“We Had the Risk Assessments in Place” — The Sentence That Keeps Appearing in Court
“We had the risk assessments in place.”
That’s what Kilmarnock Leisure Centre Trust said after a 25-year-old autistic swimmer lay face down in their pool for one minute and 52 seconds. They were right. The documents existed. What didn’t exist was any proof they were being followed on the day it mattered. The Trust had been prosecuted at the same pool four years earlier for almost identical failures. They updated their paperwork. The problem is, paperwork doesn’t save anyone.
In June 2025, five Trustees of Kilmarnock Leisure Centre Trust — including the local Provost — were fined at Kilmarnock Sheriff Court. The Trust itself is now being wound up and dissolved. A charitable leisure trust, gone. Not because they didn’t have procedures. Because they couldn’t prove those procedures were being carried out, every day, by the people responsible for doing them.
If you sit on a leisure trust board, that should stop you in your tracks.
The Gap Between Having Documents and Proving Compliance
The Galleon Leisure Centre in Kilmarnock had been through this before. In July 2019, a six-year-old girl attended a fun swim session, went down an inflatable slide, couldn’t find her footing in the 1.5m deep water, struggled for over three minutes, lost consciousness, and was submerged for 49 seconds. She was rescued — not by a lifeguard — by an 11-year-old boy who felt something touch his foot. Lifeguards then resuscitated her. The investigation found no lifeguard zone visibility testing had been carried out and the inflatables hadn’t been deployed in line with the manufacturer’s instructions. The Trust pleaded guilty. Fined £10,000.
Fast forward to January 2023. A different swimmer. The same pool. The same category of failures. A local authority assessment found, again, insufficient health and safety practices — specifically a lack of suitable risk assessment and no lifeguard zone visibility testing.
The Trust’s own statement after the second prosecution is worth reading carefully: “The Trust had health and safety processes, procedures and risk assessments in place. However, there were deficiencies in the way that they were dealt with in the Leisure Centre on a day to day basis by staff.” — East Ayrshire Council, June 2025
Read that again. The documents existed. The failure was in daily execution. And the board — who provided strategic oversight but not operational control — were held personally liable for that gap.
This is what everyone says before they get caught.
What Board Oversight Actually Means
Here’s where it gets uncomfortable for trust boards across the UK.
You are not running the poolside sessions. You’re not checking the lifeguard positions. You’re not signing off on whether the inflatable risk assessment was followed during Tuesday’s fun swim. That’s operational management. Your job is governance — strategic oversight.
But HSE and the courts don’t draw the same clean line you might. When something goes wrong at operational level, the question they ask is: what governance systems did the board have in place to know it was happening?
If your answer is “we received a quarterly report from the operations manager,” that’s not going to be enough. That’s strategic oversight of a document trail. It’s not live visibility of what’s actually happening on the ground.
The Kilmarnock trustees said they had internal arrangements in place for appropriate governance. The Sheriff disagreed that those arrangements were sufficient. Five of them — sitting councillors doing their civic duty — walked out of court with personal fines.
The Problem With Paper-Based Compliance
Most leisure trusts in the UK are not negligent organisations. They employ people who care. They write risk assessments. They run training. They have procedures.
What they often can’t do is prove, in real time, that any of it is being followed.
Paper-based compliance creates a dangerous illusion. The folder exists, therefore compliance exists. But a risk assessment filed in a cabinet on the 3rd of January doesn’t tell you whether the procedure it describes was followed on the 10th of January. A training record signed six months ago doesn’t tell you whether that staff member is applying what they learned in today’s session. A checklist completed on the morning shift doesn’t tell you what happened at 3pm.
HSE inspections are up 47% in 2024/25. Enforcement is increasingly intelligence-led — RIDDOR reports, complaints, and near-misses flag organisations for scrutiny. When an inspector walks in, or when something goes wrong and investigators start asking questions, the question is always the same: can you prove it?
Not “do you have a document that says you should do it.” Can you prove it was done?
What Would Have Been Different With OpsPal
This is the bit that matters for anyone reading this who wants to make sure their trust doesn’t become the next case study.
OpsPal gives boards and senior leadership something paper systems physically cannot: live visibility of what is actually happening, across every site, in real time.
When a risk assessment is due for review, it turns amber in the dashboard 30 days out. When it goes overdue, it turns red. Every board member and senior manager with access can see that — not in next month’s report, right now. There is no scenario in which an overdue risk assessment quietly sits in a cabinet unnoticed for weeks, because it’s visible to everyone who needs to see it.
When a procedure is updated — say, the inflatable session protocol following a near-miss — staff receive an in-app notification and must read and acknowledge the new version before they can proceed. OpsPal records who read it, when they read it, and which version they read. That’s your audit trail. That’s your proof.
When a problem is logged — a concern raised by a lifeguard, an equipment issue spotted during a check, a session that didn’t run to protocol — it’s assigned immediately, tracked through to resolution, and visible to managers. It cannot be ignored without that being visible too. The missed-deadline alert alone means that a problem raised on a Tuesday and unresolved by Friday turns red on the dashboard and triggers a notification. Nobody can say they didn’t know.
For trust boards specifically, the organisation-level dashboard shows compliance status across all sites at a glance. Red risk assessments. Overdue tasks. Unresolved problems. The board doesn’t need to wait for a quarterly report to know something is wrong. They can see it — and crucially, they can act before it becomes a prosecution.
That’s the difference. Not documents. Live visibility. The proof that the system is working, every day, not just when someone checks.
A Closing Thought
Kilmarnock Leisure Centre Trust had been to court once and come back. They updated their processes. They genuinely believed they were compliant. The failure wasn’t malicious. It was invisible — gaps in daily operations that nobody at board level could see, because the systems they had weren’t designed to show it.
If your trust runs on paper, or on a shared drive full of PDFs, ask yourself the question HSE will ask if something goes wrong tomorrow morning: can you prove your procedures were followed today?
If you’re not certain of the answer, that uncertainty is the risk.
OpsPal gives your board the live operational visibility to close that gap — before someone else closes it for you.
Book a demo and see what live compliance looks like →
Sources
- Kilmarnock Leisure Centre Trust prosecution (2019), Crown Office and Procurator Fiscal Service, February 2022, https://www.copfs.gov.uk/about-copfs/news/leisure-centre-trustees-fined-following-pool-incident/
- East Ayrshire Council statement on Trust prosecution, June 2025, https://newsroom.east-ayrshire.gov.uk/news/statement-from-east-ayrshire-council-regarding-kilmarnock-leisure-centre-trust-health-and-safety-prosecution
- Ayrshire Today: East Ayrshire councillors fined over Galleon safety failures, June 2025, https://www.ayrshire-today.co.uk/news/25232541.east-ayrshire-councillors-admit-safety-failings-galleon-incident/
- Arinite: Gym Health and Safety Consulting Guide, 2025, https://www.arinite.com/blog/gym-health-and-safety-consulting-complete-guide-for-uk-and-international-fitness-facilities
- HSE Fines and Enforcement Update, Hill Dickinson, June 2025, https://www.hilldickinson.com/our-view/articles/hse-fines-and-enforcement-update-june-2025/
