Environmental Auditsaudits

Inspections, Enforcement & Compliance

EnvironmentalEnvironmental AuditsAudits

Claudia K. Powers Ater Wynne LLP

Northwest Environmental Conference December 6-7, 2007 Portland, Oregon Outline of Presentation

• Purpose of environmental audits • Liability - benefits and risks • Oregon’s environmental audit law • EPA audit policy • ISO, ANSI, and ASTM standards • Whistleblower Protection • Practical considerations in preparing, conducting and responding to audits • Conclusion Purposes and Limitations of Audits The Audit As a Compliance Tool

• Precise and practical mechanism to assess compliance by examining practices, procedures, equipment and facilities • Generally not intended to create procedures, but to ensure procedures exist, are adequate, and are regularly followed • Information from audits can enhance environmental management programs and compliance strategies Other Benefits of Good Audits

• Aid in compliance with securities & exchange commission (SEC) reporting for publicly traded companies • Help in developing environmental management expertise of company personnel • Help improve public and employee relations on environmental matters Liability - Benefits & Risks

• Audits help to define and limit liability by – Early detection of problems – Reducing regulatory conflicts and fines – Improve accountability and communication • BUT, audits can be evidence to create liability when noncompliance detected, subject to the limits of applicable audit privilege Oregon’s Environmental Audit Privilege

• ORS 468.963 – Enacted 1993 – Amended 2001 • Defines Applicable Environmental Audits • Conditions for privilege and inadmissibility in civil or administrative actions • Limitations to audit protection Environmental Audit Reports

• Must meet definition in ORS 468.963(6)(b) • Must be labeled correctly – “Environmental Audit Report: Privileged Document” • Privilege does NOT extend to: – Documents, data, reports, communications required by regulatory agencies – Information obtained by regulatory agencies – Information obtained from a source independent of the audit Limits of the Audit Privilege

• In a civil or administrative proceeding, a court of record shall require disclosure if : – Privilege asserted for fraudulent purposes – Material not subject to privilege – Information in audit shows evidence of noncompliance and violator failed to initiate and pursue efforts to remedy problem with reasonable diligence Bottom Line on Oregon’s Audit Privilege

• Burden on party asserting privilege • Assuming report identifies noncompliance, action must be taken promptly • Effect under federal enforcement action unclear – Federal courts have some discretion under Federal Rules of Evidence (FRE 501) • Reichold Chemicals Inc. v. Textron Inc., 157 FRD 522 (ND Fla 1994) – To extent federal enforcement based on state law, privilege applies under FRE 501 Audit Privilege Statutes in Other States

• A number of other states have enacted similar audit privilege legislation since Oregon’s 1993 law • Privilege statutes have been praised and criticized • EPA has been critical of state audit privilege statutes • Practice Tip: don’t wait to prepare an audit report, and don’t rely on audit privilege, where noncompliance is suspected or confirmed EPA’s Audit Policy

• Encourages regulated entities to disclose to EPA potential or actual violations discovered through self-initiated audits or due diligence • If conditions are met, EPA may eliminate or substantially reduce gravity-based penalties based on economic benefit from the violation • Nine conditions must be met for protection • 60 Fed Reg 66,705 et seq. (1995); 65 Fed Reg 19,617 (2000) EPA Audit Policy, cont. • Satisfaction of conditions depends in part on audit policy definitions: – Environmental Audit: 65 Fed Reg 19,625 – Compliance Management System: Id. – Due Diligence: Id. • Reaction to EPA policy mixed – EPA Policy Update (1999); www.epa.gov – Remarks of Sen. Enzi in hearing before Senate Committee on Environment and Public Works (Oct. 30, 1997) Internationally Recognized Standards International Organization for Standardization (ISO) • US Member Body of ISO: American National Standards Institute (ANSI) • ANSI publishes ISO standards with ASTM – ISO 19011 (Guidelines for Quality and/or Env. Mgmt. Systems Auditing, ANSI Ref. No. ISO 19011:2002) – ISO 19011 replaces 14010 (Guidelines, General Principles), ISO 14011 (Audit Procedures), & ISO 14012 (Auditor Qualifications) ISO 19011 • Defines “Audit”, “audit evidence” and “audit criteria” consistently with former ISO 14010 definition of “environmental audit” • Offers practical focus: undertake audit only if: • Sufficient and appropriate information • Adequate resources to support audit process • Adequate cooperation from auditee • Emphasizes independence and objectivity of auditors, confidentiality, and systematic, recognized methodologies to match the type of audit being conducted Interplay between ISO and Oregon Audit Law

• Protection of ISO audits under Oregon privilege law untested – General principles and procedures appear to fall within ORS 468.963(6)(a) definition of environmental audit – ISO third-party registration requirement could trigger independent source exception of ORS 468.963(5)(c) • Practice Tip: request & manage through legal counsel and under confidentiality agreements Whistleblower Protection

• ORS 659A.203 – applies to public employers • ORS 659A.230 – applies to any Oregon employer with one or more employees • 7 major, federal environmental laws protect almost any private sector or federal employee whistleblower (CAA, TSCA, CWA, AEA, SWDA, SDWA, CERCLA) Audit Privilege v. Whistleblower Protection

• The Arguments – Audit privileges are exceptions to general trends favoring whistle blowing – Sanctions for disclosing privileged information may conflict with prohibition of retaliation against whistleblowers – Whistleblower protection provisions should not be construed to authorize disclosure of any information that is confidential or privileged under statute or court rule. The Successful Audit Audit Scope Considerations

• Begin with request by legal counsel • Carefully scope audit objectives – System-by-system audits – Media-specific • Consider budget impact in advance for necessary corrections or upgrades Essential Elements

• Three basic components: – 1. Pre-site visit preparation – 2. Visiting and inspecting site – 3. Resulting assessment and report • Audit Team – Qualified consultants may be helpful – Appropriate company personnel throughout the process Preparing the Audit Team

• Review of background material, including prior audits, permits, compliance schedules or orders, and regulated substances • Select/develop appropriate protocol – Paper audit: review documents to verify compliance requirements – Management audit: organizational procedures used to ensure compliance – Technical audit: examine active use of compliance procedures Site Visit

• Team notifies facility of visit • Following protocol, meet with site environmental manager and appropriate facility management to discuss audit purpose, operations, major concerns and public relations • Review of all relevant records, confirm status through friendly interviews with facility staff • Physical inspection of facility After the Audit: The Report

• Typically five parts: Introduction, Summary, Findings, Recommendations, Supporting Data and Information • Separate verified noncompliance from recommended best management practices • Initial and final drafts reviewed by legal counsel • Facility manager review and comment Conclusion

• Legal counsel involvement should: – Ensure assessment of current legal compliance is correct – Ensure proper steps taken to address verified noncompliance – Maintain control and confidentiality of report • Company records must reflect all action taken to make corrections, clarify issues, or resolve compliance problems For Further Information

• Claudia K. Powers Chair, Environmental Practice Group Ater Wynne LLP Suite 1800 222 SW Columbia Portland, OR 97201 [email protected] 503-226-8652