Effective risk management is an essential part of our culture and strategy. The accurate and timely identification, assessment and management of key risks give us a clear understanding of the actions required to achieve our objectives.
Key elements of integrated risk management
- We recognise that risks are inherent to our business
Only through adequate risk management can internal stakeholders be supported in making key decisions and implementing our strategy - Exposure to risks must be consistent with our risk appetite
The Board defines and regularly reviews the acceptable level of exposure to emerging and principal risks. Risks are aligned with our risk appetite, taking into consideration the balance between threats and opportunities - We are all responsible for managing risks
Each business activity carries out risk evaluations to ensure the sound identification, management, monitoring and reporting of risks that could impact the achievement of our goals - Risk is analysed using a consistent framework
Our risk management methodology is applied to all our operating companies, projects, exploration activities and support areas so that we have a comprehensive view of the uncertainties that could affect the achievement of our strategic goals. The framework is based on ISO 31000 and COSO ERM.1 - We are committed to continuous improvement
Lessons learned and best practices are incorporated into our procedures to protect and unlock value sustainably
Risk management
We have maintained our commitment to review and update our principal risks according to our risk methodology. The following represent a number of the actions that our Risk and Compliance Management Department undertook during 2023:
- Defined the methodology for identifying and updating our emerging risks, which will assist with the continuous monitoring process.
- Continuation of on-site risk reviews of selected risk areas whilst accompanied by senior management, increasing the Company’s risk maturity level.
- Co-coordinated Contingency Committees in line with our risk management process.
- Updated the Company’s risk appetite statement, including the sections relating to Environmental Management, Corruption and Political, Legal and Regulatory. The updated statement was approved by the Board in November, with the level of risk appetite for all risk areas remaining unchanged.
- Reported monthly to both the Company’s Executive Committee and individual risk owners, in order to identify and manage any deviation from expected performance.
- Updated the Business Continuity Plan for each operating company, with considerations made for any new challenges encountered during 2023, and ensuring the incorporation of the lessons learned.
- Continued monitoring of controls identified during the assessment of the impact of the conflict in Ukraine, with additional monitoring of the conflict in the Middle East.
- Participated in the review of the FQAR (Functional Quality Assurance Review) project.
- Continued training of risk owners and main users.
- Updated and monitored critical controls and action plans.
- Prepared new action plans to maintain risk exposure within acceptable limits.
- Embedded timely and comprehensive risk analysis into each relevant decision-making process.
- Shared best practices across our operating companies.
Compliance and internal controls
How we achieve our objectives is crucial to the sustainable long-term development of the Company. We have zero tolerance for bribery and corruption, and are committed to working with integrity and transparency. We comply with all applicable anti-corruption and antibribery legislation, and ensure that necessary controls are in place to prevent any unethical behaviour.
Code of Ethics
This sets out our commitment to conducting business in a responsible and sustainable manner. The Code requires honesty, integrity and accountability from all employees and contractors, and includes guidelines for identifying and managing potential conflicts of interest. It is at the core of our Compliance Model and supports the implementation of all related activities.
For more information, please read the Code of Ethics (PDF)
Compliance model
The Compliance Model applies to both our employees and our contractors. It is clearly defined and is communicated regularly through internal channels as well as being available on our website. All contracts include clauses relating to ethics, modern slavery and crime prevention to ensure contractors’ adherence to our Compliance Model.
We actively promote open communication with all our employees, contractors and local communities. This helps ensure that our corporate and value creation objectives are achieved in an ethical and honest way.
Crime Prevention
For more information, please read the Crime Prevention Manual (PDF)
1. The Committee of Sponsoring Organizations of the Treadway Commission Enterprise Risk Management framework