Excel Force MSC Berhad Annual Report 2016

EXCEL FORCE MSC BERHAD ANNUAL REPORT 2016 32 Statement on Risk Management and Internal Control INTRODUCTION The Board of Directors (“the Board”) of the Excel Force MSC Berhad (“the Company”) is pleased to present the Statement on Risk Management and Internal Control which outlines the nature and scope of risk management and internal control system of the Excel Force MSC Berhad and its subsidiaries (“the Group”) for the financial year ended 31 December 2016 pursuant to Paragraph 15.26(b) of the Main Market Listing Requirement of Bursa Malaysia Security Berhad (“MMLR”), Malaysia Code on Corporate Governance 2012 (“MCCG 2012”) and “ Statement on Internal Control and Risk Management : Guidelines for Directors of Listed Issuers ”. BOARD RESPONSIBILITY The Board affirms its overall responsibility for maintaining the Group’s systems of internal controls and risk management to safeguard investment, the interest of customers, regulators, employees, and the Group’s assets. The Board further recognizes its responsibility in reviewing of the adequacy and integrity of these systems. The Audit Committee is entrusted by the Board to ensure effectiveness of the Group’s internal control and risk management system. Due to the limitations that are inherent in any system of internal control, the systems of internal controls can only provide reasonable and not absolute assurance against material misstatement or loss as it is designated to manage rather than eliminate the risk of failure to achieve the Group’s business objectives. RISK MANAGEMENT The Board confirms that there is an on-going process of identifying, assessing and responding to risks for achieving the objectives of the Group for the financial year under review. The process is in place for the year under review and up to the date of issuance of the Statement on Risk Management and Internal Control. The process of risk identification involves in reviewing and identifying the possible risk exposure which arising from both internal and external environment changes and operation conditions. The risk measurement guidelines consist of financial and non- financial qualitative measure of risk consequences based on risk likelihood rating and risk impact rating. As part of the Risk Management process, a Registry of Risk and the Risk Management Handbook were adopted. The Registry of Risk is maintained to identify principal business risk and updated for on-going changes in the risk profile. The Risk Management Handbook summarises risk management methodology, approach and processes, roles and responsibilities, and various risk management concept. The responsibility of respective risk owners are to identify and ensure the adequate control systems are implemented to minimise and control the risks which faced by the Group. The management has been embedded the responsibility to manage the risk and internal controls that associated with the operations of the Group and to ensure the compliance with the applicable laws and regulations. Any significant issues and control implemented were discussed at management meetings and quarterly Audit Committee meetings. INTERNAL AUDIT FUNCTIONS In accordance with the Malaysian Code on Corporate Governance, the Group in its efforts to provide adequate and effective internal control system had appointed Sterling Business Alignment Consulting Sdn Bhd (“Sterling”), an independent consulting firm to review the adequacy and integrity of its system of internal control. Sterling acts as the internal auditor and reports directly to the Audit Committee on the quarterly basis. The internal audit reviews and addresses critical business processes, identified risks and internal control gaps, assessed the effectiveness and adequacy of the existing state of internal control of the Group and recommended possible improvements to the internal control process. This is to provide reasonable assurance that such systems continue to operate satisfactorily and effectively within the Group. Quarterly audit reports and status report on follow up actions were tabled to the Audit Committee and Board during its quarterly Audit Committee Meetings.