By Ian Holder FRAeS, Managing Director, Baines Simmons
SM ICG Industry Day | Crawley, UK | 12 May 2026
Last month I presented at the Safety Management International Collaboration Group (SM ICG) Industry Day in Crawley. The SM ICG brings together aviation safety regulators from around the world to build a shared understanding of how safety management works in practice. The Industry Day opens that conversation to the people who have to make it work on the ground. Giancarlo Buono, Director of Safety at the UK Civil Aviation Authority, set the tone, and the audience was about as good a cross-section of our industry as you could hope to stand in front of.
This paper sets out what I argued, why I think it resonated, and what the day as a whole confirmed: eight very different organisations had walked into the same conclusion from eight different doors.
The company I was keeping
The calibre of the lineup showed where industry attention is moving. John Scale of ELMS Aviation challenged the value of periodic, tick-box competence checks, arguing for continuous assessment linked to observable behaviour. Raj De of Babcock International focused on the interfaces between CAMO, Part 145, operations and OEMs, where individually sound decisions can combine into systemic risk. Stephen Brown shared Rolls-Royce's approach to maturing product safety culture. Adam Johns of Marsh showed how the language of safety can either reinforce blame or enable learning. Jack Coleman described Airbus Helicopters' move towards an integrated management system. Cherie Thompson of Loganair reflected on the long maturity curve for SMS. Hector Hidalgo of Lufthansa Group Quality Services made the case for systems thinking in complex, tightly coupled operations.
Across regulators, operators, manufacturers, insurers and training specialists, the common thread was consistent: aviation safety is moving away from isolated systems and towards integrated, enterprise-wide risk management.
The integrated management argument
My argument starts from an uncomfortable observation. Almost every organisation in our industry runs multiple management systems in parallel — SMS, compliance monitoring, security, quality, and increasingly a cyber regime alongside them. We are not short of systems. What we are short of is integration.
When these systems operate in silos, each may function on its own terms, but the organisation as a whole does not. The same controls are audited repeatedly against different frameworks while risks remain visible only within the silo that owns them. System owners optimise for their own domain rather than the wider enterprise, and failures emerge in the gaps between systems where accountability is unclear. Raj De described this from an engineering perspective, and Jack Coleman from within an OEM that had experienced it first-hand.
The insight I put to the room was that this fragmentation is largely self-inflicted — because underneath the different labels, the same five activities are happening every time. We identify, we assess, we control, we monitor, and we assure. Safety does it. Security does it. Quality does it. Compliance does it. We are not running fundamentally different systems. We are running one system and repeating it under different names.
Baines Simmons has spent years turning that idea into something organisations can actually build against. I took the audience through our SMARRT MAP, which sets out what a management system genuinely consists of when you strip the labels away, and through the Three Lines of Defence model that gives governance its shape — from the first line that does the work to the assurance that gives boards, regulators and clients their confidence. I then laid that over the effective operation model: the practical engine that connects ownership, resource, data and continuous improvement so the system delivers its intended output rather than simply existing on paper.
Active leadership, managed competence, supportive capability, a proactive reporting culture and assured performance are the enablers that make any system function — and they are the same enablers whichever domain you are examining.
The regulatory constraint
Integration is not straightforward, and the real constraint is regulatory. Regulations are written domain by domain, each with its own legal architecture. Auditors evaluate against the specific framework they recognise rather than against equivalent outcomes — however well argued — and that shapes how integration is permitted to look in practice.
The answer I put forward is to be integrated underneath and recognisable on the surface. You build one risk model, one assurance model and one governance structure, then map that integrated system to each regulatory framework you are accountable to. You demonstrate equivalence rather than rebuilding the system multiple times over, maintain the domain-specific outputs each regulator expects to see, and preserve the traceability that lets an auditor follow evidence back to the framework they know.
One stack, one operating logic, and multiple regulatory outcomes drawn from it. This is the architecture that makes integration genuinely viable rather than merely aspirational.
What the day confirmed
Five observations stood out, each of which reinforces the integrated management case.
Integration is an organising decision, not a software purchase.
The breakthrough at Airbus Helicopters, as Jack Coleman described it, came not from new software but from giving every function — including commercial and HR — a shared risk language and a single way of scoring exposure. Bolting another tool onto existing silos typically adds a further system rather than unifying the ones you already have. The work is structural before it is technical, and it begins with leadership agreeing that the organisation will be run as one system.
Accountability has to follow the decision, not just the certificate.
Jack Coleman argued that if a commercial or finance decision can pressure the operation, then that role must carry the same accountability as the named postholders — because an approval is held by the organisation rather than by an individual alone. An integrated governance structure makes this explicit in a way that siloed systems cannot. It is a useful corrective to the habit of treating safety accountability as something that lives only in the safety or operational department.
The interfaces are where safety is won or lost.
Raj De showed that many maintenance errors are handover and assumption failures rather than skill failures — and that the same is true at the joints between CAMO, maintenance, operations and the OEM. Integration is not about merging boxes on an org chart. It is about designing the connections between them so that risk and context flow across boundaries instead of getting lost at them. Our SMARRT MAP addresses this directly by making system interfaces explicit rather than assumed.
Language and culture decide whether integration takes hold.
Adam Johns demonstrated, with real research, how words like 'investigation' prime people for fear and blame while words like 'learning' open them up, and how a restorative just culture changes what an organisation is able to see. An integrated structure will not deliver if the language around it still triggers defensiveness. If reporting is not genuinely rewarded, the data the whole system depends on will not flow.
Integration is the maturity journey, not a destination you reach.
Cherie Thompson's point — that SMS typically takes three to seven years to mature into a proactive, integrated risk management system — and Hector Hidalgo's framing of systems thinking as the next paradigm beyond today's component-led safety management both make the same observation. This is a direction of travel that rewards patience and a clear destination, and organisations that name that destination early will arrive there sooner. The SMARRT MAP gives organisations that fixed point to navigate toward.
The direction of travel
What struck me across the full day was that an engine OEM, a helicopter manufacturer, a regional airline, a global insurer and a training and consultancy group were all arriving at the same conclusion from their own starting points. Raj De's interfaces, Jack Coleman's total system, Hector Hidalgo's systems thinking and the integrated management approach Baines Simmons has developed are different routes to one destination.
Safety, security, quality and compliance are not separate problems to be solved separately. They are one problem, and the organisations that see it that way will be the ones that manage risk where it actually lives — across departments rather than inside them.
A closing thought
Events like the SM ICG Industry Day matter because they put regulators and operators in the same room and let the conversation run honestly. The most useful thing that happened was not any single presentation but the recognition, across every sector represented, that the next decade of aviation safety improvement will come less from inventing new systems and more from connecting the ones we already have.
As Raj De put it, the safest organisations are not the ones with the fewest problems — they are the ones that learn together the fastest, and that learning depends on the connections being deliberately designed rather than left to chance.
That is the work Baines Simmons exists to do, and it is the same conviction that sits behind TrustFlight as the Aerospace Safety Intelligence Platform, bringing safety and security technology, training and consulting, and crisis management and response into a single connected ecosystem. Integration is not a slogan for us. It is the operating logic, and it is ultimately where aerospace places its trust.
My thanks to the SM ICG, to the UK CAA for hosting, and to every speaker who made the day what it was.
About Baines Simmons
Baines Simmons is the aviation safety training and consultancy capability within TrustFlight. We work with regulators, operators, manufacturers and defence organisations across EASA, UK CAA, MAA and ICAO frameworks, delivering expert-led safety management, airworthiness, human factors and regulatory compliance programmes.