Business conditions and the regulatory environment have a major impact on your business. Make sure you’re up to speed by listening to Sphera Solution Consultants Andy Bartlett and Abhilash Menon and Solution Executive Tim Floyd as they recap our popular blog on the Top 10 Operational Risks of 2022.
The following transcript was edited for style, length and clarity.
Alex Studd:
Welcome to the SpheraNow ESG Podcast, a program focused on safety, sustainability, and productivity goals. My name is Alex Studd, product marketer at Sphera, with a focus on operational risk management. Today, we’re excited to talk about our recent article, Top 10 Operational Risks for 2022. This was a follow-up from last year’s popular article, which focused on 2021. For this year’s article, we tapped subject matter experts at Sphera to make sense of the risk landscape and determine what it means for ORM professionals. Today, we have three of those experts on the podcast to talk about why those top 10 risks were selected. Those individuals are Andy Bartlett, Sphera’s solution consultant; Abhilash Menon, solution consultant; and Tim Floyd, solution executive. Thank you all for joining the podcast today, gentlemen.
Abhilash Menon:
Happy to be here.
Tim Floyd:
Thanks for having us.
Andy Bartlett:
Hey Alex and guys, great to be here.
Alex Studd:
All right, so let’s dive right into this. Andy, the first risk mentioned in the article is economic ‘supercycle‘. Can you talk about that?
Andy Bartlett:
Yes, Alex. Well, I was at McDonald’s in Newcastle today, picking up some lunch for me and my wife and they had a sign up, “Only one slice of tomato per person.” So, there’s a shortage of tomatoes. Everywhere you go, companies are experiencing material shortages, which challenges their ability to perform repairs correctly. The pressure to do more work, to get back on track – that can result in shortcuts, which indicates a need for a robust control of work process. Also, this pressure to perform challenges the traditional ways of working. Changes are required and this highlights that, always, there is a need to ensure safe methods of work.
Abhilash Menon:
Absolutely, Andy. The changes in the global economy – they’re at a scale that we have not seen before. And honestly, no industry is spared. In the hazardous industry or even in the housing markets right now, safety procedures in the wake of rising costs will be a massive challenge. Speaking of material shortages, though, I have been speaking to a friend in the fragrance manufacturing industry where they have seen that the demand has spiked tremendously, while the raw material shortages have increased costs for them. They can’t really increase the prices across the board. And that’s currently a challenge for them… How do you recover these costs? So, Andy, you and I, we’ve been traveling a lot for work. It’s definitely going to be interesting shopping at the duty-free next time.
Alex Studd:
The second risk on our Top 10 list is new energy, new hazards. What did you mean by that, Andy?
Andy Bartlett:
Well, up here in the Northeast of England, wind energy is big. There are big wind farms, there’s onshore and offshore. There’s quite a bit of damage from the big winter storms. And I can see that the manpower’s out there assessing the equipment and the cranes onshore, mitigating the associated hazards to keep the equipment functioning. In the next town, they’re building the gigantic battery factory. They’re looking for raw materials. They’re recruiting manpower and conducting training. The transportation infrastructure projects – five new railway stations – all bring in their own hazards. And to reduce carbon dioxide emissions, we’ve still got these traditional, qualified coal-fired generators in the UK, and they’re switching to a lower CO2 in fuels with associated higher handling hazards. So, more hazards are coming with the new energy.
Tim Floyd:
Yeah, Andy, I really think that’s a great point. And especially on the batteries, right? These are new energy sources that we aren’t used to having on our sites or at our homes. And we really need to understand what those different sources mean for risk, right? Especially in industrial applications, where we see a lot of lead acid batteries. Those batteries and different energy storage devices are only going to become more and more common. Secondly, when we think about the shift in energy sources, we also need to consider LNG (liquefied natural gas) and hydrogen and biofuels. These have been really in focus as we look at the global climate and see what’s happening in the energy sector. It’s really accelerating how these sources are being brought online. Again, new energy sources are going to bring new hazards. We need to understand how to really manage LNG hydrogen in these biofuels.
Alex Studd:
That makes a lot of sense. The third risk is cybersecurity. Why did that make the list, Abhilash?
Abhilash Menon:
So, Alex, this one is a carry forward from our 2021 trends. And as a team, we thought that this was an extremely relevant one and it’ll only grow in significance. We have heard multiple prominent individuals tell us that data is the new oil. And on a daily basis, organizations generate data, the majority of which is sensitive, operational data. Everything that we communicate today is on the cloud and organizations such as Microsoft, Amazon, and the others are investing massively in this space. They’re also investing in the security aspect of it. But those who are determined will find their way around it. There is someone out there who is smart enough and will find better ways to break through.
And once you are compromised, apart from the challenge of getting back to normal operations, which is estimated to be around 300 days, there is a bigger fallout from the loss of public trust in your reputation for safeguarding data. This is over and above millions you might pay as ransom to get back to your own data. Now we have all read about the person who forgot his IronKey password and is currently locked out of millions in Bitcoin. Now, imagine if someone locks you out from your own company’s data and finances. I don’t think I want to be that person.
Andy Bartlett:
There are some good points there, Abhilash. Looks to me like deleting and damaging data is now part of cyber warfare. I see access to data via biometric scans becoming the norm, as the credit card is now on your phone. Eventually it’s going to be your iris that opens everything.
Alex Studd:
It’s a scary thought. I see workplace turnover is the fourth risk. Why did that make the list, Tim?
Tim Floyd:
Workplace turnover is something that has almost become commonplace in the last couple of years. Whether people are leaving for COVID-related reasons or it’s just a matter of new opportunities being present, turnover has really come into play here. And it’s going to become a major risk. The U.S. Bureau of Labor filed a report that said, “More than one-third of work-related, non-fatal injuries were from an employee that has been on the job less than a year.” That means that new folks who don’t have the experience or on-the-job training present a risk. They’re in a new environment, so they’re going to make mistakes. It’s just the nature of humans.
These statistics are showing us that we need to have mitigating actions in the form of proper training and in the form of proper work instructions, such as permits or job safety analysis. This training needs to be covered in full, comprehensive views. But it also needs to be effective and have appropriate record keeping. The risk there is if you have somebody go through training, but you don’t have the records to back it up in any kind of investigation. If you’re looking for those records and you can’t find them, you don’t have proof that the proper training was conducted. That’s a gap and that’s an operational risk. The same exact thing comes with work execution.
The training is the first line of defense, but then there’s a work permit or work instructions. People may know them as job safety analysis. Those go a long way in prescribing the risk and the controls. You’re instructing them on how to avoid an incident. With training and with proper frontline work instruction, you can combat the challenges that work turnover brings into your environment. And you’re capturing information and knowledge before it leaves your team. Andy is a phenomenal example of somebody with mountains of knowledge, and with training and work instructions, he can capture that for his team to use in the future.
Andy Bartlett:
The importance of knowledge retention programs comes to the fore here. Companies must use technology for knowledge retention and best practice sharing. And it can assist in onboarding new employees.
Alex Studd:
That’s very interesting. Fifth on our list of Top 10 Risks is finding the needle in the haystack. Can you talk about that one, Abhilash?
Abhilash Menon:
Absolutely, Alex. This is something that the technology industry has been grappling with for years. Simon Jones and I have spoken at various conferences about this topic. I think it just resonates out there. Historically, over the last couple of decades or so, software has been providing digital solutions for operations management challenges. These solutions provide the necessary information to the small subset of people they’re intended for. This creates challenges for inter-operability within an organization.
Now, in the last decade we have seen the emergence of platform solutions, where various point solutions and software are brought together, and data is presented for users to make informed decisions. Think about the challenge that a CEO of a large organization faces. He has to identify the right information from the millions of petabytes of information created by the thousands of sensors. Let’s say it’s a small refinery, somewhere in the Gulf of Mexico. That CEO has a challenge on his hands. He needs the right expertise, knowledge, and solution to filter out the noise and bring only the relevant information to make the best decision.
Tim Floyd:
Our customers have the data that they need, but they don’t even know where to look. Their data silos can be represented by these different haystacks, and if you have five different haystacks, but only one needle to find, that’s going to be a challenge. So, to really accomplish this, you have to limit the number of haystacks or data silos that you might have. And again, speaking on the platforms that you’re referring to, we see this all the time – everything from a permit to an incident report, an MOC (management of change), a risk assessment. Companies may have these processes in place, but if they’re not communicating with each other or leveraging the lessons learned and they’re keeping their data siloed, that will prevent them from ever finding that needle.
Alex Studd:
Functional safety is the sixth risk on the list. What do we mean by that, Abhilash?
Abhilash Menon:
If you think historically, products were designed for a particular challenge, and they were sold. Safety was pretty much an afterthought. Now, think about car seat belts, for example. When cars were invented, it was all about the speed, it was all about the positives that it brings to transportation. People were excited about it, but then the safety aspect came in later, and seat belts were introduced to the world by Volvo. But now things have changed. You can now see that safety is baked into the product design and any process that is run will have safety measures in place.
Now this is not new, but what is changing is the behavior and the consequences of failure. Insurance companies are increasing the cost for all of these. This has a huge contribution to the ESG ratings as well. We believe smart organizations will start investing heavily in processes and software solutions that will help identify the functional safety gaps and bridge the gaps that they might have.
Andy Bartlett:
When you talk about functional safety and the ESG footprint, that management of personnel working in hazardous facilities is a complex process, and the poor management of hazardous areas can affect the environmental performance. If an incident pollutes the air, land or water, it can affect the social performance. If an incident harms people, it can result in litigation and fines. One of the more important things to management is, if a company gains a reputation for incidents and poor risk management, its governance process can be questioned by the shareholders and the share price can go down.
Alex Studd:
Next on the Top 10 list at number seven is compliance gaps. Tim, can you touch on that one?
Tim Floyd:
I really think it builds off what Andy was just saying in terms of your social and governance reputation, because these compliance gaps will go on impacting the perceived reputation and how you’re governing your process. Compliance gaps exist at multiple levels. And we talked about training, permit to work and record-keeping gaps earlier. But this is just one example of compliance gaps. Those records really leave you open if any kind of investigation or audit takes place. You need to be able to prove you were doing what you were supposed to do. And that starts to make me think about procedural or programmatic gaps as well. Something that I would hear in my consulting days was, “Oh well, we’re dispensing ear plugs. That covers our comprehensive noise protection program, right?” In a lot of cases, no, because not only do you need to dispense those ear plugs where it’s necessary, but you also have to prove that you have a compliant program.
Do you have a noise study that you can lean on that was officially done by your team? Do you have the appropriate documentation behind it? Have you outlined procedures? So, now you’re starting to ask these deeper questions that go into how you’re proving your compliance. When we think about that burden of proof, it really leads into a lot of the incident reports I’ve been reviewing in OSHA. And one thing I’m seeing a lot more of is the term negligence. I’m seeing this in regard to failing to correct any previous citations or implementing – or proving that you have implemented – a program. So again, with that hearing protection, if you don’t have the documentation and the studies behind it, just because you’re dispensing earplugs does not mean you have a compliant program. Compliance gaps can exist at an individual, record-keeping level or at a programmatic level, but good intentions and even actions, aren’t always the complete and total step. You have to prove that you’re compliant in mitigating your in-field risks with record keeping.
Abhilash Menon:
I couldn’t agree more, Tim. Organizations will start processes out with good intentions, but as we all know, there is many a slip between the cup and the lip. The lead-out controls or mitigating measures within the processes may not be followed very well, which will lead to an undesired consequence. All the things that you’ve mentioned – issues, negligence and the highlights that OSHA’s laid out – those are all areas of undesired consequences. And we at Sphera have been championing the policy into practice philosophy for the best part of the last decade. Organizations, especially in the hazardous industries, need to take note of how they can leverage software solutions to augment their well-intentioned processes and enable people to deliver work to the highest level of compliance.
Tim Floyd:
Abhilash, this even goes back to what we talked about earlier with the needle in the haystack. If you don’t have a solution where you’re actually utilizing these data points and these different areas and putting your policy into practice, are you really reaching that level of being proactive in operational excellence?
Alex Studd:
The eighth of our Top 10 risks is greenwashing, which is a term I feel like we’ve been hearing a lot these days. Can you comment on that one, Abhilash?
Abhilash Menon:
So, we are talking about the flavor of the month then. Greenwashing is interesting with so many organizations and institutions that are into the management of ESG. I even read somewhere about rainbow washing. The concept of ESG, in one form or the other, has existed for the last 30 odd years, but the term ESG, and specifically ESG ratings, have provided an impetus for organizations to really show off their environmental and sustainability credentials. And just going back to what Andy spoke about earlier – if you get things wrong in terms of incidents that have an environmental impact, then you have issues with shareholders, you have issues with funding, et cetera. If you don’t keep up your ESG ratings, you risk losing out on investors and critical funding that you need to keep the business running.
But then this causes organizations to focus only on the KPIs that the ESG rating is driving and will eventually lead to the trap of forgetting what drives the KPI. What’s the ground reality that provides these metrics? Behavior will be driven from top down to show the numbers to be rosy, rather than identify improvement areas to get the company to actually be green in operations while being black in numbers. We have discussed this previously – that organizations need to focus on finding the right decision-making framework, along with the right solutions for things like lifecycle analysis (LCA) and operational risk to ensure success in their ESG implementation.
Tim Floyd:
Abhilash, those are great points when you think about the perspective of ESG. From the bottom up, it’s one thing, but from the top down, it’s another. But I’d like to think that this SEC voting to pass reporting requirements around sustainability will go a long way in preventing greenwashing, because there are legal implications if you’re falsifying information.
Falsifying a report opens you up to criticism. Those legal implications will ensure legitimacy of the reports and it really reveals or deters any kind of greenwashing. It just makes you more accountable, and these impacts will go across every area of ESG and EHS. It also bleeds into how process safety is part of that governance strategy that a company would have in that ESG perspective.
Abhilash Menon:
Going back to your point, it might just be the unintended consequences of what they do in terms of focusing on the KPI, while losing the focus on the ground reality. It is a challenge. Companies have the best intentions, but it’s just what turns out eventually.
Alex Studd:
Good point. Number nine on the Top 10 list is risk-driven action enforcement. Andy, care to comment?
Andy Bartlett:
Once hazards are identified and action items are written and assigned to people – typically from incidents, from management of change, from walkthroughs in the plant, from audits – it’s very easy to play the numbers game. Management wants to see good KPIs. So, the focus of some people would be on completion, and companies are still taking a task-based approach to action-item management. We’ve got a hundred action items open this month; we want to get it down to 20 next month. But who’s looking at the risk? Which of those items is the big one? The one that’s going to kill people, destroy the asset. So, sound business management structures need to be in place in 2022. They need to be prioritizing the action items by associated risk. This goal means bringing people in – experts, consultants, etc. – and push to work smarter, not harder. Work smarter and delay the risk.
Tim Floyd:
I couldn’t agree more. People have this data now – whether it exists in silos or is being leveraged correctly – and if you have the data you need to use it. And when we think about actions, especially corrective actions, you’ve identified an issue at hand, and if you do nothing and then the same incident presents itself… Well, not only will the team feel as if they failed at keeping folks safe, but there may be other implications, such as regulatory fines. So, you really need to drive that action through its finish.
You need a system that not only helps you identify, but also goes a long way in enforcing those actions, so that you can prevent the risk of the incident happening again.
Alex Studd:
And finally, regulatory change finished the top 10 list. What are your thoughts on that one, Tim?
Tim Floyd:
I think we saw a perfect example of it this week: the SEC made an announcement on reporting requirements around sustainability in ESG. We’re going to continue to see changes. We saw what happened with COVID over the past few years and we also saw a market shift in the ESG focus, as companies in the public start to shift that focus. You need to be an agile company and make sure that you can respond to those changes in regulation. And history has shown us that proactive companies that are forward looking have been thinking about sustainability for years.
So, this new requirement really doesn’t mean anything for them, because they’ve already been doing these procedures and practices for the past five or six years. Being proactive is going to mitigate what regulatory change might do to you. Similarly, companies without agile infrastructure and solutions that can grow with them struggle to respond. Proactive companies often know about regulatory changes on the horizon.
And they can prepare. Agile companies can respond to changes in regulations effectively. So, if you’re being proactive and you have an agile infrastructure in place, regulatory change is a much smaller risk. However, if you’re being more responsive or reactive and you’re using more paper-based or legacy-based processes, you may not be as agile to respond to those changes. So, the risk is just making sure that we have a forward-looking view, that we have an agile process or infrastructure in place.
Abhilash Menon:
If there is one thing that will constantly evolve, it’s the regulations that drive safe and sustainable operations. Tim, you mentioned the SEC regulation. We need to change. We can’t just keep doing the things that we are doing right now. But the question is, how do organizations keep on top of the constant changes that are enforced by these institutions? There’s change coming from all directions. And it is also imperative that they’re prepared for the changes coming up next.
It’s not just about what’s been told to them now about the next five years, but what’s going to happen two years down the line, when the guidance changes for the next decade. There is no place to hide for companies, and they will need to be transparent with their metrics – be it financial, be it sustainability metrics or operations-related ones. And as the scale of operations grows, and the impact of operations on the environment grows, it will only get more onerous to manage. The one way forward that I see for organizations is to partner with leading organizations to provide the right system-driven solutions, as well as the right consulting advice. And then provide a sustainable future for the current and next generations. That’s the key we need to provide. It’s our responsibility to provide a sustainable future for our next generations.
Alex Studd:
Well, terrific. That completes our top 10. So, Andy, Abhilash, Tim, thank you so much for your contributions on that fascinating article and for also taking the time today on the SpheraNow ESG Podcast. To the audience, thank you for listening and we’ll see you on the next podcast soon.
