ISO 14001 And Regulatory Compliance
Three major requirements must be addressed
by Marilyn R. Block
Many companies with environmental management systems (EMS) also have registered quality management systems (QMS). Frequently, the quality system representative is designated as the EMS representative because he or she is knowledgeable about systems.
This dual role is almost always true when the QMS and EMS have been integrated; and it is more typical than not even when the two systems are established as separate, parallel efforts.
Quality assurance managers attempting to understand the requirements of ISO 14001 often are confused about the references to regulatory compliance. Limited or no previous exposure to environmental regulatory requirements leads to questions concerning the role ISO 14001 plays in assuring regulatory compliance.
Three related requirements
ISO 14001 imposes three related requirements:
1. An organization must identify all of its environmental legal obligations and be familiar with all applicable environmental laws and regulations. Additionally, the organization must have some mechanism for ensuring that new legal obligations are identified in a timely fashion.
2. The environmental policy must contain a commitment to understand and comply with all applicable environmental laws and regulations. Words on paper aren't sufficient; an organization must make every effort to fulfill its commitment to do what it says it is going to do.
3. Compliance with identified legal requirements must be evaluated on some self-defined periodic basis. Whether an organization engages in a comprehensive compliance audit or employs a variety of monitoring activities, it must know whether all identified legal requirements are being met. In the event a regulatory noncompliance is identified, the organization must take action to correct the noncompliance and prevent it from recurring.
These requirements do not impose specific performance standards on organizations. The international scope of ISO 14001, coupled with differing national laws and enforcement policies, makes it impossible to establish acceptable parameters for air emissions, water discharges and other similar environmental impacts. Instead, individual organizations must approach these requirements within the context imposed by national, state or provincial, and local laws.
U.S. regulatory agencies and registrars have somewhat different expectations about the ways in which a company addresses these three requirements.
The regulatory view
Not surprisingly, many in the regulatory community and nongovernmental environmental organizations question whether ISO 14001 contains sufficient emphasis on regulatory compliance. In order to determine whether ISO 14001 registration results in improved regulatory compliance, several efforts were launched shortly after publication of the standard in September 1996.
The most visible of these efforts is the Multi-State Working Group (MSWG), an organization of state environmental agencies formed in 1996 in response to growing state interest in ISO 14001 and the potential for environmental enforcement flexibility and other state initiatives.
By 1998, the MSWG had evolved from an informal working meeting to a formal networking organization with elected officers. One of the group's objectives is to enhance ISO 14001 regarding the relationship of the EMS to regulatory compliance and performance regarding all significant environmental aspects.
There does not appear to be a clear consensus among MSWG members as to the value of ISO 14001. In a 1998 interview, Robert Stephens, MSWG chair, stated that MSWG "is firmly committed to the voluntary nature of the ISO 14001 standard and that this voluntary nature is not in conflict with the public policy goals [the MSWG] is pursuing."1 That same month, a MSWG member suggested that the language in ISO 14001 is so loose that it undermines the credibility of the standard.2
To assist in resolving questions related to implementation of ISO 14001 and regulatory compliance, the MSWG launched a research project that same year. Information on the effect that an EMS has on regulatory compliance was to be collected from pilot projects in a number of states and organized into a database.
At the end of 2000, researchers concluded that the national database could not provide any insight into whether companies with an EMS have higher levels of regulatory compliance. It should be noted that this project is ongoing and may provide such information at some future date.
The registrars' perspective
Even though MSWG thinks the jury is still out, ISO 14001 registrars believe they have attained a verdict. Based on data collected during registration audits, many ISO 14001 EMS lead auditors are convinced that an EMS does, in fact, improve regulatory compliance.
In their efforts to address the requirement to identify legal requirements, many organizations learn about regulations with which they were previously unfamiliar and with which they should have been complying. This increased level of awareness causes such organizations to become compliant in areas previously ignored.
Moreover, periodic evaluation of compliance creates an operating climate in which responding to regulatory lapses is considered standard operating practice.
MSWG has suggested that registrars do not pay sufficient attention to the regulatory compliance status of the companies they ultimately register. This view is supported by examples in which registration is approved and the organization is later found to be out of compliance with a particular regulatory requirement. At its spring 2000 quarterly meeting, MSWG authorized a review of U.S. third-party registrars.
It is important to understand that ISO 14001 registrars evaluate the environmental management system. These registrars do not seek to determine whether an organization is out of compliance with legal requirements; rather, they attempt to verify whether the organization has determined its compliance status.
According to Greg Hansa, vice president-technical development, SGS International Certification Services Inc., an accredited ISO 14001 registrar, SGS "first assesses the ability of the EMS to adequately identify appropriate environmental legislation and regulations. Once the EMS has been determined to be effective in identifying regulatory requirements, the system's monitoring and evaluation of compliance is audited. The ability of the EMS to implement corrective and preventive action also is audited."
What happens if an audit team finds evidence of a regulatory noncompliance? The existence of a noncompliance, in and of itself, should not suggest that the EMS is deficient. If an SGS audit discovers a regulatory noncompliance, it would determine whether the organization had identified the same noncompliance.
"If it has been identified," states Hansa, "we would assess the implementation of corrective and preventive action. If the noncompliance has been adequately addressed, the EMS is in conformance with the applicable elements of ISO 14001."
What if the EMS fails to identify a regulatory noncompliance or, subsequent to identification, fails to respond appropriately? In the first case, SGS would write a nonconformance against clause 4.3.2, which requires identification of legal requirements. In the latter case, the nonconformance would be linked to clause 4.2, which requires inclusion in the environmental policy of a commitment to compliance.
When asked to distinguish between systemic failure and isolated problems, Hansa offered the following: "If the EMS fails to identify or respond appropriately to an isolated noncompliance, the system nonconformance probably would be considered 'minor.' However, if the EMS consistently fails to identify or adequately address regulatory noncompliances, a total breakdown of the appropriate element of the management system would be cited and would likely be categorized as a 'major' nonconformance."
How often are such nonconformances written? "Seldom," says Hansa. "We find that our client organizations are indeed committed to protecting the environment and regulatory compliance. The structure and voluntary nature of their ISO 14001 programs allow them to proactively become familiar with their legal obligations and address any issues without much of the fear and pain historically associated with these issues."
During the drafting of ISO 14001 from 1993 to 1996, reference to regulatory compliance was the focus of much debate among members of the U.S. technical advisory group (TAG) charged with establishing the official U.S. position on the environmental management system standard.
The ISO mandated five-year review process has provided an opportunity to again consider whether ISO 14001 adequately addresses this issue. However, the decision by ISO Technical Committee 207 not to include any new requirements in the ISO 14001 revision, scheduled for publication in late 2001, rendered this debate moot.
It is fair to state that the TAG remains somewhat split on whether ISO 14001 requires additional language on this point. Those TAG members representing federal and state regulatory agencies and nongovernmental environmental organizations tend to favor more stringent language and, therefore, more prescriptive requirements about regulatory compliance by those who seek ISO 14001 registration. TAG participants from various industry sectors tend to support current language pertaining to regulatory compliance and resist more stringent requirements.
Additional language would appear to be superfluous. Any organization in the United States is obligated to identify, understand and comply with applicable environmental laws and regulations. The decision to implement ISO 14001 does not change that obligation; in fact, it tends to improve an organization's environmental performance.
1. International Environmental Systems Update, Vol. 5, No. 9, September 1998, p. 15.
2. Ibid, p. 14.
MARILYN R. BLOCK is president of MRB Associates, an environmental management system consulting firm. She earned a doctorate in human development from the University of Maryland, College Park. Block co-authored the Quality Press book Integrating ISO 14000 Into a Quality Management System and authored Implementing ISO 14000 and Identifying Environmental Aspects and Impacts. She is a member of ASQ.
'QP' Goes Back to Basics
Many of our readers say they need inexpensive, concise information on the fundamental concepts and basic tools of quality to share with co-workers who aren't in the quality field.
So QP is starting a new column called "Back to Basics." These columns will be limited to one page of type or 750 words. Submissions to the columns will be reviewed by members of the QP Editorial Review Board.
If you need guidance on submitting a "Back to Basics" column, click on "editorial submissions" on QP's Web site at http://qualityprogress.asq.org. Or call Mark Hagen at 800-248-1946, ext. 8742.