This policy sets out the way we administer authorisation regimes; and how we regulate authorisation regimes, authorisation holders, and those who should have an authorisation.


Authorisations policy (PDF 184 KB)

Scope of this policy

This policy covers all authorisations under regulations we administer.

It doesn’t cover exemptions as these are not authorisations. Exemptions are covered in the How we use our exemption powers policy.

What an authorisation is

An authorisation is an approval required by regulation to enable an activity to happen.

Where an authorisation is required, we expect it to be in place before that activity occurs.

An authorisation can take the form of a:

  • licence
  • permit
  • recognition
  • registration
  • consent or approval
  • certificate
  • or other authority as required by regulations.

An authorisation can relate to a person, organisation, activity, place or piece of equipment.

Why authorisations are important

Authorisations are a critical regulatory tool. They help reduce the risks of particular activities by:

  • regulating entry to the market, by controlling the people, organisations, activities, places or things that are and aren’t authorised
  • regulating exit from the market, by suspending, cancelling, or revoking authorisations
  • providing assurance that good health and safety management practices are in place, so an activity that would otherwise be prohibited can continue without exposing people to avoidable risks to their health and safety.

Authorisations are important to us because they’re one of the few areas where we’re responsible for deciding:

  • who can do an activity
  • whether an activity can be done
  • what can be used to do an activity
  • where an activity can take place.

We don’t automatically grant authorisations. We consider each application objectively and on its merits, applying:

  • criteria in the regulations
  • the principles set out in this policy.

We do this so that:

  • authorisation regimes are effective in meeting their regulatory intent
  • workers and others are protected and harm is prevented
  • we make good choices that support the intent of the regulations and help us maximise our impact
  • we regulate the market well, providing effective and fair entry and exit control
  • authorisation holders and third-parties know what they can and can’t do
  • people can have confidence in the way we administer and regulate the regulatory regimes we’re responsible for.

Principles we apply

We use seven key principles to guide how we administer and regulate authorisations regimes:

1. We’re clear about what we’re seeking to achieve

This means we:

  • know the intent of authorisation regimes and the regulations they’re established under
  • focus on the value we add
  • understand our role(s) in the regulatory regimes and authorisation regimes
  • monitor, evaluate, and report on the regime’s performance, and our performance.

2. We work with and through others

This means we:

  • engage and listen to others, taking into account how they prefer to engage with us
  • seek, receive, analyse, and share information
  • consider and respond to information, including complaints and concerns
  • are clear about when it’s appropriate to consider involving a third-party in an authorisation regime, for what reasons, and when it isn’t
  • acknowledge and use the skills and expertise of third-parties, where necessary and appropriate
  • set clear expectations for third-parties, establish and maintain effective working relationships with them, monitor their performance, and drive improvements when needed
  • record issues with regulations and proactively share these with the Ministry for Business, Innovation and Employment
  • improve our processes, and are consistent across our processes where possible.

3. We’re fair and reasonable

This means we:

  • treat people with respect, and expect others to treat us the same way
  • are clear about what we expect of ourselves, and of applicants and authorisation holders
  • make it clear for people when we think they need an authorisation
  • make it easy for applicants and authorisation holders to understand our processes and what they need to do to apply for and comply with an authorisation
  • consider each application objectively and on its merits, applying criteria in the regulations
  • engage with applicants once we’ve received their authorisation application
  • tell an applicant if we’re:
    • considering declining their application
    • suspending, cancelling, or revoking their authorisation, or
    • investigating them

and give them a reasonable period of time to provide more information or be heard

  • engage kanohi ki te kanohi when iwi or hapū are the main applicant or authorisation holder or in other situations where this is preferred
  • tell applicants what we’ve decided and why
  • make it clear to authorisation holders what we expect of them
  • use the relevant regulations and the information we have to decide how long we give an authorisation for, unless the regulations specify this
  • apply How we review our statutory decisions to any reviews of our authorisation decisions
  • acknowledge people’s right to seek a review of our decisions, or appeal through the District Court or Waitangi Tribunal where relevant
  • hold authorisation holders to account when needed.

4. We make good and timely decisions

This means we:

  • make sure our decision-makers are impartial and have no conflicts of interest, including any affiliations or associations with groups or entities
  • make sure we have appropriate information to make an informed decision
  • make appropriate and proportionate decisions based on the intent of the authorisation regime and the regulations it’s established under
  • we follow WorkSafe’s internal risk management policy and framework to ensure that risks, including regulatory risks, are identified, owned, managed, monitored and reported on effectively
  • impose conditions on authorisations, where appropriate and possible, to help manage risks or give us assurance that risks will be managed
  • use consistent and efficient processes to consider authorisation applications across our regulatory regimes
  • meet any timeframes specified in regulations, and if there are none then we identify what we think is reasonable and make it clear what timeframes we’re working to.

5. We’re accountable for what we do

This means we:

  • know what we’ve done, and why, including decisions we’ve made
  • keep good records so we can explain our decisions, and the process and information we used to make them
  • share information about what we do, where appropriate
  • meet our legislative and legal obligations, including those relating to maintaining registers and notifications.

6. We intervene when needed to maintain integrity of our regulatory regimes

This means we:

  • engage with people to help them understand their authorisation and any conditions
  • monitor compliance with authorisations we decide to grant, including with conditions
  • take action if:
    • authorisations, or conditions of them, are not complied with
    • we think there are risks to work health and safety or energy safety arising from an authorisationwe have given or if the situation changes
  • proactively identify those we think should be authorised and follow up when they don’t become authorised, including prosecuting where appropriate
  • use the most appropriate intervention(s) to manage a risk or make the most of an opportunity.

7. We learn and adapt

This means we:

  • are responsive to the system in which we operate, and changes to it
  • seek to improve our performance, including doing internal reviews of how we deliver our authorisations function to check we’re delivering it well, and make changes where needed
  • influence others in the regulatory regime, including third-parties where appropriate, so they improve their performance when needed
  • may reconsider our decisions when we find out more information
  • keep watch for emerging risks
  • strive for a consistent good practice approach, and learn from other regulators
  • use feedback we receive, for example, from complaints to learn and improve.