Effective risk management is an essential part of the Group’s culture and strategy. Accurate and timely identification, assessment and management of key risks allows for a clear understanding of the actions required throughout the organisation in order to achieve the Group’s objectives.

The Risk and Compliance Management Department:

  • Provides guidelines, standards and best-practice examples of risk and compliance management at the corporate and business unit levels
  • Responsible for the risk and compliance management systems
  • Maintains the Group’s risk register
  • Organises and promotes risk and compliance workshops
  • Supervises the operations’ risk management
  • Reviews the effectiveness of mitigating actions
  • Supports internal stakeholders in key strategic decisions
  • Ensures there are policies, guidelines and procedures in place to support the effectiveness of the Group’s internal controls

Areas of focus and development during 2018

An independent review of the Group’s risk management maturity level was concluded in 2018 and showed significant progress since the last review in 2012. Its focus was to strengthen the risk management system by further embedding risk management in the Group’s culture and improving the overall maturity level. The main activities were as follows:

  • The Board reviewed, defined and approved the Group’s risk appetite for all key risks and updated the risk management policy
  • Risk methodology was reviewed, strengthened and aligned with the risk appetite
  • A risk assessment was carried out at all of the Group’s operating companies, projects, exploration activities and support areas. Risks that represented a threat to the Group’s strategic goals were identified as “key” and presented to the Audit and Risk Committee and the Board for their review
  • Critical controls and key risk indicator dashboards were defined for each key risk and action plans to keep the exposure within the acceptable limits were prepared
  • Timely and comprehensive risk analysis was embedded into each relevant decision-making process, including for all matters presented to the Board for approval
  • Risks status and the applicability and efficacy of critical on-site controls were included in the performance reviews of the members of the Executive Committee and Risk and Compliance team