PRG Holdings Berhad Annual Report 2017

• Annual Report 2017 51 S T A T E M E N T O N R I S K M A N A G E M E N T A N D I N T E R N A L C O N T R O L ( C O N T ’ D ) Corporate and Property Development & Construction Divisions: • Compliance Audit on Overall Design of the Control Environment of PRG • Risk-based Audit on the identified key risk areas of the Construction Division including: (i) Material trading (ii) Uncertainty of economy (iii) Liquidity risk (iv) Credit risk (v) New project funding (vi) Government policy (vii) Market recognition (viii) Sustainability (ix) Staff incentives and benefits • Compliance audit on delegated authority limit (Financial and Non-Financial) • Compliance audit on compliance with organisation policies, contracts, laws and regulations The findings arising from the above reviews have been reported to the Management for their response and subsequently for the Audit Committee deliberation. Where weaknesses were identified, recommended procedures have been implemented or are being addressed to strengthen controls. Other Key Elements of Internal Control Other key elements that provide effective internal control include: • The Group has established an organisation structure with clearly defined lines of responsibility, accountability, authority and reporting. • The business plan and annual budget are prepared and presented to the Board for review and approval. • Standard Operating Procedures which includes policies and procedures within the Group are continuously reviewed and updated. • Performance reports are provided quarterly to the Directors and discussed at Board meetings. The Board receives from the management reports covering quarterly financial performance and other corporate matters. • Monthly management accounts and reports are prepared to facilitate effective monitoring and decision making. • On-going trainings and educational programs are identified and scheduled for all staff to acquire the necessary knowledge and competency to meet their performance and job expectations. CONCLUSION For the financial year under review, after due and careful assessment and based on information and assurances provided by the Group Managing Director, Managing Directors, Executive Directors and Chief Financial Officer, the Board is satisfied that the Group’s risk management and internal control system was operating adequately and effectively in all material aspects throughout the financial year and up to the date of approval of this statement by the Board. Measures are in place and continually being taken to ensure the on-going internal controls are adequate and effective to safeguard shareholders’ investments and the Group’s assets. There were no material losses, contingencies or uncertainties as a result of weaknesses in the risk management and internal control system that would require separate disclosures in this Annual Report. Nevertheless, the Board will continue to ensure that the Group’s risk management and internal control system are able to constantly adapt and prevail in its changing and challenging business environment. REVIEW OF THE STATEMENT BY EXTERNAL AUDITORS Pursuant to Paragraph 15.23 of the Listing Requirements of Bursa Securities, the external auditors have reviewed this statement for inclusion in the Annual Report of the Group for the financial year ended 31 December 2017. Their review is performed in accordance with Audit Assurance and Practice Guide 3 (“AAPG 3”) issued by the Malaysian Institute of Accountants. The External Auditors’ procedures have been conducted to assess whether the Statement on Risk Management and Internal Control is supported by the documentation prepared by or for the Directors and that it is an appropriate reflection of the process adopted by the Directors in reviewing the adequacy and integrity of the system of internal control for the Group. AAPG 3 does not require the External Auditors to consider whether this statement covers all risks and controls, or to form an opinion on the adequacy and effectiveness of the Group’s risk and control procedures. Based on their procedures performed, the external auditors have reported to the Board that nothing has come to their attention which causes them to believe that this statement is not prepared, in all material respects, in accordance with the disclosures required by paragraph 41 and 42 of the “Statement on Risk Management and Internal Control: Guidelines for Directors of Listed Issuers”, nor is factually inaccurate. This statement was approved by the Board of Directors of PRG on 15 March 2018.