Opportunities and risks

Oversight, responsibility and governance

The Board is responsible for overseeing the entire risk-management process. The Board delegates this authority to the Audit and Risk Committee to implement and ensure compliance with appropriate risk-management protocols and processes.

In terms of its Risk-Management Policy, Sibanye strives to manage risk effectively to protect the Group’s assets, stakeholders, environment and reputation to ensure achievement of the business objectives.

The Board believes that Sibanye’s risk-management policies, practices and management systems are sound, and are well-established and entrenched at the operations. The Group has implemented an Enterprise Risk Management guideline, which is aligned with the ISO 31000 international risk-management standard and the governance principles enshrined in King III.

Objectives:

  • to identify, assess and manage risks in an effective and efficient manner;
  • to make decisions based on a comprehensive review of the reward to risk balance;
  • to provide greater certainty on the delivery of objectives; and
  • to fulfil corporate governance requirements.

Underpinning these objectives, the Group has implemented the following actions:

  • introduction of a comprehensive and systematic risk-assessment and reporting process across the organisation;
  • creation of an environment where risks are controlled and mitigated within the accepted and approved Sibanye risk-tolerance levels accepted and approved by Sibanye;
  • integration of the outputs of specialist risk functions to provide an informed view of the risks associated with the business activities;
  • raising awareness of risks and outcomes in business processes, and the potential impact on stakeholders;
  • fostering a culture of continuous improvement in risk management through audit and review processes; and
  • creation of an appropriate risk-financing programme based on the risk profiles developed in the assessment process.

Process and systems

Risk registers, maintained at operational and corporate level, are reviewed twice a year by the Audit and Risk Committee. In addition, the operations have a formal quarterly risk-review process, which follows a formalised responsibility structure and includes support services, engineering, health and safety and environmental staff – where the risk registers are discussed and updated. Should any additional risks be identified, plans to address them are implemented. At the operations, risk assessment is a daily activity and work areas are assessed daily in terms of their compliance with the requirements.

At operational level, the risk owner is someone who is represented on Exco. The responsibility of mitigating risks is given to representatives in relevant departments. The emphasis lies on the business taking ownership of risk.

The Internal Audit Department is responsible for conducting annual audits on mitigation actions, and reports four times annually to the Audit and Risk Committee.

RISK-MANAGEMENT REVIEW PROCESS AND REPORTING STRUCTURE

Risk-management review process and reporting structure [graph]

KEY OBJECTIVES OF THE COMBINED ASSURANCE APPROACH

Optimising assurance coverage
Co-ordinating the efforts of management, internal and external assurance providers
Systematic assessment of key risks associated with strategic objectives
Extent to which risks have been fully identified and responded to based on organisational objectives
Support the Audit and Risk Committee in assessing the effectiveness of internal financial controls
Assurance to the Board in making its statements on internal control in the Integrated Report
Provide context of the impact of inadequate and ineffective controls
Quantitative and qualitative impact of control breakdown on the overall control environment and areas for improvement

COMBINED ASSURANCE

The combined assurance process is embedded within the Sibanye operations. The approach is based on the application of three levels of assurance on all our significant risks:

  • Level 1: Management self-assurance
  • Level 2: Internal unbiased-person assurance
  • Level 3: Independent assurance

Sibanye uses the Three Lines of Defence Model:

Level 1: Management self-assurance

Line management function Primarily responsible for risk management. The process of assessing, evaluating and measuring risk is ongoing and is integrated into the day-to-day activities of the business. This process includes implementing the risk-management framework, identifying issues and taking remedial action where required. Business-unit management is also responsible for reporting to the governance bodies within the group.

Level 2: Internal unbiased-person assurance

“Oversight” management functions appropriately independent of line management function Assurance provided by employees within the company who are employed in “oversight” positions in central services and corporate departments.

Level 3: Independent assurance

Internal audit function, external auditors or independent external parties It provides an independent assessment of the adequacy and effectiveness of the overall risk-management systems.
Risk heat map (November 2013) [graph]

PRIMARY RISKS AND MANAGEMENT SYSTEMS IN PLACE

1.

Labour and wage negotiations

  • Emergency preparedness and procedures
  • Legal compliance
  • Strike action plan
  • Strike action risk assessment
  • Union and stakeholder engagement process

2.

Financial risk resulting from failure to deliver on operational and financial business plans

  • BSC and performance review process
  • Daily monitoring and managing of results
  • Robust operational plans
  • Increase geological supervision
  • Monthly reviews
  • Stakeholder engagement (Eskom management)

3.

Workplace safety and health: dust exposure and litigation

  • Full compliance safety management
  • Mandatory COP – airborne pollutants
  • Mandatory COP – noise
  • Medical surveillance and risk-based medical evaluation
  • Mine standards and procedures
  • Review research outcomes (SIMRAC)
  • Ventilation distribution control

4.

Financial risk due to reduced investor confidence

  • SGL operations growth strategy
  • SGL strategic and operations planning
  • SGL sustainable development framework and strategies
  • Debt policy
  • Dividend policy

5.

 

Non-delivery of the MPRDA, the Mining Charter and SLPs

  • Mining Charter
  • Social and labour plans
  • 3rd Party DMR audits

6.

Gold price and exchange-rate volatility causing financial risk

  • Monthly performance reviews
  • Operational planning process
  • Productivity management
  • Strategic planning process

7.

Political risk

  • Business and strategic planning process
  • Good corporate governance
  • Investor relations and community strategy
  • Membership of industry associations interaction
  • Stakeholder engagement

8.

Financial risk as a result of rising mining input costs

  • Cost management and control systems
  • Ore reserves management
  • Procurement strategies
  • Productivity management
  • Proper planning and sequencing
  • Realistic plans and creating realistic market expectations
  • Understanding fixed/variable cost relationship
  • Business restructuring though Organisational Effectiveness department

9.

Competition for skills

  • Competitive remuneration
  • Continuous review of remuneration
  • Balance score card and individual development
  • plan
  • Mentorship and coaching programmes
  • Salary surveys and benchmarking
  • Retention measures-incentive schemes

10.

Safety and health risk largely due to mine accidents and seismicity related incidents

  • Behaviour based safety initiatives
  • Health and safety agreements with labour
  • Health and safety strategy
  • Integrated Visible Felt Leadership (VFL)
  • Mandatory Codes of Practice issued by DMR
  • Mine Codes of Practice for rock fall and rock bursts
  • Mine Codes of Practice (COP) and standard operating procedures
  • Safe production rules

11.

Operational risk posed by power constraints and cost increases

  • Communication with Eskom
  • Emergency preparedness
  • Power control and measurement
  • Standards and procedures

MITIGATION STRATEGIES FOR TOP RISKS

1.

Labour and wage negotiations

  • Information gathering and contingency planning for safety and security of employees and protection of company assets
  • Contingency strike plan
  • Improved communications with workforce
  • Update risk assessment and emergency procedure for 2014

2.

Financial risk resulting from failure to deliver on operational and financial business plans

  • Eskom quality-of-supply contract in place
  • Improve rates of development
  • Power-saving initiatives

3.

Workplace safety and health: dust exposure and litigation

  • Awareness-training programmes
  • Monitoring of progress and feedback through Safety Health & Sustainable Development Committee policy
  • Preparation for possible legal action
  • Roll-out of noise- and dust-management strategy

4.

Financial risk due to reduced investor confidence

  • Develop a strategy to enhance the Sibanye brand and market Sibanye within the community
  • Implement new operating model – cash generation and investor payback
  • Improved engagement with government and other external stakeholders
  • Introduce a tool to measure the impact of interventions
  • Manage debt
  • Manage media relations proactively

5.

 

Non-delivery of the MPRDA, the Mining Charter and SLPs

  • Community and labour-sending areas strategy
  • Development of a transformation strategy
  • Establishment of Community Development Steering Committee
  • Submission and implementation of SLPs

6.

Gold price and exchange-rate volatility causing financial risk

  • Continuous business re-engineering
  • High-grade mining and low-gold price scenario
  • Implement operating strategy
  • Section 189 of the Labour Relations Act, 1995 (Act No 66 of 1995) process for structural alignment

7.

Political risk

  • Ongoing high-level stakeholder engagement
  • Representative seating on industry bodies (influence)

8.

Financial risk as a result of rising mining input costs

  • Cost reductions identified on an ongoing basis
  • Energy-conservation strategy and initiatives

9.

Competition for skills

  • Development of training facilities
  • Remuneration and rewards

10.

Safety and health risk largely due to mine accidents and seismicity related incidents

  • Characterising the time distribution of seismicity to minimise exposure
  • Engineering out the risk initiatives
  • Expedite Mining Industry Occupational Safety and Health (MOSH) training
  • Integrated focus on Safety and Health strategy

11.

Operational risk posed by power constraints and cost increases

  • Initiatives to achieve target of 10% reduction in electricity consumption over three years
  • Focus on power-savings initiatives
  • Quality-of-supply contract in place
  • Reduce use of compressed air and water at all operations