Our client is a renewable generation developer, owner, and operator in North American energy markets whose rapid growth into new markets has resulted in a multi-threaded compliance reporting landscape. After the winter storm in 2021and several related regulatory inquiries, our client asked us to perform a review of their three distinct business line compliance practices, identify gaps in compliance reporting, and make recommendations accordingly.
MidDel Consulting conducted a Regulatory Compliance Capability and Risk Assessment for the client with a focus on Federal, NERC and ISO reporting requirements. The objective of the assessment was a determination of the extent to which the client has the appropriate structure of People, Process and Systems in place to track and meet reporting requirements and mitigate the risk of not reporting.
The team worked with representatives from each business line and team within, reviewed all current compliance reporting related procedures, documented associated processes and interviewed the user community involved.
As a result of exhaustive document review and interviews, MidDel Consulting was able to confirm that all required compliance reporting was being performed, but that reporting effectiveness was highly dependent on individuals rather than a structured, automated reporting framework.
We concluded that ownership of compliance related tasks and reporting is spread across business units with a dependence on key individuals that creates key-person risk within the organization; resulting in an organization that is highly vulnerable to attrition. Further, diluting the key-person risk is difficult for the client due to a lack of comprehensive training within a very siloed organization.
The secondary issue was related to systems, and the lack of a single source of volumetric reporting to base compliance reporting on. It was our recommendation that the data be aggregated, consolidated and access provided to all units.
MidDel Consulting recommended that a formalized process should be in place to disseminate information across the organization regarding compliance rules, regulations, and requests. Technology should be leveraged to minimize the number of systems in use and to interface required systems to reduce the manual work involved.