From Awareness to Action: Building a Climate Risk Program for a Major U.S. Utility
/From Awareness to Action: Building a Climate Risk Program for a Major U.S. Utility
Presented by ACCO and GoPedal · July 15, 2026
Why utilities face outsized climate risk
Climate-related risks are becoming increasingly important components of enterprise risk, particularly for utilities. Several factors make utilities among the most susceptible to climate-related risks:
- Long-lived infrastructure. Many utility assets are built to last decades, not years. Poles, lines, conduit, pipes, and drainage systems are likely to be in service decades from now when climate conditions will look very different. Today's design, engineering and capital improvement decisions can thus have long-term consequences.
- Distributed networks. Utility infrastructure is by nature spread across wide geographic service areas, and much of that infrastructure is fixed in required locations. A single climate event can create hundreds or thousands of simultaneous failure points across a region, and relocating facilities to mitigate risks often is not possible.
- Exposure to the elements. Above-ground poles, conductors, and pipes are directly exposed to weather events that climate change is making more frequent and severe, including extreme heat, flooding, high winds, ice storms, and wildfires. Even underground assets such as water and gas pipes can be vulnerable to flooding.
- Community dependence. Service outages aren't just a revenue problem. Hospitals, water treatment facilities, emergency services, and households depend on uninterrupted power and gas.
- Regulatory accountability. Utility commissions increasingly expect utilities to demonstrate they are managing climate-related risks proactively. Well-documented formal programs are becoming an expectation.
- Cost management pressure. Utilities are expected to manage costs responsibly to keep services affordable. Reactive responses to climate impacts are far more expensive than proactive mitigation built into planned capital programs.
Building an enterprise-wide program to assess and manage climate risks isn't simple. It requires engaging multiple functions, including design and engineering, operations, capacity planning, enterprise risk management, and regulatory affairs. ACCO and GoPedal were engaged to help architect an enterprise-wide climate risk assessment and mitigation program. Their experience reflects what many utilities across the country are navigating.
Why the time to act is now
A common question: Why build a formal program now, when many of the most significant climate impacts are still years or decades away and many regulators aren't requiring it yet? There are two compelling answers.
The cost of waiting is much higher than the cost of acting.
Climate risks addressed proactively, through systematic resilience programs and planned capital investments, cost a fraction of what reactive responses cost. Emergency repairs, unplanned outages, accelerated asset replacements, and customer impact from service disruptions all carry costs that dwarf the investment required to address risks in advance. For utilities with billions of dollars in infrastructure assets, even modest reductions in unplanned failure rates translate to significant financial benefits.
The question isn't whether to invest in climate resilience. It's whether to do it now on your terms — or wait until your hand is forced.
Early movers can shape the regulatory environment.
Utility commissions are increasingly active on climate risk, but formal regulatory requirements are still being developed in many jurisdictions. Utilities that build rigorous programs now are better positioned to participate in those policy conversations, share their methodologies, and influence how requirements are written. And if a major climate-driven event results in widespread outages, a utility that has implemented a comprehensive program is in a much better position to respond to subsequent regulatory scrutiny and defend against potential litigation.
Utilities that act now can help write the rules. Those that wait will have to live with them.
Disclosure is not the same as a program.
Most organizations have addressed climate risk primarily through the lens of disclosure — identifying risks at a general level and crafting language that satisfies reporting obligations by highlighting the uncertainty of those risks. That process is not designed to quantify risk or identify specific mitigation strategies, and it typically leaves significant gaps between identifying the existence of a risk, understanding the actual vulnerability, and taking actions to mitigate that vulnerability. A comprehensive risk assessment and mitigation program fills those gaps, enabling a fundamentally different kind of disclosure.
A rigorous program tells you where not to spend, not just where to spend.
A disciplined climate risk assessment program brings clarity to capital allocation decisions by systematically evaluating which assets face the greatest exposure and consequence of failure. This allows utilities to prioritize investments where they matter most and avoid spending ratepayer dollars on upgrades that aren't justified by the actual risk profile. That message resonates with regulators, ratepayers, and investors alike.
The role of preventive medicine provides a useful analogy. A good doctor doesn't wait for a patient to have a major medical episode before recommending healthy habits. Annual physicals, routine screenings, and a gym membership all cost time and money, but those costs are modest compared to the alternative: recovering from a cardiac event, treating chronic disease, or managing a diagnosis. Climate resilience works the same way. Investing in a comprehensive risk assessment program and cost-effective mitigation measures before the risks fully materialize is the utility equivalent of taking care of your health before the crisis makes it harder and more costly.
Challenges of building a comprehensive program
ACCO has been at the forefront of researching the specific barriers that prevent large organizations, in both the public and private sectors, from taking action to address the risks presented by climate change. ACCO's research shows that understanding climate science does not automatically translate into understanding the operational implications of climate change, and understanding those implications does not automatically prompt organizations to take action. This awareness-action gap exists because building a program that actually works across a large, complex organization is hard for multiple reasons:
- Risk, sustainability and operations expertise are separated. Responsibility for climate resilience often sits in corporate sustainability groups focused on environmental stewardship, not operational management of external risks. These teams often lack enterprise risk management expertise and cross-functional authority. Meanwhile, ERM functions lack climate subject-matter expertise and tend to operate on shorter planning horizons.
- Widely varying asset lives, planning cycles and vulnerability. Expected asset lives can range from fewer than 5 years to more than 50, planning cycles from annual to five years or longer, and vulnerability varies by asset type and location. Incorporating forward-looking climate risk requires a methodology that accounts for these variables instead of a one-size-fits-all approach.
- Incorporating existing work. In many large utilities, climate-related work has already begun in some areas but not others. A program that ignores existing work wastes resources; one that doesn't address gaps leaves the organization exposed.
- The quantification problem. Climate models produce outputs in terms of temperature, precipitation, and sea level — not downed power lines, transformer failure rates, or projected flood impacts. Bridging that gap requires sophisticated data analysis where feasible and qualitative analysis where data is insufficient.
- Regulatory defensibility requirements. A climate risk program must withstand regulatory scrutiny. That means a defensible methodology based on valid data, with rigorous documentation and reproducible results.
- Organizational change is slow. Even the best-designed program stalls without widespread internal support. Getting buy-in from dozens of stakeholders across multiple operating companies, business functions, and leadership levels takes time and intention.
How we addressed these challenges: the client engagement
Over the course of 18 months, ACCO and GoPedal worked with the utility's subject matter experts to design a comprehensive, enterprise-wide climate risk program — and get it approved by executive leadership on the first try. Here's how we did it.
Step 1 — Stakeholder Discovery
ACCO and GoPedal started by conducting in-depth interviews with more than 30 stakeholders — primarily at the VP and Director level — spanning both the parent company and its individual operating companies. These conversations gave us a granular view of how different business functions were thinking about climate risk, what work was already underway, and where the most significant gaps were.
Step 2 — Program Architecture
The program was built following basic risk assessment principles familiar to risk management professionals: for each asset type, the assessment determines risk by taking into account vulnerability to climate hazards (exposure, sensitivity, and adaptive capacity), likelihood of those hazards materializing, and consequences of failure. Consequences may include customers affected, restoration time, restoration cost, and equity considerations. Connecting vulnerability to consequence allows for rating the risk level from low to high for specific asset classes or assets, and assessments can be done by geographic area.
Three design principles guided every decision:
- Leverage existing business processes and structures wherever feasible instead of asking the organization to rebuild from scratch.
- Use familiar terminology to reduce the learning curve and increase the likelihood of adoption.
- Fill gaps in ways that are sustainable given the organization's existing resources, without creating obligations the organization can't fulfill.
The program incorporated existing reliability and resilience metrics work already underway, added a structured process for selecting forward-looking climate models and scenarios, and established a methodology for translating climate projections into operational impacts — the gap the client's engineers identified as the biggest barrier to forward-looking risk assessments.
Bridging that gap required a specific methodology. The raw output of climate models didn't tell engineers what they needed to know about projected impacts to the network. One approach is to use available data about the impacts of extreme events when they occur today — when temperatures, precipitation levels, or wind speeds exceed operationally significant thresholds. Mapping that operational data to climate projections, downscaled to meaningful geographic areas within a service territory, provides a meaningful projection of the impact of climate change on the network and operations. The engineering teams validated that this was exactly what they needed to inform risk assessment and, for the highest-risk areas and assets, the additional work of developing mitigation recommendations.
Step 3 — Governance
A program without clear ownership is just a document. We worked with the client to design a governance framework that gave key stakeholders a formal role in implementing the program — building accountability and organizational buy-in simultaneously.
- Define system performance measures for climate hazards.
- Set baseline and performance targets.
- Project climate impacts to metrics.
- Select climate models and scenarios.
- Explore available datasets.
- Evaluate industry best practices.
- Establish asset and hazard inventory.
- Assess vulnerability and failure consequence.
- Propose mitigation recommendations.
- Integrate recommendations into processes.
- Create methodology for organization-wide information sharing.
Step 4 — Organizational Alignment
After designing the program architecture, we went back to every impacted department — at both the corporate and operating company level — to gather feedback and adjust the program as needed. This allowed us to achieve buy-in throughout the organization before the program was presented to the executive leadership team. The program was approved without modification the first time it was presented.
Step 5 — Training
Training was woven into the program at two levels. Before architecting a program, the client provided company-wide climate training to establish a baseline level of climate literacy across the organization. After the program was approved, ACCO developed and delivered targeted training sessions for participants in the working groups, ensuring that the people responsible for implementing the program had the specific knowledge and context to do it well.
Results
Key lessons for the industry
- Start with questions, not answers. The most important investment in this engagement was the discovery process. Thirty interviews before a single program element was designed. That investment is what allowed us to build something that fit the organization, not just something that looked good on paper.
- Design for adoption, not just compliance. A program that requires everyone to change everything they're doing won't survive first contact with the real organization. Building around existing processes, using familiar language, and spreading work sustainably dramatically increases the likelihood that the program actually gets implemented.
- Alignment is the work, not a step after the work. Executive approval without revision didn't happen because the program was technically perfect. It happened because every part of the organization had already weighed in. The alignment process isn't separate from the design process — it is the design process.
- The risks are real and the window for proactive action is closing. The client didn't build this program to check a box. They built it because climate change poses real operational and financial risks to infrastructure and customers, and because waiting until those risks materialized would mean it was already too late to get ahead of them.
