Investors

Risk management

Successful and sustainable implementation of our strategy requires strong corporate governance and effective risk management. We deliver this through a comprehensive framework of business policies, systems and procedures that enable us to assess and manage risk effectively.

Managing business risks

Managing existing and emerging risks and opportunities is essential to Capricorn’s long-term success and sustainability. All investment opportunities expose the Group to political, commercial and technical risk. and Capricorn maintains exposure to these risks at an acceptable level in accordance with its appetite for risk.

As in previous years, Capricorn’s risk management process is based on a holistic approach and provides a systematic process for the identification and management of the key risks and opportunities which may impact the delivery of the Group’s strategic objectives. KPIs are set annually and determining the level of risk the Group is willing to accept in the pursuit of these objectives is a fundamental component of Capricorn’s risk management framework. As outlined below, this integrated approach to the management of risk and opportunity plays a key role in the successful delivery of the Group’s strategy.

Capricorn’s system for identifying and managing risks is embedded from the top down in its organisational structure, operations and management systems, and accords with the risk management guidelines and principles set out in ISO 31000, the International Standard for Risk Management. The Group’s risk management structure is set out below. This framework for risk assessment applies to all risk types including operational, health and safety, environmental, financial, strategic and reputational.

Risk management framework
Outline the strategy Define strategic objectives Define risk appetite Identify key risks Apply risk assessment process Deliver strategic objectives
Set a sustainable strategy to achieve Capricorn’s near- and longer-term goals. Set clear strategic objectives. Determine the level of risk the Group is willing to accept in the pursuit of its strategic objectives and document this in the Group Risk Appetite Statement. Identify key risks to the achievement of strategic objectives and associated opportunities, through discussions at Board, Management Team, asset and functional levels. Apply the Group risk assessment process to ensure the ongoing management of key risks to our objectives. Delivery of strategic objectives through informed risk-based decision making and target progress through KPIs.
Risk governance

Overall responsibility for the system of risk management and internal control rests with the Board. Principal risks and opportunities, as well as progress against key projects, are reviewed at each Board meeting.

The Group’s framework for risk management promotes a bottom-up approach to risk management with top-down support and challenge. The risks associated with the delivery of the strategy and work programmes, and the associated mitigation measures and action plans are maintained in a series of risk registers at Group, country, department and project level. Reporting of these risks within the organisation is structured so that risks are escalated through various internal management and Board committees, and to the Board itself.

At the third line of defence is the co-sourced internal audit function which provide assurance on the effectiveness of our risk management process and other key controls to the Board and its Committees.

Risk governance framework
Top-down: Oversight, accountability, monitoring and assurance
The Board
Holds overall responsibility for the Group's risk management and internal controls system Sets strategic objectives and defines risk appetite Sets the tone and influences the culture of risk management Completes robust assessment of principal risks
Audit Committee Department Managers
  • Chaired by Non-Executive Director in 2023
  • Monitors and reviews the scope and effectiveness of the Company’s systems of risk and internal control
  • Reviews principal risks
  • Performs a quarterly deep-dive review of the Group's risk register and assesses risk actions, control effectiveness and risk ownership
Asset/Project/Function level
Risk identification, assessment and mitigation completed at country, department and project level Risk management system embedded and integrated throughout the Group Risk culture influencing all business activities
Bottom-up: Identification of risks and mitigating actions for assets, projects and functions

 

Back to Investors