You wouldn’t hand over your building keys without a badge check. So why hand over your liability to a vendor you barely know?

In commercial real estate, third-party vendors are essential — but they’re also one of the biggest blind spots in your risk profile. Safety failures from outsourced partners don’t just cost time. They damage trust, spark compliance issues and sometimes shut down spaces.

And the worst part? Most of those risks could’ve been flagged before the contract was ever signed.

“As a contractor, we’re expected to protect our people and our clients’ spaces,” said Barry Poston, Corporate Director of Health, Safety, Environment, and Quality at Velociti Services. “But when we bring on subcontractors or vendor partners, we have to hold them to the same standard. Otherwise, we’re exposing everyone to unnecessary risk.”

The hidden risk in routine work

When most people think of job-site safety, they picture hard hats and high-visibility vests. But in commercial buildings, some of the most dangerous incidents happen during routine tasks: using cleaning chemicals, operating lifts, clearing snow from walkways.

Even minor safety incidents can have ripple effects. Say a vendor fails to train staff on proper chemical use. An injury occurs, and though the situation is quickly addressed, the incident results in a temporary staffing gap and heightened tenant concern about on-site safety.

“All of it could have been avoided with a few key questions — asked before the contract was signed,” Poston said. “That’s why vendor vetting can’t be treated as just a procurement formality. It’s a frontline safety issue.”

The S.A.F.E. vetting framework

Use the S.A.F.E. structure to guide your vendor selection process:

• S – Safety program: Is it written, site-specific and enforced?
• A – Accident history: Are incident rates and severity trending down?
• F – Field practices: How is compliance monitored across shifts and locations?
• E – Equipment and employees: Are teams trained, vetted and well-equipped?

This doesn’t replace a formal risk review — but it ensures core standards are addressed early.

10 questions to ask (and how to evaluate the answers)

1. What’s your TRIR and EMR?

An Experience Modification Rate (EMR) above 1.0 suggests above-average risk. A Total Recordable Incident Rate (TRIR) significantly higher than the industry average may signal underlying issues.

“We look at these numbers across a three-year span,” said Poston. “If a vendor’s TRIR or EMR is consistently high, or they can’t explain the cause, that’s a red flag.”

Ask for three-year trends, not a one-time stat. If rates improved recently, probe what changed. If they spiked, ask why.

2. Do you have a written safety program?

Occupational Safety and Health Administration (OSHA) requires this for companies with 10 or more employees. Smaller vendors may be unaware of the requirement or lack the in-house expertise to develop one.

“To help raise the bar, [Velociti] created a safety program tailored for smaller vendors,” Poston said. “It includes a simplified manual based on known risks and a sign-off process. We want them to succeed — but they need to meet our expectations.”

3. How do you train new hires on safety?

Look for structured onboarding with hazard-specific instruction and Personal Protective Equipment (PPE) guidance.
“If a worker’s first day starts with, ‘Here’s a pair of gloves, now get started,’ that tells you everything about that company’s safety culture,” said Poston.

Ask who delivers the training. Is it a supervisor, a safety officer or a peer? How is comprehension measured?

4. How often do you conduct safety meetings?

Regular toolbox talks — daily, weekly or monthly — keep safety visible and reinforce habits.

5. How do you handle incident reporting and follow-up?

Structured reporting processes, especially those supported by technology, are crucial for traceability.

“We use digital tools that allow supervisors to take photos, flag hazards and submit findings in real time,” Poston said. “It gives us visibility across all sites — and lets us act immediately when something’s off.”

6. Do you conduct background checks and drug testing?

This matters for both safety and security, particularly in schools, medical buildings and high-security spaces. Ask about frequency, not just policy. Are checks done on rehires? Are tests random or pre-employment only?

7. What technology supports your safety efforts?

Digital inspection logs, mobile audits and incident tracking apps are quickly becoming standard.

“In today’s environment, real-time reporting isn’t a ‘nice to have’ — it’s a must,” said Poston. “When a hazard is caught on a night shift, your safety manager shouldn’t be learning about it two days later.”

Ask whether their technology integrates with your reporting tools. Can you view dashboards? Can field findings be escalated automatically?

8. Have you had OSHA citations or workplace fatalities?

If yes, how were they handled? What changes were made?

“Any fatality caused by the work is a nonstarter,” Poston said. “But not every incident disqualifies a vendor — transparency and corrective action go a long way.”

A single citation isn’t necessarily disqualifying — but repeated violations or fatalities tied to unsafe practices should trigger serious concern.

9. How do you manage safety across subcontractors?

If your vendor uses subs, they must enforce consistent standards. It’s not enough to say, “They’re responsible for their own team.

10. How do you go beyond compliance to reduce risk?

Look for proactive behaviors: ergonomic equipment, near-miss tracking, worker empowerment.

“Compliance is a baseline,” Poston said. “Risk mitigation comes from awareness — and awareness has to be trained, supported and enforced every day.”

What if you didn’t select the vendor?

In many cases, site-level managers inherit vendor contracts or are given limited input during procurement.

“If you can’t choose your vendor, you can still align them,” said Poston. “Ask for documentation, do a site walk and conduct a safety gap analysis. We’ve worked one-on-one with vendors to bring them up to speed — it doesn’t have to be adversarial.”

What clients can do to set the tone

Clients set the expectation — not after the contract, but at the start. Include safety thresholds in your RFPs, request TRIR data, and ask to speak to the vendor’s safety leader directly.

If your vendors need support, offer it. “Not all contractors have a safety team,” Poston noted. “We created materials specifically for small shops — because when they improve, the whole site benefits.”

Looking ahead: The future of vendor safety

Tomorrow’s high-performing buildings won’t just be clean and efficient. They’ll be proactive, transparent and aligned from the C-suite to the night shift. And that starts by treating safety as a shared standard — not a subcontracted afterthought.

By asking the right questions up front — and following through — clients can build safer partnerships and stronger performance long after the ink dries.