Environmental Liabilities

Appendix 5-J: Environmental Compliance Program Self-Assessment Questionnaire

Various sources of environmental compliance risk are listed below. This chart may serve as a good starting point for evaluating whether your environmental compliance program is effective in its current form or has room for improvement.

Category

Sources of Risk

Yes

No

Details

General background

Is the organization operating in a highly regulated industry?

If yes, provide detailed list of applicable regulations.

Does the organization hold any environmental operating permits?

Use this space to provide a list of all details, expiration dates, environmental agency contacts, etc.

Is there a history of agency inspections?

Provide the date of the last inspection, how often do they occur, links to inspection reports.

Enforcement history

Is there a history of regulatory violations or civil enforcement actions?

If yes, provide details such as root cause analysis, remediation plans, penalties paid, and links to filings here.

Is there a history of criminal violations or enforcement actions?

If yes, provide details such as root cause analysis, remediation plans, penalties paid, and links to filings here.

Did past violations result in consent decree or settlement agreement with any enforcement agency?

If yes, provide details and a link to actual consent decree or settlement agreement here.

Have other companies in your industry been investigated or indicted?

If yes, provide details here (e.g., criminal or civil, fines, settlements or consent orders, reputational damage).

Does your organization retain records of all violations or enforcement actions?

Describe.

Does your organization perform a root cause analysis to determine the cause of each violation or enforcement action?

Describe.

Effectiveness of compliance program

Does the organization have a written environmental compliance program?

If yes, describe and provide link to materials, policies, and procedures here.

Does the environmental compliance program include written instructions to employees on how to handle subpoenas, requests, or visits from regulators?

Describe.

Is environmental compliance program adequately resourced?

Provide details about the number of dedicated full-time staff, annual budget, benchmarking information.

Does the environmental compliance program have a stated purpose?

Provide details.

Does the environmental compliance program have executive or board-level sponsorship?

If not, why? If yes, provide details.

Does the board receive reports on environmental compliance on a regular basis?

If not, why? If yes, provide details.

Is there a specific individual identified as being responsible for the organization’s environmental compliance program?

If not, why? If so, provide link to job description here.

Does the environmental compliance program have independence from the organization’s management? Is there a mechanism to escalate issues directly to the board of directors in the event management is not responsive?

Describe reporting structure and escalation process.

Does the organization have a helpline or other reporting mechanisms in place for anonymous reporting of environmental compliance concerns?

If not, why? If yes, provide details here.

Does the organization keep a record of all reports of potential environmental compliance issues?

If not, why? If yes, provide details here.

Does the organization keep a record of all disciplinary action taken as a result of environmental compliance issues?

If not, why? If yes, provide details here.

Does the organization have a retaliation prevention policy in place to protect those who report potential environmental compliance issues?

If not, why? If yes, provide a link to it here.

Is environmental compliance considered as a factor in employee performance and bonus measures?

If not, why? If yes, describe.

Has the environmental compliance program been in place for more than five years?

Provide details.

Has the environmental compliance program been revised, amended, or updated?

Provide details.

Do you keep an archive of all past versions of the environmental compliance program?

Provide details.

Has the environmental compliance program been reviewed or assessed by an outside subject matter expert for effectiveness?

Provide details.

Has the organization conducted any benchmarking or self-assessment activities to compare its environmental compliance program to best practices?

Describe.

Training and communication

Is the environmental compliance program, including relevant policies and procedures, easily accessible for employees?

If not, why? If yes, provide link to materials here.

Are employees of the organization trained on a regular basis on environmental compliance topics?

If not, why? If yes, provide details here.

Do those in your organization with responsibility for environmental compliance regularly attend outside seminars and educational programs to ensure their subject matter expertise is current and takes into account new laws and developments?

Describe.

Internal investigations

Has the organization conducted any internal investigations of potential environmental compliance issues?

If so, provide details here, including how many internal investigations have been conducted, how the organization learned of each issue, who investigated each, and the outcome of each.

Does the organization have a written policy for how to respond to allegations of potential environmental violations?

If so, provide link to policy here.

Does the organization have dedicated investigators on staff to investigate potential environmental compliance violations?

If so, describe. If not, describe how investigators are appointed and how they are qualified to serve in such capacity.

Are internal investigators provided with specific training on how to conduct an investigation of a potential environmental compliance violation?

Describe.

Does the organization track “time to close” metrics to ensure timely completion of internal investigations?

Describe.

Does the organization maintain records of completed internal investigations of potential environmental compliance issues?

If not, why? If yes, provide link to such records here.

Does the organization routinely conduct root cause analysis as part of the investigation of all potential environmental compliance issues?

Describe.

Has the organization made changes or adjustments to its environmental compliance program as a result of information learned during an internal investigation?

Describe.

Auditing/monitoring

Does the organization have an environmental compliance audit program in place?

If not, why? If so, describe.

Does the organization monitor key environmental compliance metrics on an ongoing basis to prevent future violations and enforcement actions?

Describe.

Voluntary reporting

Does your organization have a written policy about how to handle voluntary self-reporting of environmental compliance violations?

Describe.

Has the organization voluntarily self-reported violations in the past?

Describe.

Does the organization keep records of all self-reported violations?

Describe.

Remediation

Does the organization maintain records of all remedial or corrective actions taken as a result of environmental compliance issues it discovers?

Describe.

Does the organization seek to identify potential weaknesses in its environmental compliance program and seek to remediate them?

Describe.

Risk assessment

Does the organization regularly conduct environmental compliance risk assessments?

If not, why? If yes, provide link to such assessments here and describe frequency, staffing, and methodology.

Does the organization have a methodology for ranking or prioritizing its environmental compliance risks?

Describe.

Does your organization track environmental compliance risk assessment results over time to determine how risks are evolving?

Describe.

Does the organization communicate the results of its environmental compliance risk assessments to senior management and/or the board of directors?

If no, why? If yes, provide details, including cadence and link to previous reports provided.

Is the organization using the results of its environmental compliance risk assessment to develop action or risk mitigation plans?

Describe and provide link to any such plans.

This document is only available to subscribers. Please log in or purchase access.