14 January 2020
In the 2003 Royal Commission into the failure of HIH Insurance, Justice Owen described ‘corporate governance’ as, “the framework of rules, relationships, systems and processes within and by which authority is exercised and controlled within corporations. It encompasses the mechanisms by which companies, and those in control, are held to account.” With the 2018 amendments to the Heavy Vechicle National Law (HVNL) introducing mandatory business practices and a shared safety duty, HVNL compliance is a major corporate governance issue for businesses in the supply chain.
Important: When considering safety, most businesses in the supply chain focus on the safety of their product, their people and their premises. Many such businesses don’t focus on the safety of their supply chains, assuming that supply chain safety is the responsibility of their suppliers and/or independent transport contractors.
A shared safety duty under the HVNL
It has been just over a year since the sweeping changes to the HVNL commenced on 1 October 2018. The Chief Executive of the National Heavy Vehicle Regulator (NHVR), Sal Petroccitto, described the changes as, “A significant leap forward in recognising that everyone in the heavy vehicle supply chain has a role to play in ensuring safety.”
The Chain of Responsibility (CoR) laws under the HVNL make each party in the supply chain responsible for their role in supply chain safety. Businesses can be in breach of the laws simply for failing to have business practices in place aimed at addressing CoR risks as part of their transport activities – without any need for an on-road incident to have occurred. Further, businesses in the supply chain can be held liable for on-road breaches of mass, dimension, load restraint, speed, fatigue and vehicle roadworthiness, to the extent that they perform any task or part of a task relating to those matters – and regardless of whether they own or operate a heavy vehicle.
The CoR laws require a new way of thinking about supply chain safety.
Businesses need to consider their role in a shared safety duty aimed at ensuring safe loads, safe drivers and safe vehicles. Likewise, executives of supply chain businesses have an independent duty to exercise due diligence to ensure that their business is doing the right thing.
Positive safety duties
With ongoing changes to the HVNL framework forecast, it is important to stay abreast of developments. Your business must continue to establish, implement and document business practices to ensure CoR compliance. As you would by now be aware, the most recent amendments to the HVNL require that all parties in the Chain take all reasonably practicable steps to ensure the safety of their ‘transport activities’.
Under the HVNL, executives (directors and any person concerned in the management of a corporation, partners in a partnership and managers of an unincorporated association) have a proactive and positive duty to exercise due diligence to ensure their business complies with all its CoR obligations.
The CoR parties have a positive obligation to ensure the safety of transport activities and not do anything that could cause a breach of road laws or the HVNL.
Businesses that do not take all reasonably practicable steps to ensure the safety of their transport activities, or that require or put undue pressure on other parties within the supply chain that requires, results in or encourages them to breach a relevant safety standard are routinely prosecuted and fined.
Caution: Penalties under the new HVNL have been dramatically increased. Maximum penalties are $3 million for corporations and $300,000 and up to five years in jail for executives.
Your business can be prosecuted if it fails to have in place business practices aimed at managing CoR risks relating to transport activities it performs (either solely or in in conjunction with another supply chain party).
Your business can also be investigated and prosecuted for failing to develop and implement business practices aimed at ensuring CoR compliance, without any need for an on-road incident to first occur as a catalyst.
Prosecutions and investigations have been brought in, among others, the construction, primary production, consumer products, landscaping, retail, waste and local government sectors.
In addition, courts can disqualify individuals from running a transport business or being in charge of any relevant ‘transport activity’ and make orders for businesses to be subject to a program of performance management and oversight by the regulators, called a ‘supervisory intervention order’.
CoR obligations can be breached in many ways and the most common mistakes that can create breaches of CoR compliance stem from:
A recap on the Big 5 mandatory business practices
We have previously outlined the ‘Big 5’ required business practices to get you acquainted with the legislative changes.
The ‘Big 5’ business practices include addressing CoR risks and compliance in:
Executives: How to meet your proactive and positive duty
Relevantly, it is worth repeating how executives can demonstrate compliance performance reporting.
Mandatory positive executive due diligence includes taking reasonable steps to:
It is not feasible to expect executives to personally go out and obtain the required information and perform all the compliance checks. For executives to be able to discharge their duty, they will largely rely on receiving information from others within their business. Without receiving such information, executives will not be able to discharge their duties.
CoR compliance reporting
Once your business has designed and implemented its CoR compliance management framework, you must measure and monitor compliance to ensure that the systems implemented are successfully ensuring safety. In order for executives to discharge their duty at this point, they need to receive compliance performance reporting.
Executives need the right information and only the right information. Anecdotal evidence suggests that, where there is any doubt about relevance, information is included and submitted to the executive. As a result, the executive ends up with pages of figures and tables, which they typically cannot properly assess in context, either in a reasonable time or at all.
What are the most important things to report?
The most meaningful report is the number and severity of breaches that have occurred. Breaches slipping through the cracks are the things that most need to be addressed. These incidents suggest defective compliance management, training or implementation.
It is also important to know the number of incidents that are still arising but are being picked up before a truck hits the road - that is, the number of CoR near misses. These incidents suggest either that system and process design is not eliminating incidents at the source, or that training on how to conduct processes is not effective, but that at least final checks and balances are detecting and remedying problems.
Some general CoR compliance system ‘health check’ information is useful. For example, confirming that all supply chain contracts have mandatory CoR compliance clauses included and that all CoR-facing employees and contractors have been properly inducted and have received any scheduled refresher training.
Author: Meshal Althobaiti
* A version of this article was originally published in CoR Adviser. This article is © 2019 Portner Press Pty Ltd and has been reproduced with permission of Portner Press.
The information in this publication is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, we do not guarantee that the information in this newsletter is accurate at the date it is received or that it will continue to be accurate in the future.