Saipem implements and maintains an adequate system of internal controls and risk management, composed of instruments, organisational structures and company regulations designed to safeguard Company assets and to ensure the effectiveness and efficiency of company processes, reliable financial reporting, and compliance with all laws and regulations, the Articles of Association and Company procedures. The structure of the internal control system of Saipem, which is an integral part of the Company’s Organisational and Management Model, assigns specific roles to the company’s management bodies, compliance committees, control bodies, company management and all personnel. It is based on the principles contained in the Code of Ethics and the Corporate Governance Code as well as applicable legislation, the CoSO Report1 and national and international best practices.
Additional information on the internal control system and risk management, including details concerning its architecture, instruments and design, as well as the roles, responsibilities and duties of its key actors, is contained in the Corporate Governance Report and Shareholding Structure document.
The main industrial risks that Saipem faces and is actively monitoring and managing are the following:
(i) the HSE risk associated with the potential occurrence of accidents, malfunctions, or failures with injury to persons and damage to the environment and impacts on operating and financial results;
(ii) the country risk;
(iii) the project risk associated with the executions phase of engineering and construction contracts undertaken by the Onshore E&C and Offshore E&C Business Units.
Financial risks are managed in accordance with guidelines defined by the Parent Company, with the objective of aligning and coordinating Group companies’ policies on financial risks.
(1) The Committee of Sponsoring Organizations of the Treadway Commission (1992), Internal Control - Integrated Framework.
HSE (Health, Safety & Environment) risk
Saipem’s business activities conducted both in and outside Italy are subject to a broad range of national legislation and regulations, including laws implementing international protocols and conventions relating to specific sectors of activity.
Saipem is fully committed to a process of continuous improvement of its safety, health, and environmental performance, to minimising the impact of its operations and to ensuring compliance with all applicable legislation.
An ongoing process of risk identification, evaluation and mitigation is at the heart of HSE management operations in all phases of activity and for all business units. This process is implemented through the adoption of effective management procedures and systems designed to suit the specific characteristics of each activity and the sites in which they take place and with a view to achieving the continuous improvement of plant and processes.
The Saipem HSE organisational model establishes varying levels of responsibility, starting from the persons closest to the risk sources, who are best positioned to assess the potential impact of risks and to ensure adequate preventive measures are put in place. In addition, HSE departments perform a governance, coordination, support and control role and issue and update guidelines, procedures and best practices designed to ensure continuous improvement.
In recent years, as a result of Law No. 121/2011, environmental offenses have joined health and safety offenses as one of the underlying offenses that could result in corporate liability under Legislative Decree No. 231/2001. In response to this development, Saipem has put in place an action plan involving a multidisciplinary team with the aim of ensuring that the Company’s HSE model is adequate to prevent environmental crime. This effort has included the updating of the Company’s HSE document system.
In addition, campaigns to raise awareness on health, safety and environmental issues are frequently launched at work sites.
In recent years, these have included the ‘Leadership in Health and Safety’, ‘Choose Life’ and ‘Working at Height’ campaigns.
Saipem has always invested heavily in HSE training and continues to work to promote and facilitate training, not just at a theoretical level, but also in terms of effective practical training experiences, particularly on the most key important HSE issues.
All HSE initiatives and management of HSE issues are subjected to periodic audits conducted by independent bodies, who verify that the quality of the Company’s HSE management is in compliance with international standards ISO 14001 (Environment) and OHSAS 18001 (Health and Safety). Both Saipem SpA as well as a number of other Group companies have achieved this certification.
HSE monitoring is also carried out either directly or indirectly on contractor companies.
Country riskSubstantial portions of Saipem’s operations are performed in countries outside the EU and North America, certain of which may be politically, socially or economically less stable. Developments in the political framework, economic crisis, internal social unrest and conflicts with other countries can compromise temporarily or permanently Saipem’s ability to operate cost efficiently in such countries and may require specific measures (where possible in compliance with Saipem corporate policy) to be taken at an organisational or management level in order to enable the continuation of activities underway in conditions that differ from those originally anticipated. If Saipem’s ability to operate is temporarily compromised, demobilisation is planned according to criteria designed to guarantee the protection of Company assets that remain on-site and to minimise the business interruption by employing solutions that accelerate and reduce the cost of business recovery once favourable conditions have returned.
Themeasures outlined above may be costly and have an impact on expected results. Further risks associated with activities in such countries are: (i) lack of well-established and reliable legal systems and uncertainties surrounding enforcement of contractual rights; (ii) unfavourable developments in laws and regulations and unilateral contract changes, leading to reductions in the value of Saipem’s assets, forced sales and expropriations; (iii) restrictions on construction, drilling, imports and exports; (iv) tax increases; (v) civil and social unrest leading to sabotage, attacks, violence and similar incidents. Such events are predictable only to a very limited extent and may occur and develop at any time, causing a materially adverse impact on Saipem’s financial position and results.
Saipem regularly monitors political, social and economic risk in countries in which it operates or intends to invest, drawing on reports on principal project risks and related trends prepared in accordance with Corporate Risk Management Policy and Risk Management procedures and Standards and Security reports prepared in accordance with the Corporate Security Policy and Guidelines on Security Activities.
Legislative Decree No. 81/2008 (the Consolidated Act on health and safety at the workplace) provides a basis for a new model of risk assessment in which security risks may be accounted for via their inclusion among the ‘particular risks’ referred to in Article 28 of the decree, which states that ‘the assessment pursuant to Article 17, paragraph 1, letter a) [...] shall take into account all risks to the health and safety of workers, including those for groups of workers who are exposed to particular risks...’.
To manage the specific security risks to which it is exposed in the countries where it operates, Saipem has adopted a security model based on the criteria of prevention, precaution, protection, information, promotion and participation, with the aim of protecting the safety of employees, contractors and the public, as well as the integrity of assets and brand reputation.
The Company’s security function has implemented a comprehensive security management system, which constitutes an organisational, legal and procedural tool for minimising and managing the consequences of security related events.
The system is designed for the management of risks deriving from unlawful acts committed by physical or juridical persons which may expose the company and its assets, people and image to potential damage.
This is made possible by synergies between the security functions and the units in charge of the Company’s maritime certification and logistics bases.
In its role as a Contractor, Saipem thus applies the highest standards of security, facilitating the conduction of its business activities in all contractual phases, from the bid phase through to project execution, by ensuring that all operations can be carried out in conditions of security for all its personnel and assets.
Specific project risksThe main objectives of the Industrial Risk Management function are to:
- promote the use of the Risk Management methodology for tenders and in the execution phase of projects managed by Business Units as well as on the Company’s principal investment projects;
- assure periodic reporting to management on principal project risks and on trends observed, aggregated by Business Unit and at global level. Implement project portfolio analyses in order to support management decisions and provide an understanding of the external macro risk factors on projects that may impact on company results so that Management can intervene by deploying the appropriate risk management tools of avoidance, mitigation, transfer and acceptance;
- assure the spread of a risk management culture within Saipem with a view to achieving structured management of risk and opportunity during business activities and contributing also to improved management of contingencies;
- provide advice, support and guidelines to the Business Units and projects in identifying and evaluating risks and opportunities and in all activities related to the implementation of mitigation and improvement measures for risk management and the optimisation of opportunities respectively;
- define, develop and update tools and methods for collecting and organising lessons learned and making them available to projects;
- ensure adequate training and the necessary support to commercial and project management teams;
- ensure that Corporate Guidelines, Procedures and Standards are constantly updated in accordance with international Standards and Codes of Practice, promoting full compliance and correct application within Saipem and its subsidiaries;
- contribute to promoting the observance of the Golden Rules and Silver Guidelines, the tool for regulating risk assumption through which Saipem assigns management the responsibility for the decision to assume significant risks.
The Standards and Procedures in force at Saipem are in line with the principal international risk management standards.
InsuranceThe Corporate Insurance function, in close cooperation with top management, defines annual Saipem Group guidelines for insurance coverage against the risk of damage to property, third party liability, as well as risks related to the performance of contracts.
An Insurance Programme is defined on the basis of the guidelines, which identifies specific excess and maximum limit coverage for each type of risk based on an analysis that takes into account claim statistics for recent years, industry statistics and conditions offered by the international insurance market.
The Saipem insurance programme is structured in such a way as to appropriately transfer risks deriving from operations to the insurance market, in particular the risks associated with the management of the fleet, equipment and other assets, including third party liability risks and risks deriving from the performance of contracts awarded by its Clients.
Given the coverage that is offered by the insurance market and the changing circumstances on the energy market in which Saipem operates, it is not possible to guarantee that all circumstances and events will be adequately covered by the insurance programme. Equally, due to the volatility of the insurance market, it cannot be guaranteed that it will be possible in the future to reasonably maintain adequate insurance coverage at the current rates, terms and conditions.
Within the Saipem Insurance Programme, a distinction can be made between insurance cover for Group assets (‘Corporate insurance policies’) and the insurance cover connected with project execution.
Corporate insurance policies
The Corporate insurance programme is structured with an initial band of risk that is self-insured through a captive reinsurance company, with amounts in excess covered by a catastrophic insurance programme taken out on the insurance market.
The catastrophic insurance programme is composed of policies that cover damage to property, and maritime and non-maritime third party liability. Cover can be broken down as follows:
Damage to property
- ‘Fleet Insurance’ policy: covers the entire fleet against events that cause partial or total damage to vessels;
- ‘Equipment’ policy: covers all onshore and offshore equipment, for example site equipment, onshore drilling rigs, subsea Remote Operating Vehicles (ROV), etc.;
- ‘Transport’ policy: covers transport, handling and storage of assets and equipment by land, sea or air;
- ‘Buildings and Sites’ policy: covers owned or rented buildings, offices, storage facilities and shipyards;
- ‘Other minor risks’ policy: covers minor risks such as theft and employee dishonesty.
- ‘Protection & Indemnity’ (‘P&I’) policy: shipowners’ liability cover through a P&I Club that is part of the International Group of P&I Clubs for events occurring during transit and for events occurring during offshore drilling and construction operations;
- ‘Comprehensive General Liability’ policy: covers all other types of general and third party liability claims arising from Saipem’s industrial activities and supplements the specific P&I coverage;
- ‘Employer’s Liability’ and ‘Personal Accident’ policies: these cover employer liability and employee accident risks respectively on the basis of the specific regulations in force in each country where the Group operates.
A key tool in the management of Saipem’s insurable risks is the captive reinsurance company Sigurd Rück AG, set up and operational since 2008, which covers the initial part of risk. Sigurd Rück AG in turn carries out risk mitigation by re-insuring its portfolio on primary securities markets.
Project execution insurance policies
For all contracts awarded, specific project insurance coverage must be taken out. Generally, the contractual responsibility for such insurance lies with the Client.
Where the responsibility lies with the contractor, Saipem takes out insurance that will cover all risks connected with the project for its entire duration.
Usually it takes out ‘Builders’ All Risks’ insurance, which covers the scope of work of the contract, i.e. damage to the works under construction, as well as to equipment, products and materials required for its construction and third party liability for all works to be performed by the Group during all phases of project execution (engineering, transportation, construction, assembly, testing) including the contractual guarantee period.
The high insurance premiums and excesses on such policies are an incentive to Saipem in its efforts to achieve the continuous improvement of its prevention and protection processes in terms of quality, health, safety and environmental impact.