SEARCH
CONTACT US
+632 888-3055 +632 888-3955 CONTACT US
Corporate Governance > Enterprise Risk Management

Enterprise Risk Management

Semirara Mining and Power Corporation and its subsidiaries (SMPC Group) recognize that risks are an integral part of our business which cannot be totally eliminated. Risks are better controlled if measured more consistently, accurately, and timely. SMPC

 

Group’s Enterprise Risk Management (ERM) framework is guided by international leading practices and the Committee of Sponsoring Organizations of the Treadway Commission or COSO’s ERM – Integrated Framework. It provides a Group-wide disciplined approach to risk management in relation to SMPC Group’s achievement of strategic and business objectives.

 

Risk Governance

Your Board sets the tone and establishes the risk appetite level for SMPC Group’s ERM to be applied across the organization and to provide reasonable assurance that risks are identified, assessed, managed, monitored and communicated in a timely manner, and aligned to the Group’s strategic and business objectives. SMPC Group’s risk governance structure gives due regard to the global Institute of Internal Audit’s Three Lines of Defense in Effective Risk Management and Control. Its ERM efforts are focused toward risk ownership, controls, compliance and assurance activities. 

 

The Risk Committee assists the Board in risk management oversight to ensure risk practices are aligned with established strategic and business objectives, policies are followed, limits are respected and controls established. Management and risk owners support, implement, monitor and report ERM processes and policies in their day to day business activities. The Internal Audit provides risk assurance on the effectiveness of risk management processes to the Board and Management. 

  

ERM Process

Risk Self-Assessment (RSA) process is conducted during the Company’s annual strategic planning while Risk and Control Self-Assessment (RCSA) process is done at the tactical level to identify, assess and monitor the key risks, controls and related action plans for those with significant risks. Appropriate risk responses and action plans are aligned with the Board’s risk appetite. Results of unit risk reviews are reported by Risk Advisory to the Risk Committee for assurance reporting that significant risks are effectively managed or mitigated.

 

Business units drive implementation of risk management processes embedded in performance management measures, annual planning and budgeting. Risk related practices include continual review and enhancement of business processes and mitigation measures, updating of control procedures and financial reporting system, among others.

 

ERM Policy

SMPC Group’s policy is to maximize strategic and business opportunities and minimize adverse outcomes thereby optimizing shareholder value and ensuring sustainable growth through an effective balance of risks and rewards.

 

Risk Appetite

SMPC Group operates within an overall Low risk range in the pursuit of its objectives, with the lowest risk appetite for risks related to operations and regulatory compliance.

 

Strategic Risk Profile

SMPC Group considers operations risk as its topmost strategic risks. Its ERM recognizes not only existing operations, financial and compliance risks but also external developments and emerging risks. The CEO meets regularly with the Management Committee to focus on the most critical enterprise-wide level risks and ensure integrated responses to such risks. Likewise, opportunities with identified risks are managed for strategic advantage.

 

 

Integrated Management System

To manage the key risk areas for coal mining and mining-related activities, the Company has adopted the quality systems and principles of the International Organization for Standardization (ISO) since 2008. The Governing Board of Certification International Philippines, Inc. has recertified its Integrated Management System covering the coal mining operations and support activities as conforming to the Standards on ISO 9001:2008 Quality Management System, ISO 14001:2004 Environmental Management System and OHSAS 18001:2007 Occupational Health and Safety Management System. These management systems ensure continuous improvement of policies to guide operations in the areas of health and safety, environment and community relations.

 

Emergency Preparedness and Response (EPR) Program

The Company has identified potential accidents and emergency situations and established appropriate preparedness and response procedures, including preventive actions and where appropriate, how to mitigate the environmental impacts and/or risk that may be associated with unplanned events, accidents and emergency situations. Building evacuation, landslide, fire and earthquake drills are conducted at least annually and evaluated by the designated government agency to test the effectiveness of these exercises. Emergency preparedness and response procedures are tested periodically to ensure full understanding and observance of all employees and regularly reviewed for improvement.

 

Information Technology Risk Management

IT risk is a component of the overall risk universe of SMPC. Continuous assessment and review are conducted from IT Governance (Key IT Decisions, Structure, Policies & Standards) up to processes and procedures (including Hardware and Software components).  IT risk assessment ensures that key IT risks & opportunities in the aspect of Governance, Cyber Security, Operational Technology and technology-enabled processes are identified, managed and reported to the Management and Board.

 

The Company established its Information Technology (IT) Disaster Recovery Plan (DRP) to ensure early restoration of critical IT and communication services and systems with the most up-to-date data available for the Company’s business continuity. The DRP includes detailed back-up and recovery procedures, responsibilities of a Disaster Recovery Team and emergency procurement, among others. The Company maintains two (2) back-up servers at a designated Disaster Recovery “Cold Site”.



Financial Risk Management

The Company’s financial risk management is geared toward sound and prudent allocation of its financial resources to fund investments and expansion activities, maintain healthy financial ratios and ensure appropriate returns to shareholders. It exercises a Low financial risk tolerance in funding sources and managing capital requirements consistent with the Board’s established overall Low risk appetite. The Company’s financial risk management objectives and policies to effectively manage its financial assets and liabilities are discussed in Note 29 to Consolidated Financial Statements.

 

Risk Cover

The Company includes risk transfer as risk treatment for risks relating to its mining equipment and fixed assets through Industrial All-Risk (IAR), Floater, Fire, Marine Hull and Aircraft Hull insurance covers. This risk management strategy is similarly implemented through an IAR with Business Interruption cover in your Company’s power plant operations.