EPA Internal Auditing Policies: Guarding Against Violations & Penalties Speakers: David H. Quigley is a partner with Akin Gump Strauss Hauer & Feld LLP. David handles an array of environmental matters including transactional, enforcement litigation, regulatory compliance and legislative development. Daniel Spandau of DJS Consulting is an Environmental Risk Consultant with over 25 years of experience providing environmental services to Fortune 500 companies. Mr. Spandau specializes in environmental risk assessment and strategic opportunity analysis.

1. EPA Internal Auditing Policies:
Guarding Against Violations & Penalties
David Quigley, Esq., Akin Gump Strauss Hauer & Feld, LLP
Daniel Spandau, Senior Consultant, DJS Consulting Inc.
April 20, 2010

2. David Quigley
David H. Quigley is a partner in the law firm Akin Gump Strauss Hauer & Feld. David’s
practice covers an array of environmental matters, including transactional, enforcement
litigation, regulatory compliance, lobbying and legislative development.
David’s transactional experience itself covers a broad spectrum. He has managed
environmental due diligence in connection with acquisitions totaling over $1 billion in assets.
He drafts the environmental representations, warranties and indemnities provisions in
complex mergers and acquisitions and has negotiated the scope of those provisions.
David’s regulatory compliance practice focuses on issues arising under the solid and
hazardous waste regulations. More specifically, he counsels major gasoline distribution
companies with respect to the requirements governing releases from under- and above-
ground storage tanks, as well as providing day-to-day compliance assistance. In addition,
Mr. Quigley counsels private and public entities with respect to cost recovery actions under
the Comprehensive Environmental Response, Compensation and Liability Act (CERCLA).
Mr. Quigley advises clients on policy issues associated with the Clean Air Act's emission
regulations and ozone depletion provisions, global climate change, and related greenhouse
gas issues. He represents clients regarding these issues before members of Congress, the
Environmental Protection Agency, and the Department of Energy.
Mr. Quigley received his B.S. with distinction in natural resources from Cornell University in
1995 and his J.D. in 1998 from Harvard Law School, where he served as a line editor of the
Harvard Environmental Law Review. He is a member of the District of Columbia, New York
and New Jersey bars.
Mr. Quigley presents on compliance issues typically three to four times per year. He
recently authored “From Red to Black by Way of Green: The Use of Risk Transfer Strategies
to Turn Environmental Liability into Opportunity,” Inside the Minds, Environmental Deal Law
Strategies, Aspatore Books.

3. Daniel Spandau
Dan Spandau is President and Senior Consulting Partner with DJS Consulting, Inc.
He has been working in the environmental field for over 30 years and has worked
specifically with Petroleum Retail Marketers since the late 80’s. His work has
been focused in the storage of petroleum products, regulatory representation,
evaluation of insurance risk transfer instruments, environmental remediation,
audits, training, and the design and implementation of management systems to
help monitor regulatory compliance practices.
Dan has a degree in Chemistry and an MBA with a focus in Information
Management. He spent 10 years working with the EPA and the Department of
Energy developing instruments to monitor Environmental Pollutants.
In 1988, Dan started a commercial environmental laboratory for a Pump and Tank
contractor in the Northeast. As an executive member of the staff, he helped
expand the business into a national firm that offered Engineering, Permitting,
Construction, Maintenance, and Environmental services to Petroleum Retail
Marketers and Distributors. Dan has been an independent consultant since 2000.
Dan’s focus over the last 5 years has been assisting Petroleum Marketers and
Distributors, Environmental Law Firms and Real Estate Investment Firms deal
with regulatory changes by helping them evaluate, design and implement
programs to streamline regulatory compliance.

4. Environmental Compliance as Risk
Avoidance
New Properties
Due Diligence
Phase I and II Assessments
Addresses Environmental Conditions
New or Existing Properties
Environmental Audits
EPA’s Approach to New Owners
Addresses Environmental Compliance

5. Environmental Audits
“Incentives for Self-Policing: Discovery,
Disclosure, Correction and Prevention of
Violation” (60 Fed. Reg. 66,706).
Originally published on December 22, 1995.
Incentives for detection, prompt disclosure, and
expeditious correction of violations of Federal
environmental requirements.
Remove or reduce gravity-based element of
civil penalties.
No recommendation for criminal prosecution.

6. Self-Disclosure Policy
What do the incentives
mean?
Gravity Matrix (RCRA)
EPA civil penalties typically
have two components.
Gravity of violation.
Economic benefit from
violation.
Extent of reduction based
upon how many of policies
“conditions” met.
100 % reduction if meet
all conditions.
75% reduction if meet all
but first condition.

7. Self-Disclosure Policy
What are the conditions?
Systematic audit or management system.
Voluntary discovery.
Prompt disclosure.
Independent discovery and disclosure.
Expeditious correction and remediation.
Prevent recurrence.
Not a repeat violation.
No imminent / substantial endangerment.
Cooperation with regulator.

8. Self-Disclosure Policy
Who do you disclose to?
Who has approved programs (EPA)?
36 states
District of Columbia
Commonwealth of Puerto Rico
What if you are somewhere else?
NY
NJ
Etc.

9. Self-Disclosure Policy History
2000 revisions (following 2007 FAQ guidance
2-year evaluation) FY 2011: increase
Lengthened period for number of facilities
“prompt disclosure.” conducting audits.
Clarified rules with FY 2008: eliminate
respect to newly- 400,000 pounds of
acquired facilities. pollutants through
Eased repeat audits.
violation Focus on new
prohibition. owners, audit
Set rules for agreements.
disclosing violations
discovered during
acquisition.

10. Self-Disclosure Policy
Approach to new owners
“encourage owners of newly acquired
facilities to undertake a comprehensive
examination of and improvements to a
facility’s environmental compliance.”
Relaxes Audit Policy requirements
Offers additional flexibility
Audits by agreement
Extends reporting deadlines

11. Maintaining Compliance
Program to address Federal, State and Local regulatory
requirements
Program that can be easily applied to newly acquired
properties
Standardize program throughout company
Paperless, centralized compliance document management
system
Information system to allow management to have real-
time compliance snapshot
Information flow and reporting that is proactive

12. Proactive Compliance Program
Plan and Identify Management Training Refresher Training
Process Management Operating Procedures Redundant Processes
Development Solution Full Scale Deployment Information Systems
Small Scale Testing Management Reports Document Management
Trend Analysis Operator Training Auto-Notification
Refine Solution Subcontractor Training Near Real-time reporting
Identify Additional Opportunities
Step 1 Step 2 Step 3
Create Implement Refine and Improve

13. Responsibility and Accountability
Identify who is
responsible and Training
accountable for
completing a task (liable
Leak Processes
to be called on to answer Detection Procedures
/ has the ultimate
ownership)
Compliance
Every program needs
checks and balances
Quality Assurance and Risk Information
Management Systems
Quality Control
Set of procedures to
follow Maintenance
Clear set of standards

14. Process Steps
Data collected to Programs are designed to
determine 1st steps incorporate manual
Key areas of concern are systems used to track
identified, tracked compliance
Service provider Core programming is
information and services built around audits
are reviewed and Small scale field
modified to be more test
informative Data collection are run
Company positions are for 4-6 months and
reviewed to incorporate a reports are designed
compliance scope to extract and analyze
data

15. Process Steps
User input modules allow Service providers work
audit information to be tasks are modified as
uploaded from remote / required
home offices Feedback systems are
Each item assigned a shortened Management
responsible party. Emails reports are designed
auto-notify on non- All in Drilldown design
compliance Training programs for
Reports document open Management, Supervisors
items by responsible and Service Providers
party, aging, region,
territory, etc.

16. Process In Practice

17. Process in Practice
• Perform field audit (preprinted form)
• List of previous open items and
pre-printed historical information
• Verifies data
• Web entry
• Data System verification
• Identifies responsible party
• Auto-notification
• Electronic receipt received by
auditor
• Data System follow-up
• Management reports updated
• Real-time compliance analysis
• Tracking reports and trend
reports by Company, Region,
Location, personnel or sub

18. Can We Be 100% Compliant?
Exposure to many variables not controllable
Mechanical failures
Electronic failures
Exposure to many variables are controllable
Paperwork filings
Required Daily, Weekly and Monthly inspections
Delivery issues
Proper maintenance, Subcontractor performance
Regulatory Violations

19. How to eliminate 85% of violations
15 to 30 minutes per day
Operator inspection
fill out required forms and logs
Repair, replace or request maintenance
2 hours per month
Company compliance audit
Review of operator responsible items
Make sure documents are available
Monthly review
Company management
Trends, performance, regulatory changes
Annual wrap-up

20. Where should we spend our money?
Technology is primary
Productivity enhancements
Evaluate Locations
Cost for upgrade or divestment
Training – Management and Operator
Document Management
Understanding of Regulatory Environment

21. Compliance Investment Returns
Design systems and programs that have:
Owner and management support
Long term – scalable
Flexible – incorporate change
Ability maximizes current technology
Ability to collect, organize and analyze data
Ability to target current expenses that can be
internalized or eliminated
Excellent information on current status, trends and
target/prioritize expense initiatives
Convert Man-Year efforts into technology based
solutions
Document Management System