There are many reasons for having a good safety management system in place:
1. To protect your staff from harm.
2. To protect your organisation from unnecessary insurance claims (and increased premiums).
3. To reduce costs and improve processes, performance and profitability.
4. To remain compliant with current legislation and avoid enforcement, works and prohibition notices.
Simply from a compliance point of view, if you employ 5 or more staff (including directors), regardless of the location(s) where they are based, then you MUST:
1. Have a written health and safety policy statement (signed and dated by the CEO), often referred to as the Safety Management System (SMS). This should show associated organisational responsibilities and procedures for managing your risks.
2. Conduct risk assessments, then implement and record the identified control measures to protect your staff at work and others who may be affected by what you do.
3. Conduct any training to combat the hazards identified by the risk assessments to ensure staff are competent to carry out their work safely.
4. Have access to competent health and safety advice either internally or through retaining a consultancy like RS+.
5. Conduct regular monitoring of your health and safety management systems by checks and inspections and ensure records are kept of the findings.
6. Conduct regular audits of the management system, again with records of the outcome.
7. Review and update your SMS to continuously improve the system based on the monitoring and audits of the SMS
If you are not doing the above then you are more than likely not legally compliant and you and your company are at risk of both litigation and enforcement action.