Clay Maitland

On a quest for quality in shipping

Oversight, assessment of risk and management: Part 3

Posted on | November 4, 2011 | No Comments

As we all know the ISM Code was adopted by IMO in 1993.  The Code was drafted as a self-contained document.  However, its provisions were bought into force internationally when, at the Safety of Life at Sea (SOLAS) Conference in 1994, compliance with its provisions became mandatory under a new Chapter IX to the SOLAS Convention.  The Code differs from other quality assurance systems in that it is mandatory; it has been amended over the years, and is generally incorporated in OPA ’90.

All commercial ships of over 500 gross tons, including passenger ships, oil tankers, chemical tankers, gas carriers, bulk carriers, cargo high-speed craft, other cargo ships, and, significantly, mobile offshore drilling units, are to comply with the ISM Code.

The Code is drafted in broad terms and lays down a set of general principles with widespread application to all types of ship and owner.  It recognizes that shipping companies and shipowners are not the same and that ships operate under a wide range of different conditions.  It expressly recognizes that different levels of management require varying levels of knowledge and awareness of safety and environmental issues.  Therefore, the Code is brief and deliberately based on general principles and objectives.  There are as many ways of addressing the ISM Code as there are shipping companies.  It is up to the shipping company to decide how to address the provisions of the ISM Code.  This must be done in a way that it can be demonstrated to a third and independent party.  The intention of the Code is that the owner or operator should design his own system, in a form that is suitable for his particular operation.  The duty of the implementing authority is to make sure that once the system is designed it complies with the general requirements of the Code.

To comply with the requirements of the ISM Code, companies should develop, implement and maintain a safety management system (SMS) to ensure that the safety and environmental protection policy of the company is implemented.  The SMS should include a number of functional requirements:

  • A safety and environmental protection policy;
  • Instructions and procedures to ensure safety and environmental protection;
  • Defined levels of authority and lines of communications between and amongst shore and shipboard personnel;
  • Procedures for reporting accidents, etc.;
  • Procedures for responding to emergencies;
  • Procedures for internal audits and management review.

Although the Code doesn’t spell this out, it is understood that operational risk management rests on a broad framework of risk and reward.  Top executives and board members are certainly responsible and accountable for this strategic positioning.  The presence of a risk committee assessing the future balance of threat to opportunity should never spare the board the sweaty-handed liability for the consequences of risky decisions.

Moreover, even risk managers working within a well-designed control structure are largely powerless if there exists an embedded corporate culture of noncompliance, irresponsible cost-cutting, cynicism and a system of skewed incentives.  Recent history – particularly in the financial sector – shows rules and processes are far easier to change than bad behavior and big bonuses.

An unanswered question:  How are regulators supposed to oversee compliance with ISM principles?  The political mess that occurred after April 20, 2010 makes it very clear that the regulators will be blamed for failing to oversee and prevent corporate failure.  It is evident that coastal states and flag states can not afford the imputation of a failure of oversight.  It is also clear that the regulators can not fail to “get out ahead” of the public relations battle that always follows an environmental incident, particularly one involving spilled oil.

One of the issues is the extent to which safety management systems are approved, and their compliance validated, by recognized organizations such as – but not limited to – classification societies.  Given the political sensitivity, something more is needed.

That “something” may prove to be a requirement that senior management certify that a corporate culture of safety is in place, at the same time specifying what methods are being applied to ensure adherence to the spirit, as well as the letter, of the ISM Code and its offspring – such as the ISO system.

If this sounds like a safety management version of Sarbanes-Oxley, that is probably in fact where we are headed, with a measure of Dodd-Frank added.  When all is said and done, regulators can not interview middle management employees, much less the directors and officers of shipping and oil production companies; there are just too many of them, and government doesn’t have the money.  The marketplace, in the form of liability, is probably the greatest discipline.  BP’s projected $40 billion cost in liability and cleanup expenses is of course a cautionary tale.  However, it is unlikely to discourage costcutting at the wellhead, or in the finance department, unless risk and liability are brought home on a personal basis to the individuals who make the decisions.  This seems to have worked with Exxon Corporation after EXXON VALDEZ.  It is, in two words, PERSONAL ACOUNTABILITY.


Leave a Reply