Risk Management
Prosafe aims to find the right balance between risk and return. Prosafe will take on certain risks within its core competencies in order to create return, while the company will try to eliminate or minimize certain other risks.
Prosafe works with customers, suppliers and employees, making continuous improvements to its routines and procedures, to ensure that the services provided represent the best available in the industry.
In order to implement the company’s corporate strategy and achieve the long-term strategic targets, Prosafe has developed a risk management approach that can be separated into the following risk categories:
1) Strategic risk
2) Commercial risk
3) Operational risk
4) Compliance and legal risk
5) Financial risk
6) IT / Cyber security risk
Each risk category is evaluated in two phases:
- The risk identification phase
- The risk management phase
1. Strategic risk
Strategic risk identification
Prosafe aims to create shareholder value by allocating capital and resources to the commercial opportunities that yield the best return in relation to the risks involved within each of its specific strategic areas.
Prosafe’s position in the value chain
Prosafe is a leading owner and operator within the high end segment of the accommodation market, where it faces competition from semi-submersibles, jack-ups, monohulls and barges. Historically, the bulk of the company’s activities have been focused towards the production and maintenance phase of the life cycle of oil and gas fields, although currently and in the latter years the bulk of the activities have been driven by hook-up of new fields. Notwithstanding this, it is ultimately the balance between supply and demand that will be the most important factor affecting Prosafe’s financial position.
Supply risk / Technical risk
The global market for semi-submersible accommodation vessels is a niche market, and a significant increase in the number of available accommodation vessels will affect utilisation rates and/or day rates negatively, potentially adversely impacting Prosafe’s financial position.
In recent years the supply side has grown significantly. In this perspective Prosafe has both played a role to renew its fleet, embark on consolidation and also scrapping of several older vessels. Competition is anticipated to remain high on a global scale as a consequence of supply growth which is only partly compensated to date by consolidation and scrapping.
Demand risk / Market risk
Demand for offshore accommodation services has risen in line over time with an increased pace in the development of new oil discoveries and extension of the production life of existing fields. Demand for Prosafe’s services has become global, and comes from areas such as the US and Mexican Gulf, Africa, Brazil, Asia, Russia and Australia, in addition to the traditional North Sea market. The key markets however remain the North Sea, Brazil and expectedly Mexico.
Generally, the demand for Prosafe’s services could be affected negatively by oil companies’ earnings. Changes in the oil price affect oil companies’ cash flows and thus their willingness to invest in exploration and production. If the oil price drops significantly, oil companies typically reduce spending, which in turn may lead to lower demand for accommodation vessels.
Furthermore, in the long-term the demand will depend on the oil companies’ replacement ratio. If oil companies fail to replace reserves, ultimately leading to lower production volumes, demand for accommodation vessels could be reduced.
Although Prosafe’s customer base is fairly well diversified, certain customers may, to a varying degree over time, make up substantial parts of the contract backlog. In line with industry practice, a contract normally contains early cancellation provisions for the customer in specific circumstances. Subject to termination not being due to a breach or negligence on Prosafe’s part, the effect on financial results in such cases will normally be wholly or partly offset by a financial settlement in Prosafe’s favour.
Macro risk
Demand and supply in the market in which Prosafe operates is subject to cyclical movements in both the global economy and in regional economies. These movements could be driven by a number of factors such as political processes, changing trading patterns, changes in productivity, technological shifts, monetary imbalances, etc.
Strategic Risk Management
Prosafe’s strategic focus is to ensure a best possible composition of its fleet and location of the same across the global market in order to achieve geographical diversification and closeness to markets and clients for the purpose of efficient fleet utilisation. A combination of short- and long-term contracts is a general goal. Fleet renewal and scrapping of older vessels are key elements in the strategy. In addition, Prosafe has a history of playing an active role in industry consolidation.
2. Commercial risk
Commercial risk evaluation
Company shall review the invitations to tender, and prepare the bid in a systematic and representative way. Terms and conditions should be reviewed by legal and insurance advisors to the extent necessary. Corporate functions such as a Bid Committee will give advice as required.
Specific requirements related to bank guarantees, bonds, parent company guarantees, etc are included in a separate procedure.
Company should perform an initial risk evaluation of the subject contract as part of the internal bid review. The risk evaluation should be of an appropriate extent, and could include the following items of possible uncertainty:
• Contract scope, extent of new technology/services
• Terms and conditions of contract
• Technical matters related to project and operation
• Organisational matters, including resources, flexibility, partnering, communication
• Political matters, e.g. legislation, tax, strikes, conflicts, cultural matters
• Financing, cash-flow, foreign exchange
• Security and cyber threats
• Subcontractors’ and vendors’ competence and capability
• Climatic conditions during project execution
Depending on initial review, a detailed evaluation may be performed and documented on an approved risk matrix, allowing for a systematic follow-up during contract execution.
This risk matrix allows for evaluation of defined risk categories and the associated probability of a particular occurrence and the related evaluation of impact and manageability within the company.
It is advised that each project is broken down in phases/activities to determine the uncertainty factors of each phase/activity. Dedicated legal advisors and insurance companies should be consulted. Further, the following guidelines should be noted on a general basis:
a) Cap total liabilities under the contract, preferably no greater than 25% of contract value
b) Avoid clauses indicating responsibility for consequential losses
c) Guarantees not to exceed contract obligations
d) Governing law should be accepted by the company and legal advisors
e) Indemnification clauses should be on a mutual basis where possible
f) Insurances should be based on existing Prosafe coverage, or priced according to additional cost of coverage in bid
g) Mutual hold harmless clauses adopted where possible
h) Generally avoid open ended clauses, cap the responsibilities
Commercial risk management
Bid reviews
Company shall perform internal bid reviews according to own procedures to ensure that client requirements are addressed and that the bid meets technical, operational, commercial and quality criteria. Further, all bids meeting one of the following criteria shall be presented to Company Bid Committee for review and comment prior to handing in the bid documents:
• Involves high contract values, i.e. over and above USD 10 million.
• Involves matters of particular uncertainty or risk .
Company Commercial function will co-ordinate the review with the Bid Committee, normally consisting of the CEO, CFO, COO, CCO and Chairman.
A summary sheet should be prepared and discussed in meetings/telecons with the Bid committee as found appropriate. Brief information related to the following should be provided as a minimum in addition to signed off internal bid and contract review checklists from Company:
a) Client
b) Scope of work
c) Contract schedule
d) Overall evaluation of terms and conditions
e) Compensation formats
f) Pricing, turnover, cost, contribution and contingencies
g) Cash flow
h) Bonds and guarantees
i) Project organisation and main sub-contractors
j) Use of Third Parties, e.g. agents and/or consultants
k) Overall risk evaluation where applicable (ref. top 10 from risk matrix)
The timing of the above reviews should allow for adjustments of the bid before bid deadline.
Contract reviews and risk evaluations
Company performs contract reviews before contract signing to ensure that the bid and actual clarifications are included in the contract document. In case of significant changes being implemented in the final contract document, or during the execution of the contract, then Company shall be informed as part of normal monthly reporting if not of particular urgency.
All uncertainty evaluations should be reflected in the monthly forecasted project turnover, cost and profitability.
3. Operational risk
Operational risk identification
Service risk
For most of Prosafe’s contracts, the day rate for its vessels is subject to gangway connection/uptime. Consequently, any operating failure leading to down time on the gangway connection could affect Prosafe’s financial position. Such downtime could be caused by human errors, breakdown of equipment, weather conditions or an otherwise difficult operating environment.
Project risk
Prosafe will from time to time undertake larger projects related to new builds or upgrades of existing vessels. Such projects carry risks of cost overruns and delayed completion that could have an adverse effect on Prosafe’s financial position.
Hazard risk
Given the nature of the business any operating failure or loss of asset integrity may cause serious accidents that could lead to critical damages and, ultimately, a total loss of the asset.
This could have an adverse effect on Prosafe’s financial position.
Operational risk management
Insurable operational risk
Prosafe’s operations involve risk of injury to personnel, loss or damage to vessels, property, equipment and accidental discharges/emissions to the natural environment.
Prosafe aims to cover operational risk as fully as possible through insurance policies taken out with top tier international insurance companies, to the extent that such cover is available and reasonably priced.
Prosafe’s insurance policies cover loss or damage to hull and machinery and loss of hire in respect of certain charter agreements.
Prosafe’s assets are insured based on the requirements set out in the credit facilities agreements and taking into consideration applicable industry standards and regulations.
Marine liability insurance is taken out through a Protection & Indemnity club which insures mobile offshore units and follows applicable industry standards. This provides cover for third party liability, personal injury to crew, oil spill, wreck removal and other pollution and environmental risks.
Prosafe also effects war risk insurance to cover physical damage and liability arising from war and terrorist actions.
Prosafe employees’ insurances are taken out in accordance with industry standards. Liability insurances include general third party liability for onshore activities, directors and officers insurance, special contingency insurances and professional liability insurance, if required.
Non-insurable operational risk
Service risk
Prosafe works with customers, suppliers and employees, making continuous improvements to its routines and procedures, to ensure that the services provided represent the best available in the industry.
Project risk
Prosafe carries out a particular assessment of four risk factors when planning value enhancing investments such as upgrades and/or refurbishment programmes:
• Technical risk
• Project profitability
• Construction risk
• Credit assessment
Technical risk analysis involves an assessment of three critical factors. Firstly, a thorough market analysis is conducted to provide guidance in terms of future demand for certain technical specifications. Secondly, the yard’s ability to deliver in line with these specifications is evaluated. Thirdly, the project’s fit with the overall business plan and strategic direction of the company is established.
Review of any construction risk includes taking into account the possibility of cost overruns and delays. Continuous improvement of systems and work processes is vital in order to adequately manage this type of risk. In addition the company focuses on securing continuity in the organisation and key positions and maintaining relations with sub-contractors and equipment suppliers.
Credit assessment of yards, sub-contractors and equipment suppliers is undertaken when carrying out Prosafe’s project evaluations and risk analysis. The company attempts, as far as commercially possible, to reduce credit risk via parent company or bank guarantees.
4. Compliance and legal risk
Compliance and legal risk identification
Legal risk
From time to time, Prosafe may become involved in contractual and other disputes and legal proceedings where the outcome is uncertain. Such proceedings may be expensive and time consuming, and depending on the outcome, may have a negative impact on Prosafe’s financial position.
Regulatory risk
Prosafe is involved in an industry that is highly regulated by different international and national Government bodies. Non-compliance with relevant regulations could lead to prosecutions, fines and/or suspended operations, which in turn could cause financial losses. Furthermore, changes in regulations could affect the operation of Prosafe’s vessels and could adversely impact its commercial and strategic position, in some cases necessitating substantial investments.
Compliance and legal risk management
Prosafe utilises internal and external legal counsel to deal with legal or litigious matters on a case by case basis.
The company monitors rules and regulations in force and any changes which may arise in order to prepare for any new rules and regulations and ensure compliance in the course of carrying out its business.
5. Financial risk
Financial risk and legal risk identification
Interest rate risk
Prosafe’s exposure to interest rate risk relates mainly to the floating rate debt and balances of surplus cash placed with banks.
Prosafe shall continuously monitor the total corporate interest rate exposures arising from holding of funds and debt, and reduce such risks in a cost efficient manner.
The interest rate hedge portfolio shall be adjusted based on the current net debt portfolio with regards to amounts and profile.
In general, interest rate risk shall be managed through the use of forward rate agreements (FRA), interest rate swaps and/or interest rate cap/floor structures.
The company shall review the hedging annually.
Currency risk
Prosafe is exposed to several currencies. The bulk of revenues are in USD and the vessels are valued and financed in USD. Accounts are therefore compiled in USD.
Operating expenses are mainly denominated in USD, GBP, NOK, SGD and BRL, but depending on the country of operation and nationality of the crew, operating expenses can also be in other currencies, such as EUR and SEK.
Capital expenditure relating to general maintenance will typically be denominated in GBP and NOK. Value enhancing investments, such as upgrades and/or refurbishment programmes, depending on the origin of equipment and the location of the yard, will usually be in USD and EUR.
Fluctuations in these currencies as against the USD could have an adverse impact on Prosafe’s financial position.
Liquidity risk
As Prosafe is partly financed by interest-bearing debt it is subject to liquidity risk. All its loans have a defined maturity date and there will always be a risk that debt cannot be refinanced. This could be as a result of specific factors, such as excessive leverage, falling asset values or low earnings/cash flow, or it could arise from macro economic factors and the general development in the global credit markets. Failure to refinance debt may have an adverse impact on Prosafe’s financial position.
Counter-party risk
Prosafe’s clients are mostly national oil companies, super majors, majors and larger independent oil companies. If a client should default on any obligation, it could have an adverse effect on Prosafe’s financial position.
Prosafe’s financial counterparties are recognised banks and financial institutions of good standing. However, if a financial counterparty should default on any obligation it could have an adverse effect on Prosafe’s financial position.
Financial risk and legal risk management
Interest rate risk
Interest on debt is in principle floating, but subsequently hedged to reduce the variability of cash flows in the interest payments through the use of interest rate swap agreements. Prosafe evaluates the hedging profile in relation to the repayment schedule of its loans, the company’s portfolio of contracts, cash flow and cash in hand. The proportion hedged will normally be between 75 and 100 per cent of net debt.
Currency risk
The Company reports in USD and generates income in USD, whereas a large part of its operating costs are in other currencies such as NOK and GBP. This exposure as identified based on rolling forecasts is hedged according to the Company’s approved Finance Policy.
Liquidity risk
Prosafe makes active use of a system for planning and forecasting the development of its cash flow and liquidity position and development.
Counter-party risk
Prosafe continuously monitors both the credit quality of existing and potential clients, and the credit quality of existing and potential financial counterparties.
6. IT / Cyber security risk
IT risk identification
Prosafe aims to carry out systematic risk assessments taking into account different types of risk such as technology, security, business continuity, regulatory, licensing, personal data protection etc., as necessary, to ensure that the IT function responds to threats effectively.
Prosafe will record security incidents in a centralised service desk function to identify, detect, investigate and resolve any suspected or actual security breaches. All security incidents shall be notified to the CIO.
The Company will be assessing the risk and determine vulnerability and perform appropriate ad hoc risk assessments e.g. systematic risk assessment framework taking into account different types of IT risk such as in respect of specific jurisdictions, projects, vessels and operations generally as necessary and an annual risk.
IT risk management
Prosafe shall manage IT security by:
• Implementing procedures and routines to ensure security for IT equipment, applications and data in our centralised shared infrastructure
• Developing a robust disaster recovery plan to ensure business continuity. This shall include identification of critical systems, areas of greatest vulnerability and prioritisation of key functions in the business
• Processing daily backups of all business applications and data stored in our centralised shared infrastructure
• Implementing technical protective measures (firewalls etc.) to secure and protect the Prosafe System from unauthorised access or potential damage through external data breaches
• Implementing virus and malware control to protect the Prosafe System from viruses and other malicious software
• Applying system and data access control to both business applications, information and data maintained in the Prosafe System to ensure an appropriate level of protection, confidentiality, integrity and availability of information
• Ensuring all business applications, information and data are protected by assigning appropriate user rights to individual users to ensure that only authorised users can access information in the Prosafe System
• Implementing password routines including two factor authentication for external access to the Prosafe System. All Users are responsible for safeguarding user information and passwords.
• Applying a general rule, no business relevant data should be stored on a local PC as Prosafe does not have backup routine for data stored on local devices
• Ensuring secure destruction of all discarded or defective data storage media, this applies to both fixed and removable storage media
• Ensuring use of authorised licensed software only. It is not permitted to store, install or run private, unauthorised software on any of Prosafe devices. All software shall be registered and approved by the CIO before being installed or used. Users are not permitted to make or use unauthorised copies of commercial software.
Prosafe shall mitigate IT related risk by:
• Providing an understanding of the IT security risk at management level to ensure safe and efficient operations and awareness to all levels in the organisation
• Understanding the threat (motivations, types of threats, consequences, cyber security, etc. to maintain confidentiality, integrity and availability)
• Reducing the risk (physical/procedural controls and mitigating actions)
• Developing contingency plans (backup and disaster recovery to ensure business continuity)