Company Directory | Directors | Corporate Governance | Shareholder Information | Notice of General Meetings 

CORPORATE

Corporate Governance

Risk Management Policy

1. OVERVIEW

1.1 The Board of Medusa Mining Limited (the "Company" or "Medusa") recognizes that 'risk oversight' is a core function of the Board that can complement its commitment in protecting and enhancing shareholder value.

1.2 This policy outlines the Board's desire to better manage risk, with the establishment of a control framework to assist in identifying, assessing, monitoring and managing risks, so as to safeguard the assets and interests of the Company as well as to ensure the integrity of reporting.

1.3 The Board is ultimately responsible for the business risks of the Company, however the day to day management of these risks will be handled by the Chief Executive Officer ("CEO") (operating within the framework of this policy), reporting directly to the Board on all matters associated with risk management.

2. DUTIES OF THE CEO

2.1 The duties of the CEO, in the risk management process, will be to:

(a) identify and prioritize risks arising from and to business strategies and activities;

(b) develop and advise the Board on the level of risk that is acceptable to Medusa, including the acceptance of risks designed to accomplish strategic plans;

(c) develop risk mitigation activities that when implemented will reduce or otherwise manage risk at levels that have been determined to be reasonable. Examples of which include, risk minimization procedures, cost effective insurance or other risk shifting activities;

(d) undertake the monitoring of business activities to periodically reassess risks and the effectiveness of controls to manage such risks; and

(e) supply to the Board, annual (or when appropriate) reports on the risk management process.

2.2 In fulfilling his duties of risk management, the CEO will have unrestricted access to company employees, contractors and records and may obtain independent expert advice on any matter it believes appropriate.

3. RISK PROFILE

3.1 A risk profile is a description of material business risks, relevant to Medusa and includes both financial and non-financial matters.

3.2 The Board recognize that Medusa's main business risks are determined by the nature of its business activities and assets and are aware that other factors (both external and internal) that could influence the risk profile of the Company.

(a) External factors which could influence the risk profile of the Company, include but are not necessarily limited to the following:

  • state or health of the industry sector;

  • competition;

  • market share (size);

  • industrial relations;

  • foreign exchange and interest rates;

  • equity and commodity prices;

  • political views; and

  • a nation's economic well being.

(b) Internal factors which could influence the risk profile of the Company, include but are not necessarily limited to the following:

  • operational performance;

  • compliance;

  • commercial dealings and relationship;

  • financial control;

  • technology;

  • information systems;

  • people and skills;

  • quality of management.

3.3 The Board expects the CEO to be aware of the various business risks that exist (as highlighted in clause 3.2 above) and in some instances co-exist, when identifying, assessing and monitoring risk management when conducting its business activities.

4. GUIDELINES FOR MINIMIZING RISKS

4.1 The Company strives to manage risk as best as it possibly can and has introduced the following guidelines to minimize operational risks, by ensuring that:

(a) all employees be made aware of their duties;

(b) the Company assign authority based on skill and experience;

(c) all agreements are recorded and documents safeguarded to substantiate dealings with external parties;

(d) the Company has in place insurance policies to minimize the risk of loss through accidents or other adverse incidents;

(e) the Board receives on a regular basis, reports of its operational activities;

(f) Medusa has in place health and safety practices for its employees to maintain an acceptable level of health and safety in its working environment;

(g) Medusa has established proper procedures to ensure that it complies with its 'continuous disclosure' obligations to the ASX and that any information released to the market is materially correct.

4.2 The Board is also aware that the Company has the potential to be exposed to financial loss as a result of fluctuations in market factors that are beyond the Company's control, for example prices and rates.
As market factors are dynamic in nature, all risk positions are continually monitored to ensure that the Company's activities are consistent with the approach and strategy approved by the Board.

In an attempt to minimize risk in areas of the Company's activities that are subject to external factors, beyond the control of the Company, the following guidelines have been initiated:

(a) receiving regular reports on the market relating to indexes, interest rates, foreign exchange, commodities, economic news;

(b) ensure that any new financial market products are subjected to detail risk analysis before a decision is made to investment in those products;

(c) ensure that a report is prepared for the Board outlining 'pros & cons' as to why the Company should invest in any listed companies;

(d) only trading in financial products that can be managed and monitored effectively 'in-house';

(e) all transactions of a 'speculative' nature are not permitted;

(f) notwithstanding, any of the steps mentioned above, "no investment of any nature is allowed that will expose shareholders' funds to undue risks"

5. INTERNAL CONTROL SYSTEM

5.1 Whilst the Board acknowledges that it is responsible for the overall internal control framework of the Company in risk management, it is also cognizant that no cost effective internal control system will preclude all errors and irregularities.

5.2 The Board reviews the effectiveness of the Company's system of internal control, including a review of financial, operational, compliance and risk controls on a continual basis.

5.3 Any control not operating effectively, is initially corrected and then modified to include a mitigating control that will reduce risk to an acceptable level.

5.4 The CEO and the Chief Financial Officer (or equivalent) are required to provide formal representation to the Board confirming that:

(a) the integrity of the Company's financial report is founded on a sound system of risk management and internal compliance and control based on the policies adopted by the Board; and

(b) the Company's risk management and internal compliance and control system is operating efficiently and effectively in all material aspects.

5.5 In satisfying its risk oversight role, the Board may require appropriate management assurance from the CEO and CFO against other material business risks (and associated controls).

5.6 Every employee of the Company has the duty for reporting any known breach of the guidelines introduced by the Company to minimize risks.

5.7 The key test (indicative but not conclusive) for whether a risk management and internal control system is operating effectively, is the business outcomes that have been achieved.

Typically, business outcomes are monitored through key performance indicators (financial and non-financial), however, events outside of management's control can sometimes lead to undesirable outcomes, which doesn't necessarily mean that the risk management program in place is ineffective.


<< Return to Governance

 

 © Medusa Mining Limited.   Legal Notice  |  Contact us