White Paper The Data Compliance Challenge in Competitive Energy Markets
White Paper The Data Compliance Challenge in Competitive Energy Markets
This article describes the changes in the business and regulatory environments that have occurred since 2000 from a data management and reporting context; and discusses specific attributes as may be required by law, regulation, or good business practice. The intention is to further provide detail on the specifications of data system requirements and available methods to meet new reporting standards. Data management has become a critical business consideration for all corporations operating in volatile energy markets.
The years 2001 and 2002 saw six of the ten largest bankruptcy filings ever. Those companies filing for bankruptcy included Worldcom Inc., Enron Corp, Conseco Inc., Global Crossing Limited, Pacific Gas and Electric Co. and UAL Corp, for combined pre-bankruptcy total assets over $300 billion dollars. In the energy industry specifically, Enron and PG&E represented almost one third of the combined pre-bankruptcy total assets.
Naturally, the repercussions for industry and economy were dramatic. As illustrated in the following figure, Dow Jones Industrial Average, Nasdaq and S&P indices plummeted to reach the nadir of the decline (bursting of the tech bubble, market crash or stock market correction depending on the reader’s perspective). The Dow Jones Industrial Average lost 38% of its value from a high of 11723 on January 17, 2000 to a low of 7286. NASDAQ lost a whopping 78% of its value and S&P lost 49%. The relevancy of the exchanges was seen as questionable by some market analysts. The NASDAQ has yet to recover and still sits at half its high today. The US dollar also declined against the euro, reaching a one-to-one valuation not seen since the euro was first introduced. Though there were other complicating factors such as the 911 terrorist incident, the bottom line was that there was a loss of confidence in the transparency of business operations and the integrity of corporate reporting.
- Securities and Exchange Commission (SEC)
- Federal Energy Regulatory Commission (FERC) and Department of Energy (DOE).
Although the laws are US based, they impact business on an international scale.
SEC’s Sarbanes-Oxley Act
The most notable new regulation enacted is the SEC’s Sarbanes-Oxley Act of 2002, also known as the Public Company Accounting Reform and Investor Protection Act of 2002, and commonly referred to as SOX or Sarbox. SOX was signed into law in order to protect public company investors and to provide government with the tools needed to investigate and penalize corporate financial malfeasance.
FERC Adoption of FASB Asset Retirement Standards
The Federal Energy Regulatory Commission (FERC) made significant efforts to hold tighter rein as it undertook investigation of what led to the bankruptcy of the California Power Exchange, the bankruptcy of Enron and other energy market participants and the failure of competitive electricity markets in general. FERC made large strides towards reporting accountability through the introduction of GAAP accounting changes to incorporate Financial Accounting Standards Board (FASB) standards relating to asset retirement obligations, contract based portfolio valuation and fair market values.
FERC Order No. 2001
FERC Order No. 2001 establishes a final revising amendment to public utility filing requirements. The revision calls for Quarterly Reports summarizing the contractual terms and conditions in utility agreements for all jurisdictional services (including market-based power sales, cost-based power sales, and transmission service) and transaction information for short-term and long-term market-based power sales and cost-based power sales during the most recent calendar quarter.
DOE Designates NERC Cyber Security Standards
The DOE designated the North American Electricity Reliability Corporation (NERC) as the electricity sector coordinator for critical infrastructure protection. NERC was to operate the Information Sharing and Analysis Center for the electricity sector, which gathers and communicates information about security-related threats within and among the sector, as well as to US and Canadian governmental authorities.
SEC SOX Compliance Overview
SOX was passed to mitigate the potential for future accounting scandals such as occurred with Enron, WorldCom, Global Crossing, Tyco International, Adelphia, Peregrine Systems, and Arthur Andersen et al. Publicly-traded companies in the United States, including all wholly-owned subsidiaries and publicly-traded non-US companies doing business in the US, are required to comply (as are private companies that are preparing their initial public offering (IPO) with some provision). When President George W. Bush signed SOX into law, he stated that SOX provided “the most far-reaching reforms of American business practices since the time of Franklin D. Roosevelt. Indeed, the new law is reminiscent of the Roosevelt’s New Deal and the efforts he made to corral corporate corruption in the 1930’s.
Focusing largely on corporate governance, financial reporting and accounting practices, SOX mandates that CEOs and CFOs of public companies certify the accuracy of their corporate financial reports; and that the public companies create sound “internal controls” to assure those financial reports are reliable. The massive emphasis on financial reporting requires that most companies reevaluate data management policies, processes and procedures, and implement data systems that support financial reporting.
Section 404 of SOX creates the imperative for corporations to develop an effective system of internal data controls and that CEOs and CFOs take responsibility for these controls. Section 409 requires real time disclosure of events that are likely to affect a corporation’s status or earnings. Executive management and their external auditor must report on the adequacy of the company’s internal control over financial reporting (ICFR). The data systems put in place within the corporation must be able to generate recurrent financial reports that are verifiable with traceable source data. The data reporting must be available on demand should the corporation find itself under investigation. Furthermore, the data must remain intact and cannot possess undocumented revisions. Any revisions to underlying financial or accounting software must be fully documented as to what was changed, why, by whom and when.
Developing the infrastructure and automated data systems needed for SOX compliance is expensive, but non-compliance can be far more costly, both to corporations and individuals. The potential for loss of business value (measured in real dollars or stock value) due to lawsuits and negative publicity is unlimited; and individual fines to company officers can reach up to five million dollars for purposeful misconduct with up to twenty years in prison. Even if the wrong certification by a company officer is simply an error, the individual fine may be up to one million dollars with up to ten years in jail. Clearly the burden of compliance rests squarely on the shoulders of the executive management. Many corporations have learned the hard way that the cost and risk associated with regulatory non compliance can far exceed the costs of developing the internal policy and data systems needed to support timely financial reporting.
From a data perspective, energy companies need to invest in secure data systems that allow for the collection, organization and rapid reporting of decision support and financial data. It is the responsibility of the executive management to ensure that the data system is audit quality, use is controlled and resident data is available in a timely manner.
FERC FASB Compliance Overview
Mirroring FASB Standard No. 143, FERC Order No. 631 sets a rule requiring that jurisdictional entities (public utilities, hydroelectric licensees, natural gas companies, and oil pipeline companies) recognize an asset liability for the fair value of the asset retirement obligation (calculated on the basis of net present value – NPV) at the time the asset is constructed, acquired, or whenever a change in a law creates a legal obligation to perform retirement activities. The ability of an energy company to indefinitely defer settlement of the obligation, or to sell the asset prior to its retirement, does not relieve them of the obligation. The standard, as originally conceived, was meant to address the retirement of nuclear facilities, but after further consideration FASB extended the standard to other energy assets and operations of some long-lived assets in other industries.
The owner must record the obligation at its fair value, which can be measured as the amount at which the liability could be settled in a current liquid market transaction between willing parties, or at a substitute for market value. The substitute is most likely a forecast of the estimated future cash flows required to satisfy the obligation. Given the volatility and uncertainty in energy markets, the future value will change through time based on various operational and market factors. The potential for a credit in the asset retirement liability must also be factored and accounted for.
From a data perspective, the asset owner is now obligated to maintain verifiable market and operational data to calculate the future fair value of the asset; and naturally, the integrity of the data would be subject to audit.
FERC Order 2001 Compliance Overview
FERC Order No. 2001 replaces some outdated paper-based filing requirements with a new electronic format filing requirement – the Electric Quarterly Report (EQR). EQRs summarize a utility’s or power marketer’s market-based rate transactions and sales agreements that conform to the utility tariff. The EQR requires:
- Identification of the reporting company
- Summary of contractual terms and conditions for all jurisdictional services, including: market-based power sales, cost-based power sales, and transmission service
- Detailed transaction reports for short-term and long-term market-based power sales and cost-based power sales during the most recent calendar quarter
From a data perspective, market participants need to maintain an accurate system not only to retain trade data but also to maintain the trade decision support data in the case of investigation. Trade data can be complex and dynamic, especially when related to indices or engaged through exchanges.
NERC CIP Compliance Overview
The Critical Infrastructure Protection Committee within the NERC structure has the mandate to advance the physical and cyber security of the critical electricity infrastructure of North America. Nine mandatory NERC Cyber Security Standards ensure that all entities responsible for the reliability of the bulk electric system identify and protect critical cyber assets to support reliable operation of the bulk electric system. What this means to an electric company is that it must define methods, processes, and procedures for securing both critical systems and non-critical cyber assets. Cyber assets can be thought of as programmable hardware and networks, components and data. Compliance with CIP includes:
- Documentation of the assets
- Development of cyber security policy and identification of assets to be secured
- Implementation of system management, control, monitoring, and security procedures and practices
- Installation of physical system management, control, monitoring, and security tools and applications
- Definition of incident response actions, including human resource roles and responsibilities
From a data perspective, CIP will be considered with respect to the integrity of, and access to corporate data. It is easy to classify many types of data as critical to the secure operation of the electric company. Currently, the data may reside in disparate databases within the corporation with varying levels of monitoring, control and security. Management systems and oversight may also be inconsistent. Electric companies will need to audit their data usage, categorize the data and implement systems to ensure data integrity and control.
What Compliance Means to Data Management and the Adoption of IT Systems
The change in regulatory environments, along with market demand for greater data transparency and corporate disclosure, means that the data management and reporting requirements for industry have changed dramatically. The change comes at all levels, from the collection and storage of hourly and daily data for use in front office trade and asset dispatch decisions, to the availability of data for middle office risk assessment and hedging, to the back office’s ability to audit and account for the operation of the corporation or to provide decision data – in a meaningful way – to regulators and investors. What is paramount within all the regulation is the need for consistency in data treatment for all energy market participants. Essentially, there is a requirement for a higher standard of data management and integrated systems that insure data integrity, control, audit trails and security. Data must be available on demand and data systems must be audit proof.
The cost of non-compliance poses unacceptable regulatory and business risk that must be mitigated. The crux of the matter however, is that regulation is enforcing a standard that, in reality just makes good business sense.
How ZE PowerGroup Can Help You Meet Regulatory Compliance Needs
From a trade and risk perspective, ZE PowerGroup provides robust data management and analysis software tools that help corporations meet their regulatory compliance needs. Our flagship product, ZEMA is a powerful data management and analysis system, developed specifically for the energy industry. ZEMA is an enterprise level, extensible tool, providing hands off scheduling and centralization of data available from public, proprietary and internal sources. ZEMA captures key data from ISOs, exchanges, financial institutes, subscription vendor sources, governing/regulatory bodies and is completely commodity agnostic.
Serving the needs of the front, middle and back offices, ZEMA can be used to meet the reporting and security requirements of the regulator as well as day to day operations. ZEMA not only reduces real market risk but also introduces significant operational savings to the company and reduces regulatory risk by supporting compliance through our installed systems. Some of the key features and benefits of ZEMA include:
- Corporate ownership of data through the creation of a centralized and fully automated data warehouse
- Process Transparency
- Data validation, revision tracking and data auditing
- Removal of errors associated with manual data entry
- Secured access to market and corporate data through protected databases and web based tools
- Flexible, controlled, reproducible and timely access for end users to critical data and analysis needed for decision making
- Compliance with corporate security and authentication rules/standards through its own security protocols and its LDAP compatibility
- Full integration with downstream trade, risk, accounting and settlement systems
ZEMA advances support for corporate SOX compliance by establishing a data management framework that can meet the requirement for recurrent reporting and is facilely verifiable while ensuring that source data is traceable, remains intact and revisions are documented.
Give us a call. We can help in different ways
Contact us today or visit us at www.zemasuite.com to find out how ZE PowerGroup can empower the decision support and regulatory compliance needs of your corporation.
We can help with:
- Enterprise data management and analysis needs
- Data management, trade and risk policy, practice and procedure development
- IT and operational audits
- Forward price forecasting
- Market intelligence
- Expert regulatory support
We would be happy to provide your company a demonstration of the power of the ZEMA suite, or to discuss any of the other strategic services that we offer.
Aiman El-Ramly, MBA, CMC
Senior Vice President; Consulting, Strategy and Business Development
ZE PowerGroup Inc. Phone: (604) 244-1654