We build on our foundation of operating excellence by adhering to a strong set of core values that reflect what is important to us as a company: Integrity, Safety and Respect in support of our communities, the environment and each other. These values guide our decisions, actions and behaviors.
We recognize that if we fail to meet our safety and environmental protection goals, we won’t be able to deliver on any of our other strategic priorities. For that reason, the safety of our systems, people, communities and environment is our number one priority, and public safety and environmental incidents are among our top risks. We also monitor other CSR and sustainability-related risks, including challenges associated with climate change, water, reputation and stakeholder trust, changing regulatory frameworks, and relationships with Indigenous groups and cybersecurity.
Our Board of Directors oversees all of our risks—both those that relate to CSR and sustainability and those that don’t—with the ultimate goal of ensuring that we can achieve our long-term strategic priorities. Board committees are responsible for overseeing specific risk categories:
For more information on our Board, please see Enbridge’s 2018 Management Information Circular on enbridge.com.
Regarding policies, our Corporate Financial Risk Management Policy, updated in November 2017, establishes principles and authority limits to ensure that the earnings and cash flows of Enbridge and our subsidiaries are not materially impacted by unmanaged financial risk. The oversight and implementation of this policy is conducted by a committee of senior management through the Corporate Financial Risk Management Committee. Our Chief Financial Officer chairs this committee and is the principal liaison with our Board and our Board’s AFRC. The key responsibilities of the Corporate Financial Risk Management Committee include:
Our Executive Leadership Team (ELT) and our Operations and Integrity Committee (OIC) are responsible for overseeing the management of our most significant operational risks. Risk owners and specialists throughout our company are responsible for managing risks within their respective areas.
Overall, operational risk management is guided by our Safety & Reliability Management System Framework, which covers programs for integrity management, safety management, emergency management, security management (both cyber and physical), environmental protection, and damage prevention. These programs are supported by joint business unit councils for integrity, safety, crisis and emergency response, and enterprise risk.
Cybersecurity has been identified as a top risk for the corporation. Primary treatment measures include: threat intelligence and monitoring; collaboration with industry and government agencies; and enhancing awareness and training throughout the organization. We have also established a Security Operations Center and Cybersecurity Response Team.
In addition, each year we present to our Board a Corporate Risk Assessment (CRA), in which we consistently and rigorously assess Enbridge’s enterprise-wide risks, highlighting top risks and trends in our risk profile. The CRA’s objective is to protect Enbridge through the assessment and prioritization of our major risks, including our treatment efforts and corresponding resource allocations.
Where possible, we use quantitative methods to assess our risks and to monitor the effects of our risk treatments. For example, we use leading and lagging metrics to assess the effectiveness of treatments pertaining to safety, the maintenance of the fitness of our systems and leak detection. To assess our financial risk treatment, we use metrics such as Cash Flow at Risk to give us insights into our market risk exposures and into the effectiveness of our derivative hedging activities. We also conduct correlation analyses on our market price risks, including interest rates, foreign exchange and commodities prices, to ensure that we fully understand the interrelationships between these risks.
It is fundamentally important for us to have a strong risk and safety culture—which we define as shared attitudes, values, norms, beliefs and practices with respect to risk, risk management and safety—that aligns with our core values. As such, as part of our performance management system, we include risk management criteria that address not only what was achieved, but also how it was achieved. We also use scorecards that focus on metrics such as safety, environmental protection and employee development. And our incentive programs include metrics for both quantitative performance such as total recordable injury frequency, and leading activity-based metrics such as safety leadership, safety observations, incident investigations, and health and safety training.
In addition, we provide training on risk and safety topics such as hazard management, lifesaving rules, incident prevention, and emergency preparedness and response.
We empower our leaders to: act quickly to enhance or modify any infrastructure, systems or processes that pose safety violations; champion the creation of best-in-class health and safety programs; define and coach disciplined safety leadership behaviors; and recognize and clearly communicate the impact health and safety issues have on our employees, as well as the company’s profitability and reputation.
We have established our safety culture framework to align us with Canada’s National Energy Board (NEB) Statement on Safety Culture, the American Petroleum Institute (API) Recommended Practice 1173, as well as safety culture frameworks from other high-hazard industries such as nuclear.
The four guiding traits identified in our Safety Culture Framework are Leadership, Ownership, Vigilance and Resilience. These four traits are underpinned by 22 attributes that more succinctly describe the activities, behaviors and expectations that are present in a healthy safety culture. Below is an example of some of the attributes within the framework:
By regularly assessing our risks and our safety culture through employee surveys and other risk and culture specific assessment methods, we can quickly identify and address strengths, weaknesses and opportunities to continuously improve.