Gå til hovedinnhold

Responding to regulatory breaches

An audit report or an investigation may identify breaches of the regulations. As the responsible regulator, a number of reactions are then available to us.


The aim is not to punish or to create scapegoats, but to ensure that measures have been adopted to bring the enterprise’s operations into compliance with the regulations.

When serious incidents have occurred, taking action which can help to prevent similar events from happening in the future will be important.

Dialogue
Our most frequently used response is dialogue. In most cases, written questions, phone conversations and meetings between the players and ourselves lead to measures being introduced which ensure that the enterprise complies with the regulations.

Should an audit find minor infringements of the regulations, we always ask the player to explain how the nonconformity will be dealt with – and set a deadline for a response.

This process will take the form of written documentation, occasionally supplemented by meetings between us and the relevant player.

Notification of order
An order is a company-specific decision taken pursuant to the regulations. Before issuing one, we usually send a notification to the company concerned.

This is neither a response nor a warning of a sanction, but part of our administrative procedure. We ask the player to assess the facts presented by a specified deadline.

This is merely the first step before a company-specific decision is taken, and the notification letter contains the exact text of the order we intend to issue.

Order
An order is a strong instrument, which is legally binding on the recipient. That means the company has a legal duty to take the action specified in the decision.

This instrument is not deployed as a response to every breach of the regulations, but is used to establish that:

  • we regard the regulatory breach as serious in terms of health, safety and emergency preparedness
  • a strong reaction to less serious regulatory breaches is necessary because the company has been unable or unwilling to correct the same or similar breaches when our response has not had legal force.

Contents of an order
Since Norway has performance-based regulations, we do not normally order the implementation of specific changes or technology. That is only done where the regulations require particular solutions.

If specific deficiencies are to be corrected, we issue an order which requires the necessary corrections to be made but does not define how this should be done.

When we uncover extensive and basic shortcoming in the management system for health, safety and the environment, we usually issue an order to review and amend this system.

Retracting/amending a notified order
On some occasions, a notified order is not issued or has its wording changed. This could occur if:

  • the planned company-specific decision is based on incorrect assumptions – if, for example, information from the addressee convinces us that our order builds on the wrong facts, and that these facts have a considerable bearing on the company-specific decision
  • the addressee has already taken the action we planned to require with the company-specific decision.

Merely having drawn up plans for the work due to required is not considered to represent compliance with a notified order, except where the company-specific decision merely requires that such plans are prepared.

Shutting down operations
If we uncover a breach of the regulations which requires immediate action to protect safety, we can demand that a facility be shut down until the necessary measures have been instituted.