Preventing Corporate Accidents: An Ethical Approach

  • 67 582 4
  • Like this paper and download? You can publish your own PDF file online for free in a few minutes! Sign Up

Preventing Corporate Accidents: An Ethical Approach

Preventing Corporate Accidents Dedication The author dedicates this book to 28 colleagues who died as a result of the

1,011 241 2MB

Pages 371 Page size 335 x 503 pts Year 2008

Report DMCA / Copyright

DOWNLOAD FILE

Recommend Papers

File loading please wait...
Citation preview

Preventing Corporate Accidents

Dedication The author dedicates this book to 28 colleagues who died as a result of the explosion at the Nypro Chemical Plant at Flixborough, Lincolnshire, UK on 1st June 1974 and to all those injured, bereaved or in any way affected by the tragedy at the time and since. The book is written in the hope that it will contribute in a small way to the prevention of such accidents in the future.

Preventing Corporate Accidents An Ethical Approach R.B. Whittingham

AMSTERDAM • BOSTON • HEIDELBERG • LONDON • NEW YORK • OXFORD PARIS • SAN DIEGO • SAN FRANCISCO • SINGAPORE • SYDNEY • TOKYO Butterworth-Heinemann is an imprint of Elsevier

Butterworth-Heinemann is an imprint of Elsevier Linacre House, Jordan Hill, Oxford OX2 8DP, UK 30 Corporate Drive, Suite 400, Burlington, MA 01803, USA First edition 2008 Copyright  2008, R.B. Whittingham. Published by Elsevier Ltd. All rights reserved The right of R.B. Whittingham to be identified as the authors of this work has been asserted in accordance with the Copyright, Designs and Patents Act 1988 No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means electronic, mechanical, photocopying, recording or otherwise without the prior written permission of the publisher Permissions may be sought directly from Elsevier’s Science & Technology Rights Department in Oxford, UK: phone (+44) (0) 1865 843830; fax (+44) (0) 1865 853333; email: [email protected]. Alternatively you can submit your request online by visiting the Elsevier web site at http://elsevier.com/locate/permissions, and selecting Obtaining permission to use Elsevier material Notice No responsibility is assumed by the publisher for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions or ideas contained in the material herein. Because of rapid advances in the medical sciences, in particular, independent verification of diagnoses and drug dosages should be made British Library Cataloguing in Publication Data A catalogue record for this book is available from the British Library Library of Congress Cataloging-in-Publication Data A catalog record for this book is availabe from the Library of Congress ISBN: 978-0-7506-8062-2 For information on all Butterworth-Heinemann publications visit our web site at books.elsevier.com Printed and bound in U.K. 08 09 10

10 9 8

7 6 5 4

3 2 1

Working together to grow libraries in developing countries www.elsevier.com | www.bookaid.org | www.sabre.org

Contents Preface Part I

ix Companies at risk

Introduction to Part I

1 3

1

Management error Introduction Human error The corporate environment An ethical approach Afternote References

7 7 9 14 16 17 18

2

The corporate entity Introduction Corporate origins Corporate characteristics Corporate accountability Corporate manslaughter Critique of legislation Conclusion References

19 19 20 22 28 33 45 48 49

3

Corporate ethics Introduction Ethics Ethics and the law Individual ethics Corporate ethical behaviour The influence of human actors Managerial and professional ethics Conclusion References

50 50 51 53 58 61 64 68 72 75

Part II

Strategies to prevent corporate accidents

Introduction to Part II

77 79

vi

Contents 4

Safety culture Introduction Culture Organizational culture Safety culture Changing the safety culture Case studies References

83 83 84 89 98 107 111 114

5

Understand the risk Introduction What is risk? Expressions of risk Risk assessment Risk perception Case studies References

116 116 117 120 128 137 141 142

6

Safety regulation Introduction Historical background Safety regulation in the UK Risk acceptance criteria The ALARP principle Reducing the regulatory burden Case studies References

144 144 145 147 154 158 164 170 173

7

Safety management Introduction Regulatory and standard setting approaches to safety management Auditing approaches to safety management Behaviour-based approach to safety management Analytical approaches to safety management A systems approach to managing safety Case studies References

176 176 178 185 190 197 198 206 208

8

The learning organization Introduction Organizational learning Learning from accidents Building a just culture Information disclosure Case studies in failures of organizational learning References

209 209 210 215 230 234 243 246

Contents 9

Corporate social responsibility Introduction Corporate ethical policy Corporate citizenship Corporate structure models Corporate social responsibility Case studies References

248 248 250 255 256 266 273 274

Conclusions Summary Part I: Companies at risk Part II: Strategies to prevent corporate accidents Case studies A better way forward? References

276 276 277 281 285 287 288

Appendix 1 Case studies in corporate manslaughter Introduction A1.1 The capsize of the Herald of Free Enterprise A1.2 The Southall rail accident References Disclaimer

289 289 290 298 307 307

Appendix 2 Case studies in corporate accidents Introduction A2.1 The loss of the space shuttle Columbia A2.2 The Davis-Besse nuclear power plant incident A2.3 The fire and explosion at the Conoco-Phillips Humber oil refinery A2.4 Children’s heart surgery at the Bristol Royal Infirmary, 1984--1995 A2.5 The Tokai-Mura criticality accident A2.6 The disposal of the Brent Spar oil storage facility A2.7 The Tylenol incident, Chicago, Illinois, USA, 1982 References

308 308 309 314

Appendix 3 Safety management tables Reference

346 351

Index

353

10

318 323 330 338 342 344

vii

This page intentionally left blank

Preface The idea of writing a book about corporate accidents followed completion of my previous book, which addressed the complex subject of ‘human error’ and its role in accident causation. The importance of the subject was underlined by the fact that according to the UK Health and Safety Regulator around 80 per cent of accidents are caused by human error. But when my last book was completed there still seemed to be unfinished business. I was particularly concerned with the part played by the corporate environment in causing (or preventing) accidents, an aspect which was outside the scope of my previous book. I therefore decided to investigate the subject of corporate responsibility for health, safety and environment and in particular the failures of corporate systems which have led in the past to serious accidents often involving many fatalities. The objective is to draw attention to the elements of these higher level systems which are essential to accident prevention in the hope that companies may be able to recognize and correct any deficiencies or improve their existing systems. It turned out that the subject matter is more related to legal, sociological and organizational studies than to engineering, psychology and ergonomics, the disciplines most relevant to my last book and with which most human factors practitioners are familiar. In the first part of the book I have dealt with subjects such as the nature of the corporation and how the legal concept of ‘corporate personhood’ is acted out by various stakeholders in order to fulfil the necessary responsibilities for accident prevention. The book also enters the difficult and sometimes controversial area of corporate ethics and later in the book it is shown how this is an important aspect of preventing corporate accidents. In the second part of the book I have selected six corporate systems which, I believe, when properly addressed, comprise important strategies to prevent corporate accidents. In the process I have tried to identify what I believe are the most important elements of these systems regarding accident prevention. The choice of these corporate systems is supported by a number of detailed historical accident case studies described in appendices. If this book can go some way towards assisting companies and their directors, senior managers and safety experts to reduce the chance of a serious corporate accident then it will have fulfilled its purpose.

This page intentionally left blank

I

Companies at risk

This page intentionally left blank

Introduction to Part I

This book has been conveniently divided into two parts. Part II identifies the essential features of a number of critical corporate systems which, if not fit for purpose, may lead to a serious accident involving harm to people or the environment. The accident case studies included in the appendices at the end of the book bear powerful witness to the tragic consequences of such corporate failures. The lessons to be drawn from these case studies help to ensure that this text is grounded in reality and not overreliant on theory. Part II can be classed as the more ‘strategic’ section of the book since, drawing on the experience of the author and many other quoted sources, it describes the strategies which a corporation must employ to prevent a ‘corporate accident’, as defined in Chapter 1. Part I of the book is more foundational in that it prepares the ground for Part II by exploring some issues pertinent to the strategies for preventing corporate accidents. The role of human error in accident causation is an important and continuous theme in the book, but is examined here at corporate level rather than at the more usual level of workplace activities. Consequently, the first chapter examines the nature of ‘management error’ (as a subset of ‘human error’) and explores how it can lead to serious accidents, the root cause of which may often be found in defective corporate systems. Part I also examines the concept of the corporation in its historical evolution from the partnership or small ‘hands-on’ family business to the larger businesses owned by individual stockholders, who generally took little active part in the enterprise. This business model was the main basis of trade from the beginning of the twentieth century, but gradually evolved owing to economies of scale and through mergers and acquisitions into the huge international corporations which have come to dominate the world of commerce today. In this model, ownership is usually institutional or corporate rather than individual and this has led to an even greater separation between ownership and control. The effect of this separation, together with the principle of limited liability, has led to a situation where any philanthropic

4

Companies at risk instinct or sense of moral duty which owners might have displayed in the past has become largely subservient to the claims of profit and share price. The basic structure of the corporation is explored, including the curious and elusive legal fiction of ‘corporate personhood’. This is a device which enables the corporation to be treated as an artificial person under the law so that it becomes something other than an inanimate entity – a corporate body. This legal device allows the corporation to interact more effectively with other corporations, with government and with society at large. Also examined here are the underlying economic theories which have led to modern corporatism and to a large degree have determined its impact upon society both for good and for bad. Part I starts from the premise that the main reason for the existence of a corporation, apart from meeting the need of society for goods and services, is to generate a profit and increase the value of the company’s stock for its owners. It is well known that the profit motive can easily come into conflict with the legitimate expectations of society regarding corporate behaviour and the requirement to limit the potential harm that the company can cause to people and the environment. One of the ways in which this conflict is triggered is through the mechanism of ‘cost externalization’. This is a corporate ‘reflex’ which tries to maximize profits at the expense of uninvolved third parties. It was identified by the economist Milton Friedman, the Nobel Prize winner and guru of neo-classical economic theory in the 1980s. This mechanism is fundamental to the theme of this book and is described in more detail in Chapter 2. Government controls and regulation are the counter-mechanism by which the worst excesses of corporatism are contained. However, the book maintains that legal compliance defines only minimum standards of corporate behaviour. This is because modern economic theory dictates that excessive government control limits entrepreneurial initiative and technological development. Over zealous regulation of business therefore needs to be avoided if corporatism is to deliver its full potential to the society it serves. The development of the modern corporation has produced huge benefits for society, but the process is always in danger of being overshadowed by a potential for societal harm. This has not gone unnoticed by the public, who now not only display a greater level of awareness about corporate failure but also have a greater aversion to unnecessary risk exposure. In the age of the internet and 24/7 media coverage, the glare of publicity which now illuminates corporate failure has resulted in a general raising of the expectations of society regarding corporate standards. Whenever there is a serious corporate accident involving major loss of life it stimulates an increased public desire for greater safety and justice for those who have been harmed by the accident. The result is often that government, responding to public concern, is prompted to take immediate action. Any serious mismatch between public expectation and corporate performance eventually leads to additional curbs being placed upon industry which may not always be proportionate to the actual risks being generated. In some cases, however, government action is justified and this has been demonstrated in recent decades by some prominent corporate manslaughter cases brought against large companies in the UK who failed in their duty to protect the public. When these prosecutions collapsed (for legal reasons which are outlined

Introduction to Part I in a later chapter and in Appendix 1) there were strident demands for errant companies to answer properly for their failures in a court of law. The result was the Corporate Manslaughter and Corporate Homicide Act 2007, in force from 2008, which aims to ensure that companies are successfully prosecuted and subject to appropriate penalties when they have been grossly negligent and society’s interests have been harmed. Apart from charges of corporate manslaughter, companies can be prosecuted under a wide range of other legislation varying from the Companies Act in the case of financial malfeasance to the Health and Safety at Work etc Act 1974, for industrial fatalities and injuries. Just as companies are increasingly held liable for the external consequences of the risks they generate, so the companies themselves are at risk from the sanctions that society will impose if a mistake is made; hence the title of Part I of this book, ‘Companies at risk’. These risks include not only heavy fines but also, more importantly, loss of corporate reputation, which can seriously damage customer confidence and sometimes threaten the very existence of the company. Senior company personnel face similar but more personal risks such as loss of freedom and career when they become implicated in a corporate failure to protect people and the environment. Whilst government regulation, particularly in the realm of health, safety and the environment, will always be necessary (and, indeed, compliance with regulation is a corporate strategy defined later in the book), it is suggested here that compliance alone is no guarantee of responsible corporate behaviour. This book suggests that if the modern corporation is to limit its own exposure to risk it needs not only to take account of its strict legal responsibilities, but also to subscribe to ethical policies which constitute a safety margin between normal and illegal operation. The final chapter of Part I introduces the complex, and in today’s world increasingly relevant, subject of corporate ethics and how failures in ethical practice can easily stray into illegality. The ethical approach which stems from this chapter permeates the whole book. It is taken up in more detail in Part II, where it is shown how the modern company must, if it is to retain the trust and support of its stakeholders and customers, be prepared to take its rightful place alongside them as a responsible ‘citizen’ of society. This not only is necessary to minimize the detrimental effects arising from its operations (a rather negative motivation), but also will help to guarantee future business success; it has been well demonstrated that safe and responsible companies are also successful companies.

5

This page intentionally left blank

1

Management error As we move towards the 21st century there is an ever-increasing awareness and expectation of the duties and responsibilities of large corporations in matters of health and safety. It is a sad fact that despite advances in modern technology from time to time major disasters occur. Often, perhaps more often than not, these are the result not of one isolated human error or technical failure, but a combination of several operating together. The corporation itself is in the best position to foresee and take steps to avoid such disasters, so why should it not be brought to book in the event of a culpable failure, so the argument runs. In one sense it can be through the strict requirements of the health and safety legislation. But a conviction does not carry the same stigma as a conviction for manslaughter and since one of the purposes of punishment is the emphatic denunciation by the community of the prohibited conduct as a crime, there is a compelling case for a company to be found guilty of manslaughter and punished accordingly when it is guilty of gross negligence that results in death. Mr Justice Scott Baker, Regina v Great Western Trains Company Ltd 1

Introduction The title of this book refers to a particular type of industrial accident which the author has termed ‘corporate accident’ and which, at the very start, needs to be defined. Although it is possible that this term has already been used outside the remit of this book, to the author’s knowledge ‘corporate accident’ does not have any standardized or accepted meaning and he is able to begin with a clean sheet! Obviously, the meaning of ‘corporate accident’ will become clearer as the book proceeds, but for introductory purposes, here is a very simple definition: A corporate accident is one whose ultimate root cause can be traced back to a failure of corporate systems. In writing the book, as during most of his career in accident prevention, the author has been particularly concerned with major industrial or other accidents having

8

Companies at risk severe consequence such as serious loss of life and/or asset damage. Such accidents have, in the past, tended to involve larger organizations whose operations pose a major hazard risk or some other kind of potential threat to their workforce and/or the public or environment if things go wrong. The book includes a number of case studies of corporate accidents, detailed descriptions of which are included in appendices and which are referred to extensively in the text. All these case studies happen to involve larger organizations and cover a wide range of industries as well as being international in their scope. The case studies include the US and Japanese nuclear industry, public transportation systems in the UK as well as accidents in the oil and gas, aerospace and medical sectors. They have been chosen because their root cause has been definitively established by others to be a failure of corporate systems reaching to the highest level of the organization. Sometimes, corporate accidents are so serious that they have led to a prosecution on perhaps the most serious charge that can be brought against a company, namely a charge of corporate manslaughter. When such prosecutions occur it is usually in relation to multiple-fatality accidents, particularly when members of the public have been killed, raising the level of society’s concern about safety in that particular sphere. It is natural, even if slightly sad, that the public aversion to multiple-fatality accidents is disproportionately greater than to single-fatality accidents which, in general, are much less newsworthy. The subject of societal versus individual risk and the perception of risk by the public is discussed in more detail in Chapter 5. The author does not wish to downplay in this book the seriousness of the many thousands of tragic accidents which occur every year resulting in single fatalities, serious injuries or occupational diseases. Some statistics about such accidents are included in Chapter 5 to illustrate the gravity of this problem. In the case of the more serious accidents, which are the main subject of this book, prosecutions for corporate manslaughter have in the past been quite rare. Certainly in the UK, where charges have been successfully brought and companies found guilty this has, in every single instance, involved small companies where a senior person in the company, such as a director, has been closely associated or identified with the activities leading to the accident. The very few prosecutions for corporate manslaughter brought against large companies have always failed because of the so-called ‘identification’ principle required under common law in the UK. This principle did not allow the corporate body to be charged with a common-law offence unless a person of sufficient seniority could be identified and who could also be prosecuted for manslaughter. The reasons for this are explored in Chapter 2 of the book, which commences with an explanation of the legal basis of the corporate entity. The subject of corporate liability under the law is dealt with in the same chapter, together with a comparison of a company’s vulnerability to manslaughter charges in various countries. It also explores the degree to which new corporate manslaughter legislation has brought about greater justice for those affected by a serious accident. When commencing this book the author assumed that just as the study of workplace error is important to accident prevention (since it has been shown that about 80 per cent of accidents are due to human error), in a similar way, ‘management error’ at the administrative level will be important to the prevention of accidents resulting

Management error from corporate failure. This initial assumption was largely borne out, but with some surprises. It was discovered that most managers, in an analogous way to workers at the shop-floor level, are often innocent victims of the systems which are imposed upon them and which they are obliged to follow. The main difference between ‘shopfloor errors’ and ‘management errors’ is the type of systems which govern the way work is carried out. This may be simplified to the distinction between ‘ergonomic’ systems in the case of shop-floor errors and ‘corporate’ systems in the case of management errors. This book therefore adopts a systemic approach to human error, as did the previous book.2 In this case it deals primarily with corporate system failure and how to prevent it. A basic knowledge of ‘human factors’ principles, particularly concerning the ways in which systemic human error occurs, is essential for an understanding of this book. For those not familiar with these concepts, some basic principles are set out in the next section. At the level of workplace tasks, safe and effective working is highly dependent upon the ergonomics of the systems of work, using the term ‘ergonomics’ in its widest sense. This would include working instructions and procedures which define closely and often rigidly how the work is to be carried out, the training and experience of the worker, the complexity of the task in relation to this and the quality of the human–machine interface (i.e. the equipment provided to carry out the work). At the administrative or management level, conventional wisdom holds that there is a much greater degree of flexibility in the way work is carried out and the work of others is controlled. It is true that many decisions and practices at this level depend upon the professional judgement and experience of individual managers. At the same time the work of managers is often guided, or sometimes strictly limited, by corporate systems which can constrain the degree of flexibility that is possible. In some cases, the requirements of corporate systems can override professional judgement and experience. If these corporate systems fail to take account of health, safety and environmental considerations then disastrous consequences can ensue. This is demonstrated by many examples and case studies in this book. It has to be concluded therefore that the main distinction to be made between human error (in hands-on workplace tasks) and management error (in strategic and administrative tasks) lies in the type of systems which govern the way they work. This may be simplified to the distinction between ‘ergonomic’ systems (in the widest sense of the word) and ‘corporate’ systems. That is why this book, as with the previous book, adopts a systemic approach to human error, but in this case dealing primarily with corporate system failure and how to prevent it.

Human error Before addressing the main subject of the prevention of corporate accidents, it is useful to summarize the subject of human error, which was dealt with in the previous book.2 There are two distinctive types of error which it is necessary to understand. These are active and latent errors, each of which is described below.

9

10

Companies at risk

Active errors As a human factors consultant, most of the human errors with which the author had to deal with during a twenty-year career in accident prevention were those that occurred in the workplace, or as he prefers to call it, the ‘workface’. The workface can simply be defined as the interface between the worker and the machine or work environment. The main thesis of the previous book2 was that nearly all human errors in industrial operations are systemic in nature: their origins can be traced back to defective systems – whether technological or procedural systems – in other words, the causes are to be found at the workface. Very few significant errors occur in a random fashion. Random errors are those which cannot be traced back to systemic causes, but arise from an unidentifiable internal human or psychological ‘malfunction’. By contrast, a systemic error is caused by an external ‘malfunction’ comprising some defective property of the work environment which degrades human performance, making an error more likely. Most errors at the workface are classified as ‘active errors’ because the effects or consequences of the error are usually observed or manifested immediately. An example of an active error is a train driver passing a red danger signal. As a result, the driver may be unable to stop in time to prevent a collision. The consequences of the error are revealed almost immediately the error has been committed. Either he overruns the red signal and brings the train to a halt by braking or there is an accident. Thus, whether the error results in an accident or not, it is still referred to as an active error. Clearly, active errors which may have resulted in an accident but did not, still need to be investigated so that the causes can be identified and corrected. In a recent serious rail accident causing multiple fatalities a train driver failed to stop because he was unable to see clearly the danger signal ahead as a result of an obstruction due to modifications made to a gantry. This active error (called a SPAD or a signal passed at danger) was the ‘direct cause’ of the accident. However, it was not the ‘root cause’ of the accident. The root cause was a defective system, in this case the gantry modification which allowed the obstruction of a signal. It was found that a management failure had allowed the railway to continue in operation with an obstructed signal until the inevitable accident occurred. Most experienced train drivers had realized there was a problem and prevented a SPAD occurring by proceeding cautiously when approaching the signal. The obstruction had been reported to management on a number of occasions. It was not immediately corrected and the active error that caused the accident occurred on a day that a train was being driven by a novice driver working on his own for the first time. The main point at issue here is that the cause of the accident lay primarily not with the driver, but with the system that he relied on to operate safely. The natural conclusion reached in the previous book was that systemic errors are not the fault of the person making the error but, if blame is to be assigned, then it must be assigned to a person who is responsible for the defective system that caused the error. That is principally why the previous book was called The Blame Machine; so often when a serious accident has occurred the ‘blame machine’ goes into action and the person making the error is held responsible. The result of this is that the root cause of the

Management error accident, the defective system and how it was allowed to cause an accident, is not discovered. When this happens the same error (and possibly the same accident) is doomed to be repeated indefinitely.

Latent errors A ‘latent error’ occurs when the effects or consequences of an error are not immediately observed. The consequences are delayed and occur at a later time and often in a place which is remote from the source of the error. The most common types of latent error are found in management tasks (involving failures in decision making) and in maintenance tasks. A latent error in a maintenance task usually leads to equipment failure when an item of maintained equipment is put back into service at a later time. Although the error occurred during maintenance the consequences were not revealed until the maintained item of equipment was recommissioned. Clearly, the consequences of maintenance errors can be limited by proof testing of equipment. In a similar way to maintenance errors, the consequences of management errors are not always manifested immediately, but the effects are separated from the original event by time and space. Latent errors are particularly insidious because of this gap between the situation where the error occurred and the situation when the consequences are manifested. Unless latent errors are detected and corrected immediately or soon after they occur, the scenario of an ‘accident waiting to happen’ will be established. Management errors, as a subset of latent errors, form an important part of this book and are dealt with in more detail below.

Management error The previous book2 concentrated on human error at the workface, including both active operational errors and latent maintenance errors; it also briefly examined the problem of management error. Management errors are also latent errors, but they occur not so much at the workface but at the administrative and corporate levels of the organization. They may be manifested as senior managers making faulty decisions or failing to make a decision when one was required. Sometimes management errors are euphemistically referred to as ‘organizational failure’ or ‘organizational error’ and some authors make frequent reference to these terms. They are terms which are avoided in this book because when an organization fails or is in error it seems to imply that it happened in some vague and indefinable way which did not involve people. Clearly this is not possible. It is akin to the frequently quoted excuse in service organizations that a mistake has occurred because of a computer error; everybody knows that computers need to be programmed by people before they can do anything useful at all! When ‘organizational errors’ occur then ‘people’ need to be identified if the errors are to be avoided in the future. It is also important to recognize the distinction between the direct cause and the root cause of an accident, since these terms are used frequently throughout the book. A simple definition is that the direct cause of an accident provides us with information about how the accident happened, whereas the root cause will tell us why the

11

12

Companies at risk accident happened. Clearly, if only the direct cause of the accident is established and corrected, it is likely that the accident will be repeated. If the root cause is also identified and corrected, then this accident and similar accidents can be avoided in the future. These distinctions and the theories underpinning them are explored in more detail in Chapter 8. In the case of the rail accident referred to above, resulting from a SPAD, the active error committed by the driver was the direct cause of the accident. The management failure or error which allowed the red signal to become obscured was a root cause of the accident. The root cause here can in theory be traced back to a management error in the project department which designed the modifications to the gantry which obscured an existing signal. This was probably what is called, in human factors parlance, an ‘error of commission’, since somebody actually did something wrong. However, another management error within the operations department was another root cause of the accident; this was an ‘error of omission’, since it was a failure to act when the problem was reported by train drivers. This may be an over-simplification of the actual scenario, but it illustrates the different sorts of error which can occur. In the same way that the root cause of an accident caused by active errors may be located within the systems which control the way work is carried out, so the same principles can be applied to management errors. In this case, the root causes could be postulated to lie in one or more of the following categories: 1. 2. 3. 4. 5. 6.

Failure of professional judgement Lack of experience Inaccurate information on which to base decisions Insufficient information on which to base decisions Wrongly influenced or instructed by superiors Defective corporate systems.

Other causes could well be added to this list. However, any or all of causes 1–5 could be subsumed within category 6, defective corporate systems. For instance, it is quite possible that failures of judgement and experience occur because managers are allowed by the company to work outside their level of expertise: that could easily be attributed to a failure of a corporate system. This might, for instance, be due to a corporate financial system which required staff cutbacks, resulting in shedding of qualified staff so that the existing staff had to take decisions for which they were unqualified. In this case, the corporate system is defective since it did not fully take account of the potential consequences of the cutbacks. Such a scenario is not unknown. The corporate system failure then becomes a potential root cause of an accident. Such accidents and the strategies to prevent them constitute the main theme of this book. It is sometimes quite difficult in accident investigation to tease out the exact sequence of decision making which took place in the run-up to an accident, and even more difficult to identify when and where specific management errors occurred. It may be rather obvious to the investigator that errors were made by managers, but it is sometimes difficult to ascertain the precise nature or circumstances of those errors. As a result, accident inquiry reports have a tendency to delve deeply into the direct

Management error cause of an accident such as a human error at the workface, while providing much less detailed information about the root causes at management level. The facts surrounding failures at the workface are often identified in great detail with photographs and diagrams to illustrate what has occurred. For an active error, the ergonomics of equipment design are analysed and compared with best practice in order to identify the defects which made an error more likely. Whereas active errors at the workface are explained in terms of defects in the human–machine interface, this is rarely the case with management errors. When management errors have occurred, the reports often refer to these failures in a generalized way, but are distinctly vague about why these failures happened. There is, unfortunately, no organizational ‘black box’ to be decoded following an accident. Sometimes it is possible that the passage of time, the blurring of memories and the natural desire of people not to reveal their mistakes may hinder the process of uncovering the full story. It has to be acknowledged that with management errors, even if it were possible to identify with any precision the errors which were actually made, it would still be difficult to determine from the circumstances exactly why the errors occurred. It is, however, possible to examine the corporate systems which might have allowed or encouraged errors or failures at management level. If corporate systems are at fault, then this has to be an important high-level root cause which must be corrected if future accidents are to be prevented. The previous book showed how, in the case of workface errors, merely correcting the direct cause of an accident (e.g. driver passed a signal at danger corrected by disciplining the driver) will not prevent future accidents so long as the root cause remains untouched (why the obscuration of the signal happened). In the same way, merely identifying specific management errors (and perhaps sacking the manager) will not necessarily get to the root cause of the accident. The detail of what actually happened in the manager’s office prior to the accident may be of interest to an accident investigator, but the reasons why it happened are much more important. Deficiencies in corporate systems which remain uncorrected will continue to wreak havoc within an organization, inevitably leading to accidents whose locus lies at the very heart of the company.

Common cause failure The concept of common cause failures (CCFs) is relevant to understanding the root causes of management error. Common cause failures are defined as ‘external mechanisms which have a common effect on two or more (activities or) items of equipment’.2 It is a concept which is frequently used in reliability analysis of both human and equipment failures to model combinations of events. Simple probability theory shows that the chance of two or more independent failure events occurring at exactly the same time is extremely small. This is because the combined probability is calculated from the mathematical product of the independent failure probabilities. When the latter are extremely small, the combined probability is even smaller. However, this depends upon the events being completely independent of one another. In industrial systems this hardly ever occurs. Usually some common cause will intervene to produce multiple failures at a greater frequency than would be expected

13

14

Companies at risk from the independent failures. The common cause may, for example in the case of equipment, be the failure of a common electricity supply to two electrical items which would otherwise appear to operate independently. The probability of the CCF therefore dominates the very small probability of the combined independent failures, which becomes negligible by comparison. Without the use of CCF modelling, the overall failure probability of an industrial system is likely to be underestimated. These principles apply in much the same way to both human failures and equipment failures, although the techniques which are used to apply CCF modelling may differ. Experience suggests that whenever there is a concurrence of apparently independent failure events there is a good chance that the failures will stem from a common cause. The common cause probability will be much higher than the joint probability of the events occurring independently. It seems feasible to apply the same principles to management errors which have occurred in different parts of a company and where the joint effects may lead to a corporate accident. For instance, in the example of the signal passed at danger, at least two separate management errors must have occurred, corresponding to failures in the project and operations department. This common cause is most likely to be found in a failure of corporate systems which affected both departments. This failure, if at a sufficiently high level, can clearly have a wide influence on management effectiveness throughout the organization. This may lead to critical management failures in almost any area of a company’s activities which either separately or in combination may have the potential to cause an accident. This would meet the above definition of a corporate accident. This book suggests therefore that the common cause for most management errors is likely to be deficiencies in the corporate systems which, on a daily basis, control the way in which managers undertake their work activities. In the process of accident investigation it is therefore important that the contribution of any defective corporate systems is identified.

The corporate environment One of the main premises of this book is that within the corporate environment there is a systemic source of root causes which can influence management behaviour and potentially lead to accidents. It has been suggested above that there is a strong analogy with the systemic nature of workface errors described in the previous book.2 In other words management errors are also systemic, caused not by indefinable human malfunctions but by the failure of systems upon which the human, in this case the manager, relies to operate safely. If these corporate systems are faulty or defective in any way then the number of management errors will increase and so will the frequency of accidents. Except for the fact that managers have much greater freedom in the scope of the decisions they can make, it is suggested that the analogy with systemic active errors is fully justified. Just as it is difficult to identify precisely where management errors occurred and how they were caused, so it may not always be possible to understand the exact way

Management error in which a defective corporate system led to the error being made. The case studies set out in Appendices 1 and 2 are used as examples of the failure of corporate systems which should have prevented the accidents. Above all, they illustrate the complexity of the root causes of an accident. In almost every case, these root causes stretch back in time, setting up the potential for latent errors long before the accident occurred. Sometimes we talk facilely about ‘an accident waiting to happen’ but, as shown above, latent errors are prone to lead to such a scenario. This is no less the case for accidents caused by corporate failures, which all seem to bear the hallmark of an accident waiting to happen. An examination of the case studies in Appendices 1 and 2 quickly reveals that in every case no one corporate system could be singled out for responsibility. Invariably, for each accident described there was a set of failures attributable to a number of root causes which had come together over a period of time to cause an accident. In order to impose order and investigate the potential influence of corporate system failure on accident causation it was necessary to develop some kind of taxonomy of corporate systems. Even though management errors are being considered here as systemic, it was considered beneficial for the purposes of the book to refer to a ‘corporate system’ as a ‘strategy’. This enabled the specific aspects of corporate systems which are important for accident prevention to be better identified and developed. Part II of the book is therefore entitled ‘Strategies to prevent corporate accidents’. The strategies which need to be developed to prevent corporate accidents were categorized in the following simple taxonomy, which provides the breakdown of chapter headings for Part II of the book:

• Chapter 4: Safety culture • Chapter 5: Understand the risk • Chapter 6: Safety regulation • Chapter 7: Safety management • Chapter 8: The learning organization • Chapter 9: Corporate social responsibility. Each of the strategies listed above makes its own unique contribution to a safe corporate environment. However, when investigating the failures of corporate systems lying behind the accident case studies it was possible in most cases to identify more than one strategy which was defective. This can be seen by reference to the table in Appendix 2, which attempts to correlate each of these accidents with its principal root causes. It has to be borne in mind, however, that the author’s interpretation has, of necessity, been based upon reasonably accessible information, usually publicly available accident reports and court proceedings. Other interpretations may well be possible and are not necessarily excluded by this interpretation. Similarly, the components of the defences listed above and which are described in each of the chapters of Part II are those which, in the author’s understanding and experience, are considered to be the most essential. No claim is made that these descriptions are necessarily fully comprehensive and the need for other or different components cannot be excluded, especially when particular corporate circumstances are taken into account.

15

16

Companies at risk

An ethical approach This book claims to adopt an ethical approach to preventing corporate accidents. This approach derives from a study of the ‘corporate entity’ in Chapter 2. The chapter examines the way in which the legal device of ‘corporate personhood’ has evolved over the centuries to enable the corporation to interact effectively with people, the state and other corporations. It also examines the legal accountability of corporations, and in particular the responsibilities of company directors and senior managers for health, safety and the environment. This necessitates the study of corporations in relation to criminal offences and particularly the common-law offence of manslaughter, since this has arisen in the context of a number of corporate accidents. Case studies of these accidents are included in Appendix 1. Arising out of these cases, specific corporate manslaughter legislation for the UK passed through parliament in July 2007 to be in force from April 2008. This is discussed in Chapter 2. Because of the complexity, and in the interests of brevity, these legal matters have been explained as simply as possible in layperson’s terms. As a result, the author would like to stress that this book is not a reference book providing legal advice for actual situations, where it is always essential to seek the help of experts in the field. However, corporate manslaughter per se is not the main concern of this book. Rather, it is used as an example of how companies can run foul of the law owing to the absence of effective corporate strategies to prevent the sort of accidents which may lead to a court case. Obviously, there are many more successful prosecutions for breaches of health and safety law than there are for corporate manslaughter. This is because health and safety is mainly enshrined in statute law rather than common law, so that the chance of successful prosecutions is much greater. In some cases these prosecutions involve extremely serious charges leading to large fines, loss of corporate reputation or even prison sentences. Although the behaviour of the corporate body in respect of managing its risks is subject to government regulation, the book maintains that this only determines the minimum standards the company must achieve for compliance with the law. In fact, it will be found that companies are much more highly regulated in terms of financial probity than they are in terms of the health and safety impact on those affected by their operations. Company directors, for example, have strictly defined legal responsibilities for managing the company’s finances, but have little legal responsibility for managing its health and safety standards. Because legal compliance with health, safety and environmental regulations is effectively a minimum standard, it is necessary to examine the degree to which companies should incur expenditure to exceed these standards. The legal purpose of most companies, its raison d’eˆtre as discussed in Chapter 2, is to increase the wealth of the stockholders in terms of profits and share value. However, if this were the sole purpose of a company and if it were consistently achieved at the expense of other duties and responsibilities to society, then it is suggested that eventually the company would find itself operating at the boundaries of illegality as far as health and safety law was concerned. However, few would argue today that companies have no responsibilities other than that of the profit motive. As Mr Justice Scott Baker in

Management error the court case Regina v Great Western Trains Company Limited remarked, ‘there is an ever-increasing awareness and expectation of the duties and responsibilities of large corporations in matters of health and safety’. The expectations of the public about the behaviour of corporate bodies have increased greatly over the past decade. This has prompted many companies to examine whether their performance matches up to ethical standards in addition to legal compliance. This inevitably leads us to examine the subject of corporate ethics in Chapter 3, a chapter which is key to the rest of the book. The ethical approach taken here attempts to place corporate behaviour along the same moral spectrum that would govern human behaviour. This is in order to identify any analogies which could point to any natural motivators that might exist for corporate ethical behaviour. In the human sense, the moral spectrum varies from mere politeness at the lower end to illegality at the upper end, with many different shades of ethical behaviour in between. It raises the important question whether a company, as an artificial ‘person’ under the law, is capable of behaving ethically without voluntary restraints being built into the corporate structures. It is concluded that companies which behave ethically are more likely to avoid serious accidents but in order to attain this, corporate strategies must be in place for the guidance of employees, managers and directors. Richard Breeden, Former Chairman of the US Securities and Exchange Commission, is quoted as saying, ‘. . . those managers who define ethics as legal compliance are implicitly endorsing a code of moral mediocrity. It is not an adequate ethical standard to get through the day without being indicted’. Although this was said in the context of financial compliance, it is maintained throughout this book that the argument remains valid in terms of legal compliance with health, safety and environmental regulation. The ethical approach outlined above and which is adopted by this book, is designed to help companies minimize the chances of experiencing a serious accident. It tries to emphasize the principle behind a disclaimer given out by many institutions when supplying financial products to the general public: ‘past performance is no guarantee of future results’. So often, health and safety statistics about accidents in the workplace are used as the sole measure of the company’s health and safety performance and therefore as an indicator of its future liability for accidents. While such statistics are important in measuring progress in reducing workplace accidents, recent studies have shown that there is little correlation between such statistics and the chance of a company experiencing the sort of corporate accidents which are described in this book: the ‘accidents waiting to happen’. The corporate strategies that companies will need to have in place to prevent these more serious accidents are described in Part II of the book, but it is maintained that the motivation to adopt these strategies is founded on ethical principles.

Afternote The author acknowledges that some readers of this book may form the opinion that it is anti-corporate in its overall theme and in the way some of the subject matter is treated.

17

18

Companies at risk This is not the intention and it is fully acknowledged that the corporate entity in its relatively short history, as outlined in Chapter 2, has contributed enormously to improvements in the well-being of humankind on a global scale. Inevitably, since the book is focusing on corporate failures which have caused serious accidents, it is unsurprising that when writing about some aspects of corporatism the text will seem to be quite critical. This is not meant to detract from the reality that most companies not only operate within the law, but take great care that the way in which they conduct their business is informed by ethical principles. The author considers that the purpose of the book will have been fulfilled if companies are helped to identify areas where improvements or changes can be made to corporate systems, thus reducing the potential for harm to people, society and the environment.

References 1. Mr Justice Scott Baker, Regina v Great Western Trains Company Ltd [1999] LTL C7800570, after the Southall rail disaster, September 1997. 2. Whittingham, R.B. (2004). The Blame Machine: Why Human Error Causes Accidents, Oxford: Elsevier Butterworth-Heinemann.

2

The corporate entity Did you ever expect a corporation to have a conscience, when it has no soul to be damned, and no body to be kicked? Baron Thurlow (1731–1806), Lord Chancellor of England1

Introduction The aim of Part I of the book is to study the relationship between the corporate systems of governance (which direct the affairs and operations of the company on a day-to-day basis) and the impact of those systems on the health, safety and welfare of the workforce, the public and anybody else affected by corporate activities. In particular, Part I will examine how the legal, moral and ethical aspects of corporate governance influence safety and how failures in these areas have led to serious accidents in some cases with managers and directors appearing in court on charges of corporate manslaughter. This chapter will first of all examine the way that the modern corporation has evolved historically from its earliest origins to the era of globalization. This is in order to identify any vulnerable features of the corporate entity which may lead to corporate failure and, for which suitable strategies may need to be adopted. For the purposes of the book the terms ‘corporation’ (mainly in the USA) and ‘company’ (mainly in the UK) are regarded as synonymous. However, in general, the ‘corporation’ will be referred to as the ‘company’, ‘corporate body or entity’ or in some cases simply the ‘organization’. Non-corporate bodies or non-profit organizations (NPOs) are not excluded from the scope of this book and a number of accident case studies in Appendix 2 refer to this type of entity. Whilst the direct causes of corporate failure may be traced to the action (or inaction) of individual managers and decision makers, already referred to as ‘management error’, the root causes are more likely to lie within the corporate systems that govern the way in which the company conducts its business. It is important therefore to examine the inherent nature of the corporation and how it is

20

Companies at risk constituted and constrained by corporate systems which in some cases may conflict with the requirements of health, safety and environment. Wherever possible, such conflicts will be illustrated by specific case studies, either in brief within the chapter or in more detail in Appendices 1 and 2.

Corporate origins The word ‘corporation’ is derived from the Latin word corpus or body, in this sense referring to a body of people. It is defined by the Oxford English Dictionary as a ‘group of people authorized to act as an individual’. This interesting definition introduces a theme that occurs repeatedly throughout this book: the concept of corporate personality or corporate personhood. The precise definition of a corporation will depend upon the legal system of the particular country in which it is incorporated. However, there are many common features which are concisely summarized in the following definition originating from the US legal system: An aggregate corporation is an ideal body, created by law, composed of individuals united under a common name, the members of which succeed each other, so that the body continues the same, notwithstanding the changes of the individuals who compose it, and which for certain purposes is considered as a natural person.2 The concept of a corporation having the capacity of acting as an individual, yet unlike an individual having perpetual succession, is important to themes explored later in this book. The managers, directors and owners of the corporation may come and go, but the corporate body continues until the day it is dissolved. The concept of the corporation goes back at least as far as Ancient Rome and many of its original characteristics can be seen today. For instance, it was always necessary for the existence of a corporation to be sanctioned by the state and to have a number of stockholders who invest money in a joint enterprise for a specific and stated purpose. The corporation ultimately evolved into a joint group entity which could have a separate identity from the people who owned it, known as its members. This introduces the idea that a corporation was more than the sum of its members and could continue a perpetual existence even after their death. This concept is fundamental to modern corporate theory and it paved the way for the development of the modern corporation which really began in England during the seventeenth century at the time of the Enlightenment. Before this, most trade had been conducted by entrepreneurial individuals or partners in business who owned and operated their concerns assisted by paid labour. However, single ownership businesses or partners had always been restricted in the amount of capital they could raise to expand their trade or manufacture. They were limited in effect to pooling their own resources to source the business. Following the Industrial Revolution, it was clear that the increased demand for capital could only be met by the formation of joint stock

The corporate entity corporations. For example, the capital raised to construct railways in England increased from £200,000 to £230 million between 1825 and 1849.3 By the midnineteenth century, company stock was being bought up not only by the wealthy but also by the new middle classes of Victorian England. The development of centralized factories located in the expanding industrial cities and powered by coal and steam accelerated throughout the nineteenth and twentieth centuries in the UK, developments mirrored in the USA and other industrializing countries. The resulting surge in international trade, fuelled by increasing industrialization in the Western world associated with the import and export of manufactured goods and raw materials, ultimately led to the so-called era of ‘globalization’ which exists today. The gradual acquisition or merger of smaller companies to form larger and larger organizations increased in scale and scope during the latter half of the twentieth century. This eventually culminated in the formation of large transnational companies (TNCs) whose main operations are based in countries peripheral to the organization’s host country. The total turnover of some TNCs exceeds the gross national product of some of the countries in which they operate. An unfortunate consequence of this is that the operations of TNCs can have a serious impact on the health, safety and environmental conditions in these overseas countries where regulation may not be as strict as in the host country. This can increase the attractiveness of overseas operations, enabling companies to increase profits at the expense of health, safety and the environment. In 1984, in Madhya Pradesh in India, the chemical processing plant of Union Carbide India Limited (UCIL) became the site of the world’s worst industrial accident. When water inadvertently entered a methyl isocyanate (MIC) storage tank a runaway reaction ensued which quickly spread a poisonous gas cloud over the neighbouring township of Bhopal, causing the deaths of at least 3000 residents, with an estimated 500,000 injuries. A $470 million legal settlement was eventually agreed by the Union Carbide Corporation (UCC) of the USA with the Government of India which went towards settling claims for damages by the victims of the accident. Inquiries into the disaster showed the direct cause of the disaster to be the injection of water into the MIC tank which had occurred owing to human error during maintenance operations. However, later investigations revealed that one of the main root causes of the accident was that safety, operational and maintenance standards at the Indian plant were far inferior to those that existed at a similar chemical plant owned by UCC and located in the southern USA. It is perhaps the earliest and certainly the most prominent example of how corporate accidents can arise owing to a lack of oversight by the directors and senior managers of the company in the host country, of operations in a peripheral country. On the more positive side, the advantage of globalization is the potential for exporting the best health, safety and environment policies and practices of the host countries, where these may be mandatory, to other regions of the world where they are not. Economically, globalization is integrating lower income nations into global product markets, which should eventually allow developing nations to move up the value chain rather than just producing low-wage and labour-intensive goods to compete in the markets of developed countries.

21

22

Companies at risk

Corporate characteristics The capitalist system In most industrialized countries of the modern world, the system known as capitalism has been adopted as the prevailing economic model. Capitalism, unlike the socialist command economies such as existed in the Soviet Union from 1917 to 1989, embraces the concept of private property and ownership of the means of production, distribution and exchange. It operates on the principle that all economic transactions are allowed to take place under conditions of free and unfettered trade. In a freemarket economy, individuals or companies trade, bargain, cooperate or compete with each other in order to determine the availability and pricing of goods and services. Under the capitalist system, the prime purpose of the rule of law is to establish and protect private property so that the market can operate freely. In order to allow free and unfettered operation of the market, capitalist dogma maintains that the minimum amount of government control is necessary. At its extreme, this is represented by the classic economic model based on the eighteenth century ideas of laissez-faire. Laissez-faire is a French expression literally translated as ‘let do, let pass’, and was first used as an appeal against government interference with free trade. The famous moral philosopher Adam Smith (1723–1790) was the founder of the modern discipline of economics. In his book The Wealth of Nations, he was one of the first to realize that the market could invisibly correct for shortages and surpluses of goods merely through the price and profit mechanism, without the intervention of government or other external controls.4,5 Smith’s book is probably the most influential ever to be published on economics and even today forms the underlying basis for any defence of capitalism. One of the more important defences of capitalism, first discerned by Smith, was the idea of the ‘invisible hand’. This stems from the concept that the whole community benefits when individuals act in their own self-interest, even though they have no particular regard for service to the community except in the provision of goods and services for profit. He wrote: As every individual, therefore, endeavours as much as he can both to employ his capital in the support of domestic industry, and so to direct that industry that its produce may be of the greatest value; every individual necessarily labours to render the annual revenue of the society as great as he can. He generally, indeed, neither intends to promote the publick interest, nor knows how much he is promoting it. By preferring the support of domestik to that of foreign industry, he intends only his own security; and by directing that industry in such a manner as its produce may be of the greatest value, he intends only his own gain, and he is in this, as in many other cases, led by an invisible hand to promote an end which was no part of his intention. Nor is it always the worse for the society that it was no part of it. By pursuing his own interest he frequently promotes that of the society more effectively than when he really intends to promote it. I have never known much good done by those who affected to trade for the publick good.5

The corporate entity Although Adam Smith popularized the idea of laissez-faire capitalism he also had a number of moral reservations which, fairly quickly, proved to be thoroughly justified. Even Smith was able to see that the pure market mechanism when left to its own devices may produce unacceptable distortions in society and that it would be the weak and vulnerable who would pay the price of success. With regard to the interference of government he wrote: Whenever the legislature attempts to regulate the differences between masters and their workmen, its counsellors are always the masters. When the regulation, therefore, is in favour of the workmen, it is always just and equitable; but it is sometimes otherwise when in favour of the masters.6 The publication of The Wealth of Nations in 1776 is usually considered to mark the beginning of classical economics upon which the understanding of modern capitalism is largely founded. The free-market ideas of classical economics later developed into more accurate models of how an economy operates. This became known as neo-classical economic theory. The neo-classical model fell out of favour in the decades following the Second World War when the theories of the British economist J. Maynard Keynes (1883–1946) were adopted by Western governments. The classical and neo-classical models had held that employment should be left to reach a natural equilibrium according to the laws of supply and demand. In contrast, Keynesian theory proposed that governments should ‘prime the pump’ through government borrowing for job creation programmes. This suggested that unemployment could be remedied by government control of the economy through increased public spending and/or reduced taxation, thereby adjusting the level of demand. Government intervention was believed to be necessary in order to avoid a repeat of the general economic collapse which resulted in the Great Depression of the 1930s. However, in more recent decades, thanks to economists such as Milton Friedman, neo-classical theory has returned to dominate the operation of the world’s leading market economies, this process having been started in the 1980s under the governments of Margaret Thatcher in the UK and Ronald Reagan in the USA. This is further discussed in the context of corporate social responsibility in Chapter 9. The discernment of economists like Adam Smith and those who followed after him enable us to identify some of the potential disadvantages of the capitalist system. For the purposes of this book, these disadvantages need to be identified in order to understand fully the potential root causes of corporate accidents, which are discussed later. This is not to undermine the huge contribution made by the capitalist system to the progress and well-being of humanity. At the same time, corporatism, as the modern face of capitalism, undoubtedly possesses a number of inherent dangers which, if not subject to some form of control, either by government or by the companies themselves, can cause harm to people and the environment. People who are potentially at risk include the company workforce, customers, neighbouring communities and the general public. The environment can be harmed in a variety of ways including pollution of the air and ground from the by-products of industrial processes. Any of these dangers may be realized during a company’s normal

23

24

Companies at risk operations, but are most frequently revealed through the incidence of a corporate accident. The consequences of this extend beyond the people and the environment affected to include the company’s own finances and reputation, perhaps even threatening the future of the company itself. The strategies that need to be put in place by companies to limit these potential risks form the main subject matter of Part II of this book.

The dangers of corporatism Cost externalization Most of the critiques of the capitalist system put forward by its detractors, from the time of Adam Smith to the present day, tend to include the following issues:

• exploitation of the workforce (including, in the Victorian era, the use of child labour and profiteering from slavery) • economic exploitation of other countries as sources of raw materials and cheap labour • plundering of natural resources (e.g. deforestation due to excessive logging of • •

timber, depletion of fish stocks, open-cast mining) leading to environmental damage pollution of the environment through disposal of waste products and harmful discharges lack of concern for safety and welfare of the workforce and the public by allowing them to be put at risk from the company’s activities.

These can all be summed up as the innate propensity of the corporate body, as far as possible, to ‘externalize the costs’ of doing business in order to maximize profitability. Historically, this process of externality has taken place at the expense of the vulnerable and less powerful sections of society, such as the workforce and the public as well as the environment. It operates on the principle that every cost that can be externalized is a cost that the company does not have to pay, thus increasing the amount of profit that can be generated. Milton Friedman (1912–2006), the prominent economist and Nobel prize winner, was a leading advocate of laissez-faire capitalism and was the chief proponent of neo-classical economic theory. He defined an externality as: the effect of a transaction between two individuals on a third party who has not consented to, or played any role in the carrying out of, that transaction.6 Externalities can also involve the transfer of potential costs to the company on to assets that are not owned by the company. Thus, a company uses the public road network to transport its goods to its customers, its security is protected by the police and defence establishments, it is able to discharge greenhouse gases to the atmosphere, thus externalizing its costs on to future generations. Of course, it can be argued that the company pays at least part of these costs in corporation tax and other taxes on profits. The main defence against the worst excesses of unfettered capitalism has been government regulation. Business, however, has always tended to view external

The corporate entity regulation as a ‘dead hand’ which rests heavily upon the free-market mechanism, inhibiting entrepreneurialism, efficiency and profitability. It is often seen as imposing onerous, complex and sometimes unnecessary and conflicting rules. As a result, in the modern world, the lobbying of governments to reduce business restriction and interference has become a major enterprise in itself. Some companies have, yet more cynically, come to see the imposition of fines, damages and penalties resulting from infringements of regulations as merely an additional cost of doing business. The penalty may well be recouped from the cost savings of the externality which led to the infringement. Government regulation and control as a strategy to prevent corporate accidents is discussed in more detail in Chapter 6.

Limited liability The earliest joint stock companies formed were effectively a special kind of partnership where the partners in the company, called stockholders, received ‘shares’ to represent their contribution to the company’s stock. Holding these shares meant that the individuals possessed both ownership interest and decision-making power in the company. The main distinctive feature was that stockholders were free to sell their shares to other people without requiring consent from the company. In a normal partnership an interest could only be transferred if all the partners agreed to it. This arrangement made the raising of capital much more flexible. The profit that each stockholder received was in proportion to the value of the shares that they owned. Thus, if a stockholder held 10 per cent of the stock, he would receive 10 per cent of the profits. At the same time, however, if the company made a loss, then he would be liable for 10 per cent of the company’s losses. This potential loss situation had the effect of limiting the availability of capital particularly from investors with limited means, since if the company were unable to meet its debts, the stockholders could be personally bankrupted. In order to reduce the risk to stockholders and make stockholding more popular, the principle of limited liability was introduced in the UK in 1851. Under this arrangement, a stockholder would only be liable for the value of the shares that he held, irrespective of the fortunes of the company. Thus, if a stockholder held £1000 worth of stock and the company failed and went into liquidation, then the maximum amount of money that he could lose would be £1000. In addition, directors of the company would not have any personal liability for the company’s debt, except in the event of fraudulent trading or where personal guarantees had been given. In addition, the stockholders would not be responsible for any criminal or civil offences committed by the company. The principle of limited liability had the desired effect of successfully introducing small investors into the business of stockholding by reducing the risk to their personal assets. It was even suggested at the time that this mechanism of limited liability could bring an end to class conflict by giving workers a financial interest in the companies which employed them. However, voices of dissent argued that the system of limited liability should be opposed on moral grounds since it effectively removed from investors the responsibility for the way the company, of which they were part owner, was operated. Prior to limited liability, the ever-present risk of personal

25

26

Companies at risk bankruptcy concentrated the mind of the stockholders and gave them a much greater incentive to satisfy themselves that the management was carrying out its duties diligently and effectively. Limited liability companies became part of corporate law in England from 1856 onwards and the same principle was adopted progressively across the USA during the latter part of the nineteenth century. The earliest limited companies tended to be family owned, the shares being kept within the family. Later, stock exchanges were set up where shares could be traded publicly, leading to the public limited company (or plc in the UK) which, today, is the normal business model in the UK for anything other than very small firms. It should be noted that limited liability also applies where the stockholder is not an individual but is another company such as a parent company. In this case the parent company is protected from liability for its subsidiary by what is known as the veil of incorporation. The overall result has been that the owners or stockholders of the corporation have, during its evolution over the centuries, become increasingly distanced from the way the company is operated. Very few businesses are now operated as partnerships or family-owned concerns where the owners of the business are also the management. In fact, ownership by individuals is now the exception rather than the rule; companies today tend to be owned by other companies. The concept of limited liability has thus come to intervene between ownership and control. Because of this, the ownership may not always fully recognize its ethical responsibilities, an issue discussed in more detail in Chapter 3. Limited liability is important in the context of this book. When a corporate accident occurs, the responsibility for the failure clearly must lie with the directors and senior managers of the organization. Any corrective actions which are to be successful in preventing future accidents must be aimed at this level in the organization. However, the financial detriments arising from the accident are borne not by the management (who are merely employees) or by the owners of the company (who have limited liability), but by the company itself. This makes it necessary in the following sections to examine more closely the nature of the company in respect of its accountability.

Non-corporate organizations Although this book is primarily interested in corporate accidents, resulting from management failures or failures of high-level systems in corporate bodies, there are many other types of non-incorporated organization which can present serious accident hazards as a result of their operations. These are referred to here by the generalized term of non-profit or not-for-profit organizations or NPOs. Quite often these will be set up to promote specific causes of private interest or public concern, but which do not primarily involve monetary profit. NPOs are involved in a wide range of activities including social issues such as civic improvements or relief of poverty, promotion of health and safety, research, education, healthcare, the arts, religion, sports and other similar endeavours. This part of the chapter investigates the relative vulnerability of NPOs to corporate accidents compared with corporate bodies. However, in this short section it is neither practicable nor necessary to refer in detail to every possible type of NPO, since huge variations exist with respect to different organizations and countries.

The corporate entity The main distinction between an NPO and the corporate entity will depend ultimately upon the laws of the country within which the organization operates. However, a common distinction would seem to be the lack of a commercial purpose of an NPO coupled with the absence of any need to distribute profits to owners or stockholders. This is not to say that such organizations may not hold major assets and have extremely large cash flows. It is also possible for such an organization to make a ‘profit’, but only in the sense that any surplus of income over expenditure after tax is internalized by being ploughed back into the work of the organization. However, a national government or investigative body may scrutinize whether such profits are excessive, in which case an NPO may forfeit its non-profit status. This is because NPOs often enjoy tax exemption privileges denied to corporate profit-making bodies. An NPO may have members and beneficiaries just as the corporate body will have stockholders and customers. Employees of NPOs may be volunteers or paid workers, but will still be subject to national employment legislation. Usually, the establishment and management of NPOs will be governed by national laws which may dictate similar requirements to those imposed on corporate bodies. For instance, such organizations may be required to publish annual financial reports which are available for public scrutiny. They may also be required by law to have board members or trustees who have a fiduciary duty to the organization in a similar way to company directors. It is possible that NPOs may have moral or ethical obligations, either externally or self-imposed, which would not normally be placed upon a corporate body. Such restrictions may arise from the purpose for which the entity was first organized. NPOs may take many forms, varying from charities, which in the UK must be registered with the Charity Commission and meet certain stringent requirements, to trade unions (which are also subject to specific government regulation), professional bodies, hospital trusts, churches, etc. The question that must be considered here is: are NPOs, as defined above, vulnerable to the same sort of failures as corporate profit-making bodies? At first sight it seems likely that the dangers of cost externalization and limited liability which arise with corporate bodies may not arise in the same way or to the same extent with NPOs. After all, if an NPO is a non-profit organization then there can hardly be a conflict of interest between the demand to make a profit and the protection of health, safety and the environment. However, two of the ‘corporate’ accident case studies in Appendix 2 arose from failures within an NPO; these are described in Case Study A2.1, the loss of the Space Shuttle Columbia, and Case Study A2.4, the deaths as a result of failures in children’s heart surgery at Bristol Royal Infirmary. The NPO in A2.1 is a US government organization, the National Space and Aeronautics Administration (NASA), and the main failures were those of safety culture and safety management. The NPO in A2.4 was a UK hospital trust and the main failures were in the areas of safety culture and organizational learning. However, in both case studies it is interesting to note that since these organizations depend primarily upon public funding to meet their objectives, externally imposed financial restrictions could have a major influence upon how their activities are carried out. If the non-profit-making activities have safety critical implications (as they did in both these examples) then it is quite possible that corporate accidents

27

28

Companies at risk will be made more likely in spite of the absence of the profit motive. Although in the case of the accident at Bristol Royal Infirmary financial limitations had no significant causational effect, many hospitals in the UK National Health Service (NHS) are, at the time of writing, operating under severe financial constraints. This is causing considerable public debate about the effects of financial cuts upon patient safety and welfare. In the case of the Space Shuttle Columbia, the cause of the accident was definitively linked by the investigating body to organizational changes within NASA which had been made in order to implement cost savings. Further details are provided in Appendix 2 and these two case studies are referred to extensively in later chapters. In general throughout this book, reference will be made to accidents arising from failures within corporate profit-making organizations. However, this is not to exclude NPOs from consideration, but merely to avoid having to make constant reference to these types of bodies. This brief investigation of NPOs and the two case studies referred to above make it clear that the strategies to prevent corporate accidents which are described in Part II of this book are equally applicable to both profitmaking and non-profit organizations.

Corporate accountability The evolution of corporatism over the past two centuries has led from the small familyowned business to the legalized monoliths of today which dominate our society and shape our culture. Without doubt, the modern corporation has employed modern technology to make an enormous contribution to the well-being of society by the efficient provision of goods and services. However, as the technology has advanced and the size of companies has grown, the potential for harm to people and the environment has also increased. It is therefore necessary to examine the nature of the modern corporation and how it can be made accountable for its actions, particularly those which can have detrimental effects and lead to corporate accidents.

The body corporate The technical term for attributing human qualities to non-human and inanimate objects is called anthropomorphism. Interestingly, when we examine the nature of the corporation we find that this description is not so wide of the mark. The formation of a company is undertaken by a process of incorporation involving the filing of formal documents with a government body which states the intention to incorporate. When incorporation is complete the newly formed company achieves ‘entity’ status, meaning that it is in fact a legally separate entity through the operation of the law. That is to say, the company exists separately from its incorporator. Upon incorporation the company effectively becomes an artificial ‘person’ which has specific rights and responsibilities under the law, which it can exercise or claim in a similar way to a natural person. When a company is referred to as the body corporate this not only is a legal description but also bears the hallmark of reality. We often, unthinkingly, use

The corporate entity anthropomorphic language when referring to a company. For instance, we refer to a company as being either a bad company or a good company with respect to its relationship to society, particularly in such matters as how it treats its employees and customers and its health and safety record. When we do this we are using moral terms to describe what essentially is a legal device; in this respect one can hardly expect a company to possess human qualities such as a sense of morality, as the famous quotation from Lord Chancellor Thurlow makes wonderfully clear. Did you ever expect a corporation to have a conscience, when it has no soul to be damned, and no body to be kicked?1 In Chapter 3 we will consider corporate ethics in more detail and whether a company can be expected to have moral concerns; indeed, whether there is any ethical correlation at all between corporate and natural personhood.

Corporate personhood Through the process of incorporation, a company gains many of the characteristics of personhood. Although the company is owned by the stockholders and controlled by its directors, it is in fact an artificial person or body which can do many of the things that a person can do, with some obvious exceptions; for instance, a company cannot marry, vote, hold a driving licence or travel on a bus! However, in contrast to a natural person, the company has under the law a ‘perpetual lifetime’, meaning that its existence continues beyond the natural lifespan of those who incorporated it. Legally, a company can undertake almost anything that a person who was the sole proprietor could do, such as conduct business in its own right, buy and sell goods and assets, hold shares in another company (even being nominated as a director of that company), employ workers and pay taxes. In the same way as a natural person, the corporate body is both protected by, and at the same time subject to, the laws of the land in which it operates. It is able, for instance, in the same way as a person, to seek redress in the courts when it considers individuals or other companies have defamed its reputation. In the UK, the USA and many other parts of the world, similar legal principles allow a company to be treated as an artificial person under the law. The precedent establishing this in the UK was the case of Salomon v A. Salomon and Co. Ltd (1897), where a sole trader (A. Salomon) turned his leather-making business into a company (A. Salomon and Co. Ltd). Later, when the company collapsed, the creditors tried to enforce their debts from Mr Salomon himself. Because no fraud was involved the court found that Mr Salomon was not personally liable for the company’s debts and established the principle of separate identity of a company from its owners. This principle of separate identity is today known as the ‘veil of incorporation’ and allows larger parent companies to own subsidiary companies, yet not be responsible for many of their liabilities. Where owners of companies are unable to claim the protection of separate identity, for instance in the case of fraud, this is referred to as ‘lifting the veil’.

29

30

Companies at risk

Corporate legal liability Although companies can bring other companies or individuals to court and be taken to court themselves when they contravene the laws of the land, not necessarily all the laws that would govern the conduct of a natural person can be applied to a company. For instance, it is extremely difficult to make a company liable for a criminal offence requiring intent such as murder, since the courts generally uphold the principle that a company cannot have a state of mind in the same way as a natural person. Legally, however, the situation is different in the case of manslaughter and attempts have been made to charge companies with corporate manslaughter following a serious fatal accident. Corporate manslaughter and its present position under the law are dealt with in more detail in a later section. Companies can be taken to court under both the criminal law and the civil law.

Criminal law Where a company violates specific health, safety or environmental legislation, or is in breach of the Health and Safety at Work etc Act 1974 (HSW Act), the case will be heard in a criminal court and prosecutions can be brought against companies, government bodies or other organizations. In addition, persons employed by those companies, who were in a responsible position when the breach was committed, or even the members (stockholders or owners) where they are in a position of management, may also be prosecuted. Penalties against companies who are found guilty of breaching health and safety legislation are levied as a fine. If individuals (e.g. directors or managers) are found guilty of such an offence, then a fine may be imposed, or a prison sentence in serious cases. A person who is so convicted and fined or imprisoned is then guilty of a criminal offence, with all the implications of possessing a criminal record, such as loss of reputation and career, possible curtailment of personal liberty and being incarcerated along with other criminals.

Civil law Civil law is a section of the law that deals with disputes between individuals or organizations; it is a mixture of statute law (derived from legislation) and common law (derived from historical judicial decisions established in earlier cases). It is up to the claimant to bring the case to court. The Crown Prosecution Service (CPS) is not involved in prosecuting a civil offence since the state has no interest in overseeing ‘civil’ disputes. Most civil cases, when successful, result in some form of compensation to the person claiming to have been wronged. Most civil cases brought against companies will relate to matters such as defamation of reputation or product, employment laws such as unfair dismissal, sexual harassment, discrimination, etc., breach of contract, consumer protection, copyright and intellectual property, and compensation for work-related injury (breaches of Health and Safety regulations are heard in the criminal court and do not deal with matters of compensation).

The corporate entity

Duties of company directors General duties The body corporate is an artificial legal entity with a legal status distinct from that of the stockholders, directors and senior officers. In law, it is the company which operates the business, employs staff and makes contracts with other organizations and individuals. However, as an artificial entity it cannot do anything for itself and therefore requires others to act on its behalf, these legally being the company directors. In this sense, the company is merely a legal device and financial conduit through which the interests of the stockholders are looked after by the directors of the company on their behalf. Company law decrees that the ‘business of the Company shall be managed by the Directors’. The directors therefore have a special status in law when compared with managers. The legal and financial duties of company directors must be carried out in accordance with the articles of association of the company. Their role is crucial to the success and continuity of the organization and the interests of the stockholders. Directors are said to have a fiduciary duty to ensure that the interests of the stockholders are always protected. A fiduciary is defined as a person who holds a position of trust in relation to another person so that he always acts in the best interests of that other person as defined by the scope of their relationship. This is a legal requirement. The courts have generally interpreted this to mean the maximization of share value and profits. To ensure this objective is paramount, directors are prohibited from pursuing any interests which do not advance the interests of the stockholders. Two types of legal duty are imposed upon company directors: statutory and common-law duties. Statutory duties are derived from legislation mainly through the Companies Act 1985 and allow for prosecution in the criminal court on matters of misconduct, with a possible prison sentence of up to seven years. These duties mainly relate to financial matters. Here, company directors are specifically required to act in a positive or proactive way rather than a passive way in managing the company. Thus, it is up to directors to assure themselves that the company’s financial performance and prospects are not in jeopardy. In other words, directors are not expected to act only when things go wrong. They are judged not only by what they know, but also by what they should have known. The objective here is to minimize financial harm to the company, and if they fail to do this then the courts can take action since they have failed in their fiduciary duty. Common-law duties are derived from historical judicial decisions based on tradition, custom and precedent and involving case-based reasoning. However, commonlaw duties placed upon directors reflect the same principles of positive action; that it is not sufficient for directors simply to stand on the sidelines and let the company conduct its business. They need to be actively involved. A recent Court of Appeal case confirmed that each director ‘owes it to the company to inform himself about its affairs’.3 Whilst directors may delegate particular tasks to others, they do not delegate their duty to the company and they remain responsible for the delegated function, the discharge of which they are still required to supervise. This applies to directors both individually and collectively.

31

32

Companies at risk

Health and safety duties Unfortunately, the requirement placed upon a company director to be actively, rather than passively, involved in the company’s business is not supported by Health and Safety legislation in the same way as it is by the Companies Act. This discrepancy between the directors’ responsibility for financial matters compared with that for health and safety has been a matter of some concern and attempts have been made to change the situation. The problem mainly arises from the wording of section 37 of the HSW Act, which is really the only legislation to set out the main statutory duties of directors in this respect. Section 37 provides that: Where an offence under any of the relevant statutory provisions committed by a body corporate is proved to have been committed with the consent or connivance of, or to have been attributable to any neglect on the part of, any director, manager, secretary or other similar officer of the body corporate or a person who was purporting to act in any such capacity, he as well as the body corporate shall be guilty of that offence and shall be liable to be proceeded against and punished accordingly.7 Section 37 is the only relevant legal requirement which specifically places health and safety duties upon company directors. However, an offence when committed is almost entirely negative since it has to be attributable to neglect, or there must be consent or connivance by a director or others purporting to act in this capacity. In the matter of neglect, the courts have found that this is impossible to prove unless there has been a specific duty placed upon the director regarding health and safety matters. Since there is no legal duty placed upon directors for health and safety, this duty must derive from the company, for instance through the wording of the company’s safety policy. If the company, in their health and safety policy, states in a fairly clear way that a particular director has health and safety responsibilities, then it might be possible to prosecute a director under health and safety legislation. In the matter of consent or connivance by a director, a different issue arises. In order for a director to consent or connive to commit an offence, he must be aware that an offence is being committed. Thus, a director is only liable under section 37 when he knows what is going on at shop-floor level, but is not required to take any steps to inform himself about what is going on. This leads to the rather perverse situation that if a director chooses not to become aware of health and safety matters, then effectively the director is shielded from any legal liability under the HSW Act. In large organizations, where directors are extremely remote from workplace operations both geographically and by virtue of the chain of command, it is extremely difficult to show that a director was in fact aware of what was happening at workplace level prior to an accident. In fact, in medium and large-size companies, no director has ever been convicted of an offence under section 37 in the thirty years during which the HSW Act has been in force. In small companies, of say fewer than ten people, it is more common for directors to be involved in hands-on operations in the company’s business. In this case, when an accident occurs, it is much easier to

The corporate entity allocate specific responsibility to a named director and bring a successful prosecution under health and safety law. In the UK over the past few years, serious concerns have arisen about the lack of clear director accountability for health and safety. As a result, a number of initiatives have been taken to define directors’ responsibilities more precisely. These initiatives include a set of Guidance Notes published by the Health and Safety Commission8 and The House of Commons Work and Pensions Committee Report on the Work of the Health and Safety Commission and Executive.9 The Health and Safety (Directors’ Duties) Bill10 was put before Parliament in 2005 but failed to pass its second reading in Parliament. In addition to convictions of directors for breach of health and safety legislation, several successful prosecutions of directors of small companies for manslaughter have been brought. Since about 1980, eleven directors have been convicted of such an offence, of whom five have been sent to prison, five have received a suspended sentence and one was in receipt of a community service order.11 Again, all of the prosecutions involved small businesses. Corporate manslaughter is addressed in the next section.

Corporate manslaughter Definition Manslaughter is generally defined as the unlawful killing of another person without premeditation or malice (‘malice aforethought’), either express or implied. Simply put, there has to be a lack of any prior intention to kill anyone or create a hazardous situation. In this respect, it is distinguished from murder, which requires malicious intent. The offence of manslaughter is a common-law offence. This means that the nature of the offence and the basis on which it may be prosecuted successfully have been developed over time by precedent. Precedents are set by the outcome of previous court cases, which are then interpreted by judges in subsequent cases. In other words, manslaughter is not covered by any legislative statute which would define the offence precisely. Two types of manslaughter exist under UK law: voluntary and involuntary manslaughter. Voluntary manslaughter occurs when there is an unlawful killing of another person after sufficient provocation, incitement or diminished responsibility. Since this requires an element of intent it cannot be applied in the context of corporate criminal liability since a company cannot have the necessary mens rea or ‘state of mind’ (see below). By contrast, involuntary manslaughter (sometimes referred to in the UK as gross negligence manslaughter) occurs when there is no intention to cause death or serious injury by those who kill. They may, for instance, in the case of a natural person, have committed an act which may possibly result in some minor injury but which, unforeseeably, led to death. Alternatively, they may have been extremely careless or negligent or been reckless as to whether death or serious injury could occur. On this basis, it is theoretically possible for a company to be charged with such a crime.

33

34

Companies at risk However, the scope of involuntary manslaughter is extremely wide. Lord Chief Justice Lane said in 1992 that involuntary manslaughter ‘ranges in gravity from the borders of murder right down to those of accidental death’.12 As a result, recommendations have been put forward over the past decade to reform the law on involuntary manslaughter. The recommendations13 of the Law Commission (a UK statutory independent body created to keep the law under review) included the abolition of the offence of involuntary manslaughter and its replacement by two new offences of ‘reckless killing’ and ‘killing by gross negligence’. It also recommended the creation of a special offence of ‘corporate killing’ by means of which companies could be brought to justice for offences which had led to fatalities. These recommendations were accepted by the UK government and eventually paved the way for the government’s legislation on corporate manslaughter which was passed in 2007 and which is further discussed below. It is often the case that when a serious corporate accident occurs, particularly when it involves many fatalities amongst members of the public, there is a heightened degree of societal concern over safety. This may lead to a desire for justice where it is perceived that companies have been negligent in their duty of care. Following a number of high-profile multiple fatality accidents in the mid-1980s, the possibility of bringing corporate manslaughter charges against companies came under consideration.

The ‘identification principle’ One of the foundational precepts of criminal law is that nearly all criminal offences require both a mental and a physical element. The mental element is the person’s knowledge that their conduct is criminal. This is known as the mens rea, which is a Latin phrase which basically means ‘a guilty mind’. The idea of mens rea arose in England around the year 1600 when the judiciary held that the commission of an illegal act alone was not criminal unless at the same time there was a guilty state of mind. The physical element of the crime is the criminal act itself or the actus reus. The legal requirement is therefore that there can be no guilt without a guilty mind. The guilty mind relates to the state of mind of the accused person at the time the criminal act took place. Thus, the carrying out of a criminal act on its own is insufficient for guilt to be established. There must also be present an intention to carry out the act before it is enacted. The accused must have knowledge of both act and intent. The ‘identification principle’ states that, in the criminal sphere, a company cannot be found guilty of an offence unless a person who is responsible for that offence can be identified with the company. Such a person is often referred to in the law as the company’s alter ego. There is a primary test for establishing whether a company can indeed be identified with some natural person so that the acts and omissions and state of mind of the person can be attributed to the company. That test is whether the person in question can be shown to be ‘the directing mind and will’ of the company, sometimes referred to (and from here on in this book) as the ‘directing mind’. The earliest statement of the identification principle can be found in the case

The corporate entity of Lennard’s Carrying Coal Co Ltd v Asiatic Petroleum Co Ltd, 1915,14 where the judge, Lord Haldane, said: My Lords, a corporation is an abstraction. It has no mind of its own any more than it has a body of its own; its active and directing will must consequently be sought in the person of somebody who is really the directing mind and will of the corporation, the very ego and centre of the personality of the corporation.12 Thus, before a company can be convicted of the crime of manslaughter it is necessary to identify a ‘directing mind’ at a high level in the company. This directing mind must be somebody who, through his actions and decisions, effectively embodies the company and who will themselves be guilty of manslaughter. Thus, in order to convict a company of manslaughter, sufficient evidence is required to procure the conviction of a senior individual in that company. Without this evidence, corporate manslaughter charges are impossible to prove and the company cannot be convicted. As discussed above, involuntary manslaughter provides the only realistic context for corporate manslaughter. To prove corporate manslaughter it needed (up until April 2008) to be shown there is a causal link between a grossly negligent act or omission of a person acting as ‘directing mind’ and the immediate cause of a fatality. Common-law precedents have determined that in order to be a ‘directing mind’ the identified individual must be at the level of director or other senior management position. The main common-law precedent which established the need for a sufficiently senior individual to be identified as the ‘directing mind’ arose, somewhat bizarrely in the writer’s opinion, from an appeal court decision in the House of Lords after a court case involving the overpricing of a package of washing powder in a supermarket! The case, Tesco Supermarkets Ltd v Nattras (1972),15 was brought against the company under the Trade Descriptions Act 1968 and at first sight seems remarkably trivial in view of its legal importance, since it resulted in neither an accident nor a fatality. A poster advertising a special offer on washing powder had been left on display in the Tesco shop even though the stock of product at a reduced price had been exhausted. A higher priced stock was put on the shelves which a customer then bought and for which they were overcharged. They claimed correctly that the offer was applicable to their purchase given that the notice was still being displayed. Legal counsel for Tesco claimed that their client had taken all reasonable precautions and due diligence to prevent the offence occurring. The local store manager was supposed to ensure the pricing was correct but on this occasion he had failed to follow company instructions. As a result, counsel claimed, the acts or knowledge of the store manager could not be attributed to the company and therefore the company was not liable. This was upheld by the judge at the Trial, Lord Reid, who ruled that since the store manager was acting on behalf of the company it followed that it was the company who was acting. In short, the company cannot blame the employee for the mistake, as they attempted to do in this case. This may then reflect badly upon the company’s reputation and explains why Tesco wished to claim third party responsibility.

35

36

Companies at risk However, Tesco appealed to the House of Lords, who importantly overruled the court’s decision on the basis that the third party defence claimed by Tesco was in fact valid. The Law Lords ruling stated that ‘. . . the branch manager was another person being the ‘‘hands’’ and not the ‘‘brains’’ of the company . . . accordingly, his acts or omissions were not those of the company’. The store manager was not therefore identifiable with the company but, just as Tesco had originally claimed, ‘he was somebody who was being directed, who was so to speak a cog in the machine which was devised: it was not left to him to devise it’. The Law Lords went on to make the important ruling that ‘normally the board of directors, the managing director and perhaps other superior officers of a company carry out functions of management and speak and act as the company’. A distinction has to be made between those who direct and those who are directed. In this particular case, the shop manager could not be held identifiable with the company since he had to take general directions and orders from his superiors. The result has been that the identification of a ‘directing mind’ has proved impossible where corporate manslaughter charges have been brought against larger companies. In large companies the directing mind is usually so senior that it can rarely be shown that they have direct knowledge of the failures which led to the fatalities. Effectively, the legal fiction of corporate personhood is an analogy which cannot be extended to include a ‘state of mind’. As a result, no successful manslaughter prosecutions have ever been successfully brought against large companies or their directors. Those prosecutions that have been successful have involved very small companies where the directors had ‘hands-on’ control and could therefore be identified not only as a ‘directing mind’ but also as having detailed knowledge of the failures which led to fatality. The two major attempts in the UK to bring corporate manslaughter prosecutions against large companies both failed spectacularly owing to the problems described above. The earliest prosecution was that of P&O Ferries in the case of the capsize of the cross-channel ferry Herald of Free Enterprise in 1989, which resulted in the deaths of 192 passengers and crew. The next failed prosecution took place ten years later and was that of Great Western Trains (GWT) following a rail accident at Southall near London in 1997, when a high-speed passenger train collided with a freight train at 125 mph, resulting in 150 injuries and the deaths of seven people. Both of these accidents are included as case studies in corporate manslaughter in Appendix 1, where the specific safety failures are described together with the reasons why the corporate manslaughter prosecutions were unsuccessful. Over the ten-year period between these two accidents a sea change took place in the public acceptability of risk, such that by the beginning of the twenty-first century public intolerance of perceived corporate negligence had greatly increased. As a result, the whole issue of corporate criminal liability caught the attention of the public mind. The failure of the prosecution of GWT for corporate manslaughter was commonly thought to be highly unsatisfactory. In particular, it was felt to be iniquitous and discriminatory that the success of such a prosecution depended less upon the factors involved in the case, or upon the guilt of the players, than

The corporate entity upon the size of the company being prosecuted. Not only was the inability of the law to hold large companies and senior individuals fully accountable perceived to be a gross injustice, but until it was corrected, those bereaved and injured by serious fatal accidents due to gross negligence would be denied the closure which they so desperately sought. In addition to failing to satisfy natural justice, these failures to deal with corporate criminality reduced the incentive for company directors to make themselves more aware of matters of health and safety, and in particular whether policies issued at the highest level were being implemented at the workface, as discussed above. As a result of these concerns, Corporate Manslaughter: The Government’s Draft Bill for Reform was published in March 2005 and included not only a proposal for the new offence but also a consultation paper calling for comments. After consultation, the Bill finally passed through Parliament in July 2007 and the new Corporate Manslaughter and Corporate Homicide Act16 created a new offence that is to be called corporate manslaughter in England and Wales and corporate homicide in Scotland. The new legislation is to take effect from April 2008. The main provisions are summarized below, followed by a comparison with similar legislation in other countries and a critique of the measures concerning the degree to which they will correct the previously unsatisfactory situation.

Legislating for corporate manslaughter It should be noted that the material presented below is intended to provide a layperson’s overview of the legal situation under various jurisdictions concerning the way they deal, or propose to deal, with corporate criminality, particularly corporate manslaughter. The complexity of the subject matter means that in a book of this nature it is only possible to provide a summary overview. The whole area is subject to wide interpretation even by legal experts. The text here, therefore, cannot be legally comprehensive and should not be used or relied upon in specific situations as an alternative to expert legal advice. As discussed above, the state of the law relating to corporate manslaughter in the UK was for many years regarded as unsatisfactory since, in particular, in order to prove manslaughter it was necessary to apply the ‘identification principle’ that a ‘directing mind’ at the very top of the company and who embodies the company needed to be identified. Whilst it was often possible to identify such a person, in large companies with complex or hierarchical management structures it always proved difficult to successfully link that person to the particular failures that caused the corporate accident. Other countries have experienced much the same difficulty in recent decades; notably this occurred in Scotland (where the legal system is separate from England and Wales), Canada and Australia. In July 2007 the Corporate Manslaughter and Corporate Homicide Act was passed by the UK Parliament, introducing a new statutory offence of corporate manslaughter (or homicide in Scotland) directed especially at companies where the law was perceived to be ineffective.

37

38

Companies at risk

Summary of UK Corporate Manslaughter and Corporate Homicide Act16 The offence For brevity, the offence will be referred to as corporate manslaughter except where there is a specific application to Scotland. An organization is guilty of the offence of corporate manslaughter when the way in which its activities are managed or organized by its senior management causes a person’s death and amounts to a gross breach of a relevant duty of care owed by the organization to the deceased. The organization is then liable on conviction to a fine. It should be noted that the legislation is principally intended to be applied to organizations and not to individuals. This is an important aspect which is further discussed below. Standards against which the conduct may be considered negligent are in the first instance based on compliance with current health and safety legislation (see below). The definition of a gross breach of a duty of care is when conduct ‘falls far below what can be reasonably expected of the organization in the circumstances’.16 In deciding whether a breach is ‘gross’ the jury will be asked to consider relevant or applicable health and safety legislation or guidance and, if there was a failure to comply, how serious was that failure and how much of a risk of death it posed. The jury is required to: . . . consider the extent to which the evidence shows that there were attitudes, policies, systems or accepted practices within the organization that were likely to have encouraged any such failure . . . or to have produced tolerance of it (section 8, clause 3, author’s emphasis).16 This clause reflects the holistic approach of this book outlined in Chapter 1: that merely to identify and correct individual management errors is not very different to the often futile attempts to correct only the direct cause of an accident, the operational or immediate error which led to it. As with operational errors, most management areas are also systemic in nature. The main difference between a management and an operational error is the type of system which has caused the error. In the case of operational errors these systems are usually found, as might be expected, at the interface between human and machine. Management errors are more likely to be caused by failures of corporate systems; the strategies to guard against such failures are described in Part II of this book. Many of these strategies will be seen to correspond in many respects with the ‘attitudes, policies, systems or accepted practices within the organization’,16 as defined in the legislation.

Application to organizations The offence applies to a corporation, a department or other body listed in Schedule 1, a police force, a partnership, or a trade union or employers’ association, that is an employer. Schedule 1 is a list of government departments, etc., including a wide range of ministerial and non-ministerial government departments and offices. A Crown body is to be treated ‘as owing whatever duties of care it would owe if it

The corporate entity were a corporation that was not a servant or agent of the Crown’. HM Prison Service has, controversially, been excluded for a period of three to seven years pending a review of organizational structures. Non-corporate bodies such as the police force and business partnerships are ‘for the purposes of (the) Act . . . to be treated as owing whatever duties of care it would owe if it were a body corporate’.16

Application to individuals One of the more controversial aspects of the Act relates to whether the offence should be applied to individuals. The Act states that there is no individual liability and ‘an individual cannot be guilty of aiding, abetting, counselling or procuring the commission of an offence of corporate manslaughter’.16 This came out of an earlier recommendation of the Law Commission that the new offence of corporate manslaughter should focus upon the liability of the corporate body itself and should not involve punitive sanctions against individuals unless they themselves could be found guilty of manslaughter. The original consultation on the draft Bill sought views from a wide range of organizations on whether individuals should or should not be included in the corporate manslaughter offence. Strong opinions were expressed on both sides of the argument. The main view coming from trade unions, victims’ organizations and the wider public was that without individual liability a company is able to commit crimes with impunity. Since the only sanction which can be applied to an organization is a monetary fine it is possible that the fine would be insignificant when compared with company profits or even the cost of safety modifications to prevent future fatalities. As a result, it was suggested, there will be no deterrent effect upon those individuals in the organization who are responsible for health and safety, i.e. the ones who should be held accountable when a fatal accident occurs owing to corporate failure. The opposing viewpoint, expressed mainly by employers and industry organizations representing those most likely to be affected, or even prosecuted, by the new law, considered that inclusion of individuals was a step too far. It was suggested that such a step would impose an additional and unacceptable burden upon companies, their senior managers and directors. In the end, the UK government came down on the side of business and individual liability is excluded from the scope of the legislation. This decision to exclude individual liability is in stark contrast to similar legislation which has been suggested or applied already in other countries around the world (see below).

Senior management failure The Act states that ‘. . . an organisation is guilty of an offence under this section only if the way in which its activities are managed or organised by its senior management is a substantial element in the breach . . . of a duty of care’.16 Liability therefore hinges upon the way a particular activity, which might have led to or had an influence upon an accident, was being organized. This has the effect, intended or otherwise, of not focusing exclusively upon the direct cause of an accident (the immediate operational failure or human error) at the expense of identifying the root cause of the

39

40

Companies at risk accident as discussed in Chapter 1. The root cause of corporate accidents almost by definition (and certainly in all the case studies in Appendix 1) stems invariably from some failure of senior management which affects the working practices of the organization. In concentrating on corporate rather than individual liability, the intention seems to be to raise the level of scrutiny above specific managerial errors to focus on wider questions about organizational practices. This allows for the collective appraisal of senior management conduct without having to identify specific individuals, or indeed a directing or controlling mind. In referring to senior management, the legislation (paragraph 1.3) defines this class of persons as those who play ‘a significant role in the making of decisions about how the whole or a substantial part of its activities are to be managed or organized or the actual managing or organizing of the whole or a substantial part of those activities’.16 This would seem to exclude those who might play a minor or supporting role in the management of the organization in order to concentrate on the higher levels of responsibility where the root causes of an accident are more likely to be found. At these lower levels, it is more likely that the individuals will be held accountable under other legislation such as the HSW Act. As with the much quoted legal precedent of the branch manager in the case of Tesco Supermarkets Ltd v Nattrass, above, the Act is aimed at the ‘brains’ rather than the ‘hands’ of the company. It is important to note that the management failures which led to a fatal accident must be sufficiently gross since the company is being charged with a serious criminal offence. Where a company has already made reasonable efforts to ensure the health, safety and welfare of their workforce and others affected by the operations (using ‘reasonable practicality’ as described in Chapter 6) it is unlikely they will be prosecuted under the Corporate Manslaughter and Corporate Homicide Act even if there has been a work-related fatality.

Penalties Since the legislation sets out to exclude individuals from punitive sanctions, there is limited scope for a penalty which applies only to organizations. In general, this penalty has to be financial and therefore companies found guilty of corporate manslaughter would face a fine as stated in Clause 1.6. However, a restorative aspect has been allowed for and in the case of a conviction the court may insist that a company satisfies the conditions of a remedial order requiring actions to be taken to correct the failures which led to the gross breach of a duty of care (Clause 9). This is really no different from the situation which would pertain if there were a breach of health and safety law, where a company would need to correct the deficiencies before they were allowed to continue to operate. Whether a financial penalty and the exclusion of individuals from prosecution are sufficient motivation for a company to change its behaviour is further discussed below.

Investigation and prosecution There is no change from the current common-law offence of manslaughter in terms of investigation by the police and prosecution by the CPS. In the case of this Act, investigations will be conducted calling upon the advice and expertise of the Health

The corporate entity and Safety Executive, not least to probe the question of further liability under relevant health and safety legislation, but also to advise the police in their manslaughter investigations. Protocols already exist for liaison between the various agencies. In the event that private prosecutions are brought by individuals or other bodies then it will be necessary for these persons to obtain the consent of the Director of Public Prosecutions before proceedings can be started. This is in order to avoid prosecutions which are insufficiently well founded and which would ultimately fail.

Other jurisdictions The jurisdictions of Australia, Canada and the USA are the most appropriate to consider here since much of their legal systems are derived from English commonlaw. As discussed above, corporations can only operate through the actions of corporate employees. However, in order, to prosecute corporate lawbreakers it is necessary to ‘pierce the corporate veil’ to gain access to the individuals who are the ‘directing mind’ of the corporation. Possible ways of approaching this include:

• the ‘identification’ or ‘directing mind’ theory (see above) unsuccessfully pursued in the UK • specific legislation to make corporate manslaughter a statutory offence, adopted in the UK from April 2008 • corporate culture (see below), which has not been used in the UK but is part of the approach adopted by the Federal Australian authorities, as described below • vicarious liability adopted in the USA (see below), but rejected in the UK since it means that corporations can be held responsible for actions of which they were not aware.

The ‘identification’ or ‘directing mind’ theory has been discussed above, together with the Corporate Manslaughter and Corporate Homicide Act designed to overcome the problems. The other approaches are discussed below.

Australia Over the past decade new laws have been passed in Australia dealing with corporate manslaughter. Although common-law in Australia is largely derived from English law, the Australian authorities have followed a different route to corporate criminalization than that in the UK. This route is intended to tackle the controversial question of the prosecution of individuals in order to place an additional deterrent upon the corporation in an attempt to change its future behaviour. Under federal law, a corporation is liable where it can be proven that ‘the body corporate’s board of directors (or a high managerial agent) intentionally, knowingly, or recklessly carried out the relevant conduct, or expressly, tacitly or impliedly authorized or permitted the commission of the offence of the body corporate’. Alternatively, the corporation is liable where it can be proven that ‘a corporate culture existed within the body corporate that directed, encouraged, tolerated or led to non-compliance with the relevant provision, or the body corporate failed to create and maintain a corporate culture that required compliance with the relevant provision’.

41

42

Companies at risk Thus, actual or inferred intent of the corporation’s executive or management may result in liability. Alternatively, liability may be incurred when there is a corporate culture which encourages non-compliance with health and safety law. The importance of corporate culture in general and safety culture in particular is discussed in detail in Chapter 4. Somewhat different legislation exists for the Australian Capital Territories (ACT), including Canberra and surrounding areas, where the persons made responsible can include any officer occupying an executive decision-making position. The objective is to prevent senior managers and directors from hiding behind the corporate veil so that they can conduct unlawful business with impunity, and exposes them to personal criminal liability rather than their conduct being regarded as the conduct of the organization. The person, not including the corporation, would be reckless in their conduct if it led to an industrial fatality if ‘they were aware of a substantial risk that serious harm would result to the worker; and having regard to the circumstances known to them, it was unjustifiable to take that risk’. Similarly, a person would be negligent in their conduct if it led to an industrial fatality if it involved ‘such a great falling short of the standard of care that a reasonable person would exercise in the circumstances or such a high risk that the death of a worker would result’. If recklessness is proven causing death to the worker then it is possible that another offence such as murder under the Criminal Code will apply. If it is the employer’s negligent conduct which causes the death of a worker then only the offence of manslaughter will apply. The maximum penalty for the offence under the amendment is a fine in the case of an employer or imprisonment for twenty-five years and/or a fine in the case of an individual. In addition, more creative penalties are possible, including publicizing the offence, notification to a specified person or persons, such as stockholders, and a requirement to carry out a specified project for the public benefit. Similar legislation is now being considered in New South Wales (NSW) where, owing to the same legal barriers that existed in the UK, there has never been a successful prosecution for corporate manslaughter arising from a workplace fatality. The Australian authorities are now getting to grips with the problem of successfully prosecuting corporations and other bodies for corporate manslaughter, with the provision to make both the corporate body and individual senior personnel responsible for contraventions of health and safety leading to a fatality. At the same time, there has been a more creative use of imposed penalties to extract the maximum social deterrent and restitutive effect.

Canada Just as in the UK, following the failed corporate manslaughter cases arising from two major accidents (see Appendix 1), the arguments for the criminalization of corporate behaviour in Canada were driven by an industrial fatal accident. The Westray mine disaster occurred in Nova Scotia in 199217 and involved an explosion that led to the deaths of twenty-six miners. An inquiry led by Mr Justice Richards of the Nova Scotia Supreme Court found that the accident occurred as a result of numerous failures in health and safety protocol at various levels in the organization. The inquiry

The corporate entity also found that senior executives up to the level of president of the company were grossly negligent in complying with health and safety standards. Although charges were brought against various employees of the Westray organization, they were never prosecuted and convicted, with the result that serious violations went unpunished. Therefore, it was widely maintained that the victims’ families had been failed by the criminal justice system. The Westray disaster public inquiry recommendations suggest that: The Government of Canada . . . should institute a study of the accountability of corporate executives and directors for the wrongful or negligent acts of the corporation and should introduce in the Parliament of Canada, such amendments to legislation as are necessary to ensure that corporate executives and directors are held properly accountable for workplace safety (Recommendation 73).17 As a result of these failures, discussions took place concerning how, and to what extent, these concepts of individual moral fault in criminal matters should be attributed to a corporate entity. The Canadian Federal Government, in the wake of the Westray disaster, decided not to create a new offence of corporate manslaughter as in Australia and the UK, which would enable corporations to be held liable in the same way as individuals. After much consultation, the Canadian Bill C-4518 passed into Canadian law in 2005, making organizations criminally liable as a result of the actions of senior officers who oversee day-to-day operations but who may not be directors or executives. However, organizations are also criminally liable when officers with executive or operational authority intentionally commit crimes to benefit the organization or become aware of offences being committed by other employees but do not take action to stop them. The overall intention of Bill C-45 is to modernize the law on the criminal liability of organizations to reflect the increasing complexity of today’s corporate structures. It should be noted that Bill C-45 deals with the criminal responsibility of the organization itself and does not change the law in any way with regard to the personal liability of directors, officers and employees, who are always liable for crimes they commit personally, whether this be in the context of their employment or not. In addition, Bill C-45 refers to ‘organizations’ rather than corporations, in order to apply to all forms of joint enterprise carried out by individuals regardless of the way they are structured, formed or incorporated. The provisions of the new bill were first controversially put to the test in Ontario in March 2005, when a construction supervisor was charged with criminal negligence causing death in an occupational health and safety incident. The charges arose from the collapse of a trench in which a worker died as a result of being trapped. A sixtyeight-year-old supervisor pleaded guilty to three of eight charges concerning an excavation which was not properly shored up or protected and for failing to ensure that workers were wearing protective equipment. However, in the event, the charges were withdrawn. Following a plea bargain agreement he escaped liability when the ‘criminal negligence causing death’ charge was withdrawn. Instead, the supervisor

43

44

Companies at risk agreed to pay a fine of $50,000 for the three contraventions of health and safety regulations to which he pleaded guilty. Otherwise, under the new law, he might have faced life imprisonment and certainly would have faced a twelve month sentence for each of the charges. It is questionable whether Bill C-45 was ever intended to charge somebody at supervisory rather than executive level. The case showed that even new legislation can encounter the same difficulty of bringing criminal charges against senior personnel in an organization who are ultimately responsible for the provision of adequate safety systems but who are far removed from the actual work. There is always a temptation to prosecute the person who is directly involved because the chances of a successful prosecution are much greater, even though this person does not represent the root cause of the accident. The use of the new Act to prosecute somebody at supervisory level would therefore seem to contradict the original intention of Recommendation 73 (see above) arising from the Westray public inquiry.

USA The approach to corporate homicide in the USA varies from state to state, but differs from that adopted in the UK, Australia and Canada. In the USA, the ‘agency’ or ‘vicarious liability’ approach is generally followed. Very few prosecutions for corporate homicide have been brought against US corporations, successfully or otherwise. The difficulties in convicting corporate bodies for culpable homicide in other countries, which have arisen as a result of the ‘directing mind’ principle, have not been a factor in the USA. In addition, the USA has not attempted to bring in specific legislation that would enable companies to be convicted of corporate homicide. The ‘agency’ approach which is generally adopted is based on attributing liability to a corporation when an offence is committed by an agent of that corporation. In effect, it imputes the illegal act of an employee to the corporation itself. The agent does not need to have a high-level controlling function in the corporation, and although it can be a director or senior officer, it may also include any employee of the organization or other person authorized to act on its behalf. This approach is also known as the ‘vicarious liability’ doctrine. Effectively, it makes the organization responsible for the potential acts or omissions of every employee, officer or agent performing on its behalf, whether or not the ‘directing mind’ (as it were) was aware of what was occurring. The ‘hands’ of the organization can be responsible even though the ‘brains’ are unaware of what is happening. However, three conditions must be fulfilled: 1. An individual employee must have committed the offence with the required mens rea (guilty mind) referred to earlier. Only if that individual’s state of mind is established as such can the offence be imputed to the corporation. 2. The employee committing the offence must have done so within the scope of employment, usually meaning that the offence occurred while the employee was carrying out an activity related to a job of work assigned to him/her by the employer. 3. The employee committing the offence must have had the intention of acting for the benefit of the corporation, that is, not acting maliciously.

The corporate entity Superficially, this approach appears to avoid the problem of finding a ‘directing mind’ with which the organization can be identified in order successfully to bring a charge of corporate homicide as previously required under English law. Under the vicarious liability approach, corporate fault is made to depend almost entirely upon individual fault without the need for proof that the corporate body acted illegally. Although it may be desirable for the highest level in the corporation to be aware of any deficiencies at operational level which may cause one of its agents to commit an offence, this is not always realistic. Vicarious liability can result in the stigma of a criminal offence being imposed upon a corporation when it is acting in good faith. Another undesirable aspect is that the root cause of corporate accidents, that is, failures of organization and management, can easily be overlooked when all the attention is directed towards the individual agent of the corporation who actually committed the act which caused the accident.

Critique of legislation This review of legislation for corporate manslaughter in the UK and in a number of other English-speaking countries with similar legal systems reveals a wide diversity of approaches. It also indicates a general trend leading away from prosecuting companies for manslaughter under common law, as applicable to natural persons, and a move towards the introduction of statutory legislation directed specifically at the corporate body. This trend has arisen because of the legal impossibility of a corporation having the mens rea or guilty mind necessary under common law. Charges against individuals and organizations under statute law, such as the HSW Act in the UK, are much easier to prosecute successfully. Often this has been the only realistic recourse of prosecutors when a serious fatal accident occurs and charges of corporate manslaughter have so far proved impossible to uphold because of the identification principle. Although it may be possible to identify such a person, in large modern and complex organizations it is usually found that they are only responsible for the strategic direction of the company and cannot always be aware of the way in which workplace activities are carried out. The required level of knowledge and awareness just does not exist. Persons at the level of directing mind are also more easily able, if they so desire, to distance themselves from what is actually happening lower down in the company, since there is no legal requirement for them to cultivate awareness of health and safety matters. The new legislation in the UK, the Corporate Manslaughter and Corporate Homicide Act described above, is an attempt to overcome longstanding difficulties in securing prosecutions against companies for corporate manslaughter. Many who have studied the new legislation regard it as being fatally flawed in the following respects.

Senior management failure The definition of ‘senior management failure’ which is to be used as a basis for prosecution is rather vague since it is not well defined in the Act. This may result in

45

46

Companies at risk persons who are ultimately responsible for safe operation at the top tier of the company being able to pass the blame down to lower levels. It also raises the spectre of the ‘directing mind’ problem if it is attempted to identify individuals at this higher level. As happened in a recent application of the Canadian legislation described above, this problem with the new UK law may indeed lead to individuals at lower levels carrying the blame and bearing the penalty which was due to their superiors.

No individuals can be found guilty Under the new UK Act, individuals ‘cannot be guilty of aiding, a betting, counselling or procuring the commission of an offence of corporate manslaughter’ and therefore they will not be prosecuted. The Act assumes that the existing laws, both for manslaughter and for health and safety offences, are sufficient to deal with individuals who are found to be criminally liable in the event of a fatal accident. Nevertheless, history has shown that the number of directors of companies who have been successfully prosecuted for manslaughter is extremely low even for small companies and is non-existent for large companies. If they cannot be prosecuted under this legislation then on past experience it is unlikely that they can be prosecuted at all. The question remains: is there a moral case for individuals as well as companies to be prosecuted under corporate manslaughter legislation? The main argument for securing the prosecution of individuals is that it provides a greater degree of justice for the victims of serious or fatal accidents and their families. The concept of ‘corporate personhood’ is relatively meaningless to the average layperson. In reality, it is simply a legal fiction enabling companies to be held responsible under many of the laws applying to natural persons as discussed earlier in this chapter. It is difficult to sustain the analogy of personhood in the face of demands for deterrence and restorative or retributive justice when a company causes harm or injury to natural persons. This is because:

• the limited range of penalties, mainly fines, which can be applied to a company is rarely seen to be proportionate to the level of harm inflicted • unless some individual liability is identified, a company is perceived to be able to •

commit criminal offences with relative impunity with a perceived lack of accountability on the part of its senior officers a company is unable to express or demonstrate compunction or regret. Even when companies have stood trial for manslaughter, their directors have sometimes failed to appear in court (e.g. Appendix 1, Case Study A1.2) to express regret on behalf of the company, presumably because of the danger of implicating themselves in the circumstances of the accident.

It is fairly obvious to the victims and bereaved families of those killed in corporate accidents that a company is unable to act except under the volition of the individual agents which it employs from the level of directors downwards. When an accident occurs individual responsibility has to lie somewhere within the organization. It has long been recognized that to provide closure for those affected, it is necessary to understand how the accident was caused or was allowed to happen. Victims of

The corporate entity accidents will always want assurances that the individuals responsible are not only identified but also made to answer personally for their failures. Sometimes it is appropriate that answers should be given in a court of law or at a public inquiry and individuals should not be allowed to hide behind the corporate veil. There have already been calls to amend the law so that senior executives and directors cannot escape accountability for health and safety matters under cover of the corporate veil, in the same way that the veil cannot be used to hide from the penalties of financial malfeasance. Unfortunately, since the new UK corporate manslaughter legislation specifically excludes individuals from prosecution, a more accessible route will have been provided for a minority of directors to evade liability.

Penalties In addition to the lack of individual accountability, the imposition of the only available penalty, a fine upon a company, will rarely be sufficient to satisfy the sense of injustice and the desire for closure of victims and families, no matter how punitive the level at which the fine may be set. The imposition of a fine and the stigma of a court case may result in loss of reputation for a company, but will not necessarily change the way in which the company operates. If the company is fined, the individual actors who control the company at senior level are not personally affected; perhaps the worst consequence is temporary loss of employment and possibly brief social stigma. However, the incentive of these persons to reflect upon what has happened and to make the necessary changes is considerably increased if they are held personally liable for the failures of the organization. Furthermore, personal liability is more likely to result in accident prevention if senior employees have the possibility of a fine or imprisonment to concentrate their mind on health and safety matters. Without needing to prosecute individuals, there may be some advantage in adopting a more creative approach to the penalties imposed upon companies in order to make them more effective, as mentioned above. Deterrence should be the principal reason for imposing a penalty on a company in the event of a corporate accident in the hope that its performance may improve in the future. If the costs of committing the offence greatly exceed any benefits which might have accrued, such as saving money on safety improvements, then a company is more likely to be deterred in the future. Naturally, the fine should in any case be proportionate to the seriousness and consequences of the offence as is currently the case when companies are successfully prosecuted under health and safety law. This principle was demonstrated by the severity of the fine imposed upon Transco following the fatal gas explosion in Scotland, as described in Chapter 3. An alternative penalty which might make a company more inclined to consider the consequences of its actions could be ‘equity fines’ which impact upon the share value of the company and remind stockholders of their responsibilities as owner. Alternatively, fines could be based upon relinquishment of a proportion of annual profits. In some cases the punishment might be tailored to fit the crime and involve some form of community service to benefit those affected, thus adding an element of restitution to that of deterrence. If fines were accompanied by ‘corporate probation’ then an element of rehabilitation would also be included. This would require a company to

47

48

Companies at risk bring its operating standards up to a declared level over a defined period before the probation order could be lifted. Companies are always vulnerable to loss of reputation and this may translate into monetary terms from loss of customers and revenue when news of a serious incident is publicized. The Brent Spar incident described in Appendix 2, Case Study A2.6, is an example. Denunciatory penalties (or naming and shaming) could take the form of ‘publicity orders’ including the requirement for senior executives to attend trial hearings and thus publicly admit their complicity through their presence in court. This could also occur to some degree with a probation order. The ultimate sanction is perhaps ‘corporate capital punishment’, where a company is completely dissolved. However, the consequences of this upon a wide range of relatively innocent stakeholders would be so severe as to limit it to the most serious cases of corporate criminality with intent.

Conclusion This chapter has briefly examined the nature of the corporate entity and its legal accountability in the event of a corporate accident. It was appropriate to consider these matters since an awareness of the consequences of corporate accidents must precede an understanding of the preventive strategies which need to be put in place to avoid them. Such strategies are considered in Part II of the book. However, so far, the book has only discussed the principal raison d’eˆtre of the corporation: the need to make a profit for the stockholders and increase the value of their shares. If a company possessed no imperatives beyond these it would almost certainly represent a corporate accident in the making, especially when the corporate will and intention to control the risks which are generated come into conflict with the desire to maximize financial returns for the stockholders. In theory, there should be no conflict; it has been shown that safe companies tend to be successful companies. In practice, short-term financial objectives can obscure the importance of operating safely. The aspirations of a company need to be much greater than constantly scanning the bottom line and believing that compliance with the law is sufficient in itself. Although companies are constrained to some extent by external health, safety and environmental regulations, these are only intended to set minimum standards, as will be described in Chapter 6. This book will maintain that neither the profit motive nor compliance with regulation will provide sufficient incentive for companies to develop effective preventive strategies against corporate accidents. Other imperatives need to be absorbed into the company’s culture if the strategies are to prove effective in the long term. Freedom from corporate accidents is in itself a long-term strategy and, like many investments, it carries the warning that past performance is no guarantee of future success. A higher motivation must be in place to govern the way companies are operated and this motivation originates in the more abstruse realm of ethics and morality. The next chapter, entitled ‘Corporate ethics’, considers the moral and ethical standing of the main stakeholders in the corporation and examines ways in which they can act ethically both as individuals and as corporate actors while still upholding the financial interests of the company. These themes are continued in Chapter 9.

The corporate entity

References 1. Poynder, J. (1844) Baron Thurlow (1731–1806), Lord Chancellor of England, cited in Literary Extracts, 1, 268. 2. Bouvier’s Law Dictionary (1856). Revised 6th edn. http://www.constitution.org/bouv/ bouvier.htm 3. Anon (1996) Journal of Legal History 17, 63. 4. Smith, A. (1776). An Inquiry into the Nature and Causes of the Wealth of Nations, Vol. 2, Book IV, Chapter 2, p. 350. 5. Smith, A. (1776). An Inquiry into the Nature and Causes of the Wealth of Nations, Vol. 2, Book I, Chapter 10. 6. Bakan, J. (2004). Milton Friedman. In The Corporation: The Pathological Pursuit of Profit and Power, Documentary based on the book by Bakan, J., TV Ontario, www.thecorporation.com 7. Health and Safety at Work etc Act 1974, http://www.hse.gov.uk/legislation/hswa.pdf 8. Health and Safety Executive, Director’s Responsibility for Health and Safety, INDG343 02/02 C700, http://www.hse.gov.uk/pubns/indg343.pdf 9. House of Commons Work and Pensions Committee, 2004, The Work of the Health and Safety Commission and Executive, http://www.publications.parliament.uk/pa/cm200304/ cmselect/cmworpen/456/456.pdf 10. Russell, J. (2005). Health and Safety Commission Report, Directors’ Responsibilities for Improving Health and Safety Performance – Proposed Report to the Government, HSC/05/ 90, found at http://www.corporateaccountability.org/dl/Directors/hsepapertohscnov05.pdf 11. Centre for Corporate Accountability, London, UK, http://www.corporateaccountability.org/ directors/convictions/manslaughter/main.htm 12. Walker (1992) 13 Cr App R (s) 474, 476, in Reforming the Law on Involuntary Manslaughter: The Government’s Proposals, London: The Home Office, http://www.homeoffice.gov.uk/ documents/2005-corporate-manslaughter/cons-manslaughter-0500?view=Binary 13. Reforming the Law on Involuntary Manslaughter: The Government’s Proposals, The Home Office, http://www.homeoffice.gov.uk/documents/2005-corporate-manslaughter/ cons-manslaughter-0500?view=Binary 14. Lennard’s Carrying Coal Co Ltd v Asiatic Petroleum Co Ltd [1915] AC705 (HL) 15. Tesco Supermarkets Ltd v Nattrass [1972] AC 153 16. Corporate Manslaughter and Corporate Homicide Act 2007, http://www.opsi.gov.uk/acts/ acts2007/20070019.htm 17. Justice K.P. Richard, Commissioner (November 1997). Report of the Westray Mine Public Inquiry, Canada, http://www.gov.ns.ca/enla/pubs/westray 18. Department of Justice, Canada. Canadian Parliament Passes Bill C-45: Stronger Laws Affecting the Criminal Liability of Organizations, http://www.justice.gc.ca/en/news/nr/ 2003/doc_31024.htm

49

3

Corporate ethics When we sincerely follow the ethical path we become one with it, When we become one with the ethical path, it embraces us. Lao Tzu (c. 600 BCE) Those managers who define ethics as legal compliance are implicitly endorsing a code of moral mediocrity. It is not an adequate ethical standard to get through the day without being indicted. Richard Breeden, Former Chairman, Securities and Exchange Commission The Law cannot regulate all human behaviour which also needs professional and social ‘conventions’ to prevent anarchy and tyranny. Reverend Gordon Dunstan1

Introduction Recent high-profile business scandals such as Enron, WorldCom, Arthur Anderson and others have drawn attention to the controversial subject of corporate ethics. Although these particular scandals have involved financial impropriety and mismanagement at the highest corporate level, similar issues can arise with failures to protect health, safety and the environment. As discussed in Chapter 2, the corporate body, by the very nature of its founding principles, is required to maximize profit and asset value for its stockholders. In order to achieve this, there is a natural tendency to externalize as many of its costs as possible. In the process of externalizing costs companies may, knowingly or inadvertently, cause a detriment to third parties affected by their operations. Third parties may include employees, customers, the local community or the general public put at risk by the creation of safety hazards and environmental impact which in some cases can lead to corporate accidents. This tendency can be counteracted in a number of ways. During the historical development of the corporation, governments found it necessary to impose conditions upon how companies were allowed to conduct their businesses to limit harmful effects. These limits were applied in the form of statutes and regulations which controlled, for instance, the way in which company stock could be

Corporate ethics traded in order to protect stockholders. Similar measures were introduced to prevent accidents or limit the consequences of hazards arising from a company’s operations; these often followed on from serious corporate accidents which aroused public concern. Many examples are provided in Chapter 6. It is neither possible nor desirable for government to regulate every aspect of a company’s operations. Over-zealous regulation of business deters entrepreneurial activity and restricts initiative, holding back business development, and detracts from the common good of the nation. Control of business by regulation must achieve a balance between imposed rules and adherence by companies to voluntary and ethical codes of practice. Over the past two centuries the pendulum has swung between the two poles of government controls and voluntary self-regulation. At the time of writing, certainly in the UK, there has been a move by government towards simplifying over-burdensome regulatory controls (see Chapter 6). At the same time government is encouraging companies to embrace the principles of corporate social responsibility; this topic is addressed in more detail in Chapter 9. The natural temptation of some companies to externalize costs in detrimental ways is curbed by the desire of companies to project an image of ethical business practices in order not to alienate public perception and erode customer confidence. There are several recent cautionary tales of how big companies have, at their peril, risked losing their customer base and reputation through unethical activities, and a case study of such an incident is presented in Appendix 2, Section A2.6. Protection of business reputation is an important persuader of companies to act in ethical ways, lessening the need for the heavy hand of regulation. This chapter addresses a number of issues in corporate ethics arising mainly in the context of health, safety and environmental risks rather than in the area of financial impropriety. It defines the scope of morality and ethics within the context of business and examines whether the motivators for ethical behaviour at human level can be translated to the corporate level. The roles of the various human actors within the corporate entity are identified and the degree to which they can influence corporate ethical behaviour is examined. This chapter also pursues the much debated question of whether companies which do good, also do well. Henry Ford once said, ‘Monopoly is bad for business. Profiteering is bad for business’.2 Is the pursuit of cost externalization in the end counterproductive, diminishing profitability rather than improving it? Finally, the difficult issue of professional (as opposed to corporate) ethics is explored, including situations where the moral qualms of a senior manager or director are expected to be subservient to business success. The chapter commences with a discussion of ethics in general terms before proceeding to the study of corporate ethics.

Ethics Definition The origin of the word ethics is the Greek word ethos, which means ‘character’. The Code of Hammurabi was one of the earliest law codes and was developed in Babylon

51

52

Companies at risk in the 18th century BC. It was carved upon a black stone obelisk, eight feet high and placed in public view. The code regulated the way society was organized and included modern-day ethical dilemmas such as bribery, giving false testimony (telling lies) and the faulty construction of houses which collapsed on their occupants. These and many other ethical misdemeanours were regarded as crimes which often bore grim retaliatory punishments; for example: If a builder builds a house for a man and does not make its construction firm, and the house which he has built collapses and causes the death of the owner of that house, that builder shall be put to death. Hammurabi, the king of righteousness, on whom Shamash has conferred right (or law), am I. My words are well considered; my deeds are not equalled; to bring low those that were high; to humble the proud, to expel insolence. Code of Hammurabi, c. 1800 BC Since that time most societies have developed ethical codes, many aspects of which have found their way into present-day law, forbidding and punishing crimes such as murder, assault and theft. Ethics is not quite the same thing as morality, although the two are often confused. The best way of illustrating the difference is to say that while morality sets the standards (i.e. morals) ethics defines the behaviour which supports and upholds those standards. In this book we will talk about ethical behaviour rather than morality. A simple modern definition of ethics is ‘a code of behaviour considered correct, especially that of a particular group, profession or individual’ (Collins Dictionary). However, several prominent theories of ethics deriving mainly from the work of past philosophers have influenced the modern study of ethics. Three of these are considered below, although space permits only a very simplified account of the complex work of these outstanding philosophers.

Virtue ethics The Greek philosopher Aristotle was one of the first to study ethics as a separate subject, over 2000 years ago. For Aristotle, ethics was more than simply a moral, religious or legal code imposed by the authorities which must be obeyed under penalty of imprisonment or death. Rather, he understood ethical behaviour as something founded on personal knowledge that promotes virtue. Virtues are defined as moral characteristics that encourage human development (e.g. perseverance, courage, compassion, truthfulness). Action must be virtuous and carried out to achieve a common good. To define whether an action by an individual or group is ethical he would ask whether the consequence of the action was good both for that individual or group and for society. The main criticism of virtue ethics is that since it does not provide a set of rules or codes for behaviour, it cannot provide guidance for action; nor can it always resolve moral dilemmas (e.g. while honesty demands absolute truth, compassion may require us to remain silent or even lie).

Corporate ethics

Utilitarianism Jeremy Bentham, the English philosopher and social reformer, in 1789 proposed the principle of utilitarianism: that actions should be judged on their consequences, in particular their propensity to produce the greatest happiness for the greatest number.3 One of the main problems with utilitarianism is that it is quantitative: there is no guidance on how to measure the greatest happiness (although various attempts have been made). Also, if there is only one act which produces the greatest good then any act which produces a lesser good must be wrong; this is patently untrue. Some people may not be interested in the greatest happiness for all and therefore ethical action may be possible in the absence of this. Another problem is that it only measures the consequences of actions and not the actions and motivations which lead up to them; it raises the question: is it permissible to do something morally wrong in order to bring happiness to many people? This problem is addressed by duty ethics (see below).

Duty ethics Emmanuel Kant, the German philosopher and enlightenment thinker (1724–1804),4 sought a system of ethics that would be based on reason and not on a cold calculation of utility. As a result, he emphasized that the ethical life was centred on duty; he also believed that if action was to be ethical the moral imperative behind it must be categorical (e.g. a rule applying in all circumstances) and not conditional (e.g. a whim depending on circumstances). Thus, our ethical actions should be an end in themselves and not a means to an end; this is the opposite of the utilitarian idea that the end justifies the means. For Kant, the motive is all important: being ethical is doing the right thing for the right reason. If we are motivated to act ethically because there is a payoff then Kant argues that this is not ethical action, but action conditional on the possible consequences. He differentiated between two types of duty: perfect duty, which we are obliged to do all the time (e.g. not harming others), and imperfect duty, which we should do as often as possible but not universally (to be compassionate, charitable, etc.). The main criticism of duty ethics is that it is not easily able to resolve conflicts of duty. Apart from these theories, there are many branches of ethics which can be studied, including meta-ethics (the study of the origin and meaning of ethical concepts), normative ethics (how to define the moral standards that govern right and wrong conduct) and applied ethics, which is the study of specific, often controversial, moral issues such as abortion, animal rights or euthanasia. This book is mainly concerned with applied ethics and in particular the field of business ethics which applies to corporate entities. This includes the ethical responsibilities of companies in areas such as employee rights, advertising, financial management, and the protection of health, safety and environment.

Ethics and the law The relationship between ethics and the law is of interest for this book since externally imposed government regulation is one of the main preventive measures

53

54

Companies at risk Impoliteness

Moral issues

Increasing seriousness

Illegal activities Legal boundary

Figure 3.1 Spectrum of unethical behaviour.

against corporate accidents and is studied in Chapter 6. In modern societies, the legal justice system is closely related to ethics in determining the standards of right and wrong behaviour and the enforcement of the rights and duties of groups and individuals. The legal justice system not only adjudicates on whether deviations from these standards have occurred, but also imposes punishments. However, most ethical behaviour is defined not by the law but by standards of morality and by the expectations of society. Ethical behaviour can be considered to lie along a spectrum which varies from, at the lower end, impolite behaviour to, at the upper end, illegality. This is simply illustrated in Figure 3.1. Impoliteness, not being courteous and considerate to others, certainly falls within the scope of unethical behaviour, but hardly merits a place in the study of applied ethics since it is a basic expectation of the way people should behave socially rather than a serious moral issue. Further along the spectrum lie the various moral issues, many of which have long been accepted as unethical (such as untruthfulness, lack of respect, greed and cheating), but are not necessarily illegal. Other issues are less clear-cut and are subject to debate by society (such as animal testing and genetic engineering), but are not illegal for the time being. Of course, there will never be a complete consensus on every moral issue as to what is acceptable and what is unethical. Behaviour which one person finds unethical may be quite acceptable to the next person. This is why the law is often used to regulate the most controversial ethical or moral dilemmas in society. The result is that some issues are at the borderline of illegality and therefore subject to legal restrictions (such as abortion and the use of human embryos). At the far end of the more serious moral issues lies the somewhat fuzzy legal boundary which differentiates unethical behaviour from illegal activities. Beyond the legal boundary lie the actions which society, via the legislature, has already decided are completely unacceptable. Most illegal behaviour is probably, by definition, unethical in nature since it is behaviour which has been condemned by a consensus of society and made subject to the law. The main point of Figure 3.1, however, is to demonstrate the fuzziness of the boundary between unethical and illegal behaviour. The location of the boundary will vary according to societal trends and over time. Liberalization and reform often result in previously illegal activities becoming legal but not necessarily ethical. Sometimes the law is blind to behaviours that would not bear ethical scrutiny in the eyes of many people. Conversely, increasing volumes of legislation tend to push previously unethical behaviours across the boundary into illegality. At other times, particularly in the context of corporate activities, it is found that behaviour which might have been classed as unethical has suddenly strayed across the boundary into illegality following a corporate accident. This is prone to happen under non-prescriptive

Corporate ethics umbrella legislation such as the Health and Safety at Work etc Act 1974 (HSW Act) in the UK. The HSW Act can often be invoked where a company is found not to have given due consideration to the safety and well-being of employees or any other persons affected by their operations. This may arise as a result of regulatory inspection or following a serious accident. In effect, the Act allows for corporate behaviour which is unethical, but not necessarily illegal under any more specific regulation, to be tested in court. As a result, there are many instances of where, particularly following a corporate accident, behaviour which might have been considered merely unethical prior to an accident becomes illegal after an accident has occurred and a successful prosecution has been obtained. This is a powerful argument for companies to practise self-regulation and have a strong ethical policy in place, as described in Chapter 6. The objective is to avoid inadvertently crossing the boundary of illegality. Companies creating externalities may be sailing close to the wind regarding this boundary. Two examples of this are given below.

The Hatfield rail accident 2000 The derailment of a high-speed train at Hatfield in the UK in October 2000 led to the deaths of four passengers and was due to the sudden disintegration of a section of railway line owing to inadequate inspection and maintenance. The maintenance contractor, Balfour Beatty, and the operator of the infrastructure, Railtrack, were charged with various offences under the HSW Act and fined £10 million (later cut to £7.5 million) and £3.5 million, respectively. At an individual level, five executives were all cleared of breaking health and safety rules, and health and safety charges against four other Balfour Beatty managers were dropped. In a statement, Balfour Beatty reiterated its view that the accident ‘arose as a result of a systemic failure of the industry as a whole’. The lack of maintenance to the infrastructure was an economic decision made by Railtrack, the privatized owner, some years earlier. Drastic reductions in maintenance staff were made following privatization, in-house knowledge was effectively diluted and the work was contracted out to less experienced contractors. As a result of competitive tendering it is probable that maintenance schedules were trimmed. These measures were taken solely to improve the financial performance of the company through cost savings, thus increasing profits to the stockholders. Although little information is available about internal decision making, it is probable that professional engineers in Railtrack were fully aware of the potential dangers of this policy. In any case the company’s actions can only be classified as unethical. Following the accident the behaviour became illegal as well as unethical. It was probably pure chance that the accident occurred at Hatfield; it could have occurred at many other locations on the rail system where similar defective sections of rail were later discovered. On this basis, there is some justification for Balfour Beatty protesting that they were singled out unfairly because the accident happened to occur on a section of track that they had maintained.

55

56

Companies at risk At the same time inspection failures by Balfour Beatty specific to this section of track were identified and it was these failures which became the basis for the charges under the HSW Act. It is important to note, however, that these failures were only the direct cause of the accident and not the root cause; the root cause was the systemic failure of Railtrack to ensure proper oversight of maintenance of the infrastructure. It is known that the safety regulator (HM Railway Inspectorate) were already concerned about lack of maintenance of track prior to the accident. Their concerns had been made known to the operator (Railtrack), who could not have been unaware of the potential for a serious fatal accident resulting from their cutbacks in the company’s maintenance regime. It is difficult therefore to understand how such an accident could not have been foreseen and action taken. It is possible to speculate that this was allowed to happen because following privatization senior management in the company were hired not for their knowledge of railway operations but for their expertise in making a profit and improving the returns to stockholders. Knowing the potential consequences of a lack of maintenance, the situation clearly came down to an ethical policy issue which should have been addressed by Railtrack. However, the specific failures for which Balfour Beatty were prosecuted under the HSW Act crossed the boundary dividing the seriously unethical from the illegal.

The Larkhill explosion 1999 A similar maintenance-related accident occurred at Larkhill, Lanarkshire, Scotland, in 1999, when four members of the same family were killed in a gas explosion at their home. The cause of the accident was a gas leak from a ten-inch diameter corroded iron supply pipe (external but close to the house) which ignited, causing a blast which was heard fifteen miles away, totally destroying the property. Smells of gas in the area had been previously reported to Transco, the pipeline division of Lattice, the UK gas transportation and distribution group, who owned the corroded pipe. The accident resulted in a two-year investigation by the Hamilton Procurator Fiscal (the public prosecutor in Scotland), the Health and Safety Executive (HSE) and the Fraud and Serious Crime Squad of Strathclyde Police. As a result the company faced the first ever prosecution for culpable homicide, the equivalent in Scotland of a charge of corporate manslaughter. These charges were later dismissed on appeal after three senior Scottish judges ruled that the prosecution had failed to name an individual at Transco who could fulfil the legal definition of ‘safety director’. They also faced charges of contravention of sections 3 and 33 of the HSW Act. Shortly after the accident, Transco and the HSE announced that an inspection of the same gas main had revealed a total of nineteen leaks over a short length. Transco were, similar to Railtrack in the previous example, a privatized company responsible for gas distribution and had once been part of the British Gas public utility. Before the accident Transco had been criticized by Ofgem for falling 29 per cent below its target for replacement of ageing cast iron pipelines (Ofgem is the government watchdog for the industry which regulates the gas and electricity markets). In 1997 Transco had reduced its maintenance workforce by 1000 engineers and was forced to admit that it had become critically short of the resources needed to maintain safety

Corporate ethics on the distribution network. The company claimed that the job cuts were necessary to offset a loss of revenue which had resulted from price cuts imposed by Ofgem. Transco was ordered by the HSE immediately to replace the ductile iron piping and to speed up the replacement of ageing gas mains throughout the UK. Later, the HSE announced the decision to replace all ductile and cast iron gas mains in Britain located within thirty metres of buildings (some of which are at least forty years old, and some are over 100 years old) with polyethylene pipework under an accelerated programme. At the hearing at the High Court in Edinburgh in 2005, it was suggested by the prosecutor that Transco had put profits before safety and, furthermore, had tried to put the blame on to an internal pipe leak in the house, something for which it was not responsible. The outcome was that Transco was fined a record £15 million (profit the previous year was £390 million) after being convicted of gross and numerous safety breaches which led to the deaths of the family of four in the explosion. In addition to fining the company, the judge, Lord Carloway, was extremely critical not only of their safety failures in adequately maintaining the network, but of their failure to take responsibility for the cause of the accident ‘despite overwhelming evidence to the contrary’ coupled with the fact that the ‘corporate mind of Transco has little or no remorse for this tragedy which, they ought at least now to accept, was exclusively their own creation’.5 Lord Carloway also stated that ‘Transco were well aware that sections might already be corroded and that this could cause a leak and result in a serious incident, potentially involving multiple fatalities. That, of course, is precisely what did happen in 1999 when the explosion killed the entire Findlay family’. Here again it is possible to discern the difference between the root cause and the direct cause of the accident. The direct cause was the failure by Transco properly to investigate previously reported smells of gas in the area around the failed pipeline. The root cause was the overall lack of maintenance and slow replacement of the ageing gas mains across the country, largely stemming from economic reasons. The root cause of the accident is systemic, namely a failure of ethical policy by Transco who, even in court in the wake of the accident, seemed reluctant to admit responsibility. The overriding impression was that they were incapable of seeing beyond the balance sheet to recognize that they should give priority to the safety of their customers and the public. Corporate citizenship models, which are able to address systemic issues such as these, are discussed in Chapter 9. These examples demonstrate the difficulties faced by the safety regulation regime in pre-empting serious accidents by detecting and acting upon incipient root causes. Even where suspicions already exist of high-level corporate shortcomings, it will come down to a question of their seriousness and the likelihood that they would lead to an accident. In both these examples, the potential consequences of the maintenance deficiencies were not limited to the location where the accident occurred. The accident was effectively a random event which could have occurred at any time and in any place. In short, the regulator cannot be expected to detect and notify all companies which are at risk of a corporate accident, never mind predict where an accident is likely to occur. As stated previously, accident prevention will ultimately depend upon self-regulation by companies through operating an adequate ethical

57

58

Companies at risk policy and having proper strategies in place. Nevertheless, there will always be rogue companies operating so close to the margins of acceptability that at some point in the future they are likely to cross the boundary between unethical and illegal behaviour. Unfortunately, some companies may even have made a tradeoff between the cost benefits and detriments of creating externalities. Government safety regulation as it exists and its effectiveness in preventing corporate accidents are considered in more detail in Chapter 6.

Individual ethics Before exploring the possibilities for corporate ethics, it is useful to examine ethics in the context of the behaviour of individuals. This will reveal the underlying societal pressures which are the determinants of ethical behaviour which cause individuals to behave ethically most of the time. The concept of ‘corporate personhood’, the fact that under the law a company is regarded as an artificial person, has already been explored in Chapter 2. It is therefore useful to consider whether there is an analogy between the ethical motivations which apply to individuals and those which apply to the corporate body and, if so, whether these same motivators influence how organizations conduct their business.

Restraints upon personal liberty One of the idealistic aims of a modern political democracy is to allow individual citizens sufficient personal liberty and freedom of action to pursue their own interests without impinging unduly upon the liberty of others to do the same. The key word here is ‘sufficient’. If personal liberty was completely unrestrained then individuals need not have any regard to the interests of others. In such a society, driving a motor vehicle on any side of the road at any speed would be perfectly permissible. The cost of such liberty would be unacceptable carnage on the roads, which would be in nobody’s true interests. Thus, liberty involves the voluntary renunciation of certain freedoms for the benefit of all citizens. For the most serious matters people agree (usually) to accept legal restrictions upon personal freedom. In a democracy, this consensus is implemented by the elected government through the various laws, statutes and regulations which define standards of personal behaviour. At the same time there are limits on how much we will allow government to interfere with our lives. There are certain inalienable freedoms which we believe should be guaranteed, such as freedom of speech, freedom of assembly and the freedom to work in occupations of our choice, to take but a few examples. Essentially, we desire the freedom to pursue our own personal interests without restriction so long as they do not interfere with the interests of others. Legal restriction of freedom is rightly limited to matters where our actions can have a serious social impact upon the well-being of others. For lesser matters, the same result can often be achieved through an informal consensus on what is considered to be ethical behaviour. As citizens, life would be very simple if, when we

Corporate ethics had fulfilled all our legal obligations to society and the state, we need do no more. We could then sit back and enjoy our guaranteed liberty to follow our chosen lifestyle. Within the legal restrictions placed upon us, we could in theory do whatever we wish. If what we do harms others, but it is not illegal, than in theory we can continue to do it. However, to be a citizen within a society, especially a corporate citizen, places other obligations upon us which are not defined by the law. This brings us into the realm of morality and ethics.

Determinants of individual ethical behaviour The study of what motivates individuals to behave ethically may throw some light upon whether the same factors can be brought to bear on corporate ethics, on the basis that a company or corporation is legally defined as a person with many of the rights and obligations of individuals. The question ‘why should I behave ethically?’ has been explored, if not fought over, by moral philosophers and others down the centuries. The range of answers is wide indeed, but this book puts forward three important determinants. The first two are driven by seemingly opposite human concerns: concern for others and concern for self. The third is more complex, but is clearly of interest: the personality of the individual, which clearly has an influence on moral choice and ethical action in a given situation. Each of these is considered here in the individual context so that any analogies with corporate behaviour may be identified in the next section.

Unselfish concern driven by empathy There is a social or caring impulse shared by most people which goes far beyond mere politeness (at the lower end of the ethical spectrum) and responds to the interests of others, sometimes requiring us to relinquish individual self-interest. When we encounter somebody who is injured or distressed it may be inconvenient to stop and render assistance, but hopefully we have an impulse to relieve that person’s suffering or call for help. This is not a requirement of the law but falls within the scope of ethical behaviour (although in some countries it is an offence not to stop and render assistance at the scene of a road accident, for example). We do this at least partly because our common humanity allows us to identify or empathize with the misfortune of others. In identifying or empathizing we put ourselves in the place of the other and imagine how the other is feeling. This social or caring impulse usually operates at the level of direct person-toperson contact. However, we can also be motivated to help indirectly when, for instance, we give money or time to charities which are set up to help those less fortunate than ourselves. In this case we still empathize with the dilemma of others, but we act at a distance using our imagination to visualize a remote situation where people are in need. We may learn of this situation through media reporting or by word of mouth or because somebody we know has been affected. Again, this indirect social impulse is not a requirement of the law, although the state may encourage such action by providing tax breaks or other advantages to charitable organizations or to

59

60

Companies at risk personal giving. The state does this on the principle that encouraging the social impulse helps to smooth the running of society by overcoming the natural individualistic tendency of people to look after only their own interests.

Self-concern driven by social pressure An equal and opposite motivation for ethical behaviour derives not from empathy or social concern for others, but rather from self-concern. This is linked to the reason why some people might abstain from illegal behaviour: the fear of social stigma or punishment. In the same way, we may decide to behave ethically in order not to lose our moral standing in the opinion of society and to avoid the disapproval of others. Along with this, as a result of our upbringing or socialization, we may feel ashamed or guilty if we behave unethically. Simply put, we would not feel comfortable with ourselves if we did not behave in the way society expects. This motivation to ethical behaviour is driven by social pressure and self-preservation, rather than empathy for others. Apart from the negative motivation of avoiding social stigma, there may sometimes be a positive reward for our ethical behaviour: improving our image in the opinion of society. The theory of duty ethics would maintain that behaviour prompted by this sort of motivation is never ethical even if the outcome is good, since the end cannot justify the means. Conversely, utilitarian ethics would allow this sort of behaviour to be ethical since it is only interested in the end and the means are irrelevant. Ethical behaviour motivated by self-concern is important when we later come to examine corporate ethics. Thus, for the purposes of this book, it will be presumed that self-concern is a valid motive where the utilitarian balance of benefit is likely to be positive. This would support the argument of many that ethical behaviour must be much more than good intentions or warm feelings; it is the translation of moral concerns into action that is important, whatever the motive.

Personality Innate human personality, whether by genetics or upbringing or both, is an important determinant of each individual’s ethical tendencies in a given situation. Classical Darwinism would seem to exclude the human evolution of morality and innate ethical tendencies. On this basis all ethical behaviour would be derived from upbringing and socialization. However, few experts today would agree with this extreme view. Social Darwinism and its offshoots6 have come to provide a more flexible model for human behaviour, one in which Darwinian competition and reciprocal altruism (or cooperation) can go hand in hand. This works on the principle that the cooperative aspects of human behaviour have evolved along with the competitive instincts in order to ensure the survival of the community. However, the balance between the competitive and cooperative aspects has a tendency to favour the competitive unless other motivations intervene, as discussed above. These three prime determinants (there may be others) of human ethical behaviour provide us with a simple model which can be examined at the corporate level for its veracity and usefulness. It enables us to consider the ethical behaviour of corporations in the context of corporate personhood, as discussed in the previous chapter.

Corporate ethics

Corporate ethical behaviour The ethical corporate entity? The corporate body is, under the jurisdiction of the law, regarded as an artificial person and as a result is attributed with many of the legal rights and obligations which apply to real people. Whether this analogy can result in ethical behaviour is influenced by the fact that the concept of corporate personhood is really only a legal device invented to ensure that corporations can effectively interact with each other, with society and with the state. Strictly speaking, the corporation can act only to pursue the legal ends set out in its articles of incorporation to fulfil the purpose for which it was originally founded. To pursue objectives other than those for which it was incorporated may indeed be illegal. In short, the corporation has essentially no motivation to act in an ethical way outside the established legal framework, in the same way a human actor may be motivated to do. The question asked by Edward, First Baron Thurlow (1731–1806), an eighteenth century English jurist and Lord Chancellor of England, is pertinent here: Did you ever expect a corporation to have a conscience, when it has no soul to be damned and no body to be kicked?7 This observes that any expectation of corporate ethical behaviour is foolish because the corporation lacks most of the characteristics of human personhood, such as a moral framework which directs its actions. Likewise, in present-day consumerist society there is a generally low expectation that companies will behave ethically, mainly based on a number of well-publicized incidents such as the corporate manslaughter case studies in Appendix 1. There is a common belief that corporate bodies are allowed a great deal of latitude in being able to increase the wealth of the stockholders at the expense of third parties, including health, safety and the environment, while avoiding significant liability. As discussed earlier, the only real penalty which can be applied to a company is a fine and the amount of this may be trivial compared with the monetary benefits to the company of the unethical behaviour. This has led to increasing demands by society for ethically responsible behaviour, and if this is not forthcoming it is argued that many of the present freedoms and privileges that companies enjoy should be removed by means of legislation. The question to be answered therefore is whether it is possible for the company to have legitimate moral concerns which may be objectified in ethical behaviour which goes beyond the need to stay within the law as applied to corporations. It must also be considered whether it is necessary for an organization to behave ethically once it has met the requirements of the law.

Corporate ethical motivation Each of the main determinants of individual ethical behaviour described above is now considered in the context of corporate behaviour.

61

62

Companies at risk

A selfless motivation In individuals, this motivation is prompted by the empathy felt for others brought about by our common humanity and the mental ability to imagine ourselves in somebody else’s place. This quality is a part of what defines us as being human. Since the moral or social impulse to ethical behaviour is driven solely by human-tohuman empathy the analogy clearly breaks down in the case of the corporate body. The moral framework for this impulse is probably formed in individuals mainly as a result of upbringing and socialization; this simply does not exist with the corporate person. Serious problems arise therefore when we attempt to transfer this particular motivator from a human being to an organization or a corporate body. In the case of a corporate body there is no quality analogous to human empathy to motivate ethical behaviour; the influence of the human actors who animate the organization through their corporate roles is considered later.

A self-seeking motivation In individuals this motivation is prompted by the desire to look better in the eyes of society, reinforced by feelings of guilt and shame when failing to act ethically. The motivation (albeit somewhat negative and not necessarily ethical according to some theories) may exist to some degree within a corporation if it wishes to enhance its image in relation to its competitors. This, of course, is not driven by any feeling of shame or guilt if it fails to act ethically, as in the human case. It is driven solely by self-interest and the desire to enhance the reputation of the company, but only so that the wealth of the stockholders is increased through improved business. As with the human motivation it also requires publicity in order to bolster the image of an ethical company. A typical example of this might be an oil company which, in order to overcome the negative connotations of the oil extraction industry such as pollution of the environment, emissions leading to global warming and depletion of non-renewable resources, may try to project a ‘green’ image. The publicity will be achieved by adopting a green logo and promoting itself as, for instance, supporting the renewal of forests and the production of cleaner products with less harmful emissions, and being concerned for the environment. Although this may appear to look like ethical behaviour over and above that required by the law, it is in fact self-seeking behaviour driven by the profit motive. Of the two motivators to ethical behaviour described above, social concern and self-concern, only the second can be applied to corporations. Even so, it only operates in a limited way and is not entirely analogous to human behaviour. Ethical behaviour will be practised only so long as it is well publicized and results in increased profitability or competitiveness. If this benefit is no longer realized, then the company must cease the behaviour; it is legally required to do so to meet its own founding principle of benefiting its stockholders.

Corporate ‘personality’ and culture Corporate culture, and in particular safety culture, is considered to be a major defence against corporate accidents and is explored in detail in Chapter 4. Here, an analogy is

Corporate ethics developed between corporate culture and personality. This is to attempt to answer the question: does a company have a ‘personality’, perhaps reflected in the company culture, which can influence ethical behaviour? In Chapter 2 it was shown how the company or corporation is sometimes described in anthropomorphic terms as the body corporate. This is reflected in the legal recognition of a company as possessing some of the characteristics of personhood. It was shown how legally, the company is an artificial person or body with many of the prerogatives of an individual to act under the law and to seek the protection of the law. It was described how, under the law, a company has a ‘perpetual lifetime’ so that its existence is independent of the lifespan of its owners and the people who work for it. The analogy of corporate personhood can be extended to compare it with the human body, where the dying cells are replicated over a lifetime so that the physical appearance of the body remains recognizably the same (although ageing as a result of imperfect replication) and the personality is largely unchanged. Chapter 4 shows that a company culture is emergent over time rather than something which is ‘handed down’ from the top of the company. The culture is something that a company is, rather than something that a company has, which is a common assumption. This has implications for changing the culture, as discussed in Chapter 4. The main implication here is that the company culture continues largely unchanged over time and is therefore independent of those who own and work for the organization at any one time. Like the cells in the human body, ownership and employment in a company are not static but are, as it were, replicated over long periods. This suggests that it may be useful to represent an organizational culture in terms of the analogy of a corporate personality. This theme was taken up by Joel Bakan, a professor of law at the University of British Columbia and an internationally recognized legal authority on corporations, in his book The Corporation,8 in which he describes how the corporate personality might be defined in psychiatric terms. Bakan in his book, however, took the rather pessimistic view that because the sole purpose of a company is to increase its profits and the value of its stock, it will always do this by externalizing its costs on to third parties. Its ethical and moral behaviour as a member of society will always therefore be determined by its purpose, fulfilling the dictum of Baron Thurlow mentioned above. In fact, Bakan tested some of the moral characteristics of the corporation against a psychodiagnostic checklist devised by Robert Hare9 to identify patients with sociopathy. As a result, Bakan reached the rather startling conclusion that the essence of corporate personality is sociopathic (also called psychopathic) in nature. The Hare checklist includes such characteristics as manipulative, grandiose, lack of empathy, asocial tendencies, inability to feel remorse and refusal to accept responsibility for one’s own actions. No doubt some companies have at times exhibited sociopathic symptoms. However, this book maintains that with checks and balances such as regulation, corporate citizenship and a corporate ethical policy (see Chapters 6 and 9) companies can be made sufficiently accountable that corporate self-interest will mostly coincide with society’s interests. Using the analogy with the way personality evolved in the human species to include a moral sense, it might be said that a company ‘personality’ also

63

64

Companies at risk evolves in the social Darwinian sense, which is able to balance self-interest with the interests of the community in which it operates. The ethical aspect of the corporate personality which emerges is probably reflected somewhere in the culture. What is certain is that many corporate accidents stem from an inadequate culture, or using the above analogy, defects in ‘personality’ which lead to an organizational failure. Quite often these failures are driven by a narrow focus on short-term financial gain through externalizing costs in the interests of a limited number of stakeholders. The tradeoff between competing interests (self and society) then becomes out of balance. One of the main premises of this book is that the tendency of the corporate personality to veer towards these deviant behaviours can be overcome by setting up a system of adequate strategies such as those described in Part II. Some of these strategies imply the need to change the company culture so that ethical behaviour becomes a natural element of the corporate personality. These topics are dealt with primarily in Chapter 4, ‘Safety culture’, Chapter 8, ‘The learning organization’ and Chapter 9, ‘Corporate social responsibility’. The concept of corporate personhood taken alone provides very little motivation for the adoption of ethical policies, mainly because the analogy with individual ethical behaviour is incomplete. In this respect the outlook is rather bleak. However, the influence of the various human actors and stakeholders who operate the corporate ‘strings’ needs to be taken into account, as does the way in which the corporation is structured, organized and managed. These topics are now addressed.

The influence of human actors In reality, the corporation, whilst legally described as an artificial person, can do nothing of its own volition. It is merely a legal entity which is unable to comprehend the finer points of ethics and morality. It can act only through the intention and will of the human corporate actors which have an influence on its behaviour. These human actors can be placed into four groups: directors/managers, owners/stockholders, workforce and consumers/public. The degree to which the individuals in each group are able to influence the company’s ethical policies and actions is explored below.

Directors and managers Those with the greatest power to influence ethical policy in the organization are the company’s directors and senior managers. The corporation might indeed be an artificial person, but those in control of the company are real people with the capacity for moral integrity and a potential desire to act ethically. Yet, when wearing their corporate hats, they are merely the servants of the company and its stockholders, hired for a time to further the company’s interests, and by so doing, further their own self-interest in terms of rewards, bonuses, salary and status within the organization. The real people behind the persona of those carrying out their corporate duties are hidden behind the ‘corporate veil’ mentioned in the previous chapter. As servants of

Corporate ethics the company they are contracted to take on an assigned corporate role and their private roles must be put to one side. However, should you ‘lift the veil’, the real person – in a sense, the ‘little man’ – emerges carrying all the civilized trappings of humanity like the rest of us. This may be a person with a home and a family life, someone who perhaps, is on the board of school governors, a person who gets involved in charitable and other good works in the local community and feels empathy for those who are in trouble. Here is a person with moral concerns who in their private life will act ethically and whose conscience would suffer if they did not. In this private role is found a person who would not dream of harming society or exploiting other people for his own benefit by allowing them to be exposed to serious hazards. But when the veil is in place, the private person disappears and re-emerges as just another company servant whose personal rewards depend upon acting in the interests of the company alone. Whether he will act ethically in this capacity depends not upon his character or conscience or personality, but upon his impact on the financial performance, competitiveness and survival of the company. As a company servant he is driven solely by the determinants of corporate ethical behaviour as defined above, rather than human. The corporate entity cannot of itself possess any moral imperatives to ethical action. But if the corporate purpose is geared only to the financial interests of the stockholders, those in control of the company will be constrained from acting in ethical ways which may conflict with this aim. To overcome this constraint it will be necessary to introduce moral imperatives by means of some of the corporate citizenship models described in Chapter 9. In Chapter 9, alternative corporate structures are described which define how ethical behaviour can be legitimately pursued and encouraged by directors and senior managers. If the corporate structure actually specifies ethical aims and objectives then the constraints upon directors and management may largely be lifted.

Owners and stockholders One of the most influential groups affecting corporate behaviour should be the owners of the company and its assets: the stockholders. Whilst their main purpose in investing in the company may be to increase their personal wealth through the value of the stockholding and by receiving generous dividends, they may still be interested in owning an ethical business. There was a time when most stocks and shares were owned by individuals; that is, real human beings who might have legitimate ethical concerns. Sometimes the shares were held privately by a family who demonstrated paternalistic and humanitarian values in the way the company’s business was conducted. Since the family would also be closely involved in the management of the company, they would have the power to make decisions about the way the company was operated based on ethical or moral standards. In more recent times, the close connection between ownership and control (which existed with large individual stockholdings and family-owned businesses) was severed as company shares were increasingly disposed of in the marketplace. The result has been that the majority of shares of most larger companies are today owned by institutional

65

66

Companies at risk investors such as pension funds and insurance companies. Any interest in ethical behaviour is then subject to the requirement to maximize return on investment and the need to act in the financial interests of their own stockholders and investors. When companies own companies then any residual ethical instinct is sublimated to financial performance. It can be argued that if a company demonstrates ethical behaviour in the pursuit of self-interest then this is entirely satisfactory for the owners, and if it results in improvements to the safety, health and welfare of people and the protection of the environment then this is a bonus. The problem arises when the costs of acting ethically outweigh the monetary benefits to the company. Stockholders may well have ethical concerns, but their level of concern is likely to be limited by financial considerations. If they are an institutional stockholder, then they also have to stay in business. At this point the owners of the company will surely expect the company’s charitable instincts to be curtailed. In fact, company law itself will prohibit the expenditure of company money on any concerns which do not accrue monetary benefit to the company. The management of the company must remain true to the principle of maximizing share price and dividends distributed to the stockholders. Profitability is the order of the day and how this is achieved is of little relevance to an investor so long as unethical behaviour does not place profit or share value in jeopardy. Even where such behaviour might put the company at risk financially, the principle of limited liability described in Chapter 2 protects the investor against the worst consequences. The maximum liability of the owners of the company is limited to the value of their stockholdings, so that the most serious outcome is company bankruptcy. This may be serious for the owners, but it is the workforce and customers who are usually last in the queue when it comes to compensation. Stockholders and government tax authorities will take priority here. A bankrupt company has limited resources and suddenly becomes like a real person in the sense that it can only compensate people to the degree that it has the funds to do so; it is not possible to get what somebody doesn’t have! Although the ‘artificial person’ which is the corporate entity is theoretically owned by real people (e.g. the investors in a financial institution which owns companies) the separation between ownership and control has in recent years become effectively total. The influence of the ownership on whether or not ethical practices take place has correspondingly been reduced.

The workforce Company employees have a direct stake in the success of the company which employs them. If that company becomes more successful then the work will expand, providing opportunities for promotion with the possibility of higher wages. If the company fails then staff cuts and unemployment will be the result. If, in order to maintain profitability, the company resorts to behaviour which is unethical then it is likely that at least some members of the workforce will become aware of this. This always poses a moral dilemma for the employee since on the one hand there may be a desire to bring matters to the attention of the company and on the other hand an

Corporate ethics instinct to keep quiet in order to serve the company’s interests as well as protect their job. If the unethical behaviour does not affect the worker directly (as it would with health, safety or working conditions) then it is more likely that the employee will remain silent. The problems faced by lone whistleblowers are well known and are discussed in Chapter 8, ‘The learning organization’. Although the job and rights of whistleblowers are now theoretically protected by the law in some countries, based on recent evidence they remain vulnerable to victimization and exclusion. This has even resulted in workers being unable to find future employment in the same industry since other employers will regard their reputation as being tarnished rather than enhanced. Even workers who suffer the direct consequences of deliberate cost externalization are not always in a strong position to remedy an unsafe situation if a company is determined to permit unethical work practices. Although under the law companies are obliged to consult with worker representatives through the medium of safety councils, etc., it is a management decision whether or not to act upon the recommendations of those bodies. Lack of resources, the high cost of downtime or simply the expense of modifying old and outdated equipment to improve the working environment are often cited as reasons for failure to act. The industrial power of workers through trade union organization to bring pressure to bear on employers has diminished considerably in recent years. This is partly through anti-union legislation to protect business from excessive trade union power and partly due to less and less unionization of workers in general. Employees acting alone are virtually powerless to effect change and promote corporate ethical practice. Their only recourse may be to seek employment elsewhere when the situation becomes sufficiently intolerable.

Consumers and the public Consumers and the public have become increasingly politicized over recent years and are much more willing to exert their buying power to influence the ethical policies of companies that have come to their attention. As a result the power of consumers and the public to influence the ethical behaviour of companies is probably much greater than any of the other groups of people referred to above. The success of any business in terms of meeting its chief objective of maximizing its sales and profits is highly dependent on maintaining a large, loyal and preferably expanding customer base. The customers of a company have the unique power to vote against the company with their wallet by taking their custom elsewhere. Consumers acting individually may be of little consequence to a company, but when they act collectively they can wield enormous influence over the financial fortunes of a company. Successful boycotts of products and services are an indication of the growing effectiveness of consumer power, although companies often play down the role of consumer pressure when they make changes to their ethical policy. Perhaps the most widely publicized example of a company which changed its behaviour as a result of consumer action was Shell UK, who operated the Brent Spar floating oil storage facility in the North Sea. When the time came to decommission this facility in 1995, Shell decided to attempt deep-sea disposal in the North Atlantic.

67

68

Companies at risk The environmental group Greenpeace instigated a campaign against the dumping of the platform and when this was picked up by the public, consumers began to boycott Shell products. As a result, sales of Shell petrol were down by 70 per cent in Germany, causing the company to reverse its policy after only a few days. Full details of the Brent Spar incident are presented as a case study in Appendix 2, mainly to illustrate the principles of corporate social responsibility explored in Chapter 9. There are many other similar demonstrations of the power of consumers and the public to bring major financial detriment to a company which behaves unethically. Chapter 9 highlights the importance of companies having a written statement of ethical policy to which directors, managers and employees are required to subscribe. Effective organizational systems will then need to be put in place to ensure continued compliance with the policy. These systems can be included in the company’s safety management system, as described in Chapter 7. The main point of the ethical policy is to ensure that the company is operating within legal requirements which, as stated in Chapter 6, is usually a minimum standard, but it will also protect the company against corporate accidents as a result of unethical management practices or actions by employees approaching the boundary of illegality.

Managerial and professional ethics Apart from corporate ethical policies there is a further line of defence against unethical behaviour, which exists at the level of individual professional functions in the organization. In many companies there will be a significant number of individuals who are members of professional bodies on which their employment will depend. These bodies will in most cases have their own rules of professional conduct for members, including requirements to behave ethically within the scope of their work responsibilities and in their private lives. These codes of conduct will vary considerably depending mainly upon the type of work being carried out and its potential impact on society or other individuals affected by their activities. The reason for having professional standards is to widen the ethical scope of the profession beyond the merely legal requirements, which should already be covered by the employer’s systems and procedures, and which in many cases set only a minimum standard. Professional people are required to make sometimes difficult judgements based on incomplete or complex knowledge and therefore require guidance in areas which are not necessarily regulated by the law. In making these judgements it is important that professionals are not motivated purely by self-interest or the narrow interests of the employer. Professional codes of conduct are a form of self-regulation which must be essentially independent of politics and government. Although professionals must obey the law they must also take account of wider societal and ethical issues arising from their work. Professional codes of conduct are also an important means of inculcating public trust. ‘Without the intervention of conscience, the law cannot govern. There must be a moral basis of trust’.1

Corporate ethics

Professional codes of conduct Medical and legal professions A well-known example of ethical professional codes is in the medical profession, where medical doctors are required upon qualification to take the Hippocratic oath (written in the fifth century BC) ‘to pursue their patients’ best medical interests, to avoid harming or exploiting them, and to maintain their confidence’.10 Failure to comply with ethical medical standards will result in the practitioner being struck off the professional register and banned from engaging in the profession. In the case of the legal profession, practitioners are required to adhere to professional codes of conduct which provide protection for individual clients and the public in general by upholding the rule of law and the proper administration of justice. The ethical codes for solicitors,11 for instance, are quite complex, involving different areas of activity, but mainly the solicitor’s independence or integrity and a duty to act in the best interests of the client. The financial services professions are also required to conduct themselves ethically. This was put in place following a number of industry scandals, such as investment misselling, unfair treatment of customers and deceptive advertising, which led to a loss of confidence by the public in the financial investment business. In all these cases it should be noted that while unethical practice may not necessarily be illegal, it is often at the borderline of illegality. As a minimum, practitioners who do not meet the standards make themselves vulnerable to loss of career and compensation claims by clients and at the worst may find themselves in court.

Science and engineering professions Of importance in the prevention of corporate accidents are the codes of practice applied to members of the scientific and engineering professions. Although perhaps less publicized than in the case of the medical, legal and financial industries, rigorous professional standards are crucial to the safe design, construction and operation of major hazard installations such as chemical and nuclear plants, oil and gas installations, and public transportation systems. Most scientific and engineering institutions produce their own ethical codes of professional conduct so that in the UK, for instance, chartered and registered engineers must agree to abide by the particular ethical codes of their qualifying institutions. In spite of this there is a great deal of commonality between the ethical codes of different institutions. In other countries, Canada and Australia for instance, there has been a much greater degree of harmonization between different engineering specialities. Part of a typical professional code of conduct, from the UK Institution of Chemical Engineers, is reproduced in Table 3.1. Most professional bodies, such as the Institute of Occupational Safety and Health (IOSH), have similar codes of conduct to that shown above. IOSH is Europe’s leading body in accident prevention, with membership of over 31,000 health and safety professionals worldwide. Their professional code of ethical practice contains guidance on a range of questions on moral and ethical matters as they affect members, and discusses what is meant by ‘professional conduct’.13 The involvement

69

70

Companies at risk Table 3.1 Extract from the rules of professional conduct for chemical engineers12 Example rules of professional conduct A code of professional conduct and related Rules designed to cover broad ethical principles must necessarily be drawn up in general terms. These Rules, published by the Council, indicate the manner in which members are required by the Council to conduct themselves in most situations. This conduct must be of a high standard: members must discharge their duties competently, with reasonable skill, care and diligence, and shall comply with the standards of behaviour, integrity, competence and professional judgement which other members might reasonably expect of them. For situations not specifically encompassed by these Rules, members are required to order their conduct in accordance with the principle that, in any conflict between a member’s personal interests and the fair and proper interests of the community, the member’s duty to the community should prevail. Members when discharging their professional duties shall act with integrity, in the public interest, and to exercise all reasonable professional skill and care to: • Prevent avoidable danger to health or safety • Prevent avoidable adverse impact on the environment • Competence – Maintain their competence – Undertake only professional tasks for which they are competent – Disclose relevant limitations of competence • Managerial roles – Accept appropriate responsibility for work carried out under their supervision – Treat subordinates fairly and without bias – Encourage others to advance their learning and competence • Conflicts of interest – Avoid where possible real or perceived conflict of interest – Advise affected parties when such conflicts arise • Observe the proper duties of confidentiality owed to appropriate parties • Reject bribery and any other corrupt practices • Assess relevant risks and liability, and, if appropriate, hold professional indemnity insurance • Notify the Institution if convicted of a criminal offence or upon becoming bankrupt or disqualified as a Company Director • Notify the Institution of any significant violation of the Institution’s Code of Conduct by another member • Be mindful at all times of the dignity of the profession in their personal conduct By permission of The Institution of Chemical Engineers.

of chartered safety and health practitioners is an important aspect of developing effective accident prevention strategies at corporate level, as essential, for instance, as the involvement of chartered engineers and scientists in developing safe and reliable technological solutions. In many industries, membership of a professional body is a prerequisite of employment as an engineer, scientist or health and safety practitioner. This is clearly necessary to establish that the employee has the required level of competence to undertake his duties and maintain adequate standards of work. Less obvious but equally important is that it provides evidence of assent to an ethical code of conduct. The assurance of professional competence is certainly understandable and the example code presented in Table 3.1 rightly includes the maintenance of professional

Corporate ethics competence and disclosure of competence limitations. One of the other purposes of the code, however, is the general duty placed on engineers and safety experts to uphold the public interest when there is a conflict between that and the self-interest of the employee, even when the duty is not directly enforceable as a matter of law. This is more likely to occur when ethical issues arise in the borderline region between unethical and illegal behaviour. Problems in adhering to the ethical aspects of the professional code during routine day-to-day duties will rarely arise and the detailed requirements of the code will not need to be invoked apart from in exceptional circumstances. These codes therefore only tend to be called upon when a conflict of interest, or a perceived conflict, occurs, and it is then that they begin to provide a useful backstop to potential unethical behaviour by a company.

Public interest disclosure If a professional employee believes that his work would involve unethical or unprofessional behaviour, say potentially leading to a serious accident, then first of all the matter must be brought to the attention of the employer. If his protestations are ignored and the employee is ordered to continue the work then it might be necessary to inform the regulatory authorities, by-passing the employer. In the UK the employee will be protected against victimization by the employer by the Public Interest Disclosure Act 1998. Similar legislation is in place in the USA. The UK Act provides protection for all employees if they can demonstrate that within the scope of the Act public interest ‘whistleblowing’ was an appropriate course of action. This aspect of ethical behaviour is discussed in more detail in Chapter 8. This Act therefore provides protection for professional employees where there is a ‘conflict between a member’s personal interests and the fair and proper interests of the community’.12 In this case, according to the Institution of Chemical Engineers’ rules in Table 3.1, ‘the member’s duty to the community should prevail’.12 The conflict with the member’s personal interests would arise were they to take action which could lead to a loss of career prospects or possibly loss of employment. Public interest disclosure protection is most likely to be effective when the behaviour of the employer is illegal rather than just unethical, bearing in mind the fuzziness of the boundary between the two. Where a professional employee believes that his duties are in contravention of the general ethical principles set out in his professional code of conduct, but not in contravention of any particular law, then the issue might become more difficult to resolve. This situation has occurred on many occasions. One of the most well-known and well-researched incidents was associated with the loss of the NASA space shuttle Challenger in 1986.

The loss of the space shuttle Challenger The loss of the space shuttle Challenger in 1986 (briefly mentioned in a case study of the later accident to the space shuttle Columbia in Appendix 2) is a good example of where a company acted unethically but was not breaking any specific regulations. A US company, Morton Thiokol, designed and manufactured the solid fuel rocket boosters for the space shuttle. Engineers in the company became aware of a serious design fault in the ‘O’ rings sealing the booster segments where the sealing rings

71

72

Companies at risk could be ineffective at temperatures below freezing. The Challenger orbiter launch was scheduled to take place in January 1986 under freezing conditions. In spite of the reservations of senior engineers at Morton Thiokol, the company’s executive advised NASA to proceed with the launch. Seventy-three seconds after launch leakage of hot gases from the O-ring seals penetrated one of the main fuel tanks, causing the shuttle to explode and resulting in the death of seven astronauts. The decision to launch was made for political and economic reasons when Morton Thiokol were placed under extreme pressure from NASA. Strictly speaking, the decision to launch was not illegal, but the failure at a senior corporate level to respond to the serious moral concerns of the professional engineers involved in the launch was clearly unethical. The official inquiry into the Challenger disaster14 found that the brittle failure of an O-ring seal in the shuttle’s solid rocket motor under cold conditions was the direct cause of the total loss of the space vehicle. In this case a matter of ethical engineering principles was raised as a serious safety issue, but this was not covered by any specific codes, regulations or health and safety law. It became a matter of professional judgement where a fundamental difference had arisen between engineers and the company’s senior executives. As far as Morton Thiokol was concerned there was a conflict of interest between safety and the desire to satisfy the client by allowing the launch to proceed. The recommendation of the engineers that the shuttle should not be launched in the freezing conditions was ignored and their judgement was overruled. The executives in Morton Thiokol were more concerned, in view of the huge financial cost of delaying the launch, to protect the company’s reputation and future business. The inquiry into the disaster also found that Roger Boisjoly, a structural engineer, had raised this problem with both his employers and NASA many months earlier, but his warnings had gone unheeded over a long period. Boisjoly’s dedication in bringing the matter to the attention of his employers provoked considerable hostility from his superiors. As a result, not only did he lose his employment with Morton Thiokol, but he was subsequently unable to find future employment in the industry. This is not uncommon in the case of whistleblowers, there being many other examples. It is one of the penalties that the professional might pay for acting ethically when this is against the company’s interests.

Conclusion This chapter has attempted to translate ethical behaviour, essentially a human characteristic, into the corporate realm in a way that may illuminate why companies may behave ethically in the absence of a moral imperative to do so. To assist in this process an analogy was developed between ‘personhood’ expressed in the human and the corporate form. Since the latter is merely a legal device to enable the corporate body to interact with other similar bodies, people and the state, the analogy does not hold up very well in the moral sense. The only real motivation to ethical behaviour which was discovered, and which is analogous with human behaviour, was the selfseeking motive of wishing to present an ethical image to the world. However, the

Corporate ethics extent of this behaviour is limited by the main purpose of the company, which is to deliver the best financial result for its stockholders. Any ethical behaviour over and above this, unless it is demanded by the law, is effectively prohibited. Essentially, ethical behaviour must promote the purposes of the company as set out in its articles of incorporation. Unless the behaviour leads to financial benefits for the company and its stockholders it is illegal. It was commented upon that such a self-seeking motivation to behave ethically is not in fact ethical according to some theories. A further analogy was developed between corporate culture, dealt with in detail in the next chapter, and personality, which is an important driver of ethical behaviour at the human level. There is certainly a resemblance between culture at the group level and personality at the individual level, as explored in the next chapter. Culture is later shown to evolve or emerge along a path which is not entirely under the control of the individuals who are a part of it. However, if it were possible to guide the corporate culture along a route which is able to balance the corporate and community interests, then a more ethical behaviour pattern might be a consequence. Whatever the theoretical basis, it has been demonstrated on numerous occasions, as witnessed by most of the case studies in Appendix 2, that an inadequate safety culture is one of the most common root causes of corporate accidents. In reality, a company can only behave ethically when directed to do so by the groups of stakeholders which animate it, namely the directors, managers and employees. These ‘insider’ groups may, as individuals, have a desire to act ethically, but in practice the same limitations apply to them as apply to the corporate body. Since they are servants of the company, they are bound to act so that no conflict arises between the way they behave and the company’s financial duties to the stockholders. Company law does not help in this respect since it has little to say about ethics. The problem arises because in the course of providing benefits to the stakeholders companies also have considerable potential for bringing harm to those affected by its operations. To some degree this harm is limited by government regulation, as dealt with in Chapter 6, but this can never be fully effective as a strategy to prevent corporate accidents unless it is backed up by an ethical policy. The quotation at the beginning of this chapter expresses this succinctly: ‘those managers who define ethics as legal compliance are implicitly endorsing a code of moral mediocrity. It is not an adequate ethical standard to get through the day without being indicted’ (Richard Breeden, Former Chairman, Securities and Exchange Commission). This chapter has shown how behaviour which is unethical can very easily become illegal following an accident when it fails to meet the implicit standards of non-prescriptive health and safety regulations. The other main stakeholders, apart from those directly employed by the company, are the owners (stockholders) and the customers (public). It has been suggested that these ‘outsider’ groups may have more power over whether the company behaves ethically than those employed by the company. Certainly there are stockholders who have an interest in owning an ethical company. Socially responsible investment (SRI) is discussed in Chapter 9, and the demand for SRI portfolios has continued to increase over the past few decades. In spite of this, the modern trend is that large companies today tend to be owned by other large companies or institutions rather than

73

74

Companies at risk individuals. The result is that the owners’ duty will be primarily to their own stockholders, who are then distanced from the behaviour of companies down the line, of which they may have little or no knowledge. For them ethics is not a problem until it leads to a corporate accident which affects the value of their stockholdings. However, it has been shown that the power of the company’s customers can be influential in encouraging ethical behaviour. Two case studies relating to this can be found in Appendix 2, sections A2.6 and A2.7. The rise of consumerism in a world of instant communications and media coverage has meant that companies who step out of line ethically are increasingly likely to be subject to intense public scrutiny. The result may be a loss of business that threatens their customer base. In order to stay ahead of the game and impress their customers, competing companies may vie with one another in flaunting their ethical credentials. Whether this is really translated into ethical business practices is another matter entirely. Protection of brand and reputation to ensure continued customer approval is probably not the most pragmatic and lasting motivation to induce a company to behave ethically. It is almost entirely negative, since it is an avoidance of unethical behaviour to achieve an objective rather than a belief that it is better to behave ethically. When the objective is achieved it may be that the ethical behaviour is no longer necessary or too costly. It is clearly better if the motivation to behave ethically arises from within the company itself simply because it is the right thing to do. This depends upon motivating the ‘insider’ group of stakeholders, the directors and senior managers of the company, bearing in mind the conflict which can arise between ethical behaviour and profitability. In order to overcome this conflict, it is necessary to ensure that the organizational structures which are in place are based on an ethical corporate model. In other words, the ‘rules’ of the organization will require these stakeholders to behave ethically all the times rather than making ethical behaviour conditional upon meeting other objectives. Instead of merely allowing the corporate actors to take account of ethical concerns in the service of the company, the corporate model will oblige them to do so in specific ways. The ways in which such an ethical policy and corporate model can be developed and applied are addressed in more detail in Chapter 9. It is suggested that the final defence against unethical corporate behaviour may be the unwillingness of professionals within the organization to become involved in behaviour which they consider unacceptable or which is proscribed by their professional code of practice. In doing so, of course, professionals may face the problems traditionally experienced by whistleblowers, those of exclusion or victimization, where they are seen to be acting against the interests of their employer. Another potential problem is that real professionalism, as it existed perhaps a few decades ago, is gradually being managed out of the corporate system. This is happening not only within private companies but also within not-for-profit, but cash-strapped, public service organizations such as hospitals and local government. Whilst ethics may be of importance to engineers, scientists, doctors and other members of the professions, who create the benefits, their work is increasingly managed by the bureaucrats, accountants and financial experts, who control the wealth. As a result, professional decisions may be overruled in the interests of the

Corporate ethics organization as a whole. When this happens, the organization comes to be governed not by ethical or social concerns but by the concerns of accountants and the financial bottom line. This is more likely to happen in an organization which does not have specific ethical policies built into its corporate structure, as discussed in Chapter 9. The long-term danger is that, although professionalism may once have provided a ‘backstop’ for corporate unethical behaviour, it is now becoming increasingly marginalized. The subject of corporate ethics has been dealt with at some length for the simple reason that when a company has ethical policies and practices in place it is much more likely that the hidden risk factors which could lead to a corporate accident will be revealed and acted upon to pre-empt any nasty surprises. Companies which assume that merely remaining within the ambit of the law is sufficient protection against a corporate accident are likely to receive a fundamental shock at some point. This has been proven over and over again, as many of the case studies in Appendix 2 will reveal. It has been suggested by W. Michael Hoffman (Executive Director of the Center for Business Ethics, Bentley College, Waltham, Massachusetts, USA) that the appointment of a compliance manager rather than an ethics manager is indicative of the values of an organization. The general theme of corporate ethics and how it may be managed is dealt with in more detail in Chapter 9 in Part II of the book, which follows. Part II will examine all the main strategies to prevent corporate accidents which a company should have in place. It will also be shown in the next chapter that unless the culture of the company is grounded in ethical practice, many of these strategies will be seriously undermined in their effectiveness.

References 1. Dunstan, G. (1974). The Artifice of Ethics. The Moorhouse Lecture 1973, London: SCM Press. 2. Ford, H. (1922). Ford on Management – My Life and Work. Garden City, New York: Doubleday, Page and Co. 3. Bentham, J. (1789; 1907 edn). An Introduction to the Principles of Morals and Legislation, Oxford: Clarendon Press. 4. Kant, I. (1964). Groundwork of the Metaphysic of Morals, London: Harper and Row. 5. Robertson, J. (Law Correspondent) (2005). Transco fined £15m for killer gas blast, The Scotsman Newspaper, 26 August, http://thescotsman.scotsman.com/index.cfm?id=1843952005 6. Singer, P. (1999). A Darwinian Left: Politics, Evolution and Cooperation, London: Weidenfield and Nicholson. 7. Poynder, J. (1844). Lord Chancellor Thurlow (1731–1806), cited in Literary Extracts, 1, 268. 8. Bakan, J. (2004). The Corporation: The Pathological Pursuit of Profit and Power, London: Constable and Robinson. 9. Hare, R.D. (2003). The Psychopathy Checklist – Revised, 2nd edn, Toronto: Multi-Health Systems. 10. British Medical Association, http://www.bma.org.uk/ap.nsf/Content/AZusefulsites# HippocraticOath

75

76

Companies at risk 11. The Law Society, http://www.lawsociety.org.uk/documents/downloads/Profethics_ PracticeRules.pdf 12. Institution of Chemical Engineers, Rugby, UK, http://www.icheme.org/ByLaws2004.pdf 13. Institute of Occupational Safety and Health, Professional Code of Conduct, http:// www.iosh.co.uk/index.cfm?go=about.conduct 14. Rogers Commission (1986). Report of the Presidential Commission on the Space Shuttle Challenger Accident, http://science.ksc.nasa.gov/shuttle/missions/51-l/docs/rogerscommission/table-of-contents.html

II

Strategies to prevent corporate accidents

This page intentionally left blank

Introduction to Part II

Part I examined the nature of the ‘corporation’ and how the concept of ‘corporate personhood’ evolved historically, citing the underlying economic theories behind this development. In reality, of course, corporate personhood is merely a legal fiction which enables a corporation to have a separate existence from those who own and animate it. Thus, corporations are able to act in a sense as citizens, taking their rightful place in society so that they can more usefully fulfil the role set out in their articles of association. However, it cannot be denied that the principal purpose of the corporation is to increase the wealth of its owners. As a result, there is a natural tendency for companies to externalize their costs on to third parties if not restrained from doing so. This may place an unacceptable burden on certain sectors of society from a health, safety and environmental point of view, and possibly in other ways as well. This tendency towards externalization must therefore be curbed if society is to be protected. Limiting the worst excesses of externalization is partially achieved by government regulation. It is achieved only partially because in a free-market society there are two interrelated problems with regulation. The first problem is the damping effect of regulation on entrepreneurial activity, often described as the ‘dead hand’ of government. The second problem stems from the first: in order to lighten the burden of regulation only minimum standards of corporate behaviour are imposed. However, the public’s expectations of companies and how they behave have increased immeasurably over the past few decades, making it necessary for companies to behave, or at least to be seen to behave, ethically as well as legally. In other words, just being legal is unacceptable for modern companies and their standards must go beyond the minimum regulatory requirements. The reasons for this were explored, with examples, in Part I. For this to happen, organizations must have corporate systems which take account of matters such as corporate social responsibility as well as profit maximization. These systems need to be integrated into all the company’s activities through action at the highest level so that all employees, whether workers, managers or directors, are guided towards high ethical standards in their work.

80

Strategies to prevent corporate accidents As described in Chapter 1, six particular corporate systems were identified as being essential to achieving the requisite standards of health, safety and environmental protection. So that the systems were relevant to the avoidance of corporate accidents they were designated as ‘strategies’. Thus, ‘Strategies to prevent corporate accidents’ is the title of Part II of this book, which now leaves the subject of corporate accountability to explore how the ethical concerns discussed in the previous chapter can be translated into practical action. The accompanying diagram summarizes the six selected strategies together with the chapter numbers which deal with each subject. Strategies to prevent corporate accidents Safety culture Chapter 4

Understand the risk

Safety regulation

Safety management

The learning organization

Corporate social responsibility

Chapter 5

Chapter 6

Chapter 7

Chapter 8

Chapter 9

Safety culture is the first of the strategies to be considered and this is explored in the next chapter. It is considered that the effectiveness of the other five strategies shown in the diagram is highly dependent upon the culture of the organization and whether this encourages or inhibits the day-to-day application of these strategies. Thus, in the diagram, the strategies described in Chapters 5–9 are shown as flowing from safety culture, described in Chapter 4. Since safety culture is so important and yet, in many ways, not very well understood, the next chapter examines the subject of culture from first principles. A thorough exploration of culture in general is needed to understand the full implications of safety culture for corporate accident prevention. It discusses two fundamentally opposed cultural paradigms and whether it is possible to change a defective safety culture. The strategies shown above tend to fall into either one of two categories, pragmatic or holistic:

• Pragmatic

– Understand the risk (Chapter 5) – Safety regulation (Chapter 6) – Safety management (Chapter 7)

are classified as more pragmatic strategies. They are judged to be pragmatic because each is specifically directed towards a particular aspect of accident prevention rather than across all corporate activities at the same time.

Introduction to Part II

• Holistic

– Safety culture (Chapter 4) – The learning organization (Chapter 8) – Corporate social responsibility (Chapter 9)

are classified as more holistic in nature. This term is usually used in medicine to refer to treatment of the complete human person, physically, mentally and spiritually. It tends to see every aspect of life as equally valuable and closely interconnected. Here, in a similar way, the term holistic is applied to the corporate ‘body’ in that these strategies must be applied right across every aspect of corporate life (not just accident prevention) if they are to be effective as a whole in reducing the incidence of corporate accidents. When perfectly applied, it is possible to imagine all the parts of the corporate body working effectively towards a common ethical purpose. Safety culture is holistic since, as described in Chapter 4, it is an integral part of the general corporate culture which pervades the whole organization. Each strategy is now described in the chapters that follow.

81

This page intentionally left blank

4

Safety culture The establishment of a safety culture within an organization is one of the fundamental management principles necessary for the safe operation of a nuclear facility. (It should be) recognized that safety culture is both structural and attitudinal in nature and relates to the organization and its style, as well as to attitudes, approaches and commitment of individuals at all levels in the organization. International Atomic Energy Agency, Safety culture in nuclear installations1

Introduction Safety culture is the ‘top-level’ strategy to prevent corporate accidents. Other organizational defences against corporate accidents, which are dealt with in later chapters, must in some way stem from an adequate safety culture. The importance of safety culture cannot be overemphasized. A failure to recognize when the safety culture has become compromised, or is no longer appropriate to the level of risk from the company’s operations, makes the company exceptionally vulnerable to a corporate accident. When such an accident occurs, deficiencies are often found in the defences that were supposed to protect the company. For instance, it may have been discovered that the direct cause of the accident was a human error when staff violated operational procedures. In the wake of such an accident, steps may be taken to improve the procedures and perhaps implement more effective training of the operators who violated the rules. This will rarely provide a long-term solution; somehow, somewhere, yet another procedure will be violated. The question that needs to be asked is: why was the procedure for this task allowed to fall out of use? This is not the fault of the operator; this is a failure of management and of corporate responsibility. If the root cause is traced back to its original source, it will probably be found that there is a defect in the company’s safety culture which allowed this to happen. The failure of the operator to follow procedures may have been occurring on a daily basis; all that was needed was a triggering event to cause

84

Strategies to prevent corporate accidents the accident. This would indicate a failure by management to monitor the work. If a culture exists that allows this to happen, then it is likely that many other procedures, or indeed a large part of the safety management system, may be similarly defective leading to further accidents. This is why it is important to trace the accident back to its origins, especially where this is the safety culture. If the safety culture is faulty, then other defences against corporate accidents may have been compromised. This willingness and ability to identify the root causes of accidents is an aspect of organizational learning which will be dealt with in a later chapter. Culture is an exceedingly complex subject with ramifications which are well beyond the scope of this book. Many authorities, including some safety regulators, have taken the view that a company culture can be measured using a set of indicators which can then be compared with some normative ideal culture. It is claimed that any discrepancies in the culture can then be remedied by making adjustments to specific corporate parameters in order to bring the culture closer to the ideal state. Later in this chapter it is shown how the safety culture of an organization may be measured by using a set of suitable indicators with the objective of cultural change. It also considers the development of safety culture from a purely prescriptive or rulebased approach to a more modern risk-based culture in line with current legislative requirements. However, in approaching the subject of safety culture, the complexities of culture in general cannot be ignored. Two approaches to understanding culture are therefore considered in this chapter. Firstly, the classical approach, which allows for cultural characteristics to be measured with specific implications for being able to change the culture. Secondly, the Gestalt approach, which considers culture to be so deeply embedded in a society or an organization that conventional methods of measurement and mechanistic approaches to changing the culture are effectively ruled out. The main objective of this chapter, however, is to understand safety culture and in order to do this it is necessary first of all to consider the basic concept of ‘culture’ in a wider framework, in both national and sociological terms, leading ultimately to the study of culture in organizations.

Culture Perhaps the simplest way to understand culture is to see it as a collective aspect of human activity lying somewhere between on the one hand ‘human nature’, that which all people have in common, and on the other hand ‘personality’, that which distinguishes one individual from another. This is illustrated in Figure 4.1 Whereas personality distinguishes one individual from another, culture distinguishes one group of people from another. Human nature, in the broad sense used above, does not distinguish between individuals or groups, but is a characteristic of the whole species and is inherited through our genes. Culture, unlike human nature, is not inherited but in its richness and variety is absorbed and passed on down the generations in ways which are sometimes difficult to define. Historically, different cultures have retained their distinctiveness and remained remarkably stable over long

Safety culture

Personality

Culture

Human nature

Figure 4.1 Culture.

periods, although in the modern era of rapid travel and communications this may be changing. Later it will be shown that organizational culture, including safety culture, is also remarkably resistant to change. This can sometimes compromise safety; if the safety culture is unable to adapt to external changes then its ability to meet safety objectives will be undermined. Culture is most often defined in anthropological terms. A standard textbook definition (which will be useful later when we come to define safety culture) is: The system of shared beliefs, values, customs, behaviours, and artefacts that the members of society use to cope with their world and with one another, and that are transmitted from generation to generation through learning.2 Culture will be studied at the three basic levels at which it exists:

• national or regional level • social level • organizational level. Organizational culture, of which safety culture is a subculture, is an important area of interest for this book. Because of the way safety culture permeates an organization it has a wide-ranging impact on all company activities. Furthermore, numerous inquiries into corporate accidents have shown a correlation between the safety culture of a company and the accident history of the company. Some of these corporate accidents are discussed as case studies in Appendix 2 and at the end of this chapter. Because it is impossible to improve a safety culture in isolation from the organizational culture it is necessary to understand the latter in order to define the former. In the same way, an examination of culture in general will enhance the understanding of culture in organizations. Each of the cultural levels listed above will therefore be examined in turn before turning later in the chapter to the ways in which safety culture can be defined, measured and possibly changed.

85

86

Strategies to prevent corporate accidents

Culture at the national or regional level Human societies have existed for over 10,000 years. It is believed they developed when small, mobile hunter–gatherer groups settled into more stable farming communities which later amalgamated into larger settlements, towns and regions. The development of national groups or political units, with which individuals, settlements and regions became identified, adopting a differentiated language and unique customs, is a much more recent phenomenon. Anthropologists and social scientists have attempted to identify the cultural characteristics which distinguish one nation or region from another, but this has proved to be difficult and complex. Apart from differences between nations, cultural differences exist within the nation state across geographical regions and especially across ethnically or religiously diverse groups. Even within a nation these differences may be striking and conflict between different cultural groups is evidenced by recent history. In order to identify, differentiate and compare cultures, social scientists will seek dimensions which are common to all cultures and which can be measured. The term dimension in this context will be used frequently in this chapter to define and measure culture. Typical dimensions might include, for example:3

• the relationship between citizens and authority • the degree to which a society is individualistic or collectivist • the social implications of gender within a society. By measuring these or similar dimensions in a systematic way social scientists try to make objective comparisons between different cultures and aim to exclude the subjective value judgements which are often applied by one culture to another. It has been said that we can only really understand another culture by reference to the culture in which we ourselves have grown up. Because culture is so complex, a full explanation is beyond the scope of this book. However, a simple illustrative example from the cultural history of the USA is useful here. It is often believed that a culture exists which is unique to the USA. Indeed, for many people the wearing of baseball caps and the consumption of Coca-Cola are representative of American culture. However, as discussed later these are merely artefacts and represent only the surface appearance; an artefact may enable one culture to be distinguished from another, but it does not necessarily provide any clues to the underlying nature of a culture. In fact, the USA is a nation descended almost entirely from immigrant populations originating in widely diverse cultures. Although it may appear that these cultures have been subsumed in the immigrant ‘melting pot’ to form a unique American culture, a geographical exploration of the country would quickly reveal that this is not entirely the case. A ‘salad bowl’ may be a more accurate description than a ‘melting pot’! Many of the characteristics of the national cultures of the original immigrants are still retained within specific groups and regions (e.g. Irish and Jewish cultures in New York, German and Scandinavian cultures in the mid-west, Hispanic culture in the south-west). This is witness to one of the most important characteristics of culture, its enduring nature and inherent stability over time.

Safety culture It will be shown later, in the context of safety culture, that the artefacts of a culture, that is the outward appearances, do not necessarily reflect the underlying basic assumptions of that culture. For instance, in an Asian country, the Philippines, the people are an ethnic mix of Malay, Chinese, American, Spanish and Arab antecedents. The artefacts of North American culture are prevalent in Filipino society because the country was for some decades a colony of the USA. Yet these outward appearances do not signify that a primarily American culture exists within that society. Before the American occupation the Philippines was, for two centuries, a Spanish colony and as a result absorbed many aspects of European culture including Roman Catholicism. Although this may today be reflected in the deeply conservative nature of Philippines’ society, the culture remains predominantly Asian, with elements of strong kinship and family ties, respect for age and hospitality differing from those found in Europe or the USA. Philippines’ society exhibits only superficial characteristics of the cultures of foreign occupiers, again reflecting the strong persistence of ethnic cultural characteristics. This may seem far removed from the main topic of this book, but its relevance will become clear when, in later sections, we consider the difficulties which can be experienced in trying to change the culture of an organization.

Social culture Within the larger national or regional cultural grouping there will exist smaller groupings based on social relationships. These groupings will exhibit specific cultural characteristics in much the same way as a national or regional group. Strictly speaking, these groups do not come together in the same way as national and regional groups which are made up of random individuals. Rather than random groupings, individuals in a social culture fall into specific categories defined by aspects such as gender, generation, class, education, occupation and religion. The nature of these social groupings will vary considerably and have widely divergent cultural characteristics which depend on the group. Three aspects of social culture, each of which has some relevance for organizational and safety culture, are considered here, namely gender, class and generation.

Gender culture Gender is a term which is used to denote the social distinction rather than the biological distinction between male and female. Gender roles are therefore an important aspect of social culture. While the biological differences between men and women are absolute, gender roles, in society and industry, are not in theory constrained by this. Yet within society there are wide differences between male and female culture which are often reflected in the jobs done by men and women, respectively. In many countries women are effectively excluded from certain occupations and professions, not because they are unable to do the work, but because of the ingrained gender culture of the country. In Japan, for instance, it is very rare for women to have a role in management and sales activities, which are seen as strongly competitive roles. In most Western countries women’s involvement in these careers

87

88

Strategies to prevent corporate accidents is now taken for granted. Conversely, in some countries it may be culturally unacceptable for men to take on certain jobs such as domestic cleaning and caring for children which have traditionally been carried out by women. This tendency can even be seen in the UK, for instance, in primary education where there are very few men in teaching roles; this is undoubtedly due to the persistence of cultural expectations. Gender stereotypes in the workplace still reflect to some extent perceived masculine and feminine characteristics such as male assertiveness and competitiveness and female nurturing and caring. In spite of burgeoning legislation to promote gender equality, men still tend to dominate industry, commerce and politics, while women continue to fill more subservient and domestic roles. These cultural dimensions of gender are perpetuated down the generations by being passed on to children through socialization but, arguably, may be partially inherited through hardwired biological differences between the sexes.

Class culture The effect of social class and upbringing still has a powerful cultural impact on the way individuals progress within the world of work. Social class and educational opportunities continue to go hand in hand in spite of government efforts to promote more equal access. In addition, strong and identifiable cultures continue to exist within certain occupations, cultures which effectively limit access to the profession to those from certain backgrounds. Education and occupation are important determinants of cultural conditioning and when closed or club cultures are strongly perpetuated within the professions they can have a negative impact on safety culture. The reasons why certain groups become segregated by class, education and occupation are not always clear and there will be considerable differences from country to country. One particular case study in Appendix 2, Case Study A2.4, Children’s heart surgery at the Bristol Royal Infirmary (further discussed at the end of this chapter) provides a disturbing example of how a closed professional culture can lead to a corporate accident. In this case, the closed nature of the medical culture resulted in the concealment over a number of years of a serious lack of competence which prevented the underlying problems from being recognized and addressed. As with many of the case studies considered in this book, it took the emergence of a corporate accident to reveal the cultural deficiencies. History has shown that individuals working within a closed culture are very reluctant to break ranks and disclose information about failing colleagues, either within the organization or to the regulating authorities, even if the lack of disclosure may lead to serious consequences. Whistleblowing, although usually a last resort, remains an important strategy to prevent corporate accidents in circumstances such as these, and must be encouraged by means of a more open culture. Whistleblowing is addressed in Chapter 8.

Generational culture Cultural differences between generations, particularly in the way different generations relate to each other in the work context, in terms of respect for authority for instance, vary considerably from country to country. In Western cultures there is a tendency for the younger generation to question authority based only on seniority,

Safety culture since it is considered that respect and loyalty is not bestowed by age or experience but must be earned. In Eastern cultures, seniority earns respect in its own right, probably deriving from cultural norms within the family, in particular the strong authoritarian nature of the male family head in these countries. This is a national cultural dimension being carried over into the workplace. In Eastern societies, entry into an occupation may depend more upon family background and connections than upon qualifications, skill or aptitude for the work. Such a situation exists, for instance, within the Indian Railways, a cultural relic perhaps of the colonial power extending back to Victorian times. Where there is a strong generational culture it may be found that promotion is dependent more upon loyalty to the company and time of service than upon any particular ability to carry out the work. Thus, the presence of a generational culture within a company can have a strong influence upon organizational and safety culture. As with the closed professional club culture mentioned above, in societies with more hierarchical and authoritarian cultures there may be a reluctance to question the decisions and actions of those who have seniority in the organization, even where a serious risk has been perceived. Authoritarian cultures are also a feature of organizations which have adopted a military-style hierarchy, such as found amongst aircrew in the civil aviation industry; many present-day senior aircrew were recruited from the ranks of airforce pilots in earlier decades. Reluctance by junior aircrew to question the actions of senior pilots has in the past led to aircraft accidents. This brief foray into social culture has shown the pervasive influence of cultural characteristics within the workplace with a potential negative impact on safety. It will be found that many dimensions of social cultures are highly dependent upon the national culture which has nurtured them. Even in the widely differing examples of social culture given above, the earlier definition of culture in general still holds true, that the members of a cultural group will hold shared beliefs, values, customs, behaviours, and artefacts. Social cultures are of interest here for the way in which they impact on the safety performance of a company, and several of the case studies in Appendix 2 demonstrate how defective cultures have in the past led to major corporate accidents.

Organizational culture The term ‘organizational culture’ became popular in the 1960s as a concept capable of distinguishing one company from another, just as the national or regional culture distinguishes one group from another. The basic premise has always been that if an organizational culture can be understood and measured then there is the possibility of bringing about change. This has provided a challenge to management consultants and sociologists and numerous paradigms of organizational culture have been developed over the years, differing considerably in their usefulness for bringing about change. Although there is no consensus, a review of these paradigms seems to reveal two basic approaches to understanding organizational culture. The author has classified these as the ‘classical approach’ and the ‘Gestalt approach’. One of the important differences is the degree to which each approach would allow for measurement of

89

90

Strategies to prevent corporate accidents culture (and in particular safety culture) with the possibility of intervention where a change in the culture was found to be desirable. The classical approach is the more analytical and systems oriented, and has been the basis of a number of methods of improving safety culture, an example being that of the International Atomic Energy Agency (IAEA) described later in the chapter. Both approaches are briefly summarized below; the Gestalt approach is included mainly in order to highlight the difficulties in understanding and implementing changes in organizational and safety culture.

The classical approach The classical approach operates from the basic premise that the culture of an organization is something that can be objectively measured, and this theory is therefore supportive of the idea that undesirable aspects of a culture can be changed. Many inquiries into corporate accidents have identified an inadequate safety culture as one of the main root causes (see the case studies in Appendix 2). Thus, the classical approach has proved to be extremely attractive since the ability to improve effectively a safety culture would be a major strategy to prevent future accidents. Most classical approaches use some form of external questionnaire to pin down the nature of a particular company culture. If safety culture is of interest, then the questions will generally be safety oriented. The writings of two eminent workers in the field have been selected to illustrate a number of features of the classical approach which may be brought to bear on the problem of safety culture.

• Edgar Schein defined the levels at which organizational or safety culture can be •

understood. This method of understanding culture has been widely used in the assessment of safety culture, particularly in the IAEA approach described later. Geert Hofstede defined a set of dimensions by which organizational culture may be measured. This has been less widely adopted in safety circles than the previous approach, but can throw some light on dimensions which are conducive to a good safety culture.

These two alternative but complementary schemes to address organizational culture are considered in the following sections.

Levels of organizational culture The scheme discussed here is based on the work of Edgar Schein, a management and organizational psychologist. His contribution to the subject was to transform abstract notions of culture into a practical tool that leaders could use, by proposing4 that organizational culture has identifiable levels varying from a set of obvious surface characteristics to features which are largely concealed from view. Artefacts This is the most obvious level of culture which is visible when entering an organization, say as a new employee or a visitor. It will include the first impressions received when entering the company premises via the reception area. Artefacts here may

Safety culture include the architecture of the building (modern or traditional), the way space is utilized within the reception area (welcoming or inhibiting), offices (open plan or individual offices and workplaces), car-parking provisions (reserved or open to all), method of greeting (formal or informal), etc. Upon entering a work area such as a production line, control room or maintenance facility, other artefacts will become apparent and add to the first impression. Aspects such as tidiness, degree of activity, amount of supervision, provision of information, safety signs and management presence will now be noticed. Each artefact tells its own story and adds a little to the overall picture of what the company culture may be like. The observed artefacts, however, provide only an impression which may or may not be linked to the actual culture of the company. The artefacts are unable to provide an indication of why the company culture is the way it is; to extract this sort of information it is necessary to go to the next level down. Espoused values These aspects of the company culture are less obvious than artefacts and are revealed by communication with company employees or through reading company literature. This sort of information can be quickly gleaned by a new employee after only a few days in the job. It comprises commonly held values which employees of the company will say that they support and which they will communicate to others through either statements or behaviour. Espoused values will include aspects of company culture such as the strategy and aims of the company, the importance of customers, whether good performance by employees is rewarded, how easy it is to communicate with higher levels of management, etc. In the case of safety culture it will espouse such values as the degree of priority given to safety over production. However, it needs to be remembered that espoused values may be values which the company or employees have a preference for, rather than an expression of what actually happens. In order to determine whether there are inconsistencies between espoused values and reality it is necessary to examine culture at an even deeper level. Basic assumptions These are fundamental but hidden beliefs which are not usually stated or expressed but are generally understood and subscribed to by employees who have worked in the organization for some time. They may well conflict with espoused values as described above; what people say and the basic assumptions to which they subscribe may be entirely different. As an example, managers in the company may state that they have a familyfriendly approach to the organization of work such that their subordinates, who need time off work for family reasons, will be accommodated. This is an espoused value. In reality, it may be found that when a family situation requires an employee to take time off and this conflicts with production, the company’s interests always take priority. A similar example is the way male and female employees are treated. A company may state that it has an equal opportunity policy, but if its employment records are examined it will be seen that male employees are given preference over female employees when it comes to promotion. A UK company recently in the news,

91

92

Strategies to prevent corporate accidents selling ‘fair-trade’ bananas to leading supermarket chains, was found to be subjecting the mainly immigrant workers in its packing plant to inhumane working conditions, in contradiction to its stated fair-trade ethos. In all these cases the espoused values of the company culture is contradicted by the hidden reality of the basic assumptions. Within the safety subculture of a company it is possible to find similar contradictions. For instance, it may be found that safety practice does not reflect the espoused value attached to a safety policy statement. Clearly, in order to establish whether the culture of a company does in fact support the company’s best intentions it is necessary to delve down to the level of basic assumptions to validate the espoused values and artefacts.

Dimensions of organizational culture Many schemes claim to measure organizational culture by means of a set of dimensions. The main purpose of such schemes is to enable different cultures to be compared on the same basis rather than to define in detail any particular culture. The dimensions chosen will therefore depend to some degree on the type of comparison to be made. In line with the classical approach it is better to choose dimensions which can easily be assessed by means of a questionnaire put to employees. For the purpose of this book it is useful to examine some general dimensions, not specifically related to safety, but which may throw some light upon the safety culture of an organization. The scheme chosen is one based on a well-known study of organizations undertaken by Geert Hofstede between 1985 and 1987 under the auspices of the Institute for Research on Cultural Co-operation (IRCC, University of Limburg, Maastricht, the Netherlands).5 This method of dimensional analysis has since been used by other researchers. The authors suggest that the dimensions were chosen to lie on poles between two extremes, but specifically avoiding labels suggesting a ‘good’ or ‘bad’ aspect of culture. The six dimensions are described briefly below, listing some of the main characteristics: 1. Process oriented versus results oriented Process-oriented culture: is characterized by a high level of bureaucracy and a dependence on rules. The emphasis is upon ‘means’. It tends to attract employees who are happy for every day to be the same, even if tedious. Results-oriented culture: has a dependence on ‘outcomes’. The emphasis is upon ‘goals’. The work environment tends to be more challenging and these employees are more comfortable with risk taking and the unknown. 2. Employee oriented versus job oriented Employee-oriented culture: has an interest in the employees’ welfare, and personal problems are taken into account. Important decisions tend to be taken by groups or committees. Job-oriented culture: the performance of the employee at work is the main issue and completing the job is all important. Decisions tend to be taken by individuals. 3. Parochial versus professional Parochial culture: employees tend to identify with the organization which generates their norms of behaviour at work and at home.

• • • • •

Safety culture

• Professional culture: the private life of the employee is distinct from the

organization. Employees tend to be more highly educated and identify mainly with their profession rather than the organization. 4. Open system versus closed system Degrees of openness reflect the way internal and external communications are handled in the organization. Open system: the ethos is that ‘anyone is welcome’ and efforts are made so that newcomers are able to find their place easily in the organization; the rules of the organization reflect this. Closed system: the organization tends to be secretive and an element of ‘mystery’ is fostered such that only special people are allowed to have a place; the rules are purposely kept vague. 5. Loose control versus tight control These dimensions reflect the degree of formality exercised by the organization, sometimes reflected in dress code (an artefact). Loose control: cost and time considerations have less significance and in this sort of organization it is permissible to make humorous remarks about the company or the job. It is characteristic of more creative concerns such as research laboratories and advertising agencies. Tight control: cost and time are considered a measure of success, and the company and the job are always taken seriously. It tends to be characteristic of high-technology industries such as banks and pharmaceutical companies. 6. Normative versus pragmatic This dimension defines how the organization deals with external relationships, such as those with customers. Normative culture: tends to be rigid in the application of rules, so that the ‘process’ is always more important than the ‘results’. The approach to ethics is dogmatic or invariant in nature. Pragmatic culture: is more market oriented towards the needs of the customer, and the rules may be suspended since the results are more important than the process. A more pragmatic or expedient attitude exists towards company ethics.

• •

• •

• •

Whether one or the other poles of a dimension is ‘good for business’ will, as hinted at in the above descriptions, depend on the dimension and the type of business. There may, however, be some absolutes; for instance, it is difficult to conceive a company with a ‘closed system’ being more successful in the long term than one with an ‘open system’. From a safety point of view, where there is a definite aim in mind, it is possible to identify at which poles a good safety culture is promoted. This is shown in Table 4.1. Hofstede makes the important point that it is rare for these dimensions to be intentionally ‘decided’ by individual managers or even collectively by the organization. However, it is probable that they strongly reflect the attitudes of top management in the organization. The use of the classical approach to analyse and diagnose a culture has been questioned by many organizational researchers. It is claimed that the idea of being

93

94

Strategies to prevent corporate accidents Table 4.1 Dimensions of organizational culture promoting safety Dimension no.

Tendency towards

Reason

1

Process oriented

How work is done (the process) is more important than the result if safety is to be achieved

2

Employee oriented

The welfare of employees is more important than completing the job at any cost including at the expense of safety

3

Professional

‘Professional’ standards are probably more conducive to working safely than company-generated norms which may conflict with safety aims

4

Open system

Open communication is essential for safety concerns to be voiced and acted upon

5

Tight control

Formal control of work practices is an important element of safety management (see Chapter 7)

6

Normative

Pragmatic and expedient attitudes to safety are likely to lead to procedural violations

able to manipulate organizational culture externally, say by using management consultants, may be illusory. Gestalt theory (see below) challenges the idea that culture is tangible and has system-like properties that can be analysed using a mechanistic approach. Furthermore, the use of a questionnaire to gather ‘data’ about a culture is itself questionable. It treats an organizational culture as a ‘property’ of the company, or something which the company has. As will be suggested below, culture is much more deeply embedded than, say, a company policy or a set of objectives; it is something which the company is. The use of a questionnaire can lead to a spurious sense of precision which can mislead managers or regulators into believing that culture is just another safety statistic like lost time accidents which can be controlled and monitored. The classical approach ignores what one writer has called the ‘dynamic and emergent aspects which anthropologists see as the core of culture’.6

The Gestalt approach Culture is a Gestalt Some managers, especially those who come from a technology rather than a social science background, may find it difficult to understand the way in which an organization’s culture develops. There is a very simple reason for this. Organizational culture is often perceived to be something that the company has, something which is tangible that can be observed and therefore manipulated, similar to other corporate assets. In reality, the only information that can be observed is at the level of artefacts. In the case of safety culture these may include artefacts such as safety notices, safety meetings, wearing of protective clothing, etc. If it could be seen in its entirety, organizational culture would resemble an iceberg with nine-tenths submerged below the surface; the surface appearance can belie the hidden depths. The essence

Safety culture is so deep rooted that culture is something that the company is rather than something it has. Company culture is, in fact, a phenomenon described by psychologists as a Gestalt. Science and technology tends to operate using a systems approach. This takes a complex whole and breaks it down into its component parts. The parts are analysed separately and then reassembled so that the relationship between them can be understood; the operation of the whole can be manipulated by tweaking the parts. In contrast, ‘a Gestalt is essentially a whole, the behaviour of which is not determined by that of its individual elements, but where the parts are themselves determined by the intrinsic nature of the whole’.7 Simply put, the whole is more than the sum of its separate parts, and to some degree the parts are determined by the whole. The dimensions of an organizational culture can certainly be studied (as described above), but these dimensions cannot be added together to make the whole in the same way as a technological system can integrate separate components. However, cultural dimensions are still useful in making comparisons between:

• organizational cultures in different companies, or • the culture of the same company at different times, say before and after changes have been implemented.

To a limited degree it may be possible to apply a systems approach to a Gestalt, but only on a comparative rather than an absolute basis, and even then it may provide only a superficial comparison.

Culture is ‘emergent’ The Gestalt approach seems to suggest that an organizational culture (including a safety culture) is not something that can be developed or intentionally shaped by a company to conform to a desired pattern. Rather, it suggests that organizational culture is ‘emergent’. Richard Seel, a management consultant working in the field of organizational complexity, claims that the culture ‘emerges’ from ‘the conversations and negotiations between the members of an organization’ and can only be defined ‘by participative inquiry rather than external diagnosis’.8 In order to define a particular culture, Seel suggests a number of participative approaches that can be used with the cooperation of employees. It is only employees, daily immersed in the culture, who are able to provide the necessary insights. He uses devices such as ‘metaphor’ (our culture is like . . . ), ‘heroes and villains’ (individuals whose styles reflect the culture of the organization), ‘stories’ (which capture the essence of the organization) and ‘rules’, amongst others. According to Seel, rules are of particular interest in understanding culture and in his work he draws on the insights from the Cambridge mathematician John Conway who, in 1970, developed the ‘Game of Life’9 or the ‘cellular automaton’. This comprised a matrix of cells forming emergent patterns based on a very simple set of mathematical rules which can live, die, multiply or reach a stable configuration depending on the initial conditions. It demonstrates that quite simple interactions can lead to complex outcomes. Conway’s rule set was that for a space that is ‘populated’, each cell with one or no neighbours dies, as if by loneliness; each cell with four or

95

96

Strategies to prevent corporate accidents more neighbours dies, as if by overpopulation; and each cell with two or three neighbours survives. For a space that is ‘empty’ or ‘unpopulated’ each cell with three neighbours becomes populated. This idea was further developed by Craig Reynolds, a computer graphics expert, who created the ‘Boids’ artificial life simulation10 in 1986 to try and explain the flocking behaviour of birds, an emergent ‘cultural’ phenomenon of the natural world. He showed that flocking behaviour can be reproduced using a computer model by applying three simple rules:8 1. Separation: steer to avoid crowding local flock mates. 2. Alignment: steer towards the average heading of local flock mates 3. Cohesion: steer to move toward the average position of local flock mates. Application of these three rules will simulate flocking behaviour in the computer model. Important to note is that the emergent behaviour takes place purely by virtue of individuals in the group interacting with each other independently of any leadership or higher plan of action. Each individual is only cognizant of the behaviour of its neighbours and has no awareness of the behaviour of the whole flock. The behaviour of the whole is emergent in much the same way that Gestalt theory would predict for an organizational culture. In theory, it may be possible to reverse engineer a culture through analysing the interactions of employees to discover the set of rules which have caused it to emerge. Perhaps some modification of the rules might then change the culture. Some work along these lines has been carried out by social scientists, but is beyond the scope of this book to explore further. The main point is to demonstrate that culture is so deeply ingrained in an organization that it is not as susceptible to change as many regulatory authorities may like to believe. To some degree this has been recognized by, for example, the US Nuclear Regulatory Commission (NRC). This is further discussed in the case study of the Davis-Besse nuclear power plant incident in Appendix 2, Case Study A2.2, and in the discussion of this incident at the end of Chapter 6.

Culture is socially maintained Organizational cultures are in a sense the ‘property’ of the group of people who are bound together by the culture, its norms, values and beliefs. At the same time, because the culture is emergent, it is self-determining and, like the corporate body, does not depend for its existence upon which individuals belong to the group, especially since individuals will leave and others join from time to time. Once established, the culture seems to be an independent entity: no individual or subgroup intentionally created the culture; rather, it emerged as described above. However, whilst the culture may have emerged, once it does exist there seems to be a natural tendency for it to solidify in order to maintain a social bond that:

• holds the members of the group together • distinguishes the group from other groups • enables individuals within the group to cope with their world and with one another. When an outsider enters a new and unfamiliar culture, time is needed to understand and adjust to the cultural norms of the group. This has no connection with the

Safety culture various forms of induction training provided for individuals starting a new job, since organizational culture is not something that can be taught, but must be absorbed through exposure to it. This cultural absorption may extend over a period of many months or even years before the culture is fully internalized and the required behavioural adjustments are made. It is internalized by a process of ‘osmosis’ rather than by formal learning. There is no guarantee that all individuals will be able to adjust to a new and unfamiliar culture. Employees unable to adjust will experience anxiety and evolve protective mechanisms for uncertainty avoidance. Eventually they may leave the organization. A modern example might be female employees entering an industry which has in the past been a predominantly male preserve, such as the fire service. Employment tribunals have been required to act upon an increasing number of such cases over the past few decades as women take on jobs previously not thought suitable. Quite often this is because the cultural norms of the existing members of the workforce have solidified to a degree that precludes adaptation to an influx of newcomers with different norms. In the employee selection process there are undoubtedly mechanisms at work which tend to select the individuals who will best fit into the prevailing organizational culture of the company. Even if those undertaking the selection cannot fully define what that culture is they have an intuitive understanding whether a job applicant is a cultural match and make their selection accordingly. Conversely, individuals attending job interviews may be sensitive enough to detect enough elements of the prevailing culture to decide not to take up any employment offered.

Implications for change The two approaches discussed above, the classical and the Gestalt, would appear to represent two opposing if not irreconcilable paradigms of organizational culture. The main implication of the difference in approach is whether it is possible to bring about change in an organizational culture by applying external measures. The more pragmatic classical approach, by attempting to measure the main features of a culture in terms of its levels and dimensions, seems to holds out more hope for bringing about cultural change. This is based on the McKinsey principle that ‘what gets measured gets managed’. The interesting but more abstruse Gestalt approach holds out a lesser hope of being able to define an organizational culture in objective or measurable terms. For this reason, most of the rest of the chapter, which is concerned with developing and changing a safety culture, is based on the classical approach. In order for a company to survive in the modern business environment it would seem important that a company culture is able to adapt to changing external conditions. In bringing about such a change, the first problem will be to identify where a mismatch occurs between the existing culture and a desired culture. It is clear that changing the artefacts or the espoused values of a culture will be insufficient to bring about the necessary degree of change; these are merely superficial aspects of the culture which do not necessarily provide an accurate picture of the true situation. It will be necessary to identify and understand the basic assumptions of the company’s culture, particularly those which are detrimental to the company’s aims.

97

98

Strategies to prevent corporate accidents The second problem will be to change those basic assumptions that are no longer appropriate to the new conditions. Changing the basic assumptions will bring about deep-down change which will be reflected in improvements to the company’s future performance. As indicated above, this is not as simple as it might seem. Assuming that the basic assumptions can be positively identified, one of the main obstacles is whether the motivation or the will exists to bring about the deep-down changes that are needed in the absence of a sudden and unexpected traumatic event to precipitate change. Such a precipitating event might be a sudden slump in the value of the company stock owing to financial problems or a major accident or catastrophe involving loss of life. Whatever its nature, it will hopefully prompt the company to correct any defects in the company culture which are the root cause. Clearly, particularly in the case of a safety culture, it is advantageous to recognize a cultural mismatch before the occurrence of such an event. However, the reality is that in the absence of such an event, it will always be easier and less disruptive to continue under the old culture. It is highly probable that the basic assumptions underlying the company’s culture will not have been recognized, let alone discussed or confronted, and management may have preferred to live in the rosy glow of espoused values. It is unfortunate that it often takes a major event to precipitate a fundamental examination of the organizational culture. It is at this point that the company may become a ‘learning organization’, one which no longer relies on major events to be the instrument of change, but sees the need for continuous improvement in order to keep ahead of events. Organizational learning is one of the strategies against corporate accidents discussed in Chapter 8. An approach to managing change is further discussed below.

Safety culture Safety culture is essentially a subculture of organizational culture as defined above. The three levels of organizational culture defined by Edgar Schein can equally be applied to safety culture. The main difference will be in the attributes of the artefacts, espoused values and basic assumptions, which will tend to be safety related. Some possible dimensions of organizational culture which could promote a good safety culture were identified in Table 4.1. It is a common belief that safety culture is generated in the rarefied atmosphere at the top of the organization. Certainly those at the top of the organization must set an example when espousing the values of the company’s safety culture, but then they must ensure that the espoused values permeate through the whole enterprise and truly reflect the basic assumptions which underpin the way people behave and operate. The artefacts of safety culture are only useful in so far as they provide visible indications and reminders that safety is a high priority within the business. In themselves, artefacts may add very little to actual safety performance. The behavioural approach to safety management described in Chapter 7 makes this abundantly clear. Whereas artefacts such as safety notices and indications of safety performance such as hours worked since a lost time accident are useful in promoting the idea of safety, there is little evidence that they influence employee attitudes.

Safety culture Occasionally the term ‘safety climate’ (or even ‘organizational climate’) has been used interchangeably with the term ‘safety culture’. However, there is an important distinction to be made which needs to be understood here. Cox and Flin11 have usefully suggested that safety climate comprises the surface topography of an underlying safety culture. If the safety culture is measured using a set of chosen dimensions, the safety climate will be those surface features which are amenable to measurement and comparison. The underlying culture, as described above, will be largely hidden from sight. Before safety culture can be understood it is necessary to produce a usable definition.

Defining safety culture Perhaps the simplest and most succinct definition of any organizational culture is ‘how we do things around here!’ This could also apply to safety culture. The Confederation of British Industry has defined safety culture as ‘the ideas and beliefs that all members of the organisation share about risk, accidents and ill health’.12 This is a brief definition which says little about how a positive safety culture may be encouraged. The UK Health and Safety Executive (HSE) sets out a more extensive definition, as follows: The safety culture of an organisation is the product of the individual and group values, attitudes, competencies and patterns of behaviour that determine the commitment to, and the style and proficiency of, an organisation’s health and safety programmes. Organisations with a positive safety culture are characterised by communications founded on mutual trust, by shared perceptions of the importance of safety, and by confidence in the efficacy of preventative measures.13 This not only defines safety culture, but suggests some of the attributes which characterize a positive safety culture; that is, one which has beneficial effects on safety within an organization. Various industries have developed the concept of safety culture to suit their own particular work environment and reflecting how this is understood within the industry. The nuclear industry has been in the forefront of defining and attempting to establish positive safety cultures across the industry, largely through the efforts of the IAEA. This new emphasis on safety culture arose following the Chernobyl nuclear accident in the former Soviet Union in 1986, the root cause of which was a failure in safety culture at the installation. This accident exacerbated the existing public perception that the risk from nuclear installations is very high and accentuated the need for the industry to demonstrate its serious concern and commitment to safety within the industry. The fact that the risk to the public from nuclear installations remains extremely low compared with other industrial and social activities has little bearing on the matter. The influence of public risk perception on corporate safety is dealt with in Chapter 5. In spite of the good overall safety record of the nuclear

99

100

Strategies to prevent corporate accidents industry, even a minor accident usually attracts wide publicity. The strong emphasis on safety culture in nuclear plants has been at least partly driven by this. A case study of a failure of safety culture within the nuclear industry can be found in Appendix 2, Case Study A2.2. A fairly simple definition of safety culture arising from the nuclear industry has been given by the IAEA: Safety culture is that assembly of characteristics and attitudes in organizations and individuals which establishes that as an overriding priority, nuclear plant safety issues receive the attention warranted by their significance.14 This definition states that the culture is an ‘assembly of characteristics and attitudes in organizations’, without defining those characteristics. A more detailed definition emerging from the nuclear industry, originating in the UK Advisory Committee on the Safety of Nuclear Installations (ACSNI) Human Factors Study Group, is: Safety culture is the product of individual and group values, attitudes, competencies and patterns of behaviour that determine the commitment to, and the style and proficiency of an organization’s health and safety programmes. Organizations with a positive safety culture are characterized by communications founded on mutual trust, by shared perceptions of the importance of safety and by confidence in the efficacy of preventive measure.13 This is a fuller definition which attempts to define the characteristics of a good safety culture. Further investigation reveals that this definition has proved popular outside the nuclear industry. For example, it has recently been adopted as the basis for a Hospital Survey on Patient Safety Culture published by the British Medical Association.15,16 Safety culture within the healthcare industry has come to prominence in recent years and is mentioned at the end of this chapter in connection with Case Study A2.4 in Appendix 2.

Developing a safety culture The development of a safety culture within an organization often mirrors the evolution and understanding of safety and risk which has taken place over the past few decades. This is illustrated in Table 4.2

Table 4.2 Chronological evolution of safety culture and understanding Stage 1 (pre-1975)

Stage 2 (1975–1990)

Stage 3 (1990 onwards)

Prescriptive approach based on rules, regulations and procedures

Goal- or hazard-based approach founded on setting safety targets and indicators

Risk-based or proactive approach utilizing continuous improvement

Safety culture The typical stages in the development of safety culture within an organization are now discussed in terms of the evolutionary process indicated above.

Stage 1: Prescriptive approach It is unlikely that a present-day organization’s safety culture is totally founded on stage 1 principles, where the criteria for success depend upon meeting prescriptive rules and regulations and following procedures. This approach corresponds to the safety controls legislated by the Factories Act 1961 (see Chapter 6). This Act, previously an important piece of primary legislation, is now of mainly historical interest. To follow a totally prescriptive approach would mean that when an accident occurs, the first priority would be to check whether the equipment was compliant with regulations and whether the prescribed procedures had been followed. If they had, then essentially the company would be exonerated from any responsibility for the accident since they had followed all the necessary rules. There might be some investigation by the regulating body into whether the prescriptive rules were inadequate in some way, and if they were then the deficiencies might be corrected by issuing a modified set of regulations. For many years safety within the rail industry was regulated in this the way (in some respects, highly successfully), overseen by HM Railway Inspectorate (a body principally manned by retired Royal Engineers). Following the Clapham Junction rail disaster in 1987, a more goal-based approach to safety was adopted. A similar transformation took place in the UK offshore oil and gas industry following the Piper Alpha accident in the North Sea in 1988. It is possible that the safety culture of some organizations will embrace residual aspects of the prescriptive approach. For instance, where work processes are highly proceduralized, with little room for individual initiative, it may still be necessary to apply prescriptive principles. However, it is better for employees to understand fully the safety implications of work they are carrying out, rather than blindly following a strict set of rules and procedures. An organization with a safety culture based upon prescriptive rules will be mainly reactive, responding to problems as they arise. The chief role of management is that of enforcement of rules with unidirectional, downward, communications. Very little attention will be paid to the concerns of the workforce, who are regarded as merely components of the system alongside machinery and plant. There is very little understanding or awareness of the importance of the human factor in safety. The relationship between management and workforce will tend to be adversarial in nature and rewards will be based more upon compliance with rules than upon initiative. There will be very little consultation or participation by the workforce in the organizational arrangements. The workforce will respond by demonstrating a lack of flexibility in the work they are prepared to undertake and the way they carry it out. Such an approach will often result in a blame culture so that when errors are made, staff will be subject to disciplinary measures and there will be little or no investigation of why the error occurred (see Chapter 8). The prevailing cultural atmosphere will not be conducive to a safe working environment and the same sorts of accident are liable to recur since the root causes will not have been addressed.

101

102

Strategies to prevent corporate accidents

Stage 2: Goal-based approach The totally prescriptive approach of the Factories Act was superseded in the mid1970s by the Health and Safety at Work etc Act 1974 as described in Chapter 6. This is now the principal Act of Parliament relevant to corporate safety, and places a general duty on employers to provide safe places of work and to secure the health, safety and welfare of all persons at risk from the company’s activities ‘so far as is reasonably practicable’. This Act is supported by more specific regulations which address specific hazards such as those arising from construction and building operations, noise, asbestos, substances hazardous to health, explosive atmospheres, fire precautions, manual handling, ionizing radiation, lifting operations, pressure systems and the control of major hazards, to name but a few. The goal-based approach to safety culture perceives safety as a corporate goal to be achieved alongside product output, sales targets, profits, public relations, etc. At this stage, the safety culture recognizes the importance of behaviour and attitudes to safety in the workplace, although the means of enhancing this may not be present. When an accident occurs due to human error an investigation will be carried out, but the root cause at the systemic level may not be discovered. The most likely remedial measure will consist of improved training and procedures to eliminate future errors, rather than changing the faulty systems which caused the error in the first place. Some remnants of a blame culture may still exist. Elements of quality management began to emerge from the 1970s onwards in terms of measuring safety improvement. In setting targets and goals for safety, mainly in numerical terms such as hours worked since a lost time accident occurred, accident frequency rates, etc., the main aim of management is to achieve the current goal with little regard to future long-term and permanent improvement. The main emphasis is on accountability for achieving (or failing to achieve) the goals. There may be surprise and disappointment by management that early improvements in safety have levelled out in spite of efforts to maintain the impetus. There may be a feeling of ‘running hard to stay in the same place’. Communications within the organization have improved; safety suggestion schemes will encourage employees to report safety concerns back to management and safety committee meetings will be held in order to report back on progress. However, the relationship between management and workforce is still to some degree adversarial, characterized by ‘facing each other across the table’, rather than building a fully collaborative partnership. Management are likely to accuse the workforce of not following safety rules, while the workforce will respond with counter-claims that management are not providing sufficient investment or showing enough interest in safety. It is unlikely that openness will have reached a point where employees are prepared to report their own mistakes and errors; the culture is not yet blame free. There may be talk of confidential reporting schemes to try and achieve this. The organization is still largely reactive in terms of anticipation of safety problems. Understanding the risk, as a strategy to prevent corporate accidents, is unlikely to have made much progress. Techniques such as hazard and operability studies or risk assessment may well be utilized where this is required by safety

Safety culture legislation. Typical of the stage 2 approach in safety legislation was the Control of Industrial Major Accident Hazards (CIMAH) Regulations 1984 in the chemical industry to prevent or mitigate the effects of major accidents on both people and the environment. These regulations can be traced back to the Seveso accident in Italy in 1976, which led to a European directive on chemical plant safety implemented by CIMAH in the UK. CIMAH took a mainly technical approach to major hazard control, largely ignoring human factors aspects, and required chemical companies to report which hazardous substances were being stored on site. The regulations conveniently provided a list of hazardous materials, potentially removing the need for the company to risk assess major site hazards not included in the list. A safety report was submitted chiefly to convince the HSE that the emergency procedures were adequate, again a mainly reactive approach, concentrating on what happens after an accident. CIMAH was later superseded by the more stringent Control of Major Accident Hazards (COMAH) Regulations 1999,17 which extended the scope and requirements of CIMAH in line with the Seveso II Directive. COMAH sites (major accident hazard sites) must submit a safety report to allow the HSE to assess the overall safety of the site, and the regulations are more proactive, corresponding to stage 3 in the evolution of safety culture (see below). Typically, in the chemical industry, during this period of safety culture evolution, many chemical manufacturers subscribed to voluntary codes of practice such as the Chemical Industries Association (CIA) Responsible Care Scheme.18 Membership of such a scheme might be claimed as a socially responsible achievement of the organization in terms of safety improvement, although this does not necessarily have a real-world impact on the company’s operations (see Chapter 9).

Stage 3: Risk-based approach This approach is essentially one of continuous improvement. It completely overturns the limited safety culture found in stage 1 and further advances many of the improvements implemented in stage 2. Stage 2 introduced a number of the defences against corporate accidents discussed in this book, defences which would not be fully understood or implemented in stage 1. For instance, one of the main defences against corporate accidents dealt with in Chapter 7 came into prominence during the late 1980s and early 1990s. This was partly as a result of the introduction of safety case legislation directed towards the rail industry following the Clapham Junction accident in 1988 [Railways (Safety Case) Regulations 2000] and the offshore oil and gas industry in the wake of the Piper Alpha accident in the North Sea, also in 1988 [Offshore Installations (Safety Case) Regulations 1992]. Some new defences are found to arise in stage 3, such as organizational learning (Chapter 8) and corporate social responsibility (Chapter 9). These defences have only really come to the fore over the past ten to fifteen years and are still at the early stage of implementation in many companies. The development of safety culture in stage 3 must allow for the inclusion of these recent concepts. A company reaching stage 3 in safety culture development is one which anticipates safety problems before they occur and implements proactive measures. This is done by installing strategies based on a risk-based approach to safety management. The free-market ethos of the 1980s tended to reduce the burden of regulation upon

103

104

Strategies to prevent corporate accidents companies and removed many other constraints. This was to some degree put into reverse during the 1990s. Today, not only are companies more highly regulated, but they are under much greater scrutiny from governments, regulators, stakeholders, customers and the public than a decade ago. At the same time, because of the need to compete in global markets, often against overseas companies who are less highly regulated in terms of health, safety and the environment, companies face financial disincentives to spend more on safety. The risk-based approach to safety management described in Chapter 7 enables companies to invest more effectively. The legal system of the UK encourages this by allowing company investment in safety to be proportionate to the level of risk to the workforce, public and the environment. Other changes in safety culture necessarily accompany stage 3. It would not be possible to develop such a safety culture without collaboration and partnership between management and the workforce. The adversarial aspects of stages 1 and 2 must be abandoned and a realistic and genuine commitment to safety achieved. At the same time, there must be no conflict between production and safety, in spite of the fact that in a market-driven company production will often seem to demand priority. This apparent dichotomy between production and safety is resolved by the fact that productivity is actually stimulated in a work environment that places a high priority on safety. This is because the same management practices and organizational arrangements that are necessary to achieve a stage 3 safety culture are the same as those which lead to increased productivity and efficiency. There are several other aspects of a stage 3 safety culture which can be briefly mentioned here but which will be developed further in later chapters. Perhaps the most important feature is the relationship between management and workforce. The manager’s role is no longer seen as an enforcer of rules, but one where staff at all levels are collaborating in a common enterprise reaching out to achieve a set of agreed safety principles rather than mere numerical goals. Whilst safety goals in terms of numerical targets may still be set as a barometer of progress, they will not become an end in themselves, as was often the case in stage 2. The basic assumptions of the stage 3 safety culture reflect the new working relationship. If a mistake or an error is made investigations will focus not so much upon the individual making the error as upon the faulty management systems that allowed the error to happen. Employees will be encouraged to report their errors even if an accident did not happen. Extending the focus of investigations beyond accidents to include near misses is part of the proactive and anticipatory approach to safety which is now necessary. In order to achieve the new working relationship, the concept of shared leadership needs to be accepted. The reliance of managers on hierarchy, status and authority must be abandoned in pursuit of a shared responsibility for safety. Some ways of leading an organization towards the necessary changes to achieve a stage 3 safety culture are discussed later.

Measuring safety culture The dimensions of a safety culture are defined here as those characteristics which can be measured in order to establish the adequacy of the safety culture for controlling the risks generated by the organization. Quality experts maintain that it is impossible to

Safety culture control something that cannot be measured. In spite of the diffuse nature of safety culture, unless its characteristics can be assessed by a suitable set of dimensions, the culture can never be properly understood. If it cannot be understood it cannot be reviewed in the light of changing circumstances and therefore there will be a failure to recognize when change is necessary to protect against corporate accidents. Approaches to measuring the safety culture in an organization range from those used by applied psychologists, skilled at undertaking surveys of companies to establish the nature of the existing culture (such as those discussed in the Gestalt approach above), to more practical guidance from organizations such as the IAEA, described below. Applied psychologists use extensive questionnaires to establish workforce attitudes to safety in order to capture the prevailing safety climate in terms that can be compared with some ideal normative state. These questionnaires often bear a striking resemblance to personality assessment models applied to individuals in order to establish their suitability for a particular job. On reflection, this is not surprising since the similarities between ‘culture’ and ‘personality’ have already been noted and discussed above. The IAEA have been leaders in the practical application of methods to assess safety culture which companies can use internally to monitor their own progress. As already mentioned, the work by IAEA followed the Chernobyl accident in 1988, which IAEA found to be mainly due to an inadequate safety culture within the organization. In the IAEA’s introduction to Guidance for Use in the Enhancement of Safety Culture,1 the following statement is made: The establishment of a safety culture within an organization is one of the fundamental management principles necessary for the safe operation of a nuclear facility. (It should be) recognized that safety culture is both structural and attitudinal in nature and relates to the organization and its style, as well as to attitudes, approaches and commitment of individuals at all levels in the organization. This statement could be applied to any industry or organization where there are significant potential risks to the workforce, the local community and the environment arising from their operations. The purpose of measuring safety culture is to reduce its characteristics to a number of measurable dimensions or attributes. In order to make this task more manageable and systematic, it is useful to adopt the three-level breakdown of culture (artefacts, espoused values and basic assumptions) proposed by Schein and described above. For each of the three levels of safety culture within an organization it is possible to identify dimensions which are amenable to measurement. However, the problems of applying measurements to these dimensions will be different for each level. Artefacts will be quite easy to measure since they are clearly obvious upon superficial inspection, whereas espoused values will be more difficult to measure but may be ascertained by the use of questionnaires. Basic assumptions, because of their rather more obscure nature, will be the most difficult to measure. The dimensions listed in Table 4.3 are based partly on the methods described in the IAEA guidance document.1 The dimensions are mainly expressed in terms of the

105

106

Strategies to prevent corporate accidents Table 4.3 Safety culture: positive dimensions Cultural level Artefacts

Espoused values

Basic assumptions

Accident investigation Documentation and procedures Employee involvement Good housekeeping Safety performance measurement Signage and symbols Systematic approach to safety Visible leadership Written definition of roles responsibilities and accountabilities

Absence of safety versus production conflict Absence/presence of violations Adequacy of resources Balance between time pressure workload and stress Change management Collaboration and teamwork Conflict resolution Contractor involvement Dedication to continuous improvement Employee involvement Learning from past accidents Long-term perspective on business Manager/workforce relationships Motivation and job satisfaction Openness in communications Priority of safety Proactive approach Questioning attitude of employees Regulatory compliance Responsibility for safety Safety performance measurement Self-assessment Staff competence Strategic business importance of safety Superior/subordinate consultation Systematic approach to safety Technological versus human knowledge Tight/loose control of operations (re supervision) Work process awareness and interactions

Authoritarian versus participatory management Avoiding cost externalization Central/decentralization policy Collectivist versus individualist culture (or group interdependence versus independence) Dedication to continuous improvement Hierarchy, privilege and status symbols (importance of) Learning organization Long-term perspective on business Open relationship with other industries, competitors, communities, authorities and national bodies Openness in communications Responsibility for safety Superior/subordinate consultation Systems approach to problems Tight/loose control of operations (re supervision)

values which express a positive culture, rather than (as in Table 4.1) a range from positive to negative. Where dimensions are common to more than one of the cultural levels they will appear in each of those levels. For instance, some of the dimensions (e.g. ‘long-term perspective on business’) appear as both an espoused value and a

Safety culture basic assumption. It should be noted that in Table 4.3 there is no horizontal correlation between the dimensions. They are not listed in any particular order, but have been sorted alphabetically. It is quite feasible and it is recommended by IAEA to express some or all of the dimensions listed above as a question set which can be submitted to employees. This can best be done by expressing each dimension in terms of a statement, to which a subjective opinion or belief is elicited from the employee, varying, say, from ‘strongly agree’ to ‘strongly disagree’ at the extremes. For example, the dimension ‘long-term perspective on business’ may be expressed as a statement: ‘this company operates on a long-term business perspective which avoids sacrificing safety for short-term gain’. An opinion as to the truth of this statement is then sought in terms of strength of agreement. The use of statements is especially useful for eliciting opinion about espoused values and basic assumptions, which tend to be less objective than artefacts as far as their absence or presence is concerned. The use of a graduated scale of agreement enables the responses to be ranked numerically (say a score of 5 for ‘strong agreement’ or a score of 1 for ‘strong disagreement’), allowing the current state of the safety culture to be scored for comparative purposes and to indicate areas for improvement. More than one question may be needed to define the more complex dimensions in order to elicit an opinion fully. The dimensions given above which, with some additions, are based on the IAEA guidance document,1 are only indicative of the range of possibilities; they are not necessarily comprehensive and can be varied in scope and detail to suit the requirements of particular organizations. Where a company employs many contractors, for instance, dimensions relating to contractor relationships and control would need to be emphasized.

Changing the safety culture An approach to developing a safety culture was described above based on a threestage process to transform an organization from a prescriptive rule-based culture to a more modern fully risk-based culture. The characteristics of each type of culture were described. In order to make such a transformation it is necessary to implement organizational change. The subject is touched on again in Chapter 8 in the context of organizational learning. Here the subject matter is restricted to the process of implementing a desired change to the safety culture of an organization. In order to change the safety culture it is necessary to understand two important factors:

• the characteristics of the existing safety culture as determined by a set of suitable dimensions such as those suggested in the previous section • the new safety culture which it is desired to put in place, and which can be evaluated using the same dimensions.

Put simply, this means that a company needs to know where it is at in the present and where it wishes to be in the future. The use of a question set, as described above, to elicit the inadequacies of the existing culture will indicate the areas for change.

107

108

Strategies to prevent corporate accidents The title of this section, ‘Changing the safety culture’, seems to imply that the desired results can be achieved by simply adjusting certain critical parameters to conjure up a new type of culture. That is, having identified the areas for change, knobs and dials are tweaked to bring about the change, as if by magic! As discussed above, cultures are so deeply embedded in an organization that it is extremely difficult to bring about the fundamental changes to effect the necessary transformation. It may be possible to change the artefacts and the espoused values quickly and easily, but to change the basic assumptions of the culture will take much longer and involve the full collaboration of all the individuals who will be affected. Only then will the necessary transformation take place. A change management approach applicable to transforming a safety culture is suggested in the following section. It is based on an approach proposed by Sir John Harvey-Jones, a respected management guru, in his book Managing to Survive.19 It is fully compatible with the principles of a learning organization described in Chapter 8.

Three creative steps to managing change Step 1. Create dissatisfaction with the status quo The first and most important fact to be understood is that organizational cultures only change when the people in them change. But there will always be resistance to change. Harvey-Jones succinctly notes that ‘cosy people don’t accept change without a struggle’.19 This is another version of Newton’s law of motion, that a body at rest tends to stay at rest unless its inertia is overcome by some irresistible force. As discussed above, a culture is a Gestalt where the behaviour of the whole is not determined by that of its individual elements, but where the parts are themselves determined by the intrinsic nature of the whole. The Gestalt approach has shown that change is more easily facilitated if the objects of change come to recognize and accept the nature of their resistance.20 In order to change the culture, it is necessary for the people to change, and people will only change when they accept that change is necessary. It is always easier to carry on in the same way. The corollary of this is that it is only possible to change an organization which has accepted the disadvantages of operating the same way in the future as it does in the present. The overriding principle is that ‘the engine of change is dissatisfaction’.19 This may seem to conflict with the writings of other management gurus, such as Edward Deming, whose eighth principle in his fourteen principles of management21 is ‘drive out fear’. However, Deming’s approach is made in the context of making employees feel secure enough to ask questions through establishing open two-way communications. This is in fact one of the dimensions of a safety culture in Table 4.3 (openness in communications). Dissatisfaction may well involve fear in the early stages of the process of change, but by establishing trust through involvement and opening up the lines of communication, the dissatisfaction with the present will be transformed into a feel-good expectation for the future (also see step 3, below). In a learning organization (see Chapter 8) dissatisfaction with the present will become normative. People will not need to be told that something has to change. It will not be necessary to wait for a traumatic event to occur (such as an accident or a threat to the company’s survival) before action is taken. In the absence of a learning

Safety culture organization and without the trigger of a traumatic event, it will be necessary for management to tell people how bad things have become. In practice, most people are realistic and many of them may have already worked this out for themselves. In the face of company closure, for instance, there will be no need to wait for the results of poor performance to become obvious through redundancies before they find out how bad it is. In the same way, the results of unsafe working, the occurrence of near misses, poor housekeeping, maintenance running behind schedule, safety equipment unavailable, etc., will indicate how bad things have become. People will understand what is wrong from the evidence around them and, more importantly, they will then want to know what management is going to do about it. Harvey-Jones suggests that ‘Change is not ‘‘managed’’ – it is released and guided along the track you have decided. Don’t let the ‘‘genie’’ out of the bottle if you don’t have anywhere for it to go’.19 This leads to step 2.

Step 2. Create a vision (‘without vision the people perish’ – Proverbs) Changing the safety culture is not a short-term process. The period over which the benefits of change are realized is estimated to be three to five years. Any quicker than this, the change will not be long lasting. Experience shows that if the change process is too rapid it will release a short burst of involvement and enthusiasm, but the situation will then quickly return to the status quo. If the period of change exceeds five years then the initial momentum will be lost and people will have forgotten where they are coming from and where they are supposed to be going. The principle of creating a vision for the future means deciding where the safety culture is to be in three to five years’ time and then making it sufficiently attractive to lure people away from the present. In creating this vision it is important not to be too precise. Although the vision for the future is put forward by the leader of change, it is created for the people who are to be included in it. The vision has to be owned by all who are affected by it and therefore open to the creative refinement which goes with co-ownership. In addition, the vision must be expressed in a qualitative way so that people not only understand it, but can become enthusiastic or even excited about it. This is why safety goals and targets are only a means to an end and not an end in themselves. However, much management may like to express their achievements in terms of safety targets which have been met, and no matter how laudable, it is rare that numerical targets create great excitement amongst the workforce. People do not get excited by visions of ‘hours since a lost time accident’. They may, however, get excited about a vision of shared leadership in an organization in which their views and concerns about safety are taken into account and safety targets are more than just another management policy. The vision must indicate what sort of safety culture is going to evolve from the change process. It is always important to talk in concepts which people are able to understand, recognize and feel that they can join. It is necessary to be direct rather than wordy, even to the extent of describing a safety culture in idiomatic terms. Hence, the rather formal ‘management commitment’ may be translated as ‘beyond lip-service’, which

109

110

Strategies to prevent corporate accidents conveys the essence of what is required much more directly. It is better not to issue mission statements that reflect the ideology of upper management, rather than the idiom of the workplace. Few people take a mission statement seriously, except perhaps the person who wrote it. Harvey-Jones maintains that mission statements should be avoided at all costs since they are invariably too long, too worthy and almost impossible to attack.19 As in a stage 3 safety culture hierarchy, status and privilege must be replaced by collaboration, teamwork and shared leadership. The vision must be a distant but believable description of where the culture is expected to be in a few years’ time, in fact the opposite of the dissatisfaction with the present which has been created in step 1. A useful starting point is a comparison of the dimensions of a culture at stage 1 in its development compared with one at stage 3 (see above).

Step 3. Create challenge but not fear The principle of ‘drive out fear’ advanced by Deming was mentioned in step 1. It has been suggested that the biggest brake on change is unquestionably fear. When people are faced with the unknown they may feel inadequate to cope with the future. People who are being led through the labyrinth of change must know that they are trusted by those who are leading the change. This will help to overcome their self-doubt, enabling them to follow the vision of the future which is on offer. One of the principal qualities of leadership is not to ask someone to do something that one would be unwilling to do oneself. If people are to follow the vision, leadership must be exercised by leading from the front rather than sending people ahead. People must also know that if the vision does not work out as expected then they will still be treated decently and will not have to carry the blame for what went wrong. In spite of all this, fear of an unknown future may still exist. It is important that this fear is channelled in the right direction, so that the fear of not changing is greater than the fear of changing. Sometimes, the process of change will be so traumatic that people will decide to leave the company because they are not prepared to adopt new ways of working or the new skills that may be required of them. This will apply just as much to management as to the workforce and in some cases perhaps even more so. Many managers have learnt their ‘trade’ in a hierarchical and authoritative organization where status and privilege are more important than collaboration and teamwork. Often they are only able to survive in such an organization protected by the trappings of authority. Some people will decide to leave before the vision is fulfilled; in this case sensitivity is needed in order to avoid the dispiriting sight of a procession of resentful and defeated individuals leaving the company. This will not motivate an acceptance of change amongst those remaining.

Post-traumatic stress Resistance to change is a fairly normal human reaction. In the aftermath of a corporate accident other more serious reactions are encountered. The effect upon employee morale can be quite devastating and frequently comes to be dominated by two overriding feelings: guilt and fear. Assuming that the company continues in business, it is certain that it will not be business as usual, although the management

Safety culture may claim this to bolster morale. Post-traumatic stress disorder (PTSD) is now an accepted set of symptoms which can severely hamper the ability of people to lead a normal life following a traumatic event. Not everyone will develop PTSD following a corporate accident (it will depend upon the nature of the event, e.g. whether fatalities have occurred), but most people will be affected to some degree. In some people symptoms may be denied or delayed until long after the event. The symptoms are unpredictable in nature and intensity and will take various forms. These will include re-experiencing the event through intrusive thoughts and flashbacks, survivor’s guilt, fear of the future including a repetition of the event, avoidance mechanisms such as extreme busyness, detachment in relationships, repression of memories, sleep disturbance and inability to concentrate. Recovery and a return to near normality are always possible given the right support, and expert authorities are able to provide advice on these matters. Planning for the future is an important responsibility of management following such an event and it is inevitable that changes within the organization will become necessary. Later chapters, and in particular Chapter 8, provide further information on the necessary recovery process following an accident, when it will be necessary to improve the company’s defences.

Summary The three steps described above are foundational to managing change effectively. It needs to be remembered that managing organizational change is not the same as managing a project. It should be treated as a programme rather than a project. A project aims to deliver a specific set of deliverables in a relatively short timescale by budgeting and tracking the necessary effort and resources. By contrast, a programme does not have a defined set of deliverables in mind, but rather embraces a vision which may well evolve and change along a path that is not always very clearly defined. The timescales are generally much longer. However, as with a project, effective change is highly dependent on people, whose cooperation can only be gained by involving them and treating them properly. People will only change when they see a need to change and when they are actively involved in the programme for change. They need to feel secure in the process of change but still maintain the desire for change. However, at the same time people are much more inclined to accept change in incremental steps and the speed of the programme needs to reflect this. People do not always act rationally on the basis of new or novel information. In the course of instituting change apparently irrational attitudes and behaviours will occur. These need to be taken seriously and not dismissed as aberrations since they will affect the success of the change programme.

Case studies This section (which is also included at the end of each of the remaining chapters dealing with defences against corporate accidents) takes two of the case studies which are described in detail in Appendix 2 and uses them to illustrate the salient points from the chapter. The selection of case studies used to compile

111

112

Strategies to prevent corporate accidents Appendix 2 was made in such a way as to provide the reader with as wide a coverage as possible of both industry and type of accident. However, the effect of safety culture is so all pervading and influential to a company’s operations that almost any of the case studies in Appendix 2 could have been chosen for their illustrative value. Furthermore, it is probable that safety culture would be implicated in some way in any corporate accident that might have been selected as a case study for this book. The two accident case studies selected are the loss of the space shuttle Columbia and an incident involving children’s heart surgery at Bristol Royal Infirmary in the UK. The first case study illustrates the persistence of a defective safety culture within an organization. The Columbia accident followed on from the loss of the space shuttle Challenger in January 1986, some seventeen years earlier. The investigation revealed that lessons had not been learned and the safety culture within the National Space and Aeronautics Administration (NASA) was relatively unchanged. The second case study takes a slightly different angle, and whilst the safety culture of the organization (the UK National Health Service) had an influence on the events, the principal root cause lay in a professional subculture which was unable or unwilling to review its own performance objectively.

1. The loss of the space shuttle Columbia This case study is reported in detail in Appendix 2, Case Study A2.1. The twenty-eighth flight of the space shuttle Columbia began on 16 January 2003, commencing with an apparently normal countdown and launch followed by a trouble-free flight which met most of the objectives of the sixteen-day mission. Unfortunately, during launch a large piece of insulating foam became detached from the external fuel tank and struck the leading edge of Columbia’s left wing. On 1 February, as the re-entry phase began, a breach in the leading edge of the left wing caused by the foam strike allowed superheated air from the heat of re-entry to penetrate the wing cavity. This damaged the insulation protecting the leading edge support structure, melting the lightweight aluminium wing spar and destroying the interior of the wing. The Columbia orbiter broke up while passing over Texas in the early hours of 1 February, falling to earth at a speed of over 10,000 miles per hour and resulting in the loss of the space shuttle and its seven-member crew. An investigation into the accident was carried out by the Columbia Accident Investigation Board (CAIB). Apart from revealing the failure of NASA to learn lessons from the loss of the space shuttle Challenger some seventeen years earlier (see Chapter 8), the CAIB also found serious deficiencies in the safety culture of the NASA organization. Prior to the Columbia accident foam strikes had occurred over the previous twenty-two years such that it had become accepted as a normal maintenance problem rather than a safety issue. Since previous occurrences had not led to any problems, the CAIB observed that NASA had become ‘conditioned by success’. There was effectively a blind spot within the NASA organization which prevented it standing back to review its own safety culture. Safety-conscious attitudes were absent from the mindset of shuttle managers and ‘bureaucracy and process trumped thoroughness and reason’.

Safety culture One of the main problems was that the safety culture ‘failed to ask searching questions about risk’, and this was a systemic flaw which penetrated the whole of the organization. High-level safety policies existed within the NASA organization which placed a high priority on safety interests; in fact, top-level management were given sufficient authority to oversee safety with a high degree of independence. Unfortunately, this never happened in practice and safety was left to compete with the many other urgent concerns which impinged upon programme and project managers. Because of this, signals that might have indicated incipient danger never surfaced in the hazard identification process, in spite of numerous recommendations made by outside experts over nearly two decades, including the Rogers Commission following the Challenger accident.

2. Children’s heart surgery at the Bristol Royal Infirmary This case study is reported in detail in Appendix 2, Case Study A2.4. Between 1991 and 1995, thirty to thirty-five more children aged under one year died after open-heart surgery in the Bristol Royal Infirmary than was typical for similar units treating children elsewhere in England. Mortality rates for this difficult form of surgery (heart operations on small babies) had been falling gradually throughout the country over the previous two decades. Although the condition of babies with heart defects treated at Bristol was no more severe than that of those treated elsewhere, the mortality rates at Bristol Royal Infirmary remained high. Concerns about the high rate of mortality led to a series of investigations, both within and outside the National Health Service, initially involving paediatric consultants and anaesthetists at the hospital, but ultimately involving Department of Health officials and the British Medical Association. These concerns culminated in a major public inquiry led by Professor Ian Kennedy, Professor of Health Law, Ethics and Policy at the University College, London. In his report Kennedy revealed a hospital short of resources and specialist staff where paediatric cardiac care was secondary to adult services, with power concentrated in the hands of a few senior consultants. The report described a ‘club culture’ in which there was a refusal to face up to problems even when they became obvious. Knowledge was considered to be in the hands of the professionals, never to be subjected to questioning, while the needs of patients were subsumed by rivalries between professions. The inward-looking culture of the hospital was one which encouraged secrecy about doctors’ performance and important information about this was withheld since it was deemed to be the property of the doctor not to be made available for the scrutiny of outsiders. The inquiry referred to ‘old-style attitudes of paternalism and self-protection’ not conducive to patient safety. It found that ‘dissatisfied and damaged patients, frustrated by poor communication, having failed in their search for explanations, defeated by the culture of defensiveness, resort to the media or the law, or both’. In the end, it was the media that brought the problems to public attention and raised a storm of protest from worried parents of babies who had been treated at the hospital.

113

114

Strategies to prevent corporate accidents Following the public inquiry, the General Medical Council began disciplinary hearings to examine allegations against a number of doctors. When these were complete, two of the doctors were found guilty of not responding to concerns over professional standards of medical care and their names were erased from the medical register. Another doctor was banned for three years from performing heart surgery on children.

References 1. International Atomic Energy Agency (2002). Safety Culture in Nuclear Installations – Guidance for Use in the Enhancement of Safety Culture, IAEA-TECDOC-1329, Vienna: IAEA, http://www-pub.iaea.org/MTCD/publications/PDF/te_1329_web.pdf 2. Bates, D.G. and Plog, F. (1980). Cultural Anthropology, 2nd edn, New York: Alfred A. Knopf, p. 7. 3. Hofstede, G. (1996). Cultures and Organizations: Software of the Mind: Intercultural Cooperation and Its Importance for Survival, New York: McGraw-Hill. 4. Schein, E.H. (1991). Organizational Culture and Leadership, 2nd edn, San Francisco, CA: Jossey-Bass. 5. Hofstede, G., Neuijen, B., Ohayv, D.D. & Sanders, G. (1990). Measuring organizational cultures. A qualitative and quantitative study across twenty cases, Administrative Science Quarterly, 35, 286–316. 6. Seel, R. (2001). Describing Culture: From Diagnosis to Inquiry, http://www.newparadigm.co.uk 7. Wertheimer, M. (1924). Gestalt Theory, Society for Gestalt Theory and its Applications, http://gestalttheory.net/archive/wert1.html 8. Seel, R. (2000). Complexity and Culture: New Perspectives on Organisational Change, Organisations and People, 7(2), 2–9, http://www.new-paradigm.co.uk/culture-complex.htm 9. Gardner, M. (1970). Mathematical games, the fantastic combinations of John Conway’s game of life, Scientific American, 223(October), 120–123. 10. Reynolds, C.W. (1987). Flocks, herds, and schools: a distributed behavioral model, Computer Graphics, 21(4), 25–34. 11. Cox, S. and Flin, R. (1998). Safety culture: philosopher’s stone or man of straw? Work and Stress, 12, 189–201. 12. Confederation of British Industry (1991). Developing a Safety Culture, London: CBI. 13. Health and Safety Executive, Advisory Committee on the Safety of Nuclear Installations (ACSNI) (1993). Organising for Safety, Third Report, Study Group on Human Factors, Sudbury: HSE Books. 14. International Atomic Energy Agency (2002). Safety Culture in Nuclear Installations – Guidance for Use in the Enhancement of Safety Culture, IAEA-TECDOC-1329, Vienna: IAEA, http://www-ns.iaea.org/standards/documentpages/other/management-systems.htm 15. US Agency for Health Care Policy and Research, Hospital Survey on Patient Safety Culture, http://www.ahrq.gov/qual/hospculture/hospcult1.htm 16. Nieva, V.F. and Sorra, J. (2003). Safety Culture Assessment: A Tool for Improving Patient Safety in Healthcare Organizations, Quality and Safety in Health Care, http://qhc. bmjjournals.com/cgi/content/full/12/suppl_2/ii17

Safety culture 17. Statutory Instrument 1999 No. 743, The Control of Major Accident Hazards Regulations 1999, http://www.opsi.gov.uk/si/si1999/19990743.htm 18. Chemical Industries Association, Responsible Care Scheme, London: CIA, http:// www.cia.org.uk/newsite/responsible_care/care.htm 19. Harvey-Jones, J. (1993). Managing to Survive: A Guide to Management Throughout the Nineties, London: William Heinemann. 20. Nevis, E. (1987). Organizational Consulting: A Gestalt Approach, Cleveland: Gestalt Institute of Cleveland Press. 21. Deming, E. (1982). Out of the Crisis, rev. 1986, Cambridge, MA: MIT Center for Advanced Engineering Study.

115

5

Understand the risk We believe that risk management should be about practical steps to protect people from real harm and suffering – not bureaucratic back covering. If you believe some of the stories you hear, health and safety is all about stopping any activity that might possibly lead to harm. This is not our vision of sensible health and safety – we want to save lives, not stop them. Our approach is to seek a balance between the unachievable aim of absolute safety and the kind of poor management of risk that damages lives and the economy. Statement by Bill Callaghan, Chair of the UK Health and Safety Commission, http://www. hse.gov.uk/risk/principles.htm

Introduction Corporate accidents when they occur often involve an element of surprise. This element of surprise indicates that there has been a lack of preparedness at senior management and director level, often stemming from a failure to comprehend fully the risks generated by the organization. This chapter deals mainly with the identification of hazards and the assessment of risk so that management understand the magnitude of the risks arising from the organization’s operations and activities. A clear distinction is made between the terms hazard and risk, which are sometimes used interchangeably. Since it is the hazards which give rise to the risks, the hazards must be identified before the risks can be properly understood. The chapter explores expressions of risk including individual risk in the workplace, in the home and, for comparison, during leisure pursuits, as well as the wider societal risks which arise when major accidents cause multiple fatalities. The methods of calculating risk are described, enabling risks to be compared with each other and compared with risk criteria set corporately or by a regulator. It also is important to investigate risks in the context of the activities that cause them, for instance, whether the activities are voluntary or involuntary. This explains why some risks are unacceptable unless reduced to low levels, whereas others, such as from leisure pursuits, are much higher yet deemed acceptable by the individuals involved.

Understand the risk Risk assessment is a legal requirement of the UK regulator for most industrial activities where there are workplace hazards. There are many approaches to risk assessment, varying from a simple qualitative workplace assessment to a quantified risk assessment (QRA) of major hazards with the potential for multiple fatalities. The important principle is that the amount of effort expended in the assessment and the level of detail produced should be proportionate to the potential risk. A full description of QRA methodology is beyond the scope of this book, but a standard risk assessment method using a risk matrix is described. This is generally applicable for a simple assessment of workplace risk as well as for a screening analysis of major accident hazards. Finally, the important concept of risk perception is examined in an attempt to explain why risks which may seem tolerable on the basis of acceptance criteria can be perceived as unacceptable by individuals or groups who are affected. It is essential that companies understand risk perception and how it occurs if they are to communicate effectively their safety and risk policies to those affected by their activities. The setting of risk criteria by the regulator and how compliance is measured are dealt with in Chapter 6.

What is risk? Risk may be simply defined as the converse of safety, so that an activity or a process which is unsafe is therefore, by definition, risky. No activity, however, is completely safe and the goal of absolute safety or zero risk can never be achieved. Nevertheless, everybody is aware that most activities can be brought to a condition of being sufficiently safe, so that they can continue to be carried out. As will be shown later, the condition of ‘sufficiently safe’ exists subjectively in the mind of the person(s) affected by the activity. Since individuals will differ in their perception of the risk from the same activity, it is important that ‘sufficiently safe’ is measured so that the various viewpoints about what is acceptable can be reconciled. Defining the level of risk therefore makes it possible to reach agreement about what is and what is not acceptable to individuals and society. The condition of sufficiently safe exists as a theoretical point on a continuous spectrum ranging between safe and unsafe. This point can be identified by measuring the risk and placing it on the risk spectrum. Risk is defined by the UK Health and Safety Executive (HSE) as ‘an expression of the likelihood that harm from a particular hazard will occur and the possible extent of the harm’. Risk and hazard are not interchangeable terms, since each has its own very specific meaning and definition. Some definitions taken from various sources related to risk and hazard are:

• Risk: the combination or product of the frequency or probability (likelihood) of a hazard occurring and the consequences of the hazard if it does occur. • Hazard: ‘a physical condition with the potential to cause harm’ (HSE) • Hazardous event: ‘an occurrence that creates a hazard’ (MIL STD 882B)

117

118

Strategies to prevent corporate accidents

• Hazard consequence: ‘the undesirable outcome of a hazard expressed in terms of level of harm from a specified hazard’ (Institution of Chemical Engineers) • Hazard frequency: the frequency that a specified hazard will be realized. • Accident: ‘an unplanned event resulting in death, injury or illness to personnel, or loss of equipment or property’ (MIL STD 882B).

Examples of hazards are falling from a height, fire, explosion, water, radiation, electricity, slipping or tripping, etc. Each hazard has its own particular consequence or outcome, such that falling from a height is likely to result in bodily injuries, fire will result in burns, water may result in drowning, electricity in electrocution and so on. This may all seem rather obvious, but it is important to make a distinction between a hazard and its ‘frequency and consequence’ in order to define or calculate the risk. Risk is therefore defined in mathematical terms as follows: Risk = [The likelihood a hazard is realized]  [The consequences of the hazard] (1) Likelihood is expressed as either frequency or probability of occurrence. The implication of equation (1) is that a hazard can exist without being realized; for instance, a tank of gasoline poses a potential fire hazard, but the hazard is not realized unless the containment is breached and the gasoline reaches a source of ignition. The concept of risk is therefore most frequently used to predict the risk of an activity or a process, allowing decisions to be made as to whether it is sufficiently safe to be carried out or whether further risk reduction measures are necessary. Risk reduction measures may be developed to reduce either the likelihood or the consequence of the hazard; in either case they will reduce the risk. However, it is often better to reduce the likelihood than the consequence: it is preferable that the accident does not occur (or occurs less often) than to reduce its consequences when it does occur. Measures to reduce both likelihood and consequence are best of all. Once risk reduction measures have been implemented, the new level of risk can be checked to see whether the activity or process is sufficiently safe. This can be determined by comparing the risk with risk criteria or risk targets to be achieved, possibly set by a regulator (see Chapter 6). The relationship between likelihood and consequence is most aptly demonstrated by the ‘Farmer curve’. This curve shows the relationship between frequency (years) and consequence (number of fatalities) based on historical accidents. The curve was developed in 1967 by Dr F.R. Farmer OBE, FRS (1914–2001), a prominent nuclear scientist, and an indicative straight-line version of his ‘curve’ is shown in Figure 5.1. The curve expresses something which is rather obvious and which most people intuitively realize, but at the same time is the basis for many important risk decisions. It expresses the serendipitous fact that the accidents which have the highest consequence also tend to have the lowest frequency. In other words, more serious accidents occur less frequently. Conversely, accidents which are very frequent tend to have a

Understand the risk y = Frequency of fatalities (x) per year (once per year) 1

High risk

(once per 10 years) 10–1

(once per 100 years) 10–2

Low risk

(once per 1000 years) 10–3

(once per 10,000 years) 10–4 1 10 100 1000 10,000 100,000 x – Consequence or severity of accident (fatalities)

Figure 5.1 Indicative ‘Farmer curve’.

low consequence. Thus, we can see from the curve that accidents causing about fifty fatalities have (say in the UK alone) a frequency of about five to ten years. If the frequency were less than this or the fatalities more, then the risk would be higher. However, accidents causing 10,000 fatalities, say a serious nuclear accident, might be expected to have a frequency of around 200 years. Such a curve can be used to set risk criteria; any accidents lying above the curve are said to present an unacceptable risk. Please note that the curve shown is indicative only, and that both axes have logarithmic scales. The practical implications of the Farmer curve are summed up in Table 5.1. This is mainly intended to show the distinction between commonplace accidents with low consequence and major accidents with severe consequence, and the typical ways in which these are controlled. Prior to Farmer’s groundbreaking paper,1 published in 1967, safety and risk were usually considered qualitatively, with the assurance of sufficiently safe being based on engineering judgement and the use of standard or previous practice. The advent of nuclear power, with its potential for catastrophic accident, as well as the building of larger, more complex chemical plants, made a more quantitative approach essential. Such an approach made possible the use of risk comparisons between different engineering solutions to complex safety issues and between predicted risk from a dangerous facility and risk targets set by a regulator. Farmer argued that no dangerous facility could ever be entirely risk free, but by the predictive study of how major accidents developed, it was possible to identify the combinations of precursor, yet

119

120

Strategies to prevent corporate accidents Table 5.1 Accident frequency versus consequence Frequency

Severity or consequence

Type of accident

Method of control to reduce frequency and/or consequence

High (1–5 years)

Low: injury or fatality

Workplace accidents, road accidents, accidents in the home

Health and safety management, road safety campaigns, design of equipment, etc.

Low (5–100 years)

High: many fatalities

Major accidents from dangerous facilities, natural catastrophes, terrorist attack, train crashes

Multiple layers of defence, high reliability equipment, evacuation planning, security measures, etc.

often minor, events which together led to the hazard being realized. Good engineering design could then ensure that the major hazards with the greatest consequence were brought under control and limited to an acceptably low frequency in line with risk targets.

Expressions of risk In order to understand fully the risk arising from an activity and, where necessary, make valid comparisons with risks from other activities or with risk criteria, it is necessary to choose the most suitable expression (or unit) of risk. There are two broad categories considered here, individual risk and societal risk. Individual risk measures the risk to an individual from participating in an activity. This may be the risk of death or injury arising from an accident involving the activity, but could be ill-health or loss of life expectancy due to delayed effects such as exposure to ionizing radiation or toxic substances. Deaths resulting from an activity may occur singly, as in motor vehicle accidents or serious workplace accidents, or may be multiple fatalities in the case of a major accident such as a refinery explosion or a train crash. Individual risk can be calculated whether the deaths occur singly (one at a time) or as multiple fatalities. Where multiple fatalities occur, it is sometimes beneficial to express the risk in terms of societal risk. Societal risk takes account of the fact that there is greater public aversion to multiple-fatality accidents than to accidents where fatalities occur one at a time. This is a consequence of the perceived greater harm to society which results from multiple-fatality accidents, often reflected in the greater publicity, as well as an increased desire to take preventive measures against future accidents. Each expression of risk is discussed in more detail below.

Understand the risk

Individual risk Calculation of individual risk Equation (1) calculates risk from the combination of the likelihood of a hazard being realized and the consequence of the hazard. The calculation of annual individual risk requires the equation to be slightly modified to: Individual risk ¼ Frequency of hazard ðper yearÞ  Consequence ðfatalities arising from the hazardÞ Number of persons at risk ¼ Number of fatalities per year=Number of persons at risk ¼ Chance or probability of death per year to an individual exposed to the hazard Thus, annual individual risk is the number of fatalities due to the hazard each year divided by the number of people at risk. The result is the annual probability (or chance) of death to any individual exposed to the hazard. It may be calculated for a particular activity, say a job, part of a job or leisure activity.

Worker individual risk The annual fatality statistics produced by the HSE are expressed in terms of individual risk. Statistics for the year 2005/06 are summarized in Table 5.2. There are 29.8 million workers employed in the UK, based on estimates compiled by HSE2 from quarterly figures collected by the Office for National Statistics (ONS). During the year from April 2005 to April 2006, there were 212 industrial fatalities recorded by HSE3 as reported to all enforcing authorities. Thus average individual risk for all workers is given by: Individual risk ðall UK workers 2005=06Þ ¼ 212=29:8E þ 6 ¼ 7:1E6 per year Note that for clarity, the exponential method of expressing very small or very large numbers is adopted here. In this convention, 29.8Eþ6 is equivalent to 29.8  106 or 29.8  1,000,000 or 29.8 million. Similarly, 7.1E–6 is equivalent to 7.1  10–6 or 7.1/1,000,000. This individual risk of 7.1E–6 per year is in effect an average risk spread over all workers in the UK. Clearly, this annual overall UK worker risk is a statistical average and there will be variations in individual risk across industries. Everyone knows the story of the statistician who drowned in an average depth of water of 5 cm! The risk is calculated by the HSE across industries varying from the service industries, employing many clerical and shop workers, where the risk is low (2.9E–06 or a chance of about 3 in a million each year), to construction (3.0E–5 or about 3 in 100,000 each year). The risk to a construction worker is therefore about ten times more than the

121

122

Strategies to prevent corporate accidents Table 5.2 Workplace fatalities in the UK, 2005/062 Year 2005/06

Standard Industrial Classification (SIC 92) Agriculture, hunting, forestry and fishing

Extractive and utility supply industries

Manufacturing industries

Construction

Service industries

All

No. of fatalities

33

6

45

59

69

212

No. of workers employed

408,907

165,644

3,246,508

1,997,660

23,962,625

29,781,344

Individual risk

8.1E–05

3.6E–05

1.4E–05

3.0E–05

2.9E–06

7.1E–06

risk to a service worker owing to the nature of the work and exposure to more serious hazards. Another way of saying this is that a construction worker has a ten times greater chance of being killed at work than a service worker. It is immediately apparent from Table 5.2 that the contribution of the agriculture, hunting, forestry and fishing industries (which happens to include the offshore oil and gas extraction industry) makes a disproportionate contribution to the overall average. The service industry sector contributes sixty-nine of the 212 fatalities, but these are spread over nearly 24 million workers, whereas the agriculture, hunting, forestry and fishing industries contribute just less than half the deaths of the service industries for only 1.7 per cent of the workforce. This result is reflected in the individual risk calculation. Because of these gross disparities of risk, it is usual when calculating individual risk from a particular hazard to try and identify the most exposed group. At a workplace such as a factory where toxic chemicals are handled, this might mean eliminating groups of clerical and administrative workers in an office (rarely exposed to the toxic hazard risk) in order to calculate the risk to staff actually working with the chemicals, such as process operatives, transportation and warehouse staff. The risk to this most exposed group is then calculated as above and compared with risk acceptance criteria. Comparison of risks with risk acceptance criteria is described in Chapter 6.

Transportation risk The units of chance of death per year used in the above calculations are the standard means of expression of individual risk for deaths occurring in the workplace. It is, however, common to use alternative units, whereby more valid comparisons are obtained. A good example of the use of alternative risk units occurs in the transportation industries. Instead of expressing the risk as the chance of death per year, a unit of deaths per billion passenger kilometres travelled is adopted in preference. Table 5.3 expresses the UK transportation risk to passengers for a number of different modes of transport.

Understand the risk Table 5.3 UK passenger fatality rates by mode of transport (average for ten years, 1995–2004)4 Mode of transport

Air a

Railb

Water c

Bus or coach

Car d

Vand

Motor cycled

Pedal cycle

Pedestrian

Fatalities per billion passenger kilometrese