Why SMEs Must Raise Their OHS Game Before Regulators Do It for Them

For years, small and mid-sized employers have operated under a quiet assumption when it comes to occupational health and safety: we’re too small to be the priority.

That assumption used to buy time. In 2025–26, it buys exposure.

Across Canada and the United States, regulators are no longer using size as a proxy for risk tolerance. In fact, many enforcement agencies are moving in the opposite direction. Small employers now sit at the centre of several enforcement strategies because incidents, fatalities, repeat hazards, and compliance gaps disproportionately occur in smaller operations.

This shift is not theoretical. It is visible in inspection targeting, prosecution decisions, penalty amounts, and how courts talk about due diligence. For SMEs, the message is no longer subtle: being small does not mean being forgiven.

This article looks at why small employers are under increased scrutiny, what has changed in enforcement reality, and what SMEs must do in 2025–26 to stay defensible, not just compliant.

Why Small Employers Are Suddenly on the Radar

Ask most SME owners why they think enforcement hasn’t hit them yet, and you’ll hear the same answer: we’ve never had a serious incident.

That logic no longer holds.

Regulators are increasingly using predictive enforcement signals, not just injury history. Complaint data, near-miss trends, industry risk profiles, incomplete documentation, and even payroll size are being used to identify where preventive controls are weakest.

In Ontario, for example, Ministry of Labour inspection blitzes repeatedly show that small employers account for a disproportionate share of stop-work orders. Similar patterns appear in Alberta, British Columbia, and federally regulated sectors. South of the border, Occupational Safety and Health Administration has publicly acknowledged that small businesses experience higher fatality rates per worker than large enterprises, particularly in construction, transportation, warehousing, and food services.

The logic is straightforward. Large employers have systems. Small employers rely on people. When those people are untrained, stretched thin, or improvising, risk compounds quickly.

The Story Regulators See After an Incident

To understand why SMEs are struggling in 2025, it helps to understand how incidents are reconstructed.

Consider a real-world pattern that appears repeatedly in prosecutions.

A 14-person manufacturing shop experiences a serious hand injury. The machine guard had been removed to speed production. The supervisor knew. The owner assumed the supervisor would handle it. Training records exist, but refresher training hasn’t occurred in years. Hazard assessments are generic. No one documented corrective action because “everyone already knew.”

After the injury, the investigation does not focus on company size. It focuses on what was known, by whom, and when.

Inspectors ask for:

  • Supervisor training records.
  • Hazard assessments tied to the actual task.
  • Evidence that unsafe practices were corrected.
  • Proof that the employer exercised due diligence before the incident.

When those records are missing, enforcement escalates quickly. Fines are issued not because the employer was small, but because controls were informal.

Canadian courts have been explicit on this point. In R. v. Bata Industries Ltd., the court confirmed that due diligence is not about intent. It is about systems. SMEs often fail not because they don’t care, but because their systems exist only in people’s heads.

2025–26 Enforcement Is About Systems, Not Sympathy

One of the most dangerous myths in small business safety is that inspectors “go easier” on smaller firms.

They do not.

What they do is apply the same legal tests to organizations with fewer buffers.

Under Canadian OHS legislation, every employer, regardless of size, must take every reasonable precaution in the circumstances. Courts have repeatedly rejected the argument that limited resources excuse weak controls. The test is not perfection. It is reasonableness relative to known risk.

In British Columbia, WorkSafeBC penalties issued to small employers routinely exceed $50,000 when supervisors failed to correct known hazards. In Ontario, fines under the OHSA regularly climb into six figures for SMEs following serious injuries or fatalities. In the U.S., OSHA’s penalty structure allows per-violation fines exceeding USD $16,000, with willful or repeat violations exceeding USD $160,000.

The enforcement trend is consistent. Size does not limit liability. It amplifies it.

Why SMEs Are More Exposed Than They Realize

Small employers face a structural disadvantage that is often invisible from the inside.

Supervisors wear multiple hats. Owners act as safety managers. Training is episodic. Documentation exists, but it is not operational. When work speeds up, safety controls quietly loosen.

From the outside, inspectors see something different. They see:

  • Training that is not refreshed.
  • Policies that exist but are not applied.
  • Supervisors unsure of their legal duties.
  • Corrective actions that are informal or undocumented.

In enforcement language, this is not flexibility. It is exposure.

The most common finding in SME prosecutions is not reckless behaviour. It is unverified assumptions.

  • “We thought they knew.”
  • “We trained them years ago.”
  • “We fixed it verbally.”
  • “We didn’t think it applied to us.”

None of those statements survive an inspection.

The Supervisor Gap: Where Most SME Failures Occur

If there is one consistent fault line in SME safety systems, it is supervisor competence.

Supervisors are legally treated as agents of the employer. What they know, tolerate, or fail to correct is legally attributed to the organization. This principle is embedded across Canadian jurisdictions and reinforced in U.S. federal enforcement.

Yet many SMEs promote supervisors based on technical skill, not safety authority. They are expected to produce, manage people, and enforce safety, often without formal training on their personal legal duties.

In Ontario, courts have made it clear that supervisors must understand their obligations under the OHSA. In the U.S., OSHA enforcement similarly treats supervisory knowledge as employer knowledge.

The result is predictable. Supervisors improvise. Enforcement follows.

Training Is No Longer Enough on Its Own

One of the most important shifts in 2025–26 is the declining protective value of “we did the training.”

Training is now treated as one input, not proof of control.

Inspectors and courts increasingly ask whether training was:

  • Role-specific
  • Refreshed
  • Applied in practice
  • Verified through supervision

SMEs that rely on one-time onboarding training are exposed. Knowledge decay is real. Staff turnover is real. Task drift is real.

This is why regulators are focusing more on supervision, verification, and corrective action than certificates.

Documentation Has Become Evidence, Not Administration

For small employers, paperwork often feels like overhead. In enforcement reality, it is evidence.

Inspection reports, hazard assessments, training records, and corrective action logs are now used to reconstruct what the employer knew before an incident. Missing documents are not neutral. They are interpreted as absence of control.

This is particularly risky for SMEs because informal practices leave no trail. When inspectors ask for proof, silence becomes the answer.

Jurisdictional Differences That Actually Matter to SMEs

While core duties are consistent, some jurisdictional differences materially affect small employers. The table below highlights areas where SMEs often misjudge their obligations.

Jurisdiction Key SME Exposure Area Practical Impact for Small Employers
Ontario Supervisor competency and due diligence under OHSA. Supervisors must be trained on legal duties; lack of proof escalates fines quickly.
British Columbia Administrative penalties tied to risk and tolerance. Repeat or tolerated hazards drive penalties regardless of employer size.
Alberta Employer obligation to ensure worker competency. Informal on-the-job training without verification creates exposure.
Federal (Canada) Prescriptive hazard prevention programs. SMEs often miss formal program requirements.
United States (Federal OSHA) Willful and repeat violation escalation. Prior knowledge, even informal, dramatically increases penalties.

What matters here is not the fine print. It is the pattern. SMEs that rely on informal controls are consistently the most exposed across jurisdictions.

What SMEs Must Change in 2025–26

The solution is not bureaucracy. It is structure.

SMEs that successfully reduce exposure focus on a few fundamentals:

  • Supervisors understand their legal duties.
  • Hazards are assessed at the task level.
  • Training is refreshed and verified.
  • Unsafe practices are corrected and documented.
  • Safety authority is explicit, not assumed.

These are not “big company” systems. They are clarity systems.

A Final Reality Check for SME Leaders

Small employers often pride themselves on agility, trust, and personal relationships. Those strengths do not disappear when safety systems mature. They become defensible.

The most expensive belief in safety today is that enforcement has not changed.

It has.

In 2025–26, SMEs are no longer flying under the radar. They are flying without instruments unless they deliberately build structure into how work is supervised, corrected, and documented.

The choice is not between flexibility and compliance. It is between control before an incident or control imposed after one.

For small employers, the window to choose is now.

Purpose

This tool helps small and mid-sized employers assess whether their occupational health and safety systems are operationally defensible, not just technically compliant. It reflects how regulators and courts evaluate SMEs after incidents in 2025–26.

Answer honestly. This is not about perfection. It is about visibility.

How to Use This Tool

For each statement, select the answer that best reflects what actually happens, not what is written in policy.

  • Yes = This is consistently in place and documented.
  • Somewhat = This exists, but is informal, inconsistent, or undocumented.
  • No = This is missing or assumed.

Score yourself as you go. Guidance on interpreting results appears at the end.

Section 1: Leadership & Accountability

  1. Senior leadership has explicitly assigned responsibility for health and safety oversight, and that role is documented.
    Yes Somewhat No
  2. Supervisors understand that they have personal legal duties related to worker safety, not just operational responsibilities.
    Yes Somewhat No
  3. Supervisors have clear authority to stop unsafe work without fear of production consequences.
    Yes Somewhat No
  4. Safety responsibilities are discussed in leadership or management meetings, not only after incidents.
    Yes Somewhat No

Why this matters:
After an incident, inspectors look first at who was responsible and whether authority matched accountability. SMEs often fail here because safety “belongs to everyone,” which legally means it belongs to no one.

Section 2: Supervisor Competency & Due Diligence

  1. Supervisors have received formal training on their legal health and safety duties relevant to your jurisdiction.
    Yes Somewhat No
  2. Supervisor training is refreshed periodically, not just at promotion or hiring.
    Yes Somewhat No
  3. Supervisors can explain, in their own words, what due diligence means in daily operations.
    Yes Somewhat No
  4. Supervisors are expected to document unsafe conditions and corrective actions, not just resolve them verbally.
    Yes Somewhat No

Why this matters:
Courts routinely treat supervisor knowledge as employer knowledge. If supervisors cannot demonstrate competence, the employer inherits that failure.

Section 3: Hazard Identification & Risk Assessment

  1. Hazard assessments reflect the actual tasks performed, not generic job titles.
    Yes Somewhat No
  2. Hazard assessments are reviewed when work processes, equipment, or staffing change.
    Yes Somewhat No
  3. Workers are involved in identifying hazards and reporting near misses.
    Yes Somewhat No
  4. High-risk tasks have documented controls that are actually used in practice.
    Yes Somewhat No

Why this matters:
Many SME incidents involve hazards that were “well known” but never formally assessed. Informal awareness does not satisfy regulatory expectations.

Section 4: Training & Competency Verification

  1. Workers receive task-specific training, not just general safety orientation.
    Yes Somewhat No
  2. Training completion is documented and easy to retrieve during an inspection.
    Yes Somewhat No
  3. Refresher training is scheduled based on risk, not convenience.
    Yes Somewhat No
  4. Supervisors verify that workers can safely perform tasks, rather than assuming competence after training.
    Yes Somewhat No

Why this matters:
In 2025–26, training records alone no longer demonstrate control. Inspectors increasingly test whether training translated into safe behaviours.

Section 5: Incident, Near-Miss & Complaint Response

  1. All incidents and near misses are documented, even when no injury occurs.
    Yes Somewhat No
  2. Root causes are identified, not just immediate causes.
    Yes Somewhat No
  3. Corrective actions are assigned, tracked, and closed with evidence.
    Yes Somewhat No
  4. Trends are reviewed periodically to identify recurring hazards.
    Yes Somewhat No

Why this matters:
Regulators use prior incidents and near misses to establish what the employer knew before a serious event. Missing records are interpreted as missing control.

Section 6: Documentation & Inspection Readiness

  1. Health and safety documents can be produced quickly during an inspection.
    Yes Somewhat No
  2. Policies and procedures reflect current operations, not outdated practices.
    Yes Somewhat No
  3. Informal safety practices are supported by some form of documentation.
    Yes Somewhat No
  4. The organization knows who speaks to inspectors and how information is provided.
    Yes Somewhat No

Why this matters:
Documentation is no longer administrative. It is evidence. SMEs are often penalized not for unsafe work, but for the inability to prove control.

Scoring & Interpretation

  • 20–24 “Yes” responses
    Your system is largely defensible. Focus on consistency and refresh cycles.
  • 12–19 “Yes” responses
    You have partial controls, but enforcement exposure is present. Most SMEs fall here.
  • Below 12 “Yes” responses
    You are operating on assumptions. In the event of an incident, enforcement risk is high.

This score does not predict whether an incident will happen. It predicts how regulators will respond if one does.

Next Steps for OHS Insider Users

This assessment is designed to surface gaps, not solve them alone. Each “Somewhat” or “No” response should trigger:

  • A corrective action.
  • A supporting tool or template.
  • A training or documentation update.