Hiding in plain sight: Chain of Responsibility risks that can be easily missed

Written By CoRsafe Team

Many consignors feel reasonably confident about how they’re managing their Chain of Responsibility (CoR) obligations. The paperwork’s in order, the procedures are documented, and everyone’s responsibilities seem clear. 

But that confidence can sometimes create blind spots. 

Sometimes, CoR risks get missed – and it’s not necessarily because they’re buried in obscure legislation or hidden in fine print. Often, it’s because they’re part of everyday procedures, or the result of assumptions that have long gone unchallenged. These risks are easy to miss not because they’re particularly complex, but because no one’s looking for them. 

Aaron Louws, Supply Chain Technical Manager at CoRsafe, highlights four situations where risk often flies under the radar, and explains why it’s worth taking a closer look: 

  • when the focus is too narrow;

  • when the process doesn’t match the practice;

  • when you think it’s not your problem; and 

  • when closer attention is being paid to certain risks by the regulator (usually for a reason). 

When the focus is too narrow 

In 2018, the National Heavy Vehicle Regulator (NHVR) implemented updates to the Heavy Vehicle National Law (HVNL) to bring CoR more closely in line with harmonised workplace health and safety laws. 

For the most part, this was a welcome shift. But the rollout of these changes, and some of the early takeaways in industry, led to an over-emphasis on compliance with a narrow set of key risk areas: speed, fatigue, mass, load restraint, and vehicle standards.

These areas are critical, no doubt – and under HVNL there are specific obligations relating to these risks. But they’ve given many businesses tunnel vision when it comes to what managing CoR is all about. 

Many businesses now treat CoR as a binary compliance activity – you’re either overloaded or you’re not; the driver has had enough rest or they haven’t. That mindset can lead to a false sense of security.

What often gets overlooked is the broader obligation under Section 26C: to do everything, so far as is reasonably practicable, to ensure the safety of your transport activities. This is your primary duty, and it’s not just about ticking boxes in key risk areas. It’s about actively managing risks across your operation.

Similarly, I sometimes see businesses place too much confidence in declarations. These forms are useful tools, but they’re not safeguards on their own. They’re only as reliable as the systems and people behind them. 

A declaration might state that a load is within mass limits, or that it’s been properly restrained, but unless there’s a robust process behind it, that declaration can create the illusion of compliance without substance. 

And when that illusion takes the place of real scrutiny, risk has a way of slipping through unnoticed.

When the process doesn’t match the practice 

Most businesses have procedures in place to support safe transport activities, and on the surface, that can feel like a tick in the CoR compliance box. But a procedure is only effective if it reflects how the job is actually being done.

The process written down might describe the “golden path” – the ideal version of the task – while what’s happening on the shop floor looks very different. In some cases, the work has changed but the documentation hasn’t. In others, a generic or off-the-shelf procedure has been dropped in without being properly tailored to the people, risks or activities involved.

This is where the real risk lies: not in having an ‘old’ document, but in having a document that’s out of step with reality.

There’s a common perception that outdated procedures are inherently unsafe. But I’ve seen 10-year-old documents that still hold up as gold-standard risk controls. What matters isn’t how long ago something was written; it’s whether it still applies. Has the task changed? Has the law changed? Has a prosecution elsewhere exposed a gap you haven’t considered?

It’s also important to be wary of procedures that explain what needs to happen, without explaining how. For example, a safe loading policy might refer to legal obligations under CoR, but offer little clarity about what steps are required on the ground, who’s accountable, and how risk is managed in real terms.

For that matter, it’s worth rethinking any process that depends too much on people getting it right every time. A good example is the old “three-metre rule” for pedestrians around forklifts. It looked good on paper, but incidents kept happening, because it relied on human awareness and compliance. For those familiar with the ‘hierarchy of controls’, you’ll know that relying on administrative controls to manage a risk is setting yourself and your team up for failure.

That’s why many workplaces have moved towards physical separation: barriers, walkways, and zoning that remove the need for constant vigilance and split-second decision-making.

That mindset applies to CoR, too. If your system relies entirely on people spotting problems in the moment, it might be time to rethink how well those controls are really working.

The fix doesn’t have to be complicated. One approach, at least around documented process management, is scheduled reviews of your documented procedures – say, every three years – regardless of whether anything’s changed. 

The other is triggered reviews: if the law changes, a process shifts, there’s a close call or incident, or even when someone on the ground flags a concern, take another look to make sure your procedures still reflect reality, and still help the people relying on them to do the job safely. 

When you think it’s not your problem 

One of the most common pitfalls I see is consignors assuming their responsibility ends when the goods leave the site, or when the task is handed to someone else.

A lot of consignors aren’t in transport. They’re just trying to get a product delivered. But that doesn’t remove them from the chain. In reality, consignors act as a conduit through the entire supply chain. They influence delivery timeframes, contract terms, communication processes; all of it.

That influence can have real consequences. If your customer, who is two hours away, closes at 3pm and you don’t release the load until 1pm, the driver is probably going to feel pressured to speed if they want to get there in time. Or if you don’t pass on critical site information, like the absence of a forklift, you might be setting up a situation where the driver, along with those receiving the goods, have to improvise in unsafe conditions.

CoR isn’t a game of hot potato. You don’t pass responsibility onto the next person by handing off the task. Everyone in the chain has the same duty, the ‘primary duty’, and multiple parties can be liable at the same time.

I’ve also seen issues arise with imported freight. Once it hits Australian roads, CoR obligations apply. That means if you’re the one arranging the shipment, you may be responsible for how it was packed, even if that happened overseas.

There was a well-known incident involving overloaded timber containers and poor paperwork that led to a truck rollover at a pedestrian crossing. Thankfully, no one was hurt, but the consignor was prosecuted for failing to control their overseas supplier’s practices.

If you have the ability to influence how goods are packed, transported or delivered – even indirectly – then you have a responsibility to manage that risk.

When closer attention is being paid to certain risks by the regulator (usually for a reason)  

There’s a kind of irony here: businesses often fixate on the risk areas that were front and centre when HVNL was being updated in 2018, but miss the signals about what the regulator is focusing on now. 

The NHVR doesn’t just wait for things to go wrong. They are actively identifying patterns and emerging risks before incidents occur, so they can direct their efforts into preventing issues (not just penalising parties once it’s too late). And when the NHVR signals what they’re worried about, it pays to listen.

At Trucking Australia 2025, for instance, the NHVR announced that speed management would be a key focus area in 2026. That tells us they’re already seeing repeated speeding incidents and systemic failures in how that risk is being managed across the industry. The data published in the 2024 NTARC Major Incident Investigation Report backs this up too, with speed flagged as the second highest contributor to heavy vehicle accidents caused by ‘Human Factors’ included in the 2023 dataset; a 4.8% increase on the previous year.

We’ve also seen increased enforcement in specific sectors like wine, buses, agriculture and market sites, especially where seasonal changes create inconsistent transport demands. During harvest, for example, there are more trucks on the road and more casual workers, and that can lead to more corners being cut. 

By tracking what the regulator is paying attention to, you can stay ahead of risk trends and avoid being caught off guard.

Time to take another look? 

Meeting your CoR obligations isn’t just about compliance. It’s about cultivating a mindset of continuous improvement. That means staying curious, testing your assumptions, and recognising that what worked yesterday may not be good enough tomorrow.

That’s why it’s worth asking:

  • Are we narrowing our focus to a checklist of key risks, and missing the bigger picture?

  • Do our procedures reflect how the work is actually being done?

  • Have we considered how our practices affect the other links in the chain? 

  • Do we understand what the regulator is paying attention to right now, and how our practices stack up?

You don’t need to overhaul your system overnight. But you do need to stay engaged, because CoR isn’t set-and-forget. It’s something you need to live and breathe every day.

At CoRsafe, we work with businesses to uncover the gaps, pressure points and blind spots that can lead to CoR risk, and to build practical, fit-for-purpose systems that reflect how the work really gets done. We also help teams stay in step with what’s happening in the industry, so they can be confident they’re managing risk and monitoring change proactively, not reactively.

Because the biggest risks aren’t always hidden. Sometimes, they’re right in front of you – just waiting for someone to take a closer look.

© 2025 Logistics Safety Solutions Pty Ltd (LSS) ABN 25 134 417 379. General information only. LSS bears no responsibility, and shall not be held liable, for any loss, damage or injury arising directly or indirectly from your use of or reliance on the information in this article. 

CoRsafe Team
Next

The 2025 Load Restraint Guide. What’s Changed and Why it Matters.