Those few utility executives who were still unaware of the so-called Year 2000 problem got a wake-up call on December 8, 1997 when SEC Chairman, Arthur Levitt, warned the nation's utilities to prepare their computer systems to handle the Year 2000 date change. Levitt's letter urged utilities to modify their systems to meet the year 2000 challenge and to "make every effort to keep the SEC and other regulators apprised of all issues pertinent to Year 2000 preparation." Levitt's warning was clearly on the mark since published surveys indicate that one in five utilities have not even started to fix their Year 2000 problem.
Although the SEC chief has issued similar warnings to other industries more closely within the SEC's jurisdictional sweep, such as investment advisors and brokerage houses, Levitt's latest warning is hardly unexpected given the central role utilities play in a modern economy. Levitt's comments underscore the important legal and regulatory risks facing utilities as they move towards Year 2000 compliance. Levitt's comments imply what many observers have been quick to recognize. Utilities face the usual public disclosure, vendor management, litigation and tax planning issues inherent in preparing any large industrial entity for Year 2000, but they must also address unique regulatory, operational, legal and specialized risk management issues. There is also an important role for careful legal planing in this process if utilities are to make a successful transition into the 21st century.
The so-called "interconnectivity" aspect of Year 2000 is especially important for utilities. Like telecommunications companies, utilities provide a service which is essential for the productive activities of millions of businesses and consumers alike. Simply stated, utilities are part of everyone else's Year 2000 problem whether they like it or not. In addition, they also have their own "connections" with suppliers, vendors and distribution infrastructure which must be assessed, remediated and tested to avoid broader economic disruptions a Year 2000 failure could cause. The most dire warnings that the Year 2000 problem could spawn a global recession, frequently list the possible disruption of electric power supply and telecommunications as chief among those industries which must be protected from failure to prevent the Year 2000 problem from rippling throughout the economy. Nor will the cost of compliance be cheap: the Tennessee Valley Authority alone, for example, estimates that its compliance program will cost between $10-40 million. Some utilities will face compliance costs which are many multiples of the TVA sum.
There are those who have been quick to dismiss Year 2000 as over-hyped and exaggerated. While it is true the problem is solvable in most cases, only careful planning, immediate action at the highest levels of the company, and sustained executive commitment and competent project management will ultimately secure a successful Year 2000 conversion. The naysayers must also consider that there have already been documented Year 2000 failures in the utility industry. In the UK, natural gas provider British Gas Trading watched as its system crashed when attempting to implement a customer's request for a five year payment plan since the system was unable to process dates beyond 1999. Although the BGT failure was invisible to customers and relatively harmless given the range of scenarios that can be imagined when dealing with nuclear, natural gas or even conventional plants, the BGT billing breakdown indicates that the possibility of Year 2000 failures is real.
Like all industries, the first step for the utility industry is a careful assessment of the systems likely to be affected by Year 2000. Year 2000 has the potential to affect customer billing systems, maintenance management systems, data gathering systems, embedded chips, components and systems, equipment and test data base systems, surveillance systems, safety systems and process control systems. The embedded chip and embedded system problem is especially acute in the process control context. At the plant level, this may involve literally opening thousands of boxes, identifying the relevant software or firmware and determining the interfacing hardware and circuits. Only at that point (assuming the investigator knows the functionality of the box) can the assessment process turn to identifying the vendor, the version of the product involved and the steps needed to achieve compliance. Complicating this challenge is the fact that code for many plant systems is often written in COBOL and may not be testable using conventional Year 2000 tools.
Once the assessment phase is completed, the next step is to determine which of the affected systems are mission critical. For utilities this involves affording priority to safety systems, critical raw material supply relationships, systems controlling the generation, distribution and delivery of power, and the financial viability of the enterprise.
As regulated companies, utilities must also fashion their Year 2000 compliance strategies with the demands of their regulators in mind. From a legal standpoint, this means utilities and their counsel must carefully examine all regulatory edicts bearing on Year 2000. At minimum, this means utilities, like virtually all public companies, must attempt to estimate the financial and operational impact of Year 2000 and make appropriate disclosures to the public securities markets in the event those costs or operational impacts are likely to be material. A failure to make disclosures required under federal securities laws invites the possibility of shareholder derivative suits and civil and criminal enforcement actions against utilities and their officers and directors.
An area of perhaps even greater regulatory concern, however, is the ability of utilities to meet the demands of their Year 2000 supervisory contacts within the state and federal regulatory framework. Although mandatory reporting or standards have yet to appear, that day may not be far off in the industry. In the nuclear power segment, for example, the Nuclear Regulatory Commission has begun a systematic process of reviewing nuclear plants to determine which computer systems and software applications are vulnerable to Year 2000 disruption. The NRC's Office of Nuclear Reactor Regulation has made it clear that while Year 2000 probably poses little risk in the reactor control room, many instrumentation and data acquisition systems must be corrected to avoid Year 2000 failures.
The NRC response to Year 2000 points up the importance of involving counsel in a utility's dialogue with its mission critical equipment vendors and suppliers. Many are of the view that utilities have a special obligation to be sure that their operations will be unaffected by Year 2000 and to make early and detailed disclosures about their plans to avoid Year 2000 disruptions. Just as other businesses will look to utilities to keep the lights on at midnight on January 1, 2000, utilities must carefully question and determine that their vendors and suppliers be ready to provide uninterrupted service. In particular, the Year 2000 status of control systems and process control computers is an issue which must be carefully vetted with vendors. A critical component of Year 2000 compliance is an aggressive but appropriate dialogue with all vendors concerning the Year 2000 readiness of their products. Such a dialogue is best conducted with counsel's review and control. Many in industry assume that obtaining assurances or warranties that new or upgraded products will be Year 2000 ready will be sufficient to allay most concerns. Those planners are mistaken. Certainly a supplier should be expected to warrant its products as Year 2000 compliant (or at least be willing to provide a clear technology migration path to verifiable compliance), but a complete vendor disclosure in an industrial setting includes access to test documentation, integration and compatibility testing as well as data concerning known failures. Companies also should not overlook the need for extensive contingency and disaster planning as a critical component of a utility's Year 2000 strategy.
As Levitt's letter makes clear, the vendor disclosure shoe will also be on the utility foot. Many companies simply will be unable to declare themselves Year 2000 ready unless and until they have received satisfactory information from their utility. Aside from securities and regulatory disclosures, a flood of demands for information from customers can be expected requesting data about the utility's compliance. This disclosure program, like the others, must be carefully managed by Year 2000 project managers as well as counsel. Many customers are likely to make demands on utilities and telecommunications companies for "end to end" testing to verify compatibility between Year 2000 fixes. Promises of compliance and performance must be carefully tailored with oversight by counsel so that utilities warrant compliance only as to their systems and that Year 2000 "compliance" is carefully defined. Vague, undefined promises of Year 2000 "readiness" are an invitation for a litigation disaster for utilities and most other companies. Moreover, utilities must be sure that their distribution partners are not only compliant on schedule, but that compliance programs adopted by those partners are compatible with the in-house fix.
The fast-approaching era of utility deregulation also poses additional Year 2000 challenges for utility executives. Consolidation is an emerging fact of life in the industry. As utility mergers and acquisitions become more commonplace, the diligent evaluation of a target utility must include a searching assessment of the target's Year 2000 compliance status. The unlucky utility executive is the one who wakes up the day after the closing only to find that his sparkling acquisition has created the unintended result of doubling his company's Year 2000 problem with precious little time left to achieve compliance.
The Year 2000 challenge poses many risks for electric utilities. There are certainly many more than have been touched on in these few pages. To meet those challenges utilities must not only mount a determined technical response, but also a thoughtful legal and risk management program as well. A well-prepared utility is the one that recognizes that Year 2000 represents much more than a technological threat. Year 2000 demands careful business and legal planning to avoid potentially very costly regulatory and legal risks. You should not overlook the fact that your counsel has an important role to play in meeting the challenge of the new millennium.