Regulatory functions

Regulation involves the enforcement of government controls and restrictions on a particular activity conducted by the public sector.

In NSW, state and local governments regulate many activities including the health and safety of workplaces, environmental management, construction and property development, motor vehicles, and food, as well as licensing of occupations and skills.

The integrity of regulatory functions is a matter of public interest. The power of regulators to grant significant benefits to, or impose restrictions or penalties on, members of the public can increase the risk that they will be exposed to corruption.  Regulators also have a role in collecting and protecting government revenue.

The improper performance of regulatory functions can constitute corrupt conduct as defined in the Independent Commission Against Corruption Act 1988.

Corruption risks

A risk assessment of the regulatory functions of a public sector agency is likely to identify some or all of the following corruption risks:

A public official may:

  • fail to declare a conflict of interest but continue to deal with a close associate in exercising their regulatory functions
  • solicit or accept a bribe in order to exercise, or not exercise, their regulatory powers in a certain way
  • improperly provide confidential information to a person outside the agency

A person dealing with a public sector regulatory agency may:

  • improperly seek the assistance of a public official on a particular regulatory matter
  • offer a bribe to a public official as an inducement to exercise, or not exercise, their regulatory powers in a certain way
  • present false information or documents.


Managing corruption risks

As a minimum your agency should:

  • Introduce policy and procedures for regulatory functions that contain elements listed in the Policy Development Module.
  • Include in the policy sanctions for any breach of the policy and procedures.  
  • Review the policy every two years.
  • Train all relevant employees in the policy and procedures to ensure they are aware of their accountabilities. Include regulatory functions as a risk to be assessed in the agency's internal audit and corruption risk management processes.
  • Refer to regulatory functions in relevant corporate documents such as codes of conduct.


Risk management strategies

Following your risk assessment of regulatory functions you should consider these risk management strategies:

  • Ensuring employees who are involved in regulatory work understand their roles and responsibilities (for example, through methods such as induction, formal training, on-the-job training, supervision, policies and publications).
  • Communicating with the public about what they can expect from the agency when it exercises its regulatory functions, the standards that apply and the rights and responsibilities of those regulated. (This can be through documents such as the agency's statement of business ethics, its client service charter and information brochures.)
  • Maintaining regular contact between regulators and their supervisors while the regulator is conducting fieldwork.
  • Managers/supervisors accompanying regulatory team members on fieldwork on a random, unscheduled basis without prior notification.
  • Reviewing and approving final documentation by supervisors.
  • Conducting regular reviews of completed matters to test compliance with record keeping requirements, consistency of decision-making and management of conflicts of interest.
  • Holding periodic formal work reviews of regulatory employees.
  • Segregating  regulatory work from the role of allocating regulatory work.
  • Working in pairs when employees are conducting fieldwork.
  • Scheduling inspections so regulators cannot choose the inspection targets and dates.
  • Managing instances where regulators have a private interest which may conflict with their regulatory duties.
  • Prohibiting employees from engaging in any secondary employment which would conflict with their regulatory role.
  • Ensuring that computerised systems reflect actual decision-making protocols so that employees cannot close a matter or change allocated tasks on the computer system without authority.


Case studies

Case study 1

An ICAC inquiry found that a personal relationship between a hotel proprietor and a senior departmental inspector created a conflict of interests that resulted in the inspector acting corruptly.

While conducting a major reassessment of gaming machine duty on the hotel premises, the inspector began a personal relationship with one of the proprietors and knowingly supported her false explanations about understated gaming machine returns of over $1 million to the Liquor Administration Board.

Soon after meeting the proprietor, the inspector entered into personal financial dealings with the proprietor and her family, involving real estate and others financially involved in a company that borrowed over $2 million secured over properties that included licensed premises regulated by the department.  

This was forbidden by the department's code of conduct and was a breach of the "key officials" provision of the Liquor Act. Risk factors present in the inspector's job at the time included a heavy personal workload, significant personal discretion and a lack of adequate supervision. The department dismissed the inspector and the ICAC found that he had acted corruptly.

Case study 2

In 2006/2007, the Commission investigated allegations that a team leader at a local council had solicited and received cash and sexual services from brothel owners and prostitutes, in exchange for not taking action to prevent unauthorised use of premises for prostitution. The Commission found that the employee had engaged in corrupt conduct.

One corruption risk identified by the investigation was council's strong emphasis on processing times. Each regulatory task was allocated a specific deadline by council's computer system. If the deadline was not met, the matter was escalated to a more senior officer. This system meant that unusually prompt closures did not attract scrutiny while maximising the number of closures within a given timeframe was likely to be viewed favourably.

The Commission made recommendations to address various deficiencies identified in the system, which had given the team leader the opportunity to act corruptly without detection for several years, including that the council:

  • Develop a review and audit system for the compliance function, supervised by a high-level manager.
  • (Senior employees) regularly review closed matters as well as the information made available to them by the review/audit program, and that action be taken if the information suggests the possibility of corrupt conduct.
  • Implement a system of active performance management in the compliance area.
  • Institute a rotation program of the position of team leader, compliance services.
  • Introduce a system of checking the information entered by the compliance team into the council's computer system.


Frequently asked questions

What is a regulator? 

The term "regulator" is used here to include public officials who assess applications, or perform inspectorial, investigative or other compliance functions. It can also refer to private sector individuals and organisations that are contracted by government to perform regulatory functions such as approvals. For example, local councils engage structural engineers to certify building structures; state utilities may outsource inspectorial functions; local councils may outsource health inspections. All contract regulators working for the public sector at the state or local government level are "public officials" for the purposes of the Independent Commission Against Corruption Act 1988.

What issues should be considered in a corruption risk assessment of regulatory functions?  

Regulatory functions should automatically be identified as high-risk areas and any risk assessment should include:

  • appraising the risks of corruption in the organisation and the industries/activities it regulates
  • identifying all the positions involved in regulatory work (both directly and indirectly)
  • examining current work practices for corruption risks, particularly entrenched practices
  • reviewing the nature and adequacy of accountability measures for regulators
  • assessing management practices for risks of corruption
  • reviewing how well the organisation informs the public about its role and the public's rights when dealing with the regulatory organisation. (The results of the review need to be incorporated into a corruption prevention plan.)

How can my agency manage corruption risks when our regulators are contractors?

When outsourcing regulatory functions:

  • Analyse the risks of corruption before outsourcing the function
  • Define in writing who will be accountable for the work
  • Decide and document the level of contract management and performance measurement needed and who will be responsible for monitoring it
  • Deal appropriately with any former employees who bid for the work
  • Engage only contractors with a sound professional reputation
  • Establish a system and an obligation for contractors to disclose conflicts of interest
  • Set conduct standards expected of potential contractors; for example, adherence to the relevant aspects of the code of conduct and provide information sessions or training
  • Remind contract regulators in writing that they are within the jurisdiction of the ICAC Act.  
  • Monitor contractor performance systematically
  • Resolve complaints about contractors promptly.

How can an agency support regulators who may be exposed to corruption?  

Because some regulators work alone and often have direct contact with those they inspect or investigate, they can be placed in difficult positions. Agencies should not assume that their employees would know how to resolve ethical problems without practical support and guidance. All employees should be told to refuse any corrupt offers they receive in the course of their work and to report all such incidents as soon as practicable.

A practical preventative approach is to conduct a community awareness campaign that explains what the public can expect when dealing with the agency including:

  • what regulatory responsibilities and standards apply
  • what fees and charges are payable (and to whom)
  • that all members of the public have a right to fair and equal treatment
  • who is responsible for conducting the regulatory process
  • the consequences of offering direct payments, bribes or other inducements (gifts and benefits)
  • the extent to which it is acceptable to offer hospitality to regulators (such as accepting refreshments as opposed to meals)
  • how to complain about a regulatory process
  • the agency's complaints handling processes
  • how to appeal against regulatory decisions.



Other publications

  • Administering regulation, Australian National Audit Office, ACT, March 2007, March 2007
  • From red tape to Results - Government Regulation, a guide to best practice, NSW Department of Premier and Cabinet, Sydney, June 1997.


Relevant ICAC investigation reports


Relevant websites


Related topics on the ICAC website