53 GHL SYSTEMS BERHAD 199401007361 (293040-D) ANNUAL REPORT 2021 STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL INTRODUCTION The Board recognises the importance of a sound framework of risk management and internal control for good corporate governance and for safeguarding the Group’s assets and shareholders’ interests. Towards this end, the Board is committed to maintain a sound risk management framework and internal control system for the Group and ensuring their continued effectiveness, adequacy, and integrity through a process of periodic review. Guided by the Statement on Risk Management and Internal Control – Guidelines for Directors of Listed Issuers and Main Market Listing Requirements, the Board is pleased to present the Statement on Risk Management and Internal Control (“SORMIC”). RESPONSIBILITIES OF THE BOARD The Board assumes the responsibility for the effectiveness and adequacy of the Group’s risk management and internal control system and has an established Term of Reference to assist in discharging of this responsibility. The Board has delegated the responsibility of undertaking this process of periodic review to the Audit and Risk Committee (“ARC”), whose responsibilities and duties are detailed in the Audit and Risk Committee Report of this Annual Report. However, the Board as a whole remains ultimately responsible for the effectiveness, adequacy, and integrity of the system of risk management and internal controls. The Board is aware that the expansion into new areas of business and operating in different countries would involve new and different risk considerations. Whenever these events occur, the Board will, in addition to its normal risk management process, pay particular attention to the impact of Group’s overall risk profile and sufficiency of existing internal controls in addressing the additional risks, if any. The Board has, during FY2021, continued to strengthen the Groups’ governance and risk management framework to identify, assess, mitigate, report, and monitor the significant risks in an effective manner. The Board recognises the integral role of key management in the risk management and internal controls process. The Board had established the Risk Management Committee (“RMC”) comprised of Senior Management of the Company to identify and assess the Group’s risks and thereafter to design, implement, and monitor the appropriate risk management processes and internal controls to address and mitigate such risks. RMC reports to the Board through ARC on significant matters arising. GROUP RISK MANAGEMENT SYSTEM Risk Management activities are guided by the Group’s Enterprise Risk Management Framework. This framework covers a span of activities to determine the risk profile inherent from the nature of business which would compromise the business objectives, if addressed improperly. The main features of the Group’s risk management system are described in the following sections: 1. Risk Management Committee (“RMC”) The RMC was established by the Board in 2012 as a key component of the Risk Management Framework. The RMC, which is headed by the Group Chief Executive Officer, comprises the Group’ Chief Financial Officer,and Group Chief Risk Officer. The responsibilities of RMC are as follows: • To provide oversight of the Group’s significant risks • To identify and assess, on an ongoing basis, the risks faced by the Group, and thereafter to design and implement appropriate risk management processes and internal controls to address or mitigate such risks in an effective manner, taking into account the risk appetite and risk tolerance level which the Group is willing to take in achieving its strategic objectives • To periodically assess and review the continued effectiveness and appropriateness of risk management processes • To continuously promote an effective risk awareness culture throughout the Group with written policies and regular communication to and training for the employees and stakeholders • To be accountable and periodically report to the Board, through the ARC, for the design, implementing, and monitoring of the risk management system
RkJQdWJsaXNoZXIy NDgzMzc=