Safe Contractor
Safe Contractor
SafeContractor recently brought together senior leaders from construction, housing, and facilities management, alongside organisations from a range of other sectors, to examine a contractor management challenge many organisations recognise, but few feel fully equipped to solve: the growing gap between formal compliance requirements and what actually happens on site.
Led by Elizabeth Hyde, Director, Hesper GRC and facilitated by Anthony Hanley, SVP of Strategic Growth, SafeContractor, the roundtable brought together a senior, cross-sector group of experienced leaders, creating space for open, honest discussion about the realities of contractor management, supply chain complexity and decision-making under pressure.
At the heart of the conversation was a deceptively simple question:
Where does contractor compliance genuinely reflect reality and where does it create false confidence?
What followed was not a debate about whether compliance matters. Everyone in the room agreed that it does. The tension lay elsewhere: between confidence and control, approval and assurance, process and practice.
Across organisations, participants described well-established compliance frameworks, including contractor vetting, prequalification, documentation, audits and systems designed to demonstrate due diligence.
But that confidence began to weaken when the discussion shifted from what exists on paper to what happens day to day on site.
A key theme emerged:
Documentation can create confidence without guaranteeing control.
Processes are often strongest at the start of a contract. Over time, however, oversight becomes harder to maintain, particularly as work is subcontracted, conditions change and decisions are made under pressure.
This is made more complex by a common misunderstanding: while liability can be passed down the supply chain, accountability cannot. When something goes wrong organisations must still be able to evidence:
That burden does not disappear simply because work has been delegated.
One of the clearest and most consistent themes was how quickly visibility deteriorates beyond Tier 1 contractors.
Oversight is usually strong at the top of the supply chain where organisations have direct relationships, systems and robust compliance data. Beyond that, layers of subcontracting make it harder to track who is on site, what they are doing and under whose authority.
The work, and the risk, doesn’t disappear. It simply becomes harder to see and manage.
Several participants described situations where individuals arrived on site with little understanding of who they worked for, sometimes several tiers removed from the principal contractor. In one case, a small team arrived having only been told where to be the day before, with no clarity on who they were working for or how they fitted into the project. It was only through a site-level check that it became clear they were several tiers down the supply chain, with no documentation, no risk assessments, and no understanding of the site’s safety requirements.
What made the example particularly concerning was not just the immediate risk, but what it exposed: if this could happen at one point in the chain, there was a strong likelihood of similar or greater gaps elsewhere, especially in more complex work packages where supply chains extend even further.
These were not stories of bad intent. They were stories of systems losing grip as complexity increased.
A recurring challenge discussed was the assumption that approval to work equates to ongoing compliance assurance.
In practice, several gaps appear:
Participants were clear:
Competence must be assessed for the task being carried out, not just the trade or qualification someone holds.
Even robust documentation can quickly fall out of step with reality when decisions need to be made quickly on site and dynamic risks are not surfaced in time.
Pressure as a catalyst for risk.
One of the most candid parts of the discussion focused on the role of pressure.
Deadlines, client expectations, regulatory requirements and operational demands often require contractors to be mobilised quickly. In these moments, compliance checks can be compressed or deprioritised.
Wider constraints compound this risk:
Together, these factors force organisations into difficult trade-offs.
A key insight resonated strongly across the room:
Risk is rarely introduced through policy. It is introduced through decisions made under pressure, often with incomplete information.
Importantly, controls tend to fail in these moments not during audits or scheduled reviews, but when time, capacity and options are limited.
The discussion highlighted psychological safety as a critical control in managing risk, not as a cultural concept, but as a practical mechanism for surfacing issues early.
Drawing on experience from major incident investigations, Elizabeth Hyde noted that warning signs are often present before something goes wrong, but they are not always raised.
As one participant captured it:
“What isn’t being said… leads to things going wrong.”
In reality, this means risk is often present before it is formally visible. Whether it is surfaced depends largely on how safe people feel to speak up, particularly on site and at line-manager level.
Crucially, participants were clear that psychological safety does not come at the expense of performance, it supports it. When people feel able to raise issues early, teams can respond faster and prevent problems from escalating.
Another strong theme was that culture is shaped by behaviour, not policy.
Culture is not defined by policy, but by the decisions made under pressure, often by site managers and operational leaders in real time.
Responsibility for maintaining standards doesn’t sit only with central safety teams. It sits with operational leaders and site managers, who make decisions in real time.
At the same time, inconsistent expectations across teams, divisions, and functions can further increase risk. Where standards vary, gaps are more likely to emerge, particularly for contractors moving between sites or business units.
Long-standing contractor relationships were seen as both a strength and a risk.
Familiarity builds trust, but can also reduce scrutiny. Over time, assumptions replace verification, and ongoing suitability may go unchallenged as work evolves.
Participants also highlighted subtle warning signs. For example, resistance to onboarding or compliance processes may indicate deeper issues. When standards are challenged early, they are more likely to be bypassed later.
Trust remains important but cannot replace evidence.
Beyond visible processes and systems, leaders also spoke about the internal strain of managing compliance.
Teams are often:
The result is an “invisible cost” that goes beyond time and effort.
It also includes:
This is where the “invisible cost” of compliance becomes most apparent, not in systems themselves, but in the strain, they place on the people responsible for making them work.
Despite differences in sector and organisation, the same challenges came up again and again.
Inconsistent standards, deep subcontracting, capacity constraints and pressure-driven decisions all point to a systemic issue, not isolated failures or individual shortcomings.
This is not a problem that can be solved by adding more process alone.
The discussion pointed to a clear direction.
The answer lies in better visibility, alignment and real-time assurance, not more paperwork.
Two simple questions stood out as a simple but useful test:
If the answer relies on assumption rather than evidence, the gap remains.
Effective contractor management depends on:
The “invisible cost” of compliance is not just inefficiency.
It is the risk of false confidence, where systems appear strong, but don’t reflect reality.
Many failures don’t come from major breakdowns, but from small gaps that go unnoticed, unchallenged and unspoken.
Closing this gap requires a shift:
The roundtable showed the value of creating space for open, honest, peer-level discussion about challenges that are often uncomfortable to acknowledge.
It also highlighted the need for greater collaboration across the industry. Sharing insight and learning from others will be key to improving outcomes.
SafeContractor will continue to bring leaders together to support this, helping ensure that compliance approaches reflect the realities of day-to-day delivery.
Because the gap between compliance and reality isn’t theoretical, it’s operational, daily, and often unseen.
Closing it starts with making that reality visible.
Book your demo today and take the first step toward safer, smarter contractor management.
Related Insights
