Up & Atom

KEY TRENDS IN LAW AND POLICY REGARDING
NUCLEAR ENERGY AND MATERIALS
The US Nuclear Regulatory Commission (NRC) recently published its annual vendor newsletter, The Vendor Times, documenting findings of NRC vendor inspection staff and lessons learned related to the vendor inspection program. The newsletter follows the NRC’s November 20 vendor inspection program self-assessment for fiscal year 2023. Through these two issuances, the NRC noted an increase in enforcement findings and indicated that it will focus on 10 CFR Part 21 and supplier oversight compliance during future inspections.
The US Nuclear Regulatory Commission (NRC) recently published a memorandum from the Office of Nuclear Reactor Regulation (NRR) documenting planned changes to the NRR’s Safety Culture Inspection Program. The NRC expects to implement these changes by the end of 2023.
The NRC has now followed up on that guidance with revisions to RG 5.83, “Cybersecurity Event Notifications (Revision 1),” to address new cybersecurity concerns, provide clarification, and align with new guidance in RG 5.71. This guidance is critical for the nuclear industry given the rapid pace at which cybersecurity threats and deterrent strategies evolve. All nuclear power reactor owners must review NRC’s latest guidance and confirm that their cybersecurity programs are in compliance.
The NRC’s Office of Enforcement (OE) recently published its Enforcement Program Annual Report for Calendar Year 2022. In 2022, the NRC issued 73 escalated enforcement actions to licensees, non-licensees, and individuals. This is 13 more than in 2021, an increase of 22%, and is higher than the five-year average of 60. Even so, this remains below the highs seen in 2016 and 2017, which had more than 80 each year. Non-escalated enforcement actions also increased in 2022 for reactor and materials licensees.
After 13 years, the Nuclear Regulatory Commission has issued revised guidance for cybersecurity programs for nuclear power reactors. All nuclear power reactor owners must review the NRC’s latest guidance and confirm their cybersecurity programs are in compliance.
The NRC recently issued a final rule in the Federal Register, along with a corresponding update to its Enforcement Policy, that updated the maximum amounts of civil monetary penalties it can impose for violations. Because these amounts are adjusted annually for inflation, the maximum civil penalties jumped for the second year in a row, reflecting the continued inflationary environment in the broader economy.
The NRC staff recently provided the Commission with their annual Reactor Oversight Process (ROP) Self-Assessment for Calendar Year 2021 (SECY-22-0029). These annual self-assessments have been part of the ROP since the ROP was implemented in 2000 and are used by the Commission, the NRC staff, and stakeholders to monitor the performance of the ROP and identify areas for improvement.
The NRC recently revised its Enforcement Manual (Manual) to consolidate and expand its guidance on the process for resolving licensee challenges to certain enforcement actions. The biggest change to the Manual is the creation of a new Section 2.8 on “Disputed Violations” that merges into one section the disputed violation resolution process for all enforcement actions other than those associated with NRC orders.

The US Nuclear Regulatory Commission (NRC) issued a final rule in the Federal Register on January 14 updating the maximum amounts of civil monetary penalties it can impose. Reflecting the price challenges in the larger US economy, the maximum civil monetary penalty amounts dramatically increased over the prior year as a result of the rise of inflation.