Non-compliance can be explained as a failure to fulfill the specific asks of a regulatory requirement, and can be due to either sub-par system performance or a lack of proper processes in place. System Non-Compliance might include a failure to capture information as per the regulatory objectives, while Process Non-Compliance might include not achieving operating criteria. Either form of non-compliance could cost an organization dearly, with consequences ranging from no action to heavy fines or custodial sentences for individuals. Below is a hierarchy of consequences related to non-compliance, ranked in severity from least to greatest:
- No action
- Additional inspections and changes in permit conditions
- Formal warning, including enforcement/improvement/prohibition notice
- Financial penalty
- Suspension/revocation of permit
- Regulator’s press release
- Prosecution of key individuals
The indirect consequences of non-compliance could be more severe, including reduced production due to workforce and other stakeholder concerns, and a loss of business due to loss of market goodwill. Naturally, companies should seek to achieve a state of total compliance with regulations. We recommend adopting below mentioned philosophy as a first step towards total compliance:
- Institutionalize a structured Non-Compliance Resolution Process to plan, execute, monitor and fix compliance effort throughout the organization. Additionally, this system will also be the custodian of the compliance knowledge-base. This system does not have to be managed solely by one individual; rather, it should be the joint responsibility of a number of people, including at least one person at senior director level.
- This system should be implemented at a strategic level and integrated into corporate plans and policies to deliver and manage compliance on an ongoing basis, allow for efficient resource management, incorporate approved performance benchmarks and provide for recording and communication in a transparent manner in reports.
- But above all, this system should quickly identify any areas of non-compliance and instigate corrective and preventative action in such cases.
The systematic implementation of such a system will not only help you identify non-compliance by highlighting areas of deviation from the policy, but it will also highlight high functioning parts of the system, or opportunities for improvement through periodic audits of the system. The audits will take place within the ‘monitor’ phase of the ‘plan-execute-monitor-fix’ system mentioned above, and are carried out by internal or external personnel nominated as per the audit program. These Auditors are well versed in the company’s field of operation, but would, nevertheless, rely on the company to provide the records of operations towards compliance objectives. The accurate and timely keeping of records is therefore a key part of the process of identifying non-compliance.
Once you have identified areas of non-compliance and taken the necessary action to rectify the situation, it is important to ascertain why the non-compliance happened in the first place. There may be many reasons to it, including operating culture, training needs, cost factors, or even lack of clarity regarding one’s role – but no matter what the reason is, if you do not find it out, you will not be able to prevent a recurrence of the lapse. Other key reasons may include:
- Shortcomings in the audit system with insufficient site and equipment checks
- Management failure caused by poor reporting or notification procedures
- Changing business circumstances and economic priorities
- Changing operating procedures, including operations in new geographies
- New laws and regulations, or simply a contradictory interpretation of regulations
- Natural causes such as unpredictable weather or storms
- Or simply a poor initial target setting
Once you have identified the areas of non-compliance, and examined the reasons thereof, the next step is to make recommendations for improvement. This happens during the ‘fix’ stage of the ‘plan-execute-monitor-fix’ cycle, and will directly respond to the issues highlighted as root cause of non-compliance. Typical recommendations are as shown below:
- Operator not aware of the applicability of a regulation: Education and training
- Human error in implementation: Education and training
- Operating procedure not followed: Education and training
- Equipment design or installation problem: Capital Investment
- Procedure not followed by contracted services: Improved communication procedures
- Poor communication between operator and regulatory agencies: Improved communication procedures
In general, recommendations for the improvement of the performance of Non-Compliance Resolution Process will consist of Capital investment, Staff investment, and Process review. Other inorganic ways of improving the compliance could be to leverage experience gained from corrective and preventive actions, or to leverage external benchmarks and best practices, or even actuating views of interested parties, including employees, customers and suppliers.
If you have reasons to believe that you may have a non-compliance situation at hand, but you are just not sure how to rectify the situation and avoid a relapse, contact us today. We can help!
For more information: