The comment period for the NRC’s draft Regulatory Issue Summary (RIS) on true identity verification requirements closed on June 15, 2020. The industry had asked for and received a 45-day extension from the original April 30 deadline to provide comments.
Executive Order 13920, “Securing the United States Bulk-Power System,” issued on May 1 limits the US use of bulk-power system equipment produced by “foreign adversaries.”
Read our recent LawFlash discussing the US Department of the Treasury’s updated criteria outlining which businesses are eligible to apply for CARES Act loans allocated for businesses “critical to maintaining national security.”
Read our recent LawFlash detailing the key takeaways for energy companies from the Coronavirus Aid, Relief, and Economic Security Act signed into law on March 27. Although the act does not expressly provide relief for energy companies, many of its provisions impact energy sector companies.
The NRC published notice of a draft Regulatory Issue Summary (RIS) (previously published in ADAMS) in the Federal Register on March 31. The draft RIS purports to “clarify” licensees’ requirements pursuant to 10 CFR § 73.56(d)(3) to verify the “true identity” of non-immigrant foreign nationals who are granted unescorted access to nuclear power plants.
Nuclear Power Corporation of India Limited (NPCIL) announced on October 30 that the malware “Dtrack” had been found on the administrative network of the Kudankulam Nuclear Power Plant (KKNPP) in early September 2019. KKNPP is the largest nuclear power plant in India, equipped with two Russian-designed VVER pressurized water reactors, each with a capacity of 1,000 megawatts. Both reactor units feed southern India’s power grid.
The Nuclear Regulatory Commission’s (NRC’s) Assistant Inspector General for Audits issued a memorandum on August 20 on the status of recommendations based on the Office of Inspector General’s (OIG’s) Audit of NRC’s Cyber Security Inspections at Nuclear Power Plants (OIG-19-A-13). As previously reported on Up & Atom, OIG recommended that the NRC work to close the critical skill gap for future cybersecurity inspection staffing, and develop and implement cybersecurity performance measures for licensees to use to demonstrate sustained program effectiveness. Based on the NRC’s July 3, 2019, response, OIG has issued this status of recommendations.
Following the July 12, 2019, release of “Power Reactor Cyber Security Program Assessment,” the Nuclear Regulatory Commission’s (NRC’s) Director of Physical and Cyber Security Policy in the Office of Nuclear Security and Incident Response issued a memorandum to NRC Staff on August 6, 2019.
The Nuclear Regulatory Commission (NRC) held a public meeting on August 8 to provide information and receive comments on the regulatory basis supporting the NRC’s rulemaking on physical security requirements for advanced reactors.
The Nuclear Regulatory Commission, by a 3-1 vote on August 7, agreed with the NRC Staff’s recommendation to discontinue a rulemaking on third-party arbitration of access authorization and fitness-for-duty determinations. The decision leaves admitted ambiguity, including a potential enforcement risk in the event that a licensee reinstates an individual’s revoked access authorization or a fitness-for-duty determination.