Importance and Commitment

Nowadays, business operations are inevitably experiencing changes in the business environment, and new risk factors are increasingly promising such as oil price volatility, political unrest in investment countries, the growth of global warming and climate change becoming more critical issues and driving the world transition towards a “Low Carbon Future” and seriously reduce greenhouse gas emissions to “Net Zero”, and finally the COVID-19 pandemic that continuously impacts the global economy, cybersecurity risks, and disruptive technology. Therefore, it is a great challenge that makes PTTEP place great importance on risk management and business continuity management to enhance the organization’s capability to rapidly respond to dynamic changes and manage all aspects of risks prudently which will enable us to achieve the organization’s objectives and goals in order to maximize benefits for PTTEP and all stakeholders in both the short term and long term along with sustainable growth.

Management Approach

Risk Management

Having effective and efficient risk management as its commitment, the Board of Directors approved the Risk Governance Framework to define oversight responsibilities and authorities that demonstrate strong coordination, collaboration and communication among the board level, the management and business unit level for managing all aspects of risk in accordance with PTTEP's policies effectively.

In addition, the Board of Directors also approves the Risk Appetite Statement to be used as a framework for all PTTEP business operations and seeking business opportunities with acceptable risks. Ultimately, PTTEP intends to ensure that key risks, especially risks with high impact to corporate level (Corporate Risk), and emerging risks are well managed to prevent the arising of negative surprises, to reduce potential losses, and to minimize recurrence risks.

PTTEP establishes its Enterprise Risk Management Policy and Framework approved by the Risk Management Committee that emphasize proactive risk management practices and a strong risk culture and establishes systematic Risk Management Process that is aligned with international standard ISO 31000:2018. In addition, the frameworks of the Committee of Sponsoring Organizations of the Treadway Commission (COSO) Enterprise Risk Management – Integrating with Strategy and Performance (COSO ERM 2017) and COSO Enterprise Risk Management – Applying Enterprise Risk Management to Environmental, Social and Governance-related Risks (COSO ESG 2018) have been applied to enhance integration of enterprise risk management, strategic planning, and ESG-related risk management. PTTEP management and employees at all levels have responsibility with regard to effective risk management and promoting comprehensive risk management to contractors, suppliers, and business partners, to assure the achievement of PTTEP's vision, mission, strategy and business objectives to serve sustainable growth and create short- and long-term values to stakeholders.

Enterprise Risk Management Framework

Our risk management processes are based on ISO Standard 31000:2018. This Standard set out a clear and simple process with 5 key steps as follows:

Establishing the Context
Risk Assessment
Risk Treatment
Monitoring and Review
Communication and Consultation

The processes are scalable – they can be applied at most levels within an organization.

PTTEP aims to integrate risk management into its business activities and decision-making which cover core business activities in PTTEP such as strategic planning management, investment and divestment decision-making, capital project management, operations and business process management including business continuity management, and ESG management. In addition, the Company implements risk management both in the corporate level and operational level to ensure that all key risks are managed in accordance with risk appetite, allocates necessary resources for managing risk in proportion to the level of risk and cost benefit consideration, and monitors the progress of risk mitigation plans together with Key Risk Indicators (KRIs) which serve as a tool for early warning for timely executing prevention activities and properly setting up additional mitigation measures.

Risk Management Structure

To ensure all key risks are thoroughly and completely identified and effectively managed in accordance with the Three Lines Model, the risk management unit advises and works with the First Line Roles, which carry out their duties and concurrently manage risks as risk owners. The risk management unit also coordinates with other functions especially the Second Line Roles, which support risk management assistance on their own areas of expertise. One of them is a compliance unit which shall monitor regulatory changes that may cause new risks or change risk levels. The internal audit unit, in accordance with the Third Line Roles which is made up of audit functional unit and external auditors, is responsible for independently auditing the overall performance of various management systems under the First and Second Line Roles. This includes ensuring effective and efficient implementation of risk management and providing recommendations for continuous improvement. Furthermore, the risk management unit and the internal audit unit shall exchange information to ensure that key risks are identified and managed continually.

Corporate Risk and Emerging Risk

In the process of Corporate Risk identification and assessment, PTTEP considers both internal and external contexts that affect the achievement of the Company's objectives and strategies and may cause risks with high impact at the corporate level, such as significant global events, audit findings, and Risk Management Committee and management concerns. Meanwhile, key risks that are identified and assessed by risk owners will be simultaneously considered to escalate with corporate criteria. All Corporate Risks will be consolidated to formulate our Corporate Risk Profile (CRP) for monitoring and reporting to the management, Management Committee (MC) and Risk Management Committee (RMC). If there is any significant change, it will be promptly alerted to all relevant committees for managing risks in a timely manner.

PTTEP has successfully implemented and benefited from the web-based Risk Register System (RR System). The system enables risk owners to quickly identify and analyze risks and enhance risk information communication throughout the organization. It also helps the Company to easily consolidate and escalate key risks to Corporate Risks and allows all relevant parties to monitor the risk management anywhere and anytime promptly and conveniently. In addition, PTTEP continues to strive for more efficient and faster risk management including developing a Chat Bot to suggest risks and to search for complete risk information leads to manage risks that may arise as a problem and thus will affect the organization's goals.

With the current situations, such as changes in business environment and advanced technology as well as the rising of stakeholder expectations regarding the Company's regulations compliance and more intensive environmental impact mitigation measures, PTTEP, therefore, keeps monitoring situations and assessing emerging risks that may affect the Company's business operations in the future and report to the management and relevant committees in order to follow up and update risk mitigation plans as well as to adjust corporate strategy efficiently. These would also enhance our competitiveness and create an opportunity to continue our business with sustainable growth. Currently, PTTEP has identified and keeps monitoring 2 emerging risks as follows.

1) Climate Change Risk

Description and Scenario

In view of extreme weather events and natural disasters posing more severe risks, coupled with the greenhouse effect, PTTEP, an exploration and production company, is well aware of risks from climate change and its possible impacts on our business operations in various aspects, namely (1) Physical risk refers to the risks arising from the physical impact of climate change, such as heat waves, heavy precipitation, tropical cyclones, droughts, and water-related risks and (2) Transition risk or risks arising from changes in policy, law, technology, or market shift to green energy. At the 2015 United Nations Climate Change Conference (COP21) held in Paris, France, heads of state and governments around the world signed an agreement with the aim of reducing greenhouse gas emissions and substituting low-carbon fuels for typical fossil fuels. To reduce the worst impact of climate change and accelerate each country's climate actions, the 26th United Nations Climate Change Conferences of the Parties (COP26) was held in Glasgow, Scotland, in November 2021, with the world leaders promising on speeding up towards net zero greenhouse gas emissions (Net Zero) and energy transition towards a low carbon society. Thailand has also committed to reaching net zero emissions by 2065, in which the energy sector is one of the key sectors playing an important role in the achievement of this commitment.


PTTEP realizes the significance of climate change management and has conducted a climate-related risk assessment for both existing projects and acquiring projects. The assessment covered short-term risk (2020-2025), medium-term risk (2025-2035), and long-term risk (2035-2050) under various scenarios according to the Representative Concentration Pathway (RCP), Stated Policies Scenarios, Sustainable Development Scenario (SDS), and IPCC 1.5C Scenario.

The physical and transition risk assessment results have revealed that PTTEP was ranked in low-to-medium risk level for all scenarios and timeframes, which confirmed appropriate management corresponding with the climate change risk. With prompt response to global and national climate change actions, the Company closely monitors and tracks climate change that may affect the corporate risk level in order to manage risks with the balancing of the risk appetite and corporate sustainable development.

Mitigation and Opportunity

PTTEP has reviewed and updated its climate change risk assessment and greenhouse gas reduction plans in alignment with the global commitment to control the temperature well below 1.5-2 degrees Celsius. We are reviewing the Company's long-term target and strategy towards net zero according to Thailand's commitment and long-term plan from COP26 by focusing on the Company's investment strategy and actions at operating assets. For the Company's greenhouse gas management plan of operating assets, it covers improving work processes to maximize energy efficiency. PTTEP aims to reduce the intensity of GHG emissions by 30% within 2030 and 50% within 2040 from 2020 base year. So far, PTTEP has achieved the previous target of 25% GHG intensity reduction in Q1 2022 from the 2012 base year which is eight years ahead of the set target in 2030. Moreover, the Company has conducted studies on potential CO2 sequestration under PTTEP reforestation projects as well as carbon offsetting through various mechanisms. Correspondingly, PTTEP has also engaged with the Thailand Greenhouse Gas Management Organization (Public Organization) (TGO) to develop a set of activities, measures, and policies to reduce greenhouse gases under the Thailand Voluntary Emission Reduction Program (T-VER).

PTTEP's strategy on the new business opportunities emphasizes the gas value chain businesses, including the "Gas to Power" projects and Liquefied Natural Gas (LNG) projects, as well as renewable energy opportunities which will also support the transition to a low-carbon society.

2) Risks Arising from Disruptive Technology that Adversely Impacts Oil and Gas Industry

Description and Scenario

Exploration and Production (E&P) companies will face impacts from disruptive technology to energy industry (i.e. rapid technological advancement has accelerated R&D efforts in renewable energy, making it cheaper and more accessible). These technologies come in the form of electrical energy storage devices and systems, as well as electric vehicles. Oil demand has consequently been affected and consumers for renewable energy potentially increases, coupled with the government's policy regarding environmental issues with the intention of reducing greenhouse gas (GHG) emissions following the recent United Nations Climate Change Conference of the Parties (COP26), it would cause tremendous damage to petroleum industry as well as the oil demand would consequently be affected.

This situation will be PTTEP's primary strategic risk as it directly impacts our revenues from crude oil, condensate and oil-linked gas sales. Additional risks include the loss of production cost advantages due to accelerated technology development by competitors.


The future energy transition to renewable energy means decreases in oil demand which have impacts on PTTEP's revenues. PTTEP's crude oil and condensate made up to 49% of total revenue in 2022. Another is the loss of cost competitiveness (i.e. production cost advantage due to accelerated technology of competitors). These are potential impacts from disruptive technological advancement and the increasing use of renewable energy.

With the increasing demand for natural gas as the transition fuel, the bridge to renewable energy, In 2022, PTTEP generates natural gas revenue which makes up appropriately 51% of total revenue and continues to seek investment opportunities in the gas value chain businesses.

Mitigation and Opportunity

Since new technology is a key factor in the volatile energy business, PTTEP thus develops technology through partnership with both Thai and international parties and institutions, knowledge sharing within PTTEP and with partners across sectors, and collaboration with various expertise inside and outside the energy sectors to jointly develop technologies and innovation to enhance capabilities, business competitiveness and readiness for future energy transition to achieve sustainable business objectives.

PTTEP has revised business strategies to anticipate advancing technologies and drive transformation to enhance its adaptability and competitiveness. PTTEP's enterprise transformations are:

  • Digital Transformation - to enhance competitiveness through technology e.g. Artificial Intelligence (AI), Machine Learning, Internet of Things (IoT) which enables effective and quick decisions, optimize asset performance, speed up subsurface data processing, and improve work efficiency in drilling and engineering project, etc.
  • Organization and New Normal Transformation – to allow PTTEP to adopt a more streamlined structure and management process, empowering the capabilities of our people, and strengthening corporate mindset and culture. This accelerated decision-making and responsiveness, as well as to ensure continued reductions in costs and natural resources required for operations.

Additionally, PTTEP is also exploring new business opportunities alongside our core business to create future growth in three new businesses in the natural gas value chain such as Gas to Power business, LNG related businesses, and commercialization of technological innovation projects developed within PTTEP, while seeking investment opportunities in renewable energy, others beyond the E&P business and new forms of energy. Furthermore, PTTEP aims to scale up the AI & Robotics Ventures Co., Ltd (ARV) in four core sectors: (1) Subsea inspection, repair and maintenance, (2) Integrated asset inspection and management service to various industries, (3) Smart farming and smart forestry solutions, and (4) Health data network. Our specialized E&P technologies in ARV solutions are instrumental in enhancing PTTEP's competitive capability and can also support other industries to boost their efficiency and business value.

Risk Culture

To strengthen and sustain risk management in the organization, PTTEP therefore gives importance to build up risk awareness in all PTTEP personnel mindset together with competency development. The management at all levels commit and serve as leaders and role models, as well as support the continuous development for efficient and effective risk management. The implementation of risk management is promoted as a corporate culture together with the enhancement of risk awareness and understanding through trainings and promoting activities, for example, training for newly appointed members of the Board of Directors and the Risk Management Committee, training for management and risk coordinators, communications about risk management via Intranet, emails, podcast and at events. The knowledge sharing sessions focusing on the up-to-date important global issues that may cause risk to the Company are organized to enhance the capability of employees to better analyze risks and impacts on their responsible work and overall company. Moreover, PTTEP enhanced risk management effectiveness by establishing the key performance indicators for unidentified risk (Unidentified Risk KPI) to monitor and evaluate risk management results for all management at all levels (risk owners of each business unit) including the risk management unit which are responsible for the overall risk management. PTTEP also conducts GRC Maturity Assessment for operating areas of newly acquired projects e.g. Malaysia Project in order to analyze strengths and develop plans to improve weaknesses in GRC, which included enhancing the effectiveness of risk management.

Business Continuity Management (BCM)

PTTEP's Business Continuity Management System (BCMS) is part of the company's enterprise risk management. The Business Continuity Plan (BCP) is developed to prepare for effective response during disruption following emergency or crisis. PTTEP develops the BCMS in alignment with an international standard for ISO 22301 Business Continuity Management System (BCMS) and establishes the Business Continuity Management Policy with the following objectives:

  • 1 To protect our people, organization, brand and reputation, the interests of our stakeholders and the wider community.
  • 2 To Mitigate the risks of disruptive incidents, ensure mitigation, strategy & solution in accordance with PTTEP policies.
  • 3 To minimize risks of non-compliance with government regulations and laws including any contract or agreement with our partners, customers, suppliers and contractors.
  • 4 To continuously improve the organization's business continuity capabilities.

PTTEP realizes its mission as the national oil and gas company to provide reliable energy supply to continuously serve the energy demand of the country. To ensure energy supply security with no disruption, PTTEP thus develops BCPs which have documented the procedures to recover the prioritized business operations and support business continuity, if disrupted following emergency or crisis, with safeguarding of all personnel, environment, company's asset and reputation that adhering to the requirements of Safety, Security, Health, and Environment (SSHE) system.

The BCP of each operating area and supporting function shall be regularly reviewed and exercised to prepare for effective response to the case of emergency and crisis, and to continually improve the recovery plans and maintain standard of efficient BCP as well as to ensure that PTTEP will be able to perform effective business continuity management in times of emergency and crisis. PTTEP will enhance employees' BCM awareness and competency in BCMS by training programs throughout the year.

Currently, there are 5 operation areas in PTTEP that have received ISO 22301 Business Continuity Management System (BCMS) certifications i.e. the S1 Project, the Zawtika Production Operations and Business Support (Myanmar), Petroleum Development Support Base (Songkhla), the PTTEP Headquarter – Office Facility Management and the Malaysia Asset, Production Operations and Support Functions in Offshore and Onshore Production and the main Office, which received the certification from the BSI in 2022.

Apart from ISO 22301 BCMS certification, PTTEP developed its BCM Document Management System which provides more systematic approach to effectively manage and control BCM's documents. Especially in case of emergency and crisis, all related BCM's persons can access and use the up-to-date version of BCP, to immediately recover the prioritized business operations to ensure PTTEP business continuity.