ehs auditing: addressing risks in a changing world · managing director of cae services, iia....
TRANSCRIPT
EHS Auditing:
Addressing Risks in
a Changing World
EHS Auditing:
Addressing Risks in a Changing World
Douglas Hileman, CRMA, CPEA
Douglas Hileman Consulting LLC
Douglas Anderson, CIA, CRMA
Managing Director of CAE Services, IIA
Agenda
1) Introduction to EHS Auditing
– Role in Organization
– Focus of Activities
2) Non-Financial Reporting:
– Avenues
– Frameworks
– Risks & Opportunities
3) Concluding Remarks
3
1. Introduction to EHS Auditing
4
Strategy – Objectives - Risk
• Strategy – Highest margin for existing
product line
• Objective – Reduce margin erosion in
periods of increasing costs
• Risk – Loss of sales with price increases
• Risk Response – Add price escalators to
sales agreements
Structure for Managing Risk
Risk Response: Mitigate
Impact
Lik
elih
ood
Inherent
Risk
Residual Risk
Residual Risk
1st LOD
2nd LOD
EH&S Audit
• Where do they fit?
• 2nd line of defense
– Subject matter experts
– Review activities for effectiveness
• 3rd line of defense
– Independent and objective
– Assessment of effectiveness of risk responses
– Assess 2nd line of defense
U. S. EH&S Regulatory
Requirements
Environmental Protection Agency (EPA)
− Air, water, hazardous materials, waste,
contaminated sites
Occupational Safety & Health Administration
(OSHA)
− Workplace safety, contractor safety,
whistleblower protection
Traditional EH&S Risks
• Compliance
– Fines and penalties
– Citizen suit provisions
– Many compliance records are public record
• Operations
– Limits on operations, ability to expand
– Injunctive relief
• Financial Reporting
– Reserves for contingent environmental liabilities
10
EH&S Risk Management
• 2nd Line of defense: Policies, procedures,
management systems,
– Bring expertise for plans, permits, etc
– Set up management systems
– Monitor progress
• 3rd Line of defense
– Environmental compliance
– Health & Safety programs assessment
11
2. Non-Financial Reporting
12
“Non-Financial Reporting”
Anything reported externally that is not
included in financial statements
For purposes of this webinar, includes:
• Environmental
• Health and safety
• Corporate responsibility
• Social issues
• Economic (beyond financial)
13
Avenues for Non-Financial
Reporting
Can be disclosed
• Publicly Disclosed
• To Specific Parties
14
Publicly-Disclosed Reports
Frameworks and Reporting Mechanisms:
− Sustainability – often using the Global Reporting
Initiative framework (GRI)
− CDP (“Carbon Disclosure Project”)
− Sustainability Accounting Standards Board
(SASB)
15
Global Reporting Initiative (GRI)
• Voluntary
• A framework – not performance requirements or
expectations
• Some parameters “required” – others optional
• Vary by industry sector
• Used by investors, analysts, competitors,
prospective employees, etc.
• Assurance not required – may be negative
• Used by 7,500 organizations
16
GRI: Major Subject Areas
1) General & Governance
2) Economic
3) Environmental
4) Social issues
17
About Your Company, and the
“Triple Bottom Line” Reporting
GRI Reporting Parameters:
3. Environmental
• Materials used
• Energy consumption: inside & outside the organization
• GHG emissions: generated or purchased
• Reduction in energy use
• Water use and withdrawal by source
• Proximity of sites to ecologically sensitive areas
• Water discharge, by receiving water
• Products & packaging reclaimed, by type
• Impact of transporting products
• Suppliers screened and actions taken
• Grievance process
18
34 Environmental parameters
GRI Reporting Parameters:
4. Social
• Labor practices & decent work (8 parameters)
[includes employee safety]
• Training & education (8 parameters)
• Human rights (12 parameters)
• Society (5 parameters)
• Public policy (6 parameters)
• Product & service labeling (9 parameters)
19
Over 50 parameters for Social issues
“Carbon Disclosure Project” (CDP)
• Originated as “Carbon Disclosure Project” in 2000
• Voluntary reporting of greenhouse gas (GHG)
emissions, including those:
– Generated directly by organization
– Purchased
– Outside the entity
– Analysis
• Assurance schemes for GHG emissions
• Expanded to include water reporting in 2010
20
CDP Water Reporting:
Sample Questions
• Do you request your suppliers to report on their
water use, risks and/or management?
• Who has highest level of direct responsibility for
water within your organization and how frequently
are they briefed?
• Is water management integrated into your business
strategy? If so, explain how.
• What are your company-wide targets (quantitative) or
goals (qualitative) related to water?
21
SASB Background
• Mission: develop and disseminate sustainability
accounting standards that help public corporations
disclose material, decision-useful information to
investors
• Desire to see in mandatory SEC filings (Form 10-K)
• SASB has determined what is “material” for all
industry sectors, and has published reporting
parameters (qualitative and quantitative)
• Not affiliated with FASB, GASB, IASB or any other
accounting standards boards
22
Sustainability Accounting
Standards Board (SASB)
23
SASB Standards: Criteria
• Relevant
• Useful
• Applicable
• Cost-effective
• Comparable
• Complete
• Directional
• Verifiable
24
Audits?
Stay tuned!
Example of Industry Categories
Within Sectors
Financial Sector:
Industry Categories
Commercial Banks Mortgage Finance Consumer Finance
Investment Banking
& Brokerage
Security &
Commodity
Exchanges
Asset Management
& Custody Activities
Insurance
25
SASB Reporting Category:
Consumer Finance• Financial Inclusion
• Customer Privacy and Data Security
• Transparent Info & Fair Advice for Customers
• Responsible Lending & Debt Prevention
– For customers with FICO scores above and below 640 (subprime):
1) Average customer debt
2) Average APR
3) Mean and median age of accounts
4) Average monthly full payment rate
– % of applications accepted for subprime applicants
– Average annual fees per account for pre-paid transaction products
26
Non-Financial Reporting:
Specific Entities
• Customers
• Trade Associations
• Sector Alliances
• Business Partners
• Investment Groups
27
NFR: Customers
• 2006: launched Sustainability program; 15
questions in four focus areas
– Energy & Climate
– Material Efficiency
– Nature & Resources
– People and Community
• 2012: broadened to 100 major categories, with
category-specific questions
• Using broader forum: the Sustainability
Consortium (www.sustainabilityconsortium.org)
to create product sustainability toolkits
28
“Do this, or you’re not
on our shelves.”
Walmart Sustainability:
Product Categories
29
Adhesive bandages
Adhesive tapes
Aerosol air fresheners
Antifreeze
Apples
Automotive fuels
Automotive oils
Automotive tires
Bananas
Beans, lentils and peas
Beef
Beer
Berries
Bicycles
Board games
Books
Bread
Non-Financial Reporting:
Observations & Suggestions
30
Categories of Enterprise Risk:
Today’s Business Reality
Operations Compliance Reporting
Traditional
In-House Statutory
Regulatory
Financial
AND….
Supply Chain
Joint Ventures &
Collaborators
Contracted/ Gig
workers
Value Chain
Contractual
Industry standard
Company
commitment
Non-Financial
31
NFR: What can go wrong?
• Unaware of requirements
• Inconsistent or incorrect data reported
• Ineffective / inefficient resource allocation
• Competitive disadvantage re: investor analysis
• Shareholder action
• NGO analysis results in unwanted attention
• Loss of sales (failure to meet customer
requirement)
32
NFR is evolving FAST!!
Questions to be Raised
• Is there an inventory of the organization’s NFR?
• What is tone at the top for NFR? How is this evident?
• Is there a single person or group responsible for NFR?
• Do they followed a defined, disciplined, and robust
process?
• Do they follow a recognized NFR frameworks? If not,
why not?
• Are independent & objective assessment functions
involved? If so, with what scope and resources?
33
You’ll probably find some
significant gaps
3. Concluding Remarks
Call to Action
• Is EH&S Auditing optimally positioned in the company?
• Have you included EH&S risks in your risk assessment? – All aspects of EH&S risks?
• Does your organizational charter empower effort across the important risks?
• Do you have the right skills deployed in the right groups?
35
If you haven’t fully considered NFR yet,
you should
For More Information
Douglas Hileman Consulting LLC
www.douglashileman.com
36
Douglas Hileman
EHS Audit Center
Web Page
uestions ???