Managing our Risks

Risk is inherent in all business activities. We maintain a comprehensive risk management framework that serves to identify, assess and respond to our principal risks. Our approach is not intended to eliminate risk entirely, but rather to provide the structural means to identify, prioritise and manage the risks involved in our activities in order to support our value creation objectives.


The Board of Directors is responsible for maintaining the Company’s risk management and internal control systems. The Board’s mandate includes defining risk appetite and monitoring risk exposures to ensure that the nature and extent of significant risks taken by the Company are aligned with our overall goals and strategic objectives.

In accordance with our governance practices, the Audit Committee supports the Board of Directors in monitoring the Company’s risk exposures and is responsible for reviewing the effectiveness of the risk management and internal control systems. The Risk Manager and Internal Audit support the Audit Committee in evaluating the design and operating effectiveness of the risk mitigation strategies and the internal controls implemented by management.

Executive Management reviews strategic objectives and risk appetite, assesses the level of risk related to achieving these objectives, and incorporates controls into the strategic and operating plans to mitigate them. This top-down risk identification and assessment process helps to ensure that the bottom-up process performed at the business unit level is aligned with and focused on current strategy and objectives.

Risk heat map

Risk Heat Map AR18AR18 Risk Map Relative Position

The risk heat map illustrates the relative positioning of our principal risks in terms of impact and likelihood;
  1. Impact of global macroeconomic developments »
  2. Potential Actions by the Government »
  3. Access to Land »
  4. Security »
  5. Public perception against mining »
  6. Safety »
  7. Union Relations »
  8. Exploration »
  9. Projects (Performance Risk) »
  10. Cyber Security »
  11. Environmental Incidents »
  12. Human Resources »

Risk Management System

Our risk management system is based on risk identification, assessment, prioritisation, mitigation and monitoring processes, which are continually evaluated, improved and enhanced in line with best practice. In addition to our established risk management activities, our executives, including operations managers, the controllership group, HSECR managers and exploration managers regularly engage in strengthening the effectiveness of our current controls. This supports the executives and the Board in each of their responsibilities. 

Within the identification phase of our risk management system, the Company also captures emerging risks that could arise as a result of new developments that have a chance of impacting Fresnillo, either at a macro or operational level. Examples of these are new requirements imposed by changes to regulation, including stricter environmental rules, the commissioning of a new project and the use of state of the art underground technology, amongst others.

Risk management framework diagram »

Risk Assessment

During our 2018 risk assessment exercise, a team of 135 people evaluated 109 risks across all our operations, advanced projects, exploration offices, and support and corporate areas. We narrowed down our 109 risks into major risks which are monitored by executive management and the Audit Committee. We then further consolidated these into 12 principal risks which are closely monitored by the Board of Directors.