by John Wolfe
This article provides a brief overview of the importance of a legal registry and how you can use it to take your organization’s operations to the next level of efficiency and achieve operational compliance.
The article will help you understand the following:
- What is a Legal Registry?
- What are Operational Controls?
- Why is a Legal Registry important?
- Why is it important to achieve regulatory and operational compliance?
- How can you achieve regulatory and operational compliance?
- The link between organization’s culture and the integrity of operational controls
- Four elements of a thorough Legal and Regulatory Compliance Program
- The most efficient format for a legal and regulatory compliance register
- Questions you should ask yourself to determine your operation’s efficiency level
What is a Legal Registry?
A Legal Registry is simply a list of your regulatory requirements. This includes any commitments that bind your organization to applicable regulations or governmental approvals.
A Legal Registry is alternatively called a:
- Legal Register
- Law List
- Compliance Obligations Registry
- Compliance Register
To ensure that your Legal Registry is effective, it is critical that you link your requirements to Operational Controls.
What are Operational Controls?
Operational Controls are work practices and procedures that ensure:
- safe & efficient operations; and
- Operational compliance to internal policies & regulatory requirements
Because they form a critical part of an effective EHS Management System, Operational Controls must have integrity. Integrity means that the Operational Controls:
- reflect the full scope of the regulatory requirements without leaving gaps for non-compliance; and
- are up-to-date and aligned with the current regulatory requirements and compliance obligations.
To ensure ongoing compliance, you should actively use operational controls, with integrity.
Why is a Legal Registry Important?
When properly implemented, the Legal Registry plays a critical role in:
- achieving regulatory compliance;
- identifying compliance gaps; and
- assuring operational controls have regulatory integrity
Why is it Important to Achieve Regulatory and Operational Compliance?
Compliance is not optional. Regulatory compliance can radically improve your organization’s operational efficiency by avoiding errors, issues, fines and other problems before they arise. Regulatory compliance is indicative of excellent operations.
How Can You Achieve Regulatory and Operational Compliance?
Unfortunately, there is no silver bullet solution for compliance. It is an outcome of competent workers relentlessly executing operational controls with integrity.
The culture of your organization largely influences the integrity of the Operational Controls.
“Good Safety Management is Just Good Management”
The Link Between Culture and Integrity of Operational Controls
Tools, systems, and processes cannot do much without a culture of integrity that ensures a complete understandingand accountability of compliance obligations.
It is your responsibility to establish a culture that ensures operational integrity at all times. You should ensure that workers fully understand the importance of compliance and do not compromise for the sake of production, cost or schedule.
To achieve operational integrity at the line level, you should give workers operational respect by communicating what you expect from them.
To help workers execute their accountabilities consistently and relentlessly, you should provide them with necessary training and tools. By reinforcing training, mentoring, assessments and corrective actions, you can ensure that workers execute their duties with excellence.
It is your responsibility to establish a culture such that workers are confident about returning home safe and sound. Workers should have complete faith in the processes that ensure everyone respects operational controls.
Thorough compliance is a natural outcome of a culture that focuses on operational controls.
Four Elements of a Thorough Legal and Regulatory Compliance Program
Fully compliant operations, as a result of a culture that focuses on operational controls, has the following four elements:
- Awareness and Accountability
1. Awareness and Accountability
Everyone is accountable for compliance.
Successful execution of a Compliance Program relies upon absolute clarity of individual roles and regulatory accountabilities.
Not just employees but contractors acting on an organization’s behalf too are able to delineate the regulatory compliance obligations within the scope of their role and all operating procedures.
Systems support the development of competencies required to fulfill compliance obligations.
The design of assets ensures that they operate in compliance with all applicable regulatory requirements under all conditions.
The management investigates all non-compliance incidents competently and consistently to :
- understand the root causes; and
- identify & implement continuous improvement solutions to minimize the risk or recurrence
Organization’s leaders promote a culture of integrity through what they say and do, and not overtly or inadvertently (by not saying and doing the needed), compromise regulatory/operational compliance and worker safety.
The Most Efficient Legal and Regulatory Compliance Register Format
Different organizations maintain legal registers in different formats from simple manuals/binders on a shelf to multiple Excel files to in-house software to SaaS.
With legal registers on Excel or binders, it is challenging to produce the legislative review logs as compliance evidence at the time of an audit. Often, auditors come across files that are not up-to-date leading to non-conformances. Binders and Excel have their uses but they are certainly not the right tools for maintaining legal registers. If you are using either of these tools you are inadvertently ignoring their maintenance costs. Excel and binders are much more expensive as they are awfully time-consuming and largely inefficient. The cost of inefficiency leading to non-conformances is much higher than investment in a software solution.
A software is an ideal tool to maintain a legal register. You have the choice of using either external software or building customized in-house software. The issue with in-house software is that it is extremely expensive, not just to make but also to maintain. Also, if you decide to get regulatory content from an external party, integrating it with the in-house software gets complicated.
SaaS is by far the best tool to maintain legal registers. When carefully chosen from the right supplier, it is more robust and much less expensive than in-house software.
Regulatory Compliance Is a Continuous Process
As laws, operations, equipment, products, and services change, it is crucial to continually update the legal registry.
A tedious process requiring precision, the task is best left to analysts who exclusively monitor regulatory changes.
The common issue with the outsourced content is the difficulty to integrate it with the software. Improper integration can again lead to gaps in compliance.
It is best to look for a solution that produces (not just provides) regulatory content as well as the software. This would ensure that you receive a well-integrated solution without having to invest time in integrating the two.
Questions You Should Ask Yourself to Determine Your Operation’s Efficiency Level
Lastly, regulatory/operational compliance in addition to multiple other benefits (operational excellence, sustained production, worker productivity & knowledge) will be a natural outcome if you take necessary corrective actions in response to the following questions:
- Do we have sufficient workers? (there should not be any vacant roles)
- Are workers competent? (train new workers effectively)
- Do workers know what they are accountable for and do they have records of accountabilities, such as job descriptions, access to the operating procedures they rely on? (provide workers with clarity on accountabilities and authority to execute against those accountabilities)
- Are the assets designed and configured to hardwire best practices with respect to safety, production, and compliance?
- Are there all necessary operational controls needed to operate the business or assets?
- Do the operational controls have integrity, are up-to-date, reflect safe and best operating practices, and leverage & institutionalize knowledge of workers?
- Are processes in place to solicit worker input?
- Is incident learning embedded in operational controls and implemented for continuous improvement?
- Do workers consistently and relentlessly execute operational controls?
- Does management engage in observations, oversight, assessments, coaching, counselling and correcting?
- Do we learn and implement learning from incident investigations?
- How do we respond to information from lagging and leading metric reporting?
- How effective is the management review process?
by John Wolfe
John Wolfe is a Partner at Nimonik inc. He has over 25 years of experience in the design, implementation and assessment of integrated HSEQ management systems in multiple industry sectors. He has held HSEQ leadership positions in Suncor Energy, IFC Kaiser, Boart Longyear, CSA and has successfully launched a number of companies, Management Horizons, Green Cone, Total Environment Solutions Trinidad, and Conformance Check. Most recently he was the Sr Director of Operations Integrity Audit at Suncor. John is also well known as an early leader in the sustainability eld having managed the ISO Technical Committees that developed the ISO 9000 and 14000 series of standards and guidelines for corporate reporting, stakeholder consultation and environmental labelling. He was also a founding member of the Canadian Environmental Auditors Association.