Are Risk Assessments A Legal Requirement?

Summary

Risk assessments are a legal requirement at work. In fact, risk assessment is so important it has its own section under the Management of Health and Safety at Work Regulations. In this blog post, we look at risk assessment laws and regulations.

Risk assessments are a legal requirement at work. Risk assessment is so critical it has its section under the Management of Health and Safety at Work Regulations. In this blog post, we look at risk assessment laws and regulations.

Are Risk Assessments A Legal Requirement? header image

Are risk assessments a legal requirement? If you are looking for a simple yes or no answer, the answer is yes—risk assessments are a legal requirement.

At least, they are a legal requirement at work.

You might not realise it, but you assess risk every day. Is it safe to cross the road? Is that plate hot? Is it going to rain? Do I need to put on sun cream? It becomes second nature. Half the time, you might not realise you are doing it.

No law tells you to assess risk at home and in your personal life. It is just self-protection, a skill you have been developing since you were a child. You don’t want to get hurt or face the consequences of a bad decision.

At work, risk assessments are a legal requirement. So there needs to be more formality and structure around the risk assessment procedure. But it still follows the same idea – preventing you (and others) from getting hurt.

green traffic light

Risk assessment laws and regulations

Employers are obligated under health and safety laws to protect their workers and anyone who may be harmed by their work.

  1. It shall be the duty of every employer to ensure, so far as is reasonably practicable, the health, safety and welfare at work of all his employees

Health and Safety at Work etc. Act 1974 General duties of employers to their employees

However, the regulations that specifically make risk assessments a legal requirement are the Management of Health and Safety at Work Regulations (MHSWR).

It is the law under the Management of Health and Safety at Work Regulations (MHSWR) that every employer and self-employed shall carry out a risk assessment of any risks to the health and safety of employees or other persons.

Risk assessment is so critical it has its section under the MHSWR – section 3.

  1. Every employer shall make a suitable and sufficient assessment of—
    1. the risks to the health and safety of his employees to which they are exposed whilst they are at work; and
    2. the risks to the health and safety of persons not in his employment arising out of or in connection with the conduct by him of his undertaking…
  2. Every self-employed person shall make a suitable and sufficient assessment of—
    1. the risks to his own health and safety to which he is exposed whilst he is at work; and
    2. the risks to the health and safety of persons not in his employment arising out of or in connection with the conduct by him of his undertaking…

The Management of Health and Safety at Work Regulations 1999 Risk assessment

The Management of Health and Safety at Work Regulation is the primary regulation for risk assessments. It applies to all workplaces.

Other regulations may also apply to specific risk assessments, depending on your activities. For more information, see the “Additional laws” section at the end of this blog post.

Risk assessment responsibilities

As you can see from the regulations, risk assessments are the responsibility of both employers and the self-employed.

Employers are responsible for assessing the risk to:

  • Employees
  • Anyone else who might be affected
risk assessment paperwork

The self-employed are responsible for assessing the risk to:

  • Themselves
  • Anyone else who might be affected

Others could include occupants, other workers (working in the same area), visitors, clients, or even members of the public.

So, risk assessments are a legal requirement for every employer and self-employed person, and they must assess the risks not only to those they employ but also the risks to anyone else who may be affected by the work activities.

This doesn’t mean the employer needs to carry out the risk assessment; it just means they are responsible for making sure they are done. They may have a competent person or a health and safety manager with the knowledge and skills to do a suitable and sufficient risk assessment.

The regulations go further in that any employer employing over 5 or more employees must record “the significant findings of the assessment”. In other words, you need to have it written down.

(6) Where the employer employs five or more employees, he shall record—

  1. the significant findings of the assessment; and
  2. any group of his employees identified by it as being especially at risk. — The Management of Health and Safety at Work Regulations 1999 – Risk assessment

Need help writing your risk assessments? Get access to over 200 risk assessment templates for your business activities.

What if you have less than 5 employees?

Even if you employ fewer than 5 employees, you might need to have a written record of your risk assessment. Although the law doesn’t say you must write it down, you may need to supply it to clients or other stakeholders and communicate the findings to employees.

Having the risk assessment written down is the only way to show you have done one (and remember, it’s a legal requirement – even if you have no employees).

You will often get asked to provide evidence of your risk assessments for health and safety accreditations and pre-qualification questionnaires, especially in higher-risk industries.

construction risk assessment on site

Now you know when you need a risk assessment by law. But what should your risk assessment contain? What format does it need to follow to comply with the MHSWR?

While risk assessments are required by law, the MHSWR does not necessarily specify how to carry one out – just that the evaluation of risks must be done and suitable and sufficient.

To ensure that your risk assessment is sufficient, it is a good idea to follow the five steps to risk assessment.

There are different ways to record your risk assessments and even different types of risk assessments. Your assessment doesn’t have to look pretty, but it should be clear, easy to read, and understandable. After all, your team needs to be able to read, understand, and follow it.

Don’t know where to start? Here’s how to complete a risk assessment in 5 minutes.

Additional Laws

We already mentioned that the MHSWR isn’t the only set of regulations that require risk assessments—it is the primary regulation and the basis of the law surrounding risk assessments. But in certain circumstances, there are other legal requirements to consider.

For example, under the Control of Substances Hazardous to Health (COSHH) Regulations, a COSHH assessment—a risk assessment produced specifically for hazardous substances—is required.

using a hazardous substance with gloves

Under the Display Screen Regulations, employers are required to “perform a suitable and sufficient analysis” of workstations, also known as a DSE assessment.

An employer who carries out work which is liable to expose any of his employees to risk from vibration shall make a suitable and sufficient assessment of the risk created by that work to the health and safety of those employees and the risk assessment shall identify the measures that need to be taken to meet the requirements of these Regulations.The Control of Vibration at Work Regulations 2005 Regulation 5

The Control of Vibration at Work Regulations require employers to assess the risk from vibration, take the necessary measures to control it, and set legal limits on vibration exposure.

So, while the Management of Health and Safety at Work Regulations contain the fundamental requirement for all businesses to carry out risk assessments, other regulations also add additional legal requirements for specific hazards. These can specify some extra things that need to be included in your risk assessment or legal limits that apply.

This article was written by Mathew Oldham (HSQE Consultancy Ltd). Mathew has over 20 years of experience in health and safety and an MSc (Hons) in Construction Management. Mathew is NEBOSH Health and Safety, Construction, Fire, Environment and Diploma qualified and CertIOSH.

Enhancing Health and Safety

We are committed to helping you and your business integrate safety into your operations. Our expertise ensures that health and safety measures are not just an afterthought but a fundamental part of your business strategy. Partner with us to create a safer, more compliant workplace and protect your most valuable asset – your people. Want to know more?