Risk Management
Petra is exposed to a number of risks and uncertainties which could have a material impact on its performance and long-term viability. The effective identification, evaluation, management and mitigation of these risks and uncertainties is a core focus of management and the Board, as this is key to the Company’s strategy and objectives being achieved.
Identifying and managing risks
The Board, with assistance from the Audit and Risk Committee, is responsible for reviewing and overseeing the effectiveness of Petra’s system of internal control and risk management processes, with our Board Committees providing an additional level of review and oversight. The Risk, Assurance and Compliance function reviews, analyses and reports on risk on a continuous basis, including monitoring any emerging risks, and consolidates key risks and reports on these on a quarterly basis to Exco, which is responsible for risk management processes and systems, and drives a culture of individual risk owner and employee accountability in implementing these.
Internal Audit provides assurance with regards to the effective functioning of the internal control systems.
Risk Governance – Five lines of defense model
5th LineBoard and sub-committees
Perform oversight and set tone
- Approves Enterprise Risk Management (ERM) Framework
- Establishes risk appetite/tolerance and strategy
- Leverages risk information into decision making
- Evaluates the strategy and business’ performance on a risk-adjusted basis
4th LineExternal assurers
For example:
- Regulatory audits (DMRE)
- ISO certificaction audits
- Technical audits (mineral resources and reserves)
3rd LineInternal audit (test and verify)
Planning and execution informed by ERM; aims to identify control weaknesses
2nd LineRegulatory/Legal compliance & Enterprise Risk Management (ERM)
Regulatory/Legal compliance
- Monitors compliance with regulations
- Informed by ERM
- Risk-based compliance testing
Enterprise Risk Management (ERM)
- Designs Group’s ERM framework
- Monitors compliance with framework and reports on aggregated risks
1st LineBusiness units
- Management: identifies, owns, mitigates and reports on risks for ERM
5th Line
Board and sub-committees
Perform oversight and set tone
- Approves Enterprise Risk Management (ERM) Framework
- Establishes risk appetite/tolerance and strategy
- Leverages risk information into decision making
- Evaluates the strategy and business’ performance on a risk-adjusted basis
4th Line
External assurers
For example:
- Regulatory audits (DMRE)
- ISO certificaction audits
- Technical audits (mineral resources and reserves)
3rd Line
Internal audit (test and verify)
Planning and execution informed by ERM; aims to identify control weaknesses
2nd Line
Regulatory/Legal compliance & Enterprise Risk Management (ERM)
Regulatory/Legal compliance
Monitors compliance with regulations
- Informed by ERM
- Risk-based compliance testing
Enterprise Risk Management (ERM)
- Designs Group’s ERM framework
- Monitors compliance with framework and reports on aggregated risks
1st Line
Business units
- Management: identifies, owns, mitigates and reports on risks for ERM
Principal Risks and uncertainties
For a more detailed description of Petra’s principal risks in the last financial year, including an outline of (i) the description and the impact of each principal risk, (ii) the mitigating actions taken and (iii) how such risks have developed and been managed in the preceding financial year, please follow the links below: