This blog post is for those who want to get into the weeds of the legal registers, also known as law lists and compliance obligations.
In theory, companies build a legal register to have a clear portrait of the laws and regulations that apply to their business and how they apply. In reality, most companies create a list of regulatory documents due to a need to meet ISO 14001, ISO 45001 and ISO 50001 requirements, which state:
“legal requirements that an organization has to comply with and other requirements that an organization has to or chooses to comply with”. … “Compliance obligations can arise from mandatory requirements, such as applicable laws and regulations, or voluntary commitments, such as organizational and industry standards, contractual relationships, codes of practice and agreements with community groups or non-governmental organizations.”
The two types of law list service providers
Since the introduction of ISO 14001 in 1996, numerous regulatory database companies have emerged. Each one with varying levels of data organization (by industry, issue, …) and meta-data (key requirements, published and in force dates,…) to satisfy an ISO 14001 auditor. Nimonik is one such company. However, there is an important nuance to draw amongst these companies.
There are two “types” of companies that offer register services:
Global Providers provide a broad overview
Global providers emerged through requests from corporate head offices to have a general overview of their EHS requirements, across all the geographic locations. ENHESA is a typical example. Created out of a request from General Electric, ENHESA was acquired by a private equity firm in 2016. ENHESA designed its product for the Global VP EHS and their team, who want to have just the principal laws, regulations, and information for their global locations. Companies with global ISO certificates find such a global service desirable.
Local Providers focus on the details
In contrast, there are many companies with individual ISO certificates for each of their plants. They often delegate the management system responsibility to the plant or regional level. This level if delegation has driven the creation of companies who often focus on just one country or region, hence local. Instead of the global head office, they service the factories directly. Some examples are, Notisum— a big player in the Nordic countries, Nimonik in the US, Canada and China (now global), Pegasus in Ireland, Waterman in the UK, and EchoLine in France. These are the dominant players in their markets, although there are many many more.
The principal difference between the two types of companies – global and local – is the detail of regulatory coverage, updates and analysis.
The local players go into a lot more detail. They cover not just the regulations, but also the guidance documents, standards and other useful information for EHS compliance. They focus on the deliverables required at the factory level, such as task assignment, flexibility, and low cost. Most of the local players also offer in-house software platforms, because integrating content with existing software is expensive for a single plant.
Global regulatory providers tend to have a lower level of detail, but they focus on standardizing the data to help their clients compare EHS requirements across various jurisdictions. For example, a VP may want to see what the Personal Protective Equipment requirements are in Canada, the United States, China, and Portugal. Since different countries use different terminology, standardization of data is critical to provide this information. Global players also tend to integrate into EHS platforms as many multinationals have invested in these and want all of their data in one location. Lastly, Global Legal Register companies tend to be more expensive due to their need to maintain data in many countries with a team of consultants that are experienced and multilingual.
There is no perfect company for your Compliance Obligations or Legal Registry needs. However, you should carefully look at the companies you are considering and understand if they are a result of an EHS compliance problem at a local, operational level, or a global managerial level. The history of a company often determines its strategy and its approach to solving problems. I can only speak for Nimonik, which comes from a local/operational level and has invested heavily in technology to process global EHS data efficiently. Nimonik now offers a comprehensive global database and provides an extremely easy to use web and mobile platform, while also integrating with SAP, Enablon, Gensuite, Intelex and others.
To discuss your legal registry options more, please send an email to firstname.lastname@example.org