(November 2008)Economic uncertainties are raising doubts over utility returns. Will regulators feel the need to consider broader economic effects when engaging in ratemaking? While...
Facing Compliance Risks
Enforcement trends call for a proactive approach to complying with market rules.
The issues that were identified and settled by FERC fell into five basic categories:
• Standards of conduct violations
• Price reporting disparities/ manipulation
• Ownership identification issues
• OATT/transmission violations
• Other rule/code violations.
Across these categories, there was a combination of both self-reporting incidents and external investigations that gave rise to the enforcement actions. Upon review of the individual cases, most interesting are the insights that can be derived from examining the controllable activities underlying the incidents. As an example, when looking at a number of the transmission violations, the root causes of the incidents stemmed from a variety of factors, including poor procedure enforcement, absence of new policies, disregard for internal reporting requirements, weak control functions, and lack of employee training. Each of these factors suggests the need for developing and deploying an integrated program approach that can give management confidence that the enterprise is taking the necessary steps to address compliance expectations.
More important, the lesson to be taken away should be that attention to these matters is good business practice, not just a check in the box of regulatory compliance.
Mandates vs. Good Practice
The debate between regulators and industry has risen to a fever pitch of late, due to concerns about the ambiguity of what’s expected of companies and how certain rules will be enforced. Companies are keenly sensitive to the reputation risk associated with regulatory incidents, and they worry about violating uncertain compliance requirements that FERC hasn’t enforced, but could decide to prosecute at any time. Concerns range from not receiving enough guidance from regulators to receiving guidance that is too prescriptive. In spite of this debate, key industry stakeholders seem to agree that the directives passed down by federal regulators simply encourage good business practice and should not be viewed merely as a means of regulatory enforcement.
This assumption, however, doesn’t replace the need for a critical examination of the strengths and weaknesses of an individual enterprise’s regulatory compliance efforts. As companies move down the path of either building or creating more effectiveness and efficiency in their compliance capabilities, they should be asking a series of key questions.
In the spirit of promoting good business practice, the process of assessing compliance capabilities should address four core areas: policies, systems, people, and controls (see sidebar, “Compliance Questions”) . Most important, for the capabilities to be effective there must be demonstrable support for—and enforcement of—compliance from the senior levels of an organization. Senior level commitment and attention provides the best foundation for ensuring a robust overall compliance program. Along with this support, attentiion also should be given to the efficiency with which corporate resources are dedicated to compliance activities ( i.e., ensuring the highest and best use). Thoughtful answers to questions about compliance capabilities are essential to ensure that whatever the mandates are, the enterprise will be able to respond in a manner that reflects good business practice while promoting effectiveness and efficiency in operations. This perspective appears consistent with what FERC is trying to promote. As evidenced in the dozen FERC enforcement actions from