Understanding enforceable undertakings

By Katie Airey, Quality, Risk and Compliance Lead

With the findings of the Royal Commission into Aged Care Quality and Safety still reverberating, the industry continues to be under intense scrutiny. Enforceable undertakings (EU) have been on the rise and have become a pivotal regulatory tool to address non-compliance while allowing aged care providers the opportunity to remedy deficiencies without facing severe sanctions. But the question remains: how can providers ensure that they avoid non-compliance and enforceable regulatory action?  

The answer lies in proactive governance and risk management—focusing on robust internal systems, continuous improvement, and expert guidance to bridge gaps in compliance and operational effectiveness.

What is an enforceable undertaking?

An enforceable undertaking is a legally binding agreement between an aged care provider and a regulatory body, such as the Aged Care Quality and Safety Commission. When a provider is found to be non-compliant with regulations or delivering substandard care, the regulator can offer them the option of entering into an EU. The undertaking sets out specific actions the provider must take within a defined period to rectify deficiencies, improve quality, and align with the required standards.

EUs serve as an alternative to more punitive measures, such as fines or closure. They offer a chance for providers to remain operational while addressing issues within their facilities. However, the key to success lies in the provider’s commitment to genuinely improving their systems, culture, and practices—rather than simply complying with the letter of the agreement.

The risks of enforceable undertakings: Beyond compliance

While enforceable undertakings present an opportunity for reform, they are not without risk. Signing an EU without taking meaningful action can do more harm than good. Here are some of the key risks associated with EUs in the aged care sector:

• Superficial compliance

One of the primary dangers is that providers may sign an EU to avoid more severe consequences but fail to make any substantial changes to their operations. They may meet the minimum requirements of the undertaking but do not address the deeper systemic issues that led to non-compliance in the first place. This type of superficial compliance can delay real reform and may even perpetuate a cycle of repeated failures.

• Inadequate monitoring and accountability

EUs often require providers to implement significant changes in areas such as governance, workforce training, and care practices. Without effective oversight and continuous monitoring, there is a risk that providers may fail to fully implement the changes or, worse, revert to old practices once the immediate threat of regulatory intervention has passed.

• Resistance to change

Cultural resistance within aged care organisations can also present a major challenge. Some providers may view the undertaking as a temporary inconvenience rather than an opportunity for real transformation. If staff and leadership are not fully engaged in the process, improvements may be only temporary, undermining the very purpose of the EU.

• Failure to address root causes

Enforceable undertakings often focus on immediate issues—such as staffing ratios or specific care failures—but may not address the root causes of these deficiencies. For example, systemic issues like inadequate funding management, poor leadership, or misaligned incentives can contribute to poor care quality. Without addressing these underlying factors, improvements may be short-lived.

Mitigating risk with proactive governance and independent expertise

To avoid these pitfalls and turn an enforceable undertaking into a true opportunity for transformation, aged care providers should adopt a proactive approach to governance and compliance. This goes beyond simply responding to regulatory action—it involves embedding a culture of continuous improvement and robust risk management throughout the organisation.

• Building a robust governance framework

At the core of any successful organisation is strong governance. This includes clear lines of accountability, well-defined roles and responsibilities, and the integration of compliance into everyday operations. Governance should not be viewed as an afterthought or merely a response to regulatory pressure, but as an ongoing process of ensuring quality and accountability. An effective governance framework aligns the entire organisation towards a common goal: delivering safe, high-quality care while adhering to regulatory requirements.

• Utilising independent consultants for gap analysis and risk audits

One of the most effective ways to mitigate risk and ensure compliance is to undertake an independent gap analysis and key risk audit. By engaging external consultants with specialised expertise in aged care compliance, providers can gain an objective, comprehensive assessment of their current practices and identify any emerging risks or areas of non-compliance. Independent experts can conduct in-depth audits of everything from governance structures and staffing models to care delivery and resident satisfaction.

A thorough gap analysis should focus on:

1. Regulatory compliance: Are the current systems and practices aligned with the current Aged Care Quality Standards and are they fit for purpose under the Strengthened Standards?
2. Operational efficiency: Are there inefficiencies in processes that could lead to compliance issues or suboptimal care delivery?
3. Risk management: Are there areas where the organisation may be exposed to legal, financial, or reputational risk?
4. Staff training and development: Does the workforce possess the necessary skills and knowledge to provide high-quality care?

These audit(s) can then form the foundation for developing a tailored, actionable improvement plan.

• Implementing continuous monitoring and reporting systems

Proactive governance requires ongoing vigilance and the establishment of systems for monitoring progress and reporting outcomes. These systems should not only track the provider’s adherence to the regulatory requirements but should also assess broader performance metrics related to quality of care, staff engagement, and resident outcomes. By setting up continuous feedback loops and regular audits, providers can identify issues before they escalate, adjusting in real-time.

• Fostering a culture of continuous improvement

A culture where continuous improvement is embedded in the organisation’s DNA involves encouraging staff to proactively identify issues, speak up about concerns, and contribute to the improvement process. Leaders should empower staff through ongoing training and professional development programs that emphasise both clinical excellence and the softer skills essential to compassionate care.

Furthermore, involving residents and their families in the care process—through feedback mechanisms, care planning, and regular consultations—helps ensure that the improvements made are truly aligned with the needs of those receiving care.

Enforceable undertakings are a critical tool for ensuring compliance in the Australian aged care sector, but they must be approached with a mindset of transformation rather than mere compliance. By leveraging independent consultants for gap analysis, implementing rigorous risk audits, and embedding a culture of continuous improvement through strong governance, aged care providers can not only mitigate the risks associated with non-compliance but also drive systemic change.

If you need assistance, our Quality, Risk, and Compliance Management can help offer a clear perspective on maintaining compliance and preventing non-compliance. Our review process will assess the effectiveness of your systems, identify any gaps, and provide recommendations to help mitigate risks.