Best Practices for Assessing and Enhancing Compliance Prior to an Incident

with co-author Carter Williams

In today’s litigation and regulatory climate, companies involved in an incident causing injuries or environmental damage can expect intense scrutiny from litigants, regulators and prosecutors.  While initial questions may focus on the immediate causes of the incident, inquiries quickly broaden.  Soon all aspects of a company’s operations may be under the microscope, including its pre-incident compliance record and culture.

Often, the intense post-incident scrutiny brings to light negative evidence that helps opponents portray companies as being callously indifferent to safety regulations, potentially exposing them to findings of gross negligence, enhanced fines and penalties and even criminal charges.  For example, in the ongoing trial of PG&E for alleged knowing and willful violations of federal pipeline safety regulations and obstruction in connection with the September 2010 explosion that killed eight people and destroyed 38 homes in San Bruno, California, jurors have seen emails suggesting the company ignored safety concerns in the months leading up to the incident and describing pre-incident cuts in safety spending as “near-criminal.”  Similarly, parties to the liability trial following BP’s Gulf of Mexico oil spill focused on documents and actions in the days preceding the blowout as reflective of a corporate culture that put “profits over safety.”  In his decision finding BP grossly negligent, U.S. District Judge Carl Barbier cited various “profit-driven” decisions as reflecting a “conscious disregard of known risks” by BP.

In addition to potentially helping to avoid an incident in the first place, proactively assessing and enhancing compliance prior to an incident will leave companies in a much better position should the unthinkable occur.  While evidence of pre-incident compliance problems, particularly knowing or reckless non-compliance with safety regulations, can certainly make things easier for opponents, the opposite is also true—a robust and effective compliance program makes it harder for opposing parties to demonstrate the extreme departure from standards of care typically required to establish gross negligence or support a finding of punitive damages.  It can also lead to fewer or lesser criminal charges and even help companies avoid such charges altogether.

Where to Begin?

Undertaking a comprehensive search for every undotted “i” and uncrossed “t” could be prohibitively expensive, if not entirely impossible, for most companies.  Fortunately, lessons from prior incidents highlight common problems and can help identify priorities.

A review of investigation reports following incidents involving multiple fatalities and environmental damage in North America over the past several years indicates the following issues are repeatedly cited as contributing causes of such incidents:

• Poor safety culture or an emphasis on putting profits ahead of safety;
• Insufficient, or incomplete implementation of, safety management systems;
• Gaps between corporate policies and day-to-day operations;
• Deficiencies in employee training and supervision;
• Confusion in lines of responsibility or accountability;
• Failure to close out audit findings or implement lessons learned from prior incidents.

Due to their apparent prevalence preceding major incidents, these issues provide a good initial list of high priority items against which to consider your track record and the effectiveness of your policies and procedures before you have an incident.

What to do?

While there is no one size-fits-all approach to assessing and enhancing compliance, the goals are clear: (1) identify gaps where current activities fall short (or appear to fall short) of regulatory requirements or company procedures and (2) work to close those gaps.  Experience with prior incidents suggests the following actions can be effective:

• Assess safety culture, including through employee surveys and interviews, and continually emphasize safety over profits such as by empowering all employees and contractors to exercise stop-work authority whenever they feel conditions are unsafe and ensure they will not face reprisal for doing so;
• Conduct a privileged review of your safety management system and health, safety and environmental policies and procedures to confirm they are sufficient to ensure compliance and that they have been implemented everywhere intended;
• Periodically audit operations to confirm day-to-day activities meet or exceed regulatory requirements and comply with company policies and procedures;
• Regularly review and refresh training materials and seek to identify and remediate any potential deficiencies;
• Take steps to identify any confusion in lines of responsibility or accountability, for example through employee interviews and annual reviews, and clarify any identified issues;
• Confirm that recommendations from prior investigations have been implemented or reasons for non-implementation have been appropriately documented.

In undertaking the foregoing steps, involve your legal department and/or outside counsel where appropriate to maximize available privilege protections.  Doing so can dramatically lessen the likelihood of self-inflicted wounds that can lead to increased liability.

Conclusion

While it may not be possible to prevent every incident, companies that proactively assess and enhance compliance prior to an incident will be much better positioned to manage the intense scrutiny that follows should an incident occur.  Taking steps such as those identified above may serve companies well in the inevitable investigations and litigation that follow incidents as evidence of corporate responsibility and adherence to standards of care.  Companies that do so will be less likely to be found to have engaged in conduct rising to the level of gross negligence or subject to enhanced fines and penalties and may face fewer or lesser criminal charges, or even avoid them altogether.