EPA compliance failures at water and wastewater utilities do not begin with a laboratory result. They begin with a process deviation that went undetected for hours, a maintenance record that was never completed, or an inspection that was due but not scheduled. The enforcement action that follows is the last step in a chain of operational failures that were all preceded by detectable signals in SCADA data, instrument readings, and work order histories. iFactory's AI platform monitors those signals continuously across all EPA compliance parameters, issues alerts when any parameter begins trending toward a violation threshold, and generates the documented evidence trail that satisfies EPA monitoring, reporting, and recordkeeping requirements automatically. Book a free EPA compliance readiness assessment for your utility.
Article
EPA Compliance: Water and Wastewater Analytics Requirements
9 min read
Quick Answer
iFactory provides EPA compliance support across three regulatory frameworks: Safe Drinking Water Act (SDWA) for community water systems (continuous monitoring, CCR data, consumer notification triggers), Clean Water Act (CWA) NPDES for wastewater discharge (effluent quality monitoring, DMR data, permit parameter pre-alerts), and collection system regulations (SSO reporting, CMOM documentation, asset management certification under AWIA 2018). All compliance evidence is generated automatically from SCADA and operational data with no manual compilation required.
EPA Compliance Coverage: Three Frameworks, One Platform
Water and wastewater utilities operate under multiple overlapping EPA regulatory frameworks simultaneously. iFactory tracks compliance status for all three frameworks from existing SCADA and operational data, issuing pre-alerts before any compliance threshold is approached and generating required documentation automatically. Book a demo to see iFactory compliance coverage mapped to your specific permits and NPDES limits.
SDWA
Safe Drinking Water Act
Applicable to: Community Water Systems serving 25+ people year-round
Surface Water Treatment Rule (SWTR and LT2ESWTR)
Continuous turbidity monitoring at each filter outlet (0.3 NTU compliance, 0.5 NTU trigger)iFactory: Per-filter continuous turbidity monitoring with pre-alert at 0.24 NTU. CT ratio calculation per disinfection stage with compliance gap alert before end-of-day CT monitoring period. Particle counter integration for Cryptosporidium surrogate monitoring.
CT ratio calculation for Giardia and Cryptosporidium inactivation creditiFactory: Real-time CT calculation from chlorine residual and contact time. CT ratio below 1.05 triggers pre-alert before 1.0 compliance minimum is breached. UV dose monitoring per bank with lamp intensity degradation alert before dose credit loss.
Disinfectants and Disinfection Byproducts Rule (Stage 2 D/DBPR)
LRAA (Locational Running Annual Average) for TTHM and HAA5 monitoringiFactory: LRAA calculation from quarterly lab results imported via LIMS integration. Running 12-month average tracked per monitoring location. Alert when any location LRAA exceeds 80% of MCL before quarterly exceedance occurs.
DBP precursor monitoring and enhanced coagulation requirementsiFactory: TOC and UV254 monitoring for DBP formation potential. Source water TOC change alerts trigger enhanced coagulation review before downstream DBP formation increases.
Consumer Confidence Report (CCR) and Public Notification
Annual CCR data compilation and Tier 1 public notification within 24 hours of acute violationsiFactory: Annual CCR data compiled automatically from SCADA monitoring records and LIMS lab results. Tier 1 violation alert escalation workflow with 24-hour notification support and evidence documentation.
CWA
Clean Water Act NPDES
Applicable to: WWTP and industrial stormwater dischargers
NPDES Effluent Limits and Discharge Monitoring
Continuous effluent quality monitoring (BOD, TSS, ammonia, total nitrogen, total phosphorus, pH, dissolved oxygen)iFactory: All permit parameters monitored continuously with pre-alerts at 80% of daily maximum and 90% of monthly average limits. Six Big Loss biological treatment analysis for early biological process deviation detection before effluent quality is affected.
Monthly Discharge Monitoring Report (DMR) submission via EPA eReporting (NetDMR)iFactory: DMR data compiled automatically from SCADA continuous monitoring records and LIMS lab results. All required statistical calculations (daily maximum, monthly average, violation count) performed automatically. Export in NetDMR submission format.
Secondary Treatment Standards (40 CFR Part 133) and Nutrient Limits
30-day and 7-day BOD and TSS effluent limits. Nutrient limits (TN, TP, ammonia) under state-specific NPDES permitsiFactory: 30-day rolling average calculated continuously from daily effluent monitoring. Alert when 30-day running average exceeds 85% of monthly average limit. Nutrient removal process monitoring (biological phosphorus removal, nitrification/denitrification) with parameter-specific alerts.
CMOM + AWIA
Collection System and Asset Management
Applicable to: Municipal utilities with collection systems and AWIA-covered water systems
EPA CMOM (Capacity, Management, Operations, and Maintenance)
SSO event reporting within 24 hours. Collection system capacity, maintenance, and operations documentation for EPA Consent Decree complianceiFactory: Real-time SSO risk scoring at all pump stations with overflow prevention alert. SSO event documentation with cause analysis, duration, volume estimate, and receiving water notification automatically compiled. CMOM documentation package generated from monitoring data, work orders, and inspection records.
AWIA 2018 (America's Water Infrastructure Act)
5-year certification of asset management program (asset inventory, condition assessment, risk analysis, consequence analysis, life cycle cost analysis) and cybersecurity vulnerability assessmentiFactory: All five AWIA certification sections populated automatically from SCADA monitoring, GIS asset registry, CMMS records, and inspection data. Cybersecurity architecture documentation for AWIA vulnerability assessment. Certification package generated on-demand.
iFactory Monitors All Three EPA Compliance Frameworks Simultaneously. Pre-Alerts Fire Before Any Violation Threshold Is Reached, Not After.
SCADA threshold alarms fire when a violation is already happening. iFactory pre-alerts fire when any monitored parameter begins trending toward a compliance limit, typically 4 to 48 hours before the limit is approached, giving operators time to intervene and prevent the violation entirely.
Client Results: Municipal Utilities Using iFactory for EPA Compliance
Zero
EPA Enforcement Actions in 24 Months
Average EPA enforcement actions, consent orders, or significant compliance violations received by iFactory water and wastewater utility customers in the 24 months following deployment.
4 hrs
Monthly DMR/CCR Report Generation
Average time to generate monthly Discharge Monitoring Report and Consumer Confidence Report data from iFactory automated reporting versus 3 to 4 days of manual compilation before deployment.
6 wks
AWIA Certification Package Ready
Average time from iFactory deployment to first complete AWIA 5-section certification evidence package ready for EPA submission, versus 14 to 18 months for manual program development.
87%
Fewer After-Hours Compliance Calls
Average reduction in after-hours on-call operator response calls for compliance-related process deviations, because pre-alerts allow daytime correction before deviations become overnight emergencies.
"We received a significant noncompliance (SNC) designation from our state primacy agency for two consecutive months of NPDES effluent exceedances. The investigation showed that both exceedances were preceded by dissolved oxygen deviations in our secondary treatment basins that were visible in our SCADA data hours before the effluent quality was affected. We had threshold alarms configured, but they fired at the same time the violation was already occurring. iFactory's pre-alert system would have triggered an operator alert 6 to 8 hours before either violation based on the DO trending. After deployment we have had 18 months without a significant compliance event, and our state has recognized our improved monitoring program in reducing our oversight requirements."
Director of Regulatory Compliance
Regional Water Reclamation Authority, Los Angeles County, California, USA
Every EPA Violation at Your Utility Had a Detectable Precursor in Your SCADA Data. iFactory Finds Those Precursors Before They Become Enforcement Actions.
iFactory monitors every permit parameter that EPA requires your utility to track, sets pre-alert thresholds at 80 to 90 percent of compliance limits, and generates the compliance documentation that satisfies SDWA, CWA NPDES, CMOM, and AWIA 2018 requirements automatically from your operational data.
iFactory vs Competing EPA Compliance and Operations Management Platforms
Compliance management platforms range from LIMS-only systems to full CMMS with compliance modules. iFactory differentiates by connecting process monitoring pre-alerts to compliance documentation generation in a single on-premise platform. Book a demo to see iFactory compared to your current compliance management approach.
| Capability |
iFactory |
Cityworks (Esri) |
Lucity (CentralSquare) |
IBM Maximo |
SafetyCulture |
Brightly Asset Essentials |
MaintainX |
iWorQ Systems |
| Pre-Violation Monitoring and Alerts |
| Pre-permit-limit process deviation alert (4 to 48 hrs before limit) |
Pre-alert at 80% of compliance limit |
No process monitoring |
No process monitoring |
Via IoT add-on module |
Inspection checklists only |
No process monitoring |
No process monitoring |
No process monitoring |
| SDWA CT ratio calculation from SCADA data |
Real-time per disinfection stage |
No |
No |
No |
No |
No |
No |
No |
| Compliance Documentation and Reporting |
| EPA NetDMR DMR data auto-compiled from SCADA and LIMS |
Automated, 4-hour generation |
Manual data assembly |
Manual data assembly |
Via reporting module |
No |
No |
No |
Basic reports |
| AWIA 2018 certification package all 5 sections auto-generated |
On-demand, all 5 sections |
Manual assembly |
Manual assembly |
Via analytics module |
No |
No |
No |
No |
| On-premise deployment (government data sovereignty + cybersecurity) |
Full on-premise, read-only OT |
Cloud or on-prem |
Cloud or on-prem |
Cloud or on-prem |
Cloud SaaS |
Cloud SaaS |
Cloud SaaS |
Government cloud |
Based on publicly available product documentation as of Q1 2025. Verify capabilities with each vendor before procurement decisions.
Regional Compliance: Water and Wastewater Regulatory Requirements by Region
Water and wastewater regulatory requirements vary significantly by region but share a common structure: continuous monitoring, automated reporting, and immutable audit records. iFactory's on-premise architecture satisfies data sovereignty requirements in all regions while providing a unified compliance evidence platform.
| Region |
Primary Regulatory Framework |
Key Requirements |
iFactory Coverage |
| USA |
Safe Drinking Water Act (SDWA), Clean Water Act (CWA) NPDES, AWIA 2018, EPA CMOM for collection systems, 40 CFR Parts 133, 141, 122, 503 (biosolids) |
Continuous turbidity monitoring (0.3/0.5 NTU), CT ratio calculation, DMR via NetDMR, SSO 24-hour reporting, AWIA 5-year certification, CMOM documentation, CCR annual report |
All SDWA and CWA NPDES monitoring parameters. DMR auto-compiled for NetDMR. AWIA 5-section certification. CMOM documentation. CCR data. SSO prevention and documentation. All data on-premise within US. |
| UAE |
UAE Federal Law No. 24 (water and environment), MOCCAE discharge standards, DEWA/EAD technical standards, UAE.S GSO 2483 (treated wastewater), ESMA drinking water standard UAE.S 5:2012 |
Turbidity below 0.5 NTU at supply, residual chlorine 0.2 to 0.5 mg/L, UAE treated effluent quality standards, Arabic language reporting, data sovereignty within UAE |
UAE/MOCCAE and DEWA parameter monitoring. Arabic reporting outputs. Treated effluent quality compliance. EAD environmental standards. All data on-premise within UAE jurisdiction. |
| UK |
Water Supply (Water Quality) Regulations 2016, Environmental Permitting Regulations 2016, Drinking Water Inspectorate (DWI), Environment Agency (EA), Urban Wastewater Treatment Directive, Environment Act 2021 (storm overflows) |
DWI statutory compliance reporting, EA discharge consent monitoring, Ofwat performance commitments, Environment Act 2021 CSO monitoring, Cryptosporidium direction compliance |
DWI annual compliance evidence. EA discharge consent monitoring. Ofwat performance commitment tracking. CSO monitoring under Environment Act 2021. Cryptosporidium risk monitoring. All data within UK. |
| Canada |
Health Canada GCDWQ, Fisheries Act WSER, provincial Safe Drinking Water Acts (Ontario O. Reg. 170/03, BC DWPA, Alberta EPEA), Infrastructure Canada reporting, Ontario O. Reg. 588/17 asset management |
Provincial turbidity and CT compliance, AWQI 24-hour notification, monthly provincial compliance reporting, WSER effluent quality, O. Reg. 588/17 asset management plans |
Provincial compliance monitoring with automated reporting. AWQI escalation workflow. WSER effluent quality tracking. O. Reg. 588/17 asset management evidence. Bilingual EN/FR. All data within Canada. |
| Germany / EU |
EU Drinking Water Directive 2020/2184, EU UWWTD revised 2022, German TrinkwV, German AbwV, GDPR, EU NIS2 for critical infrastructure, DVGW technical standards (W 201, W 400, W 1000) |
EU DWD risk-based monitoring, UWWTD collection and treatment performance, NIS2 OT cybersecurity, GDPR data processing, DVGW standard documentation |
EU DWD and UWWTD monitoring. DVGW technical standards. NIS2 OT security controls. GDPR compliant on-premise processing. EU data residency guaranteed. All data within EU jurisdiction. |
Frequently Asked Questions
How does iFactory prevent EPA violations rather than just documenting them after they occur?
iFactory sets pre-alert thresholds at 80 to 90 percent of EPA compliance limits for all monitored parameters, giving operators 4 to 48 hours of advance warning before any permit threshold is approached. When a parameter begins trending toward a pre-alert threshold, iFactory generates an operator notification and a condition assessment work order so the cause can be investigated and corrected before a violation occurs.
Book a demo to see pre-alert configuration for your specific NPDES and SDWA permit limits.
How does iFactory integrate with our LIMS for combined SCADA plus laboratory compliance reporting?
iFactory integrates with LIMS systems (Thermo Fisher SampleManager, LabWare, StarLIMS, and others) via REST API or HL7/CSV import to pull laboratory analytical results alongside continuous SCADA monitoring data. The combined dataset is used to generate DMR, CCR, and state compliance reports that include both continuous monitoring data and discrete laboratory results in the format required by each regulatory authority.
Book a demo to review LIMS integration for your specific laboratory information system.
Does iFactory support EPA eReporting (NetDMR) submission directly?
iFactory generates DMR data in the format required for NetDMR submission, including all required statistical calculations (daily maximum, monthly average, violation indicator fields). Direct API submission to EPA's Central Data Exchange (CDX) via NetDMR is supported for systems with CDX account credentials configured. For utilities preferring manual submission, iFactory exports the completed DMR data in the NetDMR import template format.
Book a demo to review NetDMR integration for your specific permit reporting requirements.
How does iFactory satisfy the AWIA 2018 cybersecurity vulnerability assessment requirement?
AWIA 2018 requires water systems to conduct a risk and resilience assessment that includes cybersecurity vulnerabilities in their operational technology. iFactory's read-only SCADA integration architecture directly reduces the OT attack surface by eliminating the most common cybersecurity risk for water utilities: externally connected control system data. iFactory provides documented cybersecurity architecture evidence for the AWIA vulnerability assessment confirming read-only connection, zero external data transmission, and no internet dependency.
Book a security architecture review for your AWIA cybersecurity assessment.
Can iFactory help with EPA SSO (Sanitary Sewer Overflow) reporting requirements under Consent Decree programs?
Yes. iFactory monitors lift station wet well levels, inflow rates, and pump operation status in real time to provide SSO overflow risk scoring that triggers operator alerts before overflow events occur. When an SSO does occur, iFactory generates the event documentation required by EPA Consent Decree reporting: event start time, duration, estimated volume, receiving water body, cause analysis, and corrective action documentation, all compiled automatically from SCADA monitoring data.
Book a demo to review SSO prevention and documentation for your collection system.
Does iFactory support the EPA's Lead and Copper Rule Revision (LCRR) monitoring requirements?
iFactory supports LCRR monitoring requirements through distribution system corrosion control monitoring (pH, temperature, alkalinity, orthophosphate residual), sampling site management for 90th percentile lead sampling, and treatment technique compliance monitoring for corrosion control programs. The sampling site registry and compliance monitoring records are maintained in iFactory with the audit trail required for state primacy agency review.
Book a demo to review LCRR compliance monitoring for your distribution system.
Continue Reading
Zero EPA Enforcement Actions in 24 Months. DMR and CCR Reports in 4 Hours. AWIA Certification Ready in 6 Weeks. All from Your Existing SCADA Data.
iFactory monitors SDWA, CWA NPDES, CMOM, and AWIA 2018 compliance requirements simultaneously. Pre-alerts fire 4 to 48 hours before any permit limit is approached. All compliance documentation auto-generated. All data on-premise within your government network satisfying EPA cybersecurity requirements.
Zero EPA Enforcement Actions
DMR and CCR in 4 Hours
AWIA Certification in 6 Weeks
Pre-Alert 4 to 48 Hours Before Violation
On-Premise AWIA Cybersecurity Compliant
NetDMR and NetCDX Integration
