EHS Auditing:

Addressing Risks in

a Changing World

EHS Auditing:

Addressing Risks in a Changing World

Douglas Hileman, CRMA, CPEA

Douglas Hileman Consulting LLC

Douglas Anderson, CIA, CRMA

Managing Director of CAE Services, IIA

Agenda

1) Introduction to EHS Auditing

– Role in Organization

– Focus of Activities

2) Non-Financial Reporting:

– Avenues

– Frameworks

– Risks & Opportunities

3) Concluding Remarks

3

1. Introduction to EHS Auditing

4

Strategy – Objectives - Risk

• Strategy – Highest margin for existing

product line

• Objective – Reduce margin erosion in

periods of increasing costs

• Risk – Loss of sales with price increases

• Risk Response – Add price escalators to

sales agreements

Structure for Managing Risk

Risk Response: Mitigate

Impact

Lik

elih

ood

Inherent

Risk

Residual Risk

Residual Risk

1st LOD

2nd LOD

EH&S Audit

• Where do they fit?

• 2nd line of defense

– Subject matter experts

– Review activities for effectiveness

• 3rd line of defense

– Independent and objective

– Assessment of effectiveness of risk responses

– Assess 2nd line of defense

U. S. EH&S Regulatory

Requirements

Environmental Protection Agency (EPA)

− Air, water, hazardous materials, waste,

contaminated sites

Occupational Safety & Health Administration

(OSHA)

− Workplace safety, contractor safety,

whistleblower protection

Traditional EH&S Risks

• Compliance

– Fines and penalties

– Citizen suit provisions

– Many compliance records are public record

• Operations

– Limits on operations, ability to expand

– Injunctive relief

• Financial Reporting

– Reserves for contingent environmental liabilities

10

EH&S Risk Management

• 2nd Line of defense: Policies, procedures,

management systems,

– Bring expertise for plans, permits, etc

– Set up management systems

– Monitor progress

• 3rd Line of defense

– Environmental compliance

– Health & Safety programs assessment

11

2. Non-Financial Reporting

12

“Non-Financial Reporting”

Anything reported externally that is not

included in financial statements

For purposes of this webinar, includes:

• Environmental

• Health and safety

• Corporate responsibility

• Social issues

• Economic (beyond financial)

13

Avenues for Non-Financial

Reporting

Can be disclosed

• Publicly Disclosed

• To Specific Parties

14

Publicly-Disclosed Reports

Frameworks and Reporting Mechanisms:

− Sustainability – often using the Global Reporting

Initiative framework (GRI)

− CDP (“Carbon Disclosure Project”)

− Sustainability Accounting Standards Board

(SASB)

15

Global Reporting Initiative (GRI)

• Voluntary

• A framework – not performance requirements or

expectations

• Some parameters “required” – others optional

• Vary by industry sector

• Used by investors, analysts, competitors,

prospective employees, etc.

• Assurance not required – may be negative

• Used by 7,500 organizations

16

GRI: Major Subject Areas

1) General & Governance

2) Economic

3) Environmental

4) Social issues

17

About Your Company, and the

“Triple Bottom Line” Reporting

GRI Reporting Parameters:

3. Environmental

• Materials used

• Energy consumption: inside & outside the organization

• GHG emissions: generated or purchased

• Reduction in energy use

• Water use and withdrawal by source

• Proximity of sites to ecologically sensitive areas

• Water discharge, by receiving water

• Products & packaging reclaimed, by type

• Impact of transporting products

• Suppliers screened and actions taken

• Grievance process

18

34 Environmental parameters

GRI Reporting Parameters:

4. Social

• Labor practices & decent work (8 parameters)

[includes employee safety]

• Training & education (8 parameters)

• Human rights (12 parameters)

• Society (5 parameters)

• Public policy (6 parameters)

• Product & service labeling (9 parameters)

19

Over 50 parameters for Social issues

“Carbon Disclosure Project” (CDP)

• Originated as “Carbon Disclosure Project” in 2000

• Voluntary reporting of greenhouse gas (GHG)

emissions, including those:

– Generated directly by organization

– Purchased

– Outside the entity

– Analysis

• Assurance schemes for GHG emissions

• Expanded to include water reporting in 2010

20

CDP Water Reporting:

Sample Questions

• Do you request your suppliers to report on their

water use, risks and/or management?

• Who has highest level of direct responsibility for

water within your organization and how frequently

are they briefed?

• Is water management integrated into your business

strategy? If so, explain how.

• What are your company-wide targets (quantitative) or

goals (qualitative) related to water?

21

SASB Background

• Mission: develop and disseminate sustainability

accounting standards that help public corporations

disclose material, decision-useful information to

investors

• Desire to see in mandatory SEC filings (Form 10-K)

• SASB has determined what is “material” for all

industry sectors, and has published reporting

parameters (qualitative and quantitative)

• Not affiliated with FASB, GASB, IASB or any other

accounting standards boards

22

Sustainability Accounting

Standards Board (SASB)

23

SASB Standards: Criteria

• Relevant

• Useful

• Applicable

• Cost-effective

• Comparable

• Complete

• Directional

• Verifiable

24

Audits?

Stay tuned!

Example of Industry Categories

Within Sectors

Financial Sector:

Industry Categories

Commercial Banks Mortgage Finance Consumer Finance

Investment Banking

& Brokerage

Security &

Commodity

Exchanges

Asset Management

& Custody Activities

Insurance

25

SASB Reporting Category:

Consumer Finance• Financial Inclusion

• Customer Privacy and Data Security

• Transparent Info & Fair Advice for Customers

• Responsible Lending & Debt Prevention

– For customers with FICO scores above and below 640 (subprime):

1) Average customer debt

2) Average APR

3) Mean and median age of accounts

4) Average monthly full payment rate

– % of applications accepted for subprime applicants

– Average annual fees per account for pre-paid transaction products

26

Non-Financial Reporting:

Specific Entities

• Customers

• Trade Associations

• Sector Alliances

• Business Partners

• Investment Groups

27

NFR: Customers

• 2006: launched Sustainability program; 15

questions in four focus areas

– Energy & Climate

– Material Efficiency

– Nature & Resources

– People and Community

• 2012: broadened to 100 major categories, with

category-specific questions

• Using broader forum: the Sustainability

Consortium (www.sustainabilityconsortium.org)

to create product sustainability toolkits

28

“Do this, or you’re not

on our shelves.”

Walmart Sustainability:

Product Categories

29

Adhesive bandages

Adhesive tapes

Aerosol air fresheners

Antifreeze

Apples

Automotive fuels

Automotive oils

Automotive tires

Bananas

Beans, lentils and peas

Beef

Beer

Berries

Bicycles

Board games

Books

Bread

Non-Financial Reporting:

Observations & Suggestions

30

Categories of Enterprise Risk:

Today’s Business Reality

Operations Compliance Reporting

Traditional

In-House Statutory

Regulatory

Financial

AND….

Supply Chain

Joint Ventures &

Collaborators

Contracted/ Gig

workers

Value Chain

Contractual

Industry standard

Company

commitment

Non-Financial

31

NFR: What can go wrong?

• Unaware of requirements

• Inconsistent or incorrect data reported

• Ineffective / inefficient resource allocation

• Competitive disadvantage re: investor analysis

• Shareholder action

• NGO analysis results in unwanted attention

• Loss of sales (failure to meet customer

requirement)

32

NFR is evolving FAST!!

Questions to be Raised

• Is there an inventory of the organization’s NFR?

• What is tone at the top for NFR? How is this evident?

• Is there a single person or group responsible for NFR?

• Do they followed a defined, disciplined, and robust

process?

• Do they follow a recognized NFR frameworks? If not,

why not?

• Are independent & objective assessment functions

involved? If so, with what scope and resources?

33

You’ll probably find some

significant gaps

3. Concluding Remarks

Call to Action

• Is EH&S Auditing optimally positioned in the company?

• Have you included EH&S risks in your risk assessment? – All aspects of EH&S risks?

• Does your organizational charter empower effort across the important risks?

• Do you have the right skills deployed in the right groups?

35

If you haven’t fully considered NFR yet,

you should

For More Information

Douglas Hileman Consulting LLC

www.douglashileman.com

doug@douglashileman.com

djhileman@gmail.com

36

Douglas Hileman

EHS Audit Center

Web Page

uestions ???