Risks

Probability

High

Impact

Very high

What is the risk?

Working with gas and electricity involves health and safety risks for our employees, contractors and customers. Insufficient safety awareness and lack of knowledge of safety instructions, quality & safety requirements and safety measures heighten the risk of accidents. Unsafe practices of third parties working on Alliander's behalf can also lead to safety risks.

How is the risk managed?

Alliander works continuously to improve its safety culture as well as the safety of its processes and network components. If an incident occurs, an independent investigation is carried out to establish the immediate and underlying causes and to learn lessons for the future. Safety and the safety culture is a specific focus area within all operational units of Alliander and at subcontractors. A dedicated safety programme is in place to ensure ongoing improvements.

What is the risk trend?

Neutral. The nature of the work within Alliander means that safety remains a high risk. Safety is therefore prominently on the agenda within Alliander.

Probability

High

Impact

High

What is the risk?

Due to the current rapid economic growth, the work volume is developing explosively and more quickly than anticipated. At the same time, the tight labour market for technical staff (combined with the long training period) makes it difficult to rapidly expand our workforce. As a consequence, we cannot do all the work that comes our way, or not within the desired time frame. Some customers are connected later than desired and technical network maintenance is sometimes postponed. This may adversely affect the sensitivity to interruptions.

How is the risk managed?

Alliander is addressing the challenges surrounding the realisation of its work package. The approach consists of various aspects:

• Improve the realisation of our work package through better prioritisation, better workload predictability and active support to help customers solve their energy needs.

• Increase capacity by offering more and faster training, releasing critical capacity, recruiting critical skills and smart outsourcing.

• Enhance the organisational efficiency through stronger operational management and smarter working practices.

• Prevent reputational damage through active monitoring of complaints and incidents, better internal communications and active reputation management.

• Active lobbying and cooperation with the sector and education.

What is the risk trend?

Neutral. In view of current and future measures, the risk trend is expected to be neutral.

Probability

High

Impact

Very high

What is the risk?

Policy and regulations within the energy domain have an impact on our activities and profitability. Due to the energy transition policy, we notice a growing mismatch between regulations and reality. This may affect our ability to facilitate the energy transition and the continuity of Alliander.

How is the risk managed?

To continue investing in the longer term in new initiatives to facilitate the energy system of the future, the ACM must give us the scope we need to pursue this objective. We look 30 years ahead to envision the impact that the transition from fossils to renewables will have on the infrastructure we manage. We visualise the necessary regulatory adjustments and intensively discuss these with all policy-making parties. Under the auspices of Netbeheer Nederland (Association of Energy Network Operators in the Netherlands), Alliander and the other network operators are consulting with the Ministry of Economic Affairs and Climate Policy and the ACM about the required regulations, with a particular focus on the need to preserve a healthy investment climate. We are increasingly running up against regulatory obstacles that impede our efforts to facilitate the energy transition.

What is the risk trend?

Increasing

Probability

High

Impact

High

What is the risk?

Our energy networks and above-ground installations are steadily being digitised. Cyber attacks with a political or terrorist motive are increasingly targeting vital infrastructure. Alliander must respond proactively to the rise and changes in cybercrime. In this way, we can prevent that a successful attack on our digitised networks jeopardises the continuity of our services. That is why we are continuing to take above-average measures to protect and safeguard vital infrastructure.

How is the risk managed?

We protect our energy and data networks and computers against attacks at various levels. We make our employees aware of cybersecurity risks, with a strong focus on prevention, detection and response. In 2017, Alliander's security function was expanded further with the creation of a fully-fledged security domain within IT. We are also intensively addressing this issue together with other network operators within Netbeheer Nederland and maintain close contacts with the Dutch National Cyber Security Centre and other parties. Together we can keep up with rapidly-evolving developments and pick up external signals of attacks at an early stage.

What is the risk trend?

Neutral. If no control measures were taken, the probability of this risk would increase. For this reason, the combination of evermore complex attacks and the ongoing digitisation of our networks calls for increased cyber resilience within Alliander, so that we can actively detect attacks and mitigate the impact through targeted reactions. This resilience will be expanded further in the coming years in order to keep the heightened cyber risks at an acceptable level.

Probability

High

Impact

High

What is the risk?

As part of our energy network management activities, we have access to privacy-sensitive data. This concerns e.g. connections, energy contracts, usage and costs. Violation of the privacy of energy data leads to penalties and reputational damage.

How is the risk managed?

We work closely with the other parties in the energy sector to ensure the effective protection of privacy-sensitive data. Information is exchanged with the regulator, the Netherlands Authority for Consumers & Markets (ACM), industry organisations (the Association of Energy Network Operators in the Netherlands and Energie-Nederland (E-NL)) and other relevant parties. Within its own organisation, Alliander has taken various initiatives to shield confidential data more effectively. Starting from 2016, organisations are obliged to report any personal data leaks to the Dutch Data Protection Authority. Alliander has set up the requisite processes and organisation for this purpose, while also tightening up its policy and guidelines. We are currently working on further improvements, including the introduction of a Privacy & Security Roadmap.

What is the risk trend?

Increasing. Data leaks have already occurred in the sector, and more incidents are expected in the future.

Probability

High

Impact

High

What is the risk?

One of the biggest challenges for Alliander in our rapidly changing environment is to recruit and retain the right staff, particularly people with critical technical and IT skills. This risk overlaps with two other risks, namely ‘Realisation of work package' and 'Anticipating and keeping up with the energy transition'.

How is the risk managed?

Our labour market efforts and campaigns are entirely targeted at the recruitment of scarce skills. Where possible, we also approach less obvious target groups, such as career changers, candidates for reskilling and international talent. We maintain close contacts with schools and universities to spot young talent and identify their wishes and expectations at an early stage. In addition, we are working with HR teams whose core task is to recruit the required capacity and competences.

What is the risk trend?

Neutral. Thanks to the expected effects of initiated measures, the risk will remain at the same level in the coming years.

Probability

Medium

Impact

Medium

What is the risk?

The energy transition is accelerating. Our society is in the throes of far-reaching electrification and the use of natural gas for residential heating is being phased out. As natural gas is being phased out and the use of solar panels, wind farms, heat pumps and electric cars is becoming more widespread, many parts of the electricity network need to be rapidly upgraded. But it is difficult to predict how quickly society will embrace the new energy system. The uncertainty surrounding the energy transition scenarios (what will happen where, and at what speed?) makes it harder than ever to accurately anticipate events. If we are not sufficiently flexible to deal with the uncertainty of diverse transition scenarios and the associated investments and do not have sufficient alternatives to avoid network upgrades, we may make ill-advised investments, invest too late or too early, or develop unnecessarily complex products. Added to this, falling revenue from the gas network may put the affordability of the energy system under further pressure.

How is the risk managed?

Our approach is threefold. With data-driven network management, we generate more predictive insight into the future energy requirement in our regions and the impacts on our networks. By adopting a more proactive customer approach, we learn at an earlier stage about local developments and can influence the heating transition in a positive way. Innovative solutions enable us to prevent network upgrades and investments/divestments.

What is the risk trend?

Neutral. Beyond the current plan period for our strategy (the next five years), however, we see a strongly rising trend.