FERC, CFTC, and State Energy Law Developments
The Commodity Futures Trading Commission (CFTC or the Commission) Division of Enforcement filed the most enforcement actions in the Commission’s history in fiscal year 2020 (FY 2020).
The Federal Energy Regulatory Commission (FERC or the Commission) Office of Enforcement (OE) issued its 2020 Report on Enforcement on November 19.
Following significant pushback from the regulated community, FERC and NERC Staff jointly announced in a new white paper that filings and other submissions to FERC describing violations of cybersecurity reliability standards would be entirely nonpublic. Under the revised approach, all cybersecurity noncompliance information will be considered CEII and not disclosed in response to FOIA requests.
At its June 18 open meeting, FERC issued a notice of inquiry seeking public input on cybersecurity-related enhancements to the Critical Infrastructure Protection (CIP) reliability standards. In light of the constantly evolving nature of cybersecurity threats to the bulk power system, FERC is interested in determining whether the current CIP standards adequately address specific cyberrisk areas related to data security and cybersecurity incident detection, containment, and mitigation.
Following the declaration of a global pandemic due to the widespread transmission of the coronavirus (COVID-19), the issuance of shutdown and/or stay-at-home directives cascaded from commercial enterprises and state and local governments across the United States. During this period of extreme disruption to daily routine, the continuity and integrity of energy operations were necessary to ensure that the massive shift to home-based life could exist with minimal business disruption.
The Federal Energy Regulatory Commission (FERC) issued a notice on May 20 that it will convene a Commissioner-led technical conference to consider the ongoing, serious impacts that the emergency conditions caused by the coronavirus (COVID-19) pandemic are having on the energy industry. The conference will be free, open to the public, and held remotely on Wednesday and Thursday, July 8-9, 2020.
In response to President Donald Trump’s declaration of a national emergency due to the coronavirus (COVID-19) pandemic, the Pipeline Hazardous Materials Safety Administration (PHMSA) issued a notice that it does not intend to take enforcement action related to certain new gas pipeline safety regulations with which gas pipeline operators must comply by July 1, 2020.
The Commodity Futures Trading Commission (CFTC) indicated on April 24 that it is conducting a review of the $40-per-barrel plunge in the WTI crude price that occurred on April 20. The CFTC stated that it is conducting the review to understand why the pricing happened, to ensure that the market functioned properly, and to rule out foul play.

President Donald Trump signed an executive order on May 1 declaring that the use of bulk-power system equipment supplied by companies controlled by certain foreign nations poses an extraordinary threat to the US power grid. The order observes that the bulk-power system is a valuable target for malicious actors, and any attack on that system could pose serious risks to the economy, public health and safety, and national security.

In an order issued on April 17, the Federal Energy Regulatory Commission (FERC) agreed to defer implementation of certain cybersecurity and operational reliability standards administered by the North American Electric Reliability Corporation (NERC) that had important compliance milestones later this year, including the suite of supply chain risk management standards that have been under development for several years and were set to take effect on July 1. The move by FERC is intended to provide some measure of relief from impending compliance burdens and to allow electric utilities to focus their resources on responding to the coronavirus (COVID-19) pandemic.