Risk Management Policy

KAZAKHSTAN POTASH CORPORATION LIMITED ACN 143 441 285

(“Company”)

1. PURPOSE

The Company believes risk management is essential to the Company meeting its operational objectives and corporate standards.  The Company has developed this Risk Management Policy to balance risk and reward in the Company’s activities and to facilitate outcomes in the best interests of all stakeholders.

The Company will use its best endeavours to identify material business risks. However, due to the uncertain nature of the mining industry, it may be difficult for the Board and Senior Management to foresee and identify all material risks affecting the Company.

 2. DEFINITIONS

2.1 In this Policy:

Board means the Board of the Company;

Policy means this Risk Management Policy as amended from time to time; and

Senior Management means employees of the Company who manage the Company pursuant to the directions and delegations of the Board.

3. POLICY

There are a number of potential and existing risks associated with the Company’s operations.  Pursuant to this Policy, it is aimed that those risks will be identified, analysed, internally reported to the responsible person (and to the Board), and then appropriately managed.

The Company requires the following risk management processes and procedures to be followed by the Audit and Risk Committee:-

3.1 Assessing the Company’s risk tolerance level to determine when and what action is required to address and mitigate that material business risk;

 3.2 Ensuring risk management is included in strategic and business planning;

 3.3 Senior Management training to consider and manage material business risks;

 3.4 Maintaining and updating an internal Risk Management document which:

 3.4.1 Identifies current material business risks for the Company;

3.4.2 Details the current controls being implemented;

3.4.3 Assesses the likelihood and consequences of the risk occurring;

3.4.4 If deemed necessary, specifies further action to eliminate, reduce, transfer, manage or accept each risk; and

3.4.5 Outlines management responsibilities for dealing with the risk.

 3.5 Ensuring Senior Management has developed and implemented risk mitigation plans and internal controls;

 3.6 Providing the Risk Management document and a report to the Board for review on a monthly basis (or at such other regularity as deemed appropriate). The report will cover:

 3.6.1 Operational risks;

3.6.2 Financial reporting in compliance with section 295A of the Corporations Act;

3.6.3 Compliance / regulations; and

3.6.4 System/IT process risk; and

 3.7 Preparing annual disclosure with respect to ASX recommendations under Corporate Governance Principle 7 so that Senior Management, the Board and investors understand the risk profile of the Company.

 4. RESPONSIBILITIES

 4.1 The Board has overall responsibility for the oversight of matters relating to risk, compliance and internal control and will regularly review this Policy to ensure the Audit and Risk Committee is managing its material business risk effectively.

 4.2 The Audit and Risk Committee has a number of responsibilities in relation to risk management set out in the Audit and Risk Committee Charter.