Jeanne Clery

The Clery Act – Costs of Noncompliance

Christine L. Peterson, CPP, ISPCompliance, Security Assessment

Jeanne Clery

Photo obtained from

The Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act, 20 U.S.C. § 1092(f)(2011), is a federal statute requiring colleges and universities participating in federal financial aid programs to maintain and disclose campus crime statistics and security information. The U.S. Department of Education conducts reviews to evaluate an institution’s compliance with Clery Act requirements. A review may be initiated when a complaint is received, a media event raises certain concerns, the school’s independent audit identifies serious noncompliance, or through a review selection process that may also coincide with state reviews performed by the FBI’s Criminal Justice Information Service (CJIS) Audit Unit.

The shooting and death of 32 students and faculty on the campus of Virginia Tech served as a stark reminder of the seriousness with which the Department of Education views the Clery Act. In March 2011, the Department of Education fined Virginia Tech $55,000 for failing to follow its stated policies regarding the issuance of timely warnings. This is particularly noteworthy because Virginia Tech had and generally followed a fairly well-developed crisis communication plan. Nevertheless, because it failed to follow its procedures to the letter, it was found to have violated the Clery Act.

It was also cited for failure to issue a timely warning in response to the first two shootings at West Ambler Johnston residence hall. This is also noteworthy because, according to Department of Education’s findings, the first officers arrived on scene at West Ambler Johnston residence hall at 7:24 a.m. Less than one hour later, the university’s policy group convened to determine how to notify the university community. Practically speaking, the effort to gather the pertinent facts and assemble the advisory group on less than one hour’s notice was nothing short of monumental. Nevertheless, it was ultimately deemed deficient.

As imposing as the fine against Virginia Tech may be, it is far from the largest sanction ever imposed. Clery authorizes the assessment of fines of up to $35,000 per violation. (Penalties increased from $27,500 per violation to $35,000 per violation in 2012.) In 2004, Department of Education handed down a then-record setting penalty of $250,000 against Salem International University for under-reporting campus crime over a two year period. Three years later, Department of Education set a new record when it issued a $375,000 penalty against Eastern Michigan University.

The goal of Clery compliance is not simply to follow the rules to avoid fines, but to help people stay informed and safe.

Collectively, this statutory and regulatory scheme, commonly referred to as “The Clery Act,” imposes a number of disclosure requirements on postsecondary education institutions. These requirements generally fall into three main categories: (1) the Clery crime statistics and security-related policy requirements, which must be met by all institutions; (2) the Clery crime log requirement, for institutions with campus police or security departments; and (3) the HEOA missing student notification and fire safety requirements, for institutions that have at least one on-campus student housing facility. While these laws permit a certain degree of flexibility in the manner in which compliance is achieved, the requirement for complete and timely compliance is absolute. As already stated, failure to do so can result in civil penalties of up to $35,000 per violation for substantial misrepresentations of the number, location, or nature of crimes required to be reported, or for violation of any other safety- and security-related provision of the HEA.

Since 1988, Risk Management Associates has been a security advocate for businesses and agencies including colleges and universities across the country. The Clery Act is a critical piece of the security program of all colleges and universities, and yet even after the tragic events at Virginia Tech, Penn State, Yale, and many other institutions of higher learning, too often there is a lot of misunderstanding and misdirected efforts with regard to Clery Act compliance. Why is this, and what can be done to improve the effectiveness of security programs and Clery Act compliance at colleges and universities? This is the million dollar question. There are two very diverse elements of any successful security program that we believe are at play in these cases.

First, security programs protect people and assets from deliberate actions of other people. The Clery Act in its most very basic terms is an effort to provide college students and their families with intelligence to make the best college choice by providing information about security. This includes specified security and communication policy disclosures and in some cases crime logs, missing student notification information, and fire safety information. However this is just the beginning. Because the application of the requirements of the Clery Act is dynamic, the mechanisms used to collect and publish data are constant and require an equal if not greater effort to ensure compliance. This requires the college or university to acknowledge and address security issues and ideally create some form of a comprehensive security program.

Second, a successful security program starts at the top of any organization where the resources are available to set the tone, communicate the messaging to all stakeholders, and provide the resources that will be required for success. Too often, administrators may not understand the criticality of Clery Act compliance to the college in the form of the protection of human assets, reputation, and federal funding. Unlike many compliance areas, Clery Act compliance requires a concerted effort and resources that supersede silos and departments and requires buy-in by all stakeholders. Later in this article, we will talk about some of the fines that have been assessed for non-compliance. Monetary fines are important, but the real cost is in the unnecessary or avoidable human costs, reputation, and lost enrollment that is the repercussion of a lapse in the safeguards put in place by the Clery Act.

Human Costs

Consider the case of Liberty University. On Feb. 20, 2005, a female student reported to the Liberty University Police Department (LUPD) that she had been sexually assaulted on February 12 and 13. On March 28, Liberty issued trespassing papers to one of the assailants, indicating that the University believed that there was a possible threat to the campus community; however, Liberty University did not issue a warning to the campus community about that danger. On April 13, a female student was attacked by three males in the same general area as the assault in February. She reported the attack to LUPD on April 13 and provided a written statement on April 18. Still, no campus warning was issued. In May 2005, a student reported to the LUPD that she had been gang-raped. As part of the review, Liberty did not provide any evidence that a timely warning was considered or issued with regard to the alleged May 2005 sexual assault.

According to the fine letter issued by the Department of Education, “it is essential to students, employees, and the public that institutions provide timely warnings as frequently and systematically as needed to ensure the safety and well-being of the campus community.”

Another example is Notre Dame College of Ohio. On Oct. 10, 2005, a female student sent a letter to the Dean of Student Development stating that she had been sexually assaulted in her dorm room four weeks earlier. The Dean met with the student a few days later, and the student stated that she was reluctant to have the incident reported to her parents, the police, or other school officials. Less than a month later on October 31, a second female student reported to the Dean that she had been sexually assaulted in her dorm room three days earlier. She also requested that no legal or judicial action should be taken and her parents should not be informed.

At the time, Notre Dame did not have a policy for deciding whether to issue a timely warning or standards for when a timely warning should be issued. As a campus security authority, the Dean determined that no timely campus warning was required because the incidents did not represent a threat. On November 23, the Dean verbally notified the Police/Security Department about the two reported sexual assaults and followed up with a written notification on November 28. On December 12 and December 14, the two students separately contacted the Police/Security Department and identified their assailants. A warning was issued on December 13, nine weeks after the first incident was reported to campus authorities. After the warning, four additional complaints against the suspect were brought forward.

The assessment by the Department of Education found that “the occurrence of two similar crimes within a short period of time was certainly evidence that the crimes were a threat to students and employees. It was very clear that members of the campus community needed to take precaution and protect themselves.”

Could additional incidents have been prevented if a timely warning had been issued and if the information had been made public? What was the cost of not providing a timely warning?

Financial Costs

In the past five years (2008-2012), the following colleges and universities were fined for noncompliance with the Clery Act.

  • Dominican College of Blauvelt (2012) $262,500
  • University of Texas at Arlington (2011) $82,500
  • University of North Dakota (2011) $115,000
  • Yale University (2011) $155,000
  • University of Vermont (2011) $65,000
  • University of Northern Iowa (2011) $110,000
  • Washington State University (2011) $82,500
  • Virginia Tech (2010) $55,000
  • Liberty University (2010) $165,000
  • Notre Dame College of Ohio (2010) $165,000
  • Wesley College (2010) $60,000
  • Schreiner University (2009) $55,000
  • Tarleton State University (2009) $137,500
  • Paul Smith’s College of Arts & Sciences (2008) $260,000

Fines were imposed for:

  • Failure to have a timely warning policy
  • Failure to issue a timely warning
  • Failure to include in the ASR a statement of current policies encouraging pastoral and professional counselors about procedures for reporting crimes confidentially
  • Failure to include in the ASR a statement advising the campus community where information concerning registered sex offenders may be obtained
  • Failure to include in the ASR a statement of current campus policies for reporting criminal actions or emergencies on campus
  • Failure to include in the ASR a statement of policy regarding sexual assault programs
  • Failure to include in the ASR a statement that the accuser and the accused are entitled to have others present during a disciplinary proceeding
  • Failure to include in the ASR complete and adequate policy statements
  • Failure to maintain an accurate and complete crime log
  • Failure to open the crime log to a student journalist
  • Failure to properly classify, compile, and disclose crime statistics
  • Failure to properly classify and report an incident
  • Failure to properly define the geographic boundaries for non-campus property
  • Failure to properly distribute the Annual Security Report
  • Failure to report disciplinary actions
  • Failure to report accurate crime statistics
  • Failure to report incidents
  • Lack of administrative capacity


In closing, it is important to understand that the Jeanne Clery Act is here to stay. Over the next twelve to twenty-four months, we expect to see additional legislation and requirements added to it. One area that we will see this legislation focus will be Title IX compliance that will focus on the athletic programs within the colleges and universities. DOE is also expected to raise the level of scrutiny at colleges who rely on internal audits and investigations with regards to their compliance programs because of the self-serving aspect of self-compliance and may require that colleges seek outside consultants to perform the administrative investigations. In addition, colleges and universities are being held to a higher standard of care due to past events that have put us all on notice that the threats are real and if the past is the best predictor of the future will occur again. This requires that colleges and universities have in place – or can show that they are putting in place – a comprehensive security program. By complying with the requirements of the Clery Act, colleges and universities are putting in place many of the elements of a comprehensive security plan that is necessary to protect their human and repetitional assets which are the foundations of any institution of education. Failure to do so exposes the institution to substantial monetary penalties as well as the loss of critical assets including the trust of their stakeholders.

Plan. Protect. Prosper.

Protus3 specializes in security system design, security consulting, corporate investigations and other investigative services. Partner with Protus3 and we will examine each situation to identify threats and develop solutions for your best outcome.

919-834-8584 or 800-775-8584