The Corporate Manslaughter and Corporate Homicide Act 2007, which came into force across the whole of the UK on 6 April 2008, now makes it possible for a corporation to be found guilty of manslaughter and homicide without the need to identify an individual within the organisation to prosecute.
We explain the background, purpose and the main provisions of the Act and the actions that senior managers, employees and internal auditors can take to mitigate health and safety risks and avoid possible prosecution.
Implementation of existing health and safety legislation is the key issue within the new Act. The Act does not introduce new requirements on health and safety nor does it duplicate or amend existing legislation.
Instead the 2007 Act introduces new penalties that apply to corporations that fail to ensure that current health and safety legislation is in place. Existing penalties for individual directors remain.
Homicide and manslaughter are terms with specific meanings under law. They relate to the killing of a human being. Homicide is commonly known as murder and is based upon the intent to kill and a state of mind called malice. Manslaughter is a lesser offence, with death resulting from recklessness or criminal negligence rather than from an intention to kill or cause serious injury.
Before 2007 prosecutors could seek a conviction for manslaughter against a corporation only by identifying a senior person as a 'directing mind' to take responsibility. The complex management structures of modern corporations made prosecutions time consuming, costly and difficult.
The 2007 Act applies across the UK and creates a new statutory offence that has two names to take account of differences in the legal structures. It is corporate homicide in Scotland and corporate manslaughter elsewhere.
The Act 2007 applies to:
- All companies
- Corporate bodies
- Private companies
- Public companies
- Third sector companies
- Trade unions
- Employers associations
- Government departments
- Police forces operating in the UK
The offence of corporate homicide or manslaughter is related to the way in which senior managers organise the activities of the organisation. It has three elements, which prosecutors will need to prove.
- It must be the way in which those activities are managed or organised that causes the death.
- This way of managing the activities must amount to a gross breach in a duty of care owed by the organisation to the deceased.
- The way in which senior management manage or organise the activities must be a substantial element in the breach.
The Act refers to senior management as the people who:
- Make decisions about how activities are to be managed or organised, and
- Manage or organise the whole or a substantial part of those activities.
A duty of care is the legal obligation on an organisation to adhere to reasonable standards of care when engaged in activities that may potentially harm others.
Duties of care exist in relation to the conditions of work places or sites, to the working systems and equipment being used and to the products or services supplied to customers. It extends to all aspects of health and safety for employers and occupiers who engage in:
- The supply of goods and services.
- Commercial activities.
- Construction and maintenance works.
- Use of or keeping plant machinery or vehicles.
A breach of a duty of care by an organisation is a "gross" breach if the conduct alleged to amount to a breach of that duty falls far below what can reasonably be expected of the organisation in the circumstances.
A corporation found to have policies, accepted practices or attitudes that encourage failure of their stated health and safety policies, will be identified as falling below reasonably expected standards and, therefore, in gross breach of its duty of care.
The 2007 Act will require a judge to make the final decision about whether or not a duty of care is owed.
Where a corporation is found guilty of corporate manslaughter or corporate homicide it can be:
- Fined an unlimited amount.
- Subjected to a publicity order and be required to publicise details of its conviction and fine.
- Served with a remedial order to ensure appropriate steps are taken to improve health and safety measures, where and when appropriate.
Prosecution for corporate manslaughter or corporate homicide can occur at the same time as individual prosecutions for negligence under existing health and safety legislation.
The intention is to ensure that public and private sectors operate on equal terms. However, there are two types of exemptions, comprehensive and partial, where the offence will not apply when connected to the management of specific public activities.
- Public policy decisions.
- Military combat operations.
- Police operations dealing specifically with terrorism and violent disorder.
- Policing and law enforcement activities.
- Emergency responses by:
- Fire authorities and emergency response organisations.
- NHS trusts including ambulance trusts.
- Royal National Lifeboat Institution, Coastguard, other rescue bodies and the armed forces.
- Carrying out statutory inspection work, child protection or probation activities.
- Exercise of 'exclusively public functions'.
- The Government using prerogative powers, such as civil emergency.
- Functions that by their nature require a licence or prerogative authority such as licensing drugs, or international diplomacy.
Individual employees will not be directly affected by the Act but will feel the benefit of measures introduced by senior management to improve health and safety.
Creating a safe and healthy working environment is a partnership between the employer and employees, and there are actions that employees can take to maintain and develop their organisation's safety culture:
- Taking part in risk management procedures to help identify and mitigate risks.
- Becoming a safety representative and actively participating in consultation and training.
- Agreeing some health and safety objectives and targets as part of the staff appraisal process.
- Taking reasonable care for your health and safety and that of others, such as work colleagues, visitors to the organisations premises and customers.
- Using equipment, tools and other work items provided by your employer in accordance with training and instructions.
- Drawing attention to issues and problems that might lead to a health and safety hazard.
- Monitoring and recording activities that are related to health and safety.
- Reporting accidents when they occur.
- Cooperating with auditors reviewing health and safety procedures.
The Corporate Manslaughter and Corporate Homicide Act 2007 does not, in and of itself, impose additional requirements upon employers.
The Act simply reminds directors and board members that current legislation and regulations require them to be effective in the implementation of all aspects of health and safety.
This means protecting employees and members of the public by applying the principles and goals of The Health Safety at Work Act 1974 and the wide range of regulations that have subsequently been issued by the Health & Safety Executive (HSE).
However, the Act does change the risk profile of organisations that have a duty of care. This is because the potential impact of a risk event will change - it now includes an unlimited fine, publicity, which may damage the corporate reputation, and increased scrutiny from HSE as the result of a remedial order.
Managers of organisations will want to feed these changes into their assessment of risks. Consequently, managers may wish to change the way they manage health and safety risks - i.e. the responses they choose; the actions they take to monitor and report on the effectiveness of those responses and the amount, nature and type of assurance that they seek on the management of the risks.
In addition to increasing the impact from health and safety risks, the Act also emphasises the role of 'senior management' in directing activities related to such risks. Again, this is not a change in substance but it is an increase in focus on the actions of particular managers.
The organisation may wish to identify who is likely to be a 'senior manager' in terms of the Act and to review the governance processes that direct and control their activities. Since the Act has not yet been tested in court, managers will have to accept a degree of uncertainty in relation to these questions.
Apart from these specific issues, the other actions that employers may want to take will depend on how they currently manage their health and safety risks. Employers who have strong existing systems may need to change nothing. For any organisation wishing to assess or to develop their health and safety management systems a considerable amount of advice, guidance and support is available from the HSE.
The Corporate Manslaughter and Corporate Homicide Act may provide a stimulus that can be used to raise the profile of health and safety issues within the organisation - or to remind people of their importance.
It can prompt an evaluation of where and how the organisation is protecting the lives of employees and members of the public - and help to improve these processes if necessary. The evaluation can cover:
- Specific activities of the organisation that present the greatest threat for death and serious injury.
- Comprehensive risk identification within each activity, with a clear and simple understanding of the impact and the likelihood for each risk.
- Senior manager(s) responsible for the mitigation of these risks.
- Instruction and training with regard to health and safety risk management.
- Measures taken to reasonably reduce the risks within the organisations risk appetite.
- Monitoring arrangements that enable confirmation and reporting of the ongoing application of the control measures that reduce risks.
- Implementation of preventative and corrective actions.
- Reporting of any near misses or serious incidents.
The Corporate Manslaughter and Corporate Homicide Act does not create any specific responsibilities for internal auditors. Therefore, in deciding the actions to take, internal auditors will return to first principles: the general role of internal audit and the exact circumstances in the internal audit activity's organisation.
The IIA defines the general role of internal audit as having two parts - assurance and consulting. Internal audit provides independent and objective assurance to the board and senior management on the effectiveness of their management of risk and of their governance processes.
Internal audit also acts so as to improve the organisation's processes on governance and management of risk, by championing good practices, by asking challenging questions of management, and by facilitating change where it is needed.
In all cases, internal audit is required to avoid assuming management responsibilities.
Applying this to the Corporate Manslaughter and Corporate Homicide Act, the role of internal audit is to:
- Provide assurance on the management of health and safety risks.
- Help to improve the management of those risks where necessary.
- Do this in such a way that the responsibility for managing those risks remains with the management team.
The exact actions to take in response to the Act depend on the situation in the organisation prior to the Act and on what managers are doing in response to the new Act.
The situation prior to the Act - both what the organisation does to address health and safety risks and internal audit's existing plans in relation to these risks - was the subject of the Institute's March 2008 guidance on Health and Safety Risks. Therefore, no further guidance on these ongoing matters is provided here.
Steps you can take
To respond to the introduction of the new Act, internal auditors can take the following steps:
- Find out what their organisation is doing, to assess the affects of the Act and to make the changes required.
- Review any changes that have been made to the risk profile and discuss them with the managers responsible.
- Ask management and the board if their requirements for independent and objective assurance in relation to these risks have changed.
- Consider the impact of the Act and the organisation's changes on existing requirements for independent and objective assurance.
- Change the internal audit work plan to take account of these changes, as necessary.
The results of these enquiries and modifications will differ between organisations but can include:
- Internal auditors facilitating management's efforts to understand the impact of the Act or to improve the management of health and safety risks.
- Internal auditors assisting with the evaluation of the management of health and safety risks.
- Internal auditors providing independent and objective assurance on:
- the existence of systems to identify and assess health and safety risks.
- the effectiveness of the management of health and safety risks.
- the processes for the direction and control of 'senior managers'.
The head of internal audit, like any other manager, has a duty of care to the people involved in the work of the internal audit activity. He or she should therefore identify and assess the risks that are related to the operation of the internal audit activity.
These may include risks related to travelling at home and abroad, working alone and working in remote places, stress, and physical demands of carrying files and sitting in temporary workplaces. This should be done using the organisation's policies, procedures and documentation.
Our guide on health and safety
Ministry of Justice
A copy of The Corporate Manslaughter and Corporate Homicide Act 2007 can be obtained from the Ministry of Justice website.
The Ministry of Justice also provide a range of introductory documents relating to the Corporate Manslaughter and Corporate Homicide Act 2007 explaining how the new offence works and where it will apply. It is intended to provide fundamental information to employers, senior managers and others seeking an overview of the new legislation.
Health & Safety Executive (HSE)
Primary source for regulations, codes of practice, guidance and standards in the UK.
In addition the HSE devotes specific web resource to corporate manslaughter and provides guidance on investigation of work-related deaths, liaison with police, prosecuting authorities and other interested agencies and authorities.
Institute of Directors
Contains policies, information and advice, including The Corporate Manslaughter and Corporate Homicide Act 2007 and a health and safety micro-site.