Call Us Today: 608-226-0531

Technology & the 8 Functions of Compliance

04 Sep

Environment / Food Safety / Quality / Safety / Technology Enabled Business Solutions

Comments: No Comments

Virtually every regulatory program—environmental, health & safety, security, food safety—has compliance requirements that call for companies to fulfill a number of common compliance activities. While they do not necessarily need to be addressed all at once or from the start, considering the eight functions of compliance (as outlined below) when designing a compliance Information Management System (IMS) helps define the starting point and build a vision for the “end point” when planning IMS improvements. These compliance functions translate into modules—facility profiles, employee counts, training tracking, corrective action tracking, auditing tasks, compliance calendars, documents and records management, permit tracking, etc.—that are instrumental in establishing or improving a company’s capability to comply. 

8 Functions of Compliance

  1. Inventory means taking stock of what exists. The outcome of a compliance inventory is an operational and EHS profile of the company’s operations and sites. In essence, the inventory is the top filter that determines the applicability of regulatory requirements and guides compliance plans, programs, and activities. For compliance purposes, the inventory is quite extensive, including (but not limited to) the following:
    • Activities and operations (i.e., what is done – raw material handling, storage, production processes, fueling, transportation, maintenance, facilities and equipment, etc.)
    • Functional/operational roles and responsibilities (i.e., who does what, where, when)
    • Emissions
    • Wastes
    • Hazardous materials
    • Discharges (operational and stormwater-related)
    • Safety practices
    • Food safety practices
  2. Authorizations, permits & certifications provide a “license to construct, install, or operate.” Most companies are subject to authorizations/permits at the federal, state, and local levels. Common examples include air permits, operating permits, Title V permits, safe work permits, tank certifications, discharge permits, construction authorization. In addition, there may be required fire and building codes and operator certifications. Once the required authorizations, permits, and/or certifications are in place, some regulatory requirements lead companies to the preparation and updating of plans as associated steps.
  3. Plans are required by a number of regulations. These plans typically outline compliance tasks, responsibilities, reporting requirements, schedule, and best management practices to comply with the related permits. Common compliance-related plans may include SPCC, SWPPP, SWMP, contingency, food safety management, and security plans.
  4. Training supports the permits and plans that are in place. It is crucial to train employees to follow the requirements so they can effectively execute their responsibilities and protect themselves, company assets and communities. Training should cover operations, safety, security, environment, and food safety aimed at compliance with regulatory requirements and company standards and procedures.
  5. Practices in place involve doing what is
    required to follow the terms of the permits, related plans and regulations.
    These are the day-to-day actions (regulatory, best management practices,
    planned procedures, SOPs, and work instructions) that are essential for
    following the required processes.
  6. Monitoring & inspections provide
    compliance checks to ensure locations and operations are functioning within the
    required limits/parameters and the company is achieving operational
    effectiveness and performance expectations. This step may include some physical
    monitoring, sampling, and testing (e.g., emissions, wastewater). There are also
    certain regulatory compliance requirements for the frequency and types of
    inspections that must be conducted (e.g., forklift, tanks, secondary
    containment, outfalls). Beyond regulatory requirements, many companies have
    internal monitoring/inspection requirements for things like housekeeping,
    sanitation, and process efficiency.
  7. Records provide documentation of what has
    been done related to compliance—current inventories, plans, training,
    inspections, and monitoring required for a given compliance program. Each
    program typically has recordkeeping, records maintenance, and retention
    requirements specified by type. Having a good records management system is
    essential for maintaining the vast number of documents required by regulations,
    particularly since some, like OSHA, have retention cycles for as long as 30
  8. Reports are a product of the above
    compliance functions. Reports from ongoing implementation of compliance
    activities often are required to be filed with regulatory agencies on a regular
    basis (e.g., monthly, quarterly, semi-annually, annually), depending on the
    regulation. Reports also may be required when there is an incident, emergency, recall,
    or spill.

Reliable Compliance Performance

Documenting procedures on how to execute these eight
functions, along with management oversight and continual review and
improvement, are what eventually get integrated into an overarching management
system (e.g., environmental, health & safety, food safety, security,
quality). The compliance IMS helps create process standardization and,
subsequently, consistent and reliable compliance performance.

In addition, completing and organizing/documenting these
eight functions of compliance provides the following benefits:

  • Helps improve the company’s capability to comply
    on an ongoing basis
  • Establishes compliance practices for when an
    incident occurs
  • Creates a strong foundation for internal and 3rd-party
    compliance audits and for answering outside auditors’ questions (agencies,
    customers, certifying bodies)
  • Helps companies know where to look for
    continuous improvement
  • Reduces surprises and unnecessary spending on
    reactive compliance-related activities
  • Informs management’s need to know
  • Enhances confidence of others (e.g. regulators,
    shareholders/investors, insurers, customers), providing evidence  of commitment, capability, reliability and
    consistency in the company’s compliance program

Leave a Reply

Your email address will not be published. Required fields are marked *