At Enbridge, sustainability is woven into everything we do. It’s embedded in our values, the work we do, the operational risks we manage and the way we govern ourselves as a company.
Spanning a vast continent. Serving millions of customers. Operating essential energy infrastructure.
Enbridge deals in complexity and consequence every day.
Our ability to operate and ensure long-term success is linked to our ability to identify and manage potential risk to our company. The principal risks we assess, manage and mitigate are wide-ranging, encompassing financial, regulatory, compliance and reputational exposures, and protecting the safety of our systems, people and environment. Our sustainability-related risks include challenges associated with cybersecurity, safety and operational reliability, stakeholder trust and climate change.
How We Manage Risk
Our Board of Directors oversees all risks with the goal of ensuring that we can achieve our long-term strategic priorities. The Board has five standing committees that have responsibility for overseeing specific risk categories:
Enbridge’s Corporate Financial Risk Management Policy, updated in February 2019, establishes principles and authority limits to ensure that the earnings and cash flows of Enbridge and our subsidiaries are not materially impacted by unmanaged financial risk.
While risk management activities are undertaken across Enbridge every day, we also provide our Board with a Corporate Risk Assessment (CRA) that captures these efforts on an annual basis. The purpose of the annual CRA process and report is to consistently assess and prioritize enterprise-wide risks and treatments, highlighting top risks, trends in the Company’s risk profile and treatment effectiveness. The CRA is also used to inform Enbridge’s Strategic Planning process as well as the annual Audit plan. Striving for continuous improvement in our risk assessment and reporting processes is an important dimension of our company’s risk culture.
Our Executive Leadership Team and Operations and Integrity Committee oversee the management of our most significant operational risks. Overall, operational risk management is guided by our Safety and Reliability Management System Structure, which includes our Safety and Reliability Policy, Management System Framework, and numerous framework standards. Together, these documents establish enterprise-wide requirements for safety and reliability programs: integrity management; safety management; emergency management; security management (both cyber and physical); environmental protection; and damage prevention. Individual business units establish, implement and maintain Integrated Management Systems for their defined assets and business processes, in keeping with enterprise-wide requirements.
For more information on our Board, please see Enbridge’s Proxy Statement.
Where possible, we use quantitative methods to assess our risks and to monitor the effects of our risk treatments. For example, we use leading and lagging metrics to assess the effectiveness of treatments pertaining to safety, the maintenance of the fitness of our systems and leak detection. We also conduct correlation analyses on our market price risks, including interest rates, foreign exchange and commodities prices, to ensure that we fully understand the interrelationships between these risks.
It is fundamentally important for us to have a strong risk and safety culture—which we define as shared attitudes, values, norms, beliefs and practices with respect to risk, risk management and safety—that aligns with our core values of safety, integrity and respect. For more information, please see the Health and Safety section beginning on Page 19.
We believe that managing climate change risks is an important element of our vision to be the leading energy delivery company in North America. Enbridge’s climate change governance, risk management and strategy are further discussed in our TCFD report, Resilient Energy Infrastructure, published in September 2019.
Managing Sustainability-Related Risks
Identifying and managing sustainability risks, some of which are outlined below, are key to achieving our strategic business priorities. Our annual report on Form 10-K, filed with the SEC and SEDAR, contains more information about the risks applicable to Enbridge.
We believe all incidents can be prevented. To achieve this we must identify and mitigate the risks in operating energy infrastructure to protect public safety, our workers and contractors, and the environment. In addition to our duty to protect people and the environment from harm, we know that incidents can also result in reputational damage, material repair costs and increased operating costs.
Key Mitigating Actions
- By centralizing the safety and reliability function across the enterprise, we have integrated our systems and programs to drive improved public, personal and process safety performance.
- Our Integrated Management Systems and core protection programs focus our attention and resources on managing key safety and reliability risks.
- Our newly implemented Safety Culture Framework dovetails with our safety programs and systems to drive effective assessment and sustained improvement of our safety culture, key to propelling progress on our Path to Zero incidents, injuries and occupational illnesses.
We recognize that cybersecurity is a top risk to critical infrastructure globally. As an operator of critical energy infrastructure and facilities, we recognize cyberattacks continue to increase in sophistication, which may impact our ability to protect our systems and deliver energy to our customers.
Key Mitigating Actions
- By centralizing the Technology and Information Services (TIS) function across the enterprise, we have full line of sight and the effectiveness to mandate technology policies to drive cybersecurity improvements across our business operations, personnel and third-party vendors.
- Our TIS strategy includes validation by several independent third parties, audits and execution of our cybersecurity program to continuously advance all our cybersecurity capabilities. We have robust governance frameworks and a dedicated role of Chief Information Security Officer.
- Advancing cybersecurity culture and performance is embedded in our management reviews including the Operational Integrity Committee.
Erosion of stakeholder and Indigenous communities' trust and/or confidence may influence actions or decisions about our company and industry. This may impact the cost of operations; timely project execution; the ability to secure growth opportunities; investment and financing decisions; and reputation.
Key Mitigating Actions
- We've strengthened transparency on environmental and social issues through reporting and engagement with stakeholders.
- We've made enhancements to our risk-based asset lifecycle approach to community engagement, including agreements and/or collaborations with Indigenous communities on jobs, procurement and environmental/cultural monitoring.
- We've made continuous enhancements to our processes to identify stakeholders and develop engagement plans that promote mutual understanding of project and associated facilities, and how Enbridge engages with the communities in which we will operate.
- We engage constructively at state/provincial and federal levels to inform public policies and advocate on those issues relevant to the Company and industry.