Owner vs EPC vs Contractor: Safety Governance

Capital projects often fail in safety before the first contractor enters the site. The failure begins when the owner, the EPC and the contractor each believe the other party owns the decision that will later shape exposure in the field.

This article compares three governance positions for capital projects: owner-led safety governance, EPC-led integration and contractor-led execution. The thesis is direct. The safest project is not the one with the thickest contractual safety appendix, but the one in which each party owns the risk decisions that only that party can realistically control.

The audience is senior operations leadership, project directors, EHS managers and procurement leaders who must decide how safety authority, verification and escalation will work before engineering, procurement and construction momentum makes weak decisions expensive to reverse.

Evaluation criteria for capital project safety

A useful comparison needs criteria that go beyond injury rate promises. A contractor can present a low TRIR and still enter a project with weak control over lifting, temporary energy, simultaneous operations, subcontractor tiers or commissioning interfaces. The owner can demand zero accidents and still approve design, budget and schedule decisions that make field control fragile.

For capital projects, safety governance should be judged through six criteria. The first is design influence, because many fatal risks are easier to remove before construction than to supervise later. The second is contractual authority, since the party with commercial power can make safety requirements real or decorative. The third is field verification, where critical controls either work or become assumptions. The fourth is interface management, especially where contractors, operations, commissioning and maintenance meet. The fifth is escalation speed, because high-risk work cannot wait for a monthly steering committee. The sixth is startup readiness, where incomplete construction controls become operational risk.

ISO 45001:2018 expects organizations to control outsourced processes, procurement and contractors to the extent that they influence occupational health and safety performance. That wording matters because the owner cannot outsource influence. If the owner shapes design, budget, schedule and procurement, the owner also shapes the safety envelope inside which EPCs and contractors operate.

Owner-led governance protects the decisions nobody else can make

Owner-led safety governance is strongest when the project carries high-energy, high-consequence or business-critical risk. The owner controls the investment thesis, the site strategy, the tolerance for schedule compression, the operating philosophy and the acceptance criteria for startup. Those decisions sit upstream from contractor behavior.

Across 25+ years in executive EHS roles, Andreza Araujo has seen a recurring mistake in large projects: owners delegate safety execution and accidentally delegate safety judgment. The contract names requirements, although the owner's decisions on design freeze, scope change, acceleration and readiness still determine whether those requirements can survive pressure.

The owner is also the only party that can connect project safety with future operations. A contractor can build a platform, but the owner decides whether that platform will be maintainable without improvised access. An EPC can produce a risk register, but the owner decides whether unresolved risk becomes a startup blocker or a footnote.

The weakness of owner-led governance appears when the owner confuses oversight with interference. The owner should not micromanage toolbox talks or replace contractor supervision. The owner's role is to set nonnegotiable risk expectations, fund prevention through design, protect escalation channels and verify that critical controls remain valid when cost or schedule pressure rises. That connects directly with board safety oversight before the next SIF, because directors and executives need evidence that material risk is governed, not only reported.

EPC-led integration works when design and construction are tightly coupled

EPC-led safety governance is strongest when engineering, procurement and construction decisions must be integrated quickly. The EPC sees technical interfaces that separate contractors may not see, including temporary works, constructability, lifting sequences, equipment delivery, energy isolation during tie-ins and design changes that alter field exposure.

An EPC can translate design intent into construction planning, which makes it valuable for interface risk. If engineering changes the layout of a pump skid, procurement changes delivery timing and construction changes the lift plan, the EPC is often the first party able to see the combined effect. That is why EPC governance can outperform a fragmented owner-contractor model in complex brownfield, energy, chemical or infrastructure projects.

The trap is commercial distance from the real workface. Some EPCs govern through dashboards, weekly reports and subcontractor meetings while relying on tiered contractors to manage the actual exposure. When that happens, the EPC becomes an information broker rather than a control owner.

Andreza Araujo's book Safety Culture: From Theory to Practice argues that culture appears in repeated decisions under pressure. In an EPC project, those repeated decisions include whether engineering accepts late safety changes, whether procurement buys safer equipment when cheaper alternatives exist and whether construction pauses a sequence when simultaneous operations create unmanaged risk.

EPC-led governance should therefore be tested through integration evidence. Leaders should ask whether design risk reviews changed the construction method, whether procurement safety clauses survived negotiations, whether interface risks are owned by named people and whether commissioning hazards are being prepared before handover. The article on procurement safety clauses that change risk is a useful companion because capital project safety often rises or falls before the purchase order is signed.

Contractor-led execution is essential but insufficient by itself

Contractor-led safety is strongest at the workface. Contractors assign supervisors, manage crews, brief tasks, inspect tools, control permits, verify access, coordinate subcontractors and decide whether a job should proceed under the exact condition present that morning.

No owner or EPC can replace that execution discipline. A lift plan, isolation certificate or work-at-height method statement becomes real only when the contractor's supervisor checks the crane setup, exclusion zone, anchor point, energy state, weather condition and crew readiness. Field control depends on people who are close enough to see drift.

The weakness appears when the contractor is asked to compensate for decisions it did not control. A contractor cannot fully repair a design that forces awkward maintenance access. It cannot remove schedule pressure created by a delayed owner decision. It cannot govern every interface if the EPC has split scopes across multiple packages without a common escalation rule.

This is why a contractor safety scorecard should never be reduced to historical injury rates. Prequalification needs to examine supervision capability, critical-control verification, subcontractor management, stop-work practice, competence for high-risk tasks and evidence of learning from previous projects. The existing guide on building a contractor safety scorecard in 30 days helps convert that principle into a practical assessment.

Decision matrix for project leaders

The table below compares the three governance positions by the decision each party can control, the evidence leaders should request and the blind spot that usually appears under pressure.

A mature project does not choose only one party and then relax. It creates a layered model in which the owner protects strategic decisions, the EPC integrates technical interfaces and the contractor controls execution with authority to stop work when conditions no longer match the plan.

Use owner-led governance when risk is material to the business

Owner-led governance should dominate when a project can create fatality exposure, major process safety loss, severe environmental harm, community impact, regulatory shutdown or reputational damage. The owner holds the duty to define what cannot be traded for speed.

The practical test is simple enough to run in a steering committee. If a safety decision would require extra capital, delayed startup, design redesign, contractor replacement or board notification, the owner must own the decision path. An EPC or contractor can recommend, but the owner must decide and protect the decision from being diluted by schedule language.

That is especially important when prevention through design is still possible. Once the project enters construction, leaders often discover that the safest solution now requires rework, not planning. The article on prevention through design before PPE becomes the plan shows why early owner choices decide whether later controls will be engineered or improvised.

Use EPC-led governance when interfaces carry the highest risk

EPC-led governance should dominate when the project has dense technical interfaces, such as brownfield tie-ins, live utilities, temporary construction power, heavy lifting, modular installation, confined space work, commissioning overlap or phased handover. In those projects, risk often appears between scopes rather than inside one contractor's task.

The EPC should be accountable for interface maps that name who controls each boundary. If operations controls isolation, a civil contractor controls excavation, an electrical contractor controls temporary power and commissioning controls energization, the EPC cannot simply ask each party to manage its own work. The EPC must govern the collision points.

This model fails when the EPC treats interface risk as coordination rather than control. A weekly coordination meeting is not enough if no one has authority to stop simultaneous operations, reject an unsafe sequence or change the construction method. Interface governance needs decision rights, not only calendars.

Use contractor-led execution when the workface is the critical variable

Contractor-led execution should dominate for daily control of task risk. This includes permit discipline, supervision ratio, work sequencing, crew competence, equipment inspection, pre-task planning, exclusion zones, housekeeping, tool condition and immediate response to changing field conditions.

The contractor's authority must be visible in the field. If supervisors feel they will be punished for stopping work, the system has already weakened its last practical barrier. If subcontractors can drift from method statements without intervention, the project has documentation but not control.

Andreza Araujo's Portuguese book A Ilusao da Conformidade, translated as The Illusion of Compliance, is relevant here because project safety can look mature while field crews operate with unstable controls. The gap between paperwork and execution is not a paperwork problem. It is a leadership problem whose symptoms appear in the contractor's daily decisions.

How to combine the three without blurring accountability

The strongest model combines the three positions without letting shared responsibility become vague responsibility. The owner owns material risk, funding, startup criteria and the commercial consequences of safety decisions. The EPC owns integration across engineering, procurement and construction interfaces. The contractor owns execution discipline and immediate field control.

Project leaders should write this into a decision-rights map before mobilization. The map should name who can stop work, who can approve design risk acceptance, who can change sequence, who can authorize simultaneous operations, who can release commissioning and who can override a schedule demand when a critical control is not verified.

Critical-control verification is the glue. A governance model is only credible when leaders can prove that the controls around fatal risk are owned, checked and escalated when weak. That logic connects with critical-control verification traps that leave SIF risk untouched, because capital projects often create a dangerous illusion of control when every party reports green status against different assumptions.

The project phase is temporary, but the risk decisions made during that phase can shape exposure for the next twenty years of operation.

What executives should ask before awarding the contract

Executives should ask three questions before contract award. Which safety decisions belong only to the owner because they involve money, design, schedule or startup acceptance? Which interface risks belong to the EPC because they cross engineering, procurement and construction boundaries? Which field controls belong to the contractor because they require daily supervision and immediate authority?

Then leaders should request evidence rather than promises. Ask for examples of stopped high-risk work, design changes made for safety, subcontractor removal for weak control, commissioning hazards escalated before startup and critical controls verified in the field. A bidder that cannot show those examples may still write a strong plan, although the plan has not yet proved that the organization can act under pressure.

Capital project safety governance is not a debate about who is to blame when something fails. It is a decision about who has the power to prevent specific failure modes before they reach the worker. For owners, EPCs and contractors that need that map before mobilization, Andreza Araujo and ACS Global Ventures can support a diagnostic that tests authority, interfaces and field controls before the project commits to the wrong operating rhythm.