o recognize the importance of risk management in the energy sector, one needs to look no further than the Gulf of Mexico. Safeguards at BP were not as high of a priority as they should have been, and the result is that one of the world's largest, most profitable companies is hemorrhaging money to the point that asset sell-offs have begun and takeover talks have been broached.
A recent study by Deloitte confirms this fact. The implementation of enterprise risk management has become common throughout the energy and resources industry, but actually monitoring and reporting on risks in any sort of systematic, worthwhile way is still a large challenge for most companies, says the "Risk Intelligence in the Energy & Resources Industry" survey. In fact, only 48% of companies reported that they have a "fully operational" ERM program-more than three-fourths of which have existed for more than one year. More troubling is the fact that it takes industry companies between three and seven years to "bring ERM to an operational level," according to the study, meaning that the 52% of companies without proper programs have a long way to go to catch up.
The many risks facing energy companies also further dampen the current state of risk management in the sector. Resource scarcity, political instability, infrastructure obsolescence, potentially adverse weather events, greenhouse gas emissions and the uncertain regulatory environment all present unique risks. New technology related to renewable energy production-as well as a potential prolonged economic downturn in the West-also present challenges.
The survey does note that the rising priority of risk management is certainly related to companies wanting to improve their operational performance, but another important point also states that much of this cultural change is also driven by external factors-namely regulators. "Regulatory compliance has been the main driver for a certain number of years due to increasingly complex multi-jurisdictional compliance requirements," states the report. "European Corporate Governance regulations have incorporated risk management for a decade, some for even longer (the UK since 1992, the Netherlands since 1997, Germany since 2000). The European CG regulations also define a broader scope for ERM that includes the management of risks for strategic, operational, financial and compliance objectives."
Ultimately, improving risk management is beneficial no matter the inspiration. But it is much more inspiring — and believable — if the motivation comes from the company itself.
Crude ERM Implementation
|