On February 21, 2017, the North American Electric Reliability Corporation (“NERC”) submitted its annual risk-based Compliance Monitoring and Enforcement Program (“CMEP”) report to FERC. In the report, NERC reviewed the CMEP’s progress for 2016 and proposed two enhancements to improve the program’s efficiencies and effectiveness. Specifically, NERC proposed (1) discontinuing the requirement that registered entities publicly-post their noncompliance logs and (2) expanding the use of Compliance Exceptions (“CEs”) to include certain moderate-risk noncompliance issues. NERC asserted that the proposed enhancements would allow the CMEP to better target higher-risk issues that can impact the reliability of the bulk power system.
Through various orders in 2015, FERC approved the implementation of NERC’s risked-based CMEP after finding that such a program would be useful in focusing the efforts and resources of NERC and industry members on identifying and correcting high-risk activities and compliance problems. As part of the program, FERC instructed NERC to submit annual informational filings to summarize the program’s progress.
In its report, NERC stated that throughout 2016 it cooperated with the country’s eight Regional Entities to implement the CMEP and monitor its progress. Through this process, NERC identified two CMEP enhancements, which it proposed to FERC. First, NERC proposed to allow registered utilities and other program participants to identify minimal risk noncompliance issues through non-publicly posted self-logs submitted to FERC. The CMEP’s voluntary self-logging program allows eligible entities to log minimal risk noncompliance issues, which are then given a CE presumption and are processed in an expedited manner. When FERC approved the CMEP, it found that publicly-posting self-logs would help “educate industry to avoid and mitigate noncompliance with reliability standards.” As NERC stated in its filing, however, the public-posting requirement unintentionally discouraged program participation, thereby limiting the opportunities for NERC and industry members to fully collaborate and address common minimal-risk noncompliance issues. To encourage greater program participation, NERC proposed to publicly-post a list of high-performing entities, while allowing all self-log program participants to submit their minimal-risk logs non-publicly so as to minimize the deterrent effect of public scrutiny of minimal risk events.
Second, NERC proposed to expand the CE program to encompass certain moderate risk noncompliance issues. As NERC noted in its filing, serious risk violations are always subject to enforcement action, but certain minimal and moderate noncompliance issues can be addressed through less drastic means. Several years ago, NERC established the Find, Fix, Track and Report (“FFT”) system to efficiently process minimal risk noncompliance problems and allow NERC to prioritize high-risk noncompliance. The CE program developed from the FFT reporting system and, according to NERC, these programs collectively resolved more than half the discovered noncompliance issues in 2016. As part of its CMEP report, NERC proposed to expand the CE Program to process certain moderate risk noncompliance problems based on such criteria as the entity’s internal compliance program, management practices, and various mitigating factors.
Effectuating either of the two proposed CMEP enhancements would require changes to NERC’s Rules of Procedure, which NERC stated that it would develop and submit to FERC at a later date. A copy NERC’s February 21, 2017 Compliance Monitoring and Enforcement Program filing, along with the attached CMEP annual report, can be found here.