How can companies manage their corporate risk?

In this article, we assess the trends in the period since the implementation of the new Health and Safety Sentencing Guidelines and how companies can better manage their corporate risk.

In this article, we assess the trends in the period since the implementation of the new Health and Safety Sentencing Guidelines and how companies can better manage their corporate risk.

New Sentencing Guidelines: four months in

The new Health and Safety and Corporate Manslaughter Sentencing Guidelines (the Guidelines) have now been in effect for four months. The Guidelines represent the biggest shake up to the regulatory landscape for a decade. In this article, we assess the trends in the period after their implementation and what this means for UK PLC; in short companies are advised to prepare for multi-million pound fines for health and safety breaches even in cases not involving fatalities.

Operation of the Guidelines

The Guidelines classify corporate entities by reference to turnover: micro up to £2 million; small £2-10 million, medium, £10-50 million and large more than £50 million. ‘Very large’ corporate entities (where judges are given discretion to move beyond these parameters) do not have their own bracket, but the Guidelines suggest this would include a company with a turnover of over £900 million.

The Guidelines calculate a fine level (with a range of potential sentences and an indicated starting point) which takes into account turnover, risk of harm and culpability.

Importantly, the Guidelines only require the risk of harm and do not require actual harmto have occurred, although it will be an aggravating feature. Therefore, previously innocuous risks could now lead to prosecutions where a risk of serious injury or even death is proven.

Pre and Post Guidelines benchmarks

This table gives example fines for three difference offences, before and after the implementation of the new Guidelines.

  Pre Guidelines Post Guidelines
Health and Safety Offences (fatalities) A health and safety offence which resulted in death recommended a fine starting point of £100,000.

A ‘medium’ sized organisation (turnover between £20-50 million) could see the starting point as high as £4 million depending on the level of culpability. 

For ‘large’ companies (£50m+) the guidelines indicate a top level fine of £10 million.

Corporate Manslaughter Fine starting point of £500,000; highest fine to date £700,000.

A ‘medium’ size organisation would see a fine starting point of £3 million with a possibility of fines up to £7.5 million.

A ‘large’ organisation faces potential fines of up to £20 million.

Health and Safety Offences (non-fatal) For companies small and large alike fines in the tens of thousands. Potential fines in the hundreds of thousands even for smaller companies and in the millions for larger corporates.

 Fines under the New Sentencing Guidelines

 The table below sets out the most significant fines handed down since the guidelines have been in effect.  

Company sector Fatal?

Turnover category

(low/negligible profits)

Oil and gas N Very large £3 m
Utilities Y Very large (Group co)  £2.6 m
Retail Y Very large  £2 m
Transport N Medium  £1.8 m
Energy N Very large  £1 m
Engineering/Manufacturing Y Group - Very large (Low profits for CE)  £1 m  
Utilities Y Very large  £1 m
Food N Very large   £800,000
Construction Y  Medium/losses £750,000
Engineering/Manufacturing N  n/a liquidation £440,000 
Transport N Large  £400,000 
Food (agriculture) N Large  £200,000
Manufacturing N Medium/losses  £160,000

Emerging trends

The general trend is that there has been a significant increase in the size of the fines. In the last three months alone there have been nearly 10 cases where the fine has been in excess of £1 million, representing a substantial increase in the proportion of these fines.

There have been substantial increases in the number and severity of fines for incidents that caused little or no harm to workers, evidencing a risk based approach to sentencing. The highest fine, £3 million (which would have been £5million without a guilty plea), is higher than the fines for Network Rail, Hatfield and Ladbroke Grove disasters – all of which caused mass fatalities and where there were purportedly clear warnings.

This case along with others, albeit smaller entities, are striking in that companies are being heavily sanctioned for the creation of ‘risk’ and the fact that no harm transpired is irrelevant.

The impact so far has been on ‘large’ companies and time will only tell whether judges begin to sanction ‘very large’ companies in the manner envisaged by applying the multiplier effect.

‘Very large’ companies

For those companies regarded as “very large” (with turnover well in excess of £50 million, the Guidelines include an example of a £900 million turnover company), the Guidelines suggest that judges should not be restricted to move beyond the brackets provided, even exceeding the £10 million maximum for health and safety and £20 million maximum for corporate manslaughter breaches respectively. 

This becomes more concerning for ‘large’ businesses in light of a recent environmental prosecution in the Court of Appeal where the Court stated that (on the application of similarly structured new environmental guidelines) fines “up to 100%, of the company's pre-tax net profit for the year in question even if this results in fines in excess of £100 million” were not unthinkable.

Whilst this is yet untested, the impending sentence of Merlin Attractions, with a turnover of over £ 1 billion, will offer some guidance on the application to ‘very large’ companies.

How can companies better manage their corporate risk?

Crisis response

  • Crisis management strategies will need to be robust enough to maintain consumer, stakeholder and employee confidence in order to move back to business as usual.
  • Test and review your crisis response strategies often and consider seeking specialist advice to stress test your plans.

Corporate governance

  • Insist on a greater focus on the issue of corporate governance and accountability at board level. There will be a continued need to ensure individuals are aware of their duties; both individually and as a key element of organisational compliance. Changes from the OHSAS 18001 management standard to ISO 45001 require boards to take ownership of the risk management system, rather than delegating responsibility for risk management to operations.

Risk profile

  • Reappraise your risk registers and consider  implications, such as:
    • Level of reserve and financial planning – banking covenants, lending and credit worthiness, shareholder / investor / non-executive director scrutiny etc.
    • Impact upon EL/PL Insurance and premiums: greater need to demonstrate risk management systems and work collaboratively with Insurer/Brokers.

Organisational structure

  • Consider the viability of risk containment. The Guidelines may lead to organisations seeking advice on how best to limit the potentially huge liabilities that a large group turnover brings. For group companies, this will necessitate the consideration of the operational independence of divisions to limit the turnover referred to on sentencing.

If you feel that you would benefit from any of the below, please do get in touch with one of our regulatory specialists.

  • A detailed conversation about the new Guidelines
  • Training for your team or legal advice about the implications
  • Legal support in light of any potential implications or investigations
  • Support with crisis management and training

Author: Simon Tingle

This information is intended as a general discussion surrounding the topics covered and is for guidance purposes only. It does not constitute legal advice and should not be regarded as a substitute for taking legal advice. DWF is not responsible for any activity undertaken based on this information.

Paul Matthews

Partner - Head of Regulatory (Yorkshire and North East)

I am a Partner in the Regulatory team and a corporate defence specialist who provides up-front regulatory compliance advice and representation to businesses and senior managers in relation to investigations and prosecutions by regulatory bodies.