Skip to content
All governance documents

User and Platform Governance

Malpractice and Misuse Policy

Version
1.1
Status
Live
Effective Date
13 July 2026
Review Date
13 July 2027
Policy Owner
Compliance and Accreditation Lead
Approved By
Chief Executive Officer

1. Purpose and Scope

1.1 Purpose

This policy establishes Qualitect Ltd's approach to preventing, detecting, investigating and addressing and of the Qualitect platform. It protects the integrity of the platform, the content generated through it and the that underpins the compliance value Qualitect provides. This policy is consistent with the requirements of ISO 9001 for documented processes governing nonconformity and corrective action. Qualitect is working towards formal accreditation against ISO standards relevant to its operations. References to ISO alignment describe the framework adopted and do not indicate current certification.

1.2 Scope

This policy applies to all users of the Qualitect platform and to all activities conducted through it.

2. Definitions

Malpractice means any deliberate act or practice that compromises or could compromise the integrity of the Qualitect platform, the qualification content generated through it or the audit trail that records platform activity. This includes but is not limited to:

  • Misrepresentation: submitting AI- as entirely human-authored in contexts where this would be misleading or fraudulent.
  • Impersonation: accessing the platform or submitting work under another person's credentials.
  • Bribery or corruption: offering, giving, requesting or receiving anything of value to influence platform decisions or outputs inappropriately.
  • Breach of platform security: unauthorised access to, disclosure of or tampering with platform data, qualification content or audit records.

Misuse means any act or practice that violates the Acceptable Use Policy or compromises the intended operation of the platform. This includes but is not limited to:

  • AI misuse: using the platform's AI generation tools in ways that violate applicable law or Qualitect's Acceptable Use Policy. This includes generating content for purposes other than legitimate qualification design for educational purposes, using the platform to generate content that is illegal, harmful, discriminatory or intended to deceive, attempting to manipulate the generation engine to produce content that misrepresents the nature or validity of a qualification and using AI-generated content in contexts where its AI-assisted origin would be material and has not been disclosed.
  • Unauthorised access: accessing qualification content, compliance data or audit records belonging to another organisation or without authorisation.
  • Source material abuse: uploading or submitting source materials that are illegal, obtained without appropriate authorisation or in breach of applicable intellectual property law. This includes content that is illegal in the jurisdiction of the Platform User or in the United Kingdom, materials obtained without the permission of the rights holder, content that infringes copyright, database rights or other and materials uploaded with the intention of manipulating the generation engine to produce content for unlawful or harmful purposes.

3. Prevention

3.1 Platform Safeguards

All data is encrypted both when stored and when transmitted using AES-256 encryption at rest and 1.3 in transit, both industry-standard security protocols. Role-based access controls ensure Platform Users can only access content they are authorised to view or edit. The audit trail is stored in an that prevents modification or deletion of records. Automated monitoring systems flag unusual patterns of behaviour. All file uploads are scanned for malicious content and reviewed against Qualitect's content standards before becoming available. Uploads containing malicious code, illegal content or material that violates the Acceptable Use Policy or this policy are blocked and may trigger investigation.

3.2 Clear Communication of Expectations

All Platform Users are required to agree to the Acceptable Use Policy as a condition of platform access. This policy sits alongside the Acceptable Use Policy and provides the detailed procedures that apply when a breach occurs.

3.3 Training and Awareness

Qualitect provides onboarding guidance to all new Platform Users covering acceptable use, platform integrity requirements and their obligations under this policy.

4. Detection

4.1 Automated Monitoring

The platform's automated monitoring systems continuously analyse user activity, content uploads and access patterns to identify behaviour that may indicate malpractice or misuse.

4.2 User Reporting

Any person who becomes aware of suspected malpractice or misuse should report it promptly. Platform Users who report in good faith will not suffer any detriment as a result of making that report.

4.3 Quality Assurance Reviews

Qualitect's internal processes, described in the Quality Assurance Policy, include systematic review of platform outputs. Where these identify patterns that may indicate malpractice or misuse, these are escalated for investigation.

5. Reporting

Email: complaints@qualitect.co.uk with subject line "Malpractice Report" or "Misuse Report". Reports should include a clear description including dates, names or account details of individuals believed to be involved, supporting evidence and details of any previous concerns. Qualitect will acknowledge receipt within 2 working days.

6. Investigation

6.1 Initial Assessment

Upon receiving a report, Qualitect will conduct a preliminary within 5 working days. Where an immediate risk is identified, interim measures including temporary account suspension may be implemented.

6.2 Formal Investigation

Where a formal investigation is required, Qualitect will appoint an investigating officer with no direct involvement in the case. Investigations will normally be completed within 30 working days.

6.3 Standard of Evidence

Findings will be determined on the balance of probabilities. Documentary evidence and platform audit trail data will generally be given greater weight than witness testimony.

6.4 Investigation Report

A written report will be produced on completion including findings, evidence considered and recommendations for sanctions. The subject will be given the opportunity to respond before any sanction is applied.

7. Sanctions

Where malpractice or misuse is confirmed, Qualitect may apply one or more of the following proportionate sanctions: formal written warning, temporary suspension of platform access, permanent termination of platform access, referral to relevant regulatory or law enforcement authorities where required by law, civil or criminal legal proceedings where the breach constitutes fraud, a security violation or intellectual property infringement.

Where malpractice or misuse involves illegal content, materials obtained without authorisation or any activity that constitutes a criminal offence, permanent termination of platform access and referral to relevant regulatory or law enforcement authorities is mandatory.

8. Escalation Pathway

Where a Platform User disagrees with a decision reached under this policy, they should first raise a formal complaint through the Complaints Procedure. Where a Platform User remains dissatisfied with the outcome of that complaint, they may submit an appeal through the Appeals Procedure.

9. Regulatory Reporting

Where malpractice or misuse involves a potential breach of applicable law, Qualitect will report to relevant regulatory or law enforcement authorities as required. This includes reporting to the Information Commissioner's Office where a data protection breach is involved and to law enforcement authorities where criminal activity is suspected.

10. Record Keeping

Comprehensive records of all malpractice and misuse cases are retained for a minimum of seven years from the date of final resolution.

11. Roles and Responsibilities

The Compliance and Accreditation Lead has day-to-day responsibility for this policy and for overseeing the investigation process. The Development Team is responsible for maintaining technical safeguards. Platform Users are responsible for understanding and complying with this policy, reporting suspected malpractice or misuse and cooperating fully with any investigation.

Acceptable Use Policy, Complaints Procedure, Appeals Procedure, Quality Assurance Policy, Data Protection Policy, Information Security Policy, Conflicts of Interest Policy.

13. Contact Information

Reporting: complaints@qualitect.co.uk
General: hello@qualitect.co.uk
Registered office: Qualitect Limited, 32 Willoughby Road, London, N8 0JG
Trading address: 8a Stafford Street, London, W1S 4RU
Website: qualitect.co.uk