What is a legal register?

The Compliance People Consultant Hannah Williams outlines the key elements of a good quality legal register that aligns to the relevant requirements of environment, occupational health and safety, and energy management system StandardsISO 14001, ISO 45001, and ISO 50001. 


A legal register is a form of document or system that details legislation that an organisation has to be compliant with due to the activities it carries out. The legal register might only contain legislation of a certain type, for example, environmental or health and safety legislation. The range of laws that apply can vary greatly depending on the type and size of an organisation and the industry it works within, as well as depending on where it is based. 

Legislation is published by the Government on a daily basis through new Acts and Regulations, in addition to existing laws being amended, revoked or repealed. If a legal register is kept up to date, either automatically through a subscription service or manually, then this provides the organisation with important updates to legislation that may mean they have to implement changes in practices in order to ensure they remain compliant. 

The legal register becomes an important resource for an organisation for reference to what they must be doing in order to ensure compliance with legislation. The alternative would be to search for relevant legislation each time an issue arises which would be extremely time-consuming and inefficient. It would also be difficult to know if the legislation found through searching the internet was the most recent version or if it had been replaced by other regulations. 

It is of great benefit to a company if the legal register does not just provide a list of titles of legislation, but also summarises each entry in terms of what compliance duties the legislation sets upon organisations. This then provides a greater understanding of compliance and what activities need to be conducted and the processes need to be put in place to ensure compliance within the organisation. 

It should be noted that unfortunately one size doesn’t fit all when it comes to legal registers. There isn’t a standard legal register that can be applied to any organisation, or it certainly isn’t best practise to have a legal register like this. As all organisations are different, the register should be bespoke to them and contain just the relevant legislation that applies to them and their activities. 


Meeting requirements for environment and health & safety Standards 

For companies that are certified, or are aiming to become certified, to management system standards ISO 14001 (environment) and ISO 45001 (occupational health and safety) there are requirements under Clause 6 of each Standard around compliance obligations. 

What do the Standards actually say? 

ISO 14001:2015: Clause 6.1.3 Compliance Obligations 

An organisation shall determine and have access to the compliance obligations related to its environmental aspects; determine how these compliance obligations apply to the organization; take these compliance obligations into account when establishing, implementing, maintaining and continually improving its environmental management system. 

An organisation shall maintain documented information of its compliance obligations.’ 

ISO 45001: Clause 6.1.3 Determination of legal requirements and other requirements  

The organisation shall establish, implement and maintain a processes to determine and have access to up-to-date legal requirements and other requirements that are applicable to its hazards, OH&S risks and OH&S management system, determine how these legal requirements and other requirements apply to the organisation and what needs to be communicatedtake these legal requirements and other requirements into account when establishing, implementing, maintaining and continually improving its OH&S management system.  

The organisation shall maintain and retain documented information on its legal requirements and other requirements and shall ensure it is updated to reflect any changes.’ 

As you can see, the term ‘legal register’ is not actually used within the Standards themselves. In fact the two Standards differ in the language they use, with ISO 14001 using ‘compliance obligations’ and ISO 45001 using ‘legal and other requirements’. The term legal ‘register’ however has become the standard terminology for what the Standards require. It certainly is one of the best ways an organisation can maintain documented information of its compliance obligations and greatly help them meet the requirements of clause 6.1.3. 

What do the Standards actually require organisations to do for this clause? Put simply, a company must have a process that identifies and gives them have access to the applicable regulations, based on the activities they carry out. This must be kept up to date and be considered throughout the whole management system. Therefore, this equates to a legal register! 


For more information on what exactly a legal register is and why your organisation needs one, be sure to check out our bitesize webinar.