In managing risk, it is the Company's practice to take advantage of potential opportunities while managing potential adverse effects. This Policy sets out the Company's approach to risk.

Role of the Board and Delegated Responsibility

The Board is responsible for approving the Company's policies on risk oversight and management and satisfying itself that management has developed and implemented a sound system of risk management and internal control.

 

Implementation of the risk management system and day-to-day management of risk is the responsibility of the Chief Executive Officer and in certain cases in conjunction with the Executive Chairman, with the assistance of senior management, as required.

Role of the Chief Executive Officer and Accountabilities

The Chief Executive Officer has responsibility for identifying, assessing, monitoring and managing risks. The Chief Executive Officer is also responsible for identifying any material changes to the Company's risk profile and ensuring, with approval of the Board, the risk profile of the Company listed in this Policy are updated to reflect any material change.

 

The Chief Executive Officer is required to report on the progress of, and on all matters associated with, risk management as a standing item at each Board meeting. The Chief Executive Officer is to report to the Board as to the effectiveness of the Company's management of its material business risks, at least annually.

Authority of the Chief Executive Officer

In fulfilling the duties of risk management, the Chief Executive Officer may have unrestricted access to Company employees, contractors and records and may obtain independent expert advice on any matter they believe appropriate, with the approval of the Board.

Risk Profile

The Company considers that any risk that could have a material impact on its business should be included in its risk profile. The risk profile of the Company can be categorised as follows:

• Market-related
• Financial Reporting
• Operational
• Environmental
• Human Capital
• Sustainability
• Occupational Health & Safety
• Political
• Strategic
• Ethical Conduct
• Economic Cycle / Marketing
• Reputation
• Legal and compliance

Additional Policies and Practices

The Company maintains a number of policies and practices designed to manage specific business risks. These include:

 

Audit Committee and Audit Committee Charter

The Company has formed a separate Audit Committee which has the role of, among other things, monitoring and reviewing the integrity of the financial reporting of the Company and any significant financial reporting judgments. It also reviews the Company's internal financial control system and, unless expressly addressed by a separate risk committee or by the Board itself, risk management systems. The role of the Audit Committee is set out in the Company's Audit Committee Charter.

 

Insurance Program

The Company's Insurance Program is managed by its insurance brokers appointed at each of the business unit locations.

 

Regular Budgeting and Financial Reporting

The Company has regular budgeting in place. It is the role of the Audit Committee (or its equivalent) to review the integrity of the financial reporting of the Company. The Audit Committee is to ensure the Board is fully aware of matters which may significantly impact the financial conditions or affairs of the business units.

 

Clear Limits and Authorities for Expenditure Levels

The Company's Board Charter sets out materiality thresholds. These include quantitative and qualitative thresholds as well as triggers for the materiality of contracts.

 

Procedures / Controls to Manage Environmental and Occupational Health and Safety Matters

The Company at each of its key business locations has a separate Occupational Health and Safety Manual, which is reported on at each meeting by the managing director of the respective subsidiaries.

 

Procedures for Compliance with Continuous Disclosure Obligations under the ASX Listing Rules and the Corporations Act (where relevant)

The Company's compliance procedures have been designed for the purpose of ensuring the Company complies with its continuous disclosure obligations.

 

Procedures to assist with establishing and administering corporate governance systems and disclosure requirements

Responsibility to Stakeholders

The Company considers the reasonable expectations of stakeholders particularly with a view to preserving the Company's reputation and success of its business. Factors which affect the Company's continued good standing are included in the Company's risk profile.

Continuous Improvement

The Company's risk management system is evolving. It is an on-going process and it is recognised that the level and extent of the risk management system will evolve commensurate with the development and growth of the Company's activities.