Rio Tinto: Risk Management Project

Project Case Study

Creating a sustainable risk and compliance and internal controls function for Project Simandou, a projected $20 Billion mining project in Guinea, West Africa. Additionally, assisted with designing and implementing a sustainable anti-bribery and anti-corruption program pursuant to the UK Bribery Act.


  • The Finance Department needed external support to design and implement an enterprise risk management (ERM) program; and key business processes and internal controls to facilitate integration into the corporate compliance and internal audit reporting structure.
  • The challenge was to quickly establish a scalable and sustainable compliance and internal controls program for multiple project activities, complete with integrated accounting, reporting & risk management capabilities.

The Solution

  • We designed, implemented, and managed the enterprise risk management program, which including conducting risk facilitation workshops, development of risk register, and managing the periodic testing and reporting requirements.
  • Additionally, we designed business processes and internal controls for “greenfield’ business processes including Materials Management/Warehousing, Payroll, Permits & Approvals, Treasury Function, IT Disaster Recovery, etc. and served as the audit liaison for external audits and corporate reviews by the global internal audit service provider, global risk management, and other corporate oversight and compliance functions.


  • The benefits derived by the client included compliance with in-country (Conakry), group (Paris), divisional (Melbourne) and corporate (London) ERM reporting requirements; satisfactory results on all audits performed by external third parties; successful training of compliance and internal controls staff; and the implementation and transition of a sustainable compliance and internal controls function that could be managed internally by the client.


Risk Management Project

Rio Tinto