Frontken Berhad Annual Report 2019

31 Frontken Corporation Berhad (651020-T) ANNUAL REPORT 2019 Statement On Risk Management And Internal Control PURPOSE OF STATEMENT Paragraph 15.26 (b) of the Main Market Listing Requirements of Bursa Malaysia Securities Berhad (“Bursa Securities”) states that a listed issuer must ensure that its Board of Directors issues a statement (“Statement on Risk Management and Internal Control” or “Statement”) about the state of risk management and internal control of the listed issuer as a group. The Statement has to include adequate and meaningful information to enable shareholders and other stakeholders make an informed assessment of the main features and adequacy of the listed issuer’s risk management and internal control system as a group. Accordingly, the Board of Directors (“Board”) of Frontken Corporation Berhad (“Company”) furnishes this Statement, which outlines the nature and scope of the system of risk management and internal control in the Group (comprising the Company and its subsidiaries) for the financial year ended 31 December 2019 and up to the date of approval of this Statement for inclusion in the Company’s Annual Report. For the purpose of disclosure, this Statement has considered and, where pertinent, included the mandatory contents outlined in the “Statement on Risk Management and Internal Control - Guidelines for Directors of Listed Issuers”, a publication of Bursa Securities, which sets out guidance to listed issuers in drafting the Statement. BOARD’S RESPONSIBILITY ON RISK MANAGEMENT AND INTERNAL CONTROL The Board assumes its overall responsibility for the Group’s system of risk management and internal control to safeguard shareholders’ investment and the Group’s assets as well as reviewing the adequacy and operating effectiveness of this system in meeting the Group’s corporate objectives. The Board is mindful of the need to establish clear roles and responsibilities in discharging its fiduciary and leadership functions in line with the Principles, Practices and Guidance of the Malaysian Code on Corporate Governance (“MCCG”). As such, the Board acknowledges its principal responsibilities as outlined in the following Practices and Guidance of the MCCG insofar as risk management and internal control are concerned: • Practice 1.1 and Guidance 1.1 The Board should: - ensure a sound framework for internal controls and risk management; - understand the principal risks of the Company’s businesses and recognise that business decisions involve the taking of appropriate risks; - set the risk appetite within which the Board expects Management to operate and ensure that there is an appropriate risk management framework to identify, analyse, evaluate, manage and monitor significant financial and non- financial risks; • Practice 9.1 The Board should establish an effective risk management and internal control framework; and • Practice 9.2 The Board should disclose the features of its risk management and internal control framework, and the adequacy and effectiveness of this framework. The MCCG also stipulates that the Board should, in its disclosure, include a discussion on how key business risks covering finance, operations, regulatory compliance, reputation, cyber security and sustainability had been evaluated and the controls deployed to mitigate or manage those risks to acceptable levels. In view of the inherent limitations in any system of risk management and internal control (“System”), the System is designed to manage, rather than eliminate, the risk of failure to achieve the Group’s corporate objectives. The System can, therefore, only provide reasonable, but not absolute, assurance against any material misstatement, financial loss or fraud.