By EMA Manager Employment Relations & Safety Paul Jarvie
Health and safety leadership in New Zealand has reached a turning point.
The High Court’s precedent-setting Gibson v Maritime NZ decision signals clearly that assumption and tick-box compliance are no longer enough.
Boards, chief executives, and business owners must now be able to demonstrate, with confidence and evidence, that their health and safety systems are working in practice, day in and day out, when it matters most.
The case arose from a fatal incident at the Ports of Auckland in 2020, when a worker was killed during container-handling operations. What followed was unprecedented in a New Zealand context.
The organisation was prosecuted as a PCBU, and its chief executive was personally charged for failing to exercise due diligence under the Health and Safety at Work Act.
When the conviction was upheld on appeal in 2026, it marked the first time a senior executive of a large and complex organisation had been held personally liable under these provisions. The implications go well beyond the facts of the case. It confirms that accountability for health and safety sits firmly with those at the top.
One of the most important aspects of the judgment is what it says about leadership responsibility. This was not a case involving an indifferent or disengaged leader. There was evidence of investment, systems, and a genuine intention to improve safety. However, the Court made it clear that these factors were not enough.
The legal test is not whether a leader tried hard or cared deeply. It is whether they did what a reasonable, diligent, and competent officer would have done in the same circumstances.
In this case, the Court found that the steps taken, while positive, did not go far enough. There were gaps in how critical risks were controlled, and in how those controls were verified in practice. That distinction reflects a shift. Health and safety is no longer judged on effort or intention; it is judged on effectiveness.
For many organisations, governance has traditionally relied on structured reporting such as dashboards, KPIs, audit summaries, and policy frameworks. These tools create a sense of order and control. The Gibson decision exposes their limitations.
The Court was clear that formal systems do not provide protection on their own. What matters is whether those systems reflect what is actually happening on the ground and whether they can identify unsafe practices when they occur.
In this case, unsafe behaviours, particularly during less supervised periods such as night shifts, were not being effectively detected or escalated. There was a disconnect between what the organisation believed was happening and what was actually happening.
Leaders should be asking:
• How do we know this control is working?
• What evidence shows that unsafe behaviour is detected?
• What would alert us if the system began to fail?
These questions go to the core of effective oversight in a modern health and safety framework.
Another defining feature of the case is the confirmation that officer duties are personal and cannot be delegated away. In large organisations, responsibility is often shared across multiple layers of management. This decision makes it clear that ultimate accountability remains with those in leadership roles.
Even where operational tasks are delegated, the duty to exercise due diligence remains. Leaders must satisfy themselves that risks are understood and that controls are both in place and effective.
The case also challenges the commonly held distinction between governance and operations. Traditionally, governance has been seen as separate from day-to-day execution. The Court made it clear that this separation does not hold when it comes to health and safety.
Senior leaders, particularly CEOs, often operate across both domains. Risks emerge in operational settings, and leaders will be judged on how well they understand and oversee those risks. Governance cannot be detached from operational reality.
The decision also highlights the need to rethink how organisations control risk. Many businesses rely heavily on behavioural controls such as training, procedures, supervision, and signage. While these have a role, they depend on human decision-making and are therefore vulnerable.
For high-consequence risks, stronger controls are expected. Where reasonably practicable, this means physical or engineered controls that do not rely on individual behaviour to be effective. This reinforces the importance of applying the hierarchy of controls and prioritising solutions that reduce reliance on human judgement under pressure.
Perhaps the most important takeaway from the Gibson decision is cultural. It calls for a shift in how leaders approach assurance. For many organisations, stable metrics and positive reports have been taken as signs that systems are working.
The Court has made it clear that the absence of bad news is not evidence of good performance. It may instead indicate that the system is not capable of identifying problems.
Effective leadership requires a willingness to question and to probe. It requires curiosity rather than comfort, and an openness to the possibility that risks are not fully understood.
For employers, the implications are clear. Boards must move beyond passive oversight and towards active verification. Attention must focus on the risks that have the potential to cause the greatest harm. Systems must be tested under real conditions, not just assumed to work.
Organisations must also create environments where issues are surfaced early and addressed quickly. Confidence should come from evidence, not assumption.
The Gibson decision does not introduce new obligations. Due diligence has always been required. What this case does is clarify what that standard looks like in practice.
This is not a temporary shift. It represents a lasting change in how health and safety governance is understood.
The question for leaders is no longer whether systems are in place. It is whether they can stand behind those systems with confidence, knowing they have tested them, challenged them, and verified that they work in reality.
Because when something goes wrong, there are no second chances to demonstrate due diligence. Only the evidence of what was done, and what was not.