The assay screen that books the revenue
A publicly listed copper producer tracks every tonne of ore leaving the pit through 58 Oracle Forms screens. The assay reconciliation module, written in 1994, determines how much metal the company has actually mined. It feeds directly into the financial close. Last year it processed 340,000 tonnes per day.
The developer who wrote the original triggers retired in 2017. The vendor who supported the stack was acquired twice and no longer exists. The board found out when an internal audit flagged it in late 2025.
Why mining kept Forms longer than almost anyone
Mines are operational environments where software changes are expensive, physically remote, and culturally resisted. A Forms screen that has worked for 25 years at a site 400 kilometers from the nearest city tends to stay. The IT function is small. The OT function is larger and doesn’t report to it. Capital goes to haul trucks, not middleware.
We’ve inventoried Forms estates at seven mining operations. The average site runs between 40 and 180 screens across plant operations, dispatch, laboratory, and shift reporting. The oldest screen we found was written in 1991. It still runs.
The JORC and NI 43-101 problem
Resource reporting under JORC in Australia and NI 43-101 in Canada requires auditable data lineage from the drill core to the published reserve. When the lineage passes through Oracle Forms screens with no individual user attribution and no change history outside the .fmb files, competent persons have to sign statements they can’t fully defend.
This used to be a theoretical risk. Two 2025 enforcement actions in Australia changed that. ASIC has now named software system integrity as a material disclosure factor. The ASX listing rules committee is reportedly drafting updated guidance.
Cybersecurity is the faster-moving threat
Mining operations are in scope for SOCI Act reporting in Australia, CER in Canada, and NIS2 in European jurisdictions. All three require demonstrable controls on critical information systems. An unpatched WebLogic Forms server connecting to a production database is an immediate finding under all three regimes.
We’ve seen one operator receive a formal notice after a penetration test surfaced a Forms server with default credentials and network reachability to the SCADA historian. The remediation plan ran to 180 pages. None of it was optional.
What automated extraction unlocks for plant systems
Plant operations Forms applications are usually smaller than banking or ERP estates, but denser in embedded domain logic. An assay reconciliation screen might contain only 12 blocks, but those blocks encode metallurgical accounting rules that exist nowhere else in writing. Automated parsing captures them intact.
From the JSON descriptor, a TypeScript replacement can generate in weeks, run on modern infrastructure, and integrate with the plant historian through REST APIs instead of direct database writes. The metallurgists keep the behavior they trust. The CISO gets a stack that can be patched.
The site-by-site rollout
Mining modernization doesn’t happen as a single program. It happens one site at a time, usually starting with the operation that has the highest audit exposure or the most brittle hardware. The descriptors produced at the first site accelerate the second, because the underlying Forms patterns repeat across the portfolio.
We’ve seen a three-site rollout complete in 11 months, starting with the flagship operation and finishing with a smaller satellite mine that inherited 70% of its screens from the first migration.
From board risk to operational advantage
The framing that moves boards is simple. A 30-year-old Forms application booking the revenue is a going-concern question for auditors and a disclosure question for the ASX or TSX. Modernization that preserves the embedded logic, produces audit evidence automatically, and runs on a supported stack converts that risk into a line item the CFO can close.
The ore doesn’t care what system tracks it. The regulators increasingly do.