ABOUT NPCC Careers Contact Us Governance & Corporate Membership Resources Leadership Team PROGRAM AREAS Standards & Criteria Compliance RAPA SAIS COMMITTEES DER/VER Forum Gov/Reg Affairs Reliability Coordinating Regional Standards NEWS Search SIGN IN

Enforcement and Mitigation

NPCC Compliance Mitigation and Enforcement or “Enforcement” is responsible for undertaking enforcement activities in accordance with risk-based approaches and conducting technical assessments of Registered Entities’ plans and activities to mitigate noncompliance.  Depending on the jurisdiction, enforcement either makes official recommendations to the appropriate regulatory authority or assists and coordinates with NERC to make such official recommendations.

NPCC’s Enforcement efforts are comprised of key functions including:

  • Determines the relevant facts and circumstances necessary to understand each noncompliance.
  • Evaluates and assigns a risk assessment to each noncompliance.
  • Evaluates and approves the mitigation activities or Mitigation Plan for each noncompliance.
  • Assesses the relevant compliance history for each noncompliance.
  • Determines the disposition method for each noncompliance.
  • Calculates penalties and sanctions in a consistent manner.
  • Evaluates Registered Entities for the self-logging program.

Enforcement and Mitigation Processes
NPCC conducts enforcement activities in accordance with the NERC Rules of Procedure and in particular Appendix 4B – Sanction Guidelines, and Appendix 4C – Uniform Compliance Monitoring and Enforcement Program (CMEP).  Serious risk violations, intentional violations, or significant compliance failures are processed as a Notice of Penalty (NOP).  A spreadsheet Notice of Penalty (SNOP) is used for moderate and minimal risk violations that do not qualify for the Find, Fix, Track and Report (FFT) process or the Compliance Exception Process. 

The self-logging program allows Registered Entities that are capable of self-monitoring and identifying, assessing, and correcting minimal risk noncompliance, to keep track of such minimal risk noncompliance (and their mitigation) on a log that is periodically reviewed by NPCC.  Noncompliance that is self-logged is presumed to be appropriate for disposition as a compliance exception. This approach is limited to Registered Entities that have been designated as eligible for self-logging by NPCC.

To be evaluated for self-logging, please send a request via email with the subject line “Request for Evaluation - [Registered Entity Name]”.  Upon receiving the request, NPCC will begin the process of evaluating whether the Registered Entity is capable of self-logging through a formal evaluation of the Registered Entity’s internal controls associated with the Registered Entity’s ability to identify, assess, and correct noncompliance according to NERC Reliability Standards.  More specific details of this evaluation are described in the ERO Enterprise Self-Logging Program User Guide.  During this evaluation, NPCC may contact the Registered Entity for additional information.

Enforcement and Mitigation Resources


Other Enforcement Resources

The NERC Enforcement and Mitigation page provides links to previously filed enforcement actions and compliance exceptions from NERC and all of the Regional Entities in the United States.

ERO Enterprise developed a user guide for Registered Entities' use in reporting and mitigating noncompliance.

For entities in New Brunswick, go to our New Brunswick section.

For entities in Québec, please click here to go to our Québec section. 

For question on enforcement and mitigation, contact us.


  Upcoming Events

  News Highlights

IBR Registration Initiative Reference Guide

May 16, 2024

Violation Trends and Compliance Enforcement Updates

April 08, 2024

Security Notice

This is a Northeast Power Coordinating Council, Inc. (NPCC) information system. You have no reasonable expectation of privacy regarding communications or data transiting or stored on NPCC’s information system. At any time and for any lawful purpose, NPCC may monitor, intercept, record, and search any communications or data transiting or stored on this information system. At NPCC’s sole discretion, NPCC may disclose pertinent information to the U.S. Government and its authorized representatives to protect the security of critical infrastructure and key resources, ensure information security, or to comply with any applicable law, regulation, legal process, or enforceable governmental request. By continuing, you acknowledge that you understand and consent to the terms and conditions described in this notice. The actual or attempted unauthorized access, use, or modification of this system is strictly prohibited and may subject violators to criminal, civil, and/or administrative action.