1 31 Table of Contents 33 116

Ni Hsin Berhad Annual Report 2018

Annual Report 2018 Ni Hsin Resources Berhad (653353-W) 31 MONITORING AND REVIEW OF THE SYSTEM OF RISK MANAGEMENT AND INTERNAL CONTROL The existing system of risk management and internal control has operated effectively in the year under review and up to the date of issuance of this statement. Although control lapses were identified for certain business processes within the Group, there were no significant failures or weaknesses that has resulted in material loss that requires disclosure in the Group’s annual report for the financial period under review. The Board is committed towards operating a sound system of risk management and internal control and will strive for continuous improvement where necessary, to further enhance the Group’s system of risk management and internal control. The Board has reviewed the risk management and internal control system in accordance with the guidelines for directors on risk management and internal control, the Statement on Risk Management and Internal Control: Guidance for Directors of Public Listed Companies. The Board is of the view that the system of risk management and internal control being instituted throughout the Ni Hsin Group is adequate and effective. REVIEW OF THE STATEMENT BY EXTERNAL AUDITOR The external auditors have reviewed this Statement on Risk Management and Internal Control pursuant to the scope set out in Audit and Assurance Practice Guide (“AAPG”) 3, Guidance for Auditors on Engagements to Report on the Statement on Risk Management and Internal Control included in the Annual Report issued by the Malaysian Institute of Accountants (“MIA”) for inclusion in the annual report of the Group for the year ended 31 December 2018, and reported to the Board that nothing has come to their attention that cause them to believe that the statement intended to be included in the annual report of the Group, in all material respects: (a) has not been prepared in accordance with the disclosures required by paragraphs 41 and 42 of the Statement on Risk Management and Internal Control: Guidelines for Directors of Listed Issuers, or (b) is factually inaccurate. APPG 3 does not require the external auditors to consider whether the Directors’ Statement on Risk Management and Internal Control covers all risks and controls, or to form an opinion on the adequacy and effectiveness of the Group’s risk management and internal control system including the assessment and opinion by the Board of Directors and management thereon. The auditors are also not required to consider whether the processes described to deal with material internal control aspects of any significant problems disclosed in the annual report will, in fact, remedy the problems. Statement on Risk Management and Internal Control (continued)

RkJQdWJsaXNoZXIy NDgzMzc=