MISC BERHAD INTEGRATED ANNUAL REPORT 2025 08 09 10 01 02 03 04 05 06 07 12 13 SEC 11 GOVERNANCE 10 228 www.miscgroup.com 229 www.miscgroup.com #deliveringProgress STATEMENT ON RISK MANAGEMENT & INTERNAL CONTROL KEY INTERNAL CONTROL PROCESSES IN ENTERPRISE RISK AREAS MISC Group Management Framework (MGMF) functions as a guide that aligns the Group’s activities on an integrated platform providing the first point of reference with guiding principles for the following areas which defines how the Group fulfils its obligations to regulators, employees, customers, shareholders, and the community. 1 Corporate Governance and Communication 2 Values 4 Approach to Governance Management 3 Decision-making Philosophy 5 MISC Excellence Management System (ExMS) In operationalising the MGMF, MISC uses myGOVERNANCE, a digital system designed as a central hub to streamline document management across all levels to ensure compliance, facilitate online adoption, deviation handling, and provide comprehensive performance reports for governance activities. myGOVERNANCE which was approved for implementation in August 2023, has been in operation since January 2024. The Group conducts structured assessment across key financial and non-financial risk areas. This includes regular assurance and compliance reviews covering HSSE, cybersecurity, regulatory compliance and procurement governance through a combination of myASSURANCE self-assessments, management reviews and independent assurance activities. The results are monitored, tracked and reported to Management and the relevant Board Committees to support timely remediation and continuous improvement. During the year under review, MISC conducted a total of 591 self-assessments via myASSURANCE, an online assurance platform, covering HSSE, cybersecurity, finance, tax, procurement and legal areas to ensure compliance with internal governance requirements established under the Group’s frameworks, guiding principles and guidelines. Other than self-assessment via myASSURANCE, the key internal control processes in Enterprise Risk Areas within MISC Group are as follows: Financial Limits of Authority The Limits of Authority (LOA) manual provides a framework of authority and accountability within the organisation and facilitates sound and timely corporate decision-making at the appropriate level in the organisation’s hierarchy. Reporting The Board reviews quarterly reports from Management on key operating performance, legal, environmental, and regulatory matters. Financial performance is deliberated monthly by the ELT and tabled to the BAC and the Board on a quarterly basis for oversight and decision-making. Planning and Budgeting The Group performs a comprehensive annual planning and budgeting exercise that involves the development of business strategies for the next five years to achieve the Group’s vision. The long-term strategies are supported by initiatives to be pursued in the upcoming year and for effective implementation, the initiatives are tied to specific measurable indicators which will be evaluated against the relevant business/service units and subsidiaries’ deliverables. The Group’s strategic direction is reviewed annually, taking into account the current progress level and other indicators such as the latest developments in the industry, changes in market conditions and significant business risks. In addition, the Group’s business plan is translated into budgetary numbers for the next five years, and financial performance and variance against budget are analysed and reported to the ELT, BAC, and the Board. Financial Reporting Control Assurance To enhance the quality of the Group’s financial reports, the Group continues to execute the PETRONAS Financial Reporting Control (FRC) Assurance. FRC Assurance is a structured process that ensures the adequacy and effectiveness of internal controls operating within the Group. FRC covers internal controls related to financial reporting based on the identified processes and risks. The FRC includes among others, documentation of controls, testing of internal control design effectiveness, remediation of control gaps, as well as periodic testing of control operating effectiveness. STATEMENT ON RISK MANAGEMENT & INTERNAL CONTROL The objective of conducting the assurance and evaluating the test results is to conclude whether the controls are designed and operating effectively to support the financial statement assertions. If internal control deficiencies are noted during the testing, Management shall determine whether they constitute a material misstatement to the financial statements. The root cause for each deficiency shall be documented and the Corrective Action Plan for the ineffective controls shall be monitored and reported periodically. FRC Assurance testing is performed annually for relevant processes. MISC Financial Policy MISC Financial Policy (MFP) outlines the financial management framework and incorporates principles of financial risk management. The MFP governs financial risk management practices across the Group and establishes a framework for identifying and managing risk exposures to ensure efficient capital and liquidity management. MISC is committed to become a financially resilient organisation. MISC shall continuously strive to achieve the following: • Capital efficiency in pursuit of business objectives with appropriate balance between risk and reward. • Maintain an investment grade credit rating (if applicable). • Sustain a strong cash repatriation discipline in the most optimal manner. • Uphold strong governance at all times. Adherence to this Policy is everyone’s responsibility. Note: MISC refers to MISC Berhad and its subsidiaries, excluding the joint venture companies and associate companies. On 13 August 2025, MISC adopted PETRONAS Financial Standard to replace the existing PETRONAS Corporate Financial Policy, which serves as a supporting framework and guideline to manage its financial risk exposure, including liquidity management, cash repatriation, financing, investment, banking, asset-liability management, foreign exchange management, credit, tax, inward financial guarantee and documentary credit, and integrated financial risk management. Debt Compliance Monitoring The Group monitors its financial and non-financial covenants set out under all its external financing facilities on a quarterly basis, to ensure ongoing compliance with the covenants. Financial Risk Appetite The Group has established the Financial Risk Appetite Setting, which sets out KRIs as a means of monitoring and mitigating adverse trends in key financial risk areas: • Interest rate risk appetite limit, where the Weighted Average Cost of Debt for the year is set to monitor the overall cost of debt of the Group. • Minimum liquidity requirement level, which ensures that the Group can meet its immediate operating expenses, committed debt service obligations, and capital expenditures. In addition to the minimum liquidity requirement, additional cash reserves and credit facilities available for utilisation are maintained to meet contingent payments and opportunistic investments. • Debt appetite limit, whereby a debt threshold is established to monitor the Group’s leverage levels. • Foreign exchange risk appetite, which sets thresholds for net currency exposures to mitigate the financial risk arising from non-functional currency transactions. • Financial institution credit counterparty risk appetite, to mitigate financial exposures arising from the potential failure of financial institution counterparties. The KRIs thresholds are reviewed and refreshed annually. Its performance is reported to the BSRC on a quarterly basis.
RkJQdWJsaXNoZXIy NDgzMzc=