Hungry Jack’s breaches work health and safety laws


Hungry Jack’s has been fined AUD$90,000 after failing to call an ambulance to treat one of its employees who fell in an open vat of cooking oil while at work. Magistrate Michael Ardlie, in his judgement, stated “as an employer it was responsible for the employee’s safety and it should have arranged for proper medical treatment.”

The incident occurred in June 2012 when the injured employee, Dylan Robeson, was working the graveyard shift when asked to filter cooking oil from the deep fryers. After filtering two fryers, Robeson slipped and fell into the open top of the mobile unit, which was filled with hot oil. The temperature of the oil at the time ranged between 135C and 149C, leaving Robeson with third degree burns to 10 per cent of his body.

Hungry Jack’s pleaded guilty to one count of violating occupational health and safety laws. The company admitted that an external machine was required to filter the oil because the filtering component of the deep fryer was broken. Also, even though the external machine had a lid, it had to be kept off in order to be used, exposing the employee to a greater risk of harm.

Although the staff at the time helped Robeson by running cold water over his injuries, the restaurant manager failed to call an ambulance. Eventually Robeson called his father on his mobile, who then came to the store to take his son to the hospital. The magistrate expressed that “the first and immediate call ought to have been to an ambulance … Hungry Jack’s cannot discharge its duty of care to the father of the employee.”

As a result of the incident, Hungry Jack’s has committed to spending nearly AUD$5.3 million to replace all current fryers across Australia with self-filtering ones.

As a part of Australian work health and safety laws, employers owe a primary duty of care to provide and maintain a safe work environment. Also, employers have a duty to prepare, maintain and implement an emergency plan for each workplace. This plan must outline procedures to be followed in the event of an emergency. This includes medical treatment and various means of notifying emergency services.

Contact GRC Solutions today for more information about out work health and safety online compliance training courses.

Source: The Advertiser

Employee receives AUD$2.2 million in compensation for wet weather slip

work health and safety

Last December a security guard received $2.2 million in compensation fees, after sustaining a serious lower back injury from a wet weather slip at his place of work, the Port Botany container terminal.

The man, who was injured nearly 10 years ago, fell as he entered the gatehouse – a demountable hut held up on steel beams – where he and other guards were posted.

The court heard the gatehouse lacked a grab-rail for guards to lean or rest on; an awning to prevent water pooling on rainy days; and an intermediate step between the pavement and the entrance to the structure.

Justice Stephen Campbell of the Supreme Court of NSW held that an awning and an intermediate step would have been sufficiently reasonable precautions against the risk of slipping. He stated that a grab-rail was a possible alternative, but that placing an intermediate step between the pavement and the entrance to the gatehouse would have been ideal.

The guard’s employer and site’s occupier were found to have separately failed their duty to monitor and maintain the gatehouse as a suitable place of work, the court determined.

The negligence resulting in the man’s injuries were two-fold, the court found. First, the site’s occupiers had failed to install the necessary safety precautions to reduce the risk of slipping on rainy days. Second, the employer had failed to petition the occupier to make the relevant renovations.

The court arrived at the $2.2 million sum by taking into account the injuries suffered by the security guard, the psychological problems and chronic pain he endured and the man’s subsequent incapacity to obtain meaningful employment due to these ongoing issues.

Accordingly, the site occupiers were ordered to pay just over $1.3 million, with his employer footing the remaining $900,000.

This case demonstrates the need for businesses to have proper reporting and monitoring procedures in place, relating to workplace health and safety.

Does your organisation understand and comply with WHS/OHS laws? Speak to GRC Solutions today about our Work Health and Safety courses for more information.

Source: Workplace OHS

Fisher & Paykel fined $200,000 for misleading and deceptive conduct

Appliance company Fisher & Paykel and its warranty provider, Domestic & General, have each been ordered to pay $200,000 for misleading and deceptive conduct involving extended warranties.

The Federal Court of Australia found Fisher & Paykel misled and deceived their customers into thinking they were had to purchase an extended warranty in order to protect their products from repair costs. Under Australian consumer law, customers can seek repairs, replacements or refunds, even after the manufacturer’s warranty has expired, if the product is of unacceptable quality or is affected by a “major failure”.

Customers who had purchased a dishwasher with a two-year warranty received letters from Fisher & Paykel stating that “your dishwasher is now a year old, which means you have 12 months remaining – after that your appliance won’t be protected against repair costs. Fisher & Paykel can help.” The letter then offered the option to purchase an extended two-year warranty in addition to the original warranty. According to the ACCC, 48,214 letters were sent out.

The Court found it was not enough for the letter to note that customers were “entitled to a replacement or refund for a major failure and compensation for any other reasonably foreseeable loss damage” since this was “in relatively fine print” on the back page of the letter.

After the legal proceedings commenced against the two companies, all 1326 consumers who bought the extended warranties were contacted and offered a full refund. However, only 107 actually claimed a full refund.
Justice Wigney of the Federal Court also ordered the two companies to pay $15,000 in costs.

Source: Sydney Morning Herald

Contact GRC Solutions today for more information about our competition and consumer law training courses.

Data Protection: Turning compliance into opportunity

Written by Lyn Boxall one of our expertise panel members in the area of Data Protection.

Data protection regulations are now in force in Singapore.

data protection

The Do Not Call (DNC) Registry rules took effect on 2 January 2014. Holders of Singapore telephone numbers have been able to register and avoid receiving unwanted text, voice or fax marketing messages.

After an 18-month “sunrise” period to allow organisations to get their internal processes in order, nine personal data protection obligations and limitations took effect on 2 July 2014. Organisations must comply with them when they collect, use or disclose personal data from or about individuals, including their employees.

Compliance-based approach

Boards of companies need to ensure that management implements a robust compliance framework as part of its overall risk management responsibilities. In implementing this framework where the law is clear, management should act on an understanding of what is permissible and what is not. Where the application of the law is subject to interpretation, management should proceed in a way that is consistent with the risk appetite developed by the Board.

The DNC rules present a good example. They do not prevent organisations from sending marketing messages to Singapore telephone numbers in all circumstances. For instance and leaving aside the data protection rules for the moment, the DNC rules are clear that marketing messages may be sent to numbers that are not listed in the DNC Registry.

Where a number is listed in the DNC Registry, marketing messages may nevertheless be sent in the context of an on-going relationship if the purpose of the message is related to the subject of the ongoing relationship. There could be genuine debate as to whether there is an on-going relationship in any particular case and/or about whether the message has the necessary connection with that relationship. A decision consistent with the organisation’s risk appetite must be made before deciding whether or not to proceed with sending the message.

Yet, it appears that some organisations in Singapore have simply tipped targetted marketing messages into the “too difficult basket” and stopped using them altogether.

Similarly, the data protection rules do not prevent organisations from continuing to use personal data for the purposes for which they were collected prior to 2 July 2014. And yet, rather than applying a risk-based approach to determining the purpose for which personal data was collected, many organisations play it safe by burdening their stakeholders and requiring them to give specific consent for the continued use of personal data.

Beyond compliance to opportunities

The practical outcomes currently observed suggest boards need to guide management to not only apply a risk-based approach, but to also try another perspective: stop seeing data protection merely as a legal and compliance requirement that stands in the way of doing business.

Boards can, and should, communicate to management an expectation that they will implement data protection requirements in ways that find new opportunities to enhance operations and customer relationships.

One example is SingTel. It went beyond the current data protection rules to build a portal which provides customised options for its users on the type of marketing messages they want to receive. The greater granularity of options is beneficial to its customers but also provides the telco greater insights into its customers’ preferences. On top of that, the widely-reported pioneering response made good marketing copy.

As I observe the implementation of data protection laws in Singapore and elsewhere, the common factor is that legal or compliance staff are expected by management to take “ownership” of the issue. This yields a necessarily conservative outcome because legal and compliance staff are tasked with minimising risk, not with making decisions that take the company’s risk appetite into account.

Fundamentally different outcomes would occur if the issue of data protection was “owned” by chief executives and their sales and marketing teams, with expert input by legal or compliance staff.

This turns the conversation, and therefore the outcome, on its head. It stops being “tell me what I can and cannot do” and becomes “how do we make it happen – within acceptable legal parameters? What are the risks and options for such decisions?”

This solution-led approach could creatively improve customer service and relationships in the new data protection era. It directly confronts the key operational premise: how can we do better at winning and retaining customer loyalty in this new reality?

Clearly, I am not advocating non-compliance of the law. However, practical requirements can give rise to a considerable grey area, and the need to “make a judgment call”. The board must guide management towards decisions based on sound risk management, not just from a minimal-risk perspective.

Data protection laws are here to stay. The response from boards and management should be to leverage these laws while complying with them.

Lyn Boxall is a member of the Professional Development Committee of the Singapore Institute of Directors.

This article was first published in The Business Times and BT Invest (a financial portal of The Business Times), under the column “Boardroom Matters” by the Singapore Institute of Directors.

Asia Update

Sam Gibbins, General Manager Asia has spent the last few weeks travelling to meetings across Asia accompanied by Julian Fenwick our Managing Director who was visiting from Australia.

Together they also exhibited at the International Conference on Financial Crime and Terrorism Financing 2014, held in Malaysia.

The event was positive with a crowd of 490 delegates visiting the conference in Kuala Lumpur. The pool of delegates consisted of Senior Executives from large organisations across Asia.

This important yearly event is one that brings Senior Management and the Board of Directors at various organisations together to discuss corporate governance, risk and compliance and to consider the effectiveness of their current methodologies, technologies and systems on minimising financial crime, terrorism financing and the like.

As a corporate Anti-Money Laundering expert, Sam was also asked to Chair a discussion on Anti-Money Laundering & Crypto Currencies (Bitcoin). You can read our article on this topic here.

We were also able to do some quick demonstrations of our Salt Compliance training technology and content for Asia.

Seeing as this conference was in Malaysia, we understand that many of you were unable to attend. We would like to extend our invitation for an obligation free Salt Compliance demonstration to you.

Simply contact us to set-up a time that is most convenient for you.

panel discussionSam does demojulian at standphoto 3conference room

PolicyHub 4 released

GRC Solutions is pleased to announce the release of PolicyHub 4, Hitec’s award winning Policy Management Solution.

PolicyHub is designed to manage the entire policy lifecycle from creation, review, approval, publishing and distribution management, attestation to reporting with full audit trails.

PolicyHub 4 comes with a refreshed user interface for an improved (UX) User Experience as well as other performance enhancements.


Key developments:

  • Full administration access from anywhere in the world via a web browser
  • Refreshed user interface with improved user experience
  • Tests & Questionnaires comprehensively redesigned
  • Single Sign On through-out including SaaS (Software as a Service)
  • Efficiency improvements

Jeremy Crame, Hitec CEO, comments:
“At an important time when firms are required to meet increasing regulatory obligations Hitec are continuing to make enhancements across all product and service lines. PolicyHub 4 brings improved efficiencies to your Policy Management workflows enabling you to increase performance and keep on top of your GRC programmes.”

GRC Solutions is a reseller of Hitec’s PolicyHub solution within the Asia Pacific region. We have recently integrated PolicyHub with a complete risk management software to bring you GRCHub for all your governance, risk and compliance needs.

Please do not hesitate to contact us for a demo of either or both of these products.