Arma 2022: Universities adapting at different speeds to changing international collaboration regulations, says Sapna Marwaha
Foreign interference can enter universities in a variety of ways. Obvious examples include efforts to access information and inventions with security applications, via participating in and funding research projects. But there are also softer mechanisms for trying to gain access and influence.
There have been reports, for example, of restricted organisations securing an invite to speak at the student union, or showing up on campus to hand out free lunches. Staff across a university need to know who to call when the alarm bells ring and they find themselves questioning a free lunch.
The Association of Research Managers and Administrators has been exploring this issue, known as trusted research, since May. We’ve met leaders, research managers and researchers in organisations of different sizes and structures, and spoken with those redesigning processes, carrying out checks and making decisions on risk.
Many institutions’ current processes were established when UK Research and Innovation changed its terms and conditions in 2016, with occasional tweaks and additions since then. But the pace of new regulation, such as the National Security and Investment Act 2021, and an increasingly complex geopolitical environment have left processes in need of a more rigorous overhaul.
Shifting responsibilities
Those who grasped this early and expanded their efforts accordingly are finding it much easier to identify high-risk projects and relationships. It’s at this stage that the resource requirements often become apparent.
This need stems partly from a shift in responsibilities for making checks. In the early days, most due diligence questions fell to partners and collaborators. Now, much more desk-based research is needed—checking sanction and watch lists, dual use lists and conflicts of interest—meaning more work for in-house teams. To ease this pressure, teams have developed tiered processes, based on internal criteria, that help them focus on high-risk cases.
The complexity of issues around trusted research and security demands consultation across many layers of an organisation, bringing in departments such as research, innovation, international, information technology, legal and governance. When ownership and accountability is spread across multiple departments, however, processes can become burdensome and inaccessible. Collaboration and consultation will always be essential, but creating a smooth and efficient process for academics to engage with also requires strong leadership.
Invariably, the institutions furthest ahead on this journey have invested in dedicated central resource. As well as much-needed capacity, this brings leadership that drives ownership and accountability.
Some universities have created posts, such as trusted research managers or research compliance managers. Others have expanded existing teams, such as pre-award, contracts or due diligence and drawn on external experts.
Arma’s conversations have shown that, with budgets tight, many institutions are still deciding whether to have dedicated, specialist support in this area. Judging from our discussions, building effective and mature processes for trusted research depends on such additional support.
Tailored communication
Besides resources, another commonly cited barrier was a lack of understanding and capacity among research staff. Leading institutions had planned for this, ensuring that colleagues knew where to find expertise on trusted research, when to reach out and how they could help.
Approaches varied from a full-scale roadshow to one-to-one engagement with those most likely to be affected. This shows universities using tailored communication strategies to embed changes within their wider communities.
The increased need for desk-based research is also driving a greater reliance on external systems and databases to support due diligence processes. This has long been the case in finance, where credit and financial resilience checks are standard practice; now it is spreading to a greater use of software to handle governance, risk and compliance.
Where frequent checks are required, these tools bring efficiency. It’s possible to go without such systems and rely on open-source data, but checking sources such as sanction lists manually can be arduous.
In some cases, specialist software can also help tackle another long-standing problem—a lack of ongoing monitoring of partners and relationships. Previously, many projects were checked at a single point in time. But due diligence checks at a project’s inception, for example, cannot manage unexpected risks that materialise later in its lifecycle.
Ongoing monitoring has often seemed an unaffordable luxury. These systems bring it much closer.
Arma continues to explore the scope of collaborative solutions to support institutions in their efforts around trusted research, developing an understanding of how standardisation, systems and support can raise the bar across the sector. We will share our findings early in 2023.
Sapna Marwaha is a lawyer, consultant and portfolio non-executive director. She is deputy chair of the Association of Research Managers and Administrators and a co-investigator on its project on due diligence in international research collaboration
A version of this article also appeared in Research Fortnight