Regulatory Updates

NIST Releases Updated Version of Cybersecurity Framework

NIST logo


On April 16, 2018, the Department of Commerce’s National Institute of Standards and Technology (NIST) issued an updated version of its Framework for Improving Critical Infrastructure Cybersecurity, commonly referred to as the Cybersecurity Framework. The new version, Cybersecurity Framework, Version 1.1, was published following a public comment period, stakeholder workshops, and two draft versions released in 2017. The Cybersecurity Framework was first introduced in February 2014, when Version 1.0 was first published. The current update, available here, includes updates on risk self-assessment, identity and authentication, vulnerability assessments, and standardized terminology to better manage supply chain cyber risks.

The Cybersecurity Framework is intended to be an ongoing public-private effort to address cybersecurity risks in a wide range of technology environments and businesses that utilize critical infrastructure. The Cybersecurity Framework was first envisaged by Presidential Executive Order No. 13636 in 2013, available here, which directed NIST to produce a set of voluntary standards for physical and cyber critical infrastructure assets that would establish standards that are cost-effective, risk-based, and replicable.

Read more ...

NERC Fines Registered Entity in WECC $2.7 Million for Cyber Security Breach

NERC Photo2

The North American Electric Reliability Corporation (NERC) has fined an unnamed power company $2.7 million for unwittingly exposing critical cybersecurity data that could have allowed hackers to gain access to its systems, according to a notice recently filed with the Federal Energy Regulatory Commission. NERC, which oversees the reliability of the U.S. bulk power system, said in a February 28, 2018 Notice of Penalty that the unidentified power company had reached a settlement with the Western Electricity Coordinating Council (WECC), which handles grid reliability for the Western Interconnection.

Specifically, a third-party contractor to the utility exceeded its authorized access by improperly copying certain data from the utility’s network environment to the contractor's network environment, where it was no longer subject to the utility’s visibility or controls. The contractor failed to comply with the utility’s information protection program on which it was trained. While the data was on the contractor's network, a subset of live data was accessible online without the need to enter a user ID or password. WECC determined the utility failed to adequately implement its program to identify, classify, and protect information associated with critical cyber assets, as required by Reliability Standard CIP-003-3 R4, as well as failed to implement adequately a program for managing access to protected information related to critical cyber assets, as required by Reliability Standard CIP-003-3 R5.

Please contact Lisa Gast , Kristen Connolly McCullough and Sean Neal for further information on compliance with NERC Reliability Standards. 

FERC FINDS PJM TRANSMISSION OWNERS’ SUPPLEMENTAL PROJECT PLANNING PROCESS IS NOT IN COMPLIANCE WITH ORDER NO. 890

shutterstock 356768579

On February 15, 2018, the Federal Energy Regulatory Commission (“FERC”) issued an order[i] finding that the transmission planning practices employed by PJM Interconnection, LLC (“PJM”) Transmission Owners (“TOs”) for developing a specific category of transmission projects (called “Supplemental Projects”)[ii] are inconsistent with Order No. 890’s transmission planning principles. The PJM Order is accessible here.

In particular, based on the record of evidence in the Show Cause proceeding it had initiated in August 2016 under section 206 of the Federal Power Act (“FPA”),[iii] FERC found that the PJM TOs’ practices for planning Supplemental Projects violate Order No. 890’s coordination and transparency principles. FERC thus found that the associated provisions of the PJM Operating Agreement and the PJM Open Access Transmission Tariff (“OATT”) are not just and reasonable and are unduly discriminatory and preferential.

Read more ...

NIST Provides Draft Update to Cybersecurity Framework

 NIST logo

On December 5, 2017, the Department of Commerce’s National Institute of Standards and Technology (NIST) issued an update to its Framework for Improving Critical Infrastructure Cybersecurity, commonly referred to as the Cybersecurity Framework. This update is part of the first set of updates to the Cybersecurity Framework since it was first introduced in February 2014, when Version 1.0 was first published. The current update, available here, is the second draft of Cybersecurity Framework Version 1.1. The update is the result of a series of workshops and public comment review periods since the launch of the original Cybersecurity Framework in 2014.

The Cybersecurity Framework was first envisaged by Presidential Executive Order No. 13636 in 2013, available here, which directed NIST to produce a set of voluntary standards for physical and cyber critical infrastructure assets that would establish standards that are cost-effective, risk-based, and replicable. NIST’s role in producing these voluntary standards was subsequently codified in statute by the Cybersecurity Enhancement Act of 2014, available here. The Federal Energy Regulatory Commission (FERC) often directs the nation’s self-governing electric reliability organization, the North American Electric Reliability Corporation (NERC), to adopt NIST guidelines.

Read more ...

California Independent System Operator Launches Real-Time Publication of Power Plant Carbon Dioxide Emissions Data Online

Clean energy

On January 24, 2018, the California Independent System Operator (CAISO), an organization charged with coordinating, controlling and managing the bulk electric system in California, began publishing real-time data on carbon dioxide emissions from power plants within its region. For the past year, the CAISO has already been making available on its public-facing website, real-time data on supply, demand and locational marginal pricing (LMP) of electricity flowing from power plants to electricity customers within California. The real-time data, which flows from the CAISO’s Open Access Same-Time Information System (OASIS) platform, provides market data such as system day-ahead and hour-ahead demand forecasts, transmission outage and capacity status, market prices and market result data. In addition to the publication of real-time information, the website (available here) also provides historical data on carbon dioxide emissions beginning from 2014 to identify trends.

The publication of real-time and historical greenhouse gas emissions data will likely have implications on current regionalization efforts by the CAISO that attempt to create a western market Independent System Operator (ISO). Proponents of regionalization claim that a wider western market would help California export excess solar power during the day and import wind power from other western states, resulting in lower electricity prices. Others argue that regionalization would allow out-of-state coal generation to export power to California customers, jeopardizing the state’s environmental policies. Most recently, in 2015, California updated its Renewable Portfolio Standard (RPS) goals to require electric retail sellers and publicly owned utilities to procure fifty percent of their electricity from eligible renewable energy sources by 2030. See California Senate Bill No. 350 here. Current legislative efforts may attempt to re-start ISO regionalization efforts. The publication of the real-time carbon dioxide emissions data is intended to help allay environmental concerns to regionalization. In addition, the availability to the public of real-time electricity information will also likely impact the regional Energy Imbalance Market (EIM), which manages energy trading and flow within the western states.

Read more ...

FERC Rejects DOE Proposed Grid Resiliency Pricing Rule, Initiates New Proceeding to Examine Resiliency in the Bulk Power System

shutterstock 785492632

On January 8, 2018, the Federal Energy Regulatory Commission (“FERC”) issued an order (available here) terminating a rulemaking proceeding it opened in early October 2017, in response to a proposal by the Department of Energy (“DOE”) to address the valuation of reliability and resiliency effects of “baseload generation.” According to the DOE, its proposed “Grid Resiliency Pricing Rule” (“Proposed Rule”) was aimed at strengthening reliability and resiliency by increasing the compensation paid to coal and nuclear generation resources that help maintain the reliability and resiliency of the bulk electric system in regions operated by independent system operators (“ISOs”) and regional transmission organizations (“RTOs”). While the details were unclear, the Proposed Rule would have required the RTOs and ISOs to establish new cost-of-service rates to compensate generators that support reliability and resiliency of the electric grid by providing, among other things, a 90-day supply of on-site fuel assurance. Compensable costs would have included operating and fuel expenses, costs of capital and debt, and a higher return on equity and investment.  

FERC unanimously ruled that DOE’s Proposed Rule failed to show that the current RTO/ISO tariffs were unjust and unreasonable, a showing required by the Federal Power Act. FERC found that the proposal’s requirement for on-site 90-day fuel supply criteria would permit only certain resources to be eligible for the new cost-of-service rates, excluding other resources that may also contribute to reliability and resiliency. Further, FERC stated that DOE’s proposal would allow all eligible resources to receive the proposed cost-of-service rates with no regard to prudence, resulting in discriminatory or preferential treatment. FERC noted that its regulation of wholesale electricity markets thus far has resulted in market-based competition with economic benefits accruing to consumers, and any out-of-market actions FERC may have taken were to respond to specific reliability concerns. Addressing the DOE’s concerns that planned coal and nuclear generation retirements were a threat to reliability, FERC cited comments submitted by the RTOs and ISOs asserting that no past or planned generator retirements pose a threat to grid resilience.   See the Order at footnote 24. Further, FERC noted that the DOE proposal did not adequately show that FERC’s past price formation efforts were a sufficient foundation to add cost-of-service rates for bulk power system resilience.

Read more ...

Ninth Circuit Holds FERC Arbitrarily Granted a Public Utility an ROE Incentive Adder for RTO Participation

9th circuit

In an Opinion[1] issued on January 8, 2018, the United States Court of Appeals for the Ninth Circuit (“Ninth Circuit”) granted a petition for review filed by the California Public Utilities Commission (“CPUC”) in two rate proceedings in which the Federal Energy Regulatory Commission (“FERC”) summarily approved for Pacific Gas and Electric Company (“PG&E”) a 50 basis point return on equity (“ROE”) incentive adder for its participation in the California Independent System Operator Corporation (“CAISO”).  DWGP client, the Transmission Agency of Northern California, intervened in the appeal in support of the CPUC. This is a significant decision that has potential implications for other public utilities throughout the United States that receive ROE adders and thereby increase their shareholders’ return for their participation in Regional Transmission Organizations (“RTOs”) or Independent System Operators (“ISOs”).

In response to the directives of Congress in the Energy Policy Act of 2005, and specifically the requirements in section 219 of the Federal Power Act directing FERC to establish by rule, certain incentive-based rates, including incentives for electric utilities that join a RTO/ISO, FERC issued Order No. 679.[2] Order No. 679 provided, in pertinent part, that FERC “will approve, when justified,” requests for ROE-based incentives for public utilities that join or continue membership in an RTO/ISO.[3] Following Order No. 679, FERC has routinely granted a 50 basis point ROE adder to utilities that join or remain members of an RTO/ISO.

In a series of orders on two rate filings submitted by PG&E, CPUC argued that pursuant to California state law, PG&E is required to participate in the CAISO as ordered by the CPUC and, therefore, the FERC orders on review grant an incentive adder to PG&E for doing something it was already required to do and that the granting of an incentive for involuntary behavior is contrary to FERC policy. FERC rejected the CPUC’s claims and summarily granted PG&E the ROE adder finding that PG&E is presumed to meet the criteria required under Order No. 679 to receive the participation incentive.

Read more ...

President Approves Tax Reform Legislation

shutterstock 765893110

On December 22, 2017, the President signed into law tax reform legislation known as the “Tax Cuts & Jobs Act” (available here).   Broadly, the legislation lowers corporate tax rates and restructures personal income tax brackets while also impacting energy companies, state and local entities, and owners and issuers of tax exempt qualified bonds.  Renewable energy entities such as solar, wind and geothermal producers will also be affected by the legislation.   

The legislation maintains the status quo on investment tax credits (ITC) for solar projects for which the tax credit continues as scheduled in a previously agreed phaseout.  The ITC was not extended for projects using combined heat and power, geothermal, fuel cells, and small wind.  A separate bill was introduced in the Senate that would extend the ITC to these and other technologies.  The ITC remains at 30% until 2022 with a plant in service date no later than January 1, 2024.  After calendar year 2022, the ITC drops down to 10%.   The ITC will not be available for solar projects if construction does not begin by December 31, 2027.   The value of the production tax credit (PTC) for wind, solar, geothermal and closed-loop biomass has been maintained by keeping the inflation adjustment at the current rate of 2.3 cents/kWh, despite the earlier House version reducing it to 1.5 cents/kWh.  The legislation also maintains the PTC availability in its current form and phases it out as scheduled by the end of 2019.   

For nuclear generators, however, the tax legislation does not extend the advanced nuclear facilities tax credits that are currently scheduled to expire by December 31, 2020.  An earlier version of the tax bill in the House had extended this credit indefinitely to the extent that there were unused tax credits up to a cap of 6,000 megawatts of national capacity from qualifying nuclear facilities.  An extension of the nuclear tax credit would have been used to ensure that the Vogtle nuclear facility in Georgia, and the summer nuclear facility in South Carolina, progress toward completion.  The separate tax extenders legislation that is currently pending in the Senate may also be the vehicle for the nuclear tax credit extension.    

The final legislation added a new tax, the base erosion and anti-abuse tax (BEAT), to prevent companies from reducing their tax liability by transferring funds to foreign affiliates.  For companies that utilize the ITC and PTC, such tax credit investments, which help to strip down their tax liability, might diminish in value if utilizing the credit pulls them into the new BEAT tax. 

Read more ...