ERM AT STATOIL: A BRIEF HISTORY
Headquartered in Stavanger, Norway, Statoil is one of the world's top 10 oil and gas producers. In 2012, the company had revenues of 706 billion Norwegian krone, NOK (approximately 120 billion U.S. dollars, USD). In the same year, it had over 23,000 employees worldwide and produced 2,004 million barrels of oil equivalents per day. Known for its operational excellence, Statoil is the global leader in offshore oil production below water depths of 100 meters.
The company has a 40-year history as part of the Norwegian oil bonanza. Originally Statoil was the state-controlled company in the Norwegian model of retaining both publicly and privately owned exploration companies. The privately held company Saga Petroleum was acquired by the partly state-owned conglomerate Norsk Hydro in 2000. Norsk Hydro in turn merged its oil and gas division into Statoil in 2007. Statoil is now by far the largest producer on the Norwegian continental shelf.
In 2001, Statoil's shares were listed on the Oslo and New York stock exchanges. In early 2013, its market capitalization exceeded 80 billion USD. While the Norwegian state still owns 67 percent of the company, it operates independently of the state on strictly commercial principles.
After having sold its downstream and petrochemical businesses over the past few years, Statoil is today heavily focused on upstream activities (i.e., exploration and development of oil and gas reserves). Its three business areas focusing on development are divided according to geographical regions (Norway, International, and the United States, with the latter being much smaller). In addition, it has four more business areas focusing on marketing, technology, exploration, and strategy.
ERM in Statoil got under way in 1996. Petter Kapstad, who has a background in banking, had been asked to systematize the management of risk in the finance department, which previously had been carried out in a fragmented and uncoordinated way. The result of Petter's work was that the risks managed by the finance department were measured and managed as a portfolio of risks with central oversight. The then CEO of Statoil, Harald Norvik, realized that the same principles could be applied to the whole company, and that there would be benefits to Statoil from managing its risks in an integrated way. Again, Petter was trusted with the task of leading the company in this direction.
While Statoil's executive officers were generally positive to the idea behind ERM, they still demanded to know "What is in it for us?" An important part of the answer to this question came from a project group that investigated the costs and benefits to Statoil from various financial transactions, mostly hedging and foreign exchange (FX) transactions going on in the company. Petter and his group were able to show that the number of transactions was staggeringly high, and that they were mostly based on a silo thinking that made no sense at all as seen from the corporate perspective. And, crucially, these transactions were not harmless or mere annoyances. They came at a substantial cost and seriously complicated the company's accounting as well as the management of exposures. This struck the senior executives as unacceptable. ERM had demonstrated the economic justification it needed. A clear mandate was given.
Early on in the project, Petter met and started working with Eyvind Aven, who shared the same vision of an enterprise-wide approach to risk management. Importantly, Eyvind had a background in economic analysis, which complemented Fetter's experience from trading units. This fact made them bilingual in the sense that they knew the specific terminology and ways of doing things that were prevalent both in the company's high-profile trading units, as well as in its headquarters. Their ability to speak complementary languages and not being viewed as outsiders was to prove very useful, as many tough decisions lay ahead with people who had an interest in preserving the status quo.
An important early milestone in the implementation of ERM came in 1999, when the Risk Committee, a cross-disciplinary advisory body on risk, was formed. The idea behind creating this committee was to obtain a forum to which people could put proposals and general risk issues for analysis and recommendations. From the very beginning, the committee has been chaired by the chief financial officer (CFO). Its main task is to advise the executive managers and the CFO on risk issues, and is not part of the formal decision process. It consists of a broad range of professionals with different backgrounds, such as the head of strategy, the heads of the main trading units, the chief controllers of different business units, and the head of internal control, in addition to the head of the risk department who is responsible for the agenda and calling for meetings.
In 2000, the risk department was formally set up (headed by Petter Kapstad), and started work on developing a common methodology on risk, as well as continuing the work on developing the company's consolidated risk model that had been initiated two years earlier. The risk department, furthermore, has the overall responsibility for insurance and the captive insurance company. In 2005, the first enterprise-wide risk mapping process was rolled out.