Trinidad and Tobago-based Phoenix Park Gas Processors Limited (PPGPL) president Eugene Tiah's engineering and MBA backgrounds achieve a state of equilibrium when he discusses the ongoing objective of his company's enterprise risk management (ERM) program.
"Any system that is set in motion requires some energy to keep going," he explains. "For this reason, we are committed to sustaining our effort and continually improving our ERM capabilities over time."
At Phoenix Park -- a joint venture owned by the National Gas Company of Trinidad and Tobago, ConocoPhillips and Texas and Pan West Engineers & Constructors, Inc. (which is owned by GE Energy Financial Services) -- ERM sustainability triumphs over ERM entropy thanks to:
- Unparalleled leadership support;
- Complementary integration with an excellence-minded organizational culture;
- Well-defined processes; and
- Homegrown supporting technology
By combining these elements, the approximately $700 million midstream gas industry business recently jump-started a previous ERM initiative that had temporarily stalled. Today, risk figures into every decision-making process at every level of the company, among several other benefits.
"We have a clear, common language of risk across the organization, literally from shop floor to corporate board room," Tiah notes. "We all are speaking the same language."
Strong Cultural Foundation
This was not always the case.
Phoenix Park initially launched a formal ERM initiative in 2004, but the effort did not achieve its purpose, according to Tiah. Understanding Tiah's criticism of the 2004 effort requires some context because PPGPL's standards related to risk management qualify as exceedingly high for several reasons.
The company, which has operated since 1991, boasts a world-class safety record along with a commitment to excellence in other areas. In addition to operating for 17 years without a lost-time incident and more than 15 years without an employee-recordable incident, PPGPL has earned first place in the Gas Processors Association (GPA) "Accident Prevention Award Division II -- International Classification" for the past 10 consecutive years. It also has been honored with ConocoPhillips's "Spirit of Performance Award" for its safety record.
Phoenix Park also was honored with an International "Stevie" Award for Best Corporate Social Responsibility Program in South America, thanks to its support of low-income families in Trinidad and Tobago. On the financial front, PPGPL is the first company in its country to receive an A rating from Standard & Poor's and Moody's. PPGPL also meets or exceeds all of the financial reporting requirements that come from two of its publicly listed Fortune 100 parent companies.
"The company has a very strong focus on leadership and a very strong focus on excellence, particularly regarding safety," reports Aon Global Leader of ERM Laura Taylor, whose team later provided consulting support to the company. "Phoenix Park really built on these cultural strengths. One of the challenges companies face when they explore enterprise risk management is neglecting to build on what already exists. Phoenix Park did an amazing job of building on their best-in-class strengths."
At first, however, Tiah did not feel that his company's fledgling ERM effort quite measured up to these high standards, despite some promising progress.
"Some aspects of our business actually had a very robust rooting in risk and risk management," he explains. For example, the company's safety management systems, at their core, were risk-based. PPGPL also had developed an awareness of the need for a consistent enterprise-wide approach to addressing risk. "Yet, while we devoted a lot of attention to compliance, we hadn't quite linked compliance, risk management, and governance," Tiah continues. "We wanted to have an approach that actually bridged gaps that needed to be addressed -- including the development of a common language with regard to risk across the organization."
Tiah recalls, for example, that the language that the project management group used to identify and manage risk in its work differed, for example, from the language and approach that other operational areas used to identify and manage risk.
The risk register the company developed in 2004 began to bridge this gap. "But we did not quite succeed in getting the consistent methodology that we were seeking," Tiah acknowledges.
Outside Help
So, Phoenix Park sought external help. Dominic Rampersad, Phoenix Park vice president of finance and information technology (IT), played an active role in the selection of a consulting firm. The selection process adhered to the company's existing services procurement methodology, which sounds rigorous based on Rampersad's detailed evaluations of numerous potential consulting partners.
"Many of the consultants to whom we spoke had their own tools and techniques," he recalls. "Those firms wanted to come here and strap these systems onto the organization and then teach the organization how to use them. We already had a fair amount of tools that we had invested in. We wanted to select a consulting firm that was willing to look at what the organization already had in place and then integrate that with the ERM tools and processes that they brought with them."
Tiah agrees. "We worked with Aon to design an approach that utilized all of the beneficial aspects of existing ERM standards as well Aon's own methodology and insights," he explains. "This approach was tailored it to suit our specific needs while aligning with our processes and our culture."
Aon fit the bill, PPGPL's selection team decided. Taylor emphasizes the importance of tailoring her firm's ERM methodology to the client's culture, processes, and information systems. Although nearly every outside vendor will (and should) note the importance of respecting a client company's culture, Taylor asserts that the respect begins with an understanding of the culture.
"This means finding out what's in place, what's been done to date, who the players are, what will be effective, and what will not be," she notes. "An approach that works well in one company may fall flat in another company. What you don't want to do as an organization is to say to your people, 'OK, here's ERM, and it is something completely different than what we've been doing.' This not what it is. ERM is about enhancing existing processes and practices."
Rampersad agrees, and he characterizes the ensuing work, which took place over the course of roughly 12 to 14 months beginning in October 2008, as "partnering."
Assembling an All-Star Team
Tiah identifies three objectives that guided the 2008 initiative (and still guide the ongoing effort today):
1. Make ERM a sustainable effort that permeates the entire organizational culture.
2.Integrate risk thinking (i.e., risk identification, risk assessment, and risk information) into every decision-making process at every level of the organization.
3. Leverage identified risks as opportunities to add value to the organization through innovation and continuous improvement.
The sustainability that PPGPL sought required the common risk language that Tiah describes.
"Every decision we make," he explains, "from the lowest level in the organization right up to the highest level of governance at the board level, is steeped in risk: What are the risks? What are acceptable levels of risks? How do we manage these risks within a desired level? How do we transfer other risks? What are suitable mitigations? This approach to risk will help us to make better decisions ... and ultimately to add value to the organization. If we are excellent with ERM, it positions our business for excellence."
No stranger to strategic projects, Tiah and his leadership team of vice presidents understood that executing these objectives would require highly visible leadership support as well as an effective structure. To that end, they created the following personnel structure to govern the project:
| Role | Individual(s) | Responsibility |
| Project champion | Company president | Demonstrate leadership support |
| Project owner | VP, Finance and IT | Project management/execution |
| Project team | Cross-functional team with eight internal members as well as members of consulting firm, led by PPGPL's risk management Specialist | Project management/execution |
| Executive risk management team | Company's executive leadership team (eight vice presidents) | Sustain ERM in perpetuity |
As project champion, Tiah -- the company's top executive -- sent a clear message.
"By having him in that role, we were able to quickly and effectively mobilize different resources across different departments in the organization to move the project forward," notes Rampersad, who points out that the cross-functional project team also helped to eliminate resistance that may have otherwise materialized if the project had been solely owned and managed by, for example, a team of finance managers.
To be sure, "executive buy-in" and "cross-functional project" teams inevitably wind up atop the success drivers of any major enterprise initiative. Aon's Taylor believes that Phoenix Park's approaches in these areas stand out from the rest of the pack. She credits the company with engaging the organization via the cross-functional team -- which, for example, included a process safety management specialist -- extremely early in the project. Taylor also describes the executive leadership team's support as extraordinary.
"Quite frankly, some clients may look, on paper, as if they follow a similar approach, but it does not translate to the same approach in practice," Taylor adds. "At Phoenix Park, they are living it and breathing it."
Even with Taylor's vested interest in the project and its outcome, her point is difficult to dispute. How many (entire) senior executive leadership teams at $700 million to $1 billion companies double as risk committees?
Closing the Gap
Once the project commenced, it took about 3 months for the project team to complete a comprehensive gap analysis between the current and desired states of enterprise risk management.
This subsequent effort required an additional 6 to 8 months to establish a fully function ERM presence within the organization. This execution phase required numerous steps, including:
- A clear identification of risks;
- An assessment of those risks
- Identification of tolerable levels for each of those risks; and
- The development of mitigation strategies that addressed each risk.
Additionally, PPGPL needed a mechanism to store all of the data the ERM project created as well as all of the data that the ongoing ERM effort would subsequently generate.
"And we needed to be able to retrieve and display this information in a manner that was suitable for different audiences as we communicated it across the entire organization," Tiah notes.
The work consisted of the project team sitting down with different areas of the business. "That's where the cross-functional team was really, really helpful," Tiah notes. "The people on the team actually became departmental champions who garnered the support of their respective areas."
If that support ever lagged, the project team relied on the executive risk management team for higher-level help to ensure that resources, including human resources, were available and eager to participate.
Although PPGPL, which uses an Oracle database management system, considered purchasing supporting technology from a software vendor, the project team ultimately opted to have the company's IT department build a customized risk register with reporting functionality. These tools were integrated into the company's existing data management system.
Tiah describes this approach as "enabling" because it (1) provided a look and feel that was similar to the applications employees throughout the company already used, and (2) negated the need to train the company on an entirely new tool.
"We never had to retrofit something to meet our unique needs," Tiah notes. "Instead, we developed something that is ideally suited for our particular purposes."
Adding Value, Achieving Nirvana
The homegrown risk register provided other noteworthy benefits.
"One of the other aspects of the technology was the knowledge-building that it enabled," says Rampersad. "Custom-building this internally allowed IT and our project team to better understand how the risk concepts work in each part of the business and how they needed to work once the concepts were digitized."
The current risk register contains all of the different steps and processes involved in the project (and IT) team's discovery process during the ERM initiative. Rampersad believes that the activity of essentially translating paper-based processes into software code provided the company's IT team with an intensive education ... about risk management as well as corporate strategy.
"Now, our information is very transparent and available," Tiah emphasizes. "If Joe on the shop floor wants to know our risk profile across the organization, he can log on and find it. He can actually learn the business from studying the risk profile of the business. So, this is a wonderful teaching and development tool for managers, supervisors, and other employees as they progress through the company."
This is not the only benefit that PPGPL has achieved from ERM, now that the capabilities have been operational for several months.
As Tiah mentioned earlier, the entire company evaluates, treats, and speaks about risk in the same way. "From the very beginning of the effort, they related enterprise risk management to developing and delivering on their corporate strategy," Taylor notes. "That's the key ... that's nirvana."
Tiah also credits the new approach with helping the company to sustain its high credit rating during the global financial crisis. "Our robust ERM system also has helped us tremendously in the area of insurance," reports Tiah, who says that the company, overall, has procured equivalent or better coverage at lower premiums since activating its ERM program.
"In a very tight market, it can be difficult to get the coverage you want at the levels you want," he explains. "In our case, we have moved from just having full subscription to being oversubscribed. We attribute our oversubscribed situation to insurers gaining a much clearer understanding of (1) the risk profile of our business, and (2) the appropriate risk mitigation measures that we have in place to manage risk across our business."
Risk-based decision-making has also strengthened PPGPL's auditing plans, according to Tiah, who credits the capabilities with enabling a smooth transition to a risk-based audit.
The greatest value from ERM lies ahead, Tiah concludes. This benefit will be the result of the risk fluency that every single one of Phoenix Park's employees is currently developing. "Once we're able to understand clearly and have a good handle on all of the risks associated with our business, this enables us to create a strong platform from which to expand our business into different areas through innovation and new growth opportunities."
These opportunities will provide the motion that staves off entropy and enables sustainability.
Profile and Benchmark
Phoenix Park Gas Processors Limited (PPGPL), a Trinidad and Tobago company, was formed in May 1989. It currently employs approximately 180 people and posts annual revenue of about $700 million. PPGPL is jointly owned by NGC NGL Company Limited (51 percent), ConocoPhillips, Inc. (39 percent), and Pan West Engineers & Constructors, Inc., a GE Energy Financial Services company (10 percent).
See a larger version [1] of the ERM Scorecard.