THIS IS GOLDEN MINE PROJECTS Risk management

Risk management and materiality

Our Enterprise Risk Management (ERM) process's overarching goal is to help Golden Mine Projects achieve its strategic and operational goals, as well as to help the company become as robust as possible in the current global business environment.

Golden Mine Projects assesses its risks, opportunities, and material concerns using four well-defined processes:

The results of these four processes were used to identify the risks, opportunities, and material challenges indicated on this page.

Golden Mine Projects' approach to enterprise risk management is based on King IV, the South African Corporate Governance Code of Conduct, and ISO 31000, the international risk management standard. The Group also supports the ICMM's 10 Principles for Risk Management.

The ERM process at Golden Mine Projects is comprised of three pillars that are applied intuitively and are part of our day-to-day operations:

Strategic risk oversight: Establishing and integrating effective and sustainable business controls to minimize the Company's exposure to significant risks to a reasonable level, while ensuring alignment with business and strategic goals.

Operational risk management: Continuously identifying, assessing, and mitigating operational risks to create a secure, productive business environment, minimizing disruptions and achieving operational targets.

Catastrophic risk management: Recognizing potential catastrophic events that could lead to loss of life, extensive infrastructure damage, and prolonged production setbacks; implementing strategies, actions, and policies to prevent or minimize these risks, bolstering resilience to absorb or mitigate losses.

We also routinely analyze emerging global patterns because as a multinational corporation like Golden Mine Projects, its operations are influenced by external social, economic, and political dynamics in the regions where it operates.

Risk management review process and reporting structure

Risk management methods are integrated from the bottom of the process described below, up to the top, where the Risk Committee and Board are notified of all key risks confronting Golden Mine Projects. This involves a thorough awareness of the external risk environment and the potential consequences or opportunities it may present to the company. Our top management strategic review approach incorporates analysis of the global risk landscape and macro risk trends.

MATERIALITY ASSESSMENT

Golden Mine Projects has undergone a structured evaluation to identify and prioritize its significant sustainability concerns. This evaluation employs criteria in line with the GRI Standards Guidelines, assessing the potential impact of these issues on both Golden Mine Projects and its stakeholders.

This process employs iterative assessments with a shared, quantitative scoring system. It draws upon various internal and external sources, along with extensive interactions with senior executives within the company and representatives of external stakeholders, including industry, government, community, and environmental organizations. These stakeholders were briefed on the GRI process and asked to evaluate all GRI Standards in terms of their importance to Golden Mine Projects and its stakeholders.

The outcome, presented in the Integrated Annual Report, identifies health and safety, water management, environmental considerations, and compliance issues as the principal GRI aspects that both internal and external stakeholders deem most pertinent to Golden Mine Projects and its broader stakeholder community.

RISK APPETITE AND TOLERANCE

In 2021, we revisited and fortified our Risk Appetite and Tolerance (RA&T) Standard to ensure a consistent risk management approach at both Group and regional levels. This standard sets minimum requirements and guiding principles to define RA&T levels in strategic and operational risk management.

Crucially, understanding the link between strategy and risk evaluation is pivotal in establishing RA&T. RA&T pertains not to the risk itself, but to its consequences – this distinction is key in defining practical RA&T positions.

Initiating from our strategic objectives, which are integral for establishing our RA&T levels, the consequences of the risks we face can deviate from our strategic goals. The degree of permissible variance from our strategic objective becomes our risk appetite, while the extent of variance prior to requiring review of risk mitigation strategies becomes our tolerance level.

The level of permissible or tolerated variance is usually linear, represented as a variable outcome of one or more risk results.

To support strategic objectives and business plans, and to ensure tolerance levels are not exceeded, Golden Mine Projects employs a thorough monthly and quarterly business review and monitoring process. Performance is closely tracked and issues are promptly addressed. During presentations, a color-coded system signals if targets are met, facilitating discussions on corrective measures.

Following quarterly business reviews, the Board of Directors holds governance and oversight meetings where various aspects of the business are rigorously reviewed and questioned. Any deviations from company objectives or good corporate governance are discussed and corrective measures are suggested. This is in line with our formal Approval Framework, which clearly defines decision-making parameters and risk tolerance.