Medr sets out the approach it intends to take towards regulation, monitoring and reportable events

On 22 October 2025 Medr launched its second consultation on a new system for regulating tertiary education and training providers. This follows on from its first consultation (which ran from 15 May - 18 July 2025), and importantly sets out for the first time the full set of draft Conditions of Registration and Funding.

The consultation, which runs until 17 December 2025, seeks views on Medr’s proposals on the:

• Statement of Intervention Powers - which explains its statutory powers of intervention;
• Regulatory Framework - which sets out the approach to regulation and monitoring, the draft Conditions of Registration and Conditions of Funding and the process for how, and what type of, incidents and events must be reported to Medr;
• Quality Framework - which underpins the condition requirements and monitoring arrangements in respect of quality;
• Learner Engagement Code - which supports providers and Medr to focus the tertiary education sector around the needs of the learner and ensure all learners have opportunities to engage in their provider’s decision-making;
• Frequently Asked Questions document; and
• Glossary of terms.

In our first briefing here we looked at the proposed conditions of registration and funding. In this second briefing we focus on the approach Medr intends to take towards regulation, monitoring and reportable events.

The regulatory approach

In the Regulatory Framework, Medr sets out the approach it intends to take towards regulation to achieve its vision of enabling a tertiary education and research system which is centred around the needs of learners, society and the economy with excellence, equality and engagement at its heart. Its approach is not just about enforcing standards, but also about working collaboratively with educational providers and stakeholders to achieve shared outcomes.

In delivering its regulatory requirements Medr will adhere to the following 10 principles:

• Clear guidance and resource – it will publish guidance with clear explanations of the requirements, enabling providers to meet both regulatory requirements and desired outcomes and over time, this will include sharing examples of good practice to drive continuous improvement.
• Transparent communication – it will communicate clearly about the implications of non-compliance and may publish information highlighting continuous improvement or issues of non-compliance and poor performance, where it considers this will benefit learners and the wider public.
• Minimising burden – to help minimise bureaucracy and empower providers to focus on the delivery of tertiary education and research.
• Collaborative development of regulations and processes - it will work closely with stakeholders and through engagement and consultations, ensure that regulations are informed by those they affect
• Engagement – there will be regular opportunities for providers to engage with Medr directly, through workshops, training sessions, meetings and other routes
• Proactive monitoring and feedback - to proactively monitor compliance, identifying potential issues early and working with providers to address them before they escalate.
• Legal and directive action - when necessary, Medr will take evidence-based targeted action to address non-compliance and poor performance.
• Promotion of best practice - Medr encourages providers to look beyond mere compliance, fostering a culture of evaluation and continuous improvement.
• Innovative and responsive approaches - it will continually review and improve the regulatory processes to adapt to changing circumstances - including responding to new legislation and analysing data to anticipate and address long-term challenges for current and future generations of staff and learners.
• Resilience and focused action – there is a commitment to taking proportionate and timely action to secure compliance and excellence in tertiary education and training in Wales.

Respondents are asked whether they have any comments on the regulatory approach, in the context of the full set of regulatory documentation.

Monitoring

The consultation sets out how Medr intends to monitor in compliance with the Conditions of Registration and Funding. Comments are invited on the proposed approach.

The approach is underpinned by the following principles:

• Proportionality - the scope, frequency and intensity of the monitoring will be proportionate to the level of risk and the regulatory value of the information required.
• Risk-Based judgement - monitoring decisions will be driven by risk, drawing on a range of information sources and taking into account not only the likelihood of non-compliance, but also the potential impact on learners, public confidence, and sector-wide stability.
• Clarity and transparency – there is a commitment to providing clear, consistent information about monitoring expectations and processes.
• No surprises and early engagement - providers are expected to engage at the earliest opportunity where a risk to compliance, learner interest, or public confidence arises and in turn, Medr will communicate clearly and in good time where it considers there may be increased risk or it intends to escalate the engagement.
• Institutional autonomy - the autonomy of institutions and the diversity of mission and governance arrangements across the Welsh tertiary education sector is recognised and respected. Monitoring is not a tool for steering institutional strategy, nor is it intended to impose uniformity – Medr’s role is to hold providers accountable for meeting clearly defined conditions — not to direct how they operate internally or set their priorities.
• Support for continuous improvement - whilst compliance is central, monitoring is also seen as a means to promote improvement across the sector.

Monitoring will take place across all the conditions but as different conditions carry different types and levels of regulatory risk the approach to monitoring will vary and each conditions contains information of the proposed monitoring. The following 10 sources of monitoring are set out together with a table indicating which ones will apply to which conditions.

• Annual assurance return – this is a structured self-declaration submitted by a provider and formally signed off by its accountable officer and governing body, requiring providers to confirm that, based on a robust analysis of evidence, they have reviewed their compliance with the conditions applying to them, and have assured themselves that they remain compliant with the Conditions of Registration and/or Funding, or to identify in their return any areas where their internal review indicates that they are not compliant and the action they are taking in response.
• Learner surveys - the National Student Survey in higher education, and the intention is to develop student surveys across the wider tertiary sector.
• External quality assessment - for providers subject to inspection by Estyn or review by The Quality Assurance Agency for Higher Education.
• Public information monitoring - Medr may monitor public information, for example that published on providers’ websites.
• Complaints monitoring – a review of complaints made against providers to Medr.
• Reportable events - providers must notify Medr of reportable events — this includes both serious incidents and notifiable events that may affect compliance, e.g. events such as major financial issues, legal proceedings, leadership or governance failures, or breaches of statutory obligations.
• Data monitoring – data, both published or submitted to Medr, will be used to monitor key indicators relevant to the regulatory conditions — such as participation, continuation, outcomes, or financial trends.
• Independent assurance - third-party assurance obtained by providers, such as other regulating bodies, internal audits, external evaluations, or expert reviews.
• Engagement activities - these include routine meetings, consultation responses, and informal feedback.
• Self-evaluation - Medr encourages providers to carry out regular internal self-evaluation, both of their performance and of how they meet the Conditions of Registration and Funding.

Reportable events

This sets out Medr’s expectations for serious incidents and notifiable events that need to be reported to it. Again, the consultation asks for comments on what is being proposed.

It is the responsibility of a provider to determine whether a particular event or matter constitutes a reportable event and should be reported. If Medr concludes that a provider has not reported an event, or that in reporting an event a provider has not met the timescales for reporting, Medr may take further regulatory action.

The list of serious incidents are grouped under the following themes:

• Provider’s ownership, legal form or corporate structure - including the legal entity that is registered ceasing to exist.
• The delivery of tertiary education in Wales - including loss or suspension of a provider’s student sponsor licence.
• The quality and standards of a provider’s tertiary courses - including notification of an investigation by an awarding organisation or professional or statutory body, notification to the provider that its awarding organisation is to withdraw from the arrangement before the end of the contract term and where a provider thinks that there is reason to believe that the quality of provision it delivers, or a partner delivers on its behalf, is inadequate or likely to become inadequate to meet the reasonable needs of learners.
• Student and consumer protection - including the provider becomes aware that it has charged or advertised fees that exceed a statutory fee limit or a fee.
• Provider’s financial viability or sustainability - including risks to financial viability or sustainability leading to decisions or announcements that are deemed likely to attract public interest, such as significant restructuring projects involving changes to staffing and/or physical infrastructure, course closures, relocation or other financially driven re-organisation.
• Management and governance, including financial management - including:

• significant failure of or deficiencies in internal controls;
• legal action against the provider as a result of the action of any member of the governing body, the accountable officer, a member of the senior executive team, and/or an individual case (or a pattern of cases) exposing a systemic weakness in the provider’s management and governance arrangements;
• regulatory investigation and/or sanction by other regulators or funding bodies;
• data breach or cyber-attack resulting in significant learner or staff data loss or significant disruption to services which result in an impact on learners; or
• safeguarding, including death or significant harm.

Serious incidents must be reported within 10 working days of them occurring or being identified and specified information must also be provided.

The list of notable events are also sent out under themes. There is no timescale set out for reporting these or specific information requested.

• Applicable to all conditions - if the accountable officer advises the governing body that an action or policy being considered by the governing body would result in the provider being in breach of the ongoing Conditions of Registration and/or Funding and the governing body nevertheless decides to proceed with this action or policy.
• Provider’s ownership, legal form or corporate structure - including a merger of the provider, or acquisition by the provider, with another provider; a change of ownership, including through a sale, of the provider or its parent; a change in the provider’s legal form; or significant amendments to the provider’s governing documents.
• The delivery of tertiary education in Wales - including the provider resolving to fully or substantially cease providing tertiary education or a specific type of tertiary education or changes which have the potential to result in the provider not being mainly based in Wales.
• Management and governance, including financial management – including:

• the appointment, resignation or dismissal of certain officers;
• where financial data returns or audited financial statements are expected to be delayed;
• there has been oversight of the severance agreement via the provider’s governance structure for any severance agreements with a value of £100,000 or above;
• fraud or financial irregularities where the sums of money are, or potentially are, in excess of £50,000 or 2% of the provider’s turnover (whichever is lower);
• divergence of the provider into areas of new activity which have been assessed as high risk by the provider; or
• a matter relating to the provider’s compliance with the Prevent duty.