Ethics, compliance & risk management

At PG&E, we are committed to complying with both the letter and the spirit of the law. Coworkers are expected to know and follow our Codes of Conduct and all compliance requirements, and to speak up about safety issues or other concerns. We work every day to protect the safety of our workforce and the public, while also striving to meet our environmental compliance obligations.

 

We also recognize that delivering gas and electric service is inherently risky. However, risk can be managed, and we strive to embed risk management in every critical business process—making data-driven decisions to support safe, reliable, and affordable electric and gas service.

Driving culture change at PG&E

We continue to promote our “speak up, listen up, follow up” culture to create an environment in which all coworkers feel psychologically safe to speak up— particularly about safety concerns and potential misconduct—and to listen and take action to resolve issues. Our culture change efforts included: 

 

  • Recognizing 14 coworkers at our seventh annual Speak Up Awards ceremony, including a team that proactively resolved a gas safety issue involving a contractor.
  • Holding PG&E’s ninth annual Ethics and Compliance Week, focused on building psychological safety. 

Our approach

 

Ethics and compliance

 

The PG&E Corporation Executive Vice President, General Counsel and Chief Ethics and Compliance Officer (CECO) leads ethics and compliance. The CECO reports to the PG&E Corporation CEO and has additional reporting responsibility to the Audit Committees and Safety and Nuclear Oversight Committees of the PG&E Corporation and Pacific Gas and Electric Company Boards of Directors (Boards).

 

Beginning in 2016, we adopted a standardized framework called the Ethics and Compliance Maturity Model. This model includes elements derived from the U.S. Federal Sentencing Guidelines, which define the parameters of an effective ethics and compliance program.

 

Additionally, management-level governance bodies help drive and coordinate our ethics and compliance activities:

 

  • Commitments Information Center: A forum that enables PG&E’s executive leadership to drive improved compliance performance by providing visibility into PG&E’s internal and external obligations.
  • Ethics and Compliance Expert Advisory Board: A cross-functional, non-officer team that strives to improve the effectiveness of PG&E’s ethics and compliance program by sharing best practices and coordinating strategies, goals, and programs across the enterprise.
  • Risk and Compliance Committees: Forums in each part of the organization with officers and senior leaders that provide strategic guidance and oversight for ethics and compliance programs and operational risk management.
  • Ethics Council: A cross-functional group of coworkers and leaders that explores the role that business ethics plays in our operations and relationships with coworkers, customers, and all other stakeholders. Council members serve as ethics and compliance ambassadors among their teams. 

 

To provide guidance on conduct requirements, PG&E maintains codes of conduct for:

 

 

Risk management

 

Within PG&E, risk management is organized into two types of risk:

 

  • Enterprise and Operational Risk 
  • Financial Risk 

 

Enterprise and operational risk:

 

By systematically identifying, evaluating, mitigating, and monitoring risks, PG&E’s Enterprise and Operational Risk Management (EORM) program facilitates risk reduction.

 

The Chief Risk Officer (CRO) of PG&E Corporation and Pacific Gas and Electric Company oversees the EORM program and is responsible for safety and operational risk compliance. The CRO is accountable to the PG&E Corporation CEO and the Boards of Directors.

 

Senior management categorizes enterprise risks and recommends the most serious risks for Board-level review at least once every 12 months. The program, including enterprise risks, is overseen by senior management and the Boards of Directors.

 

PG&E maintains a risk register of event-based and cross-cutting risks. We follow a consistent enterprise-wide approach to identify, evaluate, respond to, and monitor risks. With our evaluation methodology, PG&E calculates risk values and evaluates different mitigation strategies to reduce these values.

 

Additionally, senior management provides cross-functional oversight through an Enterprise Risk Command Center as part of the Lean operating system. This forum focuses on metrics for each risk that indicate whether risk reduction activities meet objectives, engages executive leadership across risk areas, and drives risk management best practices consistently across the enterprise.

 

To enhance risk management, the CRO has regular insight into, and feedback from, operational activities. The operational risk validation function, overseen by the CRO, leads this effort.

 

Financial risk:

 

Financial risk is further broken down into two categories—Consolidated Liquidity Risk and Market and Credit Risk. Liquidity risk is one of PG&E’s top financial risks and is defined as the inability to meet financial obligations as they come due. PG&E assesses and evaluates market, credit, and liquidity risk for energy procurement, financial derivatives, and other related risk activities.

 

Market, credit, and liquidity risk management is implemented through our Risk Policy Committee and Risk Management Committee, which provide oversight and approval of energy procurement risk exposure, including energy commodities and derivatives prices, interest rates, currency, credit, and other risks. The Vice President and Chief Audit Officer is responsible for market and credit risk management, internal audit, insurance, third-party risk management, and Sarbanes-Oxley Act compliance. 

 

Environmental compliance

 

Our Environmental Policy requires strict adherence to all applicable environmental laws and regulations. These requirements relate to a broad range of activities, including preventing the discharge of pollutants; safely transporting, handling, and storing hazardous materials; properly managing hazardous wastes; protecting threatened and endangered species; and reporting and reducing emissions of air pollutants and greenhouse gases such as carbon dioxide, methane, and sulfur hexafluoride.

 

To meet these requirements, PG&E employs an Environmental Management System (EMS) modeled after the ISO 14001 environmental management standard and consistent with the ISO standard’s “Plan, Do, Check, Act” model for continuous improvement. In addition, we align our EMS and environmental operations to PG&E’s Ethics and Compliance Maturity Model. This allows us to integrate our compliance activities with the rest of PG&E, and to use common compliance performance measurements. 

 

The Vice President, Land, Environmental, and Permitting Services of Pacific Gas and Electric Company oversees our commitment to meeting environmental requirements, including reviewing monthly compliance performance updates. An annual environmental compliance summary is presented to the Sustainability and Governance Committee of the PG&E Corporation Board of Directors.

 

Assessments, auditing, and testing are critical for compliance with the many environmental laws and regulations relating to our business. We review and audit environmental performance in various ways:

 

  • Comprehensive Assessments: A team of cross-functional environmental personnel performs an extensive assessment at selected facilities to evaluate compliance with environmental regulations.
  • Internal Audits: The Internal Audit department conducts systemic and programmatic controls-based audits to independently analyze the effectiveness of our environmental compliance management systems.
  • Compliance Testing and Risk Reviews: These reviews, designed to assess the adequacy of controls and risk mitigations, as well as compliance work processes, are conducted by the Risk and Compliance function.
  • Environment Construction Inspections: These inspections are designed to assess construction practices and confirm that work is performed in compliance with all environmental guidance and regulations. 

 

Board governance

 

Certain committees of the Boards have specific oversight responsibility for compliance and risk management in their respective substantive areas. For a full description of Board committee oversight responsibilities, please see the webpages of the Boards of Directors of PG&E Corporation and Pacific Gas and Electric Company, as well as our 2024 Joint Proxy Statement.

2023 milestones

 

Ethics and compliance

 

  • Expanded and improved visual management in our Commitments Information Center to bring transparency to and drive improvement in PG&E’s compliance performance.
  • Implemented a cross-functional program to manage Transportation Safety Administration cybersecurity requirements.
  • Focused on rooting out fraud through enforcement, education, and training.
  • Leveraged our Community of Records Advocates to increase awareness and advocacy for records management across the organization, while also enhancing our communications and training, governance, tools, and remediation of records-related risks.
  • Partnered with our Ethics Council to reach about 1,500 coworkers per month on ethics and compliance.

Environmental compliance

 

  • Reviewed and secured environmental and land use permits, enabling efforts to underground electric distribution lines.
  • Leveraged our EMS to improve environmental compliance and performance—scoring the impacts of more than 200 aspects of our operations. We are using this analysis to identify significant environmental impacts and risks across our operations and help prioritize areas of compliance.
  • Used predictive models to better understand the environmental needs of maintaining our infrastructure, helping us focus on the right procedures for effective environmental stewardship.

 

Risk management

 

  • Updated our framework for integrating risk-based prioritization into our annual business planning process.
  • Actively participated in the CPUC’s Risk-Based Decision-Making Framework proceeding, which explored issues such as climate change modeling and other aspects of how utilities approach risk management.
  • Helped enhance risk reduction within our wildfire mitigation work, including strengthening the enablement criteria for EPSS to reduce ignitions and improve reliability.
  • Implemented strategies to adhere to PG&E’s privacy policy and protect personal information obtained by PG&E.  

Measuring progress

 

Ethics and compliance

 

Our annual all-coworker ethics and compliance training incorporates video vignettes based on real-world issues that coworkers might face. The training emphasizes the importance of ethical decision making and safety. In addition, we require all employees to complete Code of Conduct training annually and certify that they have read, understand, and will comply with the PG&E Code of Conduct. In 2023, we also measured the effectiveness of these trainings and improved training completion timeliness.

Ethics and compliance training

1 For a variety of reasons, a statistically small number of PG&E’s workforce is unable to attend a training session in any given year.

Code of conduct training

1 For a variety of reasons, a statistically small number of PG&E’s workforce is unable to attend a training session in any given year.

PG&E received 1,093 allegations of misconduct in 2023. This was a 5% increase compared to 2022. We attribute the increase in allegations to continued communications encouraging coworkers to speak up about concerns, and additional work to detect potential issues with time and expense reports. PG&E’s Ethics and Compliance department also received 262 requests for guidance from employees in 2023, a 12% increase from the prior year.

Environmental compliance

 

PG&E tracks and reports a wide range of annual environmental compliance performance indicators.

 

  1. We categorize all written enforcement actions issued by a regulatory agency as minor, significant, or critical. In doing so, we consider the level of impact to the environment, potential or actual monetary damages including restoration costs, and the number of repeat incidences. All enforcement actions are reviewed by the environmental leadership team on a monthly basis.
  2. This measure includes an unintentional discharge of a regulated substance that required notification to the State of California or exceeded thresholds allowed in applicable permits. Unintentional releases mostly result from equipment failure due to severe weather, utility pole vehicle strikes, or vandalism and unintentional spills of small volumes of mineral oil from overhead transformers. Spilled material is cleaned up by PG&E first responders or environmental clean-up crews. PG&E saw an increase in hazardous material releases related to the 2023 winter storm response and operations related to wildfire rebuild efforts.
  3. The majority of these inspections were performed by Certified Unified Program Agencies, such as city and county environmental health departments and fire departments.
  4. Includes self-assessments, internal audits, and compliance testing and risk reviews performed by PG&E.
  5. The increase in self-assessments of our facilities and projects year over year was in support of increased linear infrastructure repair and replacement projects.

This website and the messages contained in its webpages are funded by shareholders.

©2026 Pacific Gas and Electric Company

©2026 Pacific Gas and Electric Company