A pre-revenue junior explorer has a narrower enterprise risk profile than a producer, and a wider one than a pure holding company. Seven categories cover the field without overreach. Across those seven categories, the full enterprise register for a junior explorer lands at roughly thirty risks.
| Category | What it covers |
|---|---|
| Exploration and Geology | Drilling results against guidance, resource estimate downgrades, technical key-person risk, tenement title defect, Native Title and heritage overlap. |
| Tenement and Regulatory | Expenditure commitment breach, heritage approval delay, environmental approval rejection, rehabilitation bond movement, Listing Rule 5.8 material change. |
| Capital and Funding | Raise failure, runway below three months, placement pricing discount, substantial holder exit, FX exposure on USD drilling contracts. |
| People and Safety | Drilling fatality, Managing Director loss, contractor WHS failure, psychosocial risk, cybersecurity breach. |
| ESG and Social Licence | Heritage damage incident, community opposition, Scope 1 and 2 emissions disclosure gap. |
| Board and Governance | Continuous disclosure obligation breach, s180 director breach, ARC charter non-compliance, s588G insolvent trading. |
| Technology | Critical data loss, over-dependence on spreadsheets for GRC, AI-generated content in market disclosure. |
In every junior explorer we work with, the risk register has the same three features. It lives in a Word document. It was last updated at some point before the last AGM. And nobody, without pulling it up, can tell you what the top five risks are this quarter.
This is not a failure of effort. It is a failure of format. A junior-miner CFO carries an enterprise-scale compliance load on a four-person team. The tools they inherit, an annual Word register, spreadsheets with one tab per category, the consultant's bowtie deck from 2023, were designed for organisations with a full risk function. At four people, they compound into invisibility.
An annual register fails the moment it is signed off. There are three structural reasons.
A junior miner acquires tenements, moves into new jurisdictions, pivots commodity focus, and revises drilling programs on quarterly timelines. A register refreshed annually is out of date within ninety days of the ARC signing it. The risks that actually need managing this week are in somebody's inbox, not the register.
The register lists "contractor pre-qualification" as a control. The evidence for that control sits in a shared folder. The evidence is never checked against the register. When the auditor asks, someone reconstructs the link in a panic the week before the ARC meeting.
Most registers name "management" or "the CFO" as the owner of every risk. That is nobody. A risk with no named owner is a liability belonging to whoever the ASIC inquiry catches holding it.
The trap in risk scoring is to borrow a methodology from a producer and apply it to an explorer. A producer with ten live mines has meaningful incident frequency data. A junior explorer has judgement. Use a 5x5 matrix. Likelihood one to five. Consequence one to five. Rating is the product, banded one to four as Low, five to nine as Moderate, ten to fourteen as High, fifteen to twenty-five as Extreme. The numerical precision does not matter. The discipline of distinguishing inherent from residual does. Inherent is the risk before controls — score this honestly. Residual is the risk after the controls you actually have in place. If your controls are theoretical, the residual stays high and you should worry, because the controls are not real.
The gap between inherent and residual is where the board gets its assurance.
Management theatre vs real controls
This is the column nobody fills in, and it is the column that turns the register from a management document into a liability map. When a risk materialises, the question at an ASIC inquiry or a shareholder class action is not "was this risk in the register?". The question is "did the director discharge their duty in relation to this risk?". The register is evidence. The mapping between the risk and the duty is what gives it legal weight.
Touches every risk by default. For a small explorer, every line in the register sits on top of the s180 obligation. The Chair, in thirty seconds, should be able to see the s180 surface in totality.
Touches runway, raise failure, placement pricing discount, substantial holder exit. Where solvency is the consequence, s588G is the duty link, and the cadence on those risks tightens accordingly.
Fatality, contractor WHS failure, psychosocial risk. Officer due diligence under Model WHS Act s27 attaches personally. The register entry is the evidence the officer was tracking it.
Continuous disclosure breach, JORC error, Chapter 5 reporting failure. Listing Rule 3.1 attaches at the moment the information becomes market-sensitive. 5.8 attaches at every Chapter 5 disclosure.
Rehabilitation provision movement, environmental bond adequacy, contingent liabilities. The accounting standard is the duty link the auditor will test, and it changes the residual rating when disturbance expands.
The Excel Risk Register Starter Kit we publish alongside this article is deliberately self-contained. It works. It will produce an ARC-presentable output in its current form. There are three reasons to consider moving it to a live system, and they become compelling somewhere between IPO and the first post-IPO capital raise.
A pre-revenue explorer can run an excellent register in Excel. A developer pushing toward first production cannot.
Four moves. Done in one ARC cycle, they take the register from an annual artefact to a working evidence layer the Chair will actually open before the meeting.
Thirty risks, 5x5 matrix, director-duty map, Chair's dashboard. ARC-presentable in under an hour.
Get the template →The DIY version that satisfies the ARC. Control depth without a consultant deck.
Read article →Six gap patterns junior-miner boards consistently miss at renewal.
Read article →Tuned for the junior miner operating rhythm: quarterly lodgement windows, AGM timing, tenement renewal cycles, and the regulatory news that actually matters.
Book a 30-minute Compliance Walk-Through. Bring a populated starter kit. We'll map the gap to a live register.