EXCEL FORCE MSC BERHAD - ANNUAL REPORT 2020 35 INTRODUCTION The Board of Directors (“the Board”) of the Excel Force MSC Berhad (“the Company”) is pleased to present the Statement on Risk Management and Internal Control which outlines the nature and scope of risk management and internal control system of the Company and its subsidiary companies (“the Group”) for the financial year ended 31 December 2020 pursuant to Paragraph 15.26(b) of the Main Market Listing Requirement of Bursa Malaysia Securities Berhad (“MMLR”), Malaysia Code on Corporate Governance (“MCCG”) and as guided by “Statement on Internal Control and Risk Management : Guidelines for Directors of Listed Issuers” (“the Guideline”). BOARD RESPONSIBILITY The Board affirms its overall responsibility for maintaining the Group’s systems of internal controls and risk management to safeguard its investment, the interest of customers, regulators, employees, and the Group’s assets. The Board further recognises its responsibility in reviewing the adequacy and integrity of these systems. The Audit Committee is entrusted by the Board to ensure the effectiveness of the Group’s internal control and risk management system. Due to the limitations that are inherent in any systemof internal control, the systemof internal controls can only provide reasonable and not absolute assurance against material misstatement or loss as it is designated to manage rather than eliminate the risk of failure to achieve the Group’s business objectives. RISK MANAGEMENT COMMITTEE OF THE MANAGEMENT (“RMCM”) Risk Management Committee of the Management is established at the management level to assist the Audit Committee (“AC”) and the Board in implementing and ensuring efficient and effective risk management of the Company. RMCM conducts itsmeeting once every two (2) months and additional meetings may be called at any time as and when necessary. The roles and responsibilities of the committee are defined in the terms of reference of RMCM. RISK MANAGEMENT The Board confirms that there is an on-going process of identifying, assessing and responding to risks for achieving the objectives of the Group for the financial year under review. The process is in place for the financial year under review and up to the date of issuance of the Statement on Risk Management and Internal Control. The process of risk identification involves reviewing and identifying the possible risk exposure which is arising from both internal and external environment changes and operation conditions. The risk measurement guidelines consist of financial and non- financial qualitative measures of risk consequences based on risk likelihood rating and risk impact rating. As part of the Risk Management process, a Registry of Risk and the Risk Management Handbook were adopted. The Registry of Risk is maintained to identify principal business risk and update for on-going changes in the risk profile. The Risk Management Handbook summarises risk management methodology, approaches and processes, roles and responsibilities, and various risk management concepts. The responsibility of respective risk owners is to identify and ensure that adequate control systems are implemented to minimise and control the risks faced by the Group. The management has been embedded the responsibility to manage the risk and internal controls that are associated with the operations of the Group and to ensure compliance with the applicable laws and regulations. Any significant issues and control implemented were discussed at management meetings and quarterly AC meetings. STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL