Regulatory Submissions

Earlier in May, APGA submitted comments to the Securities and Exchange Commission (SEC) responding to their proposed rule governing disclosures regarding cybersecurity risk management, strategy, governance, and cybersecurity incident reporting by public companies. The SEC’s proposal does not directly impose new requirements on public utilities, but APGA members are a part of a complex natural gas supply chain, which does contain companies that will have to comply.

The main concern provided in the comments was that this proposed rule could burden companies “upstream” of the public, local distribution utility, which will likely impact APGA members’ operations. Community-owned gas utilities work hard to maintain a resilient system and coordinate with supply chain partners to provide energy to customers for use in their homes, businesses, or small industries. Any security related regulations need to be practical, maintaining a balance between delivering reliable, affordable natural gas and, in this case, protecting investors. As the SEC finalizes the proposal, APGA urged it to be cognizant of “trickle-down” impacts that could occur and significantly affect all those along the supply chain. APGA does appreciate the rationale behind the SEC’s proposed rule, which is to reduce the risk of inadvertently exposing investors to cybersecurity threats. However, the concerns with the proposal that APGA detailed need to be considered by the SEC.