Proposed Revisions to EPA s Risk Management Program (RMP) Rule (3/14/16)

Transcription

1 Proposed Revisions to EPA s Risk Management Program (RMP) Rule (3/14/16) Introduction AcuTech Consulting Group 1919 Gallows Rd., Suite 900 Vienna, VA Tel: The EPA published a Request for Information (RFI) on July 14, 2014 listing 24 possible areas of revision to the RMP Rule, which has not been modified since its adoption in June On March 14, 2016 EPA issued a Notice of Proposed Rulemaking (NPRM) in the Federal Register. This NPRM contains a draft revision to the RMP Rule incorporating several of the items discussed in the July 2014 RFI. An explanation of the proposed revisions to the RMP Rule is provided below. Proposed Revisions to RMP Elements Incident Investigation (RMP Program 2 and Program 3) The proposed rule would require sites to conduct a root cause analysis using a recognized method as part of an incident investigation following a RMP reportable accident or an incident that could reasonably have resulted in a RMP reportable accident (i.e., near miss ). AcuTech Explanation: The current RMP (as well as OSHA s PSM Standard) require that incident investigations identify the causal factors for the incident or near miss but do not explicitly require the root causes be identified. Root cause analysis (RCA) is a very common component of current formal incident investigation processes and procedures. Root causes, in the context of incident investigation, are the basic, systemic reasons why an undesired event occurred. The root causes cannot be broken down into further causes and they can usually be traced back to failures in the underlying management systems. Process safety incidents usually have more than one root cause. There are various different types of simple and more complex RCA methods available, including internal corporate methods, methods published in literature, and commercial methods, some with accompanying software. These analyses generally require someone trained in the technique to facilitate the analysis. 1

2 Compliance Audits (RMP Program 2 and Program 3) The existing rule requires Program 2 and Program 3 processes to conduct a compliance audit at least once every 3 years. The proposed rule would require sites to contract with an independent and qualified third party to conduct the next scheduled compliance audit following a RMP reportable accident or within 12 months, whichever occurs sooner. Third party compliance audits would also be required after an implementing agency (i.e., the agency that enforces the RMP Rule for a site) determines that certain circumstances exist that suggest a heightened risk for an accident. The specific qualifications include: Competency requirements: knowledgeable with the requirements of this part, experienced with the stationary source type and processes being audited and applicable recognized and generally accepted good engineering practices, trained or certified in proper auditing techniques; and have at least member of the audit team who is a licensed Professional Engineer (P.E.). Independence and impartiality requirements: The auditor/audit team shall act impartially, receive no financial benefit from the outcome of the audit, apart from payment for the auditing services, not have an existing or recent business/consulting relationship (3 years before or after the audit). All personnel involved in the audit will be required to sign and date the conflict of interest statement contained in the revised Rule. Auditors shall have written policies and procedures to ensure that all personnel comply with the competency, independence, and impartiality requirements of this section. The proposed rule also requires that the audit report identify the lead auditor or manager, participating individuals, and any other key persons participating in the audit, including names, titles, and summaries of qualifications demonstrating that the competency requirements have been met, and the report also must document the auditor s evaluation for each covered process, of the owner or operator s compliance with the provisions of the Rule. The auditor shall retain copies of all audit reports and related records for a period of five years, and shall submit the audit report to the implementing agency at the same time, or before, it provides it to the site owner/operator. Also, the audit report and related records shall not be privileged as attorney-client communications or attorney work products, even if written for or reviewed by legal staff. Corrective action plans in response to RMP audits must be generated within 90 days of the finalization of the audit report. RMP audit records retention have also been strengthened to requires that draft reports be retained for the past two audits and that they be submitted to the implementing agency upon request. 2

3 AcuTech Explanation: The proposed changes to the RMP Rule for compliance audits are profound. Definition: The implementing agency for the RMP Rule is the government agency that is responsible for enforcing the rule. There are currently 9 states and 5 counties in the U.S. that have been granted implementing agency status by EPA: NJ, DE, MS, FL, GA, ND, NC, OH, SC, Allegheny County, PA (Pittsburgh); Jefferson County, KY (Louisville); Forsyth County, NC (Winston-Salem); Mecklenburg County, NC (Charlotte); and Buncombe County, NC (Asheville). In the remainder of the U.S. the implementing agency is EPA itself. Third party audits would be required 1) when the site has had an incident qualifying for inclusion in the RMP five-year accident history, or 2) when the implementing agency requires a third-party audit based on non-compliance with the requirements of the RMP Rule (including when a previous third-party audit failed to meet the competency, independence, or impartiality criteria). This means that an implementing agency could require a third party audit if it discovers that previous audits were performed by internal (i.e., company) personnel, or that the auditors did not contain competent personnel (e.g., no P.E. on the team). The proposed rules require at least one auditor be a P.E. Other related certifications, e.g., Certified Process Safety Auditor (CPSA), Certified Safety Professional (CSP) will be evaluated by EPA during rulemaking. The P.E. certification has been selected by EPA for now because of the ethics provisions in state laws governing the work of P.E.s. The accredited organizations granting CPSA certifications (BEAC/IIA) also have a code of ethics for those granted the certifications. The same is true of many other professional credentials. The impartiality provisions proposed by EPA would allow a contractor/consultant to be either an auditor or a consultant for a given owner/operator (at least within a 3-year window before and after an audit), but not both. The current definition of owner/operator in the RMP Rule (no proposed changes) is the person who owns, leases, operates, controls, or supervises a stationary source. It is not clear if the impartiality provision applies to the entire company that owns/operates the facility/stationary source, or only the facility/stationary source itself. In other words, could a contractor/consultant conducting a third party audit be allowed to perform consulting services for a different facility in the same parent company? EPA did state that audit firms with personnel who, before working for the firm, performed services for the owner or operator as an employee, contractor or consultant, meet the rule s independence criteria when such personnel do not participate on, manage, or advise the audit teams. There is also a proposed impartiality provision that prohibits employment of a third party by the owner/operator for 3 years after the audit. The requirement to evaluate each covered process during the audit is not consistent with current industry EHS and process safety auditing approaches which routinely include sampling techniques, including selecting focus/representative units at sites where there are multiple RMP covered units, e.g., an oil refinery, where there are typically covered units. This could result in significantly increasing the time and cost required to perform a compliance audit. 3

4 For the first time, an audit report will be required to be submitted to the implementing agency. Audit reports have always been available for review but the contents or a summary of them was not required in periodic RMP submittals to EPA. The method of submission (i.e., online or other method) was not specified in the NPRM. It has been the occasional practice for sites to perform RMP audits under attorney-client privilege for various reasons. This can still be done, but the audit reports, field notes, and other related documents generated as part of conducting the audit cannot be shielded under privilege or classified as attorney work products. Audit reports and the documents used to track and manage the audit corrective actions, when the audit was conducted by a third party, must be submitted to the company board of directors, or a similar committee/group, if one exists. Although PSM and RMP audits are often performed as governance activities in many companies, it is not common for the company s directors to receive the audit reports directly, although this is not unheard of. Companies that follow this practice usually have done this by extending the Sarbanes-Oxley reforms in financial/business auditing practices to their EHS audits. This proposed change to the RMP Rule will be the first formal adoption of such a practice in process safety regulations. The proposed changes also require that draft third party audit reports be retained for the past two RMP audits, and that these reports be submitted to the implementing agency upon request. Interestingly, this does not include related audit documents (e.g., field notes and other documentation collected or created by the audit team). Nonetheless, this is likely to have the effect of suppressing the way audit reports are written. Companies will not want differences of opinion to be displayed in draft documents, which is a normal occurrence in the generation of audit reports (or any similar activity, such as a PHA report). Draft reports are just that, i.e., they are always subject to editing and revision before become final documents. Clearly, EPA is very concerned that the true findings and opinions of third party auditors will be altered, diluted, or even deleted by the company s subject to third party audits and that the drafts must be retained to protect against this practice. 4

5 A company official will be required to sign a certification statement for the third party RMP audits. The language of the certification statement includes stipulations that the reports were received, reviewed, and responded to, and that that appropriate responses to the findings have been identified and deficiencies were corrected, or are being corrected in accordance with the regulations. The position of the company official signing the certification statement is not described in the proposed rule change. Process Hazard Analysis (RMP Program 3 only) Under the proposed rule, sites in NAICS codes 322 (paper manufacturing), 324 (petroleum and coal products manufacturing), and 325 (chemical manufacturing) with Program 3 processes would be required to conduct a Safer Technology Alternatives Analysis (STAA) for each process as part of their process hazards analysis (PHA), which occurs every 5 years. The STAA requirement includes two parts: 1) the initial analysis to identify alternatives, and 2) a feasibility study to determine the costs and assess the reasonableness of implementing technology alternatives. Risk reduction measures identified in PHAs shall consider, in the following order of preference, inherently safer technology or design, passive measures, active measures, and procedural measures. AcuTech Explanation: STAA is another term for an Inherently Safety Technology (IST) analysis. This has been a mandatory requirement in two jurisdictions in the US for over five years: New Jersey, which has a state process safety regulation and is the implementing agency for the RMP Rule in that state, and Contra Costa County, CA (CCC). Both of these jurisdictions have requirements for IST reviews. These reviews are generally performed in accordance with guidance published by CCPS (Inherently Safer Chemical Processes A Life Cycle Approach, 2 nd Ed.) and have resulted in improvements to existing processes but not mandated changes to processes involving the substitution of chemicals or the moderation of process conditions. Most of the changes identified by site-performed IST reviews have resulted in improved tolerance for human error (referred to as Simplification in the CCPS IST book), or minimization of chemical inventories where site operations allow. EPA has proposed to perform the STAA as part of the PHA process and limit the requirement to only selected RMP-covered facilities which are the larger and more complex sites within the RMP community (i.e., sites with Program 3 processes in the petroleum, paper manufacturing, and chemical manufacturing sectors). The proposed rule change does not include any criteria or acceptance guidance for the feasibility portion of the STAA. The successful regulation of IST is a difficult prospect. The following is quoted from the testimony of David A. Moore, the President and CEO of AcuTech before the U.S. Senate in June 2006 regarding IST and its regulation: The definition of inherent safety is vague and involves considerable judgment that it is very difficult to define and implement to any degree of uniformity and objectivity. This is particularly true in the chemical sector where the diversity of chemical uses and processes and site specific situations prevents clear characterization of the industry and a one-sizedfits-all solution. IS can also be very subjective how safe or secure is safe or secure 5

6 enough is a decision of the analyst conducting the study. There are no clear and objective guidelines on how to make these decisions as it is considered both a concept to apply as one sees fit and as opportunities arise. In actual practice this has proven to be problematic because inherent safety, at this stage in its development, is more of a conceptual methodology rather than a codified procedure with a well-established and understood framework for evaluation and implementation. To isolate inherent safety as a particularly necessary one is good practice but not necessarily good government regulation. IST is not the panacea. Thus it very difficult to regulate. Another obstacle to the regulation of inherent safety is the lack of consensus on appropriate inherent safety metrics. Assuming that a regulation is performance-based, there must be metrics for consistent regulation. These criteria are very hard to define with a broad conceptual topic such as inherent safety for the wide variety of chemical processes to be regulated. If inherent safety regulations encourage individual plants to take the most inherently safe position to them, that is not necessarily the most inherently safe (or secure) position for the community they operate in thereby potentially increasing the societal risks. A common example is that of transportation risk, where the increased number of transits caused by lowering the onsite volume of a required feedstock increases the number of transits through the communities in the distribution chain. In addition, though, is the prospect that the total societal risk from a wide collection of inherently safer individual decisions leads to a redistribution of risk across the country the analog of squeezing a balloon. In addition to problems with trying to regulate IST, it is potentially a very difficult technical issue for many companies, particularly for those with single products, or those where there is only one reaction or type of feed material which can yield the product desired. It could represent a real dilemma for such facilities/companies. Emergency Planning (RMP Program 2 and Program 3) Under the proposed rule, all sites with Program 2 or Program 3 processes would be required to coordinate with local response agencies annually to determine response needs and ensure that response resources and capabilities are in place and adequate to respond to an accidental release of a regulated substance, and also to document those coordination activities. The proposed rule also includes a provision enabling the Local Emergency Planning Committee (LEPC) or local emergency response official to require that the RMP site comply with the emergency response program requirements of the RMP Rule, which requires the site to develop an emergency response program that includes: an emergency response plan, procedures for use, inspection and maintenance of response equipment, training for responding employees, and procedures to review and update the program. 6

7 Additionally, all sites with Program 2 or Program 3 processes would be required to conduct the following emergency response drills and exercises: A notification exercise annually to ensure that the emergency contact list is complete, accurate and the communications mechanisms work. This exercise may be combined with other drills and exercises required. A roll-out exercise in the field at least once every five years, or within one year of an event that qualifies for inclusion in the RMP 5-year accident history. A table-top exercise at least annually except during the year when the roll-out exercise is conducted. Further, the proposed rule would require invitations to local emergency responders to participate. All drills and exercises must be critiqued in writing within 90 days and the recommendations for improving the emergency response program be tracked and managed. The proposed rule defines the minimum requirements for an emergency drill/exercise critique report. The site ERP must also be reviewed at least annually to ensure that it is up-to-date and that lessons learned from drills and exercises are reflected in the plan. Drill/exercise critique reports would also have to be provided to the public and be retained for at least 5 years. AcuTech Explanation: There are two aspects to the proposed RMP rule change that have significant impacts on the status of emergency response programs and their implementation: The proposed RMP Rule change makes the coordination step with local responders the determining step as to whether a site must become a responding site (a responding site is one which will take offensive action to control and mitigate the hazard, whereas a non-responding site is one that will activate only an emergency action plan to protect its employees and account for them). This is different from the original RMP Rule where the decision to not respond was made by the site and then coordination was completed to ensure that the local community emergency response plan included the site and that communication capabilities were in place to inform the local responders. This is a subtle change in the process of deciding whether to respond or not. If the coordination reveals that the local responders cannot or will not respond to events at the site, the inference is that the site will then become a responding site. Additionally, if the coordination fails despite good faith efforts by the facility then the burden for providing an emergency response plan lies with the owner/operator. This has a minor effect in the RMP Rule by itself because it does not invoke other emergency response related regulations, nor does it impose any detailed requirements for such response capability. However, if a site becomes a responding site under RMP, it is very likely that OSHA will then consider it a responding facility under the PSM Standard. This will have a very significant effect on such facilities because a responding facility under PSM must implement certain portions of the HAZWOPER Standard, which impose substantial emergency response capabilities for these facilities. Additionally, the LEPC could request in the writing that the site become a responding site, which would invoke these other requirements. Many smaller RMP-covered sites have chosen not to become responding sites because of the significant 7

8 burden of maintaining the necessary personnel, skills, equipment, and recurring training required to be a functional responding site under PSM. EPA believes that some sites that are currently designated as non-responding sites may become responding sites. Does this proposed rule change infer that EPA believes that RMP sites should bear the emergency response burden of protecting the local population and the environment? Although emergency response drills and exercises are not currently mandatory under the RMP Rule many sites perform such drills or exercises because other federal or state laws/regulations requires them (including security regulations affecting the chemical/process industry such MTSA and CFATS), or the sites perform them voluntarily because they realize that the functionality of ERPs cannot be accurately predicted without drills and exercises, regardless of how well-written or comprehensive they appear on paper. Note that this is also true for PSM-covered facilities unless the facility is subject to 29 CFR (p) which is the portion of the HAZWOPER regulation applicable to RCRA TSD facilities, for whom drills and exercises are mandatory. Most of these drills and exercises are conducted at least annually and are a combination of table-top exercises and roll-out drills in the field. Additionally, most RMP-covered facilities have routinely combined required or voluntary process safety, environmental (e.g., pollution releases), and security drills and exercises. In nearly all RMP-covered sites these activities are formally scheduled, critiqued in writing (usually), and recommendations stemming from them are managed like any other process safety action item. Therefore, the proposed rule change does not impose an unusual or new requirement, but it does formalize the drill/exercise requirements for facilities with process safety risks, including the written critiques and action item follow-up resulting from them. The public access to drill/exercise critique reports is a new requirement. Public Access to RMP Information The proposed rule would require all sites to disclose certain chemical hazard information to the public. The site or its parent company, if applicable, would have to make the information available in an easily accessible manner, which might be presenting information on a company website, posting the information at public libraries, publishing it in local papers, or other means appropriate for particular communities and sites. The information to be disclosed includes names of regulated substances at the site; Safety Data Sheets (SDS); accident history information; emergency response program information; and LEPC or local response agency contact information. In addition, site owners or operators would be required to provide to the LEPC or other local response agencies, upon request, information on all of the following that apply to the site: regulated substances; fiveyear RMP reportable accident history; summaries of compliance audit reports; summaries of incident investigation reports; summaries of implementation of inherently safer technology (IST); and information on emergency response exercises, including schedules for upcoming exercises. Site owners or operators would be required to update this information annually. The proposed rule would also require sites to hold a public meeting for the local community within 30 days of a RMP reportable accident. 8

9 AcuTech Explanation: The enabling legislation for the RMP Rule, which is the Clean Air Act Amendments of 1990 (CAAA 1990) included a public information component about the risks of process safety related chemical releases. The original plan was to have the submitted RMPs be publically available online via the Internet. Even before the events of September 11, 2001, other agencies of the federal government were concerned about the open public availability of such security-sensitive information. Accordingly, the Chemical Safety Information, Site Security and Fuels Regulatory Relief Act (CSISSFRRA) was passed by Congress in August 1999, which among other things, restricted the Internet access of the offsite consequence analysis (OCA) data of sites that was submitted with their RMPs. Following 9-11, the concern about the security of the U.S. chemical industry was heightened even further and the security of OCA and other submitted RMP data was regarded as even more important. When the Marine Transportation Security Act (MTSA) and Chemical Facility Anti-Terrorism Standard (CFATS) regulations were adopted in 2002 and 2007 respectively, both of these regulations imposed careful controls on the access to and release of certain information regarding the chemical facilities subject to them. No other process safety laws or regulations have been passed or adopted that address the security of information about sites covered by the RMP Rule (nor the PSM Standard). It appears now that EPA, in this proposed rule, desires to increase the amount of information and the ease of access to it that describes RMPcovered sites and certain information about their RMP programs. Apparently, EPA believes that this is required under their obligations under the CAAA The security concerns for the chemical/process industry of several years ago has not abated, and has even increased again with the growth of ISIS and ISIS-inspired terrorism. Hopefully, security concerns will again be more important than the proactive release of RMP related information to the public via the Internet. Since 1999 when the CSISSFRRA law was passed there has not been any public outcry that they have been restricted from relevant information about the chemical/processing sites in their communities. Also, there are still ways to access this information that are consistent with existing laws and regulations without posting it on the Internet. Other Changes There were a few other proposed changes in the NPRM: The proposed changes alter RMP submittals to no longer require repetitive date entries for prevention element activities for each process. However, the RMP submittal data set will include data showing the new requirements were met, e.g., what IST changes were made and their categorization (e.g., substitution, moderation, minimization simplification), when emergency response drills and exercises were conducted, etc. Root cause information for 5-year accident history events must be submitted with information about the accident during RMP updates. As described herein, the events that qualify for inclusion in the 5-year accident history are now used as triggers for third party audits and for a roll-out/field emergency response exercise. Some additional changes to the submission of administrative and registration information were also included, but these were relatively minor. 9

10 Timing EPA has proposed the following timing requirements for complying with any final rule: Emergency response coordination activities within one year of an effective date of a final rule. Up to three years for the owner or operator of a non-responding stationary source to develop an emergency response program following an LEPC or equivalent s written request to do so. Comply with new provisions, unless otherwise stated, four years after the effective date of the final rule. One additional year (i.e., five years after the effective date of the final rule) to correct or resubmit RMPs to reflect new and revised data elements. What is Not Included in the NPRM The RMP RFI of July 14, 2014 contained 25 items. Only five RMP programs elements have been addressed in this proposed rule change. All of them are for prevention program elements and emergency response, plus the public access to RMP information. A number of items in the RFI have not been addressed. EPA did not offer any proposed changes to the hazard assessment subpart of the rule. Notable by its absence is any proposal to alter the list of RMP chemicals, particularly the addition of ammonium nitrate, which was the chemical of interest in the West, TX accident. Also, no proposals were offered to change any of the threshold quantities for RMPcovered chemicals. Other high profile prevention program items such as extending the Mechanical Integrity requirements to cover any safety critical equipment, the definition of a recognized and generally accepted engineering practice (RAGAGEP), or organizational management of change were also not addressed. Perhaps EPA intends to make further proposals in other NPRMs, or is waiting until OSHA formally proposes revisions to the PSM Standard to propose further RMP revisions. Conclusions What is the effect on industry PSM programs of the proposed changes to the RMP Rule? The proposed rule change with the most impact on existing RMP programs is the requirement for third party audits. Although many RMP sites rely on external auditors, the impartiality, independence, and qualification requirements in these proposals will result in substantial changes in the way RMP compliance audits are conducted and reported. The proposed changes in the emergency planning subpart of the RMP Rule could potentially force non-responding sites to become responding sites. This would be a fundamental change in emergency response commitment and requirements. The most important aspect of this proposed change is that the emergency response capability and readiness of local responders could determine this shift, not a voluntary move on the part of a covered site. The requirement for emergency response drills and exercises, while more formal in the proposed rule changes, is not a substantial change in current practice. The proposed change to 10

11 the PHA to require a STAA (i.e., an IST review/analysis) is not a new idea, however, this would be, if adopted, the first time that a federal regulation has required it. The impact of the inherent safety proposal will be limited to mostly larger sites. The proposed changes to the incident investigation element to require root cause analyses will not have a substantial impact on site RMP programs as this is a routine practice already. The proposed change to release RMP information via company websites is a return to pre-terrorism notions of public access to certain industrial information, and deserves careful review. Some important questions remain regarding process safety regulations in the U.S.: What changes will OSHA propose for the PSM Standard? Will these be coordinated with EPA for the RMP program? In other words, has EPA refrained from proposing certain RMP changes until OSHA has published its intentions with respect to the PSM Standard? Will EPA add more changes to the RMP Rule beyond those proposed in this NPRM? AcuTech AcuTech specializes in process safety since Our consultants have internationally recognized expertise in process safety and risk management program analysis, development, and implementation, with specialization in the petroleum, chemical, and petrochemical industry. We have deep experience conducting hazards analysis and risk assessments, developing, implementing, and auditing of PSM programs, and offer training and software to assist companies to improve their management systems and reduce risk. We have also helped develop industry guidelines in PSM, including the CCPS Guidelines for Auditing Process Safety Management Systems, 2nd Ed.; Inherently Safer Chemical Processes A Life Cycle Approach, 2 nd Ed.; Guidelines for PSM Metrics; and Essential Practices for Creating, Strengthening, & Sustaining Process Safety Culture (in draft). Our scope of services includes regulatory compliance with federal, state and local requirements, but our abilities extend beyond these standards to enable us to deliver world class services for the most demanding global companies. AcuTech blends strong project management skills with a personalized, responsive business style allowing us to work in harmony with our clients. We emphasize on-time, cost-effective performance, provided by professionals experienced in achieving these goals. Contact us today at our headquarters AcuTech Consulting Group 1919 Gallows Road, Suite 900 Vienna, Virginia, Tel: (703) help@acutech-consulting.com Web: 11