EHS Administration, Reporting

OIG Recommends Controls to Improve Self-Disclosure Screening Process

In a report issued June 30, 2022, the EPA Office of Inspector General (OIG) determined that the Agency does not have adequate internal controls in place to ensure that its screening process of self-disclosure violations reported through its eDisclosure system is effective and that significant concerns, such as criminal conduct and potential imminent hazards, are identified and addressed by the Office of Enforcement and Compliance Assurance (OECA) and the EPA regions.

When the EPA developed its Incentives for Self-Policing: Discovery, Disclosure, Correction and Prevention of Violations policy (Audit Policy) in 1995, the goal was to provide regulated industry with motivation to self-report environmental regulations violations. Although potential enforcement actions provide a strong deterrent and incentive for compliance, due to limited government resources, it is necessary for regulated industry to self-police.

Audit Policy

To be eligible for full or partial penalty mitigation when self-reporting violations, the Audit Policy contains nine conditions:

  1. Systematic discovery.
  2. Voluntary discovery.
  3. Prompt disclosure in writing to the EPA within 21 days of discovery or such shorter time as may be required by law.
  4. Independent discovery and disclosure.
  5. Correction and remediation within 60 calendar days, in most cases, from the date of discovery.
  6. Prevention of recurrence of the violation.
  7. Disclosure involving nonrepeat violations.
  8. Disclosure of an eligible violation. Certain types of violations are ineligible, such as those that result in serious actual harm; may present an imminent and substantial endangerment; and violate the terms of an administrative order, a judicial order, or a consent agreement.
  9. Cooperation with the EPA, such as providing information as necessary and requested by the EPA.

In 2015, the EPA updated the Audit Policy to require electronic reporting through its eDisclosure platform and required regulated entities to meet all nine Audit Policy conditions or, minimally, conditions 2–9 to receive full or partial penalty mitigation.  

From 1995 to 2020, more than 10,000 entities have self-disclosed violations at almost 28,000 facilities. Of those violations, more than 50 percent were for Emergency Planning and Community Right-to-Know Act (EPCRA) reporting violations, according to the OIG report.

OIG recommendations

The OIG report found that the current eDisclosure system creates risks that significant concerns are not addressed and made the following recommendations:

  1. Develop national guidance that includes a process for screening eDisclosure submissions for significant concerns, such as criminal conduct and potential imminent hazards.
  2. Provide eDisclosure-specific training to EPA headquarters and regions to clarify expectations, establish staff responsibilities, and communicate best practices.
  3. Develop performance measures for the eDisclosure system and a monitoring plan to track its effectiveness.
  4. In coordination with EPA regions, assess eDisclosure system functionality to identify and implement improvements.

The report concludes that the OECA agrees with all the recommendations and that the recommendations have been resolved, with corrective actions pending.

Industry takeaways

In moving forward, as the OECA increases scrutiny of self-disclosures submitted through the eDisclosure system, industry can expect more verification from the Agency to ensure all the Audit Policy conditions for mitigated penalties have been met.

“While EPA has infrequently found self-disclosures to be ineligible for the benefits of the Audit Policy, it is expected that EPA’s heightened scrutiny will identify self-disclosures of violations that do not meet the Audit Policy criteria and therefore do not qualify for penalty mitigation and may be subject to enforcement action,” advises a Lexology article by Womble Bond Dickson (US) LLP.