Professional Documents
Culture Documents
Policy - Risk Management
Policy - Risk Management
Formulating risk management strategies to manage identified risks and the design and
implementation of appropriate risk management policies and internal controls.
Monitoring performance of and continuously improving the effectiveness of risk
management systems and internal compliance and controls including an ongoing
assessment of their effectiveness.
The approving, implementing and reviewing of the Company’s overall risk management,
internal controls and systems.
The comprehensive system of budgeting, forecasting and reporting to the Board.
Approval procedures for significant capital expenditure above threshold levels.
Regular reviews of all areas of significant financial risk and all significant transactions not
part of the Company’s normal business activities.
Regular reporting to the Board by management on the management of risk.
Comprehensive written policies in relation to corporate governance issues and business
activities.
Regular communication and review processes between the Board and management.
______________________
Peter Swiridiuk
Managing Director
2
Coppermoly Ltd Risk Management Policy
COPPERMOLY LTD
3
Coppermoly Ltd Risk Management Policy
7.0 CONTEXT
The Risk Management Committee’s deliberations must be made within the context of the industry and
jurisdictions in which the Company operates. The context is broadly defined in Annexure C.
4
Coppermoly Ltd Risk Management Policy
MARKET RISKS
Market risk is the risk to earnings from changes in market factors such as interest and foreign exchange
rates, commodity prices, or liquidity and funding profiles. A change in the market can impact the price at
which the Company's shares may trade.
GROWTH RISKS
Growth of the Company will require preparedness for the deployment of management systems relating to
financial monitoring and controls, human resources, corporate compliance, marketing, technical and
changes in the competitive landscape. The Company recognises the need to employ qualified people to
fill roles within the organisation and believe that such individuals can be attracted to the Company,
although in the initial phase of the Company's operation, its size may be a limiting factor in being able to
attract suitable candidates.
ENVIRONMENTAL RISK
The exploration operations and proposed activities of Coppermoly are environmentally sensitive and
cannot be carried out without prior approval from and compliance with all requirements of the relevant
environmental authorities. Coppermoly intends to conduct all its activities in a manner that is
environmentally responsible and in accordance with all relevant laws. The Board is not aware of any
significant breaches of environmental requirements to date.
LEGISLATIVE RISK
Changes in Government regulations and policies may adversely affect Coppermoly from carrying out
some of its existing and proposed activities.
FINANCIAL RISK
The MD and CFO are required to declare in writing to the Board on an annual basis that the financial
reporting, risk management framework and associated compliance and controls have been assessed and
found to be operating effectively and efficiently. The operational and other risk management compliance
and controls have also been assessed and found to be operating effectively and efficiently.
To ensure reporting accuracy and compliance with the financial reporting regulatory framework there is a
budgeting system with an annual budget approved by the Board. Actual results are reported along with
cash flow estimates on a regular basis. Half-yearly and annual statutory accounts are reviewed and
audited respectively by the Company's Auditors and reported to the ASX.
Six monthly financial and operational reports are provided to the Investment and Promotion Authority of
PNG.
All business transactions of a material nature are properly authorised and executed.
COMPETITIVE RISK
Coppermoly is subject to normal competition risks from other parties who are presently in, or in the future
will enter, the mineral exploration sector in which Coppermoly currently operates. There is also the
potential for increased competition in this market sector. If this was to occur, it may have a material
adverse effect on the operating and financial performance of Coppermoly.
6
Coppermoly Ltd Risk Management Policy
Consequence
Minor 2 Minor financial losses Delays to exploration Serious injury Concerns from
$10K - $300K <5% reduction of performance OH&S report stakeholders
Loss of operational availability
Environmentally sensitive situation
immediately contained
Moderate 3 Moderate financial losses Major disruption to exploration Multiple serious Intra-industry
$300K - $500K Regular disruption to operations injuries knowledge
High loss of commercial requirements
Environmentally sensitive situation
contained with outside assistance
Major 4 Major financial losses Major loss to exploration activities Single fatality Adverse local
$500K - $5M Major delays to operations media coverage
Environmentally sensitive situation
contained with outside assistance. No
sustained detrimental effects
Catastrophic 5 Extreme Financial losses Major loss to exploration activities Multiple fatalities Adverse national &
>$5M No recovery prospects international
Environmentally sensitive situation.
media coverage
Significant detrimental effects
7
Coppermoly Ltd Risk Management Policy
Risk Rating
Likelihood
Almost certain
Likely high
Possible medium
Unlikley low
rare
insigificant minor moderate major catastrophic
Consequence
Risk Mitigation
AVOIDANCE
Not proceed with task, project activity or decision that is likely to generate the risk
ACCEPTANCE
Accept the risk in the context of the risk appetite and management systems to establish as low as
reasonably practicable frameworks for moving forward
Establish capital finance plans, management systems and action plans
Active reporting and related triggers for action by the board
REDUCE CONSEQUENCES
Transfer all or part of the risk to a second or third party through insurances, contractual
arrangements (JV’s) or organisational structures
Develop new systems of work, processes and controls (the risk may still remain with the directors
and the board)
RETAIN
Accept the risk in context of the risk appetite and management systems to establish as low as
reasonably practical frameworks for moving forward.
Establish a capital and finance plan, management systems and action plans
Active reporting and related triggers for action by the board
8
Coppermoly Ltd Risk Management Policy
Annexure C: Context
External Context
Coppermoly operates in the mineral exploration industry within Papua New Guinea (PNG) and also has
involvement in Queensland, Australia by the way of the provision of management services.
Stakeholders are global including a concentration of shareholders in Australia and Canada. The
commercial and community stakeholders are primarily in Canada and Australia. The governments of PNG
and Australia have an interest in the company’s operation in regards to taxation, licensing and regulatory
compliance.
Financially the Company is closely linked to the world demand and prices of precious and base metals,
which drive cyclical investor interest in the resources sector.
Internal Context
The company operates through a public company listed on the Australian Stock Exchange and via Papua
New Guinea subsidiaries approved by the Investment and Promotion Authority of PNG. The Parent
company and its subsidiaries are comprised of employees and offices in Australia and PNG.
Internal stakeholders include consultants and employees many of whom have an equity interest through
direct share ownership and/or option entitlements.
9
Coppermoly Ltd Risk Management Policy
Annexure D: Definitions
For the purpose of this document, the definitions below (taken from AS 4360:2004) apply.
Consequence
Outcome or impact of an event (1.1.3)
NOTE 1: There can be more than one consequence from one event.
NOTE 2: Consequences can range from positive to negative.
NOTE 3: Consequences can be expressed qualitatively or quantitatively.
NOTE 4: Consequences are considered in relation to the achievement of objectives.
Control
An existing process, policy, device, practice or other action that acts to minimise negative risk or
enhance positive opportunities.
NOTE: The work ‘control’ may also be applied to a process designed to provide reasonable
assurance regarding the achievement of objectives.
Event
Occurrence of a particular set of circumstances.
NOTE 1: The event can be certain or uncertain.
NOTE 2: The event can be a single occurrence or a series of occurrences.
(ISO/IEC Guide 73, in part)
Likelihood
Used as a general description of probability or frequency.
NOTE: Can be expressed qualitatively or quantitatively.
Loss
Any negative consequence (1.1.1) or adverse effect, financial or otherwise.
Monitor
To check, supervise, observe critically or measure the progress of an activity, action or system on a
regular basis in order to identify change from the performance level required or expected.
Risk
The chance of something happening that will have an impact on objectives.
NOTE 1: A risk is often specified in terms of an event or circumstance and the consequences that
may flow from it.
NOTE 2: Risk is measured in terms of a combination of the consequences of an event (10.3) and
their likelihood (10.4).
NOTE 3: Risk may have a positive or negative impact.
NOTE 4: See ISO/IEC Guide 51, for issues related to safety.
Risk Analysis
Systematic process to understand the nature of and to deduce the level of risk.
NOTE 1: Provides the basis for risk evaluation and decisions about risk treatment.
NOTE 2: See ISO/IEC Guide 51 for risk analysis in the context of safety.
Risk Appetite
The amount of risk a director or Board will accept in meeting its goals.
10
Coppermoly Ltd Risk Management Policy
Risk Assessment
The overall process of risk identification (10.14), risk analysis (10.8) and risk evaluation (10.13).
Risk Avoidance
A decision not to become involved in, or to withdraw from, a risk (10.7) situation.
Risk Criteria
Terms of reference by which the significance of risk (10.7) is assessed.
NOTE: Risk criteria can include associated costs and benefits, legal and statutory requirements,
socioeconomic and environmental aspects, the concerns of stakeholders (10.22), priorities and other
inputs to the assessment.
Risk Evaluation
Process of comparing the level of risk (10.7) against risk criteria (10.12).
NOTE 1: Risk evaluation assists in decisions about risk treatment.
NOTE 2: See ISO/IEC Guide 51 for risk evaluation in the context of safety.
Risk Identification
The process of determining what, where, when, why and how something could happen.
Risk Management
The culture, processes and structures that are directed towards realizing potential opportunities whilst
managing adverse effects.
Risk Management Process
The systematic application of management policies, procedures and practices to the tasks of
communicating, establishing the context, identifying, analysing, evaluating, treating, monitoring and
reviewing risk (10.7).
Risk Management Framework
Set if elements of an organisation’s management system concerned with managing risk (10.7).
NOTE 1: Management system elements can include strategic planning, decision making, and other
strategies, processes and practices for dealing with risk.
NOTE 2: The culture of an organisation is reflected in its risk management system.
Risk Reduction
Actions taken to lessen the likelihood (10.4), negative consequences (10.1) or both associated with
a risk (10.7).
Risk Retention
Acceptance of the burden of loss, or benefit of gain, from a particular risk (10.7).
NOTE 1: Risk retention includes the acceptance of risks that have not been identified.
NOTE 2: The level of risk retained may depend on risk criteria (10.12).
(ISO/IEC Guide 73, in part)
Risk Sharing
Sharing with another party the burden of loss, or benefit of gain from a particular risk (10.7).
NOTE 1: Legal or statutory requirements can limit, prohibit or mandate the sharing of some risks.
NOTE 2: Risk sharing can be carried out through insurance or other agreements.
NOTE 3: Risk sharing can create new risks or modify an existing risk.
11
Coppermoly Ltd Risk Management Policy
Risk Treatment
Process of selection and implementation of measures to modify risk (10.7).
NOTE 1: The term ‘risk treatment’ is sometimes used for the measures themselves.
NOTE 2: Risk treatment measures can include avoiding, modifying, sharing or retaining risk.
(ISO/IEC Guide 73, in part)
Stakeholders
Those people and organisations who may affect, be affected by, or perceive themselves to be
affected by a decision, activity or risk.
NOTE: The term ‘stakeholders’ may also include ‘interested parties’ as defined in AS/NZS ISO 14050
and AS/NZS ISO 14004.
(Based on ISO/IEC Guide 73).
In order to deal with identified risks there is a need to estimate the significance of a risk, assess the
likelihood and frequency of a risk occurring and consider how the risk should be managed. It is arbitrary,
but this has been quantified by probability of occurrence in set timeframes.
12