Exxaro Resources Limited
Integrated report 2022
The board, supported by the audit committee, is ultimately responsible for Exxaro's system of internal controls, which has been designed to evaluate, manage and provide reasonable assurance against material misstatement and loss.
We apply a combined assurance model to optimise assurance by management, as well as internal and external providers, while fostering a strong ethical climate and mechanisms to ensure compliance.
Using our board-approved ERM approach, management identifies key risks facing Exxaro and implements the necessary internal controls with comparable information for trend analysis where possible.
The board and audit committee assessed the effectiveness of controls for the year ended 31 December 2022 as satisfactory, principally through a process of management self-assessment (including formal confirmation by executive management), reports from internal audit, independent external audit and other assurance providers.
Exxaro defines assurance broadly to cover all sources, including external assurance, internal audit, management oversight and regulatory inspections.
Our combined assurance model includes and optimises all assurance services and functions to collectively provide an effective control environment and support the integrity of information used for internal decision making by management, the board and its committees, and in our external reports including:
The forum's activities and outcomes of assurance reports are presented quarterly to the audit committee.
For the year under review, the sources, level and focus area of assurance, commissioned and performed, are summarised below.
| Function assured | ||||
| Focus area | Assurance provider |
Tier/level of assurance* |
Corporate | BU |
| External/statutory audit | KMPG | 3 | Yes | Yes |
| Sustainable development/KPIs | KPMG | 3 | Yes | Yes |
| Environmental liability provisioning | KPMG | 3 | Yes | |
| Mining rights and environmental legal compliance | Inlexso | 3 | Yes | |
| B-BBEE dtic code compliance | Empowerdex | 3 | Yes | Yes |
| Mining Charter III compliance | Ngubane | 3 | Yes | Yes |
| Insurance risk surveys | IMIU | 3 | Yes | |
| Major and mega capital projects | PWC/ EY | 3 | Yes | Yes |
| Mineral Resources and Mineral Reserves statement | PWC/EY | 3 | Yes | |
| Governance, risk and internal controls | PWC/EY | 3 | Yes | Yes |
| Employee benefits | Ngubane | 3 | Yes | Yes |
| SLP projects | Ngubane | 3 | Yes | |
| ISO and OHSAS certifications | Various | 3 | Yes | |
| * | Tier/level of assurance refers to independent external assurance. |
As 31 December 2022 there were 394 open findings, reflecting an increase of 73 open findings in the year. Of the 394 open findings, 310 (79%) findings are classified as "Ready for Audit" (a three-month "waiting" period is applied before performing follow-up procedures for the control to be fully embedded). The split by status of findings is depicted in the chart below.
| Current period reporting | |||
| Status of findings | Internal audit |
Other assurance providers |
Total for the current period |
| Follow-up in progress | 30 | 7 | 37 |
| Ready for audit | 107 | 203 | 310 |
| Within timelines | 14 | 2 | 16 |
| Overdue | 19 | 12 | 31 |
| Total | 170 | 224 | 394 |
Overdue findings have been classified by ratings assigned in the final audit report and split into sources below.
| Source | Level 1 (high) |
Level 2 (medium) |
Level 3 (low) |
Not rated | Total |
| Internal audit | 0 | 18 | 1 | 0 | 19 |
| Other assurance providers | 2 | 9 | 1 | 0 | 12 |
| Total | 2 | 27 | 2 | 0 | 31 |
 |
Refer to Appendix A in the ESG report for detailed disclosure. |
Report Index