Energy & Utilities

Compliance under pressure, resilience by design

As central players in the energy transition, utilities and energy producers are under extreme pressure to align with climate targets, defend against cyber threats, and demonstrate ESG performance. Whether managing fossil assets, grid infrastructure, renewables, or water services, the sector is held to the highest standards — by regulators, investors, and the public.

Key Risks

Climate Responsibility and Fiduciary Lawsuits

In 2023, NGO ClientEarth filed a lawsuit against Shell’s Board of Directors, arguing that their failure to implement a credible climate transition strategy constituted a breach of their legal duties.

Although dismissed at first instance in the UK, the case set a precedent for directors’ personal liability under fiduciary law for climate inaction.

TotalEnergies also faces lawsuits in France over “greenwashing” and human rights violations linked to its oil projects in Uganda and Tanzania.

Cyberattacks on Critical Infrastructure

The 2021 Colonial Pipeline ransomware attack disrupted nearly half the U.S. East Coast’s fuel supply. The attackers exploited weak VPN credentials and extorted $4.4 million USD.

Since then, energy and utility firms have been classified as critical infrastructure in the EU NIS2 Directive and under the U.S. Cybersecurity Executive Order.

Governance Failures and Political Exposure

IIn the high-stakes world of energy licensing and contracts, public-private entanglement can lead to corruption allegations.

Italian firm ENI and Shell were involved in a multi-billion-dollar trial (OPL245) concerning Nigerian oil licenses. Though the executives were acquitted in 2021, the case highlighted serious governance vulnerabilities.

Human Rights in Mineral Supply Chains

The shift to renewable technologies has increased demand for cobalt, lithium, and rare earth metals — often sourced from high-risk regions.

Reports of child labor, land grabs, and environmental damage — especially in the DRC — have triggered calls for stricter traceability and ethical sourcing.

Sector Trends

Mandatory ESG and Climate Disclosures

Under the CSRD and EU Taxonomy, utilities must disclose their environmental impact, climate transition plans, risk exposures, and governance structures — subject to audit.

Cloud-Dependent Operational Models

Utilities increasingly rely on SCADA systems, smart grids, and third-party cloud infrastructure. Outages or attacks (e.g., OVHcloud, 2021) now carry operational and legal consequences.

Forced Evolution of Energy Mix

Legal mandates are pushing the phase-out of coal, restriction of gas imports, and scaling of renewables. National climate targets are legally binding and backed by EU and national regulation.

What This Means for Your Business:

You are expected not only to deliver energy, but to prove how you do so — ethically, securely, and sustainably.

Climate inaction, cyber negligence, or opaque supply chains can now trigger regulatory penalties, litigation, or funding exclusion.

Long-term survival depends on building transparent governance, auditable ESG systems, and proactive compliance frameworks.

Book My Executive Briefing

Sources

  • ClientEarth v. Shell Board, UK High Court, Decision 2023

  • U.S. DOJ, “Colonial Pipeline Cyber Incident,” May 2021

  • Directive (EU) 2022/2555 (NIS2) and EU Cyber Resilience Act, 2024

  • European Commission, EU Taxonomy for Sustainable Activities, 2021

  • Directive (EU) 2022/2464 on Corporate Sustainability Reporting (CSRD)

  • OECD, “Corruption Risks in the Energy Sector,” 2020

  • Court of Milan, OPL245 Case, March 2021 – Shell and ENI Acquitted

  • Amnesty International, “This Is What We Die For – Cobalt in the DRC,” 2019