Ferrovanta Mining Services — Risk Management Framework

A structured risk register and the mitigation measures covering contract, operational, commodity-price, country, financial, regulatory and execution risks.

Ferrovanta Mining Services Business PlanSection 12 › Risk Management Framework

Section 12 · Business Plan

Risk Management Framework

A structured risk register and the mitigation measures covering contract, operational, commodity-price, country, financial, regulatory and execution risks.

12.1 Approach to Enterprise Risk Management

Ferrovanta will operate a Three Lines of Defence enterprise risk
management model in line with the COSO ERM Framework (2017) and ISO
31000:2018. The Board, through its Audit and Risk Committee, holds
overall responsibility for the risk management framework. Management is
accountable for first-line operational risk management; Group Risk and
Compliance provides the second line of independent risk oversight; and
Group Internal Audit (an outsourced function to a Big-4 firm until Year
4) provides third-line assurance.

12.2 Risk Universe and Inherent Risk Assessment

The risk universe has been mapped across twelve principal categories.
Inherent risk severity is plotted on the heat map below; mitigation
strategies are summarised in the subsequent risk register. Residual risk
after mitigation is materially lower than inherent risk in all material
cases.

Figure 12.1
Figure 12.1 — Inherent Risk Heat Map

12.3 Principal Risks and Mitigations

Risk Description Mitigation
Commodity price volatility Falling commodity prices may cause clients to curtail or terminate contracts Multi-commodity exposure; minimum-volume guarantees; client diversification; rolling 5-year contract book
Contract concentration Over-reliance on one anchor contract in early years Conservative bid strategy targeting four contracts in Year 2; cap on single-client exposure at 35% of revenue from Year 3
Equipment downtime Fleet unavailability undermines billings and KPIs Robust PM regime, condition monitoring, OEM partnership agreements, redundant fleet at sites
Fuel price inflation Diesel is 30-40% of operating cost; price spikes erode margins Fuel escalation clauses in all contracts; long-term supply contracts; bulk-buying with price-collar mechanisms
Labour unrest Strike action could halt operations and damage client relationships Constructive IR strategy, recognition agreements with NUM/Solidarity; competitive remuneration; engagement programmes
Regulatory change Mining Charter amendments, Section 54 stoppages, water permits Compliance team and legal monitoring; engagement with DMRE; voluntary commitments to exceed minimum standards
FX volatility (ZAR) USD-denominated equipment cost, ZAR revenue mismatch FX hedging policy via banking partners; USD-denominated cross-border contracts where possible
Skills shortage Insufficient supply of mining engineers, fitters, and operators In-house training academy; OEM training partnerships; competitive employer brand
Cyber / IT security ERP, FMS, telematics breaches could disrupt operations ISO 27001-aligned controls; cyber insurance; 24/7 SOC monitoring; phishing and awareness training
ESG / community opposition Loss of social licence to operate; community protests Proactive community engagement; community development funds; participation in mining house ESG forums
Geopolitical (cross-border) Coup, expropriation, currency restrictions in foreign jurisdictions Political risk insurance (MIGA, etc.); local subsidiary structures; staged country entry; conservative country risk thresholds
Counterparty default Client non-payment Credit insurance; advance payment guarantees on smaller clients; concentration limits

12.4 Insurance Programme

Ferrovanta will maintain a comprehensive insurance programme
structured around four pillars: assets and operational continuity;
liability protection; people and benefits; and contract performance. The
Company will engage Marsh or Aon as broker of record and will adopt a
self-insurance retention strategy proportionate to its balance
sheet.

Insurance Class Coverage Indicative Limit (ZAR m)
Plant All Risks Equipment damage, fire, theft, breakdown — full fleet Full replacement
Public & Products Liability Third-party bodily injury and property damage 1,500
Professional Indemnity Errors and omissions in engineering and design 500
Contract Works Project-specific cover for major site builds Project-specific
Marine Cargo Equipment transit between ports and sites Full transit value
Cyber Liability Data breach, business interruption from cyber events 300
Directors & Officers D&O cover including ESG and reporting exposure 500
Group Life & Disability Employee benefits Employee-level cover
Political Risk (cross-border) Expropriation, currency inconvertibility, political violence (MIGA) Country-specific

Confidential — this business plan is provided to prospective investors and lenders for evaluation purposes only and may not be reproduced or distributed without the written consent of Ferrovanta Mining Services (Pty) Ltd.