Artboard 1Icon/UI/CalendarIcons/Ionic/Social/social-pinterestIcon/UI/Video-outline

Executive reporting an essential pillar of CoR compliance

26 April 2022

#Transport, Shipping & Logistics

Published by:

 Executive reporting an essential pillar of CoR compliance

The Heavy Vehicle National Law (HVNL) requires all parties in the Chain of Responsibility (CoR) to take all reasonably practicable steps to ensure the safety of their ‘transport activities’. ‘Transport activities’ include conduct such as consigning, packing, loading and receiving goods, and expressly consists of a party’s ‘business practices’. ‘Business practices’ are defined to include:

  1. CoR compliance policies and working procedures
  2. CoR compliance induction and ongoing education processes
  3. CoR compliance assurance contract terms in every supply chain contract
  4. CoR compliance assurance systems
  5. CoR compliance performance reporting for executive officers.

The latter two aren’t exclusively included in the definition, but are requirements of the primary duty and referred to in all of the main guidance material issued by the National Heavy Vehicle Regulator.

These practices are the ‘Big 5’. In this article, we focus on the fifth requirement – reporting for executives.

Executive reporting

Under the HVNL, executives (director and any person concerned in the management of a corporation, partner in a partnership and manager of an unincorporated association) have a proactive and positive duty to exercise due diligence to ensure their business complies with all of its CoR obligations.

The HVNL expressly sets out specific requirements for executive compliance. Mandatory positive executive due diligence will include (but is not limited to) taking reasonable steps to:

  • obtain and keep up to date knowledge about what the business is doing to ensure that its transport activities (see below) are safe
  • understand how and in what capacities the business engages in transport activities
  • understand the hazards and risks, including risks to the public, associated with the business’ engagement in transport activities
  • ensure the business has, and uses, appropriate resources to eliminate or minimise those hazards and risks
  • ensure the business has, and implements, processes:
    • to eliminate or minimise those hazards and risks
    • for receiving and considering information about those risk
    • for responding to information about those hazards and risk
    • for complying with the business’ duty to ensure, so far as is reasonably practicable, the safety of its transport activities and ensure it does not cause or encourage contravention of the HVNL.
  • check that the resources and processes referred to above are in fact being provided, used and implemented by the business, its management and staff and are effective in eliminating or minimising identified hazards and risks.

It is not feasible to expect executives to personally go out and obtain all of that knowledge and perform each of those compliance checks. However, for executives to be able to discharge their duty, they will largely depend on receiving information from others within their business. Without receiving such information, executives will not be able to discharge their duties.

Executive tips and tricks

Once a business has designed and implemented its CoR compliance management framework (e.g. policies, procedures, training/awareness program and contractual compliance clauses in procurement, contractor and customer contracts), the next step is for the business to measure and monitor compliance to ensure that the systems implemented are successfully ensuring safety.

For executives to discharge their duty at this point, they need to receive compliance performance reporting.

A common thread in CoR prosecutions is that there were either (i) no systems or checks in place, or (ii) information was being collected, but not properly analysed and acted upon.

Include the right information

Executives need the right information and only the right information. Anecdotal evidence suggests where there is any doubt about relevance, information is included and submitted to the executive. As a result, the executive ends up with pages of figures and tables, which they typically can’t properly assess in context, either in a reasonable time or at all.

Information overload must be avoided. It is just as bad to receive no information as it is to receive information and not be able to understand or act on it. Therefore, executive reporting must be targeted only to meaningful information so that it is not lost amongst the crowd.

Report safety measures, occurrences and incidents, not dollars

Anecdotal evidence suggests that the majority of executive reporting is comprised of financial reporting measures. These are unlikely to give any advance insight into CoR compliance and performance on a day-to-day basis. At best, financial information might reveal the totality of fines or penalties imposed after the event.

Be able to forecast non-compliance trends

CoR compliance reporting which is limited only to information on breaches and remedial action post-dates CoR breaches and only goes halfway to discharging this duty. Ideally, CoR compliance reporting should also be used to forecast non-compliance trends, so that compliance measures or further information, supervision and training can be put in place to prevent breaches from occurring.

Focus on the bad, not the good

CoR compliance reporting, especially at the executive level, is not a school awards night – participation or encouragement awards don’t count. The number of road movements that have been conducted without any compliance issues might deserve an accolade, but does little to assist the identification of areas of concern where more focus and action are needed. CoR compliance reporting should mainly be exception or non-conformance based, to focus attention on potential or actual compliance problems.

What should be reported?

For each CoR compliance component, the most meaningful report is the number and severity of breaches that have occurred. Breaches slipping through the cracks are the things that most need to be addressed. These incidents suggest defective compliance management, training or implementation.

After that, it is also important to know the level of incidents that are still arising but are, thankfully, being picked up before a truck hits the road – that is, the number of CoR near-misses. These incidents suggest that system and process design is not eliminating incidents at the source, or training on how to conduct processes is not effective, but at least final checks and balances are detecting and remedying problems.

Finally, some general CoR compliance system ‘health check’ information is useful. For example, confirmation that all supply chain contracts have mandatory CoR compliance clauses included, confirmation that all CoR-facing employees and contractors have been properly inducted and received any scheduled refresher training, etc.

However, reporting those figures in a vacuum is of little benefit. The executive needs some further context. For example, how do the compliance reporting figures this period compare to those of the last period and/or the 12-month average? Are problems more frequently arising in relation to one area of CoR than others? Are detected breaches the fault of the business, or are they arising from the activities of suppliers or contractors? This kind of contextual and trend reporting is essential for the executive to be able to determine the source of any problem and/or any unusual spikes in non-compliance and get on the front foot.

The biggest pitfall in executive reporting

Executive reporting statistics are not merely points of interest. Depending on what the figures show, the executive will be called on actually to do something (or ensure that something is done) to address this information.

The biggest pitfall is treating the compliance performance figures as ‘for noting’. They are not ‘for noting’, they are ‘for assessment and action’. Where the performance measures indicate a problem, the executive must either develop and implement a response plan, or ensure that their compliance team is doing so.


Executive reporting is one of the essential five pillars of CoR compliance. Without it, the executive won’t be doing their job or discharging their duties. Thankfully, businesses can easily put some relatively straightforward reporting metrics together to ensure that the executive is armed with the necessary information to keep the company and themselves out of trouble.

Author: Nathan Cecil

  • This article was originally published in CoR Adviser. The article is © 2022 Portner Press Publishing Pty Ltd and has been reproduced with permission of Portner Press.

The information in this article is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, we do not guarantee that the information in this article is accurate at the date it is received or that it will continue to be accurate in the future.

Published by:

Share this