Best Practice Solutions Series Volume 8: Understanding What the Law Means—and Requires You to Do

by Tjeerd Hendel-Blackford 20 Mar. 2019

Greetings reader! Thanks for joining us for the eighth volume of the 12 Best Practices of Compliance Solutions Series.

In this series we will address twelve of the key challenges you face, one-by-one, with best-practice advice derived from over a quarter of a century of support to global industry!

Volume 1, regarding staffing challenges, can be accessed here.

Volume 2, on the challenge of mergers and acquisitions, can be accessed here.

Volume 3, on getting leadership commitment, can be accessed here.

Volume 4, on ongoing compliance management, can be accessed here.

Volume 5, on rolling out a global program, can be accessed here.

Volume 6, on self-assessing/auditing, can be accessed here.

Volume 7, on applicability, can be accessed here.

In this volume we examine the challenge of understanding what the law means—and requires you to do.


In a recent survey of Enhesa clients, the second biggest challenge they faced prior to choosing Enhesa was “managing regulatory complexity”.[1] In summary, this means understanding what complex laws requires you to actually do—or not do—to comply. Legal language is dense—legal texts are often littered with complex terms, cross-references and exceptions.

This is highlighted by the example of the United States’ Federal OSHA Training Standards.

You are of course free to peruse the full 270-page (!) document at your leisure, but the likelihood is that you will still be left with the following questions:

  • Which standards are mandatory?
  • Which ones are guidelines?
  • Which ones apply to a specific operation?
  • What do I need to do?

We can also look at a separate example from Brazil: Regulation SEMAD/IGAM Joint Resolution 2.302 of October 5, 2015 establishes criteria for the implementation of a measuring system to monitor the use of, and interventions in, water resources (aimed at the adoption of control measures) in the State of Minas Gerais. The Regulation contains some 40 provisions (29 articles plus about 11 paragraphs)—not counting the subparagraphs. However, when we give one of our Brazilian regulatory consultants the task of analyzing this law, we find that there are only 7 compliance requirements amongst these 40 provisions.

There will be typically hundreds of laws applicable to manufacturing sites in the jurisdiction they operate in, so the challenge of understanding what is required is multiplied many times over. Keeping up with changing laws adds another level of complexity.

On top of all this, EHS site personnel, the ones actually managing compliance with these laws, typically have no legal background. They will be extremely busy doing a multitude of EHS management tasks.

All of these factors increase the possibility of non-compliance.

Best Practice:

How do you meet this challenge? Without doubt, the best approach to making sense of your regulatory obligations is to leave this to the experts and make use of a reliable provider of quality regulatory compliance intelligence that includes:

  • Ability to pre-screen laws and their requirements
  • Clear, plain language summaries of regulations and their requirements
  • Guidance on what those requirements mean
  • Service that comes in English and the local language

If we apply this to the example from the OSHA Training Standards above, Enhesa regulatory analysts would have broken down the standards down for you. In this specific example, Enhesa identifies training as an individual requirement based on certain conditions that exist at a specific facility:

“If the facility is required to have a Spill Prevention Control and Countermeasures (SPCC) plan, it has trained all oil-handling personnel in the operation and maintenance of equipment to prevent discharges; discharge procedure protocols; applicable pollution control laws, rules and regulations; general facility operations and, the contents of the facility SPCC Plan.”

Each requirements is then accompanied by detailed Guidance. The guidance for the above requirement is below:

Guide Note: Personnel must be trained in spill prevention control and countermeasures (SPCC) if they are involved in oil handling, transfer, storage, spill response or maintenance of oil equipment. They must also have an annual briefing to update their training. The annual briefing must: assure adequate understanding of the facility's SPCC plan, highlight and describe any known discharges, failures or malfunctions and any recently developed precautionary measures. Employees who are not directly involved in those operations do not need the training, but must be trained if their job description changes and they pick up those responsibilities. They must be retrained if there is any change to the SPCC plan. The regulation does not specify a format for the training, but it is typically administered via PowerPoint or online with a short quiz through which employees can demonstrate completion of the training.

Each requirement will also have an indication of related documents required to help ascertain compliance. In this case, the documents include:

  • Spill Prevention Control and Countermeasures (SPCC) plan
  • Employee training records

On top of this, it is also crucial to ensure that your source of regulatory information is regularly updated and any changes are clearly communicated.

Finally, it is important to have access to a regulatory support service to help address complex regulatory questions that can arise in relation to the specific site operations.


In conclusion, it is worth deferring to the practical experience of some of our clients:

Jeff Reddick of JCI: “One of the key standouts from the Enhesa offering was the dynamic view of legislation. It is not just a snapshot of the text of the law, there is an analytical element, and this is coupled with continuing education and updates.”

Another key benefit has been how [Enhesa] gives us a strong baseline of information. We can’t have extreme knowledge everywhere – one plant manager cannot manage, for example, everything regarding EHS laws in France. With the Enhesa services you don’t need to be able to read French…which means we can help to manage things as well. We can deal with things faster as we have the solutions in place – and this means we can address things before they get on top of plant managers.”

Matoo Ohara of Omron: Enhesa provides EHS regulatory information worldwide in a way that is easy for non-legal people to understand. If it is for Japan, it is not too difficult for us to obtain regulatory information by ourselves, but for other countries, it is almost impossible for us to obtain all the necessary information using our internal resources.

You can obtain regulatory information from other sources. However, other sources of information are usually not interpreted on to the requirement level and you need to carefully interpret what each law is asking for by yourselves. As for Enhesa’s information, when you receive it, it comes with requirements readily available for you to utilize at any site. This is the great advantage of Enhesa’s information. Since obtaining and understanding regulatory requirements, staying current on regulatory information, assessing and managing compliance are all components of our EHS regulatory compliance management process, Enhesa’s services have met Omron’s needs well. This is the biggest reason that we use Enhesa’s services.”

[1] The first, was “keeping up with global EHS regulatory changes”.