KENANGA INVESTMENT BANK BERHAD INTEGRATED ANNUAL REPORT 2024 WE ARE KENANGA OUR SUSTAINABILITY APPROACH LEADERSHIP STATEMENT HOW WE ARE GOVERNED FINANCIAL STATEMENTS SHAREHOLDERS’ INFORMATION ADDITIONAL INFORMATION OUR VALUE CREATION APPROACH 127 126 STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL Pursuant to Paragraph 15.26(b) of the Main Market Listing Requirements (“MMLR”) of Bursa Malaysia Securities Berhad (“Bursa Malaysia”), a listed issuer must ensure that its Board of Directors (“Board”) includes in its annual report a statement about the state of its risk management and internal controls as a group. In addition, the Malaysian Code on Corporate Governance (“MCCG”) also stipulates that the Board should maintain a sound system of internal controls and review its effectiveness to safeguard Shareholders’ investments and the Group’s assets. Set out below is the Board’s Statement on Risk Management and Internal Control in compliance with the MMLR of Bursa Malaysia. INTRODUCTION BOARD RESPONSIBILITY The Board is committed to maintaining a sound system of internal controls and has instituted a risk management framework, as well as good corporate governance measures to monitor the effectiveness of the measures and controls put in place by the Group to safeguard Shareholders’ investments and the Group’s assets. The Board is responsible for determining key strategies and policies for significant risks and control issues, whereas Management is responsible for the effective implementation of the Board’s policies by way of identifying, monitoring and managing risks. However, as any system of internal controls will have its inherent limitations, the system has been designed to manage risks rather than provide absolute assurance against material misstatement, fraud or loss. The Board has also received reasonable assurance from the Group Managing Director and Group Chief Financial and Operations Officer that the Group’s risk management and internal control system is operating adequately and effectively, in all material aspects. RISK MANAGEMENT AND INTERNAL CONTROL SYSTEM The Board and Management of the Group are committed to the implementation of an internal control system to manage those risks that could affect the Group’s continued growth and financial viability. Measures are taken to continuously evaluate changes in the risk profile of the Group and business complexities to assist the Board and Management to anticipate and manage all potential risks and protect Shareholders’ value. The key elements of the Group’s internal control system include the following: Risk Management Framework The risk governance structure in the Enterprise Risk Management Framework defines the roles and responsibilities throughout the organisation to ensure accountability and ownership. It sets out the principles of sound corporate governance to assess and manage risks to ensure that risk taking activities are aligned with the Group’s long-term viability and its capacity to absorb losses. The risk management philosophy adopted by the Group is based on the three (3) lines of defence approach. The line management is the first (1st) line of defence and is primarily responsible for the day-today risk management by identifying the risks, assessing impact and taking appropriate actions to manage and mitigate risks. The second (2nd) line of defence is the oversight functions comprising Group Risk Management and Group Regulatory. They perform independent monitoring of business units as well as reporting to Management and the Board to ensure that the Group conducts its business and operations within internal guidelines and in compliance with relevant regulatory requirements. The third (3rd) line of defence is Group Internal Audit (“GIA”) which provides independent assurance to the Board on the adequacy and effectiveness of system of internal controls, risk management and governance processes. Governance The Board, through its appointed committees such as the Group Board Risk Committee (“GBRC”) and Group Board Digital Innovation & Technology Committee (“GBDITC”), ensures that the Group’s activities are consistent with its approved risk appetite, strategies and policies. The GBRC is supported by the Group Risk Committee (“GRC”) that provides a forum to address and review the management of credit, operational, market, liquidity, technology and other significant risks including climate change risk, to enable effective oversight, accountability and responsibilities for risk taking decisions. Assisting the GRC is the Group Operational Risk Committee and the Group Business Continuity Management Committee. The GBDITC on the other hand, focuses on technologies and information technology (“IT”) risk of the Group at the Board level and is supported by the Group Digital Innovation Technology Committee which covers the Group’s technology plans and projects. Quarterly meetings as well as special or ad hoc meetings as and when required, are held by the Audit Committee (“AC”) together with Management to review issues highlighted in the reports by internal and external auditors, as well as audits conducted by regulators such as Bank Negara Malaysia (“BNM”), the Securities Commission Malaysia (“SC”) and Bursa Malaysia; and the remedial measures or actions taken by Management in addressing the audit findings raised by the regulators. The Group Governance, Nomination & Compensation Committee (“GNC”) was established with the objective, among others, to support the Board in the effectiveness and the enhancement of the Group’s governance structure, framework and policies and its compliance with the applicable statutory and regulatory requirements in relation thereof, including but not limited to, the MMLR of Bursa Malaysia, BNM’s Policy Document on Corporate Governance, the MCCG and the Malaysian Anti-Corruption Commission Act 2009, as well as the relevant latest developments in the corporate governance area. BOARD OF DIRECTORS Group Board Risk Committee Group Risk Committee Group Operational Risk Committee Group Credit Committee Group Products Committee Group Outsourcing & Procurement Committee Building Committee Staff Outreach Committee Corporate Finance Senior Officer Committee Group Occupational Safety and Health Committee Group Business Continuity Management Committee Group Executive Committee Group Board Digital Innovation & Technology Committee Group Digital Innovation Technology Committee Group Sustainability Management Committee Audit Committee Group Governance, Nomination & Compensation Committee Employees’ Share Scheme Committee Shariah Committee Group Talent Committee Group Disciplinary Committee Board Committees Management Committees
RkJQdWJsaXNoZXIy NDgzMzc=