Opportunities and risks

Oversight, responsibility and governance

The Board is responsible for overseeing the entire risk-management process. The Board delegates this authority to the Audit and Risk Committee to implement and ensure compliance with appropriate risk-management protocols and processes.

In terms of its Risk-Management Policy, Sibanye strives to manage risk effectively to protect the Group’s assets, stakeholders, environment and reputation to ensure achievement of the business objectives.

The Board believes that Sibanye’s risk-management policies, practices and management systems are sound, and are well-established and entrenched at the operations. The Group has implemented an Enterprise Risk Management guideline, which is aligned with the ISO 31000 international risk-management standard and the governance principles enshrined in King III.

Objectives:

to identify, assess and manage risks in an effective and efficient manner;
to make decisions based on a comprehensive review of the reward to risk balance;
to provide greater certainty on the delivery of objectives; and
to fulfil corporate governance requirements.

Underpinning these objectives, the Group has implemented the following actions:

introduction of a comprehensive and systematic risk-assessment and reporting process across the organisation;
creation of an environment where risks are controlled and mitigated within the accepted and approved Sibanye risk-tolerance levels accepted and approved by Sibanye;
integration of the outputs of specialist risk functions to provide an informed view of the risks associated with the business activities;
raising awareness of risks and outcomes in business processes, and the potential impact on stakeholders;
fostering a culture of continuous improvement in risk management through audit and review processes; and
creation of an appropriate risk-financing programme based on the risk profiles developed in the assessment process.

Process and systems

Risk registers, maintained at operational and corporate level, are reviewed twice a year by the Audit and Risk Committee. In addition, the operations have a formal quarterly risk-review process, which follows a formalised responsibility structure and includes support services, engineering, health and safety and environmental staff – where the risk registers are discussed and updated. Should any additional risks be identified, plans to address them are implemented. At the operations, risk assessment is a daily activity and work areas are assessed daily in terms of their compliance with the requirements.

At operational level, the risk owner is someone who is represented on Exco. The responsibility of mitigating risks is given to representatives in relevant departments. The emphasis lies on the business taking ownership of risk.

The Internal Audit Department is responsible for conducting annual audits on mitigation actions, and reports four times annually to the Audit and Risk Committee.

RISK-MANAGEMENT REVIEW PROCESS AND REPORTING STRUCTURE

KEY OBJECTIVES OF THE COMBINED ASSURANCE APPROACH

Optimising assurance coverage: Co-ordinating the efforts of management, internal and external assurance providers
Systematic assessment of key risks associated with strategic objectives: Extent to which risks have been fully identified and responded to based on organisational objectives
Support the Audit and Risk Committee in assessing the effectiveness of internal financial controls: Assurance to the Board in making its statements on internal control in the Integrated Report
Provide context of the impact of inadequate and ineffective controls: Quantitative and qualitative impact of control breakdown on the overall control environment and areas for improvement

COMBINED ASSURANCE

The combined assurance process is embedded within the Sibanye operations. The approach is based on the application of three levels of assurance on all our significant risks:

Level 1: Management self-assurance
Level 2: Internal unbiased-person assurance
Level 3: Independent assurance

Sibanye uses the Three Lines of Defence Model:

Level 1: Management self-assurance	Line management function	Primarily responsible for risk management. The process of assessing, evaluating and measuring risk is ongoing and is integrated into the day-to-day activities of the business. This process includes implementing the risk-management framework, identifying issues and taking remedial action where required. Business-unit management is also responsible for reporting to the governance bodies within the group.
Level 2: Internal unbiased-person assurance	“Oversight” management functions appropriately independent of line management function	Assurance provided by employees within the company who are employed in “oversight” positions in central services and corporate departments.
Level 3: Independent assurance	Internal audit function, external auditors or independent external parties	It provides an independent assessment of the adequacy and effectiveness of the overall risk-management systems.

PRIMARY RISKS AND MANAGEMENT SYSTEMS IN PLACE

1.	Labour and wage negotiations	Emergency preparedness and procedures Legal compliance Strike action plan Strike action risk assessment Union and stakeholder engagement process
2.	Financial risk resulting from failure to deliver on operational and financial business plans	BSC and performance review process Daily monitoring and managing of results Robust operational plans Increase geological supervision Monthly reviews Stakeholder engagement (Eskom management)
3.	Workplace safety and health: dust exposure and litigation	Full compliance safety management Mandatory COP – airborne pollutants Mandatory COP – noise Medical surveillance and risk-based medical evaluation Mine standards and procedures Review research outcomes (SIMRAC) Ventilation distribution control
4.	Financial risk due to reduced investor confidence	SGL operations growth strategy SGL strategic and operations planning SGL sustainable development framework and strategies Debt policy Dividend policy
5.	Non-delivery of the MPRDA, the Mining Charter and SLPs	Mining Charter Social and labour plans 3rd Party DMR audits
6.	Gold price and exchange-rate volatility causing financial risk	Monthly performance reviews Operational planning process Productivity management Strategic planning process
7.	Political risk	Business and strategic planning process Good corporate governance Investor relations and community strategy Membership of industry associations interaction Stakeholder engagement
8.	Financial risk as a result of rising mining input costs	Cost management and control systems Ore reserves management Procurement strategies Productivity management Proper planning and sequencing Realistic plans and creating realistic market expectations Understanding fixed/variable cost relationship Business restructuring though Organisational Effectiveness department
9.	Competition for skills	Competitive remuneration Continuous review of remuneration Balance score card and individual development plan Mentorship and coaching programmes Salary surveys and benchmarking Retention measures-incentive schemes
10.	Safety and health risk largely due to mine accidents and seismicity related incidents	Behaviour based safety initiatives Health and safety agreements with labour Health and safety strategy Integrated Visible Felt Leadership (VFL) Mandatory Codes of Practice issued by DMR Mine Codes of Practice for rock fall and rock bursts Mine Codes of Practice (COP) and standard operating procedures Safe production rules
11.	Operational risk posed by power constraints and cost increases	Communication with Eskom Emergency preparedness Power control and measurement Standards and procedures

MITIGATION STRATEGIES FOR TOP RISKS

1.	Labour and wage negotiations	Information gathering and contingency planning for safety and security of employees and protection of company assets Contingency strike plan Improved communications with workforce Update risk assessment and emergency procedure for 2014
2.	Financial risk resulting from failure to deliver on operational and financial business plans	Eskom quality-of-supply contract in place Improve rates of development Power-saving initiatives
3.	Workplace safety and health: dust exposure and litigation	Awareness-training programmes Monitoring of progress and feedback through Safety Health & Sustainable Development Committee policy Preparation for possible legal action Roll-out of noise- and dust-management strategy
4.	Financial risk due to reduced investor confidence	Develop a strategy to enhance the Sibanye brand and market Sibanye within the community Implement new operating model – cash generation and investor payback Improved engagement with government and other external stakeholders Introduce a tool to measure the impact of interventions Manage debt Manage media relations proactively
5.	Non-delivery of the MPRDA, the Mining Charter and SLPs	Community and labour-sending areas strategy Development of a transformation strategy Establishment of Community Development Steering Committee Submission and implementation of SLPs
6.	Gold price and exchange-rate volatility causing financial risk	Continuous business re-engineering High-grade mining and low-gold price scenario Implement operating strategy Section 189 of the Labour Relations Act, 1995 (Act No 66 of 1995) process for structural alignment
7.	Political risk	Ongoing high-level stakeholder engagement Representative seating on industry bodies (influence)
8.	Financial risk as a result of rising mining input costs	Cost reductions identified on an ongoing basis Energy-conservation strategy and initiatives
9.	Competition for skills	Development of training facilities Remuneration and rewards
10.	Safety and health risk largely due to mine accidents and seismicity related incidents	Characterising the time distribution of seismicity to minimise exposure Engineering out the risk initiatives Expedite Mining Industry Occupational Safety and Health (MOSH) training Integrated focus on Safety and Health strategy
11.	Operational risk posed by power constraints and cost increases	Initiatives to achieve target of 10% reduction in electricity consumption over three years Focus on power-savings initiatives Quality-of-supply contract in place Reduce use of compressed air and water at all operations

Opportunities and risks

Oversight, responsibility and governance

Objectives:

Process and systems

RISK-MANAGEMENT REVIEW PROCESS AND REPORTING STRUCTURE

KEY OBJECTIVES OF THE COMBINED ASSURANCE APPROACH

COMBINED ASSURANCE

Level 1: Management self-assurance

Level 2: Internal unbiased-person assurance

Level 3: Independent assurance

PRIMARY RISKS AND MANAGEMENT SYSTEMS IN PLACE

1.

Labour and wage negotiations

2.

Financial risk resulting from failure to deliver on operational and financial business plans

3.

Workplace safety and health: dust exposure and litigation

4.

Financial risk due to reduced investor confidence

5.

Non-delivery of the MPRDA, the Mining Charter and SLPs

6.

Gold price and exchange-rate volatility causing financial risk

7.

Political risk

8.

Financial risk as a result of rising mining input costs

9.

Competition for skills

10.

Safety and health risk largely due to mine accidents and seismicity related incidents

11.

Operational risk posed by power constraints and cost increases