The Scottish Government’s green watchdog has refused to commit to publicly naming and shaming polluters who break environmental rules.
The Scottish Environment Protection Agency (Sepa) is developing a “new approach” to assessing businesses’ compliance with environmental rules. But in response to Ferret queries, it has refused to say whether it will publicly name all companies who perform badly in the future.
Sepa used to publish annual reports on its compliance assessments of nearly 5,000 business sites around the country each year. Sites including factories, waste plants and farms were ranked on a scale ranging from “very poor” to “excellent”.
Notable sites that have previously been damned for their environmental performance by Sepa compliance reports are Donald Trump’s golf courses in Ayrshire and Aberdeenshire, the private school attended by King Charles, and the five-star Gleneagles Hotel.
Sepa says its new scheme will be developed between 2023 and 2025 and added it would publish “some performance information” in the meantime. The last fully published compliance assessment of Scottish companies was for 2019, partly as a result of the Covid-19 pandemic and a criminal cyber attack which led to information from some years being lost.
One former Sepa boss raised concerns about “transparency” at the regulator and claimed any move to stop making the assessment reports public would be a “backward step” that would be “somewhere between disappointing and shocking”.
The Scottish Greens said that unless Sepa accounts for the missing period and puts a new system in place “as soon as possible” it will have “effectively sent a message that the cyber attack has permanently weakened Scotland’s environmental protection”.
In response, Sepa said it recognises “the importance of publicly accessible compliance information” and that its “future plans for publication will be part of the development of the new approach”.
We contacted Sepa about its compliance scheme after being told by an insider that there were major problems with it in the wake of the cyber attack and other turbulence at the regulator, including the resignation of its former chief executive, Terry A’Hearn, due to misconduct allegations.
The watchdog abandoned its compliance assessment scheme entirely in 2020 due to the Covid-19 pandemic.
On Christmas Eve of 2020, Sepa was hit by a cyber attack against its computers by an international crime gang, known as Conti. In February 2022, The Ferret revealed that a host of information on environmental checks and pollution breaches had been lost as a result of the hack.
Sepa was unable to retrieve information from three of its major databases with details of its regulatory work between October 2019 and December 2020.
The regulator has published other key datasets since the cyber attack, including the Scottish Pollutant Release Inventory which measures releases of key pollutants into air and water. However, despite the fact that its work to assess businesses compliance with environmental rules has restarted, reports have still not been published for 2020, 2021, or 2022.
Campbell Gemmell, who was Sepa’s chief executive between 2003 and 2012, told The Ferret that failing to make the assessment reports public would “compound concerns” about Sepa’s “ability to do its basic job”.
Gemmell said: “If Sepa is abandoning or radically rebooting its approach to compliance assessment because the system is broken, it’s clearly a potentially backward step that’s somewhere between disappointing and shocking.
“It seems there is a four-year compliance black hole and Sepa can’t or won’t share actual polluter performance for that time.
“It runs the risk of further criticism around governance [and] losing data, failing both to be transparent and holding industry to account for its performance.”
“That’s what shames companies into compliance and investment,” Ruskell claimed. “It is important that the missing period is accounted for and that a new system is in place as soon as possible, otherwise Sepa has effectively sent a message that the cyber-attack has permanently weakened Scotland’s environmental protection.”
According to Dr Richard Dixon, an environmental campaigner and former director of Friends of the Earth Scotland, publication of the compliance assessment reports has been “invaluable in understanding which firms are taking their environmental responsibilities seriously”.
“The cyber attack was at the end of 2020,” he said. “Obviously it took time to rebuild destroyed systems but Sepa have been collecting data from firms again since then and there seems no reason why a full compliance assessment for 2022 could not be produced. Waiting until after 2025 certainly cannot be justified.
“It is not even clear whether it is Sepa’s intention to return to publishing the kind of comprehensive assessment seen in the past. Sepa say that they target their inspection and enforcement efforts on those firms which are worst performing, so they have to carry out this assessment anyway.
“There is no good reason not to publish it.”
Sepa said it was “clear that compliance with Scotland’s environmental laws is non-negotiable”.
“We recognise the importance of publicly accessible compliance information and are currently developing a new approach to assessing and reporting an operator’s environmental performance, which we’ll consult on at appropriate times,” said a spokesperson. “Our intention is to develop this over the 2023/25 period.”
When asked by The Ferret when new compliance reports would become available and whether full data would be published in future, the spokesperson said: “We will be working to develop a new approach and, as part of that, we will consult on how and when environmental performance information will be shared in future. Our future plans for publication will be part of the development of the new approach.”
Cover image thanks to iStock/arabs