COMPLIANCE
INITIATIVES

Compliance Requirements Discovery, Syndication and Assurance

Includes a Requirements Register and Compliance Calendar

Manages the status of compliance across the enterprise.

COMPLIANCE 
INITIATIVES

COMPLIANCE 
INITIATIVES

Precision from initiation
to close-out.

FACILEX® CI targets Compliance Management requirements for efficient action item tracking and the means to organize all the supporting documentation and evidence collection. The CI business process engages subject matter experts to determine:

Reinforce your process safety system.

FACILEX® is derived from the CCPS Pillars of Process Safety. Compliance Management is integral to maintaining a safe workplace, preventing accidents, and ensuring compliance with safety regulations. It is a proactive approach to risk mitigation that enhances overall process safety.

Questions?
We have answers.

There are several agencies that collectively ensure compliance with environmental laws, public safety, and national security.

Federal Regulatory Bodies

  • Environmental Protection Agency (EPA)
    • Oversees reporting under the Clean Air Act (CAA), Clean Water Act (CWA), and the Resource Conservation and Recovery Act (RCRA).
    • Requires Toxic Release Inventory (TRI) reports under the Emergency Planning and Community Right-to-Know Act (EPCRA).
  • Occupational Safety and Health Administration (OSHA)
    • Enforces safety regulations and requires reporting of workplace incidents under the Process Safety Management (PSM) standard.
  • Department of Homeland Security (DHS)
    • Enforces Chemical Facility Anti-Terrorism Standards (CFATS) and requires security-related reporting.
  • Department of Energy (DOE)
    • May require audits and reports for energy efficiency and fuel production metrics.
  • Pipeline and Hazardous Materials Safety Administration (PHMSA)
    • Requires reporting on the transportation and storage of hazardous materials.

State Regulatory Bodies

  • Enforce state-specific environmental regulations, permitting, and emissions reporting.
  • Regulate oil and gas operations, including pipeline safety and environmental compliance.
  • Oversee hazardous substance reporting and workplace health issues.
  • Regulate land use, particularly if operations affect state-owned submerged lands.

Regional/Local Regulatory Bodies 

  • Monitor air quality compliance within the region and requires emissions reporting.
  • May impose local health and safety regulations specific to industrial operations.
  • Oversee local environmental and water quality compliance.
  • Enforce community right-to-know laws and hazardous materials reporting.

Cross-Jurisdictional Authorities 

  • US. Coast Guard (USCG)
    • Regulates refinery operations affecting waterways and marine safety (e.g., oil spills in the Gulf of Mexico).
  • Federal Energy Regulatory Commission (FERC)
    • Oversees compliance for refineries involved in interstate energy transport or natural gas processing.

A Compliance Solution ensures that highly regulated facilities operate safely, efficiently, and within regulatory frameworks, protecting employees, assets, and the environment.

Increasing Regulatory Burden

Industries face a growing number of regulations from agencies like OSHA, PHMSA, and Homeland Security. Compliance solutions streamline the management of these complex and overlapping requirements, preventing regulatory violations that can result in fines, shutdowns, or accidents.

Enhanced Safety and Risk Management

PSM-covered facilities handle hazardous materials, making safety paramount. Compliance solutions ensure that processes such as Management of Change (MOC), Incident Reporting, and Risk Determination are implemented effectively to minimize safety risks.

Accountability at All Levels

Compliance solutions clarify roles and responsibilities:

  • Individuals: Know what specific tasks they must complete.
  • Sites/Regions: Understand overall accountability for compliance and can rebalance workloads.
  • Corporate Level: Track overall compliance performance, identify trends, and allocate resources efficiently.

Efficiency in Managing Requirements

Facilities face a mix of public regulations (e.g., guidelines from DHS, EPA) and private rules (e.g., contracts, permits). Compliance solutions like FACILEX® simplify managing and integrating these requirements into day-to-day operations.

Systematic Assurance Activities

Staying compliant is an ongoing process. Compliance solutions support:

  • Audits and Inspections: Identify deficiencies or non-conformities.
  • Corrective Actions (CAPAs): Manage resolutions systematically.
  • Self-Assessments: Continuously verify the adequacy of controls.

Adaptability to New Requirements

With constantly changing regulations, compliance solutions provide adaptability. Tools like FACILEX® can be reconfigured for new requirements without programming, ensuring that the facility can respond quickly and efficiently.

Improved Data Visibility and Reporting

Compliance solutions offer advanced reporting and visualization (e.g., through Power BI), providing insights into overdue tasks, upcoming deadlines, and overall performance. This data enables informed decision-making and resource allocation.

Cost Avoidance

Effective compliance management prevents costly incidents, regulatory penalties, and reputational damage. Non-compliance in economically significant facilities can lead to losses exceeding $100 million annually.

Robust compliance management solutions are required for PSM-covered facilities to enhance safety, reduce risks, and maintain regulatory alignment while achieving operational efficiency.

Complex and Overlapping Regulatory Landscape

  • Numerous Regulations: Facilities must adhere to regulations from multiple agencies, such as OSHA’s PSM standards, PHMSA pipeline rules, EPA environmental regulations, and DHS security guidelines.
  • Dynamic Nature of Regulations: Rules often change or expand, requiring constant updates to compliance systems and processes.
  • Overlap of Requirements: Multiple agencies may issue similar but distinct rules, creating redundancy and complexity.

High Stakes in Safety and Risk Management

  • Hazardous Materials: PSM facilities handle dangerous chemicals, and any non-compliance could lead to catastrophic incidents like explosions, leaks, or toxic releases.
  • Process Complexity: Managing the intricate systems, equipment, and operations in these facilities requires precise controls and constant oversight.
  • Critical Implications: Non-compliance can result in not only fines and penalties but also human casualties, environmental damage, and reputational harm.

Multi-Level Accountability

  • Individual Level: Workers need clarity on specific tasks and deadlines amidst a vast array of requirements.
  • Site/Regional Level: Managers must balance workloads, address overdue tasks, and oversee compliance efforts across multiple teams.
  • Corporate Level: Executives need a global view of compliance status, trends, and risks to ensure alignment with organizational objectives.

Managing Diverse Requirements

  • Public Requirements: Laws, directives, and regulations from external agencies require precise interpretation and application.
  • Private Requirements: Internal rules like contracts, joint venture agreements, and permits add another layer of complexity, requiring customized compliance approaches.
  • Asset-Specific Needs: Rules may vary by location, asset type, or operational context, making universal solutions difficult.

Assurance and Monitoring Challenges

  • Staying Compliant: Beyond achieving initial compliance, facilities must continuously verify that controls remain effective through audits, inspections, and assessments.
  • Corrective Actions: Addressing audit findings often involves complex resolutions (CAPAs), which require tracking, validation, and completion.
  • Resource Allocation: Ensuring that high-risk areas receive adequate attention and resources adds to the management burden.

Specialized Knowledge Requirements

  • Subject Matter Expertise: Many compliance tasks, such as reviewing regulations or identifying necessary controls, require input from domain-specific experts.
  • Training: Keeping all employees, from frontline workers to executives, informed and skilled in compliance-related practices demands ongoing training programs.

Data Management and Reporting

  • Volume of Data: Facilities must handle vast amounts of compliance-related data, from source documents to audit findings and CAPA resolutions.
  • Integration: Data from various systems, locations, and formats needs to be consolidated into meaningful reports and dashboards.
  • Timeliness: Reporting must provide actionable insights to address overdue tasks, upcoming deadlines, and emerging risks.

Resource and Time Constraints

  • Limited Resources: Many facilities operate under budgetary constraints, limiting the personnel and tools available for compliance efforts.
  • Urgency of Deadlines: Compliance deadlines are often tight, leaving little room for delays or inefficiencies.

Organizational and Cultural Barriers

  • Communication Gaps: Miscommunication or lack of clarity between different levels of the organization can impede compliance efforts.
  • Resistance to Change: Employees or teams may resist adopting new compliance systems or processes, particularly if they perceive them as burdensome.

Adaptability to Change

  • Evolving Industry Standards: Industry standards and best practices continuously evolve, requiring facilities to update their compliance systems.
  • Technological Advancements: Leveraging new technologies like data visualization tools or compliance platforms (e.g., FACILEX®) requires integration and training.

A key element of OSHA Process Safety Management (PSM) is the requirement for, and adherence to, a Management of Change (MOC) procedure.

Before change Implementation: 

  • document the technical basis for change
  • assess the impact of the change
  • acquire proper approvals

After change Implementation:

  • mechanical integrity inspections
  • pre-startup safety review
  • conduct training
  • update process safety information

The OSHA Process Safety Management (PSM) regulation requires a Management of Change (MOC) procedure to be initiated for asset changes (process chemicals, technology of the process, equipment and facilities) as well as procedures. Furthermore, there is an evolving consensus that organizational changes are also changes that should be managed by MOC. The exception is when the change is a Replacement in Kind (RIK).

“Replacement in Kind” (RIK) in the context of OSHA’s Process Safety Management (PSM) regulation, allows certain replacements that meet original design specifications to bypass the formal Management of Change (MOC) process.

There are three primary assumptions that guide Replacement in Kind (RIK) decisions.

  • “Grandfathering” allows identical part replacements
  • “Generic” permits parts from alternative manufacturers with the same operational criteria
  • “Recognized and Generally Accepted Good Engineering Practices” (RAGAGEP)
  • A Management of Change (MOC) procedure must accommodate a wide range of potential changes from low to high complexity, cost or risk
  • Management of Change (MOC) requires rigorous document management controls for each Management of Change (MOC) project
  • A Management of Change (MOC) project typically involves different participants, skills, authority, etc. to accomplish

The OSHA Process Safety Management (PSM) standard, identifies Process Hazard Analysis (PHA) as a critical component for identifying, evaluating, and controlling potential hazards associated with processes that involve hazardous chemicals.  The analysis involves a systematic review of potential failure points, human errors, and equipment malfunctions that could lead to releases or other hazardous events.

 
  • The current plant hazard configuration must be known
  • Facility process safety information utilized must be accurate and up to date
  • PHA software is required to conduct the analysis and store the project
  • Analysis must be conducted by qualified process safety professionals
  • PHA project recommendations must be recorded, followed-up and closed-out
  • PHA projects require regularly scheduled revalidation
 

API Recommended Practice 1173 (API RP 1173) outlines a Pipeline Safety Management System (PSMS) framework to help pipeline operators manage safety risks, improve operational reliability, and foster a culture of continuous safety improvement. It emphasizes proactive risk management, leadership commitment, stakeholder engagement, and learning from safety-related events to enhance overall pipeline safety.

API RP 1173 Pipeline Safety Management System (PSMS) and OSHA 1910.119 Process Safety Management (PSM) standard both focus on managing safety risks in industrial operations, but they have distinct scopes and emphases.

OSHA 1910.119, the Process Safety Management (PSM) standard, specifically targets facilities that handle hazardous chemicals above certain threshold quantities, such as refineries and chemical plants. In contrast, API RP 1173 is tailored to pipeline operators, addressing the unique risks associated with transporting hazardous liquids and gases over long distances.

Both standards emphasize risk-based safety management, but API RP 1173 is structured around a broader safety culture for continuous improvement and risk management tailored to the pipeline industry. OSHA PSM is more prescriptive, with specific requirements for elements like hazard analysis, mechanical integrity, and process design.

The Center for Chemical Process Safety (CCPS) guidelines complement both the OSHA PSM standard (29 CFR 1910.119) and API RP 1173 Pipeline Safety Management System (PSMS) by providing comprehensive best practices and tools that enhance safety management within hazardous industries.

CCPS guidelines were instrumental in shaping the OSHA PSM standard, and they continue to provide more detailed, in-depth guidance on implementing each PSM element. For example, CCPS covers advanced methodologies for hazard analysis, mechanical integrity, and emergency preparedness that support facilities in meeting OSHA’s regulatory requirements.

CCPS guidelines offer broader safety management principles that align well with RP 1173’s goals. CCPS emphasizes creating a safety culture, continuous improvement, and robust incident investigation—key areas also highlighted in RP 1173. CCPS guidelines provide a toolkit for API RP 1173’s framework, enabling pipeline operators to adapt best practices from the chemical process industry to their own safety systems.

Both API RP 1173 and OSHA PSM promote risk management and a proactive safety culture, and CCPS guidelines delve into these areas with additional strategies for leadership commitment, workforce engagement, and risk-based decision-making. CCPS’s focus on human factors and operational discipline can strengthen compliance with both standards and enhance an organization’s overall safety performance.

In summary, CCPS guidelines serve as a rich resource for both OSHA PSM and API RP 1173 by offering practical, advanced insights that support and enhance compliance while promoting an integrated approach to safety management across hazardous industries.

The EPA Clean Air Act Risk Management Plan (RMP) Rule, found in Section 112(r) of the Clean Air Act, is a regulation designed to prevent chemical accidents that could harm public health or the environment. The RMP rule requires facilities that use, store, or handle significant quantities of certain hazardous substances to develop and implement a Risk Management Plan. Key aspects of the RMP rule include:

  • Hazard Assessment: Facilities must conduct hazard assessments that include a worst-case release scenario and alternative release scenarios, analyzing the potential impacts of chemical releases on surrounding communities and the environment.
  • Prevention Program: Like OSHA’s Process Safety Management (PSM) requirements, the RMP rule mandates a prevention program that includes process hazard analyses, operating procedures, maintenance, training, and incident investigation to reduce the likelihood of accidents.
  • Emergency Response: Facilities must have an emergency response program, coordinating with local emergency planning and response authorities to ensure readiness in the event of a chemical release. This includes notifying the public and first responders of potential risks.
  • Public Disclosure and Community Right-to-Know: The RMP rule requires facilities to submit their RMPs to the EPA, and these plans are made available to the public (with some security-sensitive details restricted). This transparency helps inform communities about nearby chemical hazards and emergency procedures.

The RMP rule applies to industries such as chemical manufacturing, oil and gas processing, and large-scale agricultural operations that use chemicals like ammonia or chlorine. The RMP rule ultimately seeks to protect public health, community safety, and the environment by preventing catastrophic chemical accidents and ensuring coordinated emergency response plans.

Federal EPA standards and regulations complement the OSHA Process Safety Management (PSM) standard, 29 CFR 1910.119, particularly through the Risk Management Plan (RMP) rule under the Clean Air Act, which focuses on preventing and mitigating chemical accidents. Here’s how they are integrated and aligned:

  • Shared Goals for Chemical Safety: Both OSHA PSM and EPA RMP are designed to prevent chemical accidents, but they apply to slightly different aspects of chemical safety and have different scopes. OSHA PSM focuses on worker safety within a facility, while EPA RMP emphasizes the protection of public health and the environment outside the facility.
  • Overlapping Requirements: Many PSM elements (e.g., process hazard analysis, mechanical integrity, and emergency response) overlap with requirements in the EPA RMP rule. These shared requirements allow facilities to develop integrated programs that comply with both standards, reducing redundancy in compliance efforts. For instance, both standards require facilities to conduct hazard analyses and establish robust operating procedures, though RMP also requires an assessment of potential offsite impacts.
  • Incident Investigation and Prevention: Both OSHA and the EPA require incident investigations and continuous improvement efforts to prevent chemical releases, though RMP includes additional components like the development of a worst-case scenario analysis and public disclosure of certain risk information.
  • Coordination and Enforcement: OSHA and the EPA coordinate on enforcement actions and share information to streamline compliance for facilities subject to both PSM and RMP requirements. This collaboration helps avoid conflicting directives and enhances safety management by promoting unified standards.
  • Emergency Response and Community Involvement: EPA’s RMP rule goes further than OSHA PSM in requiring facilities to involve local communities and emergency responders in emergency planning. This requirement reflects the EPA’s broader focus on environmental safety and public health in addition to worker safety.

In essence, EPA standards supplement OSHA PSM by focusing on environmental and public safety impacts, while the two standards collectively ensure comprehensive risk management for facilities handling hazardous chemicals.

What’s your Process Safety Management (PSM) question ?

Please use the form below to contact us.