Legislation, including the RoHS Regulations, creates a number of offences, in which the prosecution has to prove an intention to do something wrong. However, some laws create offences that contain an absolute prohibition against doing something, such as placing non-compliant products on the market. In these cases it does not matter that you did not intend to do wrong or were unaware of the requirements.
Therefore to balance the scales of justice, parliament has provided various defences and alternatives. This means that the law is recognising the efforts made by businesses to comply with its demands. This system includes the defence of due diligence.
To use this defence, a person must prove that that they took all reasonable steps and exercised all due diligence to avoid committing the offence. If they can do so they are entitled to be acquitted. Whether or not a defence will be successful depends on the circumstances surrounding each case. What amounts to a successful due diligence defence has exercised the minds of many judges over many years and has resulted in a number of appeal cases which in themselves help us to understand more clearly what businesses have to do to avoid prosecution.
Reasonable precautions and due diligence
The form of wording for this type of defence generally requires a business or person to:
- have taken all reasonable steps or precautions
- have exercised all due diligence to avoid committing the offence
In terms of RoHS, this means that you have looked at the way in which you control your production and material supply and put in place a series of appropriate checks to prevent any problems occurring. Once you have done this you must ensure that the system of checks is being carried out. If you have a system that nobody knows about, or cares about, the system is useless and any defence is likely to fail.
The RoHS Regulations do not describe in any detail what systems will satisfy the defence. To establish this point you need to examine the past decisions of the courts in other legislation and draw upon that experience. However, before you can set up any systems you need to know what you can and cannot do. Once you know what is prohibited you can build your defences.
Most due diligence case law is associated with trade, product and safety. To assist you with the application of the RoHS Regulations, some of the following themes have been extracted from past court decisions:
Sitting back and doing nothing is unlikely to protect you
The courts suggest that some form of positive action is necessary to satisfy the defence. In the past some businesses have tried to suggest that because past dealings in a particular area of commerce had raised no problems, or because they had no reason to suspect problems, they could avoid prosecution. The courts have been clear on this point; positive action is required, but the nature of that action will depend on the relevant circumstances. Businesses should check the terms and conditions of their contracts and the goods relating to those contracts whether they view them with confidence or not.
If a reasonable step or precaution is not taken, any defence is likely to fail
What is a reasonable step? A classic case involved the sale of a watch described as "waterproof" and a "divers watch". In court the judge asked why no checks had been carried out by the retailer, such as placing the watch in a bowl of water. This simple test would have revealed that the watch was not waterproof and could have avoided expensive litigation.
Taking reasonable steps is likely to involve setting up a system of control that has due regard to the risks and the law involved
One of the clearest messages from the courts about reasonable precautions and due diligence is that size does matter. The size of the business, the amount of risk and the impact of failure associated with the product are some of the factors that help to determine what are "all reasonable steps". For example, the absence of documented systems in larger companies might be fatal.
What will not be taken into account are factors like ignorance of the law, poor command of a language or a lack of common sense.
Due diligence means ensuring that your system of checks works and that you can prove it
If you have developed a programme of checks, it must work. Having a system in place that nobody follows is as bad as having no system at all. This is something that demands periodic or even constant monitoring. In creating a system you must consider all aspects of your business, from the design stage through to after sales. Identify the risks, adopt appropriate controls and safeguards, record your actions and keep it under review.
What is reasonable will depend upon particular circumstances
After many years of deliberation, the courts have yet to come up with a simple scheme to answer the often asked question of what is reasonable. This is not surprising when you consider the diversity of application of the principles. You may find some help on this subject area by reading publications on risk assessment, hazard analysis and quality assurance. There is also a vast body of case law (decided court cases) relating to the due diligence concept available, although it is often not user friendly.
A good practice guide
What follows are some pointers and examples of control techniques. They are not prescriptive and are intended to make you think about protecting yourself against legal action.
Assess the risk
What could go wrong in your business that might mean a court appearance? To assess the risk of such an incident, you should identify any weak links in the process chain. This requires you to analyse each stage of your operation and identify precautions. You should also know what is happening in your particular sector of industry and be aware of how and where your products are being used or marketed.
Establish what you are going to do about it
Having analysed what could go wrong, you should put in place reasonable safeguards. Have you done all that the law requires? Are you meeting accepted industry standards? You should aim to control all risks by putting in place as many precautions as you think necessary. Your aim should be to either eliminate any chance of anything going wrong or to control the risks so that errors will be detected early on and put right before too much damage is done. There is no general formula for creating a due diligence system, because each business is different. You will need to use your judgement in deciding what is necessary and feasible.
You should consider the following:
Purely relying on certificates or other documentation without assessing their validity is unlikely to be considered as adequate if a business has refused or failed to take a reasonable precaution. What constitutes reasonable action depends on your business. It is recommended that all the activities of the business which may cause a breach of the RoHS Regulations should be identified, controlled and checked by a system of working, for example:
- supplier reliability and selection of raw materials and components
- goods in control and quarantine
- production processes and contamination
- evidence and documentation
- stores control and mixing compliant and non-compliant materials and components, labelling
- staff training and experience
- sales, does your sales team know not to sell exempt product into non-exempt markets?
Any system that you devise must be appropriate to the size of your business and associated risk. The bigger you are, the more the law will expect you to do.
If sampling or testing is involved or appropriate, the number of tests you do should reflect:
- the cost of getting it wrong
- the amount of product involved
- the complexity of the product
- the total cost involved
- the degree of confidence you have
- the size of the business
The points listed above are suggestions, when in doubt you should seek advice.
Document your solution
Document your control system so that it can be followed. Unless you do so it will be difficult to claim any defence. Inform your employees of your actions and give training to those responsible for operating the system of checks. Documented records should be kept which outline procedures followed and the checks operated to validate these processes. These records should be kept safe for future reference.
Operate your system
In order to satisfy the defence you have to show that you created a control system, that it worked and that you operated that system. This may require you to audit your system of checks and keep records of that audit. You should put in place a system of corrective action if things are found wrong. The system should be amended if necessary.
Review your system
Your system should be regularly reviewed to ensure that it remains effective. The important thing is that the system is monitored and that failures are put right as soon as possible.
Getting it right
Creating a system of checks is not easy. The policy of the NMO enforcement team is to help businesses wherever possible.
The advice contained on this web page is based on the best and most up to date information available to us. Every effort has been made to ensure its accuracy, however in every instance it is the courts who interpret the law with authority. It is recommended that you take advice on what is likely to constitute due diligence in any particular situation.