Skip to main content

Compliance and Regulation

Higher education institutions (HEIs) work in a complex environment, and are subject to considerable regulation. A governing body should satisfy itself that the institution is complying with the requirements placed upon it. As HEIs are required to make returns to many organisations and agencies this is not a simple task.


Some institutions have compiled a summary of the returns they make each year in an effort to provide governors with an overview of what information they are required to collect, compile and submit to an external agency. Entries in the summary report typically identify the nature and purpose of the return, which part of the organisation is responsible for compiling the return, the submission date and who authorises submission of the return on behalf of the institution.

An institution will, for example, need to make returns about, for example, its finances, the student body, its staff and the estate. Given the detailed nature of the returns made, the task of ensuring the returns submitted are accurate and timely is often delegated to the institution's audit committee. The Committee may carry out is work by sampling at random the data returns being made by institution in order to test and, subject to the results of the testing, offer assurance to the governing body as the accuracy of the returns being made by the institution. Most HEIs are also charities, and governors therefore need to have due to regard to their duties and responsibilities as a trustee.

Further support

Many of the data returns submitted by institutions are made to the Higher Education Statistical Agency. Higher education providers are expected to meet the code of practice for higher education data collections.

To assist trustees of charities in England and Wales to understand their duties and responsibilities, the Charity Commission has published The Essential Trustee.

More generally, the Charity Commission (CC) issues guidance on different aspects of a charity's operation, including, for example:

While the CC's jurisdiction covers England and Wales, and most higher education institutions are 'exempt charities' (i.e. not directly regulated by CC), the guidance offers many helpful insights into the management of all charities. For example, CC35 stresses that in relation to a trading subsidiary the interests of the parent charity are paramount and a subsidiary must be established where the planned activities represent a significant risk to the assets of the charity. Trustees are also expected to routinely monitor the performance of all trading subsidiaries.

Examples of recent and additional legal requirements placed on institutions include:

The Bribery Act 2010, which came into force on 1 July 2011.

'prevent duty' was placed on higher and further education institutions following the passing of the Counter-Terrorism and Security Act 2015

Additional Resources

Briefing note 5: Regulations and compliance

Higher education providers operate in a complex and increasingly regulated environment. One of the duties if a Governing Body is to assure itself that the provider is fully compliant with the statutory and other regulatory requirements placed upon it. This is a significant task, demanding considerable time and attention from the Governing Body and its committees.
Download the briefing note

Illustrative Practice Notes

In partnership with the Committee of University Chairs (CUC), we have developed an Illustrative Practice Note on Counter-Terrorism and the Prevent Strategy to support governors and share practice from governing bodies throughout the UK.
Download the Illustrative Practice note

Leadership and management of health and safety in higher education institutions

The University Health and Safety Association in partnership with the Universities and Colleges Employers Association have created guidance on leading and managing health and safety in HEIs.

You can use this guidance to help you understand your legal duties and demonstrate your visible
commitment to the success of the health and safety management system in your institution. The broad
principles can all be captured within the management system approach: Plan, Do, Check, Review. This approach is no different to management processes used across HEIs for other purposes, such
as procurement, applying for research bids or developing institutional strategies.
Download the guidance

Find out about other areas of Governor responsibilities

Governor responsibilities