Enterprise Risk Management

The Company adopts a risk philosophy aimed at enhancing shareholder value by sustaining competitive advantage, managing risks, and enabling the Company to pursue strategic growth opportunities with greater speed, skills and confidence over its competitors.

To put the philosophy into action, the Board, through its Board Risk Oversight Committee, implemented an Enterprise isk Management (ERM) system that ensures that all business risks are identified, measured and managed effectively and continuously within a structured and proactive framework. The Company’s ERM is based on the Committee of Sponsoring Organizations of the Treadway Commission-ERM framework. Values and standards of business conduct and ethics are important elements of the internal environment for risk management.

Risk Management Framework

The risk management processes facilitate alignment of the Company’s strategy and annual operating plan with the management of key risks. Risk assessment and mitigation strategy is an integral part of the Company’s annual business planning and budgeting process. The Company has in place a formal program of risk and control self-assessment whereby line personnel are involved in the ongoing assessment and improvement of risk management and controls. All department and section heads of the Company are actively involved in the setting of objectives and the identification of related risks that could prevent the Company from achieving its objectives. Employees are informed of the identified risks and are enjoined to make it their business to actively participate in implementing measures that will mitigate the risks.

Risk Management Structure

The Board, through its Board Risk Oversight Committee, has the responsibility for overseeing risk management within the Company. Assisting the Board is the Chief Risk Officer (CRO) of the Company, who in turn, is supported by the Risk Management Committee. The Risk Management Committee is responsible for ensuring that all significant risks are managed properly. The Company CRO reports to the Board Risk Oversight Committee the significant risks and related risk strategies, and the status of the risk management initiatives on a regular basis. In addition to the risk management teams, a cross-functional group of personnel with technical, financial, and legal expertise reviews the Company’s compliance with mining laws and regulations. The Internal Auditor reports to the Audit Committee the results of the review of the effectiveness of the risk management strategies and action plans adopted by management.