STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL INTRODUCTION The Board is committed tomaintaining a sound systemof riskmanagement and internal control in the Group to safeguard shareholders’ investments and the Group’s assets. The Board is pleased to provide the Statement on Risk Management and Internal Control which outlines the nature and scope of risk management and internal control of the Group for the financial year ended 31 December 2021 (“FY2021”) under review, in accordance with paragraph 15.26(b) of Main Market Listing Requirements of Bursa Malaysia Securities Berhad. For the purpose of this Statement, the Group comprises the holding company and its subsidiaries. RESPONSIBILITIES OF THE BOARD The Board acknowledges the importance of maintaining an effective and sound system of risk management and internal control, covering all its financial and operating activities, to safeguard shareholders’ investments and the Group’s assets. Notwithstanding this, due to the limitations that are inherent in any system of internal control, the Group’s internal control system is designed to manage, rather than eliminate, the risk of failure to achieve business objectives, and can only provide reasonable but not absolute assurance against material misstatement or loss. Accordingly, the Board affirms its responsibility for the Group’s system of risk management and internal control and its commitment to review its effectiveness, adequacy and integrity to ensure implementation of an appropriate system to effectively and continuously identify, evaluate and manage principal risks of the Group and to mitigate the effects of the principal risks on achieving the Group’s business objectives. The Group’s system of internal control covers risk management and financial, operational and compliance controls. The Board continually reviews the system of internal control to ensure that it provides a reasonable but not absolute assurance against material misstatement of financial information and records, or against financial losses or fraud. The Board has established an ongoing process for identifying, evaluating and managing the significant risks faced by the Group. The Management assists the Board in the implementation of the Board’s policies and procedures on risks and internal controls by identifying and assessing the risks faced, and in the design, operation and monitoring of suitable internal controls to mitigate and control these risks. The Board has received assurance from the Chief Executive Officer and the Chief Financial Officer that the Group’s risk management and internal control system is operating adequately and effectively in all material aspects. The Board has taken the necessary steps to ensure that appropriate systems are in place for the assets of the Group to be adequately safeguarded through the prevention and detection of fraud and other irregularities and material misstatements. The Board is of the view that the risk management and internal control system in place for the year under review and up to the date of issuance of the financial statements is adequate and effective. RISK MANAGEMENT FRAMEWORK The Board has overall accountability for ensuring that risks are effectively managed across the Group, and on behalf of the Board, the Audit Committee (“AC”) reviews the effectiveness of the Group’s risk management process. During FY2021, the Group operates within an enterprise risk management framework. A Risk Management Committee (“RMC”) that comprises Executive Directors of the Company and appointed key management personnel has been established to assume the following functions: a) To oversee the risk management activities of the Group. The RMC supports the Board in fulfilling its responsibility for identifying significant risks and ensuring the implementation of appropriate systems to manage the overall risk exposure of the Group; and b) To review and recommend the Group’s risk management policies and strategies for the Board’s approval. The main functions and duties of the RMC include, but are not limited to: (i) Provides oversight, direction and counsel to the Group risk management process which includes: • Evaluating and identifying new risks; • Reviewing and updating the Risk Register and ensuring that significant risks are being responded to appropriately; and • Monitoring the Group’s risk exposures and ensuring the implementation of management action plans to mitigate significant risks identified; Annual Repor t 2021 54
RkJQdWJsaXNoZXIy NDgzMzc=