Crisis Situation Management

Copel’s crisis management process is aligned with the Company’s strategy and supports decision making in the face of eventual contingencies that may cause reputational, operational, financial and strategic risks, in order to maintain the integrity and availability of its assets, as well as mitigate and remediate negative impacts.

The focus of the management of crisis situations is on the agile, effective and articulated response, together with other governmental entities and society, in eventual emergencies that may directly affect people, the environment and the Company’s operations.

For the management of crisis situations, Copel can adopt specific contingency plans for each situation, such as: Catastrophes (natural disasters with impacts on infrastructure or infrastructure with environmental impacts); Sanitary and Biological Crises and Cyber Attacks.

Disaster Contingency Plans

Contingency plans in disasters are plans constituted for situations or events that get out of control or the established pattern and need clear and concise answers, definition of actions and responsibilities to cope with natural events with impacts on infrastructure or infrastructure events with environmental impacts. The plans aim to intervene, control and combat the consequences and impacts of these events in the shortest possible time. Among Copel’s contingency plans for catastrophes are the Dam Safety Plan and the Action Plan for Socio-environmental Emergencies.

Pama

As an instrument for the containment and mitigation of risks that impact the environment and the community, Copel GeT’s Environment area has instituted the Action Plan for Socio-environmental Emergencies (PAMA), aimed at responding to emergencies involving oil spills, chemical products, floods, traffic accidents, among others, that may directly affect people, the environment and/or the operation of the undertakings.

The Plan aims at organizing the actions to be quickly unleashed in emergency situations, which consists in preparing and establishing organizational guidelines, as well as providing data, materials and preparation that guarantee the necessary conditions for the adoption of technical and administrative procedures in a structured manner, from the identification and containment of the emergency situation to the mitigation of impacts that may eventually occur.

All the undertakings of Copel Geração e Transmissão S.A, including hydroelectric power plants, substations, lines, and wind farms, are covered by the PAMA, with the definition of the flowchart and organization chart for assistance, the designation of the titular and alternate coordinators, the holding of periodic simulations and training, the management of materials, resources, and structure for environmental emergency assistance, and the availability of teams on call for emergency assistance, the participation in the Integrated Management Group and collaboration with the Local Management Groups of the undertakings in the definition and revision of the Emergency Action Plans (PAEs) of the Operation, the elaboration of mappings and studies for the development and improvement of the Emergency Plans and Initial Response Strategy, besides the periodic revision of the actions as foreseen in the document.

PAE

The Emergency Action Plan (PAE) of dams is a formal document that establishes the actions to be taken in case of emergency, as well as identifying the agents to be notified of such occurrence.

As established in Article 11 of Law No. 12.334/2010, which establishes the National Policy for Dam Safety (PNSB), the PAE is required for dams classified as having high potential damage, following the criteria defined by the inspection entity.

In the case of dams licensed to exploit hydraulic energy potential, the supervising entity is the National Agency of Electrical Energy (Aneel), which published Normative Resolution No. 696 on December 15, 2015, with the criteria for classification and formulation of the Dam Safety Plan, in which the PAE is included, and the periodic safety review must also be provided for.

The classification of a dam is based on its risk category and associated potential damage. In this context, the PAE of each dam must be updated periodically, according to the needs and characteristics of the downstream valley, including new information and removing data considered outdated and/or incorrect, with all changes being recorded in the PAE Revision Control Sheet.

The PAE aims to define the actions to be carried out by the entrepreneur in an emergency situation, identifying preventive and corrective procedures, strategy and means of dissemination and alert for the affected communities and the agents that should be mobilized

It is, therefore, a formal document that provides information to the Civil Defense, to support them in the preparation of their contingency plans, and also to the municipalities possibly involved.

 

Contingency Plan for Sanitary and Biological Crises

Copel’s senior management is prepared to act in a timely manner in sanitary and biological crisis situations, as it is supported by the best corporate governance practices for decision making and integrated risk management.

Since the beginning of the Covid-19 pandemic, the Company has maintained a committee that periodically evaluates the actions to be taken considering the degree of contamination risk inside and outside its facilities, as well as the safety conditions for employee health, including the monitoring of vaccination data.

In addition, the topic is dealt with by the Audit Committee and the Indication and Evaluation Committee, respectively, every two and three months. Norms were issued to ensure compliance with the measures to contain the spread of the disease in the company and to minimize its impacts in the administrative, operational and economic-financial areas.

The Contingency Committee for the Covid-19 Pandemic continued to monitor and act on the pillars of people’s safety; continuity of essential activities; monitoring of the guidelines and requirements of the regulatory agencies and preservation of adequate financial conditions to support the crisis.

The company implemented the teleworking regime in the areas where it was possible to adopt this format, with travel restrictions, holding meetings by videoconference, daily monitoring of the health and well-being of employees and the adoption of contingency protocols, in order to fully maintain the operations of the electricity and piped gas infrastructure, but preserving the health of its professionals.

During the pandemic, Copel’s first concern with its economic-financial health was cash preservation, in view of the deceleration of global economic activity as a consequence of restrictions related to social distancing and mandatory isolation.

There was a special concern with the liquidity of the energy market and the short term price, as well as with the negotiations with the granting authority for the implementation of guidelines that would guarantee the maintenance of the economic-financial sustainability of the entire chain of generation, transmission, commercialization, and distribution of electric energy.

With the constant and systematic evaluation of the impacts, Copel was able to implement the necessary measures for the continuity of the operations in the period of reduction of consumption and impact of default, aiming at the preservation of the cash flow.

Crisis Management and Contingency Plan - Cyber Attacks

The crisis management process for information assets is aligned with the Company’s strategy, since decisions made in the face of probable contingencies can compromise its reputation, operations and strategies. With the purpose of maintaining integrity, confidentiality and availability, the crisis management plan is triggered when serious material or image damage is characterized; when it is evidenced that the incident response actions will persist for a long time; when there is an impact on the activities and services provided by Copel; when there is reputational impact.

Incident management is a set of activities that must be carried out in the occurrence of an adverse information security event, to evaluate the problem and determine the initial response, with monitoring by a multidisciplinary commission and periodic reporting to top management.

Among other activities of the commission, it may include the definition of critical activities that are fundamental for Copel’s final activities; identification of critical information assets, i.e., those that support the primary activities, including people, processes, infrastructure and information technology resources; continuous assessment of the risks to which critical activities are exposed and that may directly impact business continuity; categorizing incidents and establishing specific response procedures for each type of incident, in order to support technical and leadership teams in cases of serious cyber incidents; prioritizing the monitoring, follow-up and treatment of the most critical risks; performing simulations and tests to validate the plans and procedures; and preparing a plan to return to normality.

These activities are detailed and consolidated in a contingency plan that covers various sectors due to possible crisis scenarios, in order to counteract the escalation of a possible crisis and with the objective of maintaining the services provided by the organization.