BP 2012 Annual Report Download - page 120

Download and view the complete annual report

Please find page 120 of the 2012 BP annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 303

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303

Corporate governance
BP Annual Report and Form 20-F 2012
118
BPs risk management system
BP’s risk management system focuses on three levels of activity:
Day-to-day risk management – the system helps facilitate day-to-day
risk management in the group’s operations and functions, with the
approach varying according to the types of risk faced. Risks are to be
identified and managed, and actions to improve the management of risk
are to be put in place where necessary. The aim is to address each
different type of risk as well as we can – promoting safe, compliant and
reliable operations.
Business and strategic risk management – for BP’s businesses and
functions, risks arising are to be collated periodically, risk management
activities are to be assessed, and any necessary further improvements or
actions are to be planned. The system is designed to facilitate this by
incorporating a standardized form called the risk management report
(RMR), for businesses and functions to report consistently the risks they
face for management consideration, challenge, resource allocation and
intervention. This enables the integration of risk into key business
processes such as strategy, planning, performance management,
resource allocation and project appraisal.
Board, executive and functional oversight – the system facilitates
executive and board oversight and governance over the management of
significant risks. It requires executive team level involvement in the
finalization of risk management activities and improvement plans for the
group’s most significant individual risks. Using the consistent bottom-up
risk identification and assessment process, coupled with top-down
executive overview, the system requires that the most signicant risks
requiring oversight are identified. Oversight of the management of these
risks is to be provided through regular review by the board or one of its
committees.
BPs risk management system assists in:
t Understanding the risk environment for input into the strategy.
t Understanding which risk types we operate with, given the strategy.
t Identifying and assessing the specific risks and the potential exposure
they may represent.
t Decision-making on how best to deal with those risks to manage
overall potential exposure.
t Active management of identified risks.
t Reporting to management and the board about how those risks are
managed, and monitoring of potential exposure.
t Obtaining assurance over the effectiveness of the management of
those risks.
t Intervening for improvements in the management of those risks
where necessary.
t Considering the effect of the external environment and business
activities on the principal activities of BP’s risk management system.
The willingness to take and appropriately manage certain risk is
fundamental to the success of any commercial enterprise. For example, in
our upstream business we consciously place significant amounts of
capital at risk in exploring for new hydrocarbon resources. Where this
exploration is successful, we would generally expect it to lead to future
increases in our proved reserves and future cash flows. However,
exploration expenditure may not yield adequate returns, for example in the
case of unproductive wells or discoveries that prove uneconomic to
develop.
Risk management and reporting in 2012
During 2012, BP’s segments, strategic performance units and functions
prepared RMRs. The most significant risks were organized into common
categories – strategic risks, safety and operational risks and compliance
and controls risks – so they could be assessed and reported up the line in
the standardized form. This helped provide an overall data set of the key
risks identified, an assessment of their potential impact and likelihood on a
consistent basis, information on how they were being managed and any
actions planned or in progress to improve the management of risk. Based
on these RMRs, together with additional executive overview, a single
group RMR has been prepared. Those risks identied on the group RMR
requiring particular group-level oversight in the coming year are allocated
to specific board and executive committees for oversight and monitoring.
These are discussed below. Also see Risk factors on pages 38-44 for a
description of the material risks we face in our business.
Executive and board oversight of risk
The executive and board examine particular group risks both on a periodic
basis and as part of the development and review of the annual plan. The
board also conducts an annual review of the risk management and internal
control systems as required by the UK Corporate Governance Code.
During the year there is flexibility to change which risks have been
identified as requiring particular oversight and which have been allocated
to the executive or board, in the event there are any changes to the
internal or external environments or events arising.
The executive committees monitor the group risks in the following areas:
t ETM for strategic and commercial risks.
t GORC for health, safety, security and environment and operations
integrity risks.
t GFRC for finance and trading risks.
t GDC for financial reporting risk.
t GPC for people risks.
t RCM for risks related to investment decisions.
t GECC for ethics and compliance risks.
Risk management: from operations to the board
Occurs periodically at
board level
Results in oversight of
group risks
Occurs periodically at executive
and function levels
Results in governance over
group risks
Occurs periodically at business
and function leadership levels
Results in integration of risk
into key business processes
Occurs at operations
and functions
Promotes safe, compliant
and reliable operations
Occurs periodically at
board level
Results in oversight of
group risks
Occurs periodically at executive
and function levels
Results in governance over
group risks
Occurs periodically at
board level
Results in oversight of
group risks
Occurs periodically at
board level
Results in oversight of
group risks
O
c
r
s
p
er
i
o
di
c
al
l
y
at
e
xe
cu
tiv
e
a
n
d
fu
n
ct
i
on
le
ve
l
s
Re
s
u
lt
s
i
n
g
ov
e
rn
an
ce
o
ve
r
g
r
o
u
p
r
is
k
s
O
c
r
s
p
er
i
o
di
c
al
l
y
a
t
b
o
a
rd
l
e
v
e
l
Re
su
l
t
s
i
n
o
ve
r
si
g
ht
o
t
f
g
r
ou
p
r
isk
s
Board oversight
Executive and
functional oversight
Business risk and
strategic risk management
Day-to-day risk
management