ScotEng Blog: Compliance and Regulatory Assurance – A necessary evil, or a way to add value to your business and balance sheet?


Author

Richard Hoyle BEng (Hons) CEng MIMMM MSOE MBES, Senior Consultant
Finch Consulting

5 minute read

 

Compliance and regulatory assurance are often misunderstood, with many organizations treating compliance as a box-ticking exercise. While compliance is legally necessary, assurance goes beyond that to ensure the ongoing safety of employees, equipment, and the workplace. This distinction is critical for duty holders and business owners who are responsible for maintaining a safe work environment, lean process management and cost saving asset management.

The Challenge with Compliance
Compliance often gets a bad reputation. It’s typically seen as something to be achieved once and then assigned to the shelf and forgotten. Many organizations fulfil their legal obligations, file the necessary paperwork, and assume they are covered. This approach, while meeting the minimum legal standard, can leave businesses exposed to significant risk.

Compliance, much like obeying a speed limit, is about adhering to specific rules and regulations at a given point in time. It’s a legal requirement that ensures equipment, processes, and practices meet a set of standards. However, compliance alone is insufficient to guarantee long-term safety. For example, a thorough examination of equipment under regulations like the Lifting Operations and Lifting Equipment Regulations (LOLER) ensures compliance at the time of inspection, but it doesn’t mean that equipment will remain safe without ongoing planned maintenance and pre-use inspections.

The Importance of Assurance
Assurance takes a more proactive, continuous approach. It involves the regular evaluation of equipment, policies, procedures, and safety practices. Unlike compliance, which is often about passing an inspection or audit, assurance is about consistently maintaining safety standards and demonstrating competence.  It also demands buy-in from employees to CEOs and ownership of taking steps to report, assess, solve and mitigate the risk, as best as is reasonably practicable.

Think of it like a vehicle’s MOT test. Passing the MOT confirms that a car is roadworthy at the time of the test. However, that doesn’t mean the car will remain roadworthy for the entire year until the next test. If wear and tear or mechanical issues arise, the vehicle could become unsafe, even though it technically passed the MOT. Similarly, work equipment can pass an inspection but become unsafe if it isn’t regularly checked and maintained.

Without assurance, compliance can quickly become irrelevant. A compliance certificate may look good on paper, but if the equipment or processes deteriorate over time, it won’t protect a business from incidents or legal consequences.

Compliance vs Assurance in Practice
While compliance with workplace safety laws, such as the Health and Safety at Work Act 1974 (HSWA), is mandatory, it’s only part of the story. These laws aim not just to ensure compliance but to keep people safe. Regulations like the Provision and Use of Work Equipment Regulations 1998 (PUWER) and the Supply of Machinery (Safety) Regulations 2008 require businesses to maintain ongoing safety standards.  Understanding these regulations can knit into a company’s policy on asset management, process management, procurement as well as other less well thought of aspects, such as Occupational Health (noise, vibration, respiratory, ergonomics).

If a business relies solely on compliance to meet its legal obligations, it’s taking a risk. Imagine that equipment passes a regulatory inspection, but six months later it fails, causing an incident. The organisation might still be held liable if it didn’t take reasonable steps to maintain that equipment or address potential hazards. Compliance is a snapshot in time, not a guarantee of future safety.

UK regulations and Approved Codes of Practice (ACOPs) provide detailed guidance on ensuring workplace safety. These regulations are legally binding, and every business has a duty to protect not only its employees but also contractors, visitors, and members of the public who could be affected by their operations. Compliance with these regulations is essential, but it should be seen as a foundation. Assurance is what ensures that safety standards are maintained over time.

Practical Steps for Business Owners and Duty Holders
To meet legal responsibilities, there are several steps businesses should take:

  1. Develop Robust Policies and Procedures – It’s essential to have clear, up-to-date policies in place. These should be reviewed regularly and updated to reflect any changes in operations, equipment, or regulations.
  2. Conduct Regular Risk Assessments – Under the Management of Health and Safety at Work Regulations 1999, businesses must assess both work activities and equipment to identify and mitigate potential risks. These assessments should be documented and revisited regularly to ensure they remain current.
  3. Maintain Work Equipment – Equipment must be regularly inspected and maintained according to its usage, the environment it operates in, and the manufacturer’s instructions. Regulations like LOLER, PUWER, and the Pressure Systems Safety Regulations (PSSR) outline specific inspection and maintenance requirements, but businesses can go beyond these to ensure ongoing safety.
  4. Work with Thorough Examination Providers – Regular equipment examinations are necessary but should not be viewed as a permanent seal of approval. Like an MOT, they are only valid for a set period, and risks must be managed in the interim. Developing a professional relationship with Thorough Examination providers will keep the equipment in compliance date and enhance communications for reporting issues early.
  5. Documentation and Communication – It’s critical to keep thorough, detailed records of all safety actions, maintenance records, inspections, and procedures. These records must be regularly updated and communicated to employees through training sessions, toolbox talks, and regular briefings. Everyone involved needs to understand their role in maintaining safety.

The aim is to prevent incidents and minimise risks. However, if an incident does occur, businesses must be able to demonstrate that they have taken all reasonable steps to ensure safety. High quality documentation of policies, procedures, inspections, and training will help provide this evidence.

Assurance: Going Beyond Compliance
Compliance is important, but it’s only part of the puzzle. Assurance is the key to maintaining safety over time. By continuously evaluating and improving processes, businesses can ensure they meet not just legal requirements but also the practical needs of a safe work environment. Maintaining assurance helps protect employees, customers, and the public, while also safeguarding the business from legal consequences.  It also improves performance with process and asset management key to building in efficiency and future proofing against unexpected expenditure – ultimately protecting the profitability of the business.

In short, compliance may help a business pass an audit, but assurance ensures long-term safety, reducing the risk of incidents and improving overall operational performance.

Richard Hoyle is an Edinburgh based Chartered Engineer with twenty years of experience in consulting and forensic engineering, including expert witness work across the UK and as far as Bermuda. He also has eight years of conducting thorough statutory examinations of lifting equipment under the Lifting Operations and Lifting Equipment Regulations (LOLER), from 1000 tonne cranes and passenger goods lifts to wind turbine equipment, and pressure vessels under the Pressure Safety Systems regulations (PSSR).  With Finch, he is heavily involved with bringing a vast array of businesses into compliance with the Provision and Use of Work Equipment Regulations (PUWER), and the manufacturing sector comply with the Supply of Machinery (Safety) Regulations.

Finch Consulting – Are a UK based SME consultancy originally born out of the mining industry (which they are still involved in), specialising in process management/safety, asset management and health and safety management across a range of industries, from food and drink processing plants to heavy industry.  They also have expertise in compliance conformity (CE marking), functional safety, risk management and auditing, with specialists in Occupational Hygiene/Health and ATEX/DSEAR.

As the Scotland based representative for Finch, Richard is available for a free health check to discuss any aspects that you think you might need assistance with.

 

Richard Hoyle
Finch Consulting
+44(0) 7912270654
+44(0)131 357223
richard.hoyle@finch-consulting.com