Australia: Not-For-Profit Directors: Navigating Risk Management Following The Banking Royal Commission's Final Report

Last Updated: 25 July 2019
Article by Campbell Hudson and Lis Boyce

The Final Report from the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry delivered by Commissioner Hayne in February 2019 has put a spotlight on Board accountability.

This will impact corporate compliance and the activities of ASIC.

The Banking Report recommends that ASIC should adopt an approach that takes, as its starting point, the question of whether the Court should determine a contravention of the law.

Regulators are being encouraged to litigate, rather than compromise any breaches of statutory obligations.

The Banking Report also critically reviewed the need to address governance failings involving inadequate investigations by Boards into emerging non-financial risks.

Against this background, as part of good risk management, it is important for NFP directors to remain up to date on their legal duties and the protections available to them so they can continue to serve their organisation's purpose in a confident, sustainable and responsible manner. This article serves as a useful reminder of the legal duties of NFP directors as well as the consequences that NFP directors could face if they are found to breach their legal duties.

We will explore major shifts to the risk management landscape and its impact on the NFP sector arising from the recommendations from the Royal Commission.

A brief recap of directors' legal duties as part of risk management

Each director of an Australian company owes a number of statutory and general law duties to the company. Generally, those duties are designed to safeguard the company and ensure that the directors satisfy high standards of good faith and loyalty to the company.

Directors of NFP organisations are no exception.

Director duties are generally governed by the provisions within the Corporations Act 2001 (Cth) (Corporations Act). To the extent that the NFP entity is a charity registered with the Australian Charities and Not-for-Profit Commission (ACNC), their duties are prescribed by the Australian Charities and Not-for-profits Commission Regulation 2013 (ACNC Regulations) which mirrors and imports parts of the Corporations Act.

However, the duties which are not "switched off" involve the duties related to related-party transactions (Chapter 2E of the Corporations Act) and, more relevantly, the duty to prevent insolvent trading (section 588G of the Corporations Act). Company directors are also subject to certain duties at common law. As part of good risk management, NFP directors should be aware of their potential personal exposure if deemed to be non-compliant, on application by either a regulator (such as ASIC or ACNC) or a stakeholder (such as creditors or members).

The purpose of this article is to give some practical tips for compliance and risk management. The table below provides a summary of key legislation, regulation and AICD NFP governance principles relevant to directors of NFPs.

Corporations Act
(civil obligations)

ACNC Regulations


NFP Governance Principles
Australian Institute of Company Directors

Good risk management and governance tips

Section 180
Exercise due care and diligence

Reg 45.25(2)(a)

Principle 1:
Purpose and strategy

Principle 2:
Roles & responsibilities

Principle 3:
Board composition

Principle 4:
Board effectiveness

Principle 5:
Risk management

Principle 6: Performance

Principle 7: Accountability & transparency

Principle 8:
Stakeholder engagement

Principle 9:
Conduct & compliance

Principle 10: Culture

Functional relationship between Board and Management

Section 181
Act in good faith

Reg 45.25(2)(b)

Review powers and limits in Board charter and Constitution

Section 182
No misuse of position

Reg 45.25(2)(c)

Governance training

Section 183
No misuse of information

Reg 45.25(2)(d)

Decisions made for charity's best interests

Section 191
Disclose material personal interests

Reg 45.25(2)(e)

Reporting against cash flow (not history)

Section 286
Keep financial records

Reg 45.25(2)(f)

Timely payments for payroll, PAYG, GST

Section 588G
Prevent insolvent trading

Reg 45.25(2)(g)

Read and challenge Board papers, participate in meetings

The Incorporated Association legislation in most States and Territories also impose duties on management committee members, which have not been turned off by the Corporations Act. There have also been changes to how registered charities that are incorporated associations incorporated under the relevant state legislation report to regulators.

For example, from the 2018 reporting period, the majority of registered charities that are incorporated under the Association Incorporation Act 2009 (NSW), with a financial year that ends on or after 30 June 2018 will only need to report to the ACNC, using the prescribed Annual Information Statement.

Consequences of breach of directors' duties

Breaching your director duties under the Corporations Act can carry significant sanctions, including personal liability for directors. A failure to prevent insolvent trading, for example, may result in civil penalties of up to $200000, criminal charges (with possible imprisonment of up to five years), order(s) to compensate the organisation or any interested person for damage suffered as a result of their misconduct and disqualification.

These provisions are not turned off for directors of charities. This is in addition to the other common law or equitable remedies available to the liquidators or ASIC.

Additionally, non-compliance with the ACNC Act and ACNC Regulations can empower the Commissioner to enter into enforceable undertakings, provide directions and potentially revoke charity status of the relevant charity. The ACNC is also empowered to suspend and remove individual directors (for federally regulated charities). Governor misconduct can also result in grave commercial and reputational consequences with potential loss of government funding, donor disenchantment, loss of assets for charitable purposes as well as damage to reputation.

Heightened scrutiny post Royal Commission?

Following the release of the Banking Report, it is more necessary than ever that boards of NFPs remain vigilant and informed as to their legal responsibilities.

While the Banking Report referred to directors and senior executives in the financial services industry, these lessons are transferrable to governors on how to avoid similar circumstances in their respective NFP organisations.

The primary responsibility of misconduct in the financial services industry, according to the Banking Report, was attributed to the boards and senior management of the entities in question.

The failings that led to the misconduct originated from de-synchronized dynamic organisational culture, governance and remuneration.

The Banking Report however, provided good benchmarks for good governance, involving:

  1.  The importance of the Board challenging management; and
  2. Ensuring that there is adequate disclosure of information to the Board to enable the Board to make informed decisions.

These benchmarks will also ensure that directors can comply with their legal duties under the relevant governing legislation.

As far as risk management and governance is concerned, Commissioner Hayne emphasised the importance of the Board receiving adequate and relevant information and challenging management, and used failings by certain banks as examples of companies that did not do enough to ensure management fixed issues in a timely manner.

The Commissioner did however caution Boards to not become embroiled in the day-to-day management of the companies – the task of the Board is still governance, not management. 

Duty of directors of NFPs to exercise powers for a proper purpose to promote objects

The Banking Report raised a further issue about the nature and extent of directors' duties. The Banking Report further stated that:

"Directors must exercise their powers and discharge their duties in good faith in the best interests of the corporation, and for a proper purpose..... Financial returns to shareholders (or 'value' to shareholders) will always be an important consideration but it is not the only matter to be considered. The best interests of the corporation cannot be determined by reference only to the current or most recent accounting period....The longer the period of reference, the more likely it is that the interests of shareholders, customers, employees and all associated with any corporation will be seen as converging on the corporation's continued long term financial advantage".

In addition, the evidence before the Commission showed that:

"...too often, Boards did not get the right information about emerging non-financial risks; did not do enough to seek further or better information where what they had was clearly deficient; and did not do enough with the information they had to oversee and challenge management's approach to these risks".

Commissioner Hayne also noted that "the best interests of a company cannot be reduced to a binary choice". These statements can also be directly relevant to boards and senior management of NFP entities. The NFP Board should not have to choose between the interests of its members and the interests of customers.

Whether this involves the addition of further duties and obligations on directors of companies and NFP entities remains to be seen overtime. While the 'stakeholder' approach is yet to be adopted, it is useful for NFP directors to consider the following questions raised by the Royal Commission:

  • Is there adequate oversight and challenge by the Board and its organised committees of emerging non-financial risks?
  • Is it clear in the entity who is accountable for risks, and how they are to be held accountable?
  • Are issues, incidents and risks identified quickly, and managed and resolved with sufficient urgency?
  • Is enough attention being given to compliance? Is it working in practice? Or is it just 'box-ticking'?
  • Do compensation, incentive or remuneration practices recognise and penalise poor conduct? How does the remuneration framework apply when there are poor risk outcomes or there are poor customer outcomes? Do senior managers and above feel the sting?

ASIC enforcement: Why not litigate?

Commissioner Hayne disapproved of ASIC'S negotiated outcome approach to enforcement and indicated that ASIC must consider whether legal proceedings should be commenced.

In the Banking Report, Commissioner Hayne affirmed this approach with the following three points:

  1. That there can and will be some cases of contravention of the law in which the outcome is negotiated between contravenor and regulator;
  2. Remediation or compensation for consumers is an important goal but ASIC does not have to choose between remediation and enforcement; and
  3. ASIC should ensure that breaching the law is not profitable.

Under the Corporations Act, an application for a compensation order for any contravention of civil penalty provisions (such as directors' duties) in relation to the company can be made by ASIC.

ASIC has begun implementing the Banking Report's ethos by establishing a new internal Office of Enforcement principled on deterrence, pubic denunciation and punishment of wrongdoing by way of litigation. In a nutshell, the new body's principles impel ASIC to investigate alleged breaches of law, and if satisfied that there is one or more breaches, ask itself: why not litigate?

It is inevitable that the ACNC will have regard to this new environment in determining its approach to regulation of charities.

Where to from here?

From the Banking Royal Commission, corporate governance should be front and centre of every NFP directors' risk management strategy.

In short, knowledge, training and effective accountability systems will help NFP directors manage their NFP organisations with confidence rather than fear of doing the wrong thing.

The imperative is to be informed of your legal obligations and protections as a NFP director; to safeguard yourself from personal liability and also allow the NFP organisation to pursue its purpose in the long-term.

About Dentons

Dentons is the world's first polycentric global law firm. A top 20 firm on the Acritas 2015 Global Elite Brand Index, the Firm is committed to challenging the status quo in delivering consistent and uncompromising quality and value in new and inventive ways. Driven to provide clients a competitive edge, and connected to the communities where its clients want to do business, Dentons knows that understanding local cultures is crucial to successfully completing a deal, resolving a dispute or solving a business challenge. Now the world's largest law firm, Dentons' global team builds agile, tailored solutions to meet the local, national and global needs of private and public clients of any size in more than 125 locations serving 50-plus countries.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on

Click to Login as an existing user or Register so you can print this article.

Some comments from our readers…
“The articles are extremely timely and highly applicable”
“I often find critical information not available elsewhere”
“As in-house counsel, Mondaq’s service is of great value”

Related Topics
Related Articles
Related Video
Up-coming Events Search
Font Size:
Mondaq on Twitter
Mondaq Free Registration
Gain access to Mondaq global archive of over 375,000 articles covering 200 countries with a personalised News Alert and automatic login on this device.
Mondaq News Alert (some suggested topics and region)
Select Topics
Registration (please scroll down to set your data preferences)

Mondaq Ltd requires you to register and provide information that personally identifies you, including your content preferences, for three primary purposes (full details of Mondaq’s use of your personal data can be found in our Privacy and Cookies Notice):

  • To allow you to personalize the Mondaq websites you are visiting to show content ("Content") relevant to your interests.
  • To enable features such as password reminder, news alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our content providers ("Contributors") who contribute Content for free for your use.

Mondaq hopes that our registered users will support us in maintaining our free to view business model by consenting to our use of your personal data as described below.

Mondaq has a "free to view" business model. Our services are paid for by Contributors in exchange for Mondaq providing them with access to information about who accesses their content. Once personal data is transferred to our Contributors they become a data controller of this personal data. They use it to measure the response that their articles are receiving, as a form of market research. They may also use it to provide Mondaq users with information about their products and services.

Details of each Contributor to which your personal data will be transferred is clearly stated within the Content that you access. For full details of how this Contributor will use your personal data, you should review the Contributor’s own Privacy Notice.

Please indicate your preference below:

Yes, I am happy to support Mondaq in maintaining its free to view business model by agreeing to allow Mondaq to share my personal data with Contributors whose Content I access
No, I do not want Mondaq to share my personal data with Contributors

Also please let us know whether you are happy to receive communications promoting products and services offered by Mondaq:

Yes, I am happy to received promotional communications from Mondaq
No, please do not send me promotional communications from Mondaq
Terms & Conditions (the Website) is owned and managed by Mondaq Ltd (Mondaq). Mondaq grants you a non-exclusive, revocable licence to access the Website and associated services, such as the Mondaq News Alerts (Services), subject to and in consideration of your compliance with the following terms and conditions of use (Terms). Your use of the Website and/or Services constitutes your agreement to the Terms. Mondaq may terminate your use of the Website and Services if you are in breach of these Terms or if Mondaq decides to terminate the licence granted hereunder for any reason whatsoever.

Use of

To Use you must be: eighteen (18) years old or over; legally capable of entering into binding contracts; and not in any way prohibited by the applicable law to enter into these Terms in the jurisdiction which you are currently located.

You may use the Website as an unregistered user, however, you are required to register as a user if you wish to read the full text of the Content or to receive the Services.

You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these Terms or with the prior written consent of Mondaq. You may not use electronic or other means to extract details or information from the Content. Nor shall you extract information about users or Contributors in order to offer them any services or products.

In your use of the Website and/or Services you shall: comply with all applicable laws, regulations, directives and legislations which apply to your Use of the Website and/or Services in whatever country you are physically located including without limitation any and all consumer law, export control laws and regulations; provide to us true, correct and accurate information and promptly inform us in the event that any information that you have provided to us changes or becomes inaccurate; notify Mondaq immediately of any circumstances where you have reason to believe that any Intellectual Property Rights or any other rights of any third party may have been infringed; co-operate with reasonable security or other checks or requests for information made by Mondaq from time to time; and at all times be fully liable for the breach of any of these Terms by a third party using your login details to access the Website and/or Services

however, you shall not: do anything likely to impair, interfere with or damage or cause harm or distress to any persons, or the network; do anything that will infringe any Intellectual Property Rights or other rights of Mondaq or any third party; or use the Website, Services and/or Content otherwise than in accordance with these Terms; use any trade marks or service marks of Mondaq or the Contributors, or do anything which may be seen to take unfair advantage of the reputation and goodwill of Mondaq or the Contributors, or the Website, Services and/or Content.

Mondaq reserves the right, in its sole discretion, to take any action that it deems necessary and appropriate in the event it considers that there is a breach or threatened breach of the Terms.

Mondaq’s Rights and Obligations

Unless otherwise expressly set out to the contrary, nothing in these Terms shall serve to transfer from Mondaq to you, any Intellectual Property Rights owned by and/or licensed to Mondaq and all rights, title and interest in and to such Intellectual Property Rights will remain exclusively with Mondaq and/or its licensors.

Mondaq shall use its reasonable endeavours to make the Website and Services available to you at all times, but we cannot guarantee an uninterrupted and fault free service.

Mondaq reserves the right to make changes to the services and/or the Website or part thereof, from time to time, and we may add, remove, modify and/or vary any elements of features and functionalities of the Website or the services.

Mondaq also reserves the right from time to time to monitor your Use of the Website and/or services.


The Content is general information only. It is not intended to constitute legal advice or seek to be the complete and comprehensive statement of the law, nor is it intended to address your specific requirements or provide advice on which reliance should be placed. Mondaq and/or its Contributors and other suppliers make no representations about the suitability of the information contained in the Content for any purpose. All Content provided "as is" without warranty of any kind. Mondaq and/or its Contributors and other suppliers hereby exclude and disclaim all representations, warranties or guarantees with regard to the Content, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. To the maximum extent permitted by law, Mondaq expressly excludes all representations, warranties, obligations, and liabilities arising out of or in connection with all Content. In no event shall Mondaq and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use of the Content or performance of Mondaq’s Services.


Mondaq may alter or amend these Terms by amending them on the Website. By continuing to Use the Services and/or the Website after such amendment, you will be deemed to have accepted any amendment to these Terms.

These Terms shall be governed by and construed in accordance with the laws of England and Wales and you irrevocably submit to the exclusive jurisdiction of the courts of England and Wales to settle any dispute which may arise out of or in connection with these Terms. If you live outside the United Kingdom, English law shall apply only to the extent that English law shall not deprive you of any legal protection accorded in accordance with the law of the place where you are habitually resident ("Local Law"). In the event English law deprives you of any legal protection which is accorded to you under Local Law, then these terms shall be governed by Local Law and any dispute or claim arising out of or in connection with these Terms shall be subject to the non-exclusive jurisdiction of the courts where you are habitually resident.

You may print and keep a copy of these Terms, which form the entire agreement between you and Mondaq and supersede any other communications or advertising in respect of the Service and/or the Website.

No delay in exercising or non-exercise by you and/or Mondaq of any of its rights under or in connection with these Terms shall operate as a waiver or release of each of your or Mondaq’s right. Rather, any such waiver or release must be specifically granted in writing signed by the party granting it.

If any part of these Terms is held unenforceable, that part shall be enforced to the maximum extent permissible so as to give effect to the intent of the parties, and the Terms shall continue in full force and effect.

Mondaq shall not incur any liability to you on account of any loss or damage resulting from any delay or failure to perform all or any part of these Terms if such delay or failure is caused, in whole or in part, by events, occurrences, or causes beyond the control of Mondaq. Such events, occurrences or causes will include, without limitation, acts of God, strikes, lockouts, server and network failure, riots, acts of war, earthquakes, fire and explosions.

By clicking Register you state you have read and agree to our Terms and Conditions