113 ANNUAL REPORT 2024 STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL The Board is pleased to present this Statement on Risk Management and Internal Control, which outlines the main features of risk management and internal control system in Keyfield Group for the FYE 2024. This statement is prepared pursuant to Paragraph 15.26(b) of MMLR and Principle B of MCCG, with guidance from the Statement on Risk Management and Internal Control: Guidelines for Directors of Listed Issuers issued by Bursa Securities. BOARD RESPONSIBILITIES In today’s dynamic business landscape, the Board recognises that an effective risk management and internal control system forms the bedrock of the Group’s corporate governance framework. In this regard, the Board is committed to maintain a sound and effective risk management and internal control system within the Group to safeguard shareholders’ investments, stakeholders’ interests and the Group’s assets. Whilst the Board assumes the ultimate responsibility over the Group’s risk management and internal control system, the ARMC is assigned with the oversight role to scrutinise, review such system across the Group and propose relevant improvement measures to the Board. However, given the inherent limitation in any risk management and internal control system, the said system is designed to manage the Group’s risks within an acceptable level, rather than to eliminate the risk of failure, while pursuing the Group’s business goals and objectives. Therefore, it can only provide reasonable but not absolute assurance of its effectiveness against any material financial misstatement, loss, fraud or any unforeseeable events. Through the ARMC, the Board is kept informed of all significant financial or non-financial issues brought to the attention of the ARMC by the Management, the Internal Auditors and External Auditors. The Board is of the view that the Group’s risk management and internal control system has been operating adequately and effectively during the financial year under review and up to the date of approval of this Annual Report, in all material aspects, subject to regular reviews. RISK MANAGEMENT SYSTEM The Group’s risk management and internal control system is designed to proactively identify and manage risks, with the objective to safeguard the Group’s assets, ensure operational efficiency, and maintain the trust of our stakeholders. Enterprise Risk Management (“ERM”) is a systematic approach in identifying, measuring, evaluating, controlling, monitoring and communicating risks that will enable the Group to minimise potential losses while maximising its opportunities to achieve its objectives. The responsibility and accountability for embedding risk management within the Group are vested in the Executive Committee ("EC"). The EC is responsible for: • reviewing the risks and opportunities associated with the Group’s business strategies and its operating processes; • reviewing the design, implementing and monitoring ERM framework and practices in the business; • setting the materiality limits for reporting and communication of performance; and • reviewing and assessing the adequacy of risk management mitigation plans and internal control to manage the material risks. EC then reports the assessment of adequacy and effectiveness of risk management and internal control to the ARMC and the Board. THE BOARD ARMC Executive Committee Governance, Risk and Compliance Heads of Department
RkJQdWJsaXNoZXIy NDgzMzc=