Frequently Asked Questions
Let Athens Group do the work for you and answer your questions about the new Well Control Rule and how it impacts offshore assets. To ensure compliance with the new regulatory requirements and industry standards referenced, we will be rolling out a series of FAQs over the next few weeks to help you understand what has changed, how it impacts your specific operation, and how you can use Athens Group’s Integrated Knowledge System to facilitate compliance and improve safety.
Even though the Well Control Rule has been in effect for nearly six months, there is still a sense of uncertainty among the industry about what needs to be done to be compliant. Our clients, Operators and Lease Holders in particular, are still trying to decipher how the new rules affect their specific operations and what they need to do differently, and reach out to us with questions seeking guidance. Despite the variety of operations, well designs, equipment, and environments, there are common themes. One such theme is understanding, at a high level, what is new vs. what stayed the same.
In a nutshell, the Well Control Rule introduced changes in five specific areas. First, it consolidated requirements that were previously scattered in separate sections. Prior to the Well Control Rule, Title 30 Part 250 of the US Code of Federal Regulations (30 CFR 250) contained three separate sections that described similar requirements for well control equipment under each of the three defined well operation types: Drilling (Subpart D), Well Completion (Subpart E), and Well Workover (Subpart F). The Well Control Rule removed the requirements within each of the sections and consolidated them all into a new Subpart G, which all three operations types (Drilling, Well Completion and Well Workover) must now comply with.
Second, the new rule introduced revised design requirements for Blow Out Preventers (BOPs). Newer (not latest, which is a topic of another discussion) industry standards were incorporated by reference; namely API Standard 53 (replacing Recommended Practice 53) and API Specification Q1, among others. The rule also requires dual blind shear rams with improved shearing capabilities; enhanced control fluid accumulator capacity; locking mechanisms for surface stacks; additional emergency/secondary controls such as ROV Intervention. Not all requirements must be met immediately however, as some have two, three, five, or seven year “grace periods” before enforcement.
Third, the Well Control Rule revised the requirements for operation and maintenance of well control equipment. Instead of allowing stakeholders to choose any independent third party to verify compliance, the BSEE will now qualify, create, and maintain a list of BSEE Approved Verification Organizations (BAVOs). Independent third parties are still acceptable until such time the BAVO List is published, but once the BSEE releases the list, stakeholders are required to use a BAVO that is on the list. If the independent third party of choice is not on the list, the BSEE will reject any verifications or certifications issued, regardless of qualification. BAVOs are also required to issue a Mechanical Integrity Assessment (MIA) report every 12 months, which is separate and different from other inspections (such as certificates to support permits). Lastly, the BSEE requires all failures to be reported in an attempt to bridge the gap between original equipment manufacturers (OEMs) and operational performance. Athens Group wrote an article about this subject in the December 2015 issue of Offshore Engineer Magazine.
Fourth, remote real-time monitoring (RRTM). The requirements for RRTM changed significantly since the rule was first proposed in April of 2015, and now require Lease Holders to develop a real-time monitoring plan when pertinent to enable personnel to monitor operational conditions and equipment status from shore. The National Academy of Science (NAS) Transportation Research Board (TRB) conducted a study including industry workshops (Athens Group was a panelist) that discussed some of industry’s concerns. The main concern is not whether RRTM is feasible, the technology exists, or what benefits it provides, but rather controlling paths to safety critical industrial control systems from potential cyber-attacks. The Oil & Gas Industry does not have a mature cyber-security culture, and there is limited guidance available, (US Coast Guard is working on Cyber-Security Guidelines, but they have not been implemented yet). The potential impact is not limited to loss of financial or sensitive data (e.g., Yahoo accounts being hacked, or the release of customer financial data at Target), but rather degrading operational performance, personnel safety, or environmental consequences from losing control of the equipment (e.g., Stuxnet).
Fifth, and lastly, the shift from “prescriptive regulatory specification” to “prescriptive risk-assessed and performance-based compliance”. The Well Control Rule marks a significant departure from previous regulations that specified “what” was needed in order to be compliant, and instead defines “how” stakeholders can be compliant. Compliance with the regulations is “by intent” and not “by the letter”, granting the flexibility to propose alternate methodologies as long as they are “as safe or better” than what is required (this is the process referred to as Alternate Compliance). The new rule also places a stronger emphasis in promoting safety as a function of quality (a topic Athens Group discussed in our newsletters), exemplified by the adoption of API Specification Q1.
Even though the changes described above are significant, at a high level, the Well Control Rule had no impact from a procedural standpoint. The impact is felt primarily on the supporting documentation and requirements rather than changing the permitting process. Well control equipment still needs to be tested periodically, has to be verified prior to working on a well, and still has to be maintained and recertified by OEM every five years. What changed is how and who is qualified to do so, while the activities remain essentially the same.
Prior to the Well Control Rule, requirements for well control were scattered among different sections depending on the type of operations conducted. The Well Control Rule consolidated all requirements found in these subparts under one, Subpart G, which is now referenced by other Subparts throughout Title 30, Part 250 of the Code of Federal Regulations (30 CFR 250). In particular:
- Subpart D, 30 CFR 250.411(f): Oil and Gas Drilling Operations
- Subpart E, 30 CFR 250.513(b)(4): Oil and Gas Well-Completion Operations
- Subpart F, 30 CFR 250.613(b)(3): Oil and Gas Well-Workover Operations
Subpart G, 30 CFR 250.731 states: “For any operation that requires the use of a BOP, you must include the information listed in this section with your applicable APD, APM, or other submittal.” Note the term “BOP” is not specific to drilling BOPs, and therefore encompasses all blowout preventers by definition. Moreover, 30 CFR 250.731(c) requires certification pursuant to 30 CFR 250.732, for every application for permit to drill (APD) or application for permit to modify (APM). Despite the consolidation however, the effects of the Well Control Rule can be described from two fronts. Most of the design changes are geared towards equipment primarily used in drilling operations, so we can focus on this side of the industry first.
The incorporation of API Standard 53 by reference was seen somewhat as a relief for those Lease Holders and equipment owners (namely Drilling Contractors) whose assets are relatively new, roughly 5 years old. These assets for the most part were already designed to comply with API Standard 53, thus only those regulatory requirements with a “grace period” are a concern (e.g., enhanced shearing capability and centralizer systems). The newer the asset, the less they are impacted by the new rule. The changes introduced by the rule affect drilling assets that were not operating in conformance with API Standard 53 at the time the rule was published in the Federal Register (since it was not a requirement until now unless contractually agreed). This includes those assets equipped with surface BOP stacks (i.e., BOPs that are installed on the asset itself and not deployed to the seabed) due to the requirement for locking mechanisms on ram-type preventers. In summary, the older the drilling asset, the more likely it will need to be modified to comply with the new regulation.
The second front consists of well completion and workover operations. At first glance, it would seem they are the most affected since they now must comply with the same requirements as drilling assets. This does not mean that a well intervention vessel needs to be equipped with a six-ram BOP Stack. As we explained in a previous answer, the BSEE understands these operations are much more dynamic, requiring a variety of equipment configurations that cannot be forced to be prescriptive in terms of design, so the Well Control Rule is design for “compliance by intent” instead of “compliance by the letter”. Clause §250.701 enables the use of alternate procedures or equipment as long as the intent of the rule is met via a risk assessment to determine whether the proposal “equals or surpasses current BSEE requirements.” Guidance for departure from the regulation is possible via §250.702, but these require stronger justification and will be regarded with higher scrutiny given the relative flexibility of alternate compliance. Therefore, completion and workover assets are in compliance as long as they meet the intent of the Well Control Rule (namely, maintain the integrity of the well and prevent a safety or environmental incident).
Despite its name, the Well Control Rule is not limited to well control equipment. Although it is prescriptive about the design, operational and maintenance requirements for Blow Out Preventers (BOPs), the rule actually encompasses all equipment and methodologies used to maintain the integrity of the well and secure the asset in case of loss of control of the well (this is where the BOP fits). Choke Manifolds, Diverters, Riser, Casing Designs, etc. are all included. The rule does not address other systems such as drilling (e.g., Top Drives, Pipe Racking System), power management (e.g., generators, switchboards), with the exception of positioning equipment, particularly if the asset is a mobile offshore drilling unit (MODU).
This may come as a surprise to some, as positioning equipment is not normally associated with well control. The BSEE recognizes the relationship between the ability to maintain the integrity of the well with the asset’s capability of maintaining its position in order to do so. Specific requirements for equipment, inspections and certifications of vessels are stipulated in Title 33, Subchapter N, Part 143 of the US Code of Federal Regulations (33 CFR 143) and are stewarded by the US Coast Guard. However, there are certain provisions required by the BSEE to ensure the asset remains on station to prevent the integrity of the well from being compromised.
Prior to the Well Control Rule, Operators and Lease Holders had the flexibility to use the independent third party of their choice to provide the certifications, verifications, reports or reviews as required. The BSEE will now populate and maintain a list of organizations that BSEE has qualified and approved to conduct the certifications, verifications, reports and reviews stipulated. BSEE-Approved Verification Organizations (BAVOs) essentially replace the independent third parties, and Operators or Lease Holders are now required to select one from the list when published.
The Well Control Rule includes a list of qualifications that BAVOs must meet to be considered, but specific guidance for qualification and application process are still under development, so no BAVOs exist at this time. The BSEE must first provide public notice of the application process and the specific requirements for qualification, compile a list of approved organizations, and then post the official BAVO list. Operators and Lease Holders are not required to use BAVOs until one year after the list is published; until that time, independent third parties can still be chosen freely as long as they meet the requirements prior to the Well Control Rule going into effect.
Until the BSEE publishes a list of BSEE-approved verification organizations (BAVOs), independent third parties must be used to fulfill the activities assigned to BAVOs in the Well Control Rule. The only exception to this is the yearly Mechanical Integrity Assessment (MIA), which is separate and different from the certifications required during the permitting process. Therefore, MIAs are not required until the BSEE publishes the list of BAVOs.
As was the case before the new regulation became effective, BAVOs are required to inspect the condition of the equipment and maintenance history as part of the permitting process for every operation, whether it is drilling, completion, or workover. BAVOs are also required to be present on the rig during major equipment inspections required every five years, and provide a report of the inspection activities and any corrective or remedial actions that were taken. A BAVO must also issue a report whenever any other well control equipment not specifically stated, or whenever redundant components intended for well control are used in addition to those components specified by the rule to ensure the systems are suitable for their intended use, and any failure will not compromise the integrity of the well control equipment.
To support the initiative from the BSEE to close the loop with original equipment manufacturers (OEMs) by providing operational performance data, BAVOs are required to issue a report every time there is a need to repair, replace, or reconfigure well control equipment stating the equipment is fit for service. BAVOs are not required to report the failure or ensure an investigation into the causes of the failure has been conducted (Operators and Lease Holders are required to do this). Some Operators however feel it would be easier to engage BAVOs earlier to let them handle the entire failure reporting process.
Submit your question(s) to firstname.lastname@example.org or call us directly at +1 877-499-8393. To learn more about our Knowledge Delivery System click here.
BSEE incorporates standards by reference that are available at the time the rule is initially planned and the rule-making process begins, not those available at the time the rules are published. This is why versions for some of the standards that were already released and effective were not incorporated (e.g., eighth edition of API Specification Q1 instead of the ninth edition, which is in effect today). This is how the rule-making process is designed; it lags industry, continuously elevating the minimum operational baseline.
Regulatory requirements supersede industry standards and references unless stated otherwise, so that creates two options:
- Ignore the latest standards and operate as per the version incorporated by reference. This is probably the easiest path towards compliance, but stifles improvement opportunities and adoption of new processes that may be safer and more effective.
- Follow the intent of the rule, and request alternate compliance if required (by choice or contractual obligation) to use newer versions of the standards. If the new version is “as safe or better” than the version incorporated by reference, this method promotes innovation and ensures your project operates above the baseline. Compliance is no longer a goal, but rather a byproduct of a well-designed operating methodology.
The Well Control Rule (WCR) introduced specific requirements for well control equipment that all offshore assets must comply with if they will be used for drilling, well workover, or well completion operations in the US Outer Continental Shelf. While the asset owner, service providers and OEM are responsible for meeting the WCR requirements, the operator or lease holder remain liable for any damages caused by failure to meet the WCR requirements.
In order to minimize the risk of potential liabilities and unexpected costs, you the operator or lease holder need to be aware of what the requirements are, assess any gaps that your selected asset may have, address those gaps prior to applying for an APD or APM, and monitor your service providers for compliance throughout the campaign.
In the absence of liability issues, a lack of attention to regulatory compliance can lead to possible operational delays and unforeseen expenses caused by rejected permits and fines. Finally, a closer interaction between stakeholders promotes industry collaboration to standardize requirements, streamline operations, reduce costs, and incentivize innovation.
As discussed in the answer to our first FAQ, the Well Control Rule did not change the permitting process. The impact is felt primarily on the supporting documentation and requirements rather than the process itself: well control equipment still needs to be tested periodically, has to be verified prior to working on a well, and still has to be maintained and recertified by OEM every five years. What changed is how and who is qualified to do so, while the activities remain essentially the same.
The prior requirement for the Operator or Lease Holder to develop and implement a Safety and Environmental Management System (SEMS) for operations in the US Outer Continental Shelf is carried over to the new Well Control Rule (WCR).
The new WCR adds quality management system requirements for the for the equipment OEM by incorporating API Specification Q1 “Specification for Quality Management System Requirements for Manufacturing Organizations for the Petroleum and Natural Gas Industry” by reference. As the name implies however, API Q1 is only applicable to OEMs to ensure the quality of manufactured goods at the time they are delivered. This leaves a gap whereby there is no requirement for the asset owners and service providers to maintain a quality management system covering the ongoing operation and maintenance of the equipment. API Q1 does not apply to them.
API Specification Q2, “Specification for Quality Management System Requirements for Service Supply Organizations for the Petroleum and Natural Gas Industry” was created for this specific purpose. Since it is not a regulatory requirement yet, Asset Owners and Service Providers (including Drilling Contractors) have not widely adopted the standard at this time. However, several Operators and Lease Holders are requiring the adoption of (or at least the commitment to works towards compliance with) API Specification Q2 as a contractual requirement, which incentivizes the adoption of the standard as a marketable advantage.
Before answering this question, we need to first clarify what the Well Control Rule (WCR) refers to as “Real-Time Monitoring”. As we know, most operational data and equipment status information is already monitored in real time at the well site by rig personnel, so that is not what the Well Control Rule focuses on. What the BSEE requires via the Well Control Rule is the capability to monitor this information remotely from shore in real-time, which is something completely different. Wherever the WCR states “Real-Time Monitoring”, what it really means is “Remote Real-Time Monitoring”, or RRTM.
Technology is not the primary concern, as other industries adopted this concept years ago and have implemented it successfully. The main concern is widespread usage of this technology simultaneously by various assets whose system configurations can be very different, and the potential of compromising the security of industrial control systems.
The cybersecurity culture in the Oil & Gas Industry is deficient, compounded by limited availability and adoption of operating guidelines. Several entities including the US Coast Guard and Class Societies are working on developing a baseline for cybersecurity protocols, but these are still infant. The potential risk is not limited to loss of proprietary or sensitive data (such as the result of recent hacks on financial and retail businesses), but rather creating an avenue that exposes safety-critical industrial control systems to cyber-attacks aimed to disable or worse take control away from asset personnel. The high consequence of exposure, compounded by the relatively high probability of undeterred cyberattack by deficient cybersecurity culture results in a high level of risk that the industry as a whole need to address.
Mitigating or eliminating the risks of RRTM effectively becomes a more pressing matter now that there is a specific deadline to not only have the capability, but also have a plan to manage the implementation (I.e., Real-Time Monitoring Plan). Keep in mind that in order to implement the plan you must first define the parameters that need to be monitored, how you will obtain this data, implement a solution to gather the data, and then transmit the data offshore; not to mention how you will ensure the data is accurate, how you will analyze the data, what the storage requirements for this data are, and how you will keep it all secure. Waiting for development of standardized guidelines may not be the right strategy, so the sooner you begin to craft your Real Time Monitoring Plan, the more secured and prepared you will be.
In conclusion, now that we have addressed the new well control rule and how it impacts offshore assets we can shift our focus to RTM, digitization and automation.
Meet Irfan Dawood, P.E., the Technical Director for Well Control Services at Athens Group. Irfan is responsible for developing and managing the quality and compliance of well control equipment services across all major geographies and regulatory regimes, including the latest requirements stipulated in the US Code of Federal Regulations for BSEE Approved Verification Organizations (BAVOs). Irfan specializes in well control equipment design, risk assessment, verification, operation & maintenance.