1 70 Table of Contents 72 207

Dagang NeXchange Berhad Annual Report 2018

69 Annual Report 2018 RESPONSIBILITIES AND ACCOUNTABILITIES The Board acknowledges its overall responsibility in the establishment and oversight of the Group’s risk management framework and internal controls system to safeguard shareholders’ investments and Group’s assets. The Board has set the tone and culture towards managing key risks that may impede the achievement of the Group’s business objectives amidst the dynamic and challenging business environment and increasing regulatory requisite. DNeX Group has established a governance structure and embedded the system of risk management and internal control into management processes to complement all day to day business activities of the Group excluding Associate Companies which are not within the Group’s control. The Board is assisted by Board Audit Committee (“AC”) in reviewing the adequacy of the risk management and internal control system of DNeX Group. The management actively reports to the AC on activities that may have an impact on the Group’s risks. The Board delegates to the Management team the authority for the management of the Group. The Management is accountable to the Board for the Group’s performance and are required to report on quarterly basis to the Board the key business risks and its mitigating activities. Delegation of responsibilities and accountability is delegated to other leaders of the Group and formalised through Discretionary Authority Limit (“DAL”). It acts as the Group’s governance framework as the Board formally delegates functions and powers to the Management with specific oversight and supervisory functions. This enables the Board to facilitate a control environment encompassing clear lines of responsibilities, accountability and authority limits that are aligned with the Group’s business operations. However, in view of the inherent limitations, the risk management and internal control system can only provide reasonable assurance that the significant risks impacting the Group’s strategies and objectives are managed within the risk appetite, rather than completely eliminate the risks of failure. The Group will continue to take measures to strengthen the risk management and internal controls system. The following depicts the Board’s and key parties within the Group responsibilities in relation to risk management and internal control. CORPORATE ACCOUNTABILITY STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL INTRODUCTION Pursuant to Paragraph 15.26(b) of the Main Listing Requirements (“LR”) of Bursa Malaysia Securities Berhad (“Bursa Securities”), the Board of Directors of Listed Issuer is required to include in their annual report, a statement on the position of risk management and internal control system and practises of the listed issuer. Accordingly, the Board is pleased to present the following statement which was prepared in guidance by the “Statement on Risk Management and Internal Control: Guidelines for Directors of Listed Issuers” endorsed by Bursa Malaysia Securities Berhad. The statement outlines the nature and scope of risk management and internal control of the Group during the year under review. • Maintains an effective risk management and internal controls • Approves all new and updates to existing policies and framework including the risk management framework and risk appetite • Receives, assess and approves updates by AC on risk management and internal controls Board of Directors • Assist the Board in evaluating the effectiveness of risk management and internal controls • Reviews risk management and internal audit updates and advises and/or updates the Board for approval Board Audit Committee • Enforces all policies and framework approved by the Board • Manages all strategic and operational risks and consults the Board before major undertakings • Gives assurance to the Board that risks and internal controls are being managed effectively • Delegates responsibilities and accountability to the leadership team as formalised through DAL Top Management • A unit within the Group Finance Department which maintains a risk register for the Group • Identifies, reviews and monitors all risk movement and updates the management and Board • Undertakes regular "gap analysis" to review the effectiveness of internal controls and updates policies and procedures to improve its efficacy • Communicates with management and risk owners on risk exposure and risk management progress • Ensures that the Board and management receives adequate information for decision making purposes Risk Management Department

RkJQdWJsaXNoZXIy NDgzMzc=