4/20/2020 Understanding Enterprise Risk Management for Utilities © Copyright 2007, CCRO. All rights reserved. 2 1. Introduction Regulated utilities, in many cases, are continuing to apply an Enterprise Risk Management (ERM) framework. This is a process that has been taking place over the past several years since energy companies and regulated utilities with trading activities embarked on ERM implementation in the late 1990s. One key reason for this lag is that these entities had a regulatory ‘cushion’ whereby, as long as the company’s operations were “prudent”, losses could usually be recaptured through rates. In the past, utilities and stakeholders have viewed their business model as low risk. They believed that their systems, business practices and operations were sufficient to control the few risks they had and thus did not view themselves as having significant risks to manage. Changes in the utility industry, such as deregulation, have been key drivers in changing the way these companies, and the outside world, view utilities. Factors now affecting utilities include rate freezes, higher and more volatile costs of capital, and more volatile supply rates resulting from deregulated generation. Many new risks such as environmental and regulatory issues, aging workforce and infrastructure, increased competition in generation, competition for capital, volatile commodity prices, trading scandals, and the continuing focus on reliability are just a few of the drivers behind utilities changing the way in which they view themselves. Based on these changes, there is an expanding interest in ERM as this industry continues to transform itself. The historical regulatory protections have been all but eliminated as regulators are increasingly transitioning the placement of risks from ratepayers to shareholders in the investor-owned utility business model. Significant load growth coupled with increased competition on the supply side has forced utilities to become more conscientious about their capital allocations while regulators are questioning any capital expenditures made by these entities. Finally, today utilities are participating in the expanding traded commodities markets while providing safe, reliable, and lowest cost energy to their customers along with state-of-the- art customer service. The markets in which these companies are operating are dynamic and volatile and many such entities are facing financial stresses with increased regulatory scrutiny. As a result of these changing tensions, utilities are expressing interest and conviction about the need for robust risk management frameworks and capabilities, which was the primary driver to the formation of the Committee of Chief Risk Officers (CCRO). The CCRO is comprised of senior risk professionals from leading energy companies participating in all sectors of the energy industry. Over the past four years, the CCRO has published a series of “white papers” that present risk management practices and disclosure standards in an attempt to raise the industry- wide awareness of these topics. One such paper published by the CCRO on the topic of ERM fully discusses the concepts of ERM and the supporting metrics. However, upon completion of that effort, it became evident that further focus on this topic was required specifically for utilities, as the scope of ERM was generally applicable for these entities, but the magnitude and focus differed greatly from deregulated energy entities. Therefore the CCRO commissioned a working group to develop a paper that would address the specifics of ERM for regulated utilities (including self-regulated/governing public power utilities).