Policy Failures-The Biggest Risk No One Talks About
One of the greatest compliance risks in local government and business is not missing policies—it is having policies go ignored.
Most organisations boast shelves brimming with policies. Their policies cover procurement, complaints, code of conduct, conflicts of interest, fraud and corruption, workplace behaviour, delegations, and financial management.
A policy is one thing; following it is another.
When policies are ignored, organisations risk serious consequences such as fraud, corruption, legal action, audit findings, and damage to their reputation.
This is why policy failure stands as one of the most critical governance and compliance risks facing local government and business.
What Exactly Is a Policy Failure?
A policy failure happens when:
- Staff do not know that the policy exists
- Staff do not understand the policy
- The policy does not reflect what actually happens in practice
- Managers allow exceptions without approval
- The policy is out of date
- The policy conflicts with the legislation
- No one monitors whether the policy is being followed
- There are no consequences for not following the policy
Simply put, the organisation has rules—yet no one bothers to follow them.
From a compliance perspective, this is often worse than having no policy, as the organisation falsely believes it is protected when it is not.
Why Policy Failures Are a Critical Risk in Local Government
Local government navigates a complex, highly regulated environment. Councils must comply with:
- Local Government Acts
- Procurement regulations
- Records management legislation
- Work health and safety laws
- Privacy laws
- Anti-discrimination legislation
- Financial management regulations
- Fraud and corruption control requirements
Policies ensure strict adherence to these laws. Failing to follow the policies could cause the organisation to unknowingly breach legislation.
This could lead to:
- Audit findings
- Investigations
- Public complaints
- ICAC or integrity body investigations
- Loss of public trust
- Media attention
- Councillor complaints
- Legal claims
For local government, policy failure is not just an internal problem—it can quickly escalate into a public governance crisis.
Why Policy Failures Are a Major Risk in Business and SMEs
Many SMEs have policies too, but they are often:
- Copied from the internet
- Provided by an accountant or an HR provider
- Written once and never reviewed
- Not explained to the staff
- Not used by managers
This creates risks in areas such as:
- Workplace bullying and harassment
- Unfair dismissal
- Procurement and purchasing
- Financial delegations
- Fraud and theft
- Conflicts of interest
- Workplace health and safety
If something goes wrong and the organisation faces court, the first question asked is:
“Did you have a policy, and did you follow it?”
If the answer is “We had a policy, but we didn’t follow it,” the organisation faces significant exposure.
Common Examples of Policy Failure
Policy failures occur all too often. Examples include:
Procurement Policy Not Followed
- Quotes not obtained
- Contracts awarded to preferred suppliers
- Conflicts of interest not declared
- Delegations ignored
Code of Conduct Not Enforced
- Bullying ignored
- Inappropriate behaviour not addressed
- Complaints not investigated
Delegations Policy Ignored
- Managers approving expenses they are not authorised to approve
- Purchases made without approval
- Contracts signed without authority
Fraud and Corruption Policy Exists, But No One Reports Issues
- Staff are afraid to report
- No reporting system
- Reports ignored
Records Management Policy Not Followed
- Missing documents
- Poor file notes
- Verbal decisions with no record
These situations are not rare—they often occur in both local government and SMEs.
Why Policies Are Not Followed
Here are several key reasons policies fail:
- Policies are too long and too complicated
- Staff are not trained in the policies
- Managers do not enforce the policies
- The policy does not match actual work practices
- There is a culture of “this is how we’ve always done it”
- There are no consequences for noncompliance
- Policies are written to satisfy auditors, not to guide staff
- Policies are not reviewed and become out of date
A policy left untouched in a folder is not a policy—it is just a document.
The Risks Created by Policy Failure
When policies are ignored, organisations risk becoming vulnerable to:
- Fraud and corruption
- Financial mismanagement
- Bullying and harassment claims
- Unfair dismissal claims
- Breach of legislation
- Audit findings
- Poor governance findings
- Loss of reputation
- Loss of public trust
- Investigations by regulators or integrity bodies
From a governance perspective, policy failure is more often seen as a management failure than simply a staff failure.
How Organisations Can Fix Policy Failure
Tackling policy failure is not about crafting more policies. It is about making sure the policies you already have are:
- Correct
- Up to date
- Practical
- Understood
- Followed
- Enforced
It is about ensuring the policies you already have are:
- Reviewed regularly
- Simple and practical
- Staff and managers are trained in the application of the policies
- Monitored for compliance
- Audited especially those in high-risk areas
- Enforced with consequences for noncompliance
- Reviewed to ensure procedures match policies
- Reviewed to ensure policies match legislation
Above all, management must lead by example through their actions. When managers ignore policies, staff follow their lead and disregard them too.
Final Thoughts
“We have a policy for that.”
The real question is:
“Do we follow it?”
Policies become effective only when actively used, clearly understood, and consistently enforced.
Otherwise, they foster a false sense of security while exposing the organisation to severe compliance, legal, financial, and reputational risks.
Otherwise, they foster a false sense of security and leave the organisation vulnerable to severe compliance, legal, financial, and reputational risks.
Governance failures can quickly escalate into glaring problems.
