Strategy and policies

• The University - The University has put in place policies, processes, risk management and decision-making authority in order to ensure that individuals are supported in understanding their responsibilities and has a responsibility to maintain these.
• The Chief Operating Officer and University Secretary (COO) has overall responsibility for the University’s compliance with export control and is accountable for institutional strategic decision-making, institutional policy related to Trusted Research, and the University’s Export Control Compliance Statement.
• The Trusted Research Advisory Group (TRAG) is responsible for supporting the COO to ensure effective strategic decision making, risk management and mitigation, and policy development through:
  • Decision-making in respect of any aspect of the University’s strategic position and compliance activity related to trusted research and related topics, such as responsible internationalisation and collaboration, and transnational education (TNE).
  • Case review where decision making is sensitive, complex, has strategic impact, and/or requiring input from multiple actors or entities across the University.
  • Identifying, assessing, and mitigating risk related to trusted research and related topics, including defining risk appetite and managing risk exposure to the University.
  • Overseeing internal or external audits or requests for information related to trusted research, export controls, or the National Security and Investment Act.
  • Reviewing any trusted research-related policies.
  • Liaising with other University committees, such as the TNE Board or Senior Management Group (SMG), to ensure consultation and decision making is taking place in the most appropriate venue.
• The Transnational Education (TNE) Board is responsible for the following in relation to export control regulations:
  • Ensuring that decisions in respect of the University’s TNE partnerships are compliant with export control regulations or legislation, and institutional policies, or able to be made so.
  • Ensuring that export control matters and relevant risks are considered on an ongoing basis in relation to all TNE matters.
  • Communicating/collaborating with TRAG and RGIT regarding concerns or decisions related to TNE partnerships.
• The Research Governance, Policy, and Integrity (RGPI) portfolio in the Research Services Directorate (RSD), and in particular the Research Governance and Integrity Team (RGIT) are responsible for:
  • Developing, maintaining and managing institutional policies, guidance, communications, and procedures in respect of compliance and assurance mechanisms relating to export control legislation and requirements;
  • Working with TRAG to support University decision and risk management with respect to trusted research;
  • Providing advice on compliance with legal and regulatory requirements relating to controlled activities;
  • Providing advice and support to staff in identifying whether export control issues arise in relation to their activities and, if so, providing support in determining the appropriate compliance route or risk mitigation actions, and support in following appropriate legal procedures, including obtaining licenses and/or registering projects where required;
  • Developing and delivering appropriate targeted training to researchers and colleagues whose activities might be subject to export control legislation or requirements;
  • Engaging with internal and external audits or requests for information relating to export control compliance requirements, working with researchers or other colleagues to address any identified non-compliance, as required;
  • Working in collaboration with University colleagues to contribute to due diligence processes and checks on international partners from a trusted research compliance perspective. This may include, for example, conducting end-user checks, providing advice or signposting to resources, coordinating advice from RCAT or ECJU, and/or tabling cases for TRAG assessment.
  • Acting as institutional “authorised users” on dedicated government systems (e.g. LITE) on behalf of the university to administer license applications to ECJU and undertake checks on behalf of researchers.
  • Managing the institutional relationship with RCAT / ECJU as named contacts. All contact with RCAT and ECJU must be made via RGIT.
• The Legal & Contracts Team within the Legal and Governance team, part of the University Court Office, is responsible for ensuring that:
  • A reasonable effort is made to establish whether export controls apply when working through contract negotiation and drafting with colleagues;
  • Colleagues are signposted to RGIT for advice or support as needed during any contract drafting or negotiation process;
  • Contracts within their remit include provisions, where appropriate, requiring all parties to comply with applicable export controls and sanctions, ensuring, insofar as possible, appropriate protections for the University.
• Academic Policy and Governance (APG), part of Student and Academic Services, are, in the context of trusted research, responsible for:
  • managing transnational education (TNE) partnerships;
  • providing advice and guidance to assist colleagues to ensure that TNE partnerships and resultant activity comply with export control regulations;
  • liaising as required with RGIT and TRAG to support the provision of advice and guidance and support decision-making process;
  • supporting effective risk assessment, mitigation and management and associated record-keeping.

• Strategic Leaders, including Heads of College, Deans of Research, and Heads of School are responsible for:
  • Maintaining an awareness of trusted research risks in their Colleges or Schools and implementing appropriate measures to ensure compliance and appropriate risk management and mitigation.
  • Understanding export control regulations and relevant internal policies as they apply to their research areas and/or organisational units, supporting compliance or audit activities, and supporting investigations into any suspected non-compliance;
  • Supporting awareness raising to ensure that individuals in their Colleges or Schools are made aware of and undertake the training available, particularly in identified high-risk areas of research.
  • Considering export control regulations when developing international partnerships whether related to research or teaching;
• Research Leaders, Principal Investigators (PIs), and line managers are responsible for, as appropriate to their roles:
  • Understanding export controls regulations and relevant internal policies and procedures as they apply to their research areas, disciplines, operations, and organisational units and ensuring understanding and compliance policy and processes are embedded in their teams; 
  • Supporting staff within their line management to understand their obligations, supporting compliance or audit activities, and/or supporting investigations into any suspected non-compliance;
  • Maintaining an awareness of compliance risk and implementing appropriate measures to ensure appropriate risk management and mitigation is in place.
  • Seeking advice from the RGIT via the Helpdesk if they suspect that export controls may apply to their work.
  • Obtaining export control licenses where these are required in connection with activities relating to projects for which they lead or are PI, ensuring that all members of their team(s) understand and comply with export control regulations, including keeping accurate records of risk assessment and mitigation and associated records.
  • Providing complete and accurate information on project partners and activities, including unfunded projects to relevant internal parties to assist with compliance activities or with audit activities.
• Staff, including researchers, LTS staff, and Professional Staff (where relevant to their roles) and postgraduate researchers (PGRs) should ensure that they:
  • Have read and understood this Export Control Policy and any associated guidance and understand whether their research area(s) and/or collaborative partners or collaborators may be subject to export control legislation;
  • Seek advice from RGIT via the Helpdesk if they suspect that export controls may apply to their work.
  • Comply with export control regulations related to their research or their roles, including developing any required local policy or process, keeping accurate records of risk assessment and/or mitigation actions, and any other associated records;
  • Do not engage in any activity for which an export control license is required without confirming that a license has been obtained for that activity;
  • Undertake due diligence on new partners and support internal due diligence processes, taking advice as needed and sharing, as needed, with professional services such as Legal and Contracts, or research support/operations teams;
  • Provide accurate information for license applications and make best efforts on the Goods Checker or other existing guidance to determine the applicability of the export control legislation;
  • Comply with any risk management requirements;
  • Consider export control regulations when engaging with international partners and colleagues whether related to research or teaching.

A number of specialist roles exist within the University which may be relevant for export control compliance and advice, including:

• Supervisors and advisers of PGRs should support PGRs to understand and comply with this policy and export control regulations.
• Graduate Schools are responsible for ensuring relevant processes and checks are in place relating to PGRs and visiting PGRs and for liaising with RGIT as needed to develop and enhance relevant processes.
• Line managers of all staff are responsible for ensuring that those whom they manage are supported to comply with export control regulations and engage with relevant training.
• Research Professionals undertake a variety of specialist roles in relation to research at the University, including the full lifecycle of grant management, and should understand how trusted research compliance and risk mitigation is relevant in their roles, supporting the implementation of appropriate due diligence, systems, policies or processes as needed. Colleges each have research offices or teams who lead on support for this activity.
• Technical Staff undertake a variety of specialist roles and should seek to understand how trusted research compliance and risk mitigation is relevant in their roles, supporting the implementation of appropriate due diligence, systems, policies or processes as needed.

A number of University Services exist within the University to support colleagues with international collaborations and travel:

• External Relations lead many of the University’s strategic internationalisation activities, including the development and management of partnerships and formal collaborations. They are also responsible for student recruitment, applications, and admissions.
• Finance Office, Insurance Section – Provides details and support related to University insurance policies. Travel insurance is available through the Travel, Risk, Insurance, Compliance and Approval Portal (TRICAP).
• International Student Support – Provides support to students applying to the Academic Technology Approval Scheme (ATAS).
• IT Services – Provides advice, guidance, and support related to information security, including securing your devices and data and staying secure while travelling.  Local IT support teams can provide advice or access to clean devices to ensure secure travel.
• People and Organisational Development (POD): Provide advice and guidance about global mobility and ATAS requirements for staff.
• Safety and Environmental Protection Service provide guidance and training on occupational health and safety and environmental legislative compliance matters across the University. Specifically, they can provide specialist advice about specific risks, e.g. biological or chemical safety, and travel advice and risk assessment.