When the Strait Closes: How the Gulf Crisis Rewrites EPC Project Risk
A data-driven analysis of how the Gulf crisis cascades through EPC supply chains, project schedules, and cost baselines — with an 8-point action checklist for project teams exposed to the disruption.
The Numbers
17% of Qatar's LNG production capacity is offline. The Strait of Hormuz — through which 20% of global daily oil supply and 20-25% of global LNG trade passes — is effectively closed to commercial shipping. Brent crude has breached $100 per barrel. War risk insurance premiums have surged 5-10x. And if your EPC project depends on materials, equipment, or supply routes that touch the Gulf, your schedule and budget are already impacted — whether you've realized it or not.
This isn't a geopolitical opinion piece. This is a data-driven assessment of what the Gulf crisis means for your project, your supply chain, and your risk register. It draws from verified market data, industry standards, and the frameworks that should be guiding your response.
Part 1: What Happened — The Facts
On February 28, 2026, the US-Israel military operation against Iran triggered the most severe disruption to global energy infrastructure since the 1990 Gulf War.
Infrastructure Damage
Iranian retaliatory strikes hit energy infrastructure across the Gulf. The most impactful: attacks on Ras Laffan Industrial City in Qatar, the world's largest LNG production and export hub. Two of fourteen LNG production lines and one GTL facility were damaged, removing approximately 12.8 million tonnes per annum (MTPA) from a total capacity of 77 MTPA.[^1] QatarEnergy declared force majeure on LNG shipments.[^2] Repairs are estimated at 3-5 years.
Other confirmed impacts include shutdowns or reduced operations at Ras Tanura refinery (Saudi Arabia), Mina Al Ahmadi refinery (Kuwait), the Shah gas field in Abu Dhabi (UAE), and multiple facilities in Bahrain.[^3]
Strait of Hormuz
The strait has seen an approximately 80-87% decline in crude flows west of Hormuz.[^4] Oman crude hit $147.79/bbl, Brent crude has remained above $100/bbl, and Asian LNG spot prices have risen 40%.[^5] Many operators have ceased transit entirely, rerouting via the Cape of Good Hope — adding 14-18 days to delivery schedules and significant cost.[^6]
Insurance Market
The Joint War Committee (JWC) at Lloyd's expanded high-risk zones to include broader Persian Gulf waters, encompassing Bahrain, Djibouti, Kuwait, Oman, and Qatar.[^7] War risk premiums surged from approximately 0.25% to 0.5-1.5% of hull value — a 5-10x increase.[^8] A $20 billion US DFC/Chubb reinsurance backstop has been created, but its effectiveness remains debated.[^9] The net effect: even where transit is physically possible, the insurance cost makes it commercially unviable for many operators.
Part 2: The Impact Chain
The disruption doesn't stop at oil prices and shipping lanes. It cascades through the entire EPC project lifecycle in a predictable sequence:
Conflict
│
▼
Strait of Hormuz — de facto closure
│
├──▶ Insurance premiums 5-10x
│ │
│ ▼
│ Shipping halt / rerouting (+14-18 days)
│ │
│ ▼
│ Material delivery delays
│ │
│ ▼
│ Schedule slippage (critical path impact)
│ │
│ ▼
│ Cost overrun (extended duration + commodity price surge)
│
├──▶ Physical infrastructure damage
│ │
│ ▼
│ Plant shutdown / reduced operations
│ │
│ ▼
│ Repair programs compete for same resources (labor, materials, equipment)
│
└──▶ Force majeure declarations
│
▼
Contractual uncertainty across the supply chain
New projects: halted or deferred
Final Investment Decisions (FIDs) across the Gulf are being deferred. Qatar's flagship North Field Expansion — a $30+ billion LNG expansion targeting 126 MTPA by 2028 — faces at least 1 year of delay.[^10] NEOM and Saudi Vision 2030 industrial projects face procurement uncertainty. Insurance requirements for construction sites in the Gulf have become prohibitive.
Supply chains: systematically broken
The disruption goes beyond oil and gas. Petrochemicals, refined products, aluminum, helium, and fertilizers are all affected. For EPC projects specifically:
| Impact Area | Detail |
|---|---|
| Material shortages | Structural steel, bitumen, and petrochemical-based products all spiking in price |
| Logistics | 14-18 day rerouting via Cape adds to lead times; port congestion building |
| Procurement costs | Rising across all categories due to commodity price surges |
| Just-in-time model | Broken; procurement teams now need 60-90 day inventory buffers for critical materials |
| Equipment vendors | Deliveries from Asia to Gulf extended by weeks; some supplier factories in conflict-adjacent zones |
| Workforce | Skilled labor availability constrained as repair programs absorb capacity |
Existing plants: need fixing under pressure
Operational plants face a compound problem. Physical damage requires repair programs. Spare parts supply is itself disrupted (Hormuz-routed deliveries). Maintenance turnarounds may need rescheduling. Safety risk increases with damaged infrastructure still operating.[^11] And the Management of Change (MOC) volume is surging as emergency modifications are implemented.
Part 3: Why Your Risk Register Can't Handle This
Here's the uncomfortable truth: most EPC projects manage risk with tools built for a different era.
The typical setup
A risk register lives in Excel or a standalone risk database. It contains qualitative assessments — "High probability, High impact" — with a risk response plan written at project inception. It gets reviewed monthly, sometimes quarterly. The risk analyst updates it based on conversations with discipline leads. The connection between the risk register and the actual project data — the schedule, the materials tracking, the procurement status, the change management system — is manual and periodic.
Why that breaks down now
In a crisis of this magnitude, the risk management system faces a coordination problem it was never designed to handle:
Risk registers explode in volume. A project that had 40 identified risks now has 200. Each affected material, vendor, and shipping route generates its own risk event.
Change management is overwhelmed. A typical area might have 3-5 active Management of Change (MoC) requests. Post-crisis, areas with damaged or modified systems might have 10-14 active MoCs. Process safety methodology[^12] recognizes that simultaneous MoCs at this density elevate safety risk — but the tools don't flag it automatically.
The disconnect between risk data and project data is lethal. Your risk register says "supply chain disruption — high." But does it know which Purchase Orders route through the Gulf? Which CWPs are blocked by those POs? Which IWPs can't be released because materials won't arrive in time? Traditional tools don't make these connections because they don't have access to the engineering and procurement data.
Speed of change outpaces review cadence. If your risk register is updated monthly, and shipping routes change weekly, your risk assessment is always stale.
What the standards say
ISO 31000[^13] and the CII (Construction Industry Institute) Best Practice #14[^14] provide excellent frameworks for project risk management. They emphasize systematic identification, assessment, treatment, and monitoring of risks. But these frameworks assume the organization has tooling capable of operating at the required speed and data-connectivity. Most don't.
The HAZOP (Hazard and Operability) studies, bowtie analyses, and LOPA (Layer of Protection Analysis) that protect process safety are thorough when they're conducted — but they're conducted against a plant design that may have changed since the last study. When emergency repairs and modifications cascade through a facility, the gap between the last HAZOP and the current process state widens.[^15]
Part 4: A New Approach to Project Risk Intelligence
The problem isn't the risk management methodology — ISO 31000, CII BP#14, and HAZOP are sound. The problem is the tooling gap: risk analysis is disconnected from the operational data that defines the project.
What connected risk intelligence looks like
Imagine a risk management system that doesn't just maintain a register, but actively reads the project's living data:
- When a material PO routes through a port in the JWC high-risk zone, the system flags every CWP and IWP dependent on that delivery — automatically.
- When commodity prices spike 15%, the system calculates the cost exposure across every open PO and pending MTO, per project.
- When MoC volume in an area exceeds the safety threshold, the system escalates — linking the alert to the last HAZOP study date for that area.
- When a schedule activity on the critical path is delayed, the system shows the cascading impact spatially — in the 3D model, not just in a Gantt chart.
This isn't science fiction. The data already exists in most projects — schedules, MTOs, PO logs, change requests, P&IDs, 3D models. The challenge is connecting it. Advanced Work Packaging (AWP) frameworks[^14] already map the relationship between engineering work packages, procurement work packages, and installation work packages. The technology to link risk analysis to this multi-dimensional data is emerging.
The reliability question
Any organization adopting AI-augmented risk analysis must address reliability head-on. In industrial contexts, the bar is absolute: no hallucinations, no unsubstantiated claims, no autonomous decisions on safety-critical assessments.
The principles that make AI risk analysis trustworthy:
- Evidence-based grounding — every risk finding traces to specific source data (a PO number, a schedule activity, a tag, a shipping route status)
- Explainability — the system explains why it flagged a risk, not just that it's flagged
- Confidence scoring — the system communicates its certainty level, routing low-confidence assessments to human analysts
- Human-in-the-loop — AI drafts recommendations; humans approve, reject, or override with logged rationale
- Continuous validation — the system measures its own accuracy against outcomes and displays this transparently
Standards like the NIST AI Risk Management Framework (AI 100-1)[^16] and DNV-RP-0510[^17] provide governance frameworks for data-driven algorithms in safety-critical applications. They map directly to the requirements of risk analysis in industrial projects.
Part 5: What You Should Do Now — The 8-Point Checklist
Whether you manage an EPC project in the Gulf, operate a facility downstream of Hormuz supply routes, or oversee a fabrication yard receiving Gulf-sourced materials — here are eight actions to take this week:
☐ 1. Map your Gulf supply chain exposure
Pull your open PO register. For every line item, identify the vendor location, the shipping route, and the transit port. Any route that passes through the Strait of Hormuz is at risk. Quantify the value and schedule criticality of exposed POs.
☐ 2. Re-baseline your schedule
Run a fresh CPM analysis with updated lead times. For Gulf-routed materials, add 14-18 days for Cape rerouting. For Gulf-sourced materials with no alternative, assess the delay scenario (4-12 weeks depending on commodity). Update your P50 and P80 completion dates.
☐ 3. Stress-test your budget
Apply commodity price sensitivity analysis to your Material Take-Off (MTO). Structural steel, piping, and instrumentation are all exposed. Calculate the cost delta at current prices vs. budget prices. If your contingency doesn't cover the gap, escalate immediately.
☐ 4. Review your MoC volume
Count the active Management of Change requests per area. If any area exceeds 8-10 simultaneous MoCs, trigger a management review. Cross-reference against the date of your last HAZOP/HAZID study for that area. If the study pre-dates the damage assessment, flag it for re-evaluation.
☐ 5. Update your risk register with geopolitical categories
If your risk register doesn't have explicit categories for geopolitical risk, supply chain disruption, and insurance/financial risk, add them. Rate them with quantified data (dollar exposure, schedule days at risk), not just "High/Medium/Low."
☐ 6. Check your insurance coverage
Confirm that your project's cargo insurance covers war risk at current premium levels. If you have shipments en route through the Gulf, confirm their coverage status. Budget the premium increase as a project cost.
☐ 7. Build inventory buffers for critical materials
Move away from just-in-time for any material on the critical path. Target 60-90 day reserves for critical items. Identify alternative sourcing from non-Gulf regions (India, Korea, Southeast Asia, Europe).
☐ 8. Evaluate force majeure triggers
Review your EPC contract's force majeure clause. Determine whether the Gulf crisis meets the contractual definition in your specific agreements. Document the impact chain with evidence (shipping route closures, insurance premium increases, force majeure declarations from suppliers). Consult legal counsel.
Looking Forward
The disruption isn't temporary. Even in a best-case ceasefire scenario, the structural effects — damaged infrastructure, repriced insurance, reconfigured supply chains — persist for 12-36 months. Qatar's damaged LNG capacity alone requires 3-5 years to rebuild.[^1]
For the EPC industry, this is a forcing function. The projects that recover fastest will be those with the best visibility into their risk exposure — not the projects with the thickest risk register, but the ones where risk analysis is connected to the actual data that drives schedule, cost, and safety outcomes.
The tools are evolving. The frameworks exist. The question is whether project organizations adopt them before the next disruption, or after.
Sources & References
[^1]: QatarEnergy capacity data, force majeure declaration. Reported by Reuters, S&P Global Commodity Insights, March 2026.
[^2]: Force majeure on LNG shipments. S&P Global, World Oil, March 2026.
[^3]: Infrastructure damage across Gulf states. Reported by Guardian, Reuters, Discovery Alert, Financial Post, March 2026.
[^4]: Crude flow decline through Strait of Hormuz. Kpler shipping intelligence data; Atlantic Council analysis, March 2026.
[^5]: Commodity price data. Oman crude $147.79. Brent >$100/bbl. Asian LNG +40%, European TTF +35%. Economic Times, S&P Global, Reuters, March 2026.
[^6]: Cape of Good Hope rerouting adds 14-18 days. Seatrade Maritime, Insurance Journal, March 2026.
[^7]: Joint War Committee high-risk zone expansion. Lloyd's Market Association; Freshfields Bruckhaus Deringer analysis, March 2026.
[^8]: War risk premium surge (0.25% → 0.5-1.5%). Insurance Journal, Lloyd's Market; Wind Hub maritime analysis, March 2026.
[^9]: $20B US DFC/Chubb reinsurance backstop. Financial Post, Time, March 2026.
[^10]: North Field Expansion delay. Wood Mackenzie, World Economic Forum, March 2026.
[^11]: Existing plant operational challenges. Construction Magazine UK, Expert Market Research, World Oil, March 2026.
[^12]: Management of Change best practices. OSHA PSM (29 CFR 1910.119); CII Best Practices in Capital Project Lifecycle.
[^13]: ISO 31000:2018 — Risk management guidelines. International Organization for Standardization.
[^14]: CII Best Practice #14 — Project risk assessment. Construction Industry Institute, University of Texas at Austin. Also: CII AWP (Advanced Work Packaging) methodology.
[^15]: HAZOP and process safety methodology. IEC 61882 (HAZOP procedure); IEC 61511 (Safety Instrumented Systems). API 580/581 (Risk-Based Inspection).
[^16]: NIST AI Risk Management Framework (AI 100-1), January 2023. National Institute of Standards and Technology.
[^17]: DNV-RP-0510 — Framework for assurance of data-driven algorithms and models. Det Norske Veritas.
Saber Belghith is the Founder & CEO of Twintech Limited. Before founding Twintech, Saber worked on the engineering floor — at Technip Energies and then at SBM Offshore — where he saw firsthand how disconnected data creates risk in industrial projects. Konnect xD, the platform he built, connects engineering, procurement, and construction data into a unified digital thread.
For a deeper analysis of how AI is transforming project risk management, request access to our research vault →