Bogor. West Java 

Director, Center for Regulation, Policy and Governance (CRPG)

Despite the criticisms laid against the job creation bill, we need to commend the government for its courageous effort, not only to consolidate and harmonize around 70 laws, but also to introduce an overarching risk-based approach to our legal system. 

Most critics focus on two primary issues: (1) sectoral issues, arguments of which usually revolve around the “loss of protection”, be it for the environment, labor or certain aspects of human rights; and (2) procedural issues, with many criticizing the “omnibus” legislative process as lacking transparency.

However, few have paid enough attention to the risk-based approach used in the bill, even though this mechanism will fundamentally alter our regulatory system and may even raise question on whether it would be compatible with our Constitution.

Risk-based regulations require the government to prioritize regulatory burdens and resources toward “high-risk” activities. Risks, of course, constitute the “likelihood” and the “severity” of the potential impact of a particular activity: the higher the likelihood and the severity of the impact, the higher the risk.

The resources available to regulators for inspecting and monitoring are always limited. Thus, why spend taxpayer’s money on small risks? Regulations would be more efficient if resources are spent only on high-risk activities – or so the theory goes.

Indeed, the job creation bill follows this approach. Only high-risk businesses will require a license (Article 11) and the level of supervision depends on the level of risk: Hence, the higher the risk, the more intense the scrutiny. This sounds about right, except for the fact that theories on risk-based regulation have moved past this.

The bill overlooks two things that are addressed in the regulatory policy literature: volatile risk and cumulative risk.

The former refers to risks that could be high during a certain season but low during another. For example, theft and burglary in residential areas are volatile risks: They increase during long holiday seasons such as Idul Fitri when millions of people travel back to their hometowns, but are relatively low during normal days. Fortunately, these risks are predictable, so homeowners can hire additional security during Idul Fitri. However, other risks like those related to climate change may not be so obvious.

Other risks could be low or medium but they are actually systemic and thus, incur cumulative costs on society. Homeowners, for example, may park their second vehicles on a neighborhood street without permission. If we look at this individually, then the risk (in terms of severity) is low compared to truck owners who park their vehicles on the street. But if everyone does this (since a permit is not required), then the street will become clogged with vehicles and becomes a systemic risk.

We can see here that “locking down” regulatory resources and licensing only high-risk activities could be very dangerous, as this would mean that regulators will be legally required to ignore both volatile and cumulative risks.

The job creation bill contains a paradox: It aims to broaden the discretion of public officials, but the clauses in Articles 8 and 11 actually narrow it.

Targeting supervision to “high risk” (Article 11) also contradicts theories on regulatory policy. It is not always the case that high-risk activities must be exposed to intense supervision. Theoretically speaking, a risk-based regulatory approach shifts the burden of risk from regulator to the companies’ risk management system. In other words, if the companies manage their risks, no matter how high, the level of supervision can be reduced. This can be proven over time through their compliance records. Although this is the general rule, the UK’s Hampton Report of 2005 warned that random checks on historically compliant firms were still required.

Article 8 “locks down” the types of risk to several subjects: health, security, environment and natural resource use. Strictly speaking, anything outside of these four subjects are not considered a risk.

What if a certain cultural heritage might be lost due to certain business activities? Let’s say a traditional community holds a religious ceremony on a site they consider sacred, but the local government wants to build a shopping mall there. Is that activity not considered a risk? Unfortunately, no. If Article 8 makes it into law, then local governments can be legally forbidden from considering threats to cultural heritage as a risk.

This also shows that risk is a matter of perception. What constitutes a risk is different from person to person and from culture to culture. Whether a risk is deemed high or low can also differ from one person to another. Whether a risk is acceptable or not is also a matter of perception. The “risk” of risk-based regulation is that it may reduce regulatory activities into mere actuarial activities.

Another risk that risk-based regulations pose is the risk to public accountability. We cannot blame public officials from failing to address cumulative risks and other issues that are not considered a risk by law (such as the aforementioned cultural heritage).

In fact, risk-based regulations can be linked to bureaucratic incentives. For example, directorates and work units can be evaluated in terms of their budget. Have they used their budget “efficiently”, that is, in supervising only high-risk activities? If yes, then they are rewarded for their performance; if not, then they are penalized.

This can be dangerous, however, since officials are deliberately incentivized to ignore volatile and cumulative risks. Hence, “risks” can be used to measure the performance and budgetary accountability of a government unit, but at the same time, the government unit can evade accountability for activities that are not legally considered “risks”.

Finally, predetermining the types of risk in the bill (Article 8, point 3) will eventually cause confusion. In other countries such as the UK, risk identification always starts with a regulator’s interpretation of its statutory objectives (Black and Baldwin, 2012, Baldwin 2012), and “risks” are those issues that impede the attainment of those objectives. For the England-Wales water regulator (OFWAT), its objective is to “further the consumer objective”, and secondly to “secure … the functions of a water undertaker”. OFWAT then develops its risk-based approach for several items, from water shortages during drought to contamination and to burst pipes (OFWAT, 2015).

Therefore, in both the literature and practice, “risk” is determined by interpreting the statutes first and then detailing the subjects according to each agency’s regulatory objectives. OFWAT will thus have a different risk set compared to the telecommunications regulator OFTEL, for example.

Indonesia seems to be taking a different approach in the job creation bill, wherein the general types of risk are predetermined according to Article 8(3): health, safety, environment and natural resource use. If regulators actually experience certain risks in practice that do not fall into these categories, they will be overlooked. Our society will then bear the cost of this oversight. 

None of the above issues were discussed as far as the academic draft of the bill is concerned. The only relevant literature mentioned in the academic draft is the OECD’s 2010 “Risk and Regulatory Policy” report, which is wholly inadequate for a bill that could fundamentally alter our regulatory system.