Effectively managing risk across the Group is a competitive necessity and fundamental to creating and maintaining shareholder value and protecting our business, people and reputation.
The Board, as part of its role in providing strategic oversight and stewardship of the Company, is responsible for maintaining a sound risk management and internal control system. As part of that system, the Board determines principal risks and sets respective risk tolerance/appetite levels.
The Executive Team, Group Functional Heads and Business Delivery Teams (BDTs) are responsible and accountable for monitoring and managing the risks that fall under their remit. It is then every leader’s and manager’s job to manage the day-to-day risks the Group may face. They are responsible for identifying the risks, assessing their impact and determining their consequence for the business. Appropriate actions are then taken to manage the risk to an acceptable level defined by the Board.
A summary of Tullow’s principal risks are listed below, and full commentary on their potential impacts and our mitigation and assurance processes can be found in our 2016 Annual Report & Accounts. Internally, the Group monitors and mitigates a more substantive list of risks, but those listed are the risks considered to be the most important at the time of publishing our 2016 Annual Report, because of their likelihood, the magnitude of their potential impact, frequency on the Executive’s agenda, or a combination of these reasons. Our principal risks are monitored and assessed on an ongoing basis.
|1. Strategy not fully achievable in sustained low oil prices |
2. Inability to progress major portfolio management options
3. Failure to realise expected value from Project TEN due to ITLOS or Project sub-
4. Disruption to business due to political/regulatory influence
5. Disruption to business due to community and political influence
|6. Insufficient liquidity and funding capability |
7. Failure to manage single commodity price risk
|8. Major process safety/equipment/EHS failure |
9. Inability to replenish exploration portfolio
10. Major cyber or information security incident
11. Failure to have a balanced, diverse workforce & attractive employee proposition
12. Failure to retain or develop key staff
|13. Major breach of business or ethical conduct standards |