both the threshold and international student standards require that providers’ admissions policies ensure that enrolling students have the necessary English language and other skills required for the relevant course of study.81 In addition to monitoring the progress of individual students and providing support where required, providers must also monitor rates of retention, progress and completion of student cohorts and use this data to inform admissions requirements, course design and student support.82

5.17 In February 2019 the Minister requested information from TEQSA on English language requirements for international students. In its March 2019 response to the Minister TEQSA advised that there was ‘little evidence to suggest that there is a systemic failure regarding compliance with English language entry requirements’ and that providers’ internal quality assurance mechanisms were adequate to ‘identify and address particular aspects of student performance where concerns arise’.83

5.18 Following the May 2019 ABC Four Corners story ‘Cash cows: The universities making billions out of foreign students’, TEQSA undertook more detailed analysis of selected providers processes relating to international students and briefed the Minister on the findings in September 2019. The analysis concluded that in some cases there was a lack of transparency about the basis on which some students were deemed to have had adequate language skills. It also found that provider analysis of student cohorts did not adequately track poorly performing cohorts or academic misconduct issues back to entry pathways, country of origin or recruitment agents.

5.19 TEQSA issued a guidance note relating to intensive English language courses in February 2019 (revised in June 2019). Completion of such courses can be used to satisfy language requirements for enrolment in higher education courses. Among other matters, the guidance note outlines TEQSA’s expectation that providers have documented mechanisms that demonstrate their assessment outcomes are comparable with criteria used for other types of admissions to tertiary education.84 In January 2020 TEQSA published a guidance note regarding providers’ obligations to undertake systemic monitoring and analysis to identify any poorly performing student cohorts.

Coronavirus

5.20 In late December 2019 China reported an outbreak of Coronavirus, subsequently known as COVID-19. The first Australian case of COVID-19 was confirmed on 25 January 2020. TEQSA and the Department of Education, Skills and Employment provided advice to the Minister in late January 2020 as part of development of a whole-of-government response to the outbreak. TEQSA has also been involved in a variety of stakeholder, inter and intra-governmental consultative/coordination forums where COVID-19 has been the sole or key issue of discussion.

5.21 From late January 2020 TEQSA distributed advice and information to providers, students and other stakeholders. Given restrictions on travel within China and into Australia, this included advice that TEQSA would temporarily relax the limits in the international student standards about the proportion of course units being provided by online or distance means.85 TEQSA liaised with relevant higher education regulatory authorities in China regarding this approach.

5.22 TEQSA has also contacted those providers that its analysis indicates are most exposed to the revenue impacts of COVID-19. As at late February 2020 TEQSA is in the process of organising meetings with the identified providers to obtain a more detailed understanding of how they are mitigating relevant risks, including to ongoing financial viability. More generally, TEQSA has invited all providers to contact it to discuss their situation.

Admissions transparency

5.23 Threshold standard 7.2 requires providers to have ‘accurate, relevant and timely information’ publicly available for students to be able to make well informed decisions about their enrolment.

5.24 In January 2016 the media reported that universities were admitting students with low Australian Tertiary Admission Rank scores. The Minister commissioned the Higher Education Standards Panel (HESP) to advise government on ‘options to improve the transparency of higher education student admissions’.86 The panel provided its report to the Minister in October 2016 and a plan to implement the recommendations was agreed with provider peak bodies in June 2017. TEQSA received funding in the May 2017 budget to assist the sector to implement the report’s recommendations. In February 2018 TEQSA released a guidance note on admissions transparency and held forums with providers to discuss the implementation of strategies and policies seeking to improve academic transparency and identify any issues hindering their implementation. This was followed by TEQSA releasing an extensive good practice guide in July 2019. TEQSA is due to provide a report to the Minister in March 2020 regarding the sector’s implementation of the agreed recommendations from the 2016 HESP report.

Sexual assault and sexual harassment

5.25 Threshold standard 2.3 requires providers to promote and foster a safe environment, including by advising students and staff on ways to enhance safety and security in the campus and online environment. In August 2017 the Australian Human Rights Commission released the Change the course: National Report on Sexual Assault and Sexual Harassment at Australian Universities (the Change the Course report). The report concluded that:

  • sexual assault and sexual harassment are far too prevalent in university settings as they are in the broader community;
  • there is significant underreporting of sexual assault and sexual harassment to the university, and
  • universities need to do more to prevent such abuse from occurring in the first place, to build a culture of respect and to respond appropriately by supporting victims of abuse and sanctioning perpetrators.

5.26 The report contained a number of recommendations for further action by universities. None of the recommendations were directed at TEQSA or the Australian Government.

5.27 In 2017 and 2018 all registered higher education providers were asked to provide TEQSA with information on how they were responding to the Change the Course report. TEQSA analysed the responses and briefed the Minister on the findings in December 2018. The analysis concluded that while universities had moved effectively and comprehensively to implement the recommendations of the Change the Course report, implementation by non-university providers was ‘much patchier’. TEQSA released a public report containing its findings in January 2019. The TEQSA website also publishes summary information about the specific measures each provider has taken, providing transparency at the provider and sector level. According to the website, the information was last updated in June 2019.87

5.28 In its advice to the Minister regarding implementation of the Change the Course report, TEQSA committed to including specific assessment of provider measures on sexual assault and sexual harassment as part of the re-registration approvals process. The ANAO’s analysis shows that the majority of assessment reports from January 2019 contained specific consideration of sexual assault and sexual harassment matters in the context of the threshold standard relating to staff and student safety and wellbeing.

5.29 TEQSA has also published guidance notes on provider obligations under the threshold standards that have direct relevance to sexual assault and sexual harassment. These deal with staff and student wellbeing and safety and grievance and complaint processes. As at December 2019 TEQSA had drafted a more detailed good practice note on preventing and responding to sexual assault and sexual harassment, which it plans to publish in February 2020.88

Improving student retention

5.30 Threshold standard 1.3 requires providers to monitor student retention and progression rates to enable them to identify issues and make improvements.

5.31 In 2017 HESP released its report on Improving retention, completion and success in higher education. That report found that attrition rates had remained relatively stable over the last decade. However, it noted significant variation in attrition rates between providers and between external and internal modes of delivery.

5.32 TEQSA briefed the Minister on its activities in response to the report in February 2019 and then in more detail in June 2019. TEQSA published a good practice note on effective retention in February 2020.

Did TEQSA effectively report on the outcomes of its actions to address identified risks?

TEQSA has reported on its actions to address identified risks but has not reported on the outcomes of the actions undertaken.

5.33 As noted in Chapters 3 and 4, under the Public Governance, Performance and Accountability Act 2013, an entity is required to report on its activities, including its planned outcomes, in the annual performance statement in its annual report. The ANAO examined the information about actions to address identified risks included in TEQSA’s 2018–19 performance statement.

5.34 TEQSA’s performance statement in its 2018–19 annual report includes reporting about relevant activities under Action 2.1: Consult with stakeholders and identify issues and delivery strategies where guidance is required and Action 2.2: Publish information about quality assurance and regulatory matters. Table 5.1 shows TEQSA’s performance against these actions.

Table 5.1: Performance reporting relevant to TEQSA’s support to the sector to address key sector-wide risks

 

Action 2.1

Action 2.2

Action

Consult with stakeholders and identify issues and delivery strategies where guidance is required

Publish information about quality assurance and regulatory matters

Indicator

The quality assurance and regulatory framework continues to be improved in consultation with relevant stakeholders

TEQSA’s communication with higher education providers is clear, targeted and effective

Reported result

67 per cent of providers rated TEQSA as good or excellent

65 per cent of providers rated TEQSA as good or excellent

     

Source: TEQSA 2018–19 Annual Report.

5.35 The performance statement also provides summary information on the majority of its activities to address contract cheating, transparency of admissions, sexual assault and sexual harassment and retention of students. The statement also notes that TEQSA has released or revised 12 guidance notes in relation to these matters.

5.36 The performance statement contains no information about the outcomes or impact of TEQSA’s activities on the identified risks. While it may be difficult to obtain evidence of direct short term outcomes, TEQSA could, for example, use the responses to its annual stakeholder survey to analyse and present trend data for the key sector-wide risks.

Appendices

Appendix 1 Entity response

Page one of the response from the Chief Commissioner and Acting CEO of the Tertiary Education Quality and Standards Agency.

Page two of the response from the Chief Commissioner and Acting CEO of the Tertiary Education Quality and Standards Agency. This page is the first page of Attachment C, which is the agency’s full response to the audit report.

Page three of the response from the Chief Commissioner and Acting CEO of the Tertiary Education Quality and Standards Agency. This page is the second page of Attachment C, which is the agency’s full response to the audit report.

Appendix 2 Quality in Learning and Teaching results, 2016 to 2019

 

Note: Quality of entire educational experience is the average rating given by current undergraduate students when rating their overall satisfaction with their educational experience. Graduate employment outcomes is the number of graduates from undergraduate degrees in full time employment. Overall employer satisfaction is the average rating given by employers of graduates from undergraduate degrees when asked about their overall satisfaction with the graduates’ attributes.

Source: ANAO analysis of Quality in Learning and Teaching 2019 Report.

Appendix 3 TEQSA regulatory approval decisions

Approval type

Period

TEQSA decisions

Decisions tested by the ANAO

TEQSA Act initial registration

2018–19

13

13

TEQSA Act re-registration

2018–19

16

12

TEQSA Act registration extension

2018–19

6

6

TEQSA Act initial course accreditation

2018–19

29

19

TEQSA Act course re-accreditation

2018–19

12

9

TEQSA Act course accreditation extension

2018–19

6

6

ESOS Act initial CRICOS registration

2018–19

9

9

ESOS Act CRICOS re-registration

2018–19

38

10

ESOS Act CRICOS registration extension

2018–19

4

4

ESOS Act increasing the maximum number of students under CRICOS registration

1 January 2019– 30 June 2019

26

10

ESOS Act adding one or more courses under CRICOS registration

1 June 2019– 30 June 2019

30

10

ESOS Act add ELICOS or foundation course under CRICOS registration

2018–19

6

6

ESOS Act new delivery site or relocate an existing site

1 January 2019– 30 June 2019

24

9

       

Source: ANAO analysis of TEQSA data.

Appendix 4 Core threshold standards

Renewal of registration — core assessment scope and indicative evidence requirements

Core standards

Indicative evidence requirements

Learning Environment

2.3.1-5, 2.4.4, 2.4.5

1. Policies, procedures and plans for the promotion of a safe environment and compliance with related legislation (including working with children if applicable)

2. Policies, procedures and plans relating to the prevention, monitoring and reporting of sexual assault and sexual harassment

3. Most recent review report (and actions arising from it) or other evidence on the effectiveness of student grievance and complaint processes showing current trends, including for sexual assault and sexual harassment

Institutional Quality Assurance

5.1.2, 5.2.1-4, 5.3.1-7

1. Last twelve months of minutes from meetings of academic governing body and any sub-committee with responsibility for course approval

2. Most recent review reports to governing body on progress against organisational targets (including teaching and learning targets and student performance) and other sample interim monitoring reports as agreed with case manager

3. Most recent review report (and actions arising from it) or other evidence on effectiveness of academic integrity processes

4. Most recent review report(s) (and actions arising) or other evidence of effectiveness of assessment (may include benchmarking reports) and assurance of learning

5. Sample course accreditation proposals (including outcomes of course reviews) as agreed with case manager (providers with self-accrediting authority only)

Governance and Accountability

6.1.3, 6.2.1, 6.3.2

1. Last twelve months of minutes from meetings of corporate governing body

2. Most recent report of independent review of the effectiveness of the governing body and academic governance processes, and actions arising

3. Reports on the effectiveness of: the risk management system, and the controls in place for major strategic risks

Representation, Information and Information Management

7.1.4 (if applicable)

1.Most recent review report on the performance of agents, and actions arising

   

Note: The TEQSA application guide states that while no core standards have been specified for the Domains of student Participation and Attainment, Teaching, and Research and Research Training in ‘a core-only assessment TEQSA will assess to what extent the applicant has demonstrated compliance with these Standards through relevant reports considered within its governance, accountability and internal quality assurance processes.’

Source: Application Guide for Registered Higher Education Providers — Renewal of registration for existing providers.

Course accreditation (registered providers) — core assessment scope and minimum evidence requirements

Core standards

Minimum evidence requirements

Student Participation and Attainment

1.1, 1.3.3, 1.4 (1.4.5-1.4.7 if applicable), 1.5.3

1. Contractual arrangements with students including pro forma standard offers of admission to and acceptances by students for each course, including fee change and refund policies and any documents or conditions incorporated by reference in student contracts, and showing any special conditions of enrolment and participation for any course (if applicable)

2. Course rules for progression including any prerequisites and compulsory requirements

3. Samples of all certification documentation (including testamurs and statements of results)

4. Note: Evidence relating to admission criteria (Standard 1.1.1) and the specification, alignment and assessment of learning outcomes (Standards 1.3.3 and 1.5.3, and Section 1.4) in particular is covered in the evidence for course design (Section 3.1)

Learning Environment

2.1.1 (if applicable)

1. Description of any specialist facilities (i.e. beyond standard classrooms) and equipment required for each proposed course, including any arrangements for delivery by third parties

Teaching

3.1, 3.2 (3.2.4 if applicable), 3.3.1

1. Proposal for each course as presented to academic approving body which must include:

  • statement describing the design for the course, including the required elements listed in Appendix B,
  • rationale relating learning outcomes, AQF level specifications, unit learning outcomes and unit assessment
  • unit outlines for each proposed course including the required elements listed in Appendix C
  • copy of teaching materials for at least one core unit of study to be offered in the first year of the proposed course, and
  • copy of assessment tasks and related rubrics for at least one core unit of study to be offered in the first year of the proposed course.

2. Tables showing numbers, qualifications and experience of academic leaders and staff for each proposed course (including scholarship and teaching) plus position descriptions for those not yet appointed, as well as projected student numbers, using the TEQSA templates for projected student and staff numbers and for abbreviated CVs

3. Arrangements for accessibility of teaching staff to students seeking individual assistance consistent with the needs of the student cohort

4. Description of learning resources available (or proposed to be made available if the course is approved) for each course, including any arrangements for delivery by third parties

5. Description of, and access to, the learning management system, including details of accessibility, staff training and technical support on and off campus

Research and Research Training (if applicable)

4.2.2, 4.2.3, 4.2.5

1. Table showing qualifications and experience of research leaders and supervisors for any proposed higher degrees by research (HDR) using the TEQSA template for research management and supervision arrangements, plus position descriptions for those not yet appointed

2. Description of research environment in each narrow field of study for any proposed higher degrees by research

Institutional Quality Assurance

5.1.2, 5.1.3, 5.4 (if applicable)

1. For each proposed course of study:

  • extract of minutes from meeting(s) of committee or board that gave final internal approval to the course as submitted to TEQSA
  • minutes of course advisory committee meeting or similar that provided input into course design
  • reports of any external experts engaged by provider to provide input into course design

2. Description of arrangements for supervision of work-integrated learning, community-based learning or collaborative research training (if any)

3. Contract for delivery of a proposed course in whole or in part by each third party (if any), showing quality assurance controls

Governance and Accountability

6.2.1i

1. For each proposed course, description of any specific teach-out or transition contingency arrangements in the event that the course is discontinued, including availability and accessibility of similar courses

Representation, Information and Information Management

7.1.1, 7.1.5, 7.2.1, 7.2.2a-f

7.1.2, 7.2.2g (if applicable)

1. Draft course-specific marketing material (including web pages and brochures) for each proposed course made available prior to and after acceptance of an offer, including any materials developed by third parties

2. Framework for the engagement and monitoring of agents, including draft contract

   

Source: Application Guide for Registered Higher Education Providers: new course accreditation and renewal of course accreditation for existing providers.

Renewal of course accreditation — core assessment scope and minimum evidence requirements

Core standards

Minimum evidence requirements

Student Participation and Attainment

1.1.1, 1.3.3, 1.4 (1.4.5-1.4.7 if applicable), 1.5.3

Note: Evidence relating to admissions criteria (Standard 1.1.1) and the specification, alignment and assessment of learning outcomes (Standards 1.3.3 and 1.5.3, and Section 1.4) in particular is covered below in the evidence for course design (Section 3.1)

Teaching

3.1, 3.2 (3.2.4 if applicable), 3.3.1

1. Proposal for each course as presented to academic approving body, must include:

  • review and analysis of course performance since last accreditation
  • statement describing the design for the course
  • rationale and table relating learning outcomes to AQF level specifications, unit learning outcomes and unit assessment
  • unit guides for each proposed course
  • description of learning resources available for each proposed course
  • report of professional accreditation body (if applicable) and the provider response

2. Tables showing numbers, qualifications and experience of academic leaders and staff for each proposed course (including scholarship and teaching) plus position descriptions for those not yet appointed, as well as projected student numbers, using the TEQSA templates for projected student and staff numbers

Research and Research Training

(if applicable)

4.2.2, 4.2.3

1. Table showing qualifications and experience of research supervisors for any proposed Higher Degrees by Research (HDR) using the TEQSA template for research management and supervision arrangements, plus position descriptions for those not yet appointed

2. Description of research environment in each narrow field of study

Institutional Quality Assurance

5.1.3, 5.3.1-4

1.Overview of the course review process showing how it ensured, through internal and external scrutiny, that the relevant Standards were met

2. For each proposed course of study:

  • extract of minutes from meeting(s) of academic approving body
  • minutes of course advisory committee meeting or 2.2similar that provided input into course design
  • reports of external experts engaged by provider to provide input into course design (if any)

    Note: Report of the review of the course will be integrated with evidence for 3.1

   

Source: Application Guide for Registered Higher Education Providers: new course accreditation and renewal of course accreditation for existing providers.

Footnotes

1 Under the Australian Qualifications Framework, these encompass awards from diplomas through to doctoral degrees.

2 In this report, the term ‘providers’ means entities such as public universities, private colleges and technical and further education (TAFE) colleges that teach higher education courses.

3TEQSA Corporate Plan 2019–2023, p. 6.

4 Universities and a small number of other providers that have self-accreditation authority are exempt from this accreditation process.

5 TEQSA does not generally regulate ‘micro credentials’ taught by a TEQSA-registered higher education provider. These cover a range of short-form courses that do not result in a higher education award recognised under the Australian Qualifications Framework. TEQSA does, however, regulate intensive English language and Foundation courses run by higher education providers. Foundation programs for international students are nationally recognised courses that are intended to equip students with the skills for entry into first year undergraduate study or its equivalent.

6 Under the Australian Qualifications Framework, these encompass awards from diplomas through to doctoral degrees.

7 While comprehensive 2019 data is not available, information published by the Department of Education indicates international higher education student growth is comparable to 2018 at about 11 per cent.

8 In this report, the term ‘providers’ means entities such as public universities, private colleges and technical and further education (TAFE) colleges that teach higher education courses.

9 Department of Foreign Affairs and Trade, Australia’s top 25 exports, goods & services, July 2019.

10 Victorian Auditor-General’s Report 2018–19: 24 Results of 2018 Audits: Universities, May 2019, p. 30; and New South Wales Auditor-General’s Report: Universities 2018 Audits, May 2019, p. 14.

11 D Bradley et al, Review of Australian Higher Education: Final Report, December 2008, pp. 115–116.

12TEQSA Corporate Plan 2019–2023, p. 6.

13 Universities and a small number of other providers that have self-accreditation authority are exempt from this accreditation process.

14 TEQSA does not generally regulate ‘micro credentials’ taught by a TEQSA-registered higher education provider. These cover a range of short-form courses that do not result in a higher education award recognised under the Australian Qualifications Framework. TEQSA does, however, regulate intensive English language and Foundation courses run by higher education providers. Foundation programs for international students are nationally recognised courses that are intended to equip students with the skills for entry into first year undergraduate study or its equivalent.

15 TEQSA can grant approval for a lesser period. It can also subsequently extend the approval period beyond seven years.

16 In addition to the threshold standards, providers must also meet a number of broader requirements, including that they deliver teaching and learning that engages with advanced knowledge and inquiry, their academic staff are active in scholarship that informs their teaching, and they have a clearly articulated higher education purpose that includes a commitment to and support for free intellectual inquiry in their academic endeavours.

17 In February 2020 the Department of Education was amalgamated with the Department of Employment, Skills, Small and Family Business to form the Department of Education, Skills and Employment.

18 International Organization for Standardization, ISO 31000:2018 Risk management – Guidelines, Second Edition, 2018; and Department of Finance, Commonwealth Risk Management Policy, 2014.

19 Chapter 4 reviews whether risk ratings inform TEQSA’s compliance processes.

20 TEQSA’s framework aligns with elements of the international standard.

21 Higher Education Standards Framework (Threshold Standards) 2015.

22 KL Dow and V Braithwaite, Report on the Review of Higher Education Report, August 2013. The review concluded that TEQSA could reduce the number of indicators used in its annual risk assessment process.

23 One of 12 indicators (cohorts completed) was discontinued in 2018. The indicator measured the number of student intakes that the provider had successfully seen through to completion of their courses. This and other measures of a provider’s maturity is now taken into account by TEQSA through its consideration of ‘contextual information’ in the risk assessment process.

24 TEQSA’s Risk Assessment Framework, March 2019, p. 3.

25 Eighty-two per cent of providers that responded to TEQSA’s 2019 stakeholder survey respondents identified cyber security as a high or medium threat.

26Risk Assessment Framework Consultation: Summary Report, TEQSA, January 2020. See https://www.teqsa.gov.au/latest-news/publications/risk-assessment-framework-consultation-summary-report [accessed January 2020].

27 TEQSA currently analyses data on source country and revenue concentration but does not have a specific risk indicator that addresses this area of risk. The ANAO’s analysis of TEQSA’s 2019 risk assessment cycle indicated that source county and revenue concentration data did not have a material impact on the assignment of provider risk ratings.

28 ISO Risk Management Guidelines outline that the analysis of risks should consider the nature and magnitude of consequences.

29 QILT are a suite of government endorsed surveys for higher education that cover the student life cycle from commencement to employment. Background information on HEIMS and PIR data collection is at https://www.teqsa.gov.au/information-collection.

30 The TEQSA Risk Assessment Framework Consultation: Summary Report, December 2019, states that a ‘significant number’ of stakeholders considered data lag as a shortcoming of the current risk assessment process.

31 TEQSA also receives more recent or additional data for some of its provider risk assessments, mainly from the relevant providers during the final stages of the risk assessment process (see paragraph 2.32). Where possible, TEQSA attempts to verify the accuracy of the data in these responses via HEIMS Online. In these cases, TEQSA documented the verification process in the risk assessment. However, providers do not have an incentive to give TEQSA more recent data where this is likely to increase their risk rating. ANAO analysis of the risk assessments found that 84 per cent of indicator adjustments made based on additional information (mainly obtained through provider responses) reduced the risk rating.

32 The ‘Outcomes of recent regulatory and compliance assessments’ indicator is used in stage two of the process.

33 Indicators used in student risk rating: student load; attrition rate; progression rate; completions; graduate satisfaction; graduate destinations; senior academic leaders; student-to-staff ratio; and academic staff on casual contracts. Indicators used in financial risk rating: financial viability and financial sustainability.

34 Provider context includes the size, fields of study and history of the provider. PRISMS is a secure database containing information on international students.

35 In one case TEQSA advised the ANAO that its risk group discussed the rating with the TEQSA case manager, which informed the decision to rate the provider as low risk despite a lack of data. These discussions were not documented. In the other case TEQSA advised this was an error of process and the rating should have been suspended.

36 Consideration of contextual factors as part of a risk assessment process is consistent with the ISO Risk Management Guidelines.

37 Robinson, A. ‘Australian universities risk catastrophe due to over-reliance on Chinese students, expert warns’. ABC News, 21 August 2019, available from https://www.abc.net.au/news/2019-08-21/australian-universities-too-dependent-on-chinese-students-report/11427272 [accessed 10 December 2019].

38 In this report ‘higher education standards’ include the threshold standards in the Higher Education Standards Framework (Threshold Standards) 2015 for decisions made under the TEQSA Act; and the overseas student standards in the National Code of Practice for Providers of Education and Training to Overseas Students 2018 for decisions made under the ESOS Act. Further details of the higher education standards are at paragraphs 1.8-1.9.

39 Providers that have self-accreditation authority are exempt from this process. Under the Tertiary Education Quality and Standards Agency Act 2011, all universities have self-accreditation authority. Other registered providers can apply to TEQSA for such authority. As at December 2019, 55 of the 179 TEQSA registered higher education providers had authority to accredit all or some of their courses. Forty of the 55 are universities.

40 This examination was mainly based on a targeted selection of regulatory decisions made in 2018–19, including those decisions made following a review by the Administrative Appeals Tribunal. Further details are in Appendix 3.

41 For registration approvals, the provider’s senior governance or management personnel must also be ‘fit and proper’ persons.

42 The basic principles are outlined in sections 13-16 of the TEQSA Act and include that, in exercising its regulatory power (which includes its approval processes), TEQSA ’does not burden [providers] any more than is reasonably necessary’.

43 There were two applications reviewed by the ANAO where particular circumstances meant that no formal plans were developed.

44 TEQSA maintains a register of experts that are used to assess aspects of applications. Experts include subject specialists for course accreditation applications; and governance, financial and risk experts for registration applications.

45 Consistent with TEQSA policy, in all but one case new providers seeking initial registration (who have no risk rating) were assessed against all relevant standards. The exception was where TEQSA considered the application was of such poor quality it was unnecessary to assess against all core standards.

46 The TEQSA Act allows TEQSA to place conditions on registration (section 32) and accreditation (section 53) at any time. TEQSA is not restricted on the content of the conditions as long as they are consistent with the TEQSA Act regulatory principles.

47 TEQSA advised the ANAO that such reports were based on a ‘by exception’ model whereby only those matters indicating a substantive risk of non-compliance were included in the assessment reports. The ANAO’s review of 2018–19 assessments reports did not support this, although there were some reports that were based on a ‘by exception’ model. The core text section of the re-registration assessment report referred to in paragraph 3.17 was 25 pages long and included extensive commentary against standards where the provider was found to be compliant.

48 There were more frequent instances in which the details of decisions varied in some more minor way – for example varying the number of statutory conditions as compared to that recommended in the assessment advice.

49 The expected increase is a result of many providers reaching the end of their current seven-year approval period, which was granted when TEQSA commenced operations in 2012.

50 An entity seeking CRICOS registration to provide higher education to overseas students must first be on the TEQSA Act National Register.

51 One of the standards only applies to providers enrolling students that are under 18 years. Some providers did not enrol such students.

52 National Code of Practice for Providers of Education and Training to Overseas Students – standard 11.4.

53 A broader range of information was considered in the other assessment, which took almost three years from the initial application in July 2016 to a final decision in June 2019.

54 This was a different provider to that referred to in paragraph 3.17.

55 TEQSA does not have a documented policy on CRICOS registration extensions. The ESOS Act limits the circumstances in which extensions can be granted.

56 These are requests for information by TEQSA that the provider is under no legal obligation to comply with. However, if the requests are not complied with, TEQSA can impose statutory conditions.

57 A majority of CRICOS registrations and re-registration approvals were for less than seven years, but the shortened approval was for the purpose of aligning future CRICOS and TEQSA Act registration periods.

58 Conditions were imposed on all five approvals. Administrative Appeals Tribunal processes allow appellants to provide new or updated evidence that was not available to the original decision-maker. TEQSA records indicate that the relevant providers generally lodged significant amounts of new or updated information as part of their appeal.

59 In October 2019 TEQSA advised the provider that it was considering rejecting its re-registration application. A final decision had not been made as at end of December 2019.

60 For providers considered by TEQSA to be relatively low risk, the re-registration and re-accreditation process takes place every seven years. As shown in Chapter 3, TEQSA has sometimes imposed a reduced approval period where it considers there is a higher risk of non-compliance by the relevant provider.

61 In this chapter, compliance assessments are actions taken by TEQSA in response to allegations or concerns that the provider may not be complying with the threshold standards or international student standards, which may result in administrative sanction by TEQSA if the allegations or concerns are substantiated. TEQSA may not formally invoke its legislative powers (noted in footnote 63) when undertaking compliance assessments. ‘Completed’ assessments are those that had been closed by TEQSA as at 15 January 2020.

62 TEQSA’s annual provider risk assessment process provides indications of the risk of non-compliance against many of the threshold standards.

63 Sections 59 and 134 of the TEQSA Act and Section 113 of the ESOS Act provide TEQSA with the power to undertake compliance monitoring activities.

64 One compliance assessment was categorised by TEQSA as an investigation as it involved an unregistered provider and could result in criminal charges.

65 The breach occurred in late 2018 and was detected in May 2019. According to the ANU, the breach involved unauthorised access by ‘a sophisticated operator’ to significant amounts of data extending back 19 years. Data accessed included student academic records, tax file numbers, payroll information, bank account details and passport details. ANU was subject to an earlier data breach of its information management systems in May 2018. TEQSA did not consider or undertake any form of compliance assessment in relation to this reported breach.

66 TEQSA also closed a compliance assessment into a data breach at another university on the basis that TEQSA lacked the resources to undertake cyber security investigations.

67 Standard 7.3.3 of the threshold standards requires provider information systems and records to be maintained securely and confidentially to prevent unauthorised or fraudulent access to private or sensitive information.

68 Penalties range up to 120 penalty units ($25,200, subject to indexation).

69 One provider hasn’t submitted information relating to course accreditation, which has no due date.

70 TEQSA Act, section 29.

71 As at 26 February 2020 TEQSA records indicate it had received notifications from eight providers relating to the Coronavirus disease (COVID-19) outbreak.

72 One low risk provider was subject to two assessments for two different third party arrangements.

73 Enforceable undertakings are not available under the TEQSA Act for breaches of the threshold standards.

74TEQSA Corporate Plan 2019–23, p. 6.

75 Peak, professional and student bodies were also asked about their views, but only five bodies responded naming specific risks. In view of these small numbers, the responses have been omitted from this audit report.

76 Other members of the Committee are the Australian Skills Quality Authority, Department of Education and the Department of Home Affairs.

77 In relation to the issue of perceived stereotyping of private providers (one of the key risks identified in the survey), TEQSA advised the ANAO that results from the survey will be used to inform the development of its 2020-24 Corporate Plan.

78 Ministerial Direction No. 2 of 2013 directed TEQSA to scale back its sector-wide quality assessment and support activities of the sort covered by this chapter and focus on its key regulatory functions of registration and accreditation. The direction was revoked in December 2019.

79 The standards updated in 2015 had effect from 1 January 2017.

80 The 13 providers were found to be compliant with 7.3.3.

81 Threshold standard 1.1.1 and international student standard 2.

82 Student cohorts are groups of students whose members are identified as sharing particular characteristics from an educational perspective, such as a particular educational background.

83 TEQSA’s view on these matters was mainly based on 2016 and 2017 figures showing that international students attending public universities had lower attrition rates (9.91 per cent) and higher success rates (88.85 per cent) as compared to domestic students (15.64 per cent and 84.04 per cent respectively).

84 TEQSA also commenced a project looking at the standard of English language courses. The ANAO’s analysis of TEQSA’s assessment of English language courses associated with provider’s CRICOS registration is covered in paragraph 3.37.

85 International student standard 8.19 allows a maximum of one-third of course units be delivered by online or distance education means. TEQSA’s advice also included reminders of the requirement that providers give reasonable support to students to assist them to achieve expected learning outcomes, including supporting and maintaining contact with students undertaking online and distance courses.

86 HESP is an expert advisory body established under the TEQSA Act that provides advice to the Minister on issues relevant to the Higher Education Standards Framework.

87 See https://www.teqsa.gov.au/student-wellbeing [accessed December 2019].

88 The good practice note had not been published as at 31 March 2020.