The recent Optus breach has made it apparent that today’s critical infrastructure, deployed at scale, has many interconnected parts. Operating it safely and reliably requires all these interconnected systems to work seamlessly.
Media reports (such as in the SMH here on 8th November) suggest that the Optus outage was due to incorrect routing information sent by a partner organisation following a routine software upgrade. Optus’s safeguards did not pick up the incorrect routing information on time.
Large-scale generation assets, similar to telecommunication assets, have their own technical standards (the ‘Generator Performance Standards’ (GPS)). A generator also requires periodic updates to its software and firmware, similar to that of Optus, and it also interacts with a whole host of third parties, including AEMO, the connecting Network Service Provider, and the generator’s own contractors and suppliers.
- What are the consequences of technical non-compliance for project owners?
- What safeguards do large-scale generators have that would prevent such non-compliance?
- Are there other risks that are ‘out of sight, out of mind’?
National Electricity Rules and the AER Compliance Regime
NER clause 4.15 specifies the requirements related to Compliance with Performance Standards for fully commissioned and operational projects.
Amongst the requirements, clause 4.15 states that the Generator must:
- institute and maintain a compliance program;
- deliver to the AER the written results of the performance monitoring;
- maintain the compliance program records and any other record for up to 7 years
- and immediately notify AEMO if the plant is breaching a performance standard.
Many of the requirements carry tier 1 civil penalty provisions.
1) Further details of the Civil Penalty provisions are here on the AER website.
2) In July 2021 the AER wrote here that:
‘Tier 1 provisions carry maximum penalties for corporations of $10 million, or if greater, three times the benefit obtained from the breach if this can be determined, or if not, 10% of annual turnover. ’
In June 2023, the AER Chair, Clare Savage, launched the AER’s compliance and enforcement priorities for 2023–24. One of the priorities for 2023-24 seeks to ‘improve market participants’ compliance with performance standards and standards for critical infrastructure’. The AER aims to enforce this by increasing infringement notices and fines.
The AER’s message to market participants is unequivocal – “make sure your house is in order”. Compliance with performance standards is the responsibility of all market participants. We can’t risk the operation of critical infrastructure as the number and complexity of connections rise through the energy transition.
Compliance programs are required to be consistent with the template published by the AEMC’s Reliability Panel.
1) This template was last updated in 2019, and under the Rules, it has to be reviewed every five years – so the following review is expected next year.
2) Once the Reliability Panel updates the template, generators must modify their compliance programs to be consistent with any amendments within six months.
3) It is reasonable to expect a tightening of requirements through an updated template, especially in light of the more prescriptive Generator Monitoring Plan Template in Western Australia, recently released by AEMO.
Consequences of Non-Compliance
Also at Energy Week 2023, Clare Savage noted that:
‘In 2021 the maximum penalties for breaching the laws regulating gas, electricity and retail were substantially increased.
Before then, the highest penalty imposed by a court for a breach of the National Energy Retail Law was $1.5 million.
Since 2021 we have seen the Federal Court impose penalties of up to $17 million.
Across the past two financial years, total penalties across AER issued infringement notices and penalties have been more than $39 million – a significant increase compared with the total penalties of just over $3.5 million issued during the preceding 14 financial years.’
1) A little over a month ago, the Federal Court ordered that two AGL Energy Ltd subsidiaries pay penalties totalling $6 million for breaches of the National Electricity Rules.
(a) This was noted on WattClarity here on 31st October 2023:
(b) In proceedings brought by the AER, the Federal Court found that the AGL subsidiaries did not comply with dispatch instructions given to them by AEMO in relation to frequency control ancillary services (FCAS) they had offered, and were paid, to provide. The court found that “the contraventions arose from a combination of insufficient processes and practices and inadvertence…”.
2) The AER’s instituting of proceedings against AGL subsidiaries follows penalties imposed on Hornsdale Power Reserve (Hornsdale) last year for breaches of the NER related to providing backup contingency services. This action resulted in the court ordering Hornsdale to pay a penalty of $900,000.
(a) This was discussed in this AER Release on 28th June 2022.
3) In 2021 CS Energy paid $200,000 in infringement notice penalties for allegedly failing to ensure it could provide FCAS it had offered to the market.
(a) This was discussed in this AER Release on 22nd February 2021.
Whilst the above penalties are tied to the provision of frequency control services, it is clear that the AER is prioritising enforcing power system security provisions in the NER. This goes to generators’ compliance with dispatch instructions, bidding behaviour obligations, and providing accurate and timely information to AEMO – all documented within the generator performance standards.
In addition to the financial penalties, the reputational damage from GPS non-compliance may be a far more underappreciated consequence. A non-compliance event damages community trust, credibility with investors, networks and the market operator – not to mention the professional reputation of the individuals involved.
Other risks and lost opportunities
Today, generators typically meet their obligations relating to NER clause 4.15 through an ad hoc assessment of plant performance against the established GPS. This requires either internal resources or external consultants poring over many years of operational data to identify power system events, performing manual assessments using bespoke methods (such as using MS Excel) and writing reports that provide no practical value beyond sitting on the shelf should the AER or an internal audit team come asking.
So, we pose the following questions to generation asset owners –
- Can existing practices capture non-compliances or potential non-compliances in day-to-day operations?
- What are the implications for individuals and organisations where an internal audit, or the AER, has rated your compliance management as ‘subpar’?
- How do your processes handle the turnover of key personnel?
- Will new investors place red flags on projects if evidence of GPS compliance is not readily available?
- How might ongoing monitoring and assessment better meet GPS compliance requirements and help optimise asset performance?
Is GPS compliance management the “monster under the bed” generation project owners need to fear or ignore?
In our view, there are some practical steps project owners can implement with limited cost and effort that can effectively manage these risks. A proactive approach to compliance management is the better way forward!
About our Guest Author
|Aditya Upadhye is a Director at GridWise Energy Solutions.
He has over twenty years of experience in the US and Australia in various technical, operational and strategic leadership roles. Aditya is an expert in technical modelling and analysis for electricity network planning and operations, distributed energy and renewables. He serves on the Australian Panel of CIGRE Study Committee C4 – System Technical Performance.
Aditya provides technical and business leadership to the GridWise team. His current focus is on developing and implementing technology solutions to streamline the grid connections process for large-scale renewable projects across their entire lifecycle, from early-stage feasibility to ongoing operations.
You can find Aditya on LinkedIn here.