The Safety of Work

Ep.56 Does Goal Based Regulation increase bureaucracy?

Episode Summary

On today’s episode of the podcast, we discuss whether goal-based regulation increases bureaucracy. We wanted to take this opportunity to dig into safety regulation, because we have yet to talk about how safety regulation works and how effective it is.

Episode Notes

Ultimately, we want to help everyone understand the role of organizations and individuals when it comes to safety regulation. 





“So, the intention of this goal-based regulatory strategy is for organizations to understand their broad obligations to adopt a risk-based management strategy and to set their own safety management requirements inside their own organization.”

“The second theme that came out of the analysis was that overregulation is because of liability management and management insecurity.”

“The next important question to ask is are we regulating safety work or regulating safety of work?”



Seeing Like a State

How Deregulation can Become Overregulation

Episode Transcription

David: You're listening to The Safety of Work podcast episode 56. Today, we’re asking the question, does goal-based regulation increase bureaucracy? Let's get started.

Hey everybody. My name's David Provan. I’m here with Drew Ray and we’re from the Safety Science Innovation Lab at Griffith University. Welcome to The Safety of Work podcast. In each episode, we ask an important question in relation to the safety of work or the work of safety and we examine the evidence surrounding it. Drew, what's today's question?

Drew: David, we haven't done too many episodes so far digging into safety regulation. I think the only time we've really talked about regulators is episode 32, when we had a discussion about the role of a regulator. Our discussion at that time was really about frontline inspectors in China. We haven't had a broader talk about how safety regulation works or how effective it is. That's what we're going to do in this episode. A little bit of background. There are some different theories about how regulation works. One of the ways of thinking about safety regulation is that it's ultimately all about decreasing the discretionary space in which organizations can act.

Sometimes we're trying to positively encourage certain types of behavior. Sometimes we’re trying to create gateways using licenses, certificates, or other approvals. Sometimes we are punishing organizations who don't meet minimum standards. Sometimes we’re trying to discourage or punish actively bad behaviors. All of those ultimately you can think of as they create a space where there are fewer things that organizations can do. They've got less freedom, so they’re hopefully operating in a safer space. 

In many parts of the world, safety of work's been regulated for a very long time. Most places are more than 100 years, some places arguably 200–300 years. It’s certainly consistently claimed by safety scientists as one of the important defenses against organizational accidents. But outside of regulators and outside of academia, it seems like everyone is fairly hostile to the idea of safety regulations. 

In fact, even people who are highly promoting all of safety where consecutive still talk in a fairly derogatory way about regulators. No safety professional wants to be part of being basically a police force. No business owner wants to have expensive regulations. No worker wants to fill out endless paperwork. No one says to themselves we’re going to have a great day at work today because the inspectors are coming. There's been a lot of social and economic pressure towards deregulation, removal of red tape, simplification of legislation. 

Mostly, deregulation comes in two forms. One of them is trying to reduce the direct cost of compliance by reducing the amount of administrative work that organizations have to do. The other is to reduce the indirect cost of compliance by making regulations looser so that they don't unnecessarily restrict the space in which businesses can operate.

David: Drew, until maybe 40 years ago or so, much of safety regulation and regulation more broadly was very prescriptive and very rule-based. Since then, we've got different styles of safety regulation or different models of safety regulations that are applied in different parts of the world. 

I just want to talk about two approaches to safety regulation, those being goal-based legislative frameworks and rule-based legislative frameworks because that leads into what we want to talk about today in terms of de regulation and bureaucracy. The idea of deregulation is about moving from prescriptive rules-based regimes into more goal-, functional-, and performance-based regimes to enable more flexibility of compliance and therefore efficiency of compliance.

A lot of goal-based legislation emerged out of the [...] review into safety regulation in the early 1970s. That review largely concluded that governments and regulators—by extension—are not necessarily the best place to set the specific rules for all safety hazards. There might be better outcomes achieved if individual employers and their employees would work together to apply to limited resources that they've got to controlling the specific hazards in the specific context in the workplace. I think idealistically that sounds like a really good thing to do, so we developed these broad legal obligations and duties. 

For example, employers have an obligation to ensure health and safety, an obligation to identify and manage risks, an obligation to provide a safe system of work. Subsequently, this became the basis of safety regulation in the UK, in Australia, in New Zealand, in many other Commonwealth countries. This is similar to regulated safety case regimes where it's the responsibility of the asset operators to demonstrate that their system is safe. It's not the responsibility of regulators to make that decision over safety, even though they do some level of approval.

The intention of this goal-based regulatory strategy is for organizations to understand their broad obligations, to adopt the risk based safety management strategy, and to set their own safety management requirements inside their organization. Drew, do you want to make any comments about goal-based legislative frameworks?

Drew: I think the one thing I’d throw in there is that even though we talk very broadly about setting goals and setting standards, in practice, goal-based regulation tends to come down to two specific instruments. One of them is the safety case which tends to be used for large items or [...] to equipment or installations. The other is the safety management system, which tends to be used for ongoing operations. When we talk about setting goals, very often, that's just code for saying that we're going to regulate the safety case or the safety management system instead of regulating the work directly.

David: That’s a good point, and I think we'll talk a bit more about safety management systems because the research we’re going to talk about today definitely came through that lens of  external regulation, internal safety management system. 

The other legislative framework is rule-based legislation. This (I suppose) as opposed to goal-based legislation is where the strategy for governments to regulate is to provide a very large and specific volume of rules for organizations to follow. This is a little bit more the approach taken in the United States and historically also many other countries that make up the European Union. This squarely places the regulator front and center of determining what is safe and what is not safe for organizations in certain given situations. The intention of this regulatory strategy is for organizations to clearly know and follow all the rules and have these compliance-base safety management strategies. 

I don't think it's a matter of simply asking the question of which model is better because the reality is no regulatory model needs one or the other. They're all the hybrid of both. Even in a goal-based regulatory regime, there are a lot of very specific rules. Even in a rule-based legislative regime, there's also some quite broad obligations.

I think the question that we've got for today is as we deregulate, as we move away from regulators prescribing lots and lots of rules and requirements, what do organizations do with these board obligations? That's really the topic for today.

Drew: I think we can see in the regulations, a lot of the very awkward and abrupt interfaces between the two styles of regulation. One example is the Model Workplace Health and Safety Act in Australia. It’s mostly goal-based, then it will suddenly switch to talking about specific high-risk activities. 

For those activities, it will certainly start talking about things like heights of 1.8 meters and particular activities like safe work method statements. You see within the one set of regulations, this abrupt interface between broadly setting goals and then being concerned that broadly setting goals is not enough that we need to lay down very specific rules and requirements in certain situations.

David: I think this is something I've wondered about for a while. I think the idealistic view that I've had is goal-based is maybe a preferable approach because idealistically if you've got organizations understanding their risks and focusing their resources, then you are going to have very specific effective outcomes for safety. Conversely, though, I've also seen in practice when organizations are left to their own devices they somewhat make a meal of these most of the time. I wondered whether goal-based legislation helps or hinders safety.

I think the question then becomes of organizations if you've just got this general obligation to ensure health and safety, companies really don't know where the bar is. They have no idea who’s going to be the judge and what standard they’re going to judge them by. If I'm going to be seen or be found I’ve got incidents, I’ve got to focus on trips and falls, I’ve got to spend a lot of resources on signage on my stairs, office footwear guidelines, and nonslip flooring. We just see this never ending (I suppose) uneasiness from the organizations to know how much is enough and how are they going to be judged.

I think that while rule-based would make life simpler and let them get on with doing their work. I've also seen in rule-based regimes that when companies become compliant, like in the US, if a company has an osseous star rating, then they believe that they've met the hurdle. It’s very hard to influence that organization to do more because they've got this big tick of approval from the regulator. 

Before we talk about the research, I'm torn between thinking that goal-based is better seeing it in practice, but then, thinking rule-based might be better, seeing a lowering of that continuing improvement mindset.

Drew: I wonder if this is because you and I grew up in slightly different safety roles. You're coming mainly from an operational background where you've seen some of the problems of prescriptive regulation. You dream of a better goal-based environment and just worried that that dream might not be true. 

I come from much more of a design background which has always been much more goal-oriented. My experience has been that very often goal-based approaches let people spend a heap of work justifying why what they're already doing is good enough. They spend all that time on the justification, not on the safety improvement. I dream of a world in which we could have clearer requirements and more objective standards for what is safe and not safe so that we could continuously lift our game. 

One of the big challenges that goal-based regulation has to meet is that you can't just have goal-based. You can't just have goals. You have to have an acceptable means for demonstrating that those goals are met. That's where I get most skeptical because there's a bit of a paradox that you're not actually leaving industry for you to meet the goal if you're placing requirements on what would be good enough to satisfy the regulator.

A classic example is you can't just set a risk target. You have to also set what is an acceptable analysis method for proving that someone's met the risk target. If you're only going to accept the fault tree, then suddenly you've gone from just setting the target to being very prescriptive about the safety methods that someone needs to apply. If we’re just going to say you just have to demonstrate that you're safe but the only thing we can accept is an LTI, then suddenly being very prescriptive about what sort of data the organization has to click to manage safety.

David: I think as we go through this episode, we’ll understand the role of organizations and people within them as well as the role of regulators and others is complex and hard. We've had a fair lead in there to this question of regulation, but (I think) as you said, we haven't really talked about regulation, so it's good for listeners to understand that there are different models of regulation and there are different advantages and disadvantages. It's like everything else in safety is quite complex when it hits real people in real organizations.

We might move into the paper and the title of the paper is How deregulation can become over-regulation: An empirical study into the growth of internal bureaucracy when governments take a step back. You probably like this. The title says exactly what it was and what the outcome was, published in Safety Science in 2020. The authors are Kristine Storkersen, Trine Thorvaldsen, Trond Kongsvik, and Sidney Dekker.

The first three authors are researchers from NTNU, SINTEF, and the Norwegian University of Science and Technology, all in Norway. I'm sure many of our listeners would know Sydney from Griffith University and Delft. Drew, the paper makes some initial observations about deregulation and bureaucracy, do you want to talk a little bit about those general context-setting points?

Drew: Sure. Most of these are things that we've already touched on which is that there has been pretty much around the world a progressive stepping back of governments from regulating industry. That's particularly happening in Europe and England and England-inspired ex-commonwealth countries. 

Some people would label that as part of a neo-liberalism trend, where we’re reducing formal government in place of government by big business. At the same time as we have this apparent deregulation, we've still got all of this research pointing out problems related to bureaucracy over proceduralization, our own work on safety clutter, work about bureaucracy, centralization, safety work that become separate from the safety of work, increasing work as done separate from work as imagined.

There appears to be two different trends pointing in different directions. How come we’re seeing deregulation on the one side and on the other side an increase in all of those evils that we would normally blame on excessive regulation. We’ve got an apparent trend that this deregulation is at the very least correlating but possibly causing internal over-regulation. At the very least, we have a trend that external regulation is decreasing, internal regulation is increasing, and we have a need to explain that trend.

David: I think what we've introduced there is this paradox. Let's just say it like this. When governments try to make things simple and clearer for business, business makes things more complicated and harder for itself. Why does that happen? While we can see that in these organizational science and safety science trends, the authors of this study suggests that there are very few empirical studies that tried to explore this effect and try to explain it. Let's talk about the research that was done underneath the study.

The researchers analyzed Norwegian coastal cargo and fish farming industries. Obviously, whatever country you're in, you got different industries that are large and available to researchers and those were two industries that were accessible by these researchers. These industries were also selected quite strategically because operations happen offshore in coastal waters, whether it's salmon farms, or whether it's coastal cargo ships. It's far from the offices of the central management team of the company. It's far from the safety department. It's far from the offices of the regulators.

Also, while these industries share similar safety management regulations, they’ve got very different organizational structures and business models. On one hand, you've got quite a traditional and structured cargo business, and you've got more of the primary industries type of fish farming business, so really great cases to go and explore this.

Drew: In both of these industries there was a shift towards goal-based regulation in the late 1990s. We had this change in regulation that was long ago that the changes have been fully absorbed by the industry but recent enough that there are plenty of people around who remember what it was like previously and who experienced the change. We’ve got one of these naturally occurring situations where we can measure the effect of something by the changes that have happened.

David: Forty-five in-depth interviews, semi-structured, 1–2 hours in length. Thirty-five of these interviews were with Norwegian fish farmers and 10 of these interviews were with ship navigators. That's a fairly large sample for qualitating. It’s 45–90 hours of transcribed qualitative data. That's a lot of analysis that needs to go into that. 

The analysis method they chose was like a patent analysis method which we've also talked about intensive-progressive comparison. Just for our listeners, you pick up the first interview and you read it. You work out what the important parts are, and then you pick up a second interview and you see if some of the same important parts of what new important things come up. You keep going forward and back, forward and back, forward and back until you feel like you know what all of the themes and trends are in all of those individual transcripts.

Drew: There are probably a couple of things that are worth pointing out here. One of them is that even though they didn't make the claim in the paper, I suspect that a lot of what they're talking about here extends beyond just a particular set of interviews. David, you and I are both fairly familiar with these researchers’ work. This particular paper comes at the end of a long project stretching from the start of the first author’s PhD and into her post-doc work. Even though this particular study reports on these particular interviews, it's informed really by quite a long-term combination of ethnography and other qualitative research methods for Norwegian coastal industries.

The second important point I think is that in this particular case, they weren't actually interviewing people neutrally about regulation. They were specifically asking questions about over-regulation. They're asking things like how and why people feel over-regulated and where that's coming from. They weren’t setting out to find people who were happy with regulation. It shouldn't come as any surprise that this is a paper about over-regulation. 

To that extent, we got to be careful that they can't really claim that the results show that there is over-regulation because they weren't looking for the alternative. It's about how and why things are the way they are. Even within that scope, it's interesting that there was really only one set of people that they interviewed, one fish farming company who had nice things to say about regulations.

David: I think also there was one company—we’ll come back to it in the practical takeaways that within the sample—that seem to have a simple system and didn't seem to have much to add or much to complain about in a way of over-regulation. We'll talk about that one fish farming company at the end. 

There are three areas of results that I think we should talk about first and these are the results of the thematic analysis of all that data. The first finding—if you like, the empirical finding—is that over-regulation occurs because practical work is very demanding to verify.

Traditionally, people were saying that we’re used to be more focused on the job, like navigating our ship and raising our fish, but increasingly, our day-to-day work needs to be made accountable and transparent. Our local situation of doing the work has changed to make sure that we always do the work in a way that is auditable or checkable. This is this rising standardization. It's actually about helping companies know that things are being done as opposed to potentially helping the person doing the work to actually get the things done.

Drew: This one shouldn't really come as any surprise. This is quite an old idea. One of the places where I think it's expressed most clearly—this is a really good read that I'd recommend that safety practitioners have a look at—is a book called Seeing Like a State by James Scott, which is about the need to make day-to-day operations legible in order for companies or states to manage them in a way that seems scientific. 

You could just imagine that when you're dealing with something like a fish farm, you've got a standard fish and you’ve got a standard model for how fast a fish grows, how many fish you can put in a pen, exactly what combinations of nutrients are going to optimize the speed at which the fish grows and puts on mass, and exactly what the right time is to kill the fish and to send it off the market so you get maximum return.

If you're seeing the world like that, it makes total sense that you want to do the same thing to things like safety activities. You want to make them standardized. You want to make them understandable. You want to have management tables that you can predict what's going to happen, what's the right number of inspections, what's the right number audits, what's the right amount of training in order to optimize the safety of your operations.

David: I think that's a really helpful reflection. We might put the reference to that book in the show notes as well. The second theme that came out of the analysis was that over-regulation is because of liability in management and management in security. This expectation by society of safety is a reason that creates this over-regulation. Managers have these expectations of society, there are insurers, there are lawyers, there are regulators, there are auditors. Also, these companies get inspired by looking at other industries like aviation, oil & gas, and go, look at how they operate and just because we're a fish farm, society still expects us to be just as safe as those sorts of industries and look at what they're doing.

There are a few other comments in that theme around companies images trying to avoid blame and trying to discharge their accountability to a whole lot of routines, like workers doing things so that managers could review things so they could sign off things, so they could get reports, go to meetings, and conduct inspections, so a big thing about liability in management and management in security. 

The first discussion that I mentioned in your point is I couldn't work out from the interviews whether they actually interviewed any managers or whether it was just the workforce. I suppose I'd be a little bit less confident on this day if they didn't actually get a chance to speak to managers as well.

Drew: I'm a little bit uncertain there, David. I know that when we talk about coastal vessels that we're talking about very small crew. In some of their previous work, they drew a distinction between the work of offices onboard ships. I'm really not sure whether the fact that they interviewed navigators means that they are people in pseudo-management positions or whether they are really talking about essentially frontline workers on these vessels. I don't know enough about the industries they’re talking about to get a sense of that. 

Maybe take it as a slight grain of salt for the research because you and I have both been very clear before that we shouldn't draw conclusions about why managers do what they're doing unless we've directly interviewed the managers.

David: The third idea is this idea of over-regulation because of order to expectations. You mentioned earlier the way that goal-based regulation works generally is to read the safety cases or safety management systems. The authors refer to these as like rather than goal-based regulation, they talk about functional regulation. They talk about the need for the company to have a safety management system. We know, at least of the coastal shipping industry, that the ISM code for the entire maritime industry specifies safety management system requirements. These companies know that they're going to be audited and they know the auditors expectations. They have this desire for safety management systems that will satisfy what the auditors are looking for. 

In this case, sometimes bigger is better because if they can have a system that can satisfy every possible request of an auditor or a regulator then they're going to be less likely to have problems when it comes to the auditor. I think consistent with safety clutter work, they’ve said that inserting a new procedure is a really good way to close every auditor action item. Just create a new procedure for that particular issue. Interestingly, none of the 45 people involved believe that auditing improves safety, which is a really interesting finding when we think about the safety of work.

Drew: I think it's a little bit telling who the authors cite in this particular case. I’ve just actually had a look. I was checking to see if they cited us because in that middle one there seems to be a lot of stuff that is very reminiscent of the safety of work stuff that we did. They didn’t in fact cite out either of our safety work papers, but they do cite the safety clutter paper. 

There’s a whole string of citations to an author called Michael Power. I think the best way I can explain this is just to read off the titles of Michael Power’s books that they cite. We have in 1994, The Audit Explosion. In 1999, The Audit Society: Rituals of Verification. In 2004, The Risk Management of Everything: Rethinking the Politics of Uncertainty. And in 2007, Organized Uncertainty: Designing a World of Risk Management.

I think this really speaks to at least the lens which the authors input over the data. I think the data (honestly) supports this. The idea that these audits are really driving the work is because the audits are a very useful tool for management to put some certainty and closure around a lot of uncertainties. 

That's a central theme of Michael Power’s work that society has all of these demands of management, which are really hard for management to meet. Particularly in this sort of case where management is sitting in head office and the work is happening offshore where management can’t directly see the work, management can’t directly control the work. How do they create certainty? They create certainty through audits.

Those audits then take on a life of their own, creating all of this additional stuff, this imposition for the workers. The goals will be on just being safe. It becomes, what can we do to satisfy the auditors that we’re safe?

David: I think that’s because the successful completion of an audit is the license for the business to operate. In this paper, it almost became like it was nothing about safety anymore. It was about actually keeping a job and keeping a business. It was almost not only just demonstrating safety but also continuing operations. 

After these three things about over-regulation, we need to regulate because practical work is demanding to verify. We need to regulate to protect the liabilities of the company and management. We also need to regulate because of auditor expectations and to basically continue our operations because we’re being audited and that becomes a pseudo-regulation, the passing of that audit.

Once this happens, the authors suggest that what you've got are these forces where you’ve got deregulation going on, but it's meeting these underlying market bureaucracy in control of work forces. Even though governments are stepping back from being very prescriptive about requirements, society already has a long-held view of how organizations should operate. When these regulators pull back, companies need to make themselves checkable, auditable, and transparent. Therefore, these companies become very open to bureaucratic and market influences on how they do their safety management systems.

Some of our listeners might be familiar that Deloitte Access Economics did a report in 2014 and found that something like 90% of all compliance requirements inside organizations are self-imposed and only something like 10% come from direct compliance with regulatory requirements. I think in safety, an example of this we see is if you ask the question of maybe people in your organization, what are the things in our safety management system that we actually have to do because of a regulated requirement, you'd actually be surprised that there are very few things. There's no requirement to investigate incidents.

There's no express requirement unless you're in a certain type of facility to have an evacuation plan, or so and so. I think that the vagueness of this regulation creates the opportunity for the market to step in and that's what we're seeing in some of this over-regulation of companies that is self-imposed.

Drew: Neo-liberalism is one of those terms a bit like social justice warrior. The only people who use the term are the people who disagree with the underlying philosophy. You get a lot of left-wing academics who are very critical of neoliberalism, who talk about this myth that if governments step back then big businesses in the market will regulate themselves. 

Actually, that's exactly what we're seeing here. When the government steps back, market forces do cause big business to regulate themselves. The only thing that we should be really skeptical about is whether this is (in fact), a good solution to the problem with your self-regulation because self-regulation is absolutely happening.

We let business go free, business doesn’t suddenly turn to corruption business, doesn't suddenly tend to be killing off all of their workers. Businesses turn to auditors and consultants to reinvent the regulator because that's what society demands in order for them to keep operating.

David: I think maybe there’s an underlying question here. Just thinking, listening to you now maybe we're asking the wrong question. I think what we're saying is it might lead to over-regulation and that's what it does. That might be a good thing, but I think the next important question to ask is are we regulating safety work or regulating the safety of work? 

I think this research suggests that when the government takes a step back, companies will step in. They will regulate, but there's nothing in this research to suggest that the regulation that the company does is any better than the regulation that the regulator does because they're not actually about the psyche of work. They're still looking outside about transparency, auditability, and all of those normal things that an external regulator would be trying to deliver on. They’re not actually replacing that external regulation of safety work with internal regulation of the safety of work, if that’s a useful statement to make.

Drew: I think there are hints that it's even stronger than that. Previously, the regulator was regulating some things which were directly related to the safety of work, because the regulator was getting down in the weeds and micromanaging some operational issues for better or worse. What we're seeing is a shift from regulation of work to regulation of the safety of work. 

I think it is a genuinely open question whether that is a good or bad thing. Certainly, we see in this paper, lots of people dissatisfied with it. People dissatisfied with regulation don't mean the regulation is not working. It could mean that the regulation is working really well, and that's what people don't like. We need to be a little bit careful of drawing conclusions about what works and doesn't work. We should certainly be able to draw conclusions here that trying to cut red tape doesn't cut red tape. It just changes the nature of the tape and who is applying it.

David: That's a good segue to the practical implications. The first one that we had here was safety work versus the safety of work. I think there's a conclusion in the paper that said the fish farmers and navigators in the study describe safety management in terms of accountability, documentation, and audits. They don’t describe safety management in terms of practical goals, work, risk, or safety. 

The fear here is depending on how your safety management system is set up and how you talk about safety in your organization when you ask people, how do we manage safety, if they talk about responsibilities, documentation, audits and things like that, it's probably an indication that they're being indoctrinated into this regulated mindset. 

Whereas, what you're looking for (say) how do we manage safety, I think you're looking for you people to answer in terms of the practical things they do individual tasks to keep themselves safe. Look out for those conditioned responses and it might give you a sense that using a safety management system is regulating safety work rather than the safety of work.

Drew: I think we should certainly be very careful when we are asking people to do things that point away from the point of risk. All of these are activities that take an existing set of practices, a set of existing equipment. They ask people to do extra work to describe that to us, to demonstrate that to us to pass the audit, rather than asking people to improve their behavior and improve their conditions of work. Improve their operations.

David: The second one (I was going to say) at practical takeaway is don't blame the regulators. Like you said, if you remove red tape, maybe the organization replaces it with orange tape or something, or safety yellow tape. We talked about risk homeostasis in a previous episode and you’re fairly critical of that as an idea around risk. When I read this paper, I thought here's going to throw at Drew in the podcast. It said, the authors conclude that it might not be farfetched to discuss some form of a rule homeostasis that deregulation will lead to at least as many rules as other types of regulation. What are your thoughts?

Drew: I think you know what my likely response here is. If you’re going to posit some sort of homeostasis, you have to have some mechanism that's actually leading to a fixed point. I think what we're actually seeing here is an equilibrium which is that there are forces pushing in both directions. 

The regulator is not the only force that's pushing in favor of more rules. We don't necessarily have a stable fixed point, but we do have forces there pushing to remove rules, and equally, forces that are pushing back to exert rules. When one force becomes too successful, the other force stops to gain more ground. The way I think I would phrase it is that if the regulator doesn't exist, then we’d need to invent a regulator anyway.

David: I’ve had a little experience. I think I was involved in Northern Australia, the coal, steam, gas industry, and onshore regulation. There wasn’t a lot of regulation for the onshore oil and gas industry in that particular jurisdiction. All of the large companies were in there doing their work and drilling for hydrocarbons. There were no rules. There were no well construction standards, but this was being done on private land. It was being done in communities that were cautious about this type of activity in this part of the world.

Industry got together and designed its own well construction standards which actually later became adopted by the regulator but it was the industry that set the early rules and all self-signed up to doing things in a certain way for auditability, for transparency, for external confidence. In some way, I think that may be an example of where it was an activity that needed regulation and there was no regulator, so industry regulated itself.

Drew: We've seen the same thing more explicitly in burgeoning space industries in Australia and New Zealand. We've had these brand new companies looking to doing new activities. They're operating in a field of real legal uncertainty. It's been the industry as much as society and the government that’s been saying we need some regulators so that there's someone who can tell us that we’re doing the right thing. Who can put some sort of government license over what we are doing. Similar case of, if we’re not regulated then we're going to actually go out and seek a regulator, so that we can have that social stamp of approval and that certainty over our activities.

David: The third practical takeaway is about how organizations go about translating regulatory goal objectives into practices in their organization. The paper talked about turning simple regulations into very detailed cumbersome procedures inside an organization, creating an ever increasing distance between work as done and work as imagined. I thought about contractor management within companies because I think the regulatory requirements are somewhat simple in terms of work engaged, capable contractors, and just make sure they’re capable to do what you want them to do.

Companies turn into very elaborate contractor management requirements and long activities that happen at multiple stages during the process, lots of paperwork and lots of things. None of that’s actually like this elaborate way of achieving this goal. I wonder sometimes whether it's because companies have the resources. They have big departments. They have the big paying salaries to get the people who have the time and space to think about this a lot. We have this really huge safety management system in our organization that is meant to be delivering on—when you look at it—some quite simple goals and objectives in regulation.

Drew: You're not a lawyer and I'm not a lawyer. I think we both know a number of legal commentators in the safety field who argue that companies do too much to manage some contractors. They go beyond their legal obligations, and in doing so, actually expose themselves to additional legal liability. 

I think that's a clear example of where we can't blame the regulator for what's happening here. Regulators are giving people the freedom. The regulators actually absolve people from responsibility. People create internal rules that then reclaim that responsibility in order to recapture the certainty around what's happening.

David: I think this is a good follow-on from that, again, remember the one fish farming company that we mentioned earlier. If we think about practical takeaways being, remember, it's about the safety of work, don’t blame the regulators, pay attention to how you're translating these regulatory goals into your organizational practices. 

This one fish farming's company in the study was part of the same regulatory regime as all of the others but had a very simple system, nothing to say about over-regulation compared with its peers in the industry. The takeaway here is that your company doesn't need to swim with the pact. Although, our listeners should know that there’s always going to be a lot of peer pressure for it to do so.

Drew: My next take away (I think) is a direct follow-on from that one. A lot of regulation is genuinely written trying to give companies freedom in how they go about complying. I certainly know regulators who are frustrated that they know how much work has gone into trying to simplify regulation, that industry then over complicates again and then blames the regulator for the over-complication. What I suspect is happening is that often we choose the easiest path in the short term and we lock ourselves into arrangements which are cheap to implement but expensive to operate.

A good example of that is that we will very often voluntarily adopt a standard for safety management systems because getting a standard and having us audited against that standard gives us a really quick short-term way to demonstrate that we’re compliant with the regulation, that we’re meeting our acceptable level of safety management. Once we've done that, we've locked ourselves into being audited every year against that standard. We know that those audits are going to have findings. There's going to be a steady growth of safety clutter. What seems to be a cheap solution, implement the system, get the system audited, becomes a very expensive solution having to live with these burdens and safety management systems.

David: This is the first episode on regulation, we’ve tried to do a bit of a regulatory overview and then look at this one study. I'd like to know our listeners’ experiences with (I suppose) the things that I've done to look at the legislation and think about what they're doing in terms of their internal company practices. I think there’s a lot of pressure in safety professional roles to not be saying to be someone that's following what's in the regulation to actually just be doing all of these best practices and all these big systems in our company. Anyone who's done an exercise of actually trying to reverse engineer what they’re doing to what they actually need to be doing, I'd love to hear your experiences with that. 

So, our question for this week was, does goal-based regulation increase bureaucracy?

Drew: I'm looking into that one in a single sentence, David. I think the answer is that they are definitely mechanisms where decreasing the amount of prescriptive regulation increases the amount of self-imposed bureaucracy. We can see that as external regulation decreases, internal regulation increases, which include replacing regulation with other external parties like auditors and assessors.

I don't think we can go so far as to answer the question of whether the overall change is positive or negative, or even whether there's a net effect, whether the total amount of regulation we end up with afterwards is more or less.

David: Thanks Drew. That's it for this week. We hope you found this episode thought-provoking and ultimately useful in shaping the safety of work in your own organization. Join in the comments on this episode on LinkedIn, send any questions or ideas for future episodes directly to us at