02 November 2023
Risk assurance expert, Sam Abbas, highlights how energy providers need to meet new Ofgem regulations by 31 March 2024 and offers guidance on how to prepare.
What is the Annual Adequacy Self-Assessment?
In 2023, Ofgem introduced the requirement for commercial and residential energy providers to undertake an Annual Adequacy Self-Assessment following consultation with providers throughout 2022. The assessment is primarily in response to the continued financial challenges being felt by providers, and to ensure customers are safeguarded. Click here to review the Decision on Strengthening Financial Resilience from Ofgem.
Suppliers must provide Ofgem with an assessment of their business model, risks and mitigations over the previous 12 months and the coming year, evidencing how they are compliant with the enhanced Financial Reporting Principle (FRP). This is the first year where the enhanced FRP is applicable. It is intended to be proportionate, both in terms of the administrative burden on licensees and in terms of Ofgem's response.
Why is Ofgem doing this?
The aim is to allow Ofgem to better understand the specific situation of each supplier and to analyse and assess the efficacy of supplier arrangements to manage risk over a longer period.
What do energy providers need to do?
Suppliers are expected to set out how they manage their business specific risks, including assurance of the appropriate capital and liquidity to address this. Below are the four key sections within the checklist.
- Certificate of Adequacy
- Business-specific arrangements and risks
- Exiting the market, minimising mutualisation costs and asset control
- Governance and internal capability, systems, and processes.
Providers have until the 31 March 2024 to submit their first annual assessment. The date of submission will then be the date by which all future annual assessments are to be submitted. However, they may be expected to submit sooner each year should there be material changes in the organisations business model. The assessment forms one of many regulatory requests for information (RFIs) required by the energy regulator.
Energy providers should undertake an assessment of their Ofgem reporting processes. Primarily how they respond to RFI’s and the quality of information supporting those responses.
They should assess their risk management and governance processes to ensure they adequately illustrate how risks are being managed, and systems and processes assessed for effectiveness.
An external review of the self-assessment would also provide the supplier and Ofgem with independent confidence and assurance that the documentation directly supports compliance with the enhanced FRP. It also serves to support suppliers with understanding how key risks in relation to data quality, GDPR and IT security are being managed, and whether further work is required to strengthen controls.
How RSM can help
If you would like to discuss the self-assessment process, or how we may be able to support your broader assurance needs, please contact Dan Harris, partner, or Sam Abbas, director in our risk assurance team.