1. Introduction from the Chief Archivist

My primary statutory role as the Chief Archivist is to lead public information and records management. A necessary part of this role is regulation.

This statement describes Archives New Zealand’s approach to regulatory compliance. It acknowledges the stewardship role that we have and how we will work with our regulated sector to achieve the requirements of the Public Records Act 2005 (PRA). The PRA provides tools to assist and support public sector organisations to achieve voluntary, full and sustained compliance.

Efficient and systematic information and records management is critical for public sector business and accountability. My leadership role and Archives New Zealand’s regulatory approach are framed to support and enforce effective information and records practices within and across New Zealand government operating environments.

2. Our role

We enhance public confidence in the integrity of public records and local authority records by administering the PRA. This enables government to be held accountable by ensuring that full and accurate records of the affairs of public offices and local authorities are created, maintained and disposed of legally (section 3 of the PRA).

Our job is to focus our regulatory efforts on removing barriers to full and sustained compliance and to assist and support organisations subject to the PRA to achieve compliance. This means that the approach we take to compliant organisations differs from the solutions we choose for those who are wilfully negligent or deliberately non-compliant.

3. Our approach to compliance and enforcement

Our overall approach is to focus on better compliance for the good of the public. We do this through the set of behaviours described in this section.

3.1 We focus on outcomes

Our compliance and enforcement work seek maximum impact on delivering what government and the community should expect. This includes:

  • effective and responsible stewardship of information assets

  • creation and maintenance of records that can be used to hold government to account

  • preservation of records with long-term historical or cultural value, or which contribute to New Zealanders’ sense of their national identity.

We focus on these expectations by promoting good business practice and targeting our efforts. We want organisations and individuals to comply with the law in a way that best delivers these expectations.

3.2 We are fair and reasonable

Our people act with integrity and in accordance with the codes of conduct of the Department of Internal Affairs and the public sector. We expect the same from organisations in the public sector.

Being fair means giving organisations and individuals affected by our compliance and enforcement work opportunities to contribute to our thinking and decision-making processes. It means our responses are reasonable and unbiased, and follow the principles of good administrative practice and natural justice.

3.3 We are consistent

We take similar approaches in similar circumstances. This does not mean uniformity. Each case and set of circumstances is unique and must be handled in light of the outcomes sought, risk, resources, and other relevant factors.

This means we may pursue some non-compliance more vigorously than other superficially similar cases: some non-compliance matters more than others.

3.4 We respond to public expectations

Our response to non-compliance, while consistent and fair, will be informed by a public expectation for firm action. Compliance action can help to repair or bolster public confidence in government records and trust in government, even when this involves revealing failings.

3.5 We are transparent and open

We are clear about our approach to compliance and enforcement and how we make our decisions. We explain our decisions to those affected by them. This includes explaining our decisions to the public.

3.6 We target our efforts

Most organisations and individuals willingly comply with legal requirements, if they are well-informed and supported to comply, because it is in their own interests. We use our knowledge and expertise to target and prioritise efforts and interventions where we consider our effect on maximising compliance is the strongest and most useful. We take a risk-based approach, which means that some clear failings may not be addressed where the consequences are not serious.

3.7 We focus on our goal of long-term sustainable compliance

Our primary goal is long-term sustainable compliance to support the purposes of the PRA, but this does not prevent us taking action against serious one-off breaches. We will take firmer action against non-compliance that we consider is negligent and that damages the integrity of the public record, than against technical non-compliance.

3.8 We earn trust and confidence

The public and our stakeholders can trust and have confidence in our work because we are recognised as an effective, competent and principled regulator. We use a full range of regulatory tools, enforcement tools, or both, in a focused way to obtain compliance and achieve positive outcomes.

3.9 We collaborate with Government and other organisations

We play an active role in pursuing solutions and initiatives aimed at minimising harm and maximising benefit. We collaborate with a range of organisations, often actively working with them to develop solutions. We seek to align our work with other related functions, for example the Government Chief Information Officer, the Privacy Officer, the Auditor-General, and the Ombudsman.

3.10 We learn as we go

In addition to our monitoring functions, we use our experience to help inform our future work. We systematically review and learn from our actions to identify what worked and where we might make changes.

4. Our activities: information, support, assessment and enforcement

We expect everyone to comply with the law so that the purpose of the PRA is achieved.

The PRA provides us with a range of support activities and enforcement options for responding to non-compliance. We recognise best practice, provide information, support compliance, detect and assess non-compliance, and enforce sanctions against the worst cases. We are guided by factors such as a regulated party’s history of compliance, and how open and prepared it is to cooperate with us.

We support compliance by:

  • setting standards

  • promoting best practice

  • engaging with regulated parties and other stakeholders

  • providing guidance and support

  • minimising the burden of the compliance process

  • encouraging and supporting disclosure of unintentional non-compliance

  • publicising the regulatory role of the Chief Archivist and how it fits in the wider system.

We acknowledge that barriers such as a lack of awareness, understanding or capability may prevent some organisations complying.

We monitor our regulated sector continually. This enables us to focus and adapt our efforts dynamically, and have greatest impact on levels of voluntary, sustained compliance. It also enables us to build a system that, when complied with, upholds the purposes of the PRA.

We want to increase trust in how government manages New Zealand’s information. This means that we promote examples of excellence, and highlight areas where non-compliance is threatening that trust.

We always seek to work with regulated parties to improve compliance, but we are fully prepared to escalate our response with enforcement action if necessary.

4.1 We recognise excellence

We recognise excellence and responsibility, particularly where it contributes effectively to better levels of compliance and helps to achieve our outcomes.

We spread information about good practice that we believe our sector could adopt more widely. We support organisations that take on greater responsibility for positive outcomes and that are striving for excellence.

4.2 We provide information, guidance and support to regulated parties

Regulated parties need top-quality information and guidance on the requirements of the law and how they can comply.

Archives New Zealand produces this type of material and supports others to produce this information. Guidance can take many forms, including website information, FAQs, conferences, presentations, forums, alerts, newsletters, posters and standards.

4.3 We simplify compliance and promote self-management

Regulated parties must take responsibility for ensuring their own compliance. We make compliance as simple as possible in the circumstances. We seek to make our systems and processes straightforward and effective to support this. We are clear about our expectations.

4.4 We encourage early and open disclosure of errors or mistakes

Some non-compliance is inevitable in a complex environment. Usually, an open discussion of problems provides greater benefit than punitive use of regulatory powers. We can help rectify problems when they are brought to our attention openly and early.

We are committed to continuously improving our systems and working with the sector to minimise the cost and burden of that compliance.

Some errors or mistakes can indicate systemic failure that needs intervention. Failure to disclose problems to the regulator may indicate a poor understanding of their importance.

4.5 We monitor compliance and detect non-compliance threats

We monitor our regulated sectors and international developments to detect non-compliance, potential opportunities for promoting compliance, and other emerging threats/trends. We use this information to inform our planning and to effectively target and focus our efforts.

4.6 We publicise our enforcement actions

We may choose to publicise enforcement action that we are taking or have taken. Publicising our action can promote greater understanding of the consequences of non-compliance, and deter individuals and organisations from engaging in non-compliant activity.

We will use the most useful channel for publicity, including the State of Government Recordkeeping Report that is tabled in Parliament each year.

4.7 We support complaints and feedback from the public

A well-informed public can be an effective source of information about non-compliance through the complaints they make.

The PRA does not include a formal complaints mechanism, but we can use our regulatory tools in response to complaints or information received.

We maintain effective and easy-to-use complaints information, as well as other feedback mechanisms to help inform our work.

4.8 We audit public offices

We commission independent audits of recordkeeping practices of public offices under the PRA. We report on these audits to the Minister and the House of Representatives. The PRA provides flexibility about the criteria and aspects of recordkeeping to be covered by the audits. We will use that flexibility in a way that maximises benefit to organisations and the system.

4.9 We inspect recordkeeping systems

We can inspect recordkeeping systems. These inspections generally occur in response to non-compliance that we consider is serious or significant. Even so, a proactive inspections programme is an option.

4.10 We issue directions to report

We direct public offices and approved repositories to report to the Chief Archivist on their recordkeeping. This is a broad and flexible tool that can be specific to a topic or organisation, or be used to gather broader sector information.