STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL Risk area Control measures taken to mitigate the risks Corruption risks • Corruption risks exist across all business sectors, in one form or another, from bribery to extortion and embezzlement to cronyism. Corruption can have serious consequences for businesses’ financial health and reputations, impact the quality of goods and services and it can prevent businesses from achieving maximum efficiency and profitability. The Group is not spared from corruption risks • Implemented ABC Policy which sets out the responsibilities of the Group to comply with laws against bribery and corruption and provide guidance to the Directors, employees and business associates on standard of behaviour to which they must adhere to and how to recognise and deal with bribery and corruption issues. • Implemented the Code and Whistleblowing Policy. • Declaration of actual or potential conflict of interest situation by key senior management and tender award committee. Such personnel shall abstain from decision making where there is actual or potential conflict of interest situation. • Adopts segregation of duties for job functions. Designated personnel for preparing, verifying and approving each transaction/activity is documented in written procedures. • Provide training on anti-bribery and corruption to Personnel and conduct due diligence procedures on customers, vendors and employees. INTERNAL CONTROL The Group has established an organisation structure outlining the lines of responsibilities and authorities for planning, executing, controlling and monitoring the business operations aligned to business and operations requirements which supports the maintenance of a strong control environment. It has extended the responsibilities of the ARMC and of the Board to include the assessment of internal controls through the internal audit function. Other key elements of the system of internal control of the Group are as follows:- • The Board established a hierarchical organisation structure with proper segregation of duties for key functions of the operations of the Group; • Delegation of authority including authorisation limits at various levels of management and those requiring the Board’s approval are clearly defined to ensure accountability and responsibility; • Standard operating procedure manuals set out the policies and procedures for day to day operations to be carried out. Reviews are performed to ensure that documentation remains current, relevant and aligned with evolving business and operational needs; • Formation of committee to evaluate and approve related party project tenders; • Appointment of staff is based on the required level of qualification, experience and competency to fulfil their responsibilities. Training and development programmes are carried out to ensure that staff are kept up to date with the necessary competencies and knowledge to carry out their responsibilities towards achieving the Group’s objectives; • There is an annual budgeting process. The Board reviews the actual performance against budget; • Regular and comprehensive information are provided to the Board for monitoring and tracking of performance of the Group; • Periodic operational review meetings are held and attended by the Executive Directors, heads of department and key management staff to consider financial and operational issues of the Group as well as any management proposal; • Active involvement of Directors in the operation and management of branch and subsidiary companies; • Centralised control of financial resources by head office of respective subsidiary companies; • Formalised Whistleblowing Policy and Code are established to ensure high standards of conduct and ethics in the business operations; Kimlun Corporation Berhad 066
RkJQdWJsaXNoZXIy NDgzMzc=