directives to manage the overall risk exposure throughout the Group. The Risk and Governance Committee also assists the Board in its oversight of the Group’s Anti-Bribery and Anti-Corruption (“ABAC”) governance and compliance framework and in ensuring that best practices of ABAC management system is established, implemented, maintained and reviewed to adequately address the Group’s bribery and corruption risks, including the Group’s ABAC Framework and Policy. The Risk and Governance Committee is to also assist the Board in promoting the appropriate ABAC culture within the Group and in ensuring the alignment of ABAC Framework and Policy to the strategy of the Group. The Risk and Governance Committee also reviewed the Business Continuity Management (“BCM”) framework, the plan, and the scope as well as the effectiveness of the BCM functions in accordance with ISO 22301. More recently and in line with the growing emphasis on environmental, social and governance matters, the Board had, on 27 July 2022, approved a Sustainability Framework and roadmap for the Group. As part of this framework, the Risk and Governance Committee’s scope and terms of reference has been expanded to also provide oversight for the Group’s sustainability journey and the committee has now been renamed as the Risk, Governance and Sustainability Committee to reflect this. Meanwhile, the Board of Directors of Subsidiaries are to adopt and monitor the overall ERM policy and performance of the respective subsidiary companies and ensure that the management of their operations are characterised by sound internal controls as established by the Group. The Management Committee’s key objective is to support the Group Managing Director to assess major decisions and review the delivery of strategic objectives and business development of the Group in a timely manner. It is a platform where the Management reviews key risks and oversees the risk management framework, policies and procedures and strategies in managing risks within the Group for consideration and recommendation for the Board’s approval. The Management Committee also reviews all major investments, evaluate the associated risks and makes its recommendation to the Board on the potential risk response that need to be adopted in relation to a decision to proceed with the investment. The Management Committee ensures that the Board receives adequate and appropriate information for notification and decision making. A dedicated independent risk management function, namely the Risk and Business Process Management Department and the Internal and External Audit functions are responsible for ensuring that the approved risk management framework and policies are implemented and complied with. They are also responsible for facilitating the risk management processes with operational units which include risk identification, assessment, mitigation and monitoring. Likewise, all operating units are responsible for identifying and managing risks within their operation. As risk owners, they are to ensure all daily activities are carried out within the established framework and are in full compliance with approved policies, procedures and the discretionary authority limits. RISK MANAGEMENT APPROACH The Management Committee together with other Senior Management and Divisional Heads are responsible for the continuous development of risk management and in ensuring that risk management is embedded in all key processes and activities within the Group, taking into consideration the changing risk profiles as dictated by changes in business strategies, the external environment and/or regulatory scrutiny. The processes comprise various activities applied at all operating businesses and support function units. The risk owners are primarily responsible for the identification and management of risks within their day-to-day operations. Risks are systematically identified and assessed using the established group-wide risk methodologies and action plans and corrective actions are taken to mitigate risks. The Risk and Business Process Management Department is responsible for the overall coordination of risk management of the Group and works closely with risk owners. The Head of Risk undertakes the coordination of the processes of assessing, monitoring and reporting the risk report to the Risk, Governance and Sustainability Committee and Board on a quarterly basis. The Risk Report presentation is a permanent agenda of the quarterly Risk, Governance and Sustainability Committee and Board meetings to facilitate deliberation on the key risks profile of the Group. As communication is required for an effective risk management programme, the Risk and Business Process Management Department is responsible to lead the ERM educational programmes and continuous sharing of risks insights. DAGANG NeXCHANGE BERHAD 142 STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL
RkJQdWJsaXNoZXIy NDgzMzc=