pg. 173 Corporate Governance Report Integrated Annual Report 2025 INTERNAL AUDIT FUNCTION The Manager has entered into an outsourcing arrangement with PKF Risk Management Sdn Bhd (PKF) to carry out its internal audit function. To preserve the independence and objectivity of Internal Auditor, the PKF reports functionally to the BARC and administratively to the CEO and Compliance & Risk Department and is independent of the business activities or operations of the Manager. PKF’s authority, scope, and responsibilities are governed by its Audit Charter which is approved by the BARC and aligned with the International Professional Practice Framework on Internal Auditing issued by the Institute of Internal Auditors. PKF serves as an important source of reasonable assurance and advice for the BARC concerning areas of weaknesses or deficiencies in internal control processes to facilitate appropriate remedial improvements by the Management. PKF also carries out investigative audits where required. The appointed internal auditor independently and objectively reviews the effectiveness of the internal control structures over the REIT activities focusing on high-risk areas as determined using a risk-based approach. All high-risk activities in each auditable area are audited annually following the BARC-approved Internal Audit Plan. The audit reports which provide the findings and results of the audit conducted are discussed with the Management and presented to the BARC for review and deliberation. Key control issues, significant risks, and recommendations are highlighted, along with Management’s responses and action plans for improvement and/or rectification, where applicable. The BARC executes its oversight function by reviewing and deliberating on the audit issues, audit recommendations as well as Management’s responses to these recommendations. Where appropriate and applicable, the BARC directed the Management to take cognisance of the issues raised and established necessary steps to strengthen the system of internal control based on PKF’s recommendations. To ensure effective management and independence of BARC, the BARC is empowered by its TOR to: a) Convene meetings with the Internal Auditor without the attendance of any executive, whenever deemed necessary. b) Approve, then inform the Board of the appointment of the Internal Auditor; and c) Review and assess the performance of the Internal Auditor. The BARC is satisfied that the PKF has been effective and able to discharge its duties and responsibilities. RISK MANAGEMENT Risk management remains the responsibility of the Board. The BARC has delegated responsibility to keep under review the adequacy and effectiveness of the REIT’s internal financial controls and the internal control and risk management system. Risk management is reviewed at the BARC and the Board meetings as part of the formal Board process. The Board has identified and evaluated the significant risks faced by the REIT in delivering its strategy. Details of the principal risks identified are set out in the Section 8 of the IAR. The BARC meets quarterly specifically to review the effectiveness of the REIT’s risk management and internal control systems and to review the risks identified and the progress of actions taken to manage the risks. Following the review, progress and actions are reported to the Board. The ERMC supports the BARC in implementing, monitoring, and assessing the mitigation actions of the identified risks. The Board is satisfied that the BARC has demonstrated an appropriate level of vigilance and diligence towards, amongst others, the detection of any financial anomalies or irregularities in the financial statement. The full details of the BARC activities in 2025 are elaborated in the IAR2025 on page 181. CORPORATE GOVERNANCE OVERVIEW STATEMENT
RkJQdWJsaXNoZXIy NDgzMzc=