HFW USA Partner Glenn Legge addresses regulatory and risk allocation issues impacting Deepwater Well Intervention at the Deepwater Intervention Forum on 8-10 August 2017 in Galveston, Texas.
As technological innovation increases the efficiencies and reduces the cost of deepwater drilling and well intervention, regulatory authorities, insurers, and risk allocation terms are struggling to keep up. Operators, contractors, and service companies should recognize that current regulatory requirements, contractual terms, and insurance coverages may not be consistent with new technologies used in drilling and well intervention activities.
These emerging issues will be addressed in the Regulatory Panel Session at the Deepwater Intervention Forum on 10 August. The Regulatory Panel will be led by:
- Colin Johnston, Director of SeaNation
- Paul Barbre, Workover Engineer, Bureau of Safety and Environmental Enforcement (BSEE)
The panelists will include:
- Minatte Matta, BSEE
- Jerry Dardar, Partner, Kheiron Quality Management
- Glenn Legge, Partner, HFW USA
Recent regulatory developments
Recently, the offshore energy sector has witnessed new regulatory requirements from BSEE and the United States Coast Guard (USCG) ranging from Best Available and Safest Technology (BAST) and safe drilling margins to electrical systems and cyber security measures for facilities on the Outer Continental Shelf (OCS). In turn, the energy sector has continued to improve the levels of safety and efficiency for offshore operations. The fast-paced development of new and safer technologies gives rise to a ‘Catch 22’ situation for regulators and the industry. As operators and contractors rapidly develop new systems for exploration, production, and well intervention, regulators must continue to revise or create applicable rules to address these technological developments in a timely and uniform manner.
BSEE’s Well Control Rule
BSEE’s 2016 Well Control Rule attempted to address post-Deepwater Horizon perceived risks and industry technologies, in part, through the requirement of real-time monitoring of well operations involving subsea blowout preventers (BOPs) or surface BOPs on a floating facility, or when operating in a high pressure, high temperature environment. Operators/lessees are required to:
- Create an independent, automatic, and continuous monitoring system capable of recording and transmitting data concerning BOP controls, well fluid handling systems, and well downhole conditions
- Have the capability to transmit real-time data from offshore operations to shoreside personnel
- Provide onshore personnel with real-time capability to contact rig personnel during operations
Further, parties must provide BSEE with real-time data upon request. See 30 CFR 250.724. Without question, these requirements will involve computer aided transmission of digitalized real-time data.
USCG’s proposed cybersecurity regulations
On July 12, 2017, the USCG issued a notice requesting comments on the new Navigation and Inspection Circular (NVIC) 05-17 that proposes new controls and cybersecurity measures for shoreside and OCS facilities which include most fixed and floating facilities in the Gulf of Mexico (GOM) and many Mobile Offshore Drilling Units (MODUs). The NVIC would require OCS owners/operators to create Cyber Risk Management Teams to identify and assess vulnerabilities in systems that perform “vital operational, safety, security or environmental functions.” Many of the industry’s new drilling and well intervention technologies fit within this description of functions. The USCG’s proposed regulation is intended to reduce the risks of a Transportation Security Incident or other occurrences that could result in a significant loss of life, environmental damage, or economic disruption. See 46 USC § 70101.
Regulatory tension between BSEE and USCG
Without question, BSEE and USCG are both focused on regulations that will reduce the risk of bodily injury, death, property damage, and environmental impairment on OCS facilities. BSEE believes that real-time remote monitoring will lessen well control risks and enhance safety during drilling and well intervention activities. In a similar manner, the USCG’s proposed regulations reflect a significant concern about cyber intrusions that could cause catastrophic damages. Interestingly, BSEE’s measures will increase the transmission of digitalized data between onshore and offshore facilities, whereas the USCG’s proposed regulations will likely make the transmission of such data more challenging.
Operators, contractors, service companies, and industry associations are keenly aware of these tensions between BSEE’s new Well Control Rule and the USCG’s proposed cybersecurity regulations. Open dialogue between the industry and its respective regulators is necessary to develop appropriate and seamless regulatory schemes for the rapidly developing technology in the offshore energy sector.
Contractual risk allocation considerations
The industry is facing similar challenges in developing appropriate and balanced contractual risk allocation clauses to address the emerging risks in the offshore energy sector. The ‘bring your own device’ (BYOD) environment is pervasive in the industry as operators are reliant upon the sophisticated technologies used in critical control systems that are developed and maintained by contractors and service companies.
Standard industry risk allocation terms and insurance coverages must be revised to address the developing technologies. Standard contractual terms may not be adequate to address the services provided and exposures that could arise from the inadvertent introduction of a malicious virus into the critical control systems of an OCS facility. Similarly, as contractors and service companies innovate and expand their roles into life of well obligations, or multi-well campaigns, the standard risk allocation and insurance coverages may not adequately distinguish between, or provide coverage for, these new approaches to well intervention.
If the offshore industry’s regulators anticipate the increased use of digitalized data transmissions to and from offshore locations, as well as the catastrophic hazards that could result from such operations, then contractual risk allocation clauses must address these hazards as well.
For decades, the energy industry has relied upon insurers to provide primary and excess insurance coverage for offshore operations. Operators and contractors pay hundreds of thousands of dollars in premiums for hundreds of millions of dollars of coverage, ranging from liability and property damage to control of well and environmental remediation. Insurers, largely from the foreign markets in London and Europe, have provided coverage that has responded to significant offshore casualties, including the Deepwater Horizon tragedy. In addition, contractual risk allocation clauses used in most MSAs and MSCs are often supported by appropriate contractual liability insurance coverage, as many smaller and mid-sized service companies do not have the financial ability to support their indemnity obligations.
Recently, industry concerns about cybersecurity have caused insurers to focus on the CL380 exclusion that is frequently found in primary, excess, and reinsurance policies issued by the London insurance market. The CL380 exclusion is intended to exclude coverage for damages or expenses directly or indirectly caused by the use of a computer system or malicious virus “as a means of inflicting harm.”
Although insurance policies often provide operators and contractors with coverage for catastrophic loss resulting from loss of well control, damage to offshore facilities, pollution and business interruption, the CL380 exclusion could foreclose such coverage if these same damages arise in whole, or in part, from the inadvertent introduction of a malicious virus in the BYOD environment.
In previous Deepwater Intervention Forums, Glenn has participated on panels with representatives from the USCG, BSEE and industry. He is pleased to participate, once again, in an effort to promote communications and understanding between the offshore energy sector and its regulators.
You can learn more about the Deepwater Intervention Forum by following this link: http://deepwaterintervention.com/agenda/.