Feature Article Topic: Declaring Non-Compliance Without Creating Regulatory Risk

The Annual Declaration of Compliance (ADC) is often approached with unnecessary caution. Many RTOs attempt to minimise disclosure, soften language, or present issues as already resolved in an effort to avoid regulatory attention. This instinct is understandable and increasingly risky.

Recent messaging from ASQA has made one point unambiguous: the ADC is not a passive declaration. It is active intelligence. The regulator analyses responses for patterns, compares them across the sector, profiles provider behaviour, and uses them as a reference point in performance assessments, investigations, and enforcement activity.

In this context, the real risk is not disclosure. It is how disclosure is handled.

The Shift: From Risk Avoidance to Regulatory Signalling

The traditional mindset treats the ADC as a compliance form to be completed carefully and conservatively. Under the current regulatory approach, it is better understood as a signalling mechanism.

Your responses communicate three things to ASQA:

whether you have visibility over your operations

whether your issues are understood or incidental

whether your RTO is in control – or being controlled by events

This is why two RTOs can disclose similar non-compliances and generate very different regulatory responses. The difference is not the issue. It is the quality of disclosure.

The False Safety of Saying Less

A persistent misconception is that limiting disclosure reduces regulatory exposure. In practice, it often does the opposite.

Minimal or overly sanitised responses can signal:

lack of internal monitoring

immaturity in self-assurance systems

reluctance to acknowledge risk

governance disengagement

Equally, submissions completed rapidly or generically can attract attention. Where responses appear formulaic or disconnected from operational reality, they raise questions about authenticity and oversight.

ASQA has been explicit: they are not looking for perfection. They are looking for genuine, informed, and controlled disclosure.

Transparency Without Escalation

The challenge for RTO leaders is not whether to disclose, it is how to do so in a way that demonstrates control.

Effective ADC disclosure balances three elements:

Clarity Without Overexposure

Describe the issue accurately and proportionately.

This means:

identifying the nature of the non-compliance

indicating its scope and context

avoiding unnecessary narrative or defensive language

Overly vague responses suggest avoidance. Excessively detailed responses can suggest loss of control. Precision matters.

Ownership Without Alarm

Language should reflect accountability, not escalation.

There is a material difference between:

We identified inconsistencies in assessment practices through internal audit and;

Serious issues were discovered in our assessment system

The first demonstrates monitoring and control. The second invites regulatory concern, regardless of the underlying issue.

Ownership is conveyed through calm, factual language that shows the issue is understood and contained.

3. Control Without Finality

One of the most common errors is presenting issues as fully resolved when they are still being addressed.

ASQA’s position is clear: report what you are working on, not just what you have completed.

Attempting to present a “closed” picture can undermine credibility, particularly where:

corrective actions are recent

systemic changes are still embedding

monitoring evidence is not yet established

Mature disclosure acknowledges progress while demonstrating structured control.

What ASQA Is Actually Assessing

When reviewing ADC disclosures, ASQA is not simply recording issues. They are interpreting organisational behaviour.

They are asking:

Was this issue identified internally or externally?

Does the provider understand why it occurred?

Are responses proportionate and systemic?

Is there evidence of ongoing oversight?

In other words, the ADC is being read as a proxy for:

self-assurance capability

governance effectiveness

organisational maturity

This is why prior ADC submissions are often revisited during audits and enforcement activity. They provide a longitudinal view of how an RTO understands and manages its own performance.

The Authenticity Test

A notable and emerging theme is the assessment of authenticity.

Responses that are overly polished, generic, or inconsistent with provider context can raise concern. This includes submissions that:

read as templated rather than operational

lack specificity or internal language

do not align with known delivery scope or risk profile

ASQA is increasingly adept at identifying responses that are constructed for compliance, rather than derived from genuine internal insight.

Authenticity is not about informality. It is about alignment between what is written and how the organisation actually operates.

Reframing the Risk

The ADC should not be treated as a reputational risk to be managed. It is a governance opportunity to be leveraged.

Well-constructed disclosure can:

demonstrate the effectiveness of your internal monitoring systems

evidence leadership visibility over risk

reinforce confidence in your self-assurance approach

Poorly constructed disclosure, even when attempting to minimise issues, can do the opposite.

A Leadership Discipline, Not a Compliance Task

The quality of ADC responses is ultimately a leadership issue.

It reflects:

how information flows within the organisation

how confidently issues are surfaced and discussed

how well systems translate into operational control

This is why last-minute, delegated, or overly engineered responses consistently fall short. They are disconnected from the very systems the ADC is intended to evidence.

The most effective ADC submissions share a common characteristic: they read like the organisation knows itself.

Not perfectly. Not defensively. But with clarity, control, and intent.

In the current regulatory environment, that is what reduces risk.