In search of the Holy Grail of utility risk management.
Richard Stavros is executive editor of Public Utilities Fortnightly.
Many analysts in the industry say the search for the Holy Grail of risk management is on.
Since their early beginnings, utilities have learned to be exceptionally prepared for the unknown hurricane, storm, or catastrophe that could instantly disrupt delivery of their essential services to customers. On balance, utilities emergency preparedness for the unimaginable natural disaster has been exceptional throughout the years; one only need recall Southern Co.’s or Entergy’s response to Hurricane Katrina.
But where some utilities have excelled at managing the physical risks of their business, those very same utilities have often been ill prepared to manage the various operational, financial, and other business calamaties.
How often have utilities filed quarterly reports to the Securities and Exchange Commission explaining the utility lost millions due to unexpected weather, unexpected changes in demand, unexpected changes in the price of a commodity, or due to the unexpected outage of a base-load power plant? Furthermore, how often have regulators had to consider a rate increase to cover losses from the utility who failed to anticipate an increase in commodity prices or other risk?
Of course, for a long time utilities were not held responsible by regulators or investors for managing these risks (and there are some jurisdictions where utilities are still not held responsible). In the past, the prudent way to manage these so called unpredictable and some believed unmanageable events was to pass it through to the ratepayer or the investor. “Call it an act of God or force majeure,” a utility executive might say, which in contractual terms excuses a party only if the failure to perform could not be avoided by the exercise of due care by that party. And in most cases, regulators would have agreed. But that has changed.
In the new environment following the Enron collapse, the California crisis, and the recent run up in commodity prices, utilities have a much greater burden in proving that they are prudent.
“Since deregulation there seems to be a lot more pressure from stakeholders, and interest on the parts of utilities to do a much better job forecasting. In the traditional utility environment everything was a cost passed through to ratepayers. So, what you paid for fuel and how much fuel you needed based on the variability around your demand, you just went out and did it and you passed that on to the customer. That’s not as easy to do today,” says Leigh Parkinson, a founding principal of RiskAdvisory, a division of SAS.
Parkinson explains, a climate of high natural-gas prices mean that these pass-throughs are not going to be approved or rubber stamped by regulators anymore. In fact, his utility clients have been asking him how, on a quantitative level, they have been prudent in their risk management.
But the pressure to adopt more sophisticated risk management techniques hasn’t been coming only from the regulators. Ratings agencies, such as Standard and Poor’s, rate utilities’ risk management for bond holders and other clients, and some investor groups and banks remember they were burned by the Enron debacle. As a result of pressure from stakeholders and new financial disclosure laws such as Sarbanes-Oxley, risk-management systems have become more prevalent at utilities, Parkinson says. Parkinson says it also has helped that groups such as the Committee of Chief Risk Officers have done much to create a level of standardization in risk management practices amongst the industry.
However, today many of these systems are outdated, and few utilities have the sophistication in their traditional risk management systems that are called for in today’s energy industry. Many utilities are at varied levels of risk-management sophistication.
Nevertheless, some utilities are taking the lead in managing the new risks, as new more sophisticated systems and services are becoming available.
Not Just About IT Systems
In outlining his company’s enterprise-wide risk-management program, Kent M. Harvey, senior vice president and chief risk and audit officer for PG&E Corp., believes an emphasis on IT systems is just one part of a comprehensive risk-management program at the company.
“It’s not about a huge capital investment in an IT system. We have those in the commodity area because that requires that. From my perspective, I view enterprise risk management as something that is about my fiduciary duty to better manage the company,” Harvey says. He explains that what he has done is brought together PG&E Corp.’s senior executives to go through a structured, thoughtful process, to make sure that the company is thinking about its key risks in the right way, and that there are good strategies in place to manage them.
He notes that very often utilities that undertake a program such as this fail because they make it too complex.
“There are companies that have tried and failed to put an enterprise system together. The biggest risk is that you try to make it too complex. You try to quantify things that are almost inherently impossible to quantify and you get bogged down. People are spending their resources on the system, and they are not seeing any business benefit. It is like they almost view it as something from corporate that is a requirement to do rather than this is going to help us be successful as a company or as a business,” he says.
Harvey emphasizes keeping things simple and linking them to the business.
“We engaged the senior team. We have identified a single officer level person who owns each risk. My job as chief risk officer is to set up a structure with roles and responsibilities and a process so they can do that effectively and we can have good visibility around what is happening.”
One risk PG&E Corp. senior executives identified as high on the list is electric and gas procurement—one of many identified risks that came as no surprise, Harvey says. But the process allows the company management to make sure it is thinking about the risks and actively managing them.
“We have the commodity risk. We have other ones that are more event driven. In our case, seismic would be an event risk or a pandemic. There are other risks associated with IT security. That is something that a lot of companies have been dealing with. There are global trend risks, like climate change. Obviously, one that everyone is dealing with after 9/11 is terrorist-type risk.”
PG&E Corp. Chairman and CEO Peter Darbee says that the California energy crisis informed his decision to develop a much more robust risk culture at the company.
“The orientation of management prior to me moving to the CEO position was limiting that to commodity risk. When I moved to the CEO position, I had the ability to introduce a point of view that we had to be looking beyond the commodity to the major risks across the entire enterprise. And having been through such a tumultuous experience as the California energy crisis, one of the first things I asked myself as a CEO was, What are the big risks that you need to be concerned about? What are the big risks that you envision the company as confronted with? It is really important that you have action plans and programs in place to identify the true risks and manage the most significant of those risks.” Darbee believes that if the CEO is not thinking broadly about this issue, no one in the company will be.
But one question arises in every utility CEO’s mind after reading about Darbee’s enterprise-wide risk program: Where is the payback?
“Some might argue that we haven’t got the payback from the investment community for the improvement that we have made,” Darbee offers. “My reaction is that when you look at the cost relative to the potential consequences to the company, it is a very reasonable priced insurance premium.”
Building the Right System
Many utilities executives that have implemented enterprise risk systems say that the commodity risk-management component that requires IT systems doesn’t necessarily have to be a Hal 9000-like talking computer that costs millions to build. But there is a growing view of what is needed in any given utility.
Brian Miksch, vice president, Sungard, says the avoidance of disparate systems is the ideal objective in developing an energy risk IT system.
"If you can combine a vast majority of front, middle and back office functions into one IT infrastructure, utilities can gain great efficiencies in their operation. An ideal solution involves integrating all those processes as part of one IT infrastructure and supports the users' interaction with the outside world," he says.
Michael Ravo, vice president, industry solutions, Triple Point Technology, chimes in on what the Holy Grail on the systems side would be.
“The system needs to have true straight through processing. By true I mean front to back and all areas of the system are feeding off the same market and trade data, and even reference data, company data, credit data, and the ability to manage that across all aspects of the business,” Ravo says.
Furthermore, he believes that utility risk management systems should not segment generation or long-term trading or real time trading, but should offer a view of all of them together.
“Pulling that all together in all of the areas—front to back—and managing 100 percent of a company’s risk across all of their various markets I would call the Holy Grail,” he says.
Furthermore, Jim Roland, president of Trade Capture, says his customers not only want their information integrated, but also want more real time information.
“For books and records purposes, what we as a company had to do is give people more of an instantaneous feedback they were looking for. Part of that was driven around the volatility [in markets].”
RiskAdvisory’s Parkinson says electric utilities are looking way down in to the next hour type trading activity. “So, there is a definite trend toward granularity in their data management. In the last 12 months, all the requests are geared around how to do a pre-deal analysis. “I don’t want to do a deal until I know the affect before I execute the trade,” they say. [Utilities] want the whole decision process turned around in a matter of seconds rather than modeling in a spreadsheet and going through it over the course of a day.
However, it must be reiterated that many utilities don’t have this capability. In fact, Sungard’s Miksch acknowledges very few companies have the high level of integration that many describe as the Holy Grail for energy risk-management systems.
Those that do typically are public utilities that do not have complex requirements, he says. But with the formation of RTOs and ISOs, it makes it even more challenging for some companies to keep up with that change, he says.
"[Utilities] would ideally like to get to a place that has more
integration. It is at the forefront of their minds. If you look at what is going on in California with MRTU, all of the big utilities and players in the ISO are making sure they are prepared for the redesign of the market, and this will inevitably involve lots of system integration work." he says.
Of course, the reason utilities are seeking better integration on a company-wide basis is that many risk analysts have discovered that the utility tends to segment its risk. So much so, in fact, that one part of the organization may be unaware of risks in another part of the organization. Worse, one part of the company may increase the risks of the utility without knowing that it has.
“Where you have organizations that have systems built to manage different silos or different commodities, if you will, you don’t necessarily get the ability to manage the risk of a multiple commodity asset,” Ravo explains.
It’s not a minor point for the risk group to see the multi-commodity risk, he says. “If they don’t have that view—and some companies don’t—you run the risk of entering hedges. You are not seeing the natural offsets between commodities, so you can be hedging when you shouldn’t be hedging. So, it’s an absolute requirement to have an across-the-board view. Otherwise, you won’t know your true position, or your exposure,” he says.
Many experts say a true corporate-wide holding company level value at risk calculation can be provided by a system that can manage the data across all of the individual silos within the organization. They say the silos can be separated through Chinese walls and security provided within the system. But integrating that system can be extremely complex if a utility’s culture does not allow for the change in business operation, or the management does not have a strong risk-management culture. It’s not as simple as buying a system, experts say, adding a comprehensive risk identification approach is needed like PG&E Corp. completed. Oddly, Triple Point Technology took a poll of its clients (not just utilities) and found that 89 percent said they wanted straight-through processing, while only 11 percent said they had it.
The Investment Banks: A New Era of Service
Financial institutions such as investment banks are becoming ever more involved in offering utilities risk management services and advice. The question many utility executives are asking themselves is how these new offering should alter a company’s approach to risk management.
For example, Joe Gold, Barclays Capital's Head of US Commodities, says that he would not advise that utilities outsource their risk management – a concept that some utilities had been exploring as of late. Gold says that such a strategy has inherent risks in the current regulatory climate. Utilities have an increasing incentive to understand their commodity risks. "Commodities risks need to be something that management understands well. If utilities have very close relationships with a number of financial institutions, they must make sure they can manage those risks. Some utilities understand the risks in great detail, some do not," he says.
Gold makes an important distinction. He would not recommend a utility outsource its risk management which would involve allowing another firm to make decisions for it. However, he would recommend that utilities understand and hedge 100% of the risks that they can.
Gold prefers to be an equal partner with utilities when they are making decisions, and once the utilities have decided, Barclays Capital works with them to figure out the most cost effective way to manage those risks that they have identified.
Meanwhile, Frank Napolitano, managing director at Lehman Brothers, who oversees sales and origination for the firm’s Energy Trading division, explains that only in the last two years has Wall Street focused its derivatives talent against utility industry problems “as part of the core Wall Street game plan.”
The result, he says, is a completely new discussion that many utilities never thought possible. Analysts say the investment banks are using these new energy risk-management services as a way to enhance advisory services that had long existed.
Gold explains that Barclays Capital already has extensive and long relationships with utilities in a number of areas such as lending. "If I walk into a CEO's office to discuss a risk management strategy, it would most likely not be the first time that they would have heard of or dealt with Barclays, as the bank is a big lender to the sector," Gold says.
Similarly, Lehman Brothers has also had long standing advisory and banking relationships with the utilities sector.
According to Napolitano, Lehman Brothers’ Energy Trading division works with utility corporate clients in two fundamental ways. The first way, he says, is through direct transactions via the bank’s energy products and service offerings. The second is more indirect, by working in concert with the investment banking industry, M&A and global finance groups, as well as using its Risk Solutions Group in the development of more complex transactions that cover corporate wide risks.
Lehman’s Risk Solutions Group (RSG), which resides within the investment banking group, is meant to house derivatives literate, corporate finance literate, and industry literate professionals that are capable of understanding a corporate client’s baskets of risks on an enterprise-wide basis, Napolitano says.
He says the difference between Lehman’s Energy Trading Division and the RSG group is like the difference between providing the tools for building a house and building the house. RSG offers solutions around problems that corporate clients looked on as basic problems from being in the business. “We are finding ways to do something about those very fundamental things. In our view, it is creating more certainty around the cash flow and earnings streams,” he says.
For example, if a utility is doing business with a counterpart that has a lower credit rating, as a result, than the utility warehouses or holds the credit exposure, he explains.
“Today, we can provide credit derivatives that in effect insulate them from the risk of credit default of the counterparts, so they can effectively remove the credit risk piece of that counterparty transaction. We are seeing on awful lot of opportunity related to energy transactions because of the decrease in credit quality that has largely occurred post 2001 for the wholesalers who participate, broadly speaking, in the domestic natural-gas and power markets,” he says.
Napolitano also says that the Energy Trading group has been able to standardize products that companies had been using for the purposes of hedging and modify them and restructure those products to create a more cash collateral light approach to margining.
For example, 10 years ago, before energy derivatives were prevalent, if a party wanted to hedge its long-term exposure to something like natural gas, it could do it through the futures market, which meant they’d go to NYMEX and through a broker to execute an order, which required a lot of collateral.
“We have through the over-the-counter market—which is the derivatives market, away from the futures exchanges—created products that understand the counterparty credit risk, price it accordingly, don’t require as much cash collateral as a result, so it decreases the working capital component to the utilities and than we as an institution [syndicate the risks],” he says.
They get the benefit of the hedge, they get the benefit of the decreased working capital component to defend the hedge, and they do it via a derivatives structure, Napolitano explains.
As tempting as it might be to rely on an investment bank’s talented executives as an extension of a utility’s risk management department, it should not be thought of as such. Even so some utility executives may think that it might be cheaper in terms of saving on risk management IT systems and risk management personnel. But Napolitano sees his ideal role as being a partnership.
“I think a fair transaction is where both parties understand the nature of the risk and the bargain that has been struck to transfer the risk from party A to party B. So, we have found companies getting a better handle on how the counterparty views these risks. They are developing not an execution capability like an investment bank, but the measurement capabilities to look at and quantify the risks the same way that we would, so that we all understand what the facts are and they can make an intelligent decision on what is best for their shareholders.”