Skip to content.

Home

Allens Arthur Robinson

Focus: Information Technology & Climate Change – October 2008

Legal issues for IT managers and directors under new emissions reporting requirements

In brief: The need to meet new emissions reporting requirements in 2009 will require many organisations to procure new information technology systems or modify existing systems to provide enhanced reporting systems capability. Partner Niranjan Arasaratnam (view CV) and Senior Associate Ken Shiu report on what needs to be done to comply with the reporting requirements.

How does it affect you?

  • In the rush to implement systems to meet the reporting deadline, customers should ensure their contracting process adequately addresses the need for regulatory change, the risk of system implementation delays, the consequences of breaches of the reporting scheme requirements as a result of defective or delayed IT systems, and the management of third-party suppliers.
  • CEOs are charged with the responsibility for implementing the IT systems that meet the requirements of the emissions reporting scheme, and may face personal liability for a failure to do so.
  • The new emissions reporting requirements will require organisations that have (or are contemplating) an outsourced IT or business process to determine whether it is the organisation or the service provider that has operational control over that activity and is therefore responsible for reporting the energy consumption and greenhouse gas emissions of that activity.
  • The technology industry's green IT marketing promotes various forms of server consolidation (for example, virtualisation and application hosting). These technology platforms raise risk issues for customers in the areas of business continuity, data privacy and support that need to be carefully evaluated.
  • Procurement policies should be reviewed by customers whenever supplier eco-marketing claims and e-waste compliance issues are involved.

Background

As corporations come to terms with the new Australian emissions reporting requirements, and with green IT initiatives gaining traction, new risk and legal issues for corporate IT departments during the procurement and contracting process are slowly emerging from the complex mire of legislation and vendor marketing. These issues are not esoteric technology issues of interest only to a company's IT departments; they are significant business issues for chief executive officers (CEOs) and directors alike.

Return to top

NGER compliance and reporting systems

The National Greenhouse and Energy Reporting Act 2007 (Cth) (the NGER Act) establishes the National Greenhouse and Energy Reporting Scheme (NGERS), with the first reporting year being the current financial year.

Under the NGER Act, a corporation must be registered on a national database if it is the ultimate Australian holding company of a corporate group and the corporate group (or facilities under the operational control of the corporate group) meets one or more specified thresholds for greenhouse gas (GHG) emissions, energy production or energy consumption. Each year, registered corporations will be required to report on the GHG emissions and energy production/consumption of their corporate group and the facilities under their operational control. The reporting thresholds for corporate groups in the 2008-09 financial year are relatively high but decrease to 70 per cent and 40 per cent of the initial thresholds in the 2009-10 and 2010-11 financial years. Companies that come within the reporting threshold for the 2008-09 financial year must register for the scheme by 31 August 2009 and submit their first report by 31 October 2009. Further details of the scheme are set out in Allens Client Update: Climate Change – July 2008.

All those companies that meet the reporting thresholds will need to implement reporting systems that will calculate and report on their GHG emissions, energy production and energy consumption. Some organisations may be able to cope using only spreadsheets. Others, with more compliance requirements, will need to procure specialised IT reporting systems and monitoring systems, including sensors and metering devices, interfaces to their SCADA industrial control systems or core enterprise resource planning systems. It is critical that these IT systems produce accurate and timely reports of the required data.

In larger organisations, the stewardship for these reporting systems will not simply be left to the CIO or IT manager. Under the NGER Act, the CEO will be personally liable for specified contraventions of the NGER Act by the company if the CEO failed to take all reasonable action to prevent those contraventions. Accordingly, directors and CEOs will need to ensure that their company's IT systems are capable of complying with the NGER Act requirements. Because of the approaching compliance deadline, many organisations will be under pressure to implement new reporting systems against aggressive deadlines, which may place them in a vulnerable negotiating position against suppliers with many customers facing similar demands. To minimise the risks of a failed implementation, it is important that a robust procurement and contracting process be followed when purchasing and implementing new GHG reporting systems.

In particular, organisations should concentrate on the following aspects:

  • Contracts should allow for flexibility, in terms of changes to the systems, specifications and performance requirements, to accommodate inevitable changes to the reporting requirements. The Federal Government has flagged already that changes will need to be made to accommodate the proposed Carbon Pollution Reduction Scheme. In addition, companies are likely to change their own requirements as they move towards implementing the higher order measurement methodologies permitted under the National Greenhouse and Energy Reporting (Measurement) Determination 2008.
  • The traditional liability/service level penalty formulae will need to be reviewed, given the stringent penalty regime under the NGER Act for a failure to report accurately GHG emissions, energy production and energy consumption.
  • As the reporting system will undoubtedly interface with third-party vendors and maintenance providers, contracts should address how different vendors will cooperate to achieve the desired reporting outcomes rather than the 'point the finger' approach typical of vendors.
  • A rigorous project plan (with appropriate sanctions for delay) will be necessary to meet the deadlines imposed under the NGER Act. The project plan should be supported by realistic governance processes so that IT managers, directors and CEOs will be aware of the progress of the implementation of the reporting system. Given the likely public and media scrutiny, this will allow an organisation to manage proactively any adverse issues and delay in the rollout of the reporting system.

It is important to bear in mind that even though some organisations will fall outside the immediate reporting thresholds under the NGER Act, the cascading effect of the emissions supply chain may result in companies that do not need to report under the emissions reporting scheme being forced by their customers (and, in turn, forcing their own suppliers) to be more transparent and accountable for the emissions that are inputs into their operations.

Return to top

Carbon footprints in the outsourcing (ITO/BPO) world

From an organisation's perspective, the process of calculating carbon footprints currently involves subjective value judgements as to methodology and is heavily influenced by the choice of the reporting boundaries. The methodologies include life-cycle analysis, economic input/output method and integrated input/output method.

Based on the Greenhouse Gas Protocol, emissions reporting is classified into three types:

  • Scope 1 emissions: Direct emissions from the operation of the facility.
  • Scope 2 emissions: Emissions resulting from energy inputs (electricity, heating, cooling) that are imported into the facility.
  • Scope 3 emissions: Indirect emissions outside the facility. Typical examples include employee travel (air, car/taxis) and offsite waste.

Scope 1 and Scope 2 emissions are required to be reported under the NGERS. In most organisations, the emissions of the IT department as a large consumer of energy fall within Scope 2 emissions.

Carbon footprint reporting raises interesting questions in the context of IT outsourcing (ITO) and business process outsourcing (BPO) arrangements. For example:

  • Should outsourced resources or processes still be included within the organisation's carbon footprint, or is this accountability transferred to the outsourcer? It all depends on the 'operational control' test in the NGER Act. Under the NGER Act, a corporation has operational control over an activity (and is therefore required to report on the Scope 1 and Scope 2 GHG emissions and energy production/consumption of the activity) if it has the authority to introduce and implement operating, health and safety, and environmental policies for the activity. One would think that hosted server and data centre arrangements would be outside the corporation's reporting responsibility. However, the test may not be so clear for the more hybrid variations of IT/BPO outsourcing (including shared services, and joint venture and special purpose entities). In the future, contracts must be structured to address this critical issue of operational control.
  • Organisations need to consider how they get visibility to emissions costs and sourcing of the energy inputs of the outsourcer and the supply chain. Outsourcing agreements should require transparency from service providers on these issues.
  • Mining this data from outsourcers may not be as easy as it appears. While a captive data centre provides an easier isolated environment for calculating GHG emissions and energy consumption, accounting for this data across a typical distributed network is not as straightforward. Accordingly, the costs of compiling and reporting the relevant data should be borne by outsourcers, otherwise they will seek to pass these costs on to the customer.
  • Organisations should consider whether to include GHG emissions and energy consumption as key performance indicators for the purposes of contract performance reviews. Also, as a carbon footprint can be described as GHG emissions or energy consumption on a per employee or activity basis, and as many business processing outsourcing arrangements are priced on a per employee or activity basis, organisations should consider including carbon costs that encourage productivity-based emissions reductions in their pricing models.
  • A plethora of online carbon footprint calculators is appearing on the Internet. Care needs to be exercised if relying on these, as there is no independent industry certification of these calculators and many of them operate on the basis of (unstated) assumptions that might not be correct in the case of your organisation.

Return to top

Server consolidation

The IT industry has, in recent times, been promoting technology to assist IT departments in reducing their physical server requirements and their carbon footprint.

The attraction of, and recent uptake in, virtualisation software is, in large part, because of the ability of the software to reduce the number of physical servers and the consequential energy consumption costs. As the deployment of virtualisation technology has gradually moved from virtual test environments to deployment of virtual production environments, the flipside to the server cost savings has emerged in the form of:

  • added complexity of licensing compliance with business applications;
  • business application support issues (general exclusion of support where the cause is due to the integration of non-approved product or environment); and
  • disaster recovery – do existing disaster-recovery or business-continuity contracts need to be revisited because of the increased spawning of multiple production environments through the use of a lesser number of physical servers?

Cloud Computing, Software as a Service (SaaS), application service providers (ASPs) and grid computing are other initiatives promoted by elements of the IT industry pushing the server consolidation message. All involve the commercial availability of external server computing resources, which are provided to the customer on a utility or rental pricing basis. The legal and risk issues involved with the use of these external resources arise from the dependence on the service provider's ability to address security, data privacy compliance and system availability issues to the level a customer would normally apply to the data that is to be processed. External servers are often located offshore, which raises serious privacy concerns regarding cross-border data flows.

Return to top

Eco-compliance in IT marketing and procurement

As technology suppliers tout the 'eco-credentials' of their products, whether they be 'carbon neutral', supplied from '100 per cent renewable sources' or 'environmentally friendly', there is a greater need for customers to be more vigilant in their technology procurement to ensure that these product claims are met. This is particularly so where an organisation includes its vendors' eco-credentials in its annual reports, publicity or advertising material.

The Australian Competition and Consumers Commission (the ACCC) in recent times has been more vocal in its monitoring of 'greenwashing' representations by suppliers to protect against misleading and deceptive conduct. This year, the ACCC has released two guidelines that are focused on green marketing and carbon-related claims.

For technology suppliers, this means that eco-friendly product claims need to be accurate and able to be supported. Because of the lack of a uniformly accepted definition of terms, such as 'green', 'low carbon' and 'carbon neutral', product promoters are advised to be specific (and include any appropriate qualifications) when making claims.

From the customer's perspective, reliance on 'green' IT claims adds a greater imperative for the need to include appropriate warranties and compliance clauses in procurement documentation and contracts. Equally, the current lack of regulation governing carbon offset providers means that customers need to be more diligent in understanding and satisfying themselves as to the integrity of any carbon offsets that are the basis for these claims.

Return to top

Recycling initiatives

Technology products often contain heavy metals in circuit boards that end up populating waste landfills (either within Australia or dumped in offshore destinations). Although some vendors have set up their own recycling return centres and programs, the large majority of e-waste (PC, mobile recycling) initiatives are collaborative non-government organisation initiatives. Unlike in Europe and Japan, there are no laws in Australia that require hardware suppliers to recycle their products.

In the absence of any uniform government framework for e-waste, the end-user community has so far relied on self-help and manufacturer initiatives. This means that customers should consider whether their vendors' voluntary recycling policies should be included in their corporate procurement policies. Specific issues to consider are:

  • including e-waste policies as a tender criteria and commencing due diligence on the vendor's e-waste procedures;
  • contractually binding vendors to conform to a committed e-waste policy;
  • audit rights to verify compliance; and
  • provision of certificates from senior management regarding the vendor's compliance with its e-waste policy.

Return to top

Conclusion

Implementation of emissions reporting and green IT initiatives should be seen as part of an organisation's broader corporate social and sustainability responsibility. It involves complex issues that require senior management involvement and proper planning, including the review of corporate contract documentation and procurement policies.

Return to top

For further information, please contact:

Return to top

Share with

What are these?

 

 

Recent Technology, Media & Telecommunications publications