Chain of Responsibility
How businesses can ensure compliance (and sleep at night)
A phone call you don’t forget: a driver has been intercepted roadside, the load’s not right, and the story doesn’t line up with the run-sheet. The driver is rattled. Your operations team is defensive. Procurement is asking what the contract says. The customer team is asking if deliveries will still land. Someone in the executive group says, “Are we exposed here?”
Chain of Responsibility (CoR) is exactly about that moment — not the drama of it, but the accountability behind it. It’s the legal and operational idea that road safety isn’t only the driver’s job. The decisions that shape risk often happen off-road: in schedules, contracts, loading docks, warehouse cut-off times, incentive structures, and the quiet pressure to “just get it done”.
The tricky bit is that most businesses don’t set out to create unsafe transport. They create busy transport. And when busy meets constraints, risk finds the gaps.
This article is written for Australian organisations that rely on road freight — whether you run your own fleet, outsource to carriers, use couriers, or sit upstream/downstream as a consignor or consignee. It’s practical, plain-English, and aimed at helping you build a CoR approach that’s not just compliant, but workable.
A quick note before we start: this is general information, not legal advice. CoR obligations can vary depending on your role, contracts, and where you operate. Use this as a guide and get legal advice for your specific circumstances.
What is Chain of Responsibility, really?
At its core, CoR is part of heavy vehicle law that makes parties other than drivers responsible for safety outcomes across the heavy vehicle journey. It exists because unsafe outcomes (fatigue, speeding, overloading, poorly restrained loads, unsafe vehicles) are often caused or encouraged by upstream decisions.
The modern framing is simple:
- There is a primary duty to ensure, so far as is reasonably practicable, the safety of your transport activities.
- You must manage risks and hazards arising from those transport activities.
- You must not take actions that directly or indirectly cause or encourage breaches — including through contract terms, rewards/penalties, or preferential treatment.
CoR is not about a title on an org chart. It’s about the function you perform.
Who is “in the chain”?
You are typically a party in CoR when you perform one or more defined functions — for example: employer, prime contractor, operator, scheduler, consignor, consignee, packer, loading manager, loader, unloader. A key point many organisations miss: consignees and unloading sites matter. Receiving freight doesn’t make you passive; it can make you accountable.
Executives are also in the frame. If you’re an executive of a business that is a CoR party, you have a due diligence duty to ensure the business complies with its primary duty. That means CoR isn’t something you “delegate to ops and forget”.
Where does CoR apply in Australia?
In much of Australia, CoR sits within the Heavy Vehicle National Law (HVNL) framework. HVNL applies across several states and territories (with jurisdictional variations). Some jurisdictions have not adopted HVNL, and Western Australia has its own CoR legislative framework.
Practically, if your freight task crosses borders, you need to treat CoR as a national, end-to-end obligation — because your decisions can influence outcomes regardless of where your head office sits.
The five risk areas regulators keep coming back to
When you strip CoR down to what actually gets investigated, you’ll see the same themes repeatedly. Regulators expect parties to be managing risks including:
- Fatigue (schedules, rest breaks, loading delays that push driving into unsafe hours)
- Speed (unrealistic time windows, incentives that reward rushing)
- Mass and dimension (overloading, inaccurate weights, poor checks)
- Load restraint (inadequate packaging, unstable pallets, poor restraint practices)
- Vehicle safety (maintenance, defects, unsafe equipment)
These aren’t abstract categories. They connect directly to the everyday knobs you turn in a business:
- delivery windows and cut-off times
- loading dock practices and dwell times
- how you handle late trucks (and who wears the pain)
- packaging specs and pallet standards
- how you select carriers and subcontractors
- what you do when something goes wrong (and whether you learn from it)
“Reasonable steps” and “reasonably practicable” – the words that matter
Most organisations don’t fall over because they didn’t care. They fall over because they can’t show what they did.
CoR compliance is heavily evidence-based. If something happens, you want to be able to demonstrate:
- you understood your transport activities
- you identified the risks you could influence or control
- you implemented controls proportionate to the risk
- you monitored whether controls were working
- you improved the system when weaknesses appeared
The standard is “reasonably practicable” — weighing what could be done, what is known about the risk, and what controls are available. It’s similar in spirit to WHS thinking: identify, assess, eliminate or minimise.
The easiest way to think about it is this: if your best control is “we told people to be safe”, you don’t have a control. You have a poster.
A practical CoR compliance blueprint
10 steps that stand up in the real world
Below is a structured approach that works for operators, consignors, consignees, and everyone in between. You don’t need all of it on day one — but you do need a plan, and you do need momentum.
Step 1: Map your transport activities (properly)
Start by documenting the freight tasks your business touches:
- what you move (product types, hazards, temperatures, high-value)
- where it moves (routes, distances, metro vs regional)
- how it moves (heavy vehicle linehaul, rigid distribution, couriers, subcontractors)
- when it moves (peaks, cut-offs, seasonal surges)
- who controls what (your team, carriers, sites, customers)
This is the foundation. If you can’t describe your transport activities, you can’t manage their risk.
Step 2: Identify your CoR functions and accountabilities
Don’t assume “the carrier has it”. Identify where you act as:
- consignor (sending goods)
- consignee (receiving goods)
- packer, loader, unloader (warehouse activities)
- scheduler (anyone setting delivery times, run plans, routes, dock times)
- loading manager (premises managing frequent loading/unloading)
Then assign accountable owners internally. Not a committee — owners.
Step 3: Put executive due diligence on a schedule
Executives don’t need to run the dock, but they must be able to show due diligence. In practice, that means:
- regular reporting on CoR risks and controls
- visibility of incidents, near misses, and corrective actions
- assurance that contracts, policies, and processes don’t incentivise breaches
- resourcing decisions that match the risk profile
- active questioning: “What would cause a driver to speed in our network?”
A simple rhythm helps: quarterly CoR review at executive level, with clear actions and follow-up.
Step 4: Build a CoR risk register that reflects how work actually happens
Make it practical. Your risk register should cover:
- fatigue risk drivers (loading delays, schedule padding assumptions, waiting time)
- speed risk drivers (tight windows, punitive late fees, unrealistic slotting)
- mass/dimension controls (weights, pallet standards, checks)
- load restraint controls (packaging specs, pallet quality, restraint responsibility)
- vehicle safety controls (carrier requirements, defect reporting, maintenance verification)
Also include “system” risks like:
- subcontracting chains where visibility drops off
- new lanes or new suppliers without onboarding
- peak trading periods where normal rules get bent
Step 5: Fix the “silent risk multipliers” in your commercial settings
This is where many businesses accidentally create CoR exposure.
Common commercial settings that increase risk:
- delivery windows that ignore real travel time and rest breaks
- penalty regimes that push carriers to “make it up on the road”
- incentives that reward speed rather than safety and conformance
- contracts that say the right things, but operating practices that contradict them
- procurement decisions that squeeze rates without understanding safe cost-to-serve
A mature approach aligns commercial levers with safety outcomes:
- reasonable windows and contingency
- shared problem-solving when delays occur
- carrier scorecards that value conformance, not just price
- clear escalation pathways instead of “just get it there”
Step 6: Treat the loading dock as a CoR control point (not a bottleneck you tolerate)
If your warehouse loads or unloads heavy vehicles, your dock is a frontline risk area.
Practical controls include:
- booking and time-slot discipline (to reduce queueing, rushing and conflict)
- safe separation of pedestrians and vehicles
- clear rules for staging vs storage (a cluttered dock becomes unsafe fast)
- documented load/unload SOPs with responsibility clarity
- checks for pallet quality and load stability before dispatch
- escalation rules when something isn’t right (and the authority to stop the job)
The aim isn’t bureaucracy. It’s predictable, safe flow.
Step 7: Strengthen carrier and subcontractor management (end-to-end)
If your carrier subcontracts, your visibility and control can evaporate unless you design for it.
Better practice includes:
- onboarding requirements (policies, training evidence, insurances, safety systems)
- subcontracting rules and disclosure requirements
- minimum standards for fatigue management, load restraint, maintenance, reporting
- performance scorecards that include safety and compliance indicators
- audits or spot checks proportionate to risk (not “audit theatre”)
You’re not trying to catch people out. You’re trying to ensure consistent, safe execution of the freight task.
Step 8: Use data that proves control, not data that looks impressive
For CoR, the most useful data is evidence that controls are working:
- time-slot adherence and dwell time
- late departure drivers (why trucks leave late)
- route and schedule realism (planned vs actual)
- incident and near miss trends
- load quality issues (damages, instability, restraint failures)
- repeat non-conformance by lane, carrier, site, supplier
Technology can help — but only if it’s tied to decisions and actions.
Step 9: Train the right people on the right risks
A common mistake is “one CoR training for everyone, once a year”.
Better:
- executives: due diligence, governance expectations, what questions to ask
- procurement: how contract terms and pricing can create unsafe incentives
- schedulers and planners: how time pressure translates into fatigue and speed risk
- warehouse teams: loading/unloading controls and escalation authority
- site leaders: how to run booking discipline and manage exceptions
- customer service: how to respond when delays occur without pushing unsafe decisions
CoR is a system of decisions. Training should match decision points.
Step 10: Build an incident-to-improvement loop
When something goes wrong, the question isn’t only “who did it?” It’s “what in the system made it likely?”
Mature organisations do:
- structured investigations that look at upstream causes (schedule, dock delays, contract terms)
- corrective actions with owners and due dates
- shared learnings across sites
- periodic refresh of the risk register and controls
This is how you move from compliance to resilience.
What “good” looks like: quick self-check
If you’re wondering how mature your CoR approach is, here are some blunt questions:
- Do we know which CoR functions we perform across the business?
- Can we show evidence of how we manage fatigue, speed, mass, restraint, and vehicle safety risks?
- Do our contracts, incentives, and time windows encourage safe behaviour — or quietly reward unsafe outcomes?
- If a regulator asked tomorrow, could we produce our controls, training, monitoring, and improvement records?
- Do executives receive regular reporting and actively test the system?
- Do our docks operate with discipline (booking, flow, escalation), or are they a daily workaround?
- Do we have visibility beyond tier-one carriers if subcontracting occurs?
If you hesitated on more than a couple, you’re not alone — and you’ve got a clear starting point.
How Trace Consultants can help
CoR compliance is one of those areas where generic templates don’t survive contact with reality. The controls have to fit your operation, your lanes, your peaks, your dock constraints, and your commercial model.
Trace Consultants helps Australian organisations lift CoR compliance in a way that is practical, auditable, and aligned to operational performance. Typical support includes:
1) CoR risk and maturity assessments
- mapping your transport activities and CoR functions
- identifying gaps in controls, documentation, accountability and evidence
- assessing exposure points across scheduling, contracting, and dock practices
- prioritising actions based on risk and effort
2) CoR management system design (lightweight, usable, defensible)
- CoR policy and governance framework
- risk registers tailored to your lanes and operating model
- “reasonable steps” control sets that match the risk profile
- reporting packs that support executive due diligence
3) Dock-to-road operating model uplift
Because many CoR failures are born in the interface between warehouse and transport:
- booking, time-slot and exception management design
- loading/unloading SOPs and escalation rules
- safer flow design (people/vehicle separation, staging discipline)
- conformance metrics that reduce pressure and variability
4) Carrier, subcontractor and procurement alignment
- reviewing contract terms for unintended CoR risk (penalties, incentives, unrealistic windows)
- designing carrier onboarding, assurance and scorecards
- developing practical compliance requirements that don’t break service
- aligning price, scope, and safe execution expectations
5) Training and capability building
- role-based CoR training for executives, schedulers, procurement, warehouse leaders
- practical scenarios that reflect your real-world constraints
- implementation coaching so the system actually sticks
The goal is not paperwork. The goal is control you can prove — and a safer, calmer freight task that performs better.
FAQs (the ones people actually ask)
Is Chain of Responsibility only for transport companies?
No. If your business sends or receives goods on heavy vehicles, schedules deliveries, loads/unloads, or manages a busy loading site, you may be in the chain. Many non-transport businesses are surprised by their exposure.
What’s the biggest CoR risk for a typical warehouse operation?
Uncontrolled pressure. Tight time slots, poor dock discipline, and late loading can push fatigue and speed risks onto the road. If the dock creates delays and the schedule doesn’t flex, something else will give.
Do we need a formal Safety Management System?
You need a system — whether you call it an SMS or not — that identifies risks, implements controls, monitors them, and improves over time. The more complex and higher-risk your transport task is, the more formal and documented it should be.
What does “evidence” look like?
Things like: risk registers, policies, role definitions, training records, carrier onboarding documents, scheduling standards, booking conformance data, incident investigations, corrective actions, and executive review minutes. In short: proof that your controls exist and work.
Where should we start if we’re behind?
Start by mapping your transport activities and CoR functions, then identify your top 10 highest-risk scenarios (fatigue, speed, mass, restraint, vehicle safety) and build controls around them. Fix the big levers first: schedules, docks, and commercial incentives.
Closing thought
CoR compliance isn’t about catching someone doing the wrong thing — it’s about designing a freight task where the right thing is the easiest thing to do.
If your current system relies on goodwill, heroics, and people “using common sense” under pressure, you’re carrying risk you don’t need.
So here’s the question worth asking in your next leadership meeting: if a serious incident happened tomorrow, could we clearly show the reasonable steps we took — and the decisions we made — to prevent it?
.jpg)
