Embed Size (px)
Citation preview
1
REGULATORY RISK MANAGEMENT UNDER WORK CHOICES.
Information handling and the use of legal privilege.
Mark D. PericaSenior Industrial Officer
CPSU
2
Why regulatory risk management? Work Choices is designed to prohibit and prosecute the
legitimate activities of Unions. The hostile regulatory environment increases our
exposure to proceedings, prosecutions, fines or even criminal liability.
The risk of liability in that environment is enhanced by: Government agencies set up to scrutinise the conduct of unions,
and Increasing employer activism.
It is therefore strategic to try to manage the regulatory risk.
3
Examples of increased risk of liability – unions responsible for conduct of officers and members An officer must not do anything that would cause the
contravention of a Federal Court or AIRC order or direction made under WRA or the RAO Schedule when the officer knows or is reckless as to whether the conduct would contravene the order or direction.
[Part 3 of Ch9 of RAO Schedule]
Penalty: person $2,200 or body corporate $11,000 Courts are eager to shoot liability back to the Union:
Union will generally be liable for the actions of individual officers or members other than in exceptional circumstances: Nicholson J in CFMEU v Clarke [2006] FCA 245 - 17 March 2006.
4
Examples of increased risk of liability – nuclear option is possible Some of the new grounds of deregistration are bizarrely
broad: An organisation prevents or hinders the achievement of Parliament’s
intention in enacting the RAO Schedule or an object of the WRA in relation to continued breach of an award, order of the AIRC or collective agreement or its continued failure to ensure member’s compliance or in any other respect: S28(1)(a)(i) of RAO Schedule.
A substantial number of the organisation’s members, in relation to a continued breach of an award, AIRC order or collective agreement, or in any other respect, hinders Parliament’s intention or the objects of the WRA: s28(1)(a)(ii) of RAO Schedule.
An organisation engages in industrial action that prevents, hinders or interferes with the activities of a federal system employer or the provision of a public service by a Commonwealth, State or Territory authority: s28(1)(b) of the RAO Schedule.
5
What is Risk Management?
Really no more than extension of strategic planning. “What are the risks of liability under Work Choices of undertaking an
activity (e.g. industrial action or enterprise bargaining) and how do we control, minimise or avoid those risks?”
Risk Management is a systematic process of making an evaluation of risks to the Union. It is designed to avoid, reduce and control risks, including regulatory risks
[ Risk Management Standard AS/NZ 4360:2004 at p v]
Risk Management Guidelines [p4]: “the culture, processes and structures that are diverted to realising
potential opportunities whilst managing adverse effects”
6
What is Risk Management
Risk Management is a praxis, not a policy (i.e. developed by reflection/action/reflection) which includes establishing the context in which risk of breach occurs, identifying the risk, analysing, evaluating, treating, monitoring and communicating risk.
It is a process for action and paper trail designed to control risk – may include a decision to disobey the law.
In practical terms could include the development of a general risk management policy, the performance of a risk analysis, the generation of checklists and training curricula.
7
The objectives of Risk Management To promote a rigorous basis for decision making and
planning within campaigns and enterprise bargaining. Better identification of opportunities and threats. Creates a culture of pro-activity not re-activity. Improved incident management and reduction in loss
and the cost of risk. Improved confidence and trust of the rank and file. Improved compliance with Work Choices. Allows conscious decision making in relation to civil
disobedience and other non-complying activities. [Source: AS “Risk Management Guidelines”]
8
Why risk management for Work Choices?
A policy and culture of regulatory risk management will: Minimise the prospect of unconscious breaches of Work Choices; Provide evidence in a plea in mitigation for a reduction in the quantum of
fines in the event of a breach;[builds forensic case for “reasonable steps to avoid” argument]
Prevent reactive “death by a thousand cuts” breaches and allow planning for conscious decisions to breach.
9
ESTABLISH THE CONTEXT
IDENTIFY RISKS
ANALYSE RISKS
EVALUATE RISKS
TREAT RISKS
CO
MM
UN
ICA
TE
AN
D C
ON
SU
LT
MO
NIT
OR
AN
D R
EV
IEW
RIS
K A
SS
ES
ME
NT
The process of Risk Management
Based on the Australian Standard AS/NZ 4360:2004and the Guidelines to that Standard
10
STEP 1: Establish the Context
11
Step 1: Establish the context:organising drive, industrial campaign, enterprise bargaining
Need to consider the environment in which you operate. This includes the identification of the actors who affect the activity and who may be affected by the activity. You can then establish the boundaries in which regulatory risks must be managed and guide decisions on risk management.
Need to consider: What is the activity you wish to undertake – e.g. organising drive, common law
strategy, enterprise bargaining? What outcomes are you seeking in bargaining/campaign activity/organising? What
is your strategy for getting there? What is the environment: are bosses hostile or co-operative? Is the workplace
“hot” or docile? Majority organised or minority organised? Develop Risk evaluation criteria – what is our “risk appetite”? How much risk are
we willing to take in the environment?
12
Step 1: Establish the context:Internal Actors: Nodes of risk for a union
Executive – authority under the rules. Commission proceedings and Deeds - Common Law Courts look at these matters with rigour.
Executive Officers – are they operating within their powers and are the delegations adequate for the execution of forms or the initiation of proceedings?
Staff – is their conduct compliant and do they have power under the rules to initiate processes?
13
Step 1: Establish the context:Internal Actors: Nodes of risk for a union
Delegates – are they trained and do they get adequate assistance from the Union? Is there some control/protocol as to what is said by whom in negotiations?
Rank and File – when can they act with the authority of the Union? What is the protocol for negotiations? Need to identify risk on a regulatory risk register at each level, educate
persons at each level and provide training to treat any risks.
14
Step 1: Establish the context:Rank and File and External Actors
Rank and File Hot Shops: Need more risk analysis than less militant areas. Need to
generate check lists and training for militants. Unguided Missiles: we all know who they are. They need to be informed
of the “big picture”. External Actors
Boss: Freehills at fifty paces or relatively friendly? Customers: any rabid litigators or union hating ideologues? Government and Government Agencies: are they likely to intervene?
15
Step 2. Identify the regulatory risks
16
Step 2: Identify the regulatory risks
This involves identifying risks which arise from the environment you have established through Step 1. Your aim is to develop a complete list of regulatory risk and what each involves. It may include: Best method for identifying potential risks; [previous experience of
enterprise bargaining/organising with particular employer] Examine the sources of possible risk in campaigns, organising, or
enterprise bargaining; [develop a check list at each level] Examine all potential regulatory risks – from internal actors from
secretary to shop floor, the employers, and customers; Examine each risk from the perspective of both internal and external
sources. Create a regulatory risk register which plots the risk
before you engage in the activity.
17
Step 2: Identify the regulatory risks
ACTU “A Risk Management Guide for Unions” identifies key areas of risk. Handy for the creation of checklists: Minimise the prospect of unconscious breaches of Work Choices: Right of Entry Agreement making Industrial Action Secret Ballots Freedom of Association
18
Step 2: Identify the regulatory risks
Ask yourself: What are the best methods to identify the risks which are likely to occur
for the activity? Who should I consult to assist me in identifying risks? Industrial Action What regulatory risks are relevant to this union activity? What risks are more likely? Are the risks internal/external or random?
19
Step 3: Analyse the Risk
20
Step 3: Analyse the risk
After the context is defined and the regulatory risk is identified the next step is to assess the impact of the risk. You want to separate acceptable risks from major risks which need to be managed.
21
Step 3: Analyse the risk
Risk Analysis involves deciding the relationship between the likelihood [frequency or probability of risk] and the consequences of the regulatory risk you have identified.
The level of risk should be analysed in relation to what you are currently doing to control that risk. Control measures decrease the level of risk.
22
Step 3: Analyse the risk –Calculating the level of risk
CONSEQUENCES
LIKELIHOOD Insignificant Minor Moderate Major Catastrophic
Almost certain High High Extreme Extreme Extreme
Likely Moderate High High Extreme Extreme
Possible Low Moderate High Extreme Extreme
Unlikely Low Low Moderate High Extreme
Rare Low Low Moderate High High
(Australian/New Zealand Standard for Risk Management AS/NZS 4360:2004) Key:
Extreme: An extreme risk requires immediate action.[i.e. damages through a common law proceeding or deregistration]
High: A high level of risk requires action, as it has the potential to damage the organisation.
[e.g. disobeying an s496 order]
Moderate: Allocate specific responsibility for moderate risk and implement monitoring or response procedures.
[e.g. penalties for right of entry breaches or prohibited content demands]
Low: Treat a low level risk with routine procedures.
23
Step 3: Analyse the risk –Calculating the level of risk
Evaluate the likelihood of a risk occurring according to the ratings in the left hand column.
Evaluate the consequences if the incident occurred, according to the ratings on the top row.
Calculate the level of risk by finding the intersection between the likelihood and the consequences.(A risk that is likely to occur and has minor consequences is a high level risk)
24
Step 3: Analyse the risk –Calculating the level of risk
Risk analysis questions:
Are there any controls currently in place to manage the regulatory risk?
If there are, is there any remaining risk?
What are the consequences if the risk should occur?
Therefore what is the level of risk?
25
Step 3: Analyse the risk –Calculating the level of risk
Identified risk Existing control
measure
Likelihood of risk occurring
(Almost certain, Likely, Possible, Unlikely, Rare)
Consequences (Catastrophic, Major,
Moderate, Minor, Insignificant)
Level of risk (Extreme, High, Moderate,
Low)
Prohibited content in claim
Training/checklist for members
Possible Moderate High
26
Step 4: Risk Evaluation
27
Step 4: Risk Evaluation
This step involves evaluating the risks by comparing the level of risk with your risk tolerance and criteria taking into account: Importance of the activity you are managing and its outcome (e.g. might
be bargaining trendsetter) Degree of control you have over the risk Potential and actual losses which may arise from the risk Benefits and opportunities presented by risk.
28
Step 4: Risk Evaluation – Deciding whether a risk is acceptable
An acceptable risk is not necessarily one which is insignificant.
You may decide the risk is acceptable because: The risk of prosecution is so low it doe not warrant spending time and
money on it; The risk of prosecution is low and the benefits presented by the activity
outweigh the costs of treating it; The opportunities presented by the regulatory risk are much greater than
the threats.
Risks which are acceptable should be listed in priority for treatment under Step 5.
29
Step 4: Risk EvaluationACCEPTABLE RISKS
Identified risk Level of risk
(Extreme, High, Moderate, Low)
Reason for acceptance
UNACCEPTABLE RISKS
Identified risk Level of risk
(Extreme, High, Moderate, Low)
Order of priority
30
Step 5: Treat the regulatory risk
31
Step 5: The treatment of regulatory risk
After evaluating the risk you have identified in a particular activity, the next step is to treat the risks you have decided are unacceptable.
You do this by: Identifying the options which you could use to treat the risk; Selecting the best option in terms of feasibility and cost effectiveness;
Preparing a risk treatment plan.
32
Step 5 – The treatment of regulatory risk
We really only have three options: Retain risk; Avoid the risk; Control the risk.
Risk Control is a method of reducing the likelihood of the risk occurring, or reducing the consequences of the risk or both.
33
Step 5 – The treatment of regulatory risk Regulatory Risk Control can be achieved by:
A training regime for executive, industrial and other staff or delegates and of rank and file on compliance issues;
Adequate supervision of drafting of Commission documents and other documents by competent officers and “made simple” check lists at each level of the union (use ACTU document as a guide);
Testing; Compliance Officer: Inspection and process controls of critical
document such as logs, bargaining period documents by a compliance officer – need a central point and responsibility for compliance.
34
Step 5 – The treatment of regulatory risk
Where the risk is unavoidable strategies should be put in place to deal with it:
Planning for contingencies (e.g. a fund or levy out of which to pay the fines/damages);
Minimising exposure to the source of the risk – taking steps to avoid the risk by training and check lists, or even use of corporate veil.
35
Step 5 – The treatment of regulatory riskRisk Treatment Form
Risk Event
Source of risk
Priority
Likelihood
Consequences
Level of risk
Risk treatment
Responsibility
Resources required
Performance measure
Timetable
KEY: Source of risk How can the risk arise? Risk event What can happen? Priority What priority does this risk have in relation to others? Likelihood Almost certain, likely, moderate, unlikely, rare? Level of risk Extreme, high, moderate, low?
Risk treatment What will be sone to avoid the risk, control the risk, transfer the risk or retain the risk?
Responsibility What is the name of the person who will implement the risk treatment option?
Resources required What is physical and human resources do you need to implement the risk treatment?
Performance measure How will you know that the risk treatment is working? Timetable When will the treatment option be implemented?
36
Step 6: Review of Risk Management Plan
Practical example: Cadbury Schweppes protected action application
37
STEP 6 – Constant Review of Risk Management Plan
In the course of an organising or enterprise bargaining campaign, constantly monitor and evaluate your risk management strategies. You need to:
Monitor the existing risks; Identify new risks; Identify trouble spots or indicators of a changing environment.
38
Example: Cadbury Schweppes –
there but for the grace of God….
The organiser passed the proposed deed to them and said words to the effect “sign this and it will all go away”: SDP Acton in AFMEPKIU v. Cadbury Schweppes [PR973290, para 21].
39
Example: Cadbury Schweppes
Go through risk management exercise. Evaluate Risk:
Always a risk in parallel negotiations for statutory collective agreement and common law deed for prohibited content;
Risk of confusion over claims and risk of liability for claims for prohibited content, inability to take protected action.
Treat Risk: Treat risk by the development of protocol for contemporary but distinct
and separate negotiations. Never together - always discuss separately; Training for rank and file, delegates and organising staff on the perils of
expressly linking the two and the strategic advantage of keeping the two negotiations separate.
40
Legal Privilege: what can it do for us?
41
Legal Privilege –can it help us?
Risk management is about managing and avoiding risk. It involves creating documents to establish endeavours to avoid or control risk.
Is there any way we can avoid or control risk of liability through utilising legal privilege to protect sensitive documents from the eyes of employer plaintiffs, the OEA or the Office of Workplace Services.
e.g: Branch executive “seeks advice” on industrial action strategy or union lawyer prepares a document in relation to wild cat strike activity in anticipation of a s496 order.
42
Legal Privilege –what is it?
Legal privilege is a “common law rule of evidence” by which certain communications are prevented from disclosure to a Court or other quasi judicial body or otherwise: Baker v Campbell (1983) 153 CLR 52 at 84.
43
Legal Privilege –what is it?
Not all lawyer/client communications. Mere fact that the person speaking is a lawyer and the
person to whom he speaks is his client affords no protection: Minter v Priest [1930] AC 558 at 568.
Privilege only arises in certain circumstances. There are three types of privilege: advice privilege; litigation privilege; third party litigation privilege.
44
Advice privilege
This is written or oral communications passing between a lawyer and their client are privileged from disclosure, whether as evidence in legal proceedings or otherwise, provided the communications are confidential and made for the dominant purpose of seeking or being furnished with advice from or by that lawyer: Esso Australia Resources Limited v Federal Commissioner of Taxation (1999) 201 CLR 49 at 65.
45
Litigation privilege
This attaches to written or oral communications between a lawyer and client made or prepared in confidence for the dominant purpose of being used in existing or reasonably contemplated judicial or quasi judicial proceedings: Grant v Downs (1976) 135 CLR 674 at 682.
46
Third party litigation privilege
This is invoked to prevent disclosure of confidential communications, including documents, passing between a lawyer and third parties, or the client and third parties, if made when litigation is on foot or reasonably contemplated and the dominant purpose of the communication was related to the proceeding
[Pratt Holdings v Commissioner for Taxation (2004) 207 ALR 227]
47
When is the communication “confidential”? Written or oral communications made in confidence
between one person to another: Ritz Hotel Ltd v Charles of the Ritz Ltd (no 22) (1988) 14 NSWLR 132.
It does not include: “Objectively observable facts”: National Crime Authority v. S (1991) 29
FCR 203; Discussions which take place in front of a third party: Lewis v
Theodoropoulos (1987) 4 MVR 115 (FC); Communications which are in the public domain such as documents
which constitute or evidence transactions, even if delivered to a solicitor or counsel for advice or for use in litigation: Baker v Campbell (1983) 153 CLR 52.
48
What does “dominant purpose” mean? Purpose for which the document came into existence:
ACCC v Safeway (1998) 153 ALR 393.
The use of the document after it is brought in existence is not material in establishing privilege: Arrow Pharmaceuticals v Merck (2004) 210 ALR 593.
Can’t make a document privileged if it’s originally made primarily for a purpose other than litigation or advice, eg, internal union documents can’t be made privileged after the event by seeking advice.
49
Does it extend to industrial officers without a practising certificate? No it does not!!
Legal advice given by an industrial officer of a trade union who is not a legal practitioner does not attract privilege: Wood v Commonwealth Bank of Australia (1996) 67 IR 46
Nor is legal advice given by an “in house counsel” who, though holding academic legal qualifications, is not admitted as a legal practitioner: GSA Industries (Aust) Pty Ltd and Constable (2002) 1 Qd R 233
50
In house lawyers with practising certificates?
Law is uncertain: Queensland Court of Appeal authority for the proposition the minimum
requirement to attract the privilege is admission to practice as a barrister and solicitor: Glengallan Investments Pty Ltd v. Arthur Anderson (2002) 1 Qd R 233;
Is admission a “sufficient condition”? – that is doubtful.
51
In house lawyers with practising certificates?
New ACT Supreme Court case suggests we need more than a practising certificate: Cth of Australia and Air Marshall Errol John McCormack [2005] ACTA 35 [23 August 2005]
Essential to privilege that lawyer holds a practising certificate but also: must be independent and free from control of employer; must be free from conflicting obligations and pressure and retain personal
responsibility to the client; must be consulted in a professional capacity about a professional matter; consideration must be given to the minimum academic and practical qualifications
that must be held by a salaried legal advisor which included a practising certificate.
`
52
Legal Privilege: does it give us anything? No privilege for industrial officers without practising
certificates. Unions with in-house lawyers even with practising
certificates can probably claim it but not with great confidence. Safety would require an “internal firm” model.
Safest quarantine is the use of external lawyers. If you wish to quarantine documents through the use of
privilege have to keep in mind confidentiality, dominant purpose test and no retrospective privilege.
In the end the potential for use of LPP is pretty limited.
53
Conclusion: be alert not alarmed Risk Management is not bureaucratic overkill but a
useful strategic tool. It is essential that Unions engage in some form of risk management. A minimal approach would be to conduct a regulatory risk audit before
engaging on e.g. an organising campaign or enterprise bargaining, working out how would unacceptable risk would be treated. The paper trail will assist in avoiding liability or limiting liability in the event of prosecution.
Legal Professional Privilege. Although the circumstances of its use are limited, it does present a method of quarantining some documents or communications from scrutiny, at least by the engagement of external lawyers.
54
Select Bibliography
Risk Management ACTU Risk Management Guide for Unions, [coming soon] Standards Australia Australian/New Zealand Standard, Risk
Management – AS/NZ4360:2004 Standards Australia Risk Management Guidelines Companion to AS/NZ
4360:2004, HB 436:2004
Legal Professional Privilege Desiatnik, Robert Legal Professional Privilege in Australia (LexisNexis
Butterworths)( Second Edition, 2005) MacNicol, Suzanne Law of Privilege (Law Book Company,1992)
