EXCEL FORCE MSC BERHAD Annual Report 2019

EXCEL FORCE MSC BERHAD - ANNUAL REPORT 2019 36 THE KEY ELEMENTS OF THE GROUP’S INTERNAL CONTROL SYSTEM INCLUDE: 1. Organisation structure with defined lines of responsibility, authority and accountability; 2. Policies and procedures for key business processes are formalised and documented for implementation and continuous improvements; 3. Quarterly Board meetings and periodical management meetings are held where information is provided to the Board and management covering financial performances and operations; 4. Training and development are provided as and when required by employees with the objective of enhancing their knowledge and competency; 5. Management accounts and reports are prepared regularly for monitoring of actual performance. 6. Board participation at the macro perspective in the performance monitoring of all subsidiaries under the Group; 7. An internal audit function carries out a quarterly internal audit to ascertain the adequacy of the internal control system and to monitor the effectiveness of operational and financial procedures. The internal audit also reviews and assesses risks faced by the Group and reports directly to the Audit Committee; 8. Regular internal audit visits to monitor compliance with policies and procedures to assess the integrity of both financial and non-financial information provided; and 9. Follow-up visits are then subsequently conducted by the internal auditors to ensure proper implementation of agreed action plans by the respective process owners. RISK MANAGEMENT FRAMEWORK The Board recognises that risk management is an integral part of the Group’s business operations and that the identification and management of risks will affect the achievement of the Group’s business objectives. To this end, the Board has formalised a Risk Management Framework by implementing an on-going process of identifying, evaluating, monitoring and managing the significant risks affecting the achievement of its business objectives and has taken into account the guidance of the Malaysian Code on Corporate Governance. The management of risks in the daily business operation is assigned to the management team and significant risks are identified and related mitigating responses, as well as the corresponding internal control measures, were deliberated at the Audit Committee and Board meeting. ASSURANCE FROM MANAGEMENT The Board has received assurance from the Executive Director and Head of Finance that the Group’s risk management and internal control system are operating adequately and effectively in all material aspects, based on the risk management and internal control system of the Group. REVIEW OF THE STATEMENT BY EXTERNAL AUDITORS As required by Bursa Securities Listing Requirements paragraph 15.23 of the MMLR, the external auditors have reviewed this Statement on Risk Management and Internal Control. As set out in their terms of engagement, the procedures were performed in accordance with Audit and Assurance Practice Guide (AAPG) 3 : Guidance for Auditors on Engagements to Report on the Statement on Risk Management and Internal Control included in the Annual Report issued by Malaysian Institute of Accountants. AAPG 3 does not required external auditors to form an opinion on the adequacy and effectiveness of the risk management and internal control systems of the Group. Based on their procedures performed, the external auditor has reported to the Board that nothing has come to their attention that causes them to believe that this Statement is not prepared in all material respects, in accordance with the disclosures required by paragraphs 41 and 42 of the Guidelines, nor is it factually inaccurate. CONCLUSION For the financial year 31st December 2019 and up to the date of approval of this statement, the Board is of the opinion that the risk management and internal control system currently in place are adequate and effective to safeguard the Group’s interests and assets. For the coming year, the Board will continually assess the adequacy and effectiveness of the Group’s system of internal control and to strengthen it, as and when necessary. This statement is made in accordance with the resolution passed by the Board dated 18 May 2020. STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL (CONT’D)