Risk management
Our risk management approach must be flexible in responding to the challenges that confront us while we continue to pursue value-creating opportunities. We must adapt to often-challenging operational environments, which makes effective risk management vital to the sustainable success of our business. This is key to the long-term success of our business.
Our risk management approach must be flexible in responding to the challenges that confront us while we continue to pursue value-creating opportunities. We must adapt to often-challenging operational environments, which makes effective risk management vital to the sustainable success of our business. This is key to the long-term success of our business.
Risk management and governance
The Board has ultimate oversight of AngloGold Ashanti’s risk management practices and is responsible for setting acceptable levels of appetite and tolerance for risk, and for determining the nature and extent of the principal risks faced by the Company.
Board sub-committees, notably the Audit and Risk Committee and the Social, Ethics and Sustainability Committee, have oversight of various principal risks to the business in line with their respective mandates. These risks are reported on, analysed, and debated, and where necessary actions are taken to address them, to ensure effective oversight and governance.
Risk management framework
The Board uses an established Enterprise Risk Management (ERM) framework to help ensure the Company’s strategic objectives are achieved in the appropriate way. This framework considers complexity of risks faced and includes exogenous risks, over which the Company has little or no control. It considers factors pertaining to the broader industry and market, operations and business risks as well as risks related to structures, finances and strategy. All are considered in the context of an overarching legal and regulatory framework.
The Board sets an acceptable level of risk appetite and ensures a risk management framework is in place to support the responsible execution of the strategic objectives that it sets.
Risk management is integral to our business activity and is integrated into Group-wide policies with our risk strategy part of executive accountability.
For details on our principal risks, see the Annual Report 2023
Risk management framework
Managing cybersecurity
Ensuring that AngloGold Ashanti technology assets are always protected is key for our sustainability. As cyber related threats continue to grow, with malicious parties targeting industrial organisations with extortion through ransomware, we are committed to minimising the risk to the business. Maintaining cybersecurity across our operations receives ongoing focus and oversight.
The cybersecurity team operates a global 24/7 service that monitors all information technology assets in real-time, scanning for any imminent threats. We are committed to minimising the risk to the business and have incorporated the NIST Cyber Security framework into our cybersecurity operating model at all levels. For assurance, all policies and procedures are reviewed on a regular basis and audited for compliance.
Fake web domains & Social media scams
As a global organisation, we are aware of fake web domain and social media scams specifically targeting AngloGold Ashanti. These potential threats are under constant monitoring and we urge the public to inspect any email or web link that may be masked as a fake message and report these using our whistle-blowing platform, www.tip-offs.com
For more information on fake domains, refer to the 2019 press release by the Internet Service Providers Association.