This case addresses whether employers can be held liable vicariously for harm caused by their employees even when they are engaged on endeavours of their own and not discharging their duties.
The respondent in this appeal, van Staden, as plaintiff, instituted action against the appellant, Stallion Security, as defendant, in the South Gauteng Division of the High Court. She claimed for loss of support resulting from the murder of her husband by a former employee of Stallion Security, one Ronald Mkhululi Khumalo. Van Staden claimed that Stallion Security was vicariously liable for the wrongful murder of her husband committed by Khumalo and consequently, her loss of financial support from him.
Stallion Security had been contracted to provide access control to Bidvest Panalpina Logistics (Pty) Ltd's premises. A biometric security system controlled entry into and out of the premises and recorded all such activity. Stallion Security's guards had no access into the premises save for its site supervisor and site manager.
At the time of this incident, Khumalo was a site manager, responsible for overseeing security personnel and operations at three separate Bidvest premises, namely two warehouses and the head office. His duties included the inspection of security guards on duty by way of unannounced visits and inspections of the interior of the building. He was provided with an override key which allowed him access into the building without the use of the biometric system and without record of such entry. Khumalo was the only one entrusted with the use of the override key by Stallion Security.
Khumalo knew that the deceased worked at the head office; that he left the office quite late on a daily basis; and that Bidvest kept petty cash in the building. On the night of the incident, he broke into the head office using the override key and demanded R50 000.00 from the deceased at gunpoint using a firearm which he "hired" from a colleague employed at Stallion Security. The deceased said he only had R35 000.00 in his account and that he did not have access to the company safe.
Khumalo insisted that the deceased transfer the R35 000.00 into his account and proceeded to force the deceased to drive them towards the Eastgate shopping complex in the deceased's car . When he realised that the deceased would call the police, he shot him in the back of the head and attempted to run away. He was apprehended soon thereafter only to escape from custody. Ultimately he was presumed dead.
Despite noting that Khumalo's intentional wrongs were committed entirely for his own interests and purposes, the court a quo held that because there is a sufficiently close link between his acts and the business of Stallion Security, then Stallion Security, as the employer, may be held liable.
The general principle is that an employer will be vicariously liable for the wrongs committed by its employee where the employee was acting within the course and scope of his employment. Contention arises where the employee's conduct amounts to intentional wrongs committed entirely for his own purposes.
The court a quo held that sufficient emphasis must be afforded to the requirement for "a sufficiently close link to exist between the wrongful acts of the employee on the one hand and the business and enterprise of the employer on the other". Further, the court held that mere opportunity or a "but for" causal link would not suffice as a sufficiently close link for the purposes of founding vicarious liability.
To this end, the court a quo called for the development of our common law and adopted the "close connection" test. It held that our law should recognise that the creation of the risk of harm by an employer may, in an appropriate case, constitute a relevant consideration in giving rise to a sufficiently close link between the harm caused by the employee and the business of the employer. The Supreme Court of Appeals found unanimously that Stallion Security provided Khumalo not only with the opportunity to commit the wrongs, but that it also enabled him to navigate the Bidvest premises freely and without detection. He had intimate knowledge of the layout, the security services and the routines of Bidvest's employees. Khumalo was under instructions to make unannounced visits to Bidvest's premises and perhaps most importantly, he was in possession of an override key which would enable access to the various sites.
His position created a material risk that Khumalo could abuse his powers thereby rendering the employees of Bidvest vulnerable. Stallion Security undertook to provide 24-hour access control services which were intended to protect the Bidvest staff and property from harm. Stallion Security placed Khumalo in charge of discharging this contractual duty. This provided for a significant normative link between Stallion's business and the harm suffered by van Staden.
This case has clarified some limitations of the extent to which vicarious liability would apply, i.e. there must be a close connection between the act and the business of the employer. However, it has also had the effect of delineating an extended scope of conduct for which the employer can be held vicariously liable and which fall beyond the course and scope of the employee's duties. There is a slight shift from the requirement that the employee must be acting within the course and scope of his employment to a focus on the business and enterprise of the employer and how that created the material risks that resulted in the harm from which the claim arises.
Take for example the recent incident reported in the media in which a former bank employee was charged with 6 041 charges of fraud, money laundering and theft arising from the duplication of unsuspecting clients' cards in order to perform illegal transactions amounting to more than R 118 000.00. Should a delictual claim arise from this matter and following the principles laid down in the Stallion case, the bank could possibly be held liable for their losses arising from the former employee's criminal acts.
It seems as though our law is moving away from asking whether the employee was acting within the course and scope of her duties as an employee and more towards whether the employer's business provided the opportunity, information and infrastructure which enabled the employee to carry out the wrongs which were clearly self-serving and beyond the course and scope of her employment. In our view, this case reaffirms principles already well-established in Minister of Police v Rabie 1986 (1) SA 117 (A) and K v Minister of Safety and Security 2005 (6) SA 419 (CC), with one difference. Both Rabie and K's cases dealt with claims against the State as an employer, and one can argue that it was the breach of the constitutional obligation imposed on policemen to protect K which motivated the Constitutional Court to expand the principles laid down in Rabie to find in favour of K. However, the Stallion case does not involve the State, but a private individual and a private company.
Insurers of appropriate classes of insurance will have to weigh the potential cost of the expanded scope for vicarious liability on the part of their insureds.
It will be interesting to see what our courts will make of this focus in future.