Successfully reported this slideshow.

Risk-based Regulation: OECD Best Practice Principles, Nick Malyshev


Published on

Presentation by Nick Malyshev, Head of the OECD Regulatory Policy Divison, Directorate for Public Governance and Terrritorial Development, at the Workshop on Risk Assessment in Regulatory Policy Analysis (RIA), Session 3, Mexico, 9-11 June 2014. Further information is available at

Published in: Government & Nonprofit
  • Be the first to comment

Risk-based Regulation: OECD Best Practice Principles, Nick Malyshev

  1. 1. RISK BASED REGULATION: OECD BEST PRACTICE PRINCIPLES Mexico City, June 9-11 Nick Malyshev Head of the Regulatory Policy Division OECD
  2. 2. • “Risk” = combination of probability and impact: p(I) • We face many risks, e.g.: – Accidents – Air pollution – Chemicals – Climate change – Disease – Disasters – Food – Finance – Tsunamis – Terrorism No such thing as “zero risk”
  3. 3. • The world appears to be getting generally safer over centuries – Rising human longevity (life expectancy) • Why? – Increasing wealth = demand for safety (e.g. EKC) – Advancing science = better detection of risk – Better regulation = reduce risks • But: public concern about risks continues to grow – Especially longer-term, lower-probability risks • Why? – Increasing wealth – Advancing science – Greater awareness – news, internet, “availability” – Greater safety and longevity itself, so rare risks become more salient – Emerging risks Declining risks, but rising concern
  4. 4. • Public well-being: goal to increase net benefits to society – Market failures: externalities, public goods (“tragedy of the commons”) – Government failures: costs, new risks created, hasty response to crisis – Responsibility to think through decisions – Thinking ahead -- crucial for prosperity, survival • Political accountability: governments held responsible for: – Costs of regulation to prevent risks • Burden on businesses, consumers, innovation, competitiveness – Costs of failure to prevent risks • Terrorist attacks, e.g. Madrid train bombings • Natural disasters, e.g. Haiti earthquake, Hurricane Katrina • Systemic failures, e.g. 2008 Financial crisis • Diseases, e.g. H1N1, HIV/AIDS, BSE (Mad cow) • Legal accountability: civil or criminal liability Why governments care about risk
  5. 5. Designing regulation to manage risk
  6. 6. Triage: selecting risks to address – setting priorities Risk assessment – Science: biology, chemistry, climate, engineering – Social science: economics, psychology, decision science – Uncertainty – Errors – false negatives, false positives Joint effects - multiple simultaneous risks may not be simply the sum of the individual risks – Pollution – Disease – Terrorism – Financial crisis Risk-risk tradeoffs: policies also face interconnectedness Challenges for Risk Policy
  7. 7. • Spread: risks move rapidly across networks and borders – Pollution – Disease – Terrorism – Financial crisis • Risk-risk tradeoffs: policies also face interconnectedness – Confront the tradeoff – Weigh the tradeoff – See “risk-superior” policy options that reduce multiple risks in concert • Learning: borrowing and testing ideas – Over time: ex post impact assessment – Across countries: “hybridization” – Toward a global policy laboratory Challenges for Risk Policy in an Interconnected World
  8. 8. Examples of risk-based approaches
  9. 9. General principles of risk-based classification
  10. 10. Defining risk categories Three fundamental “risk dimensions”:  Type of activity / sector  Scope / size of activity – scope of potential impact  History of the business or of the establishment All three aspects need to be combined to do proper risk rating – and determine right frequency of inspections Frequency is thus proportional to probability and magnitude of potential hazard
  11. 11. Risk categorization – sectors “High risk” for a sector can mean different things: -High likelihood of hazard (e.g. storage of flammable materials for fire safety – meat processing for food safety – mining for labour safety etc.) -Possibility of a major industrial accident (not only danger “on the spot” but possibly chemical contamination, large environmental and/or health disaster etc.) -Potentially high number of people affected (e.g. large hotels or hospitals for fire safety – large processing plants for food – etc.)
  12. 12. Risk categorization – establishments “High risk” for a specific building or establishment can mean different things: -Difficult accessibility (high-rise, underground, remoteness, narrow streets…) -Potentially high impact location (proximity with large population centers or sources of drinking water etc.) -Risk of panic and other specific factors that can make escape difficult (e.g. establishment for children, etc.) -Large scale of the establishment meaning large number of people potentially affected by contaminated produce etc.
  13. 13. Risk categorization – history “High risk” for a specific business can mean different things: -Repeated violations of rules over the years -Shortcomings which carry a particular risk for the public (e.g. lack of fire exits – violation of essential hygiene rules etc.) -Attempts to dissimulate problems
  14. 14. An example of risk-based matrix
  15. 15. 15 Netherlands - State Supervision of Mines (1)
  16. 16. 16 Netherlands - State Supervision of Mines (2)
  17. 17. Risk-focus made simple?
  18. 18. Fire safety inspections planning in France France – Fire Safety Regulation adopted in 1980 (updated since then and replaced by more modern approaches, but based on same principles): -Low risk (<200 people in total OR <100 if more than one floor OR <50 if underground): no compulsory planned inspections -Risk gradation proportional to number of people who can be in the building -Additional safety requirements for buildings height >28 meters -Top risk: facilities for events/exhibitions/concerts etc., department stores, large hotels etc. with the highest number of people – these should be checked every year -Simple criteria are already enough to considerably improve against “random” or “blanket” (or “subjective”) inspections
  19. 19. Risk-focus in practice – some figures
  20. 20. Risk focus can allow to inspect far less in quantity – but not necessarily less in quality… • Georgia 2003-2005 went from 75% of SMEs inspected each year, to 30% - no noticeable negative impact from the decrease • Lithuania 2011-2012: latest data suggests reduction by around 40% of inspections burden – again no noticeable negative impact • Some countries inspect much more than others – generally not with better outcomes (e.g. 75% of SMEs inspected each year in Ukraine, vs. around 35% in Italy, maybe 20-25% in UK etc.) • Gradual decrease of occupational safety inspections in UK in the 2000s (- 50% at least overall) – no increase in accidents, fatalities etc. (on the contrary, in fact) – similar trend with England/Wales Environment Agency (reduced low-risk controls by 60-70%, improved outcomes) • Evidence suggests that having “no inspections at all” or “too few” (less than 1% or so) may perform less well for safety than having “some, well targeted and professional inspections” – but there is no evidence that inspecting many is useful
  21. 21. THANK YOU! Nick Malyshev, Head of the Regulatory Policy Division