FE 2022 Annual Report

LIBOR and other variable interest rates. During 2022, interest rates have increased significantly, which has caused the rate and interest expense on borrowings under the 2021 Credit Facilities to be significantly higher. Economic Conditions Economic conditions following the global pandemic, have increased lead times across numerous material categories, with some as much as doubling from pre-pandemic lead times. Some key suppliers have struggled with labor shortages and raw material availability, which along with increasing inflationary pressure, have increased costs and decreased the availability of certain materials, equipment and contractors. FirstEnergy has taken steps to mitigate these risks and does not currently expect service disruptions or any material impact on its capital spending plan. However, the situation remains fluid and a prolonged continuation or further increase in supply chain disruptions could have an adverse effect on FirstEnergy’s results of operations, cash flow and financial condition. CREDIT RISK Credit risk is the risk that FirstEnergy would incur a loss as a result of nonperformance by counterparties of their contractual obligations. FirstEnergy maintains credit policies and procedures with respect to counterparty credit (including requirements that counterparties maintain specified credit ratings) and require other assurances in the form of credit support or collateral in certain circumstance in order to limit counterparty credit risk. FirstEnergy has concentrations of suppliers and customers among electric utilities, financial institutions and energy marketing and trading companies. These concentrations may impact FirstEnergy's overall exposure to credit risk, positively or negatively, as counterparties may be similarly affected by changes in economic, regulatory or other conditions. In the event an energy supplier of the Ohio Companies, Pennsylvania Companies, JCP&L or PE in Maryland defaults on its obligation, the affected company would be required to seek replacement power in the market. In general, subject to regulatory review or other processes, it is expected that appropriate incremental costs incurred by these entities would be recoverable from customers through applicable rate mechanisms, thereby mitigating the financial risk for these entities. FirstEnergy's credit policies to manage credit risk include the use of an established credit approval process, daily credit mitigation provisions, such as margin, prepayment or collateral requirements. FirstEnergy and its subsidiaries may request additional credit assurance, in certain circumstances, in the event that the counterparties' credit ratings fall below investment grade, their tangible net worth falls below specified percentages or their exposures exceed an established credit limit. PHYSICAL SECURITY AND CYBERSECURITY RISK FirstEnergy is committed to protecting its customers, employees, facilities, and the ongoing reliability of its electric system. FirstEnergy works closely with state and federal agencies and its peers in the electric utility industry to identify physical and cyber security risks, exchange information, and put safeguards in place to comply with strict reliability and security standards. From a security standpoint, the electric utility sector is one of the most regulated industries. FirstEnergy has comprehensive cyber and physical security plans in place but does not publicly disclose details about these measures that could aid those who want to harm its customers, employees, facilities and the ongoing reliability of its electric system. The FE Board has identified cybersecurity as a key enterprise risk and prioritizes the mitigation of this risk. The FE Board receives cybersecurity updates from FirstEnergy's Information Technology organization at each of its regularly scheduled meetings. The Operations and Safety Committee reviews FirstEnergy's cybersecurity risk management practices and performance, primarily through reports provided by management, including the Chief Information Security Officer. The Operations and Safety Committee also reviews and discusses with management the steps taken to monitor, control, and mitigate such exposure. Among other things, these reports have focused on incident response management and recent cyber risk and cybersecurity developments. Security enhancements are also a key component of FirstEnergy’s Energizing the Future transmission investment program. FirstEnergy invests heavily in sophisticated and layered security measures that use both technology and hard defenses to protect critical transmission facilities and its digital communications networks. Despite security measures and safeguards FirstEnergy has employed, including certain measures implemented pursuant to mandatory NERC Critical Infrastructure Protection standards, its infrastructure may be increasingly vulnerable to such attacks as a result of the rapidly evolving and increasingly sophisticated means by which attempts to defeat security measures and gain access to information technology systems may be made. Also, FirstEnergy, or its vendors and service providers, may be at an increased risk of a cyber-attack and/or data security breach due to the nature of its business. Any such cyber incident could result in significant lost revenue, the inability to conduct critical business functions and serve customers for a significant period of time, the use of significant management resources, legal claims or proceedings, regulatory penalties, significant remediation costs, increased regulation, increased capital costs, increased protection costs for enhanced cybersecurity systems or personnel, damage to FirstEnergy's reputation and/or the rendering of its internal controls ineffective, all of which could materially adversely affect FirstEnergy's business, results of operations, financial condition and reputation. 53

RkJQdWJsaXNoZXIy NTIzOTM0