Anglo American Annual Report 2012

Risk management atAnglo AmericanThe Board’s policy on riskmanagement encompasses allsignificant business risks to theGroup, including:• Financial risk• Operational, including safety,technical, fraud and corruption risk• Compliance riskthat could undermine theachievement of business objectives.This system of risk management isdesigned so that the differentbusinesses are able to tailor and adapttheir risk-management processes tosuit their specific circumstances. Thisflexible approach has the commitmentof the Group’s senior management.There is clear accountability forrisk management, which is a keyperformance area of line managersthrough the Group. The requisiterisk and control capability is assuredthrough Board challenge andappropriate management selectionand skills development. Managersare supported in giving effect to theirrisk responsibilities through policiesand guidelines on risk and controlmanagement. Support throughfacilitated risk assessments isprovided by a central team responsiblefor ensuring a robust process isimplemented for risk-management.During 2012, more than 135 separaterisk assessment workshops wereconducted reviewing:• Risk in business unit strategies• Risks to achieving mine orbusiness plans• Risks in capital projects• Risks to key change programmes,including the integration of De Beers.The results of these risk assessmentswere reported to senior managementand the Audit Committee. The processof risk management is designed toidentify internal and external threatsto the business and to assistmanagement in prioritising theirresponse to those risks. Continuousmonitoring of risk and controlprocesses, across headline risk areasand other business-specific risk areas,provides the basis for regular andexception reporting to businessmanagement, ExCo, the AuditCommittee and the Board.Some of the headline risk areas,which have been elaborated upon inthe financial review set out on pages48–53, are:• Commodity price risk• Political risk• Counterparty risk• Infrastructure andoperational performance risks.The risk assessment and reportingcriteria are designed to provide theBoard with a consistent, Group-wideperspective of the key risks. Thereports to the Audit Committee,which are submitted at least everysix months, include an assessmentof the likelihood and impact of risksmaterialising, as well as risk-mitigationinitiatives and their effectiveness.In conducting its annual review ofthe effectiveness of risk management,the Board considers the key findingsfrom the ongoing monitoring andreporting processes, managementassertions and independentassurance reports. The Board alsotakes account of material changesand trends in the risk profile andconsiders whether the control system,including reporting, adequatelysupports the Board in achieving its riskmanagement objectives.During the course of the year theBoard considered the Group’sresponsiveness to changes withinits business environment. TheBoard is satisfied that there is anongoing process, which has beenoperational during the year, and upto the date of approval of the AnnualReport, for identifying, evaluatingand managing the significant risksfaced by the Group. This includessocial, environmental and ethicalrisks as highlighted in the DisclosureGuidelines on Socially ResponsibleInvestment issued by the Associationof British Insurers. A detailed reporton social, environmental andethical issues is included in theCompany’s Sustainable DevelopmentReport 2012.Accountability and auditThe Board is required to presenta balanced and understandableassessment of Anglo American’sfinancial position and prospects.Such assessment is provided in thechairman’s and CEO’s statements andthe operating and financial review ofthis Annual Report. The respectiveresponsibilities of the directors andexternal auditors are set out onpages 134, 136 and 137. As referred toin the directors’ report, the directorshave expressed their view thatAnglo American’s business is agoing concern.Business integrityDuring 2012 we continued toimplement the necessary proceduresto ensure that our Business Integritypolicy operates effectively acrossthe Group and minimises the risk ofbribery as far as possible. We havenow trained more than 3,500managers through workshops inthe business units and developedsupplementary online training. Duringthe year we developed enhancedguidelines regarding acceptance andprovision of gifts and entertainmentand provided specific guidance on duediligence procedures for transactionswhere risks are considered higher. Weupdated our assessment of the risksof bribery and corruption in each ofour businesses, taking intoconsideration external and internalfactors and identified action plans forimplementation based on those riskassessments. We applied a duediligence process in individualtransactions to identify necessaryactions that mitigate risk of briberyin those transactions.During 2013 we will continue todevelop our procedures and obtainassurance that they are beingimplemented as we expect acrossthe Group.GovernanceAnglo American plc Annual Report 2012 107