Our US labor/management relations team continues to track the National Labor Relations Board’s (NLRB’s) increasingly business-friendly approach in 2019. The Board’s busy year to date includes its decision in Entergy Mississippi, addressing the supervisory status of certain electric utility transmission and distribution dispatchers and resulting ineligibility to vote in a union election. This important decision is discussed further in our recent edition of Labor & Employment NOW. Moreover, the Board’s recent proposed rulemaking on union election procedures is the latest sign that the Republican-majority Board is now in high gear. As outlined in this LawFlash, employers should stay tuned to the Board’s regulatory and decisional authority in the second half of 2019. Of particular interest for the nuclear industry is the Board’s upcoming second round of rulemaking on union election procedures, as well as the final version of the NLRB’s rules on its joint employer standard to determine when an entity has an employer relationship with the employees of another business, impacting relationships such as vendors and onsite contractors.

Following the July 12, 2019, release of “Power Reactor Cyber Security Program Assessment,” the Nuclear Regulatory Commission’s (NRC’s) Director of Physical and Cyber Security Policy in the Office of Nuclear Security and Incident Response issued a memorandum to NRC Staff on August 6, 2019.

The memorandum provides guidance to Staff on next steps, but also cautions that when initiating changes to the Cyber Security Program they keep several points in mind. Specifically, the Director asks Staff to ensure that changes do not adversely impact other areas of the program; that guidance revisions are consistent and incorporated throughout all documents; that, where necessary, a backfit analysis is performed; and that no changes constitute an unreasonable risk to public health and safety.

The memorandum reminds Staff that their next step, per the assessment, is to present a draft action plan by September 20, 2019. The action plan should identify enhancements to the Cyber Security Program that promote regulatory efficiency and effectiveness, while continuing to provide for reasonable assurance of public health and safety and promote common defense and security. The memorandum also praises NRC Staff for its efforts in conducting the assessment.

We will continue to monitor developments for cybersecurity at the NRC.

In a June 25, 2019, letter to the Chairman of the US Nuclear Regulatory Commission (NRC), Senators John Barrasso and Mike Braun requested that the agency develop a Generic Environmental Impact Statement (GEIS) for the construction and operation of advanced reactors. The letter asserts that a GEIS “will be a critical step to facilitate the deployment of new nuclear technologies” and “will focus NRC’s licensing efforts on the most important safety issues, reduce NRC staff resources dedicated to environmental permitting, and align with Congressional and Executive Branch efforts to conduct environmental permitting reviews more efficiently.”

The Nuclear Regulatory Commission (NRC) held a public meeting on August 8 to provide information and receive comments on the regulatory basis supporting the NRC’s rulemaking on physical security requirements for advanced reactors. The public meeting was the latest step in the NRC’s rulemaking process, which began on August 1, 2018, with the NRC Staff’s report to the Commission evaluating options for revising physical security regulations for advanced reactors. The Commission approved the NRC Staff’s proposed rulemaking plan on November 19, 2018. We previously reported on the NRC Staff’s report, the Commission’s Approval, and the publication of the regulatory basis for comment.

During the public meeting, NRC Staff summarized the regulatory basis and their recommendation for a limited-scope rulemaking. NRC Staff explained that the purpose of the rulemaking is to provide requirements and guidance for advanced reactor physical security and reduce the need for physical security exemptions—specifically from regulations requiring each site to have at least 10 armed responders for emergency security response (10 CFR § 73.55(k)(5)(ii)), and an on-site secondary alarm station to monitor potential issues (10 CFR § 73.55(i)(4)(iii)).

The Nuclear Regulatory Commission, by a 3-1 vote on August 7, agreed with the NRC Staff’s recommendation to discontinue a rulemaking on third-party arbitration of access authorization and fitness-for-duty determinations. The decision leaves admitted ambiguity, including a potential enforcement risk in the event that a licensee reinstates an individual’s revoked access authorization or a fitness-for-duty determination.

As we last reported on April 24, the NRC Staff recommended in SECY-19-0033 to withdraw a rulemaking begun in 2015 to revise the NRC’s regulations regarding whether a third-party arbitrator could review a licensee’s access authorization or fitness-for-duty decisions. In SRM-SECY-19-0033, the Commission agreed with that recommendation.

The US Department of Energy (DOE) published a final rule in the August 2 Federal Register that revises DOE’s Contractor Employee Protection Program. The program appears in 10 CFR Part 708 (Part 708) and extends employee protections to employees of DOE contractors and subcontractors modeled after the protections for federal employees that appear in the Whistleblower Protection Act, 5 USC §§ 1201 et seq. DOE’s Office of Administrative Appeals (OHA) administers the Part 708 program. We previously reported on the proposed rule, and the final rule largely adopts the changes laid out in the proposed rule. Key changes include the following:

Please be aware that it appears the NRC has taken an unusual step of requesting public comment on SECY 2019-67, which is focused on proposed enhancements to the Regulatory Oversight Program (ROP). Comments are due by October 7, 2019. Please see 84FR38675. We previously reported on this SECY, which was provided by NRC Staff to the Commission, notwithstanding no requirement to do so for several of the proposed revisions. This action may have been prompted by a July 15 letter to NRC Chairman Kristine Svinicki jointly signed by the Chairman of the Committee on Energy and Commerce; Chairman of the Committee on Energy and Commerce subcommittee on Energy; Chairwoman, Committee on Appropriations; and the Chairwoman of the Committee on Appropriations Subcommittee on Energy and Water Development, and Related Agencies. We will continue to monitor developments regarding ROP modification initiatives.

The Federal Energy Regulatory Commission (FERC) ordered PJM Interconnection, LLC’s (PJM) on July 25 to suspend its 2019 Base Residual Auction (BRA), which provides for capacity payments to electric generators. FERC found that delaying the auction until FERC establishes a replacement rate would provide greater certainty to the market than conducting the auction under the existing rules.

This is the second time that the 2019 BRA, which provides for capacity payments for 2022–2023, has been delayed. PJM originally planned to run the auction in May, but delayed it based on a prior FERC order. FERC’s July 25 order delays the 2019 BRA until FERC establishes a replacement rate.

Read FERC’s order.

On July 25, 2019, the United States Government Accountability Office (GAO) released GAO-19-384, a report to congressional requesters analyzing the cybersecurity risk management of 23 civilian agencies—including the Nuclear Regulatory Commission (NRC). Using key elements such as risk tolerance and risk mitigation strategies, GAO examined the extent to which all agencies established a cybersecurity risk management program; what challenges, if any, agencies identified in developing and implementing such programs; and what steps the Office of Management and Budget (OMB) and the US Department of Homeland Security (DHS) have taken to meet their risk management responsibilities to address any challenges agencies face in this area. In its analysis, GAO compared policies and procedures from the 23 civilian agencies to key federal cybersecurity risk management practices, attained the agencies’ own views on challenges they faced, identified and analyzed actions taken by the OMB and DHS to determine whether such actions address agency challenges, and interviewed responsible agency officials.

In SECY-19-0068 dated July 1 but recently made available, the NRC staff has asked the Commission to approve a proposed direct final rule that would eliminate one of the two financial tests used to qualify a company to issue a parent guarantee for decommissioning funding assurance. The NRC staff cites a 2010 Dodd-Frank Act mandate that agencies remove references to credit ratings in their regulations and substitute alternative standards of creditworthiness. However, rather than substituting alternative standards, the NRC staff proposes to simply eliminate one of its two current financial tests, and instead rely upon the single remaining test. Unfortunately, many companies that would qualify under the current financial test based on having an investment-grade credit rating do not qualify under the alternative test that would remain. As such, this change would heighten the credit requirements for using a parent guarantee and limit the availability of parent guarantees to provide financial assurance for decommissioning. Nonetheless, the NRC staff considers the proposal “non‑controversial” and seeks to issue the change to the regulations as a direct final rule.