This article is co-authored by Valentin Nikonov and Lorenza Jachia (see bio here)
This statement describes the concept of building a risk-based regulatory system, which, we believe, should provide insight and directions to the reform of standardization policy. The concept of risks as triggers for regulatory intervention is widely recognized; and the development of risk management frameworks for regulatory systems is at the core of the policymakers’ agenda and a subject at the crossroad of different fields of research.
Risk as a concept can be used to evaluate how ‘balanced’ the regulatory system is, against two extremes: excessive regulations – regulations that are too stringent with respect to the risk they set out to address – and insufficient regulations that fail to address risks as perceived by the various stakeholders. As noted in Outcome of the UNECE International Conference on Risk Assessment and Management (see here), ‘laws, administrative measures and technical regulations, complemented by voluntary standards and norms are one important response to risks’.
The Working Party on Regulatory Cooperation and Standardization Policies of the United Nations Economic Commission for Europe (UNECE WP. 6) is pioneering a holistic approach to the management of risks in regulatory systems. We believe that this approach will raise both efficiency and transparency of regulatory systems.
The distinctive feature of this approach is its focus, which not confined to regulations but embraces the whole regulatory system in its institutional complexity.
In brief, the approach is based on the implementation of a series of codified steps (as shown on the picture below):
1. Establishing policy criteria that the regulator will refer to in managing public risks, and the consultation mechanisms that it will use to communicate effectively with all stakeholders;
2. Identifying assets: these can be thought of as the public goods the regulator seeks to protect (safety of the workers, health of citizens, environmental assets such as forests and air quality…). This steps results in a constantly updated assets inventory;
3. Identifying and assessing the risks to the assets that have been identified. The result of these processes is a list of risks that are ranged according to the level of their criticality, a function of their expected probability and impact;
4. Choosing a risk management strategy that is appropriate to each risk identified Taking into account its policy criteria, the regulator decides for each risk whether to accept it, to avoid it, to transfer or to mitigate it, by implementing appropriate measures;
5. Implementing the chosen risk management strategy. This involves:
• integrating the regulatory and other measures with existing tools
• establishing coordinating mechanisms among competent authorities and stakeholders
• giving guidance and establishing an appropriate budget for the institutions responsible for monitoring compliance (conformity assessment and/or market surveillance authorities
• deciding on penalties for non-compliance
6. Drawing up contingency plans
7. Establishing appropriate mechanisms for the continual improvement of the system
We believe that the UNECE WP. 6 is an ideal forum for the debate of these issues, as it has a broad mandate encompassing all the phases of the regulatory dialogue, including fostering convergence among technical regulations internationally, cooperation among conformity assessment bodies and guidance to market surveillance institutions. For this reason, the Working Party will at its next annual session to be held on 3 and 4 November 2010 institute a new Group of Experts on Risk Management in Regulatory Systems (GRM), that is informally starting its activities with a survey to identify how risk management tools are currently used by regulatory system stakeholders and where potential bottlenecks exist. We will be happy to share the results of the survey with TalkStandards.
