The Cambridge English Dictionary defines ‘compliance’ as “the act of obeying an order, rule, or request”. More specifically, it also encompasses adherence to a specified regimen or conformity in fulfilling official requirements, such as the law. Compliance is an obsession in the world of safety management. It pops up in every nook and cranny of a safety management system, be it compliance to company procedures and works instructions to compliance to safety training and compliance to the organization’s incident reporting system. Compliance is omnipotent – that is why it is apt to dub it the ‘C’ word. This brief article will deconstruct two of the most common (and potentially problematic) forms of compliance in safety management, namely legal compliance and system compliance.
Many managers and line managers galvanize their safety management systems by using legal compliance as their benchmark. This is easily understood – only a fool takes chances with the law and the full might thereof. No company or safety professional would wish to run afoul of OSHA or any state or local regulator. However, to use legal compliance as an ultimate benchmark in a safety management system is the epitome of foolhardiness. The key word here is ‘ultimate’. Making legislation and all regulations a benchmark for the performance of a safety management system is perfectly acceptable.
However, legal compliance should be a benchmark, not the benchmark. This is because legal compliance can only ever be the minimum standard for something as complex, multi-faceted and critically important as safety management. The law doesn’t always cover all issues and risks in the workplace, which is an inherent limitation of the law. The Financial Times had this to say about legal compliance in the financial sector: “The attempt to legislate and regulate people into good behavior has spawned a compliance culture rather than an ethical culture”. Is the same not true for safety and health legislation and regulations?
Google the words ‘compliance and safety’ and the proliferation of legal compliance-related articles and service offerings that the search produces is bewildering. Such is the proliferation of the legal compliance bias in safety management. That is problematic in that it reinforces the notion (read: myth) that legal compliance in safety management is the zenith of true compliance. As stated above, this is neither true nor risk-intelligent. It is in system compliance that a company is able to – and should – aim higher. At the heart of any worthwhile safety management is the actual management system itself, whatever the chosen system is, and with its many constituent parts. The safety and health policy is as systemically important as is the system’s chosen HIRA process as is the system’s incident reporting process. A management system that is vital and evolving is one that is organic, i.e. in which all constituent parts are interconnected and interdependent. That is why adherence to every constituent part of a management system is so critical to its ongoing viability. A lack of compliance to incident reporting processes, for example, will ultimately impact on an organization’s risk profile, not to mention stunt a sound safety culture.
Systemic compliance should be king in any organization’s safety management system. To make it subservient to legal compliance or any other type of ‘compliance’ (for example, fiscal compliance or compliance to shareholder demands) is to subvert the safety management system and render it compromised. Safety management can of course not occur in a sterile bubble unrelated to the realities of the organization. Safety management must remain contextual within the organization at all times. But safety compliance that is systemically focused is more likely to ensure a management system that can continuously improve the safety of all in the organization.