Avangrid’s (NYSE:AGR) proposed $8.3 billion acquisition of PNM Resources (NYSE:PNM) appeared in peril last week after a former cybersecurity contractor alleged that the company conspired with suppliers to buy “tens of millions” in overpriced and unnecessary security equipment and services to boost profits. The company may also face increased scrutiny from regulators in New York and New England as a result of the allegations.

In a Nov. 29 lawsuit filed in the U.S. District Court for the Southern District of New York, Security Limits Inc. (SLI), of Jessup, Pa., and CEO Paulo Silva accused Avangrid and its Spain-based parent Iberdrola (OTCMKTS:IBDRY), of a “brazen racketeering scheme, replete with bid-rigging, accounting manipulation [and] warehouses built solely to house mountains of unused equipment procured under bogus pretenses.” SLI is seeking more than $110 million in damages from the utility and others that it says stole SLI’s proprietary business secrets (Case No. 21-CV-1012).

Avangrid, which denied the allegations, responded with its own suit Saturday accusing Silva of extortion, saying he made the allegations after the utility refused to rehire his company. Avangrid’s suit, filed in Santa Fe County, N.M., cites emails he sent last August threatening to make his allegations to the New Mexico Public Regulation Commission (PRC) after the company declined to award SLI a contract.

Silva spoke at PRC meetings Aug. 9 and again Dec. 1, urging the regulators to reject Avangrid’s bid for PNM, parent of Public Service Company of New Mexico and Texas-New Mexico Power (20-00222-UT).

In its countersuit, Avangrid said Silva’s allegations “made obtaining approval from the PRC more difficult and more expensive.”

Three of the five members of the commission said at Wednesday’s meeting that they were leaning toward accepting a hearing examiner’s recommendation that they reject the purchase. PRC Chairman Stephen Fischmann cited Avangrid’s “absolutely horrible record of running U.S. utilities.” Commissioners Cynthia Hall and Theresa Becenti-Aguilar also expressed opposition. The PRC has scheduled action on procedural orders in the merger docket on its meeting agenda for Dec. 8.

State Regulators React

In his appearance before the PRC on Wednesday, Silva said that Avangrid’s “conduct artificially raised rates paid by consumers in New York and illegally enriched Avangrid’s favorite … bidders.” Avangrid is the parent of New York State Electric and Gas, which serves 883,000 electricity customers, and Rochester Gas & Electric, which serves 371,000 electricity customers.

The New York Public Service Commission did not respond to a request for comment Monday.

Avangrid also owns Central Maine Power, which has been under fire for poor service.

On Friday, Gov. Janet Mills urged the Maine Public Utilities Commission to “examine Avangrid’s history of equipment purchases in Maine and to ensure that no Maine CMP ratepayer has been or will be harmed.”

“Maine provides to its electric utilities a monopoly and, in return, they owe to Maine people reliable service at just and reasonable rates — nothing less,” Mills said. “Any act of wrongdoing or any misconduct that harms Maine people deserves swift action, accountability and consequences.”

“The allegations made against Avangrid are serious, and we will be reviewing the filings in federal court and following the proceedings closely,” PUC Chairman Phil Bartlett said in a statement Monday to RTO Insider. “As we learn more, we will determine what additional review by the commission may be warranted.”

Avangrid also is the parent of United Illuminating, which provides electricity to 328,000 residential, commercial and industrial customers in the New Haven and Bridgeport areas of Connecticut. The Connecticut Public Utilities Regulatory Authority said Monday it “will monitor the lawsuit and the allegations.”

“During rate proceedings, the authority thoroughly examines the costs proposed by the utilities for recovery to determine prudency,” PURA spokesperson Taren O’Connor said in an email to RTO Insider. “If the authority finds that any utility engaged in the alleged conduct, the associated costs would be disallowed and the authority would consider whether further actions are warranted based on the specific set of circumstances, including, but not limited to, civil penalties, fines and other actions.”

Silva’s attorney, John Griem of Carter Ledyard & Milburn, said, “We don’t have any direct knowledge about” whether Avangrid’s alleged bid rigging affected ratepayers in Connecticut and Maine in addition to New York. “I think a reasonable reader of our complaint could infer that this was a company-wide issue, and that investigation would be warranted,” he said in an interview.

‘Disgruntled Former Subcontractor’

Avangrid’s suit describes Silva as “a disgruntled former subcontractor,” saying he was soured by a $178,000 payment dispute with another Avangrid contractor, Unlimited Technology Inc. (UTI).

It said that Silva threatened to make public his allegations unless the company awarded SLI additional contracts. “When Avangrid refused their extortion attempt, defendants made false, defamatory and malicious public statements designed to harm Avangrid.”

Avangrid said Silva and SLI “continued to solicit work from Avangrid for more than a year after allegedly learning of fraud, corruption and national security issues. Although defendants claimed Avangrid and Iberdrola are a ‘cabal’ with the ‘twisted moral compass’ of Enron, they nonetheless actively sought work from Avangrid as late as five days before these statements to the PRC” in August, Avangrid’s suit says.

Griem called Avangrid’s countersuit “a PR stunt that threatens the rights of all consumers to raise concerns about corporate wrongdoing.”

‘A Mountain of Radically Overpriced Hardware’

Silva’s complaint said that after getting hired by Avangrid in 2018 to improve its cybersecurity program, SLI — “a technology, engineering, architecture and consulting solutions firm” — was blocked from bidding on later projects because the utility steered contracts to companies “willing to participate in a pay-to-play scheme.”

Silva’s suit says Avangrid and Iberdrola (which it called the “utilities defendants”) conspired with the vendors “to procure a mountain of radically overpriced hardware — including scores of routers and multiplexing units that, curiously, they took pains to unpack and install in racks — as if to vaguely suggest that they were configured and operational. Yet those units were never put into service, are quickly growing obsolete and are depreciating by the day.”

The suit named as “vendor defendants” UTI, Black & Veatch (B&V), Madrid-based Prosegur Gestión de Activos and two of its subsidiaries, Cipher Security and Prosegur Security Monitoring Inc.

“SLI made procurements on a straightforward, open-book contract basis, with a fixed margin of 15%, providing no ready channel for the [capital expenditure] inflation the utilities defendants sought,” the suit said. “The utilities defendants thus turned to the vendor defendants, contractors that were wholly aware that the utilities defendants wanted to inflate CAPEX and were happy to assist them in the bid-rigging scheme.”

The suit said Avangrid, Iberdrola and Prosegur allowed the sharing of SLI’s trade secrets and bidding information with competitors. “On numerous occasions, the utilities defendants reissued earlier [requests for proposals] — for which SLI had already submitted best and final offers — to facilitate favored vendors, which would submit new bids styled to incorporate misappropriated SLI business secrets,” it said.

Avangrid and Iberdrola “eschewed competitive bidding, engaged in customer and market allocation, and steered contracts to vendors willing to provide equipment and services that were neither competitively priced nor situationally appropriate (and in some cases unnecessary altogether).”

Silva’s suit describes Prosegur as “a physical security company that would normally engage in the installation of video cameras and provide physical security and monitoring services … [that] has neither particular expertise in hardware and software sourcing nor in design and engineering services. Yet Prosegur entities were repeatedly chosen to bid on contracts requiring large-scale hardware acquisitions they were self-evidently unqualified to undertake and were awarded numerous sole-source contracts for related procurements and personnel.”

Prosegur declined to comment. But Cipher Security COO and CFO Andre Viera Rolim, who was named a defendant in the suit, said in an email: “The company wants to highlight that it is always at the disposal of the authorities and courts of justice to collaborate in everything that is requested. Prosegur always acts with full respect for the rules and current legislation.”

Avangrid allegedly paid excessive prices to Thermo Bond Buildings, which makes communication shelters, substation buildings and modular data centers. | Thermo Bond Buildings

The suit alleges that UTI increased its warehouse three times over the past several years to store “tens of millions of dollars” in unneeded hardware equipment purchased to achieve Avangrid’s quarterly capital expenditure targets.

Among the equipment procured were “tens of millions of dollars of overpriced and/or unnecessary hardware,” including from Thermo Bond Buildings, which makes communication shelters, substation buildings and modular data centers. Other equipment included Nokia, CISCO and Pivot3 equipment “in wildly excessive quantity.” Avangrid also purchased excessive amounts of data storage and unnecessary software systems, SLI said.

UTI did not respond to a request for comment.

Leaked Bid Information

A lawsuit alleges that while working for Avangrid, David Lathrop (left) allegedly leaked confidential bidding information to Unlimited Technology Inc. through UTI executive Charlie Von Stetten. UTI later hired Lathrop as vice president of utilities. | David Lathrop & Charlie Von Stetten via LinkedIn

The suit said Silva learned in 2018 that David Lathrop, Avangrid’s manager of security technical services, conveyed confidential bid information to UTI through Charlie Von Stetten, UTI’s operations director. “Lathrop would habitually leave vendors’ bids open on his desk. On various occasions during that period, Silva witnessed Von Stetten whispering to Lathrop, after which Lathrop would leave his office. During Lathrop’s absence, Von Stetten would take notes on the bids, sometimes even photographing them with his cell phone.”

Silva said that when he raised the issue, “Lathrop smiled and replied, ‘I know nothing; I was in the bathroom.’”

Silva said that as Lathrop was contemplating retirement from Avangrid, he sought a “post-retirement sinecure with an Avangrid vendor.” After Silva said he rebuffed Lathrop, UTI hired him as a vice president of utilities in April 2020.

Before leaving Avangrid, Silva alleged Lathrop “steered” multiple procurements to UTI, including a $15 million contract in 2019 by providing UTI with a copy of SLI’s confidential information.

Silva’s suit refers to UTI as a company that “primarily installs and maintains video cameras to monitor large facilities” that had no experience “in designing or building private cloud data centers or in cloud systems integration.”

But SDM Magazine in October ranked UTI as the No. 7 system integrator in North America for 2021.

On Dec. 2, private equity firm Lee Equity Partners announced it had acquired UTI. Lee did not respond to requests for comment Monday.

Black & Veatch

Silva’s suit also cited a $34 million sole-source contract to B&V, a global engineering, procurement, consulting and construction company, in connection with a “data center convergence project.”

Silva said that two Avangrid executives demanded that Silva share the contents of SLI’s bid on a contract with B&V and that “SLI not seek the outright award of the contract, but instead relegate itself to serving as a subcontractor to B&V.”

“SLI would later learn that B&V — well aware that it was using trade secrets extorted from SLI — used the specifications contained in SLI’s bid in order to improve the B&V bid, and that B&V was ultimately awarded this lucrative, sole-source contract, despite its demonstrably inferior qualifications.”

It also alleged personnel were hired directly through B&V to support a $1.5 billion automated metering infrastructure initiative “at premium hourly rates well in excess of the rates offered by SLI.”

B&V spokesman Jim Suhr denied SLI’s allegations.

“We are aware of this matter, but because this is actively pending litigation, we cannot comment beyond that we believe this suit is meritless and we intend to vigorously defend ourselves against it,” he said.

National Security Threat?

In his first appearance before New Mexico regulators on Aug. 9, Silva alleged that Avangrid introduced “risks to national security” and suggested that Avangrid had hacked the computers of participants in the merger case.

Avangrid said the national security allegation appears to be a reference to one or two incidents, including the expiration of anti-malware software it used. The company said the malware lapsed in early 2020, “which was detected and resolved later that same year. This temporary expiration of anti-malware software was determined to not have any national security impact,” it said.

The second incident concerned a private cloud server containing 150 GB of data that is the subject of a payment dispute between SLI and UTI. Avangrid said SLI is currently maintaining the server, and neither UTI nor Avangrid is willing to take custody of it. “But there is no sensitive data or data affecting national security on that server.”

NERC declined to comment on Silva’s allegation. The Northeast Power Coordinating Council did not respond to a request for comment.

Silva’s attorney Griem said his client made several efforts to tell Avangrid about the problems in maintaining the cybersecurity system he helped to design but was met with “indifference or silence.”

“When you charge ratepayers a tremendous amount of money in order to build a system, and then you don’t properly install it or keep the software updated, given the news around what happened with the [hack of] Continental Pipeline, I certainly think it’s fair to call poorly maintained and hackable infrastructure systems a national security issue.”

Avangrid said Silva also implied that the company is hacking computers, having said, “Anyone attending these proceedings that has spoken against this merger, I strongly urge you as a cybersecurity professional to rebuild all of your computers, change all your passwords, as I have reason to believe that Avangrid is obtaining lots of information through incorrect channels about these proceedings.”

“This statement is also defamatory and false,” Avangrid’s suit said. “It falsely accuses Avangrid of committing a crime in connection with the PRC proceedings.”