How anti-terrorism laws are increasing executive liability

Changes to the social and political landscape since the 11 September 2001 terrorism attacks have brought far-reaching changes in OHS laws and increased accountability and liability on C-level executives, according to Deacons partner, Michael Tooma.

Tooma, author of the book Safety, Security, Health and Environment Law, said employers face greater exposure to liability with the broadening of laws concerned with corporate activity that impacts on security and the threat of terrorism.

"Laws relating to occupational security are often a subset of broader anti-terrorism and criminal laws and may not, at first glance, herald the important changes employers and business owners need to make to ensure they comply," he said.

"Business owners and executives are often responsible for the actions of employees, or third parties who form part of the supply chain.”

What few executives understand, said Tooma, is that the laws could make them accountable if their business is a target of a terrorist attack. For example, developers, architects and builders will be ultimately responsible for designing and constructing buildings that are harder for terrorists to penetrate, or easier to evacuate in case of a terrorist attack. However, this heightened level of responsibility may not yet be obvious to many in the building sector.

"The lines of responsibility are not yet absolutely clear as people can be prosecuted under different laws and currently it is the responsibility of each business in the supply and service chain to ensure they are not exposed.”

One area of employer exposure Tooma cites as potentially hazardous is the requirement relating to critical infrastructure, wherein owners and operators must prepare — and annually audit — a risk management plan that prevents or mitigates the effects of a terrorist act.

The government defines critical infrastructure as "those physical facilities, supply chains, information technologies and communication networks which, if destroyed, degraded or rendered unavailable for an extended period, would significantly impact on the social or economic well-being of the nation, or affect Australia's ability to conduct national defence and ensure national security".

"Up to 90% of critical infrastructure in some parts of Australia is privately owned and operated, yet there is no single national law that clearly sets out the responsibilities, requirements and penalties for non-compliance for business owners and executives," said Tooma.

"Presently, employers must proactively identify the potential risk of their business and implement a security risk management system that mitigates their risk.

"A streamlined, national approach from government is required to ensure security risks to the people of Australia are properly identified and non-compliance risks to Australian businesses due to ignorance of the laws are minimised," he said.