Top 10 Mistakes You Can Make in EHS Compliance

Congress Should Incentivize Clean Water – Reward the Innovators
June 2, 2016
E&W Strategies Holds Inaugural EHS Roundtable – Culture, Management and Change
June 14, 2016
Show all

Symbol of law and justice in the empty courtroom, law and justice concept.

By Brent Fewell

Over the years, I’ve helped hundreds of clients develop and assess their EHS compliance programs.   Some do compliance well and others, well, let’s just say others don’t know what they don’t know.  And that will come back to bite them.

The goal must always be effective compliance in terms of protecting the safety and well-being of your employees – your company’s most important asset – and protecting the environment.  Here is a link to EPA’s compliance-focused EMS enforcement guidelines, which includes a number of important elements of effective compliance.  Understand that EHS compliance is not a one-size-fits-all approach – compliance is unique to each organization.

When people ask me how their compliance program ranks relative to others, I describe it this way.  Compliance is a dynamic and non-static process, and compliance is always changing in response to your people and external factors over which you have little or no control.

At one end of the spectrum, there are the 10% who don’t care about compliance.  These are the bad actors.   The CFO’s of these companies see compliance as an unnecessary cost that simply eats into profits – and are often willfully or ignorantly blind to compliance obligations. Bad actors are the primary reason that criminal prosecutions remain of paramount importance, and it is their CEOs or CFOs  who will pay dearly for the company’s omissions or commissions.

The other 10% at the opposite end of the compliance spectrum include companies like GE who have established the gold standard program, whose C-suite understands the value of effective compliance in terms of marketplace reputation, social responsibility, and employee satisfaction.  The biggest grouping however is the 80% in the “lost middle”, many of whom either take compliance for granted or are clueless about how to achieve effective compliance.

Here is a list of the 10 most common mistakes (in no particular order) companies often make in their EHS programs.

  1. Creating a “paper tiger” – Please avoid this BIG mistake.   These programs are a dime a dozen.  They look great on paper – with nice sounding policies and procedures – but when you scratch beneath the surface, it’s all a facade.  These are the companies whose CEO may be heard saying “of course compliance is important, we are 100% compliant” (a BIG red flag).  No follow-through, no accountability, and often little or no leadership, and compliance is one of those things that just keeps “falling through the cracks.”
  2. Standing up an “impotent” organization – I’ve seen many compliance programs doomed for failure from the outset, relegated ineffectual due to where the compliance function resides within the organizational structure and the reporting chain. A credible compliance program must be led by someone with apparent and actual authority who can elevate issues and make the tough decisions.Does your company have an EHS organization devoted to and properly functioning to oversee EHS compliance? Is it valued and sufficiently funded/supported or is it being financially starved by the CFO? If you were to ask a line operator on the assembly floor, would he/she know who the environmental compliance officer or EHS director is? If not, you probably have a problem.
  3. Having the wrong people – People matter – plain and simple.  Who is responsible for your compliance efforts?  Are they qualified?  Do they have standing within your organization?  If you don’t have the right people on the bus, you need to get them onboard now.
  4. Failing to provide training – More often than note, companies have some form of compliance program, but fall short on training. Inadequate training can be a conscious decision to avoid paying that extra expense or can be a product of a mind-set that compliance just happens.  If your employees are not trained, you can’t expect them to know what the law requires.
  5. Failing to invest in relationships – There are two important dimensions to relationships. First, what is a company’s relationship with its regulators?  It is far better to first meet and get know the regulators on neutral terms, to share and exchange ideas, rather than an adversarial setting after an unforced error has occurred. Second, a company’s relationship with the public and communities in which it operates may, and often will, speak volumes about a company’s values and EHS culture.
  6. Failing to invest in your people – How your company treats its employees is of profound importance. Studies have shown a strong correlation between how a company values its employees and how it manages its operations to protect the environment. EPA and OSHA are increasingly coordinating their inspection and enforcement efforts. A company with a poor safety record will invariably receive greater scrutiny, including its environmental compliance.
  7. Failing to reward and hold people accountable – Effective compliance requires the use of both carrots and sticks, incentivizing good behavior and holding employees to account for poor decision-making. Notice I didn’t say results.  Focus on teaching and incenting good decision-making and the good results will follow.  But getting the incentives wrong will only produce wrong outcomes.  Consider whether you are rewarding the right behaviors or are you inadvertently encouraging poor decision-making and “gaming the system” for “good” results?Too often, I see metrics that discourage transparency, drive important incident reporting underground, and dampen employee morale.Holding people accountable requires holding management and executives accountable.  Are you simply punishing line-level employees or are you looking up the chain of command and where the real problem might exist?  Do you have a policy that escalates discipline and does the discipline send the right message to employees, i.e., “We are serious about compliance, and we insist upon you working safely and following the rules”.
  8. Failing to conduct compliance audits – This one might sound a bit granular, but I’m amazed at how many companies don’t do compliance audits.  No, the law doesn’t require you to them.  While regulators and prosecutors don’t expect perfection, what they do expect is a good-faith effort to comply with the law.  Having a compliance audit program is a darn good way of demonstrating that you are serious about compliance.  It’s far better that you find the noncompliance before the regulator does.  In addition, audit programs can be a great way to educate your employees on what the law requires and what is expected of them.
  9. Stifling transparency – While holding your people accountable for compliance is fundamental to effective compliance, avoid being overly critical of subordinates in front of their peers, or else you will discourage transparency and destroy the value of communication.  It’s okay to discuss failures and poor decision-making – that’s part of the learning process – but make surround that discussion with the proper context a productive engagement.
  10. Failing to communicate success and failure horizontally and vertically within an organization – Don’t dwell on the failures, but celebrate successes. Companies must communicate “doing it right” and openly and honestly dissect EHS failures. Communication must go up the chain of command, but it must also effectively reach across the organization for those “teachable moments.”  Companies are human, so mistakes happen, systems fail, and communication break downs occur.   The element of trust is essential to encourage open and transparent discussions.