The bottom fell out in the hearing room at FERC on April 5 when witness Joseph Bowring let it slip that, yes, he might well prefer more independence from his employer in his role as chief of the...
Facing Compliance Risks
Enforcement trends call for a proactive approach to complying with market rules.
2007 that resulted in some form of monetary penalty, nearly every one included the development of a compliance report or plan that would be used to help demonstrate the company was adopting a culture of compliance and not approaching compliance in the most politically expedient way.
Furthermore, close examination of each of the enforcement actions reveals that the underlying causes of each of the incidences, or recurring patterns of activity, could be attributed to issues in one or several of the four areas identified above. From a tactical perspective, industry participants increasingly recognize that processes must be in place to assess what is working well and what is not. As noted by Raymond Palmieri, vice president and director of compliance for ReliabilityFirst, “Entities need to be able to break it down. How did it happen? That way they can look at the bigger picture and develop mitigation plans that will help to prevent future occurrences.” 3
Three Basic Choices
Companies operating in the wholesale energy markets can take one of three approaches to their regulatory compliance obligations. In the face of regulatory requirements and market behavior expectations, companies can choose to be passive, reactive or proactive (see Table 1) . A company taking a passive response to regulatory compliance tends to assume operations are working adequately if no regulatory or legal investigations have been launched and no fines have been levied against the company recently. Many companies approaching regulatory compliance in this manner believe the costs of being proactive outweigh the probability and the magnitude of the perceived regulatory risk. As a result, such companies do little or nothing to be prepared for possible regulatory enforcement action.
A company that takes a reactive approach, however, makes some preparatory effort to be responsive to a regulatory challenge, but its response tends to be ad-hoc rather than strategically planned. When confronted with either an internal or external threat or issue, a company taking a reactive approach will take steps to address the root cause of the issue, remediating problematic areas as they are identified. Specific activities of such a company include conducting gap assessments, deploying disaggregated (or decentralized) compliance programs, and fixing identified problem areas. Efforts to support compliance and mitigate operational risks largely are effective, but struggles remain with ensuring the consistency of execution, whether it is reporting, data management or practice documentation.
On the other hand, a company with a proactive approach will take steps to mitigate the regulatory risks associated with its market activities. Irrespective of the current circumstances, a company following this approach will find ways to be prepared to support claims of regulatory compliance and any associated reporting obligations. Efforts tend to be structured and aimed at stemming the risk of compliance violations. A proactive company’s compliance activities focus on integrating people, processes, systems and controls across the business units that play a role in supporting compliance. Examples include proactive planning efforts, inventorying and classifying regulatory risks, adopting and infusing a compliance culture, providing on-going training regarding compliance, and using regular self-assessments to identify and resolve issues before they