Table of Contents Table of Contents
Previous Page  32 / 144 Next Page
Information
Show Menu
Previous Page 32 / 144 Next Page
Page Background

31

Frontken Corporation Berhad (651020-T)

ANNUAL REPORT

2016

Statement On Risk Management

And Internal Control

Introduction

Paragraph 15.26 (b) of the Listing Requirements of Bursa Malaysia Securities Berhad (“Bursa”) stipulates that a listed

issuer must ensure that its board of directors makes a statement (“Statement on Risk Management and Internal Control” or

“Statement”) about the state of internal control of the listed issuer as a group. The Statement is expected to include sufficient

and meaningful information needed by shareholders to make an informed assessment of the main features and adequacy of

the listed issuer’s risk management and internal control system as a group.

The Board of Directors (“Board”) is pleased to furnish this Statement, which outlines the nature and scope of the system

of risk management and internal control in the Group (comprising the Company and its subsidiaries) for the financial year

ended 31 December 2016 and up to the date of approval of this Statement for inclusion in the Company’s Annual Report.

For the purpose of disclosure, this Statement has taken into consideration the “Statement on Risk Management and Internal

Control - Guidelines for Directors of Listed Issuers”, a publication of Bursa which provides guidance to boards in preparing

the Statement.

Responsibility of the Board

The Board acknowledges its overall responsibility for the Group’s system of risk management and internal control to safeguard

shareholders’ investment and the Group’s assets as well as reviewing the adequacy and integrity of the system in meeting

the Group’s business and corporate objectives. The Board is mindful of the need to establish clear roles and responsibilities

in discharging its fiduciary and leadership functions in line with Recommendation 1.2 (“Recommendation”) of the Malaysian

Code on Corporate Governance 2012 (“MCCG 2012”). As such, the Board is aware that its principal responsibilities, as

outlined in the Commentaries of the same Recommendation, include, inter-alia, the following:-

to identify principal risks and ensure the implementation of appropriate controls and mitigation measures; and

to review the adequacy and integrity of the management information and internal control systems.

The Group’s risk management and internal control system addresses strategic, operational, financial and compliance risks

as well as the associated internal controls implemented by Management to mitigate the principal business risks as identified.

In view of the limitations inherent in any system of risk management and internal control (“system”), the system is designed

to manage, rather than eliminate, the risk of failure to achieve the Group’s business and corporate objectives. The system

can therefore only provide reasonable, but not absolute, assurance against any material misstatement, financial loss or

fraudulent activity.

In embracing Recommendation 6.1 of the MCCG 2012, the Board has formalised an Enterprise Risk Management framework

(“ERM framework” or “framework”) that sets out pertinent policies and guidelines to streamline the Group’s risk management

initiatives and activities in a structured and holistic manner to safeguard shareholders’ investment and the Group’s assets.

Based on this framework, the Board has established an on-going process to identify, evaluate, control, report and monitor

significant business risks faced by the Group. The Board, through its Audit Committee, reviews the results of this process,

including mitigating measures implemented by Management to address the key risks as identified. This process has been in

place for the financial year under review and up to the date of approval of this Statement for inclusion in the Annual Report

of the Company.

Risk Management Framework

Risk management is embedded in the Group’s key business processes through its ERM framework, which provides,

amongst others, an easy-to-understand step by step approach to identify and evaluate risks faced by business units and, by

extension, the Group. To streamline risk management processes and activities, the Board has formalised in writing pertinent

risk management policies and guidelines for adherence by business units across the Group. The ERM framework embodies

a structured risk assessment process, which results in the compilation of specific risk profiles of key business units and

companies in the Group by Risk Management Units (“RMUs”), including the periodic update of risk profiles to take into

account the vagaries of changing business environment as well as emerging risks.

The individual risks in the profile are scored for their likelihood of occurrence and the impact thereof based on a ‘5 by 5’ risk

matrix deploying parameters established for each key business unit or company in the Group. The risk parameters comprise

relevant financial and non-financial metrics for risks to be evaluated in terms of likelihood of their occurrence and the impact

thereof – this feature essentially articulates the Board’s risk appetite, i.e. the extent of risk the Group is prepared to take or

seek in achieving its corporate objectives.

1 27 28 29 30 31 32 33 34 35 36 37 38 144  FlippingBook