UAE Labour Law 2023 Just Made Your Building Manager Liable. Here's What Changes Now.

If you run a building in the UAE, your compliance obligations just got heavier. The recent amendment to UAE Labour Law — Federal Decree-Law No. 20 of 2023 — introduces new occupational health and safety (OHS) requirements that directly affect how you manage your building, your contractors, and your records.

This isn't a distant regulatory change. It applies now. And it carries penalties that make ignoring it expensive.

What the Amendment Actually Requires

The amendment strengthens the OHS framework under the UAE Labour Law. Three areas matter most for building operators:

• Enhanced worker protection programs. Employers must implement comprehensive OHS policies that cover all workers on site — including subcontractor staff, cleaning crews, and maintenance teams. The policy must identify hazards, specify controls, and be documented in writing. Critically, the amendment shifts the burden from a general duty of care to a documented, risk-based methodology. This means a generic safety manual no longer suffices. Operators must now conduct site-specific risk assessments for each distinct work area and task, then translate those findings into enforceable control measures. The policy must also outline a clear chain of responsibility for OHS oversight, naming specific personnel accountable for implementation and review.
• Mandatory incident reporting systems. Any workplace accident, injury, or near-miss must be recorded and reported to the relevant authorities within a defined timeframe. The system must be auditable. The amendment introduces a standardized classification for incidents — distinguishing between minor first-aid cases, lost-time injuries, and reportable dangerous occurrences. Each category triggers a different reporting timeline and notification protocol. For building operators, this requires integrating incident logging into existing property management systems, ensuring that near-misses (often overlooked in hospitality settings) are captured and analyzed for root causes. Failure to maintain a complete, time-stamped audit trail now carries direct regulatory consequences.
• Mandatory safety training certifications. Workers must complete certified safety training relevant to their roles. Training records must be maintained and available for inspection. The amendment specifies that training must be role-specific and competency-based, not merely generic awareness sessions. For example, a maintenance technician working at height requires a different certification than a housekeeping supervisor handling chemical cleaning agents. Operators must also schedule periodic refresher training at intervals defined by the risk level of the task. Crucially, the employer bears the burden of verifying that all third-party training providers hold valid accreditation from a recognized UAE authority — shifting due diligence obligations onto the operator.

For a facilities manager, this means your existing safety paperwork may no longer be sufficient. The bar has been raised. The amendment effectively mandates a shift from reactive compliance to a proactive, auditable safety management system — one that requires documented risk assessments, classified incident tracking, and verified competency records for every individual on site.

Why This Hits Building Operators Harder Than Most

Buildings are not factories. They are multi-tenant, multi-contractor environments where dozens of different companies work in the same space on the same day. A chiller overhaul contractor. A cleaning crew. A tenant's fit-out team. A window cleaning subcontractor. Each brings its own workers, its own safety culture, and — until now — its own liability.

The amendment makes the building owner or operator responsible for ensuring that all workers on site are covered by adequate OHS protections. You cannot subcontract your way out of this.

Consider a 280-room business hotel in Dubai Marina. On any given day, the engineering team might have three external contractors on site: one servicing the VRF system, one inspecting the fire alarm panel, and one repairing a pool pump. Under the new rules, the hotel's management must verify that each contractor's workers have valid safety training certifications, that the contractor has an OHS policy, and that any incident involving those workers is properly reported.

That is a significant administrative burden. It is also a legal one. The practical implication is that building operators must now implement a centralized contractor management system that tracks certification expiry dates, policy submissions, and incident logs across every vendor. A single lapse — a contractor whose first-aid training lapsed three weeks ago, or a subcontractor who was not listed on the initial OHS declaration — exposes the operator to fines and potential shutdown orders. This shifts the compliance burden from a periodic audit check to a continuous, real-time monitoring obligation. For operators managing multiple properties, the complexity multiplies: each site has its own contractor mix, its own risk profile, and its own reporting timeline. The amendment effectively mandates that building operators become de facto OHS regulators for every person who steps onto their property, regardless of employment relationship. This is not merely an expansion of paperwork; it is a fundamental redefinition of operational liability that demands integrated digital oversight, not manual spreadsheets.

What Compliance Looks Like in Practice

Three things need to change in how you run your building:

1. Your Contractor Onboarding Process

Every contractor who steps on site must now provide proof of OHS compliance before work begins. That means:

• A copy of their OHS policy
• Training certificates for each worker assigned to your site
• Evidence of their incident reporting procedure

This is not a one-time check. Certificates expire. Policies get updated. You need a system to track and renew these documents.

2. Your Incident Reporting Workflow

If a worker falls from a ladder, you need to know about it. If a near-miss happens in the plant room, you need to record it. The amendment requires a formal reporting system that captures these events and feeds them to the relevant authority.

Most buildings do not have this. They rely on the contractor to report incidents internally. That no longer works.

3. Your Training Records

Your own staff need certified safety training. So do your contractors' staff. And you need to prove it. A binder in the engineering office with expired certificates will not pass an inspection.

This is where digital record-keeping becomes essential. Paper records are difficult to audit, easy to lose, and impossible to search at speed. If a Dubai Municipality inspector arrives tomorrow, can you produce the training certificates for every worker on site in the last 30 minutes? If the answer is no, you have a compliance gap.

The Cost of Non-Compliance

Penalties under the amended law include fines and, in serious cases, suspension of operations. For a hotel or commercial building, even a temporary suspension means lost revenue, reputational damage, and potential breach of lease agreements.

The cost of compliance is lower than the cost of a single incident that was not properly reported. A worker injury that goes unrecorded can escalate into a legal claim, a regulatory fine, and a damaged relationship with tenants who expect their building to be managed responsibly.

This is not theoretical. In 2023, a Dubai contractor was fined AED 200,000 for failing to report a workplace injury. The fine was for the reporting failure, not the injury itself.

What operators often underestimate is the cascading effect of non-compliance beyond the immediate penalty. Under the amended framework, a single unreported incident can trigger a mandatory audit of your entire OSH management system by the regulatory authority. This audit may uncover systemic gaps—inadequate risk assessments, missing training records, or faulty equipment logs—each carrying its own separate fine. For a hotel or commercial building operator, these cumulative penalties can quickly exceed AED 500,000, not including the cost of remedial actions mandated by the regulator.

Furthermore, non-compliance now carries a reputational liability that directly impacts lease renewals and insurance premiums. Tenants in the GCC are increasingly embedding OSH compliance clauses into commercial leases, allowing them to terminate agreements or claim damages if the operator fails to maintain statutory safety standards. Insurers, too, are adjusting their underwriting: a history of non-compliance can lead to premium hikes of 30–50% or outright denial of coverage for workplace injury claims. The amended law effectively transforms OSH compliance from a regulatory checkbox into a financial risk management imperative—one where the cost of a single oversight can ripple through your balance sheet for years.

How This Connects to Your Existing Compliance Work

If you have been following the regulatory changes in the UAE, this amendment sits alongside other obligations you already manage:

• Abu Dhabi's mandatory efficiency audits require documented energy data and maintenance records.
• Mandatory legionella testing requires proof of water system management.
• RERA's digital records mandate already made paper records a liability.

The OHS amendment adds another layer. But the underlying requirement is the same: you need a system that captures, stores, and retrieves compliance data on demand. Where this amendment differs is in its scope of liability. Unlike energy audits or water testing, which are periodic and asset-specific, the OHS framework imposes a continuous duty of care across all operational touchpoints — from HVAC maintenance logs to incident reporting and risk assessment documentation. This means your existing compliance workflows for legionella testing or RERA digital records cannot remain siloed. A legionella log, for instance, now intersects with OHS requirements for chemical exposure records and ventilation system inspections. Similarly, Abu Dhabi's efficiency audits produce energy data that directly informs OHS risk assessments for equipment overheating or electrical hazards. The practical implication is that fragmented record-keeping — even if compliant with individual mandates — creates gaps when an inspector cross-references OHS documentation against your energy or water management files. Operators who have already digitized their compliance data under the RERA mandate are better positioned, but only if that digital system is structured to map relationships between different regulatory requirements. The amendment effectively penalizes compliance that exists in isolation; it demands an integrated audit trail where a single inspection can verify that your legionella testing schedule, energy efficiency records, and OHS risk registers are mutually consistent and contemporaneous.

Where to Start

First, audit your current contractor onboarding process. Do you have a standard checklist for OHS documentation? If not, create one. Second, review your incident reporting procedure. Is it documented? Do your staff know how to use it? Third, check your training records. Are they digital? Are they up to date?

If any of these answers are no, you have work to do. The amendment is already in effect. The inspector will not wait until you are ready.

Beyond these basics, the amendment introduces a shift from reactive compliance to proactive risk management. This means your audit must also assess whether your OHS documentation aligns with the specific hazard profiles of each site — not just generic templates. For example, a hotel kitchen and a residential tower have vastly different risks, yet many operators use the same checklist for both. The amendment expects site-specific risk assessments to be formally documented and reviewed at regular intervals, not filed away after initial approval. Additionally, your incident reporting procedure should now include a clear escalation path for serious injuries or fatalities, with mandatory notification timelines that vary by emirate. If your current process relies on paper forms or verbal handovers, it likely fails the traceability requirement. Training records, too, must now evidence not only completion dates but also competency verification — a simple attendance log no longer suffices. For building operators managing multiple sites or large portfolios, a centralised compliance platform makes this manageable. HermanWa tracks contractor documentation, incident reports, and training records alongside your energy and maintenance data — so you can see your compliance status in one place, not scattered across spreadsheets and filing cabinets.

— The HermanWa Team