1
I LATINAMERICAN FORUM
Governance, Risk and Compliance in the Oil and Gas Sector
Panel 4: Corporate Risks
Rio de Janeiro, 11/13/2014
2
Contents
1. External Environment
2. Petrobras at a Glance
3. Risk Management Area
4. Challenges for the Risk Management
1. External Environment
4
FDIC
ISO Foreign Corruption Practice Act (FCPA)
"Basel I Accord"
COSO
CadBury
G‐30
Kun Trag
CoCo ANZ
COBIT
"Basel I Amendm
ent"
Resolução BA
CEN 2554
Turnbull
Basel II
Sarbanes‐Oxley
COSO
II ‐ ERM
Partnering Against Corruption Initiative
Guia IBGC
ISO 31000
Deliberação CVM
604/ CVM 480
UK Bribery Act
Instrução 552 CVM
Lei 12.846 (Anticorrupção)
1933 1947 1977 1988 1992 1993 1994 1995 1996 1997 1998 1999 2001 2002 2004 2007 2009 2010 2014Quebra do Banco
Barings
Quebra LTCM
Falência da Enron
e WorldCom
Risk management appears historically as “best practices" in response to key events in thebusiness environment ...
5
… and actually evolve by the recrudescence of the regulatory environment in response to hugerisk events
2. PETROBRAS at a Glance
7
PETROBRAS Today
8
PETROBRAS’s Strategy: Choices of an Integrated Energy Company
9
2014-2018 BMP: PETROBRAS OIL AND NGL PRODUCTION CURVE IN BRAZILNew systems recently installed and under construction ensure future growth
10
2014-2018 BMP: PETROBRAS OIL AND NGL PRODUCTION CURVE IN BRAZILNew systems recently installed and under construction ensure future growth
3. Risk Management Area
12
AXIS 1: The Corporate Risk Management Area was created in November, 7th 2013 by the Executive Board…
Corporate and Downstream Compliance, Economic and FinanceUpstream
Corporate Risk Management
13
All Petrobras Business Areas have a local Risk Management Area, but integration among those initiatives is a challenge.
Strengthen an integrated view of Petrobras risks business through identification,assessment and monitoring of relevant risks, in conjunction with the several areas and hissubsidiaries
Mission
Mains Attributions
• Identify and prioritize the risks that most impact the main goals of the company, supportingthe actions of the current BMP.
• Monitor and periodically report to the Directors and Board of Directors the impact of key risksin the integrated results of the Petrobras System;
• Stimulating the proposition of the Response Plans to major risks, with actions, timelines andresponsible in an integrated manner;
• Answer specific demands of senior management involved in the management of risk;• Provide opinions over the quality of risk analyzes performed by different areas when
assessing investment projects.
4. Challenges for the Risk Management
15
AXIS 1: DirectionIn the new structure, Petrobras is releasing an revision of his Risk Management Policy
Highlights:
• Five Principles
• Ten Guidelines
• Management Structure and Responsibilities cleared defined
• 19 Mains Risks Categories (Tier 1)
• Glossary – 31 Common Risk Management Terms
• Up to 100 professionals involved
16
AXIS 2: Transparency: Why don’t we disclose our risk management policies on websites?
We only disclose mandatory risk management information(Form 20F and Form 10K)
Many Brazilian companies disclose our risk management policies on websitesISO 31000 and COSO are common references to their policies.
Which Companies disclose the risk management policies?
And how oil companies behave?
17
AXIS 3: IntegrationThe Corporate Risk Management Area acts over local risk management areas' interfaces
Corporate Risk Management
Financial Risk Management
Downstream Risk
Management
Upstream Risk Management
EHS Risk Management
Gas & Energy Risk
Management
International Risk
Management
… Risk Management
18
AXIS 4: Decision bias
Which group of Companies has the biggest average revenue, according to the top100 Companies in sales in 2013 (Exame magazine) ?
GROUP A
GE AMBEV
UNILEVEROI
BAYER
GROUP B
RAÍZENVIA VAREJO
CRBSJBS
ATACADÃO
19
“Risk is like fire: If controlled it will help you; if uncontrolled it will rise up and destroy you.”
Theodore Roosevelt