Loss Prevention Program in Kumtor Operating Company - Case Study Example

SECURITY RISK MANAGEMENT: LOSS PREVENTION PROGRAM IN KUMTOR OPERATING COMPANY Risk Avoidance, Risk Transfer, Risk Retention and Risk Reduction are the four common strategies which guide "Risk Management". Discuss how in your own work environment, you could utilize these concepts to develop and monitor a Loss Prevention programme. Introduction As we all know, Risk Management is a well thought out and calibrated action taken to reduce or manage an intangible aspect of reduced risk through meticulous risk assessment. Once the risk is identified and accurately assessed, various strategies need to be developed to manage the risk, and alleviate it using managerial principles. As we know, once a risk has been identified, the managerial task attempts essentially to reduce the impact of risk through avoiding the risk, reducing the damaging effects of the risk, transferring the risk to another party and accepting part of the consequences of a particular risk as operational losses. In this essay, I am going to highlight a successful Risk Management project undertaken by us in the Kumtor Operating Company, a prime value asset and gold mine of Kyrgyzstan. The company, due to its valuable product and huge future potential, was fraught with many risk factors. External ones included rising Islamic militancy and vulnerability due to close proximity of US forces fighting was against terror at Bishkek. On the other hand, internal risk factors included security of the gold production and storage facilities, corruption, lack of insurance against loss and many such mitigating factors. Our role as security managers was to prepare loss prevention techniques after applying critical risk assessment theories, and using the relevant ones to achieve the aim. Risk Management in our context was to include both external and internal aspects of Kumtor Operating Company. Gold mining in a developing country is always full of many intangible risks owing to a high value product. Unless the management takes a proactive stance in this regards, the losses to the company from the within itself can be monumental. Adding the external dimensions make the costs of losses absolutely prohibitive for the company. Hence, in this essay I have discussed how each aspect of risk was appreciated correctly and resolved after due consideration of all associated factors. The four strategies of Risk Avoidance, Risk Reduction, Risk Transfer and Risk Retention were applied to each existing risk factor after due deliberations, and a detailed Risk Management and loss prevention plan was worked out, discussed with the authorities and implemented after convincing the top bosses of its rationale and effectiveness for allocation of necessary budget. A situation exists today where the losses due to management of mining process have reduced unbelievably thereby directly benefiting the company both financially and security wise. The loss prevention program thus necessitated to first bring out the specific risk factors relevant in our context. While most such risks could have been dealt with from within the resources, a certain amount of external help would be required sooner or later. Further, after assessing the risks, the most important task was to classify them accurately into four types of risk management strategies. Optimum classification would ensure that the future action plan would be economically most suitable for the company and beneficial in the long run. While some risks can be avoided and reduced, some inherent risks may have to be retained due to adverse tilt of cost vs. benefit analysis. At the same time, some risks would be too heavy to bear and would need to be transferred to an insuring agency. Hence, we now commenced our ground work for loss prevention plan on a war footing. (Risk Management strategies) Kumtor Operating Company Kyrgyzstan is an ex-soviet satellite state that became independent in 1992 and is now called the Kyrgyz Republic. The Kyrgyz Republic is geographically bordered to the North, North West by Kazakhstan, to the South West by Tajikistan with its border to Afghanistan and China to the very South and South East. Kumtor Operating Company, a gold mine, is located about 350 km southwest of Kyrgyz capital city of Bishkek. The mine is located in Tian Sian mountainous region. The elevation of the mine is about 4000 m (13123 ft) above mean sea level. Open pit mining started at the mine in 1997. Despite political instability and turmoil throughout the period, the mining has continued unabated. Severe pressure from the successive ruling governments and their corrupt administrators has resulted in a situation where no one wants to improve the situation for the mine and the people, but want to use its resources like a goose that lays golden eggs. Each government blames its predecessor for corruption and mismanagement but ends up doing the same or worse purely for personal financial gains. Spate of official inspections and accusations of money laundering and fraud against each other are commonplace. After every such episode, the militia departments beef up security aspects with no outward results. Each such renewed vigilance results in new infringement of state laws which are not only poorly documented and difficult to follow, but are also flexible as per the wishes of the rulers. Each new recommendation results in new agreements to repair government buildings, and provide for donations of vehicles, fuel and tools for the mine employees. No improvement on ground ever takes place. So much for the accountability of the system. General Risk Assessment A new dangerous development has been growth of fundamental extremism from northern region of Tajikistan. This has considerably increased the risk for expatriate rotational and residential staff. Many bombing incidents have been occurring in Osh and Jalalabad. Major risk involves the travel in mountainous region from Bishkek to mine site. The staff travels through small settlements most of which now embellish new Mosques built on land donated by village elders. The activities are openly funded since a so-called visit by 'Osama Bin Laden' following 911 incidents. (bbc.com, 2000) Another major external Risk by association exists in capital city of Bishkek, where Manas airport is a major logistical hub supporting America's war against terror in Afghanistan. This vulnerable spot or Achilles heel is prone to be targeted by the extremists routinely suffering huge damages due to American bombings. (Daly, 2007) Further, off duty soldiers and airmen in civilian areas are easy targets of extortion, violence and even kidnap for ransom. Since expatriate mineworkers inherently fall into this category of westerners, the risk factor assumes frightening proportions directly affecting personal safety of these civilians who have nothing to do with this war on terror. Any social outing to pubs, clubs, travel in a taxi or even day to day living is infected with inherent dangers on and off the street. Another risk exists in terms of environmental awareness especially due to a recent incident of Cyanide spill in Lake Issy Kul. (Norlen, 2000) Lake Issy Kul is surrounded by the magnificent snow capped Tian Sian mountain range and is often likened to the jewel in the Central Asian crown. This serious but unintentional spill led to tonnes of potentially catastrophic product being released into the water catchments of the lake. Damages paid by company to Ktrgyz government were to the tune of $4.6 million against loss estimate by Kyrgyz government of about $42 million. This negative publicity created undue awareness about KOC's operation in the region causing immense public outcry over the spillage. The situation remains volatile till date and slightest provocation can lead to severe public scrutiny against the mine and its workers. (Norlen, 2000) Further, gradual increase in attention among third party groups and vigilance by non governmental organisations in KOC operating area, especially the observation and sample extracting from water bodies brings out the grim fact that KOC mining operations have sufficient enemies both within and without. The future requires proper risk assessment and management so as to ensure requisite profitability as well as security in the mining task. Risk factors at the Mine Site Mine Site - Detailed Risk Assessment. In Jul 2007, I commenced operating as KOC Chief Security Superintendent with operational responsibility of asset security at the mine site. The credibility and performance of my two predecessors had nothing to go by. While one had resigned mid term, the other had never applied for renewal of the contract. With this background in mind, my first task was to conduct detailed site survey and build an exhaustive risk profile of the KOC using essentially the principles of Risk Avoidance, Risk Reduction, Risk Transfer and Risk Retention. The risk profile analysis was to result in formulating and implementing a full proof (to the extent possible) Loss Prevention and Asset Protection programmes. The Task. The initial approach followed by me involved identification of areas of risk that I would wish to avoid. With prime intention of protecting the assets of the company, the task was formidable and diversified in various fields of the mining industry. My first target in a gold mining industry was obviously the Gold Room, the Refinery and the Mill. These sensitive areas had considerable assets and therefore were inherently risk prone. Thereafter, my analysis shifted from clearly obvious to less obvious, but equally critical and damaging to the organisation's health. Most these aspects lied in the region of Risk Reduction and Risk Transfer. And eventually, the analysis shifted to those quarters where there were evident levels of risks but which could be placed into retainable risk category, as the investment for risk avoidance was not cost worthy in those regions. Thus by following Risk Management principles, I now had a reasonably clear understanding of weaknesses within the organisation and a reasonable vision of their effective remedies so as to improve productivity and profitability of the company. This task was now followed up with critical evaluation of crime trends, inventoried losses, replacement orders and write-off orders. The analysis made it possible for me to identify key areas of losses to the company that would require gradual and systematic policy making criteria and implementing them to bring about necessary changes in the system that will work over a reasonable period of time. While the task was accompanied with obvious threat from affected parties, I went ahead to bring about necessary changes nevertheless. Now we shall specifically look at the areas that needed attention within the scope of various categories of risk management. Risk Avoidance As we know, these are those critical aspects where risk factor for the organisation has to be avoided at any cost. While this may directly hamper work output in an organisation or even prevent specific gain from accruing due to total risk avoidance, my role in risk avoidance was more specific to the security aspects of mine product, i.e. gold and its spillage. This aspect of spillage was a bit difficult to address since even small quantity of product was very valuable, and lower financial status of mine workers and especially those dealing with this storage meant their was enough incentive for individuals to engage in these activities. This could only be checked through physical inspection of workers which was a sensitive issue due to security guys directly questioning their integrity. Hence, resolution of this aspect required more diplomacy but firm handling. In my specific area of operation, I decided to categorise and identify following problems under this heading: The Gold Room The initial detailed assessment of the Gold Room brought out a system of procedures and documents which was in place, clear and understandable by all staff, but however lacking in some key fundamental areas. The very physical strength of the structure was weak for providing credible defence against sabotage, but was secured by an advanced and modern electronic biometric access system. However, the biometric system was powered by main supply only without any battery or UPS back up, and surprisingly the system was set to fail open. Further, the visible gold stock was being managed by a single local individual whose earnings were significantly low compared to the responsibility entrusted upon him making him easily vulnerable to influence from interested parties looking for a loophole in the system. There was an immediate need to plug this gap. Other Security Aspects: There was a chance of direct loss of product due to: 1. Sabotage. This aspect was very relevant due to external security scenario as discussed earlier. Any party with insurgent motive would find a target like KOC a very lucrative target not only for financial gain but also for making big news and thereby spreading the message of their so-called cause. 2. Theft. This factor was very relevant because of expensive nature of the by-product and many interested parties and vested interests. Further, owing to its cost, even a small amount of theft would have been a big loss to the company. Security arrangements were beefed up to ensure no thefts took place in so far as possible during various stages of production. 3. Kidnap and Coercion. An attempt by vested interests could not be ruled out to kidnap or coerce a knowledgeable employee so as to make him surrender keys/combinations/product in any form. Personal security of employees was to be given increased attention to meet this objective effectively. 4. Documentary Errors. This required technical expertise through proper audits and checks to ensure that there were no losses due to improper maintenance of documents. This aspect created much disharmony initially, but with persistent efforts, the documentation process was streamlined and necessary objectives achieved. 5. Collusion to Commit. This involved implicit involvement of all employees to the extent possible so as to check any malpractices within the system. With adequate sensitisation and briefings, the hitches were eliminated and a sound and reliable system of mutual trust and loyalty was put in place over time. 6. Reliance of External Courier. External agencies were consulted and involved for ensuring unbiased security of the mine assets and firmly check every channel which could be exploited by individuals with dishonest intentions. Risk Reduction Having achieved initial aim of risk avoidance, I firmly commenced my work on the next aspect of the model, i.e. Risk Reduction techniques. As we know, this involves methods that reduce the severity of loss or reduce the loss from occurring. Some of the areas covered by me are discussed below: 1. Target Hardening. This involved fortifying the target to reduce chances of intentional sabotage or theft. To meet these ends, we fabricated concentric layers of defences by including vehicle traps, bullet proofing and strengthened manual locking systems. This ensured the security of the site from external miscreants as well as internal opportunists by denying them psychologically the leeway in the form of a weak target. 2. Electronic Guard Patrol Monitors - Theft. Electronic scanning systems were incorporated which created a psychological feeling in the guard staff that their actions and movements were being monitored and recorded. These made them more efficient in disseminating their task of guarding the premises and tackle any miscreant party firmly. Further, the aspect of third party analysis of electronic media for insurance purposes and evolution of Big Brother culture further assisted in enhancing the efficiency of the system. 3. Time Sensitive Vaults. Time sensitive vaults were incorporated so as to ensure that product removal was carried out during core hours only by key staff, thereby totally denying the access of valuable assets to miscreants. 4. CCTV Analysis. A fresh policy on review of CCTV recordings was formulated and implemented to externally monitor movements of all people entering or leaving the defined secure area. This led to a tighter control over people's actions without bothering them and more critical monitoring of any individual with dishonest intentions. This also created a kind of scare among people that they were being constantly under surveillance and were being monitored round the clock for their actions and intentions. 5. Safe Haven & Escape Option. There was an evident risk of kidnap and coercion of key holders by interested parties to seek ransom for huge political and monetary gains. The risk had increased manifold during past few years due to growth of fundamentalist groups in the whole region over past few years. A detailed analysis was conducted at field level by us and we evolved a near fool proof design to encompass the principles of Safe Haven and Escape options. The procedure has been in place for over a year now and functioning well, albeit confidential in the interests of the KOC. 6. Panic Buttons. In case of a serious emergency situation, a panic button similar to one in banks was installed with the manned guard. This would initiate a system lock down, communicate the emergency to external security agencies and company senior management for immediate action to safeguard the facility. 7. Documentation Errors. Intentional as well as unintentional errors in documentation were identified and established as sources of theft or misappropriation by potential miscreants. A detailed and periodical third party analysis and audit of documents was implemented as a safety measure for the purpose. Further, physical inspection of stored product at frequent intervals was also implemented so as to ascertain safety and security of storage facility. This ensured proper accounting as well as accountability in the set procedures. 8. Collusion to Commit. Considering the valuable nature of stocks, collusion to commit was a very real possibility. There was sufficient scope for deception by miscreants ranging from document fabrication to falsification of DORE gold content percentage. This was possible due to poor, unreliable or at times even non-existent Assey Laboratory analysis. Any such collusion with human guards was eliminated due to possibility of CCTV monitoring and recordings of key areas being stored on hard drives. The supervisor could remotely monitor to analyse any malpractice and take necessary corrective action at his end effectively. 9. Reliance on External Couriers. Pilferage and risks during road transit leading to huge losses to KOC were significantly reduced by selling the product to the Government at the Refinery itself. However, since the collection was effected by external courier at pre-decided time and day of the week, the operation was predictable in routine by parties with vested interests. However, Risk Reduction was achieved by ensuring that the easy strike would be against the external courier and not the company. Further, any attempt to impregnate hardened target would be self destructive and scrutinised by external investigations, auditors and insurers. 10. Further, meticulous paperwork and physical delineation ensured a clearly demarcated transfer of responsibility at an identifiable and recordable check point. After crossing the demarcation line, the product security and safety would no longer be KOC's responsibility. Risk Transfer This involved transfer of risk to a third party, similar to one like insurance of our vehicle when risk is borne by the insurer after specific premium has been paid. Having been satisfied with progress in Risk Avoidance and Risk Reduction aspects, I shifted my attention towards areas which could be credibly offset with Risk Transfer. This involved analysing the situation and cover "insurable loss". MARSH insurers were contracted for the purpose. The insurers have been regularly conducting specific assessments to identify areas of vulnerability and if they could be modified to safeguard them from losses. Recent discussions with me included various issues including the maximum value of Gold Dore that would be covered in the event of any claim. MARSH agreed to insure up to a certain value, the excess losses were to be borne by the KOC. This allowed partial transfer of risk to an external agency, thereby providing considerable relief to the company. Risk Retention The Risk Retention normally involves smaller areas where the risk is accepted as operational hazard where any preventive action or transfer costs are more than the value of the product itself. Having covered all aspects of Risk Avoidance, Risk Reduction and Risk Transfer adequately, the remaining aspects were to be risk-retained. Some occasions where Gold Dore value may be well in excess of insurable amounts due to exceptionally good recovery were accepted in Risk Retention. So were various minor aspects of site security and process monitoring where expenses involved would be tremendously higher than likely savings. Risk Management Strategies Most risk management strategies were applicable. Albeit in a variety of degrees, risk avoidance and reduction strategies were to form core of our loss prevention plan with most emphasis on risk avoidance. The losses outside our purview were to be transferred to an insurance company, despite likelihood of a high premium due to overall security situation and premium value product. Some degree of risk would have to be retained due to its miniscule loss nature. Accurate classification of risks into various categories was important for the loss prevention plan to be effective in the long run. Loss Prevention Plan After analysing all the sources of loss for the company both externally and internally, the task now narrowed down to formulate a well thought out plan to plug all gaps where possible to avoid risk, take action so as to reduce impact of losses where avoidance was not feasible, transfer the risk where applicable to the insurance company and allow for certain small losses to be retained where expenses on loss prevention program would be greater than the benefits ensued. Budgeting Budgeting for security is a tricky business the world over. However, by properly adopting the Risk management principles, I was able to evolve a credible security plan for the KOC and defend considerable expenses to be catered for in budgetary provisions by convincing the authorities of tremendous tangible and intangible benefits by following the established security plan. With lot of satisfaction, it can be now stated that a credible system for monitoring the core functions of the company is firmly in place. The areas of vulnerability are especially guarded and there is an increased vigilance to cover areas of prime asset value. Remote observability of operations creates a credible extra layer of supervision. The loss prevention plan thus worked as follows: 1. Securing the Gold room as per details discussed. 2. Liaison with external security forces for sabotage/anti insurgent activities. 3. Internal security arrangements against theft, kidnap and coercion. 4. External audit of documents. 5. Securing boundary walls and gates. 6. Construction of traps. 7. External couriers for transport of gold. 8. Installation of CCTVs. 9. Installation of time sensitive vaults and panic buttons. 10. Security check/analysis of all workers. 11. Insurance of held stock. Consequently, with the plan firmly in place, it was noticed over a period of one year that there were considerably lesser number of incidents of pilferage and thefts. The denial of opportunity through increased electronic vigilance, strengthened gold room and other premises and other security arrangements had started to pay dividends. While the actual benefit on balance sheet might take some more time to manifest, it can be safely said that loss prevention plan was indeed working. With periodical review of the plan every year, to ensure efficacy of the plan, it would further improve security situation at the KOC. Conclusion KOC, with its valuable product of gold and sufficient scope for breach of security or financial loss to the company by vested interests, it was necessary to formulate and implement a credible loss prevention plan. Towards this end, the four strategies of Risk Avoidance, Risk Reduction, Risk Transfer and Risk Retention came in extremely handy for me to evaluate a full proof Risk Management plan for KOC. All the existing external and internal risk factors were meticulously evaluated and sub divided into four strategies of avoidance, reduction, transfer and retention. The plan was devised keeping in mind high value of the product, local influence in contemporary vulnerable security scenario and other such mitigating factors. Once formulated, it was discussed with authorities and budgetary provisions were provided for meeting detailed requirements of the loss prevention plan. Implementation stage included procuring various expensive surveillance equipment and accessories and installing them in place. Today, the security apparatus in place is highly effective and is sure to have a long term impact on KOC's productivity. The aspect of Risk Management is an intangible, which cannot be overlooked if overall profitability of company is to be ensured in the long run. Expenses involved in this regard can at best be termed as good investment, with intangible but incalculable benefits to the organisations. References 1. Daly, John C. K. 2007. Kyrgyzstan's Manas Airbase: A Key Asset in the War on Terrorism Retrieved from http://www.jamestown.org/terrorism /news/article .phparticleid=237023. 2. Norlen, Doug, 2000. The Kumtor Gold Mine: Spewing Toxics From On High. Retrieved from http://www.ciel.org/Ifi/ifccasekyrgyzstan.html. 3. Kyrgyzstan claims Bin Laden backing rebels. 15 Aug 2000. Retrieved from http://news.bbc.co.uk /1/hi/world/asia-pacific/881443.stm. 4. Risk management Strategies. Retrieved from http://www.c-risk.com/ Construction_Risk/RM_Strategies_01.htm. 5. Risk management determinants affecting firms' values in the gold mining industry: new empirical results. Retrieved from http://www.sciencedirect .com Read More