The Era of Risk is Already Here: We're Not Prepared

Eric Borden February 27, 2025
Tags: environmental regulationsenvironmental regulationclimate changeclimate

The recent LA Wildfires showed yet again the devastation that can happen when risks turn into real events. Whether it’s a hurricane, wildfire, flood, or hack, states and electric utilities face increasing dangers in a complex environment. Yet we tend contemplate the ramifications of risk events only after they’ve struck: utilities dispatch teams to repair power lines and bring essential services back online, infrastructure and homes are rebuilt, and everyone painstakingly sorts through how to pay for the disaster’s aftermath. 

Policymakers must recognize that the era of risk is already upon us. Waiting for and then reacting to disaster is not a reasonable approach to risk management. No state can afford to mitigate all risks entirely, and decision-makers face tough decisions about where to draw the line on risk thresholds, cost, and how and what to prioritize. To understand and mitigate risk in a proactive fashion, quantitative, data-driven risk modeling is fundamental for understanding the risk profile of threats and the tradeoffs among various mitigations to address these risks. Reasonable application of these tools can help save lives and the financial wellbeing of those that would otherwise bear the increasing and severe consequences of risk events.   

Unfortunately, states and utilities are often ill-prepared to appropriately address this era of risk. While utility regulators are faced with dire warnings from utilities about safety risk, they often have no real way to fully understand tradeoffs between risk reduction and cost of various approaches. The first and most critical step in facing up to the era of risk is to assess and quantify it as robustly and granularly as possible. All good policy is driven by objective analysis of data, and risk is no exception. The old business adage of “you can’t improve what you don’t measure” applies in this critical policy area. Our future blogs will apply the framework discussed here to a particular risk or topic in the energy sector, but let’s digest some risk modeling fundamentals first.

Risk Modeling 101 – Get Excited

Rigorous, data-driven, transparent, and granular risk assessment is fundamental to appropriately addressing risk. Much of my experience on this topic revolves around energy utilities in California. There is a great deal states and utilities can learn, both positive and negative, from California’s process and eventual application of more rigorous risk-modeling tools. It’s worth reviewing how California started down its path towards more rigorous and quantitative risk modeling, which now provides tools for the California Public Utilities Commission (CPUC) to examine tradeoffs between cost and risk reduction of various mitigation alternatives.  

In California, the recognition of need for a better set of tools started as it too often does—with a disaster. Pacific Gas and Electric (PG&E) caused a massive gas explosion near San Francisco in 2010 that killed eight people and injured many more. The CPUC realized that it had relied too heavily on subjective utility assessments of what was needed for safety rather than transparent, data-driven approaches to address risk. But the CPUC moved slowly—really slowly. Indeed, California’s utilities and its regulator had not incorporated these new tools or approach by 2018 when PG&E’s next catastrophe, the Camp Fire, would send utilities across the state reeling, seeking both near- and long-term solutions to the under-appreciated risk of wildfires and its interaction with PG&E’s negligent operation and maintenance practices. The Camp Fire killed 85 people and caused billions of dollars in damage, making it costliest natural disaster worldwide in that year. As PG&E plunged into bankruptcy due to financial losses, utility and Commission attention to risk modeling accelerated. Finally, in 2021 PG&E incorporated, for the first time, the risk modeling framework that had been introduced nearly a decade prior into a general rate case filing. Other utilities in the state have since followed.

History of California’s Regulatory Framework for Risk Modeling

The definition of risk adopted by the CPUC is one familiar to the risk management community—likelihood (probability) multiplied by the consequence of a risk event. The U.S. Department of Energy’s risk framework assesses an additional element, “vulnerability,” which is captured in the California context by “tranches” of risk. Often, this takes the form of a locational assessment of risk and how it varies across the system. For example, the risk of a wildfire in San Francisco, compared with the Sierra mountains, is vastly different, and would be masked if these locations are combined or averaged together in a non-locational risk score rather than separate “tranches.”

California Risk Modeling Framework


Figure 1. Illustrative Risk Event Bowtie. Recreated from California Public Utilities Commission Risk Assessment Mitigation Phase materials.
 

Good risk analysis entails quantifying the likelihood and consequences of an event at a granular level to enable exploring alternatives to mitigate that risk. Few states compare the cost-effectiveness of all possible solutions to one another and use that comparison to optimize their plans. The mitigation effectiveness, or amount of risk reduced by a variety of different measures, must be estimated, ideally using historical data, to estimate the risk reduction achieved by various risk mitigation options. 
With these elements, decision-makers can explore fundamental issues about how to properly mitigate a given risk, including: 

  • The amount of risk reduction and costs of various alternatives, which also allows for an assessment of mitigation and/or program cost-effectiveness; 
  • How, where, and what to prioritize to properly address the highest risk areas first in order to maximize risk reduction and minimize costs; and
  • Examine the impact of threats on vulnerable populations and critical infrastructure. 
    The following illustrative (and simplistic) example shows two options for mitigation of a risk. It quantifies in present value (PV) terms the risk reduction, costs, and net benefits of the two options. Note that California, and many but not all risk modeling approaches, seek to quantify all consequences in dollar terms to allow for straightforward comparisons of benefits (risk reduction) and costs. 

Illustrative Risk Modeling Results

This simple example demonstrates how decision-makers can explore a variety of issues that are central to understanding how to properly mitigate risk. For example, while Option 1 provides greater risk reduction than Option 2, its costs outweigh the benefits; Option 2, on the other hand, provides a more favorable cost-benefit ratio. Regulators could explore a different mix of these mitigations to maximize risk reduction for the costs incurred, also considering rate and bill impacts of various alternatives in the utility context. 

Application of Risk Modeling in the Era of Risk

A quantitative, data-driven approach to risk allows regulators insight into the critical tradeoffs of various risk mitigation strategies. Furthermore, it is important to recognize that spending should not be linearly equated with risk reduction. It is very possible to spend large sums of money but achieve little or insufficient risk reduction for these costs, particularly if the spending is for the wrong mitigation or in the wrong location (e.g. with little risk relative to other areas of the utility system).

Objective, rigorous, and transparent risk modeling—and a culture of continuous improvement to develop these models—will allow states to have sufficient information for optimizing risk mitigation strategies and approve only those utility costs that are just and reasonable. 

Furthermore, we know that publicly traded utilities have strong financial incentives for large-scale capital projects and expenditures. With rigorous risk modeling tools and an understanding of the various alternatives to mitigate risk, regulators can more holistically explore whether this spending is in the public interest, or if alternative plans can sufficiently mitigate risk while protecting ratepayers from unnecessary, and highly regressive, price hikes for energy. 

In future blogs we will consider case studies of Synapse’s work applying the concepts introduced here. Stay tuned.