Overview of NERC Compliance Violations
advertisement
Overview of NERC Compliance Violations: How to Avoid Repeating Others' Mistakes Energy Compliance Network June 25, 2009 Today's Presentation • Overview of NERC Reliability Standard Enforcement Methods • Case studies of Notices of Violation • Lessons Learned 1 NERC and the Regional Entities • In July 2006, FERC certified the North American Electric Reliability Corporation (NERC) as the Electric Reliability Organization (ERO) delegating to it certain authority over Reliability Standard compliance. • NERC, in turn, works with 8 Regional Entities to ensure Reliability Standard compliance. These are: – Florida Reliability Coordinating Council (FRCC) – Midwest Reliability Organization (MRO) – Northeast Power Coordinating Council (NPCC) – ReliabilityFirst Corporation (RFC) – SERC Reliability Corporation (SERC) – Southwest Power Pool, RE (SPP) – Texas Regional Entity (TRE) – Western Electricity Coordinating Council (WECC) 2 Reliability Standard Applicability • In March 2007, FERC approved 83 NERC Reliability Standards. • NERC Reliability Standards became mandatory and enforceable on June 18, 2007. • Various of the standards apply to Registered Entities that purchase and sell electricity, own or operate certain generation facilities or own or operate transmission facilities of 100 kV or above. • Violations of the Reliability Standards may lead to penalties or sanctions of up to $1 million per day per violation. 3 NERC's Compliance Monitoring and Enforcement Program (CMEP) • NERC relies on self-certifications, self-reports, audits, complaints and investigations to assess compliance. • In 2009, there are 49 specific Reliability Standards subject to audit and 52 specific Reliability Standards subject to self-certification. • The audit schedule is public. • Audits may be conducted on-site or off-site. • NERC requires entities subject to audit to respond to Reliability Standard Audit Worksheets (RSAWs) in advance of the audit. New RSAWs were issued in May 2009. 4 Civil Penalties – Up to $1,000,000 per violation of the Federal Power Act or any rule, regulation, restriction, condition, or order of FERC. – Each day of a violation may be considered a separate violation. – In determining penalty amount, relevant information includes: • Nature and seriousness of the violation • Efforts by the company to remedy the violation • Regulatory compliance of the company • Voluntary reporting of the violation • Cooperation by the company in the investigation • Whether others are harmed by the violation • Whether the company profited from the violation – Opportunity to be heard before penalty assessed. 5 NERC's Application of Civil Penalties • NERC employs a table to assess financial penalties for violating the Reliability Standards. • It categorizes the Violation Risk Factor (VRF) as Lower, Medium or High. • It categorizes the Violation Severity Level (VSL) as either Lower, Moderate, High or Severe. • VRFs are used to associate a violation of the Requirement with its potential impact on the reliability of the BES. • VSLs are measurements of the degree to which the Requirement was violated. 6 NERC Penalty Table Base Penalty Amount Table from NERC's Sanctions Guidelines Violation Severity Level Violation Risk Factor Lower Range Limits Low High Moderate Range Limits Low High High Range Limits Low High Severe Range Limits Low High Lower $1,000 $3,000 $2,000 $7,500 $3,000 $15,000 $5,000 $25,000 Medium $2,000 $30,000 $4,000 $100,000 $6,000 $200,000 $10,000 $335,000 High $4,000 $125,000 $8,000 $300,000 $12,000 $625,000 $20,000 $1,000,000 7 Alleged Violations (U.S. Entities) • As of March 2009, approximately 1,750 alleged violations are actively being processed at NERC. • Between June 18, 2007 and June 2008 there were 1400 violations, 700 of which were self-reported. • Numerous documentation-related violations were initially reported (now these comprise less than 50%). • Approximately 1 in 4 of all alleged violations to date has been dismissed upon further NERC review. • To date, the highest penalty has been $250,000. • Majority of the public enforcement actions to date were for actions that occurred before December 31, 2007, during the "transition period," when there was latitude to issue "zero" penalties. 8 Most (Allegedly) Violated Standards To Dec 31, 2008 9 Notices of Violation PRC-005, Transmission and Generation Protection System Maintenance and Testing • Applies to TOs, GOs and those DPs that own a transmission Protection System. • Requires a M&T program that contains M&T intervals, their bases, M&T procedures and evidence of M&T. • To date there have been 21 final enforcement actions for PRC-005 violations. • Most raised by self-certifications of non-compliance. Some self-reported a violation, others discovered through compliance audits. 10 Examples of PRC-005 Violations: Exelon Generation Company, LLC, Docket No. NP08-5 in TRE • Self-certified that devices not being tested within defined intervals. • Contractor hired to calibrate and functionally test all relays, but the contractor only checked terminal connections. • No penalty assessed because: 1) the violation occurred before January 2008; 2) no system disturbance occurred, bulk power system reliability not at serious or substantial risk; 3) first violation; 4) Entity cooperated with TRE; 5) Entity acted immediately to mitigate or correct the violation; 6) violation was mitigated in accordance with the Mitigation Plan. Lessons Learned: Check contractors' work. Consider negotiating liability in contract. 11 Examples of PRC-005 Violations: West Georgia Generating Company, LLC, Docket No. NP08-19 in SERC • • • • • Self-report. Testing was 11 months overdue. Contractor tested electro-mechanical relays but did not test digital relays. SERC found via audit that M&T deficient for failing to identify a summary of relay maintenance procedures and to include certain testing intervals, the basis for intervals, or a summary of maintenance and testing procedures. SERC exercised discretion to assess no penalty because: 1) the violations occurred during the period of transition to mandatory standards; and 2) the violations were deemed not to put the bulk power system reliability at serious or substantial risk. Lessons Learned: Ensure documentation addresses all aspects of Requirement. Check work records. 12 Notices of Violation PRC-005, Transmission and Generation Protection System Maintenance and Testing • Other Violations included: – Failure to have a documented M&T plan in place. – Inability to show that regular M&T had been performed. – Failure to perform the scheduled M&T. – Company forgot to incorporate a new unit into its M&T program. – Company could not find the manufacturer's manual during the compliance audit, and its testing program stated it would comply with the manufacturer's instructions for M&T. 13 Notices of Violation CIP-001, Sabotage Reporting • Applies to RCs, BAs, TOPs, GOPs, and LSEs. • 20 final enforcement actions for CIP-001 violations. • Most penalties $0; one settlement of several violations was $250,000. • Majority self-certified non-compliance. • One violation discovered through spot check. 14 Examples of CIP-001 Violations: FPL Energy, LLC, Docket No. NP09-17 in SERC • Settlement of $250,000 associated with CIP-001-1 and PRC-005-1 violations. • Entity self-reported possible violations of 13 Reliability Standards on June 1, 2007 before the standards were mandatory and enforceable. • Majority of self-reported violations were dismissed. • As to others, the entity submitted Mitigation Plans. • SERC made repeated requests for evidence of completion of the Mitigation Plans. • SERC conducted an audit in early 2008 finding the Entity was still not in compliance with the self-reported standards and identifying additional violations. • This led to post June 18, 2007 non-compliance. 15 Examples of CIP-001 Violations: FPL Energy, LLC, Docket No. NP09-17 in SERC (cont.) • • • • • Entity failed to remedy the earlier violations in accordance with its Mitigation Plan. Entity did not submit evidence to allow SERC to verify completion of the Mitigation Plan. For PRC-005-1 the M&T procedures did not include a description of the program, nor did the procedures include testing intervals and their bases. Entity was unable to produce evidence that all components of generation Protection Systems had been tested. For CIP-001-1, sabotage response program lacked procedures for identification and awareness of sabotage. Program lacked procedures to communicate sabotage events to appropriate parties. SERC concluded that insufficiently documented protection system M&T program and sabotage reporting program represented a low actual and foreseen risk to bulk power system reliability. Lessons Learned: Complete Mitigation Plans completely and on time. Respond to Registered Entity requests for documentation. 16 Examples of CIP-001 Violations: NorthWestern Energy, Docket No. NP09-23 in MRO • Self-certification. • MRO found violation for failure to have a written procedure for dealing with possible sabotage events that includes: 1) recognition of sabotage events; 2) communicating information on sabotage events; 3) response guidelines for operating personnel; and 4) lists of communications contacts. • Entity had a draft sabotage reporting procedure but the plan was not distributed or implemented until February 29, 2008. 17 Examples of CIP-001 Violations: NorthWestern Energy, Docket No. NP09-23 in MRO (cont.) • • $0 penalty imposed. In reaching this determination, NERC BOTCC considered the following factors: 1) informal processes were in place, even though they did not conform to the specific requirements of the Standard; 2) non-compliance was self-certified; 3) the entity worked diligently to correct the violations and to prevent future ones; 4) first offense; 5) bulk power system reliability was not at serious risk because informal processes in place; and 6) there was no repetitive violation, no negative relevant compliance history, no applicable compliance directives, no evidence that the violations were intentional to warrant a different penalty amount. Lessons Learned: Procedures are key to avoiding violations. 18 Notices of Violation CIP-001, Sabotage Reporting • Other violations included: – Emergency plan deficient to meet each of the CIP-001 requirements (several companies relied on a preexisting emergency/sabotage plan that was not adequately updated to meet the NERC requirements) – Lack of appropriate documentation on program and/or employee training – Failure to establish a direct contact with the FBI (in one case, the company's terrorist reporting policies established a contact with the local County Sheriff's office as a conduit to the FBI, which was deficient under NERC standards) 19 Notices of Violation FAC-008 and FAC-009, Facility Ratings • Applies to TOs and GOs. • 16 final enforcement actions for FAC-008 and/or FAC-009 violations. • Several involved affiliates that experienced same violations. • Fines up to $10,000. • Violations discovered through self-certifications, self-reports, and compliance audits. 20 Examples of FAC-008 and FAC-009 Violations: Choctaw Generation Limited Partnership, Docket No. NP09-8 in SERC • • • • • • • • Settlement of $10,000. Entity self-certified compliant to standards. Non compliance discovered during audit. Entity's documentation did not include its Facility Ratings Methodology. Entity could not present evidence of established Facility Ratings. SERC concluded that the insufficiently documented Facility Ratings Methodology and undocumented Facility Ratings represented a low risk to reliability. Other factors considered: 1) cooperation; 2) commitment to compliance and 3) agreement to expeditiously reconcile this issue via settlement. Entity also agreed to share its experiences and lessons learned to add value in promoting a culture of compliance among similar entities by providing panelists or speakers for at least one Regional Entity compliance workshop. Lessons Learned: Risk of multiple violations when affiliates experience same deficiency in compliance program. 21 Notices of Violation FAC-003, Transmission Vegetation Management Program • • • • Fines up to $180,000, "other" costs of up to $2 million. Applies to TOs. 4 final enforcement actions for FAC-003 violations. Requires a TVMP and maintenance of prescribed distances between vegetation and transmission lines. • 3 self-reported based on outages caused by vegetation – penalties issued in each instance. • 1 violation was failure of a JRO to produce documentation to show that each of its members had an adequate vegetation management program in place – no penalty. 22 Examples of FAC-003 Violations: Duke Energy Carolinas, LLC, Docket No. NP09-3 in SERC • • • • • • • • Settlement provided for $50,000 penalty and considered compliance expenditures of $1.8 million plus future commitment of $200,000/year. Entity did not admit or deny the alleged violation in the settlement. Several settlements between entity and SERC were remanded by the NERC Board of Trustees Compliance Committee. Outage occurred that appeared to have been caused by flashover. Offending vegetation deemed to be there "for quite some time." Entity agreed to deploy a new technology (LiDAR) to assess clearance distances and to aid the industry in understanding the benefit of the use of this technology. Use of new technology was recognized as raising potential for more violations. Limited immunity from additional violation findings negotiated. Lessons Learned: NERC may override Regional Entity proposed settlement. 23 Example of FAC-003 Violation Baltimore Gas & Electric Company, Docket No. NP08-1 in ReliabilityFirst • Self report two days following outage caused by tree growing too close to transmission line. • Tree that caused the outage was allowed to remain because adjacent landowner complained about removal for aesthetic reasons – scheduled for removal in next cycle. • Penalty of $180,000: TVMP was in place and followed, self-reported and immediately corrected violation, cooperated with ReliabilityFirst. • Entity completed inspection of all its transmission lines and hired a contractor to inspect that vegetation was cleared. Lessons Learned: Landowner concern cannot inhibit reliability. 24 Example of FAC-003 Violation MidAmerican Energy Company, Docket No. NP08-2 in MRO • • • • Self report following outage caused by tree growing too close to 345 kV transmission line. Tree that caused the outage was identified for removal a few months prior, but operator transposed the tree identification number in the work order and the wrong tree was cut down. Settlement of $75,000 penalty since failure was due to human error, not neglect. In addition to the penalty, entity agreed to: verify that there were no other vegetation issues on the system; implement GPS identification of trees in order to avoid human errors from inaccurate data; conduct personnel training; develop a tree risk assessment program that considered trees both in and out of right-of-ways; fund $30,000 for an EPRI project related to developing integrated vegetation management performance standards. Lessons Learned: Use GPS and other tools to ensure intended work was completed. 25 Notices of Violation PER-002, Operating Personnel Training • Applies to TOPs and BAs. • 9 final enforcement actions for PER-002 violations. • No penalties issued. • Majority of violations discovered through compliance audits. • Violations were because training documents lacked appropriate specificity. 26 Examples of PER-002 Violations: City of West Memphis, AR, Docket No. NP09-14 in SERC • • • • • Entity, which provides Balancing Authority service, was audited in October 2007. PER-002 requires a defined training program based on NERC and Regional Entity standards, entity operating procedures, and applicable regulatory requirements. SERC determined that, while entity had lessons and other training items for each personnel classification, the training program did not identify or summarize the desired outcomes and did not clearly delineate the training objectives. Entity was required to update its training program to make it more detailed. Also sent personnel to SERC-provided courses on "training the trainer." Lessons Learned: Pay attention to training. Ensure training accurate and effective. 27 Notices of Violation VAR-001, Voltage and Reactive Control • Applies to TOPs and PSEs. • 2 final enforcement actions for VAR-001 violations. • No penalties issued. • Violations included: – Failure to provide exemption criteria for generators that could not follow a voltage or Reactive Power schedule – Failure to document policy on Automatic Voltage Regulators (AVR) outages 28 Examples of VAR-001 Violations Northern States Power Companies, Docket No. NP09-18 in MRO • • • • • • Self report on December 21, 2007. VAR-001 requires entities to specify a voltage or Reactive Power schedule at the interconnection between the generator facility and the TO's facilities to be maintained by each generator. As TOP, entity had to specify criteria for generators that were exempt from complying, which entity had not done. Specifically, it had wind generators and a refuse derived fuel generator interconnected to the transmission system that could not follow a voltage or Reactive Power schedule. Also had to provide voltage schedules to all generators on its system. MRO issued no penalty based on the fact that the violation was selfreported; the generators were exempt from following a voltage and Reactive Power schedule, so there was no harm; the violation did not put the bulk power system reliability at substantial risk. Lessons Learned: Remember that new technology may require changes to past practices. 29 Notices of Violation VAR-002, Generator Operation for Maintaining Network Voltage Schedules • Applies to GOPs and GOs. • 1 final enforcement action for self-reported VAR-002 violation. • No penalties issued. • Violation included: – Failure during start-up to maintain the hourly integrated voltage value of a specified unit with the voltage specified by the TOP while its AVR was out of service. 30 Examples of VAR-002 Violations Dynegy, Inc., Docket No. NP09-16 in SERC • 2 separate self-reports in October 2007 – October 2 for first violation and October 26 for second violation. • TOP gave Entity a range of generator output voltage levels to attain, and in both circumstances, generator deviated by ~1% during startup of the unit. • No penalty issued, considered minor infractions because of de minimis magnitude of deviations. Relevant TOP did not complain about the generators' performance. • Mitigation required re-training of control room operators; adjustment of generator terminal voltage after synchronization; increase the frequency of physical monitoring of voltage; implement an electronic alarm notification system. Lessons Learned: 100% compliance is expected. Even minor deviations can lead to violations. 31 Notices of Violation INT-004, Dynamic Interchange Transaction Modifications • Applies to BAs, RCs, TOPs, PSEs. • 1 final enforcement action for self-reported INT-004 violation. • No penalties issued. • Violation included: – Failure to update dynamic transaction tags 32 Examples of INT-004 Violations Tri-State G&T Merchant, Docket No. NP08-6 in SERC • Self reported in August 2007. • Standard requires entities to tag Dynamic Interchange Schedules and to update those tags in certain situations. • Entity discovered that it failed to update a dynamic transaction tag for 2 hours. In investigating the violation, entity discovered that it had similar violations on 7 other days. • Mitigation required company to modify its energy management application and develop a training course for its Real Time staff instructing them how to meet the standard and the importance of meeting the standard. Lessons Learned: Standards apply 24/7. Failure to monitor and update schedules in real time can lead to NERC violations. 33 Notices of Violation TOP-002, Normal Operations Planning • Applies to BAs, TOPs, GOPs, LSEs, and TSPs. • 1 final enforcement action for self-reported violation. • $3,000 penalty issued. • Violation included: – Failure to submit daily status report for forecasted outages for a three-day period 34 Examples of TOP-002 Violations Edgecombe Operating Services, LLC, Docket No. NP09-1 in MRO • • • • • Self reported violation shortly after it was discovered. Failed to submit a forecast of expected real power outage to assist in operating planning by failing to send its NUG Daily Status Report on threeday weekend in January of 2008. Entity did provide daily notices of the plant's availability and available Net Electric Output for those days. Settled for $3,000 penalty: violation was self-reported, the entity acted quickly to remediate the violation and to prevent it reoccurrence, and insignificant risk presented. Risk was insignificant because the entity provided daily notices of actual availability; there were no days for which a forecast had not been provided, since forecasts were 8-days out; and the omission was for a single 115 MW unit. Lessons Learned: Failure to abide by the BA's protocols can lead to penalties, even if violations are minor. 35 Notices of Violation EOP-008, Plans for Loss of Control Center Functionality • Applies to TOPs, BAs, and RCs • 1 final enforcement action for EOP-008 and FAC-001 violations • Resulted in settlement for $235,000 penalty 36 Examples of EOP-008 Violations E.ON U.S. Services, Inc., Docket No. NP09-2 in SERC • • • • • Second highest penalty was settlement for $235,000 for violations of EOP008-0 and FAC-001-0 Before Reliability Standards became enforceable, Company established a Mitigation Plan to meet the requirements of EOP-008 to have a contingency plan for communications from its primary control facility and FAC-001 to document its facility connection requirements. Company did not complete the Mitigation Plan, and in March 2008 the Regional Entity performed an on-site audit and found that Company was still not in compliance with EOP-008. Penalty based on Company's failure to complete the mitigation plan in a timely manner and its failure to certify that it had completed the Mitigation Plan requirements for FAC-001. Company agreed to host an all-day workshop focusing on NERC compliance that was open to all Registered Entities in the region. Lessons Learned: Timeliness in completing a Mitigation Plan is vital. 37 Questions? 38
