Can an RTO Sue ASQA for Negligence or Bad Faith? By Zmarak Zhouand, RTO Legal, 10 March 2025

Crown Immunity and ASQA’s Statutory Protection

1)      ASQA’s Status as the Crown: The Australian Skills Quality Authority (ASQA) is established under the National Vocational Education and Training Regulator Act 2011 (NVR Act) and is vested with the privileges and immunities of the Crown. In practical terms, this means ASQA is generally shielded from being sued for actions taken in the course of its regulatory functions, so long as those actions are in “good faith.” The NVR Act explicitly provides that ASQA, its staff, and agents are “not liable to an action or other proceeding for damages” for any act or omission done in good faith in performing their functions or powers. In other words, even if ASQA or its officers are negligent in carrying out their duties, they cannot be sued for damages as long as they were honestly attempting to fulfill their statutory responsibilities. This statutory immunity is a form of Crown immunity designed to allow regulators to perform their duties without fear of litigation over every mistake.

2)      Limits of the Immunity – Bad Faith Exception: Crucially, the protection only applies to acts done in good faith. If ASQA (or its officers) acted dishonestly, maliciously, or not in genuine pursuance of their powers, then the shield of immunity may fall away. Australian courts have long held that bad faith or abuse of power is not protected by such clauses. For example, even in a case where a statute didn’t mention “good faith,” the High Court read in that limitation – acts not done in good faith would still attract liability (see Little v Commonwealth (1947) 75 CLR 94). More recently, the High Court affirmed that no privative clause or immunity can protect officials who act in bad faith or for corrupt purposes. Thus, while ASQA enjoys broad immunity, it cannot deliberately or recklessly flout the law without potential consequences. The challenge, as discussed below, lies in proving such bad faith in court.

Negligence and Breach of Statutory Duty by Regulators

3)      General Rule – No Duty for Regulatory Omissions: Suing a regulator like ASQA for ordinary negligence faces high hurdles. Even aside from the statutory immunity, the common law often does not impose a duty of care on public authorities to individual citizens for how they exercise (or fail to exercise) their regulatory powers. The courts have repeatedly held that if a public authority has a power or discretion (as ASQA does when regulating RTOs), it generally owes no private law duty to use that power for the benefit of any particular person or entity. This principle was established in cases like Sutherland Shire Council v Heyman (1985) 157 CLR 424, and reaffirmed by the High Court in Graham Barclay Oysters v Ryan (2002) 211 CLR 540, where it was found that neither the State nor a local council owed a duty to protect consumers from contaminated oysters – the statutory powers to regulate oyster farming did not translate into a private duty of care to individuals. By analogy, ASQA’s mandate to uphold VET quality standards is aimed at protecting the public and students, not at safeguarding any one RTO’s commercial interests. Courts are reluctant to find that regulated entities can sue the regulator for losses caused by the regulator’s lapse, as this could conflict with the regulator’s public duties.

4)      When a Duty Might Arise: There are exceptional circumstances in which a public authority can owe a duty of care, but they are narrow and fact-specific. The authority’s conduct must go beyond mere regulatory oversight and involve it in the kind of relationship that private law would recognize as giving rise to a duty. Key examples include:

5)      Creating or Controlling a Risk: If the authority itself created a danger or had a high degree of control over the risk that caused harm, a duty may be found. In Pyrenees Shire Council v Day (1998) 192 CLR 330, a council was held to owe a duty to property owners to warn them about a known defective chimney, because the council had inspected the premises, gained actual knowledge of a fire hazard, and had statutory power specifically to prevent that danger. The council’s close knowledge and control of the risk meant it could be liable in negligence for failing to act.

6)      Inducing Reliance: If an authority acts in a way that leads others to rely on it for their safety or compliance, it may attract a duty. For instance, if ASQA undertook to give specific advice or guidance to an RTO and the RTO reasonably relied on that, a duty of care might arguably arise not to mislead or cause harm by negligence. (This is analogous to scenarios in other cases where authorities assumed responsibility by their conduct.)

7)      Direct Statutory Obligations to Individuals: In rare cases, a statute may be interpreted as intending to confer a private right of action if the authority breaches a specific duty. However, most regulatory statutes (including the NVR Act) do not explicitly or implicitly give RTOs a right to claim damages for breach of statutory duty. There is no indication in the NVR Act that Parliament intended ASQA to be monetarily liable to an RTO for failing to carry out its regulatory functions properly. Absent a clear legislative intent, the tort of breach of statutory duty is generally unavailable.

8)      Outside such special situations, attempts to sue regulators for negligence have failed. For example, investors have attempted to sue the Australian Securities and Investments Commission (ASIC) for not preventing financial losses (such as not stopping a company’s misconduct in time), but these cases founder on the absence of any duty of care owed by the regulator to individuals. Even where foreseeability of harm is clear, policy considerations (the need for regulators to act in the public interest without fear of liability, and the risk of conflicting duties) lead courts to deny a duty. As the High Court stated in Graham Barclay Oysters, imposing a private duty on a public authority in respect of its discretionary regulatory powers would “tend to discourage the proper exercise of those powers” and was not supported by the statutory scheme (see e.g. Barclay Oysters, 211 CLR at 588–590 per Gummow & Hayne JJ). In short, an RTO faces an uphill battle to prove ASQA owed it a duty of care in negligence for how ASQA conducted an audit or enforcement action. Simply showing ASQA made errors or was unreasonable is not enough – without a recognized duty of care, there can be no negligence claim.

9)      State Tort Law Reforms: It’s also worth noting that, if a negligence claim were ever permissible, state civil liability legislation would likely apply and impose additional hurdles. Most states have provisions protecting public authorities, stipulating that failure to exercise a regulatory function is not actionable or is only actionable in cases of extreme unreasonableness. For instance, in Queensland and New South Wales laws, an authority’s act or omission in carrying out regulatory functions must be so irrational that no reasonable authority could consider it reasonable, before it is deemed negligent. These laws, along with the common law principles, make it extremely difficult to establish liability for mere negligent inspection or decision-making by regulators.

Deliberate Wrongdoing: Misfeasance in Public Office

10)  If an RTO or other plaintiff can demonstrate that ASQA acted with targeted malice or knowing illegality – in other words, not in good faith – then a pathway opens via the tort of misfeasance in public office. Misfeasance is the only tort specifically directed at unlawful conduct by public officials. To succeed, a plaintiff must prove that a public officer: (1) engaged in an invalid or unauthorised act (2) intentionally or with reckless indifference to the fact that it was beyond power, and (3) knew (or was recklessly indifferent to the likelihood) that the act would cause harm to the plaintiff. This is a high bar, requiring evidence of a conscious abuse of power or bad faith on the part of the official. However, unlike negligence, misfeasance claims are not defeated by Crown immunity, since acting in bad faith falls outside any “good faith” protection.

11)  High Court Guidance – Northern Territory v Mengel: The modern contours of this tort were set by the High Court in Northern Territory v Mengel (1995) 185 CLR 307. In that case, cattle station owners sued the government after officers, without legal authority, ordered them not to move their cattle (as part of a disease control program). The High Court dismissed the negligence claims but recognized that misfeasance in public office is available where officials deliberately misuse power. The plurality in Mengel held that government liability in tort required either negligence or intent to cause harm. Since the inspectors in Mengel honestly (if erroneously) believed they had authority, they were not reckless or knowingly unlawful, and thus the misfeasance claim failed. Mengel is significant because it abolished an earlier doctrine of government liability (the Beaudesert rule) and confirmed that misfeasance in public office is the appropriate cause of action for deliberate abuse of power. In essence, if ASQA officials acted ultra vires (beyond power) knowingly or with reckless disregard, and an RTO suffered loss as a result, Mengel suggests a claim could be brought (even though proving the officials’ state of mind is challenging).

12)  Successful Misfeasance Case – Brett Cattle Company: Successful misfeasance cases against regulators or government bodies are rare, but they do exist. A landmark example is Brett Cattle Company Pty Ltd v Minister for Agriculture [2020] FCA 732. There, a class of cattle producers sued the Federal Government over a sudden 2011 ban on live cattle exports. The Federal Court found the Minister’s delegate had acted recklessly, exceeding his powers by imposing a blanket ban without regard to the law. Justice Rares held the Minister (and Commonwealth) committed misfeasance in public office by acting with reckless indifference to his lack of power and to the injury that the ban would cause the cattle producers. The lead applicant was awarded $2.94 million in damages, and the government faced liability potentially in the hundreds of millions for the class. This case demonstrates that when a regulator or decision-maker blatantly oversteps legal bounds in a way that damages businesses, courts are prepared to award compensation for the tort of misfeasance. The Brett Cattle outcome is a reminder to regulators (including ASQA) that the cloak of Crown immunity will not protect malicious or lawless conduct. It is one of the clearest Australian examples of overcoming Crown immunity – the plaintiffs triumphed because the actions were not in good faith, but rather reckless to legality and harm. (Notably, the Commonwealth did not appeal the finding, perhaps reflecting the strength of the evidence of bad faith in that case.)

13)  Other Attempts – The Westpoint Case: More often, misfeasance claims are attempted but ultimately not proved. An example in the ASIC context was the Westpoint litigation. Westpoint was a failed investment scheme; after its collapse, the founder (Norman Carey) sued ASIC alleging that ASIC’s actions in winding up Westpoint companies were malicious and negligent. Carey claimed ASIC had committed misfeasance in public office by its decisions in late 2005. However, that case was settled in 2011 with the allegations withdrawn and the plaintiff paying ASIC’s costs. No finding of liability was made. The Westpoint episode underscores the difficulty of proof – ASIC, like ASQA, had statutory immunity for good faith actions, and Mr. Carey could not ultimately substantiate bad faith. The case did not succeed, but it shows that regulated entities do sometimes try to sue regulators for misfeasance, particularly when enforcement action by the regulator causes significant financial damage. The legal bar, however, remains high.

Recent Legislative Developments Impacting ASQA’s Liability

14)  Amendments to ASQA’s Governing Legislation: In recent years, the NVR Act has been amended to reform ASQA’s governance and regulatory approach (for example, the National Vocational Education and Training Regulator Amendment (Governance and Other Matters) Act 2020 restructured ASQA from a commission to a single-agency model). These changes were aimed at improving regulatory quality and accountability. Importantly, none of the amendments to date have removed or diluted ASQA’s statutory immunity for actions done in good faith. The core provision that ASQA has the “privileges and immunities of the Crown” and protection from suit remains in force. As of 9 March 2025, no legislative change has opened the door for RTOs to sue ASQA in negligence if ASQA acted bona fide under its powers. A recent Bill in 2024 focused on strengthening VET integrity did not propose any changes to ASQA’s civil liability either. Thus, the statutory landscape still strongly favors immunity in the absence of bad faith.

15)  Push for Accountability: That said, there is a continuing policy discussion about regulator accountability. The Rapid Review of ASQA (2020) and other stakeholder feedback have emphasized the need for ASQA to act fairly and transparently. While not suggesting that ASQA should be exposed to ordinary negligence suits, these discussions encourage mechanisms for redress when ASQA’s mistakes cause serious harm. So far, the responses have been administrative rather than legal – for instance, improving internal review processes, better training of auditors, and providing informal remedies. One existing avenue is the government’s Compensation for Detriment caused by Defective Administration (CDDA) scheme, a scheme through which aggrieved parties (like RTOs) can seek ex gratia compensation for losses due to bureaucratic error or oversight. The CDDA scheme, along with Act of Grace payments, allows the Commonwealth to compensate individuals where there is a moral obligation, even if there is no legal liability. These remain discretionary solutions – they are not enforceable rights, but they can provide relief in deserving cases. Recent administrative changes have encouraged ASQA to utilize such remedies when appropriate, rather than fight RTOs tooth-and-nail. Still, from a legal stance, the fundamental immunity of ASQA from lawsuits for good faith conduct is unchanged. If an RTO seeks damages, it must either fit within the very narrow exceptions in common law (as outlined above) or convince the government to grant an ex gratia payment.

Comparison with Other Regulators (TEQSA, ASIC, APRA)

16)  The legal principles that protect ASQA from suit are not unique to the VET sector. Other regulatory bodies at the Commonwealth level enjoy comparable immunity and have faced similar litigation hurdles:

17)  TEQSA (Tertiary Education Quality and Standards Agency): TEQSA, the higher education regulator, is established by the TEQSA Act 2011 in analogous terms. The Act provides TEQSA with the status of the Crown and contains protections for acts done in good faith (mirroring the NVR Act). To date, universities or higher education providers have not successfully sued TEQSA for negligence. Like RTOs, their recourse against TEQSA has been through merits review or judicial review of decisions (to get decisions overturned), rather than damages claims. The immunity and the common law principles would apply equally – a college would need to prove TEQSA acted outside its legal authority and with knowing impropriety to have any chance of a damages claim. There appears to be no reported case of such a claim against TEQSA, suggesting the shield remains intact.

18)  ASIC (Australian Securities and Investments Commission): ASIC’s governing statute explicitly grants immunity almost identical to ASQA’s. Section 246 of the ASIC Act 2001 (Cth) provides that ASIC, the Minister, ASIC members and staff “are not liable to an action or proceeding for damages” for anything done or omitted in good faith in the performance of their functions under the corporations legislation. This is a direct corollary to NVR Act’s good faith clause. As noted, disgruntled company directors or investors have attempted to sue ASIC – often in the wake of enforcement action or failures of regulation. For example, following high-profile corporate collapses, some have argued ASIC was negligent in not detecting fraud sooner. However, those claims face the twin obstacles of no duty of care (ASIC’s duty is to the public, not to individual investors or companies) and statutory immunity for good faith conduct. No claimant has overcome these barriers in court in a final judgment. The Westpoint case (Carey v ASIC) discussed above is illustrative: ASIC’s decisions, even if arguably heavy-handed or mistaken, were taken in purported pursuance of its statutory role, and thus immune from civil liability absent proof of bad faith. Ultimately, ASIC has never had to pay damages to a regulated entity for the way it exercised its powers. The only realistic pathway remains misfeasance in public office, but establishing that against ASIC officials (who are usually acting under legal advice and without personal malice) has proven nearly impossible so far.

19)  APRA (Australian Prudential Regulation Authority): APRA oversees banks, insurers, and superannuation funds. It too is protected by statute. The APRA Act 1998 and related financial sector legislation contain provisions protecting APRA and its officers from liability for actions done in good faith in carrying out regulatory functions(for instance, decisions made to intervene in a bank or appoint an inspector). If, say, a bank attempted to sue APRA for failing to prevent a rogue banker’s misconduct, the claim would likely fail due to lack of duty and APRA’s immunity. We have not seen Australian banks or funds successfully sue APRA for regulatory shortcomings. The global analog is instructive: in the UK, depositors of a failed bank sued the Bank of England for negligence/misfeasance in the Three Rivers case, alleging the regulator’s lax supervision caused their loss. The House of Lords (2000) allowed the misfeasance claim to proceed to trial if bad faith could be shown, but ultimately no liability was established as bad faith couldn’t be proven. Australian courts would likely take the same approach with APRA – mere negligence in prudential supervision is not actionable, and only a knowing abuse of power (which is hard to imagine in APRA’s context) could trigger liability.

20)  Other Agencies: This pattern repeats across many regulators. Whether it’s the ACCC (competition regulator), the ATO (tax office), or others, legislation often grants an immunity for actions done honestly in execution of duties. Courts, in turn, emphasize that regulatory powers are for public benefit and generally do not create private causes of action. There have been cases against local authorities (councils) and statutory bodies at the state level – e.g., councils sued for negligent building inspections or road maintenance – with mixed success. Some older immunities (like highway authorities’ immunity for road non-repair) have been abolished (e.g. Brodie v Singleton Shire Council (2001) 206 CLR 512), but even then plaintiffs must show the council breached a duty of care. Similarly, a council or state agency can be liable if it assumes a specific responsibility and then acts negligently (as in Pyrenees Shire Council v Day or Crimmins v Stevedoring Committee). But a broad claim that “the regulator should have prevented this harm” usually fails. The underlying principles protecting ASQA thus apply broadly: good faith mistakes are protected; only egregious, bad faith conduct opens the door to damages across regulatory fields.

Key Takeaways for RTOs and Regulators

21)  Suing ASQA is an Uphill Battle: An RTO that has suffered loss due to ASQA’s actions (for example, loss of revenue after a registration cancellation or reputational damage from an audit report) will find it very difficult to recover damages through the courts. ASQA’s statutory immunity for actions done in good faith () means that even if ASQA was negligent or made a wrong decision, it cannot be sued so long as it was honestly performing its regulatory role. No RTO has yet succeeded in obtaining a damages award against ASQA for negligence or breach of duty.

22)  Administrative Review is the Primary Avenue: RTOs have had success overturning incorrect ASQA decisions via merits review or judicial review – for instance, in the Administrative Appeals Tribunal (AAT) or Federal Court (on administrative law grounds). A notable example is Brighton Pacific Pty Ltd v ASQA [2020] (Federal Court), where the AAT’s decision to set aside ASQA’s cancellation of an RTO’s registration was upheld. However, these processes can quash or alter decisions; they do not award damages. They are about fixing the decision, not compensating for past loss.

23)  Misfeasance Claims – A High Bar but Possible: If an RTO believes ASQA acted not just erroneously but unlawfully and with knowing impropriety (for example, an officer deliberately targeting an RTO for an improper purpose, or cancelling registration knowing there were no grounds), a tort claim for misfeasance in public office could be contemplated. This requires clear evidence of bad faith or abuse of power. While rare, the Brett Cattle case shows that courts will hold regulators or ministers to account if their actions are recklessly beyond power and cause harm. An RTO would need a very strong fact pattern to succeed (something as extreme as a personal vendetta or a wilful violation of the law by ASQA). If such a case exists, suing is theoretically possible and the Crown immunity would not apply – because no statute protects officials who knowingly act with malice.

24)  Recent Reforms Don’t Enable Lawsuits: Changes to ASQA’s legislation and approach (2019–2021) have not created any new rights to sue. They are geared more towards better regulatory practice (e.g. giving ASQA an educative role, improved governance, and more proportionate enforcement). The protective provisions in the law remain. Thus, from a legal standpoint in 2025, the status quo is that ASQA cannot be held liable for damages for mere negligence. RTOs should not invest in litigation expecting to overcome this without clear evidence of bad faith. Instead, attention is better focused on preventing disputes (through compliance) or using review mechanisms to reverse unfair decisions quickly, thereby mitigating losses.

25)  Alternative Remedies: If an RTO does suffer significant financial harm due to an ASQA error, the pragmatic route is to seek a discretionary remedy. Writing to ASQA (or the Department) with a settlement claim or CDDA scheme application can sometimes yield an ex gratia payment. Under the CDDA scheme, the government may compensate for “defective administration” – essentially, clear administrative mistakes or unreasonable delays that caused loss. While these payments are ex gratia (no admission of legal liability), they are a recognition that the aggrieved party deserves to be put right morally. Many RTOs have successfully obtained relief this way when ASQA processes were found wanting. It’s a path worth considering before contemplating the long-shot of litigation.

26)  Comparative Consistency: RTOs should understand that ASQA’s virtual immunity is not an anomaly – it reflects a consistent policy in Australian law. Just as they cannot easily sue ASQA, banks cannot readily sue APRA for not catching a rogue trader, and companies cannot sue ASIC for failing to prevent a fraud. The policy reason is to ensure regulators act fearlessly in the public interest. The trade-off is that other accountability mechanisms (tribunal review, Ombudsman oversight, Ministerial accountability, etc.) are used to check regulators, rather than private lawsuits. Knowing this, RTOs can calibrate their expectations and strategies: focus on compliance and cooperative engagement with ASQA, use appeals to challenge wrong decisions, and reserve court action for only the most extreme misconduct by a regulator.

Conclusion

27)  In summary, an RTO can sue ASQA for damages only in very limited circumstances. To succeed, they would need to overcome Crown immunity by showing ASQA did not act in good faith – essentially, that ASQA committed a deliberate legal wrong (misfeasance). This is a steep challenge, and successful examples (like Brett Cattle) have involved egregious facts. No known case has yet seen an RTO pierce ASQA’s immunity in court. Recent legislative tweaks have not altered this landscape. The same principles apply to other regulators: good faith errors do not give rise to liability, whereas bad faith abuses might. RTOs, ASQA officials, and VET sector advisors should all be aware that while the door to suing a regulator is not completely closed, it is only open a crack – and only for the most serious of official misdeeds. For ordinary disputes and losses, other avenues of resolution need to be pursued.

Zmarak Zhouand - RTO Legal | Email: z@rto.legal | Website: https://www.rto.legal | Phone: 07 3726 9559

Reference List

Legislation

1. National Vocational Education and Training Regulator Act 2011 (Cth)

   • s 157 – ASQA’s immunity from liability for acts done in good faith.

   • s 233(2) – ASQA’s privileges and immunities as the Crown.

2. Australian Securities and Investments Commission Act 2001 (Cth)

   • s 246 – ASIC’s immunity from liability for regulatory actions done in good faith.

3. APRA Act 1998 (Cth)

   • s 54 – Immunity for APRA and its officers in the exercise of regulatory functions.

4. TEQSA Act 2011 (Cth)

   • s 176 – TEQSA’s good faith protection against damages claims.

5. National Vocational Education and Training Regulator Amendment (Governance and Other Matters) Act 2020 (Cth)

   • Key amendments to ASQA’s governance, but did not remove liability protections.

High Court Cases

6. Little v Commonwealth (1947) 75 CLR 94

   • High Court decision affirming that bad faith or dishonesty can override statutory immunity.

7. Sutherland Shire Council v Heyman (1985) 157 CLR 424

   • Established that regulatory authorities do not owe a private duty of care when exercising discretionary powers.

8. Northern Territory v Mengel (1995) 185 CLR 307

   • High Court decision outlining the tort of misfeasance in public office.

9. Graham Barclay Oysters Pty Ltd v Ryan (2002) 211 CLR 540

   • Held that government regulators generally do not owe a private duty of care in regulatory matters.

10. Plaintiff S157/2002 v Commonwealth (2003) 211 CLR 476

11. Confirmed that a privative clause does not protect government officials who act outside their legal authority.

12. Brodie v Singleton Shire Council (2001) 206 CLR 512

13. Examined local council liability and abolished historical highway immunity rules.

14. Pyrenees Shire Council v Day (1998) 192 CLR 330

15. Established that where a council has specific knowledge of a danger and statutory power to prevent harm, a duty of care can arise.

16. Crimmins v Stevedoring Industry Finance Committee (1999) 200 CLR 1

17. Considered the circumstances in which public authorities owe a duty of care.

Federal Court and Tribunal Cases

14. Brett Cattle Company Pty Ltd v Minister for Agriculture [2020] FCA 732

15. Found the Minister’s decision unlawful and awarded damages for misfeasance in public office.

16. Brighton Pacific Pty Ltd v ASQA [2020] FCAFC 33

17. A case where the Federal Court upheld an AAT decision reversing ASQA’s cancellation of an RTO’s registration.

18. Carey v Australian Securities and Investments Commission [2011] (Westpoint case)

19. ASIC was sued for misfeasance, but the case was ultimately settled with no liability found.

Other Legal Sources and Reports

17. Rapid Review of ASQA (2020)

18. Government review recommending regulatory improvements but retaining ASQA’s legal immunity.

19. Compensation for Detriment caused by Defective Administration (CDDA) scheme

20. Outlines discretionary compensation mechanisms for administrative errors.

21. Act of Grace Payment Guidelines – Australian Department of Finance

22. Defines circumstances in which the government may provide discretionary compensation.

23. Australian Law Reform Commission Report on Government Liability

24. Analysis of statutory immunities and liability frameworks for regulators.