Two rules from the U.S. Environmental Protection Agency (“EPA”) governing stormwater permits and the Audit Policy will increase the public’s access to data showing whether contractors are complying with environmental regulations.

I. Stormwater Permits

EPA’s final National Pollutant Discharge Elimination System (“NPDES”) Electronic Reporting Rule requires construction site operators to submit certain NPDES stormwater permit documentation to their permitting authorities using an electronic reporting tool, instead of filing paper. Under the rule, operators of construction sites and industrial facilities covered by an NPDES permit must electronically submit General Permit Reports (Notices of Intent to Discharge (“NOIs”), Notices of Termination (“NOTs”), No Exposure Certifications (“NOEs”), Low Erosivity Waivers and Other Waivers from Stormwater Controls (“LEWs”)), and Discharge Monitoring Reports. These requirements directly apply to construction firms when the e-reporting provisions are added to individual or general NPDES stormwater permits such as Construction General Permits. Importantly, while the rule changes the mode of transmission of these reports, it does not change the information required from NPDES-permitted facilities under existing regulations and practices.

Although many NPDES-authorized states have their own electronic data systems for managing data, states that do not have the resources will likely adopt EPA’s electronic reporting tools. Those tools include (1) the NPDES eReporting Tool (“NeT”), available through the Central Data Exchange at, which is used to electronic prepare and submit general permit reports, and (2) NetDMR, available at, which is used to submit Discharge Monitoring Report (DMR) data.

The final rule’s preamble states that, in addition to these requirements, EPA intends to make the complete data set available electronically to the public “to promote transparency and accountability by providing communities and citizens with easily accessible information on facility and government performance.”

II. Audit Policy

EPA has also launched its eDisclosure Portal to modernize the implementation of the Audit Policy, which gives contractors the ability to self-disclose potential environmental violations and to eliminate or reduce the amount of penalties that could result. Because of the large number of violations that are self-disclosed every year, EPA established an electronic portal to receive self-disclosures and to automate some responses. The eDisclosure Portal defines disclosures as either “Category 1” or “Category 2”. Category 1 disclosures include violations of the Emergency Planning and Community Right-to-Know Act (“EPCRA”) that meet all nine Audit Policy conditions. However, this category does not include chemical releases exceeding the reportable quantity limit that must be reported under EPCRA Section 304, or any EPCRA violations with significant economic benefit. For these disclosures, the system will automatically issue an electronic Notice of Determination confirming that the violations are revolved with no assessment of civil penalties, conditioned on the accuracy and completeness of the submitter’s disclosure. EPA will spot check Category 1 disclosures to ensure conformance with Audit Policy requirements.

Category 2 disclosures include (1) all non-EPCRA violations, (2) EPCRA violations where the disclosure can only certify compliance with Audit Policy Conditions 2 through 9 (i.e., the discovery was not systematic), and (3) EPCRA violations excluded from Category 1. For these disclosures, the system will automatically issue an acknowledgement letter noting that EPA has received this disclosure and promising that EPA will make a determination as to eligibility for penalty mitigation if and when it considers taking enforcement action.

To use the eDisclosure Portal, contractors must follow a three-step process. First, companies must register with the Central Data Exchange system. Second, the disclosure must be “prompt,” which means that potential violations must be disclosed online within 21 calendar days of the contractor’s discovery that such potential violations may have occurred. Third, contractors must submit a Compliance Certification in the disclosure system with 60 days of submitting an Audit Policy disclosure.

The biggest change, which seems to have been previously unannounced, is that EPA is changing its approach to Freedom of Information Act (“FOIA”) requests seeking self-disclosures of violations. Specifically, EPA is revising its position to now favor providing unresolved disclosures to the public. EPA states: “Therefore, in response to any FOIA requests for individual unresolved disclosures, EPA instead will determine on a case-by-case basis whether it reasonably foresees that release would harm an interest protected by a FOIA exemption. In doing so, EPA will endeavor to be as accommodating as possible in responding to such requests, and EPA generally expects to make Category 1 and Category 2 disclosures publicly available within a relatively short period of time after their receipt.”

III. Suggestions for Dealing with Public Accessibility to Compliance Data

Now that more data about environmental compliance will be publicly available, contractors may face increased enforcement via government or citizen lawsuits. One way that contractors can get ahead of potential problems is to have an employee access and monitor what EPA is sharing about their project sites and support facilities.

Furthermore, contractors should carefully consider whether to disclose potential violations because of the potential negative publicity or possible citizen lawsuits by environmental organizations that may be targeting certain corporations. EPA’s approach on this issue is entirely consistent with its Next Generation Compliance Initiative, which seeks to streamline its ability to gather data and easily determine whether companies are complying with environmental laws. However, this approach is not consistent with the original intent of the Audit Policy, which allowed companies to make disclosure without fear of reprisals from outside groups (and from the federal government in terms of reducing potential penalties). Therefore, the end result will likely be that contractors will disclose fewer violations, only disclose those that meet all of the Audit Policy criteria, and which the contractor has a complete handle on how the violation will be corrected.

View All Posts