MISC BERHAD INTEGRATED ANNUAL REPORT 2025 08 09 10 01 02 03 04 05 06 07 12 13 SEC 11 GOVERNANCE 10 230 www.miscgroup.com 231 www.miscgroup.com #deliveringProgress STATEMENT ON RISK MANAGEMENT & INTERNAL CONTROL MISC Tax Policy With the tax policy in place, MISC Group continues to enhance its tax compliance with the required legislation, including Organisation for Economic Co-operation and Development’s Base Erosion and Profit Shifting 2.0 Pillar 2, also known as Global Minimum Tax (GMT), in the countries where it has a presence, with the aim for the Group to be a responsible corporate taxpayer and to maintain cooperative relationships with the relevant tax authorities. MISC Group is committed to be a responsible taxpayer by: • Complying in good faith with all applicable tax laws, regulations, guidelines and international tax treaties, and settling tax obligations when legally due, as company and employer; and • Maintaining cooperative working relationships with tax authorities. Adherence to this Policy is everyone’s responsibility, by referring all tax related matters to the appropriate parties. Note: MISC refers to MISC Berhad and its subsidiaries, excluding the joint venture companies and associate companies. In addition, overall tax risks of the Group are managed, among others, through: i. Risk Register which sets out KRI in relation to non-compliance events that result in penalties being imposed by tax authorities. ii. Tax Compliance & Control assurance which is designed to enforce effective governance and management of tax risks for both direct and indirect tax areas. iii. Performing tax assessments covering contractual, business structure and operational tax risks as part of PRA. iv. Assessment of potential tax liabilities including GMT in each jurisdiction annually. The Group, however, does not have any material exposure to Pillar 2 income taxes in the relevant jurisdictions. Finance Transformation Programme Following the successful implementation of Project Lightspeed on Wave 2 Platform initiatives which integrated SAP S/4HANA across the MISC Group and implemented process harmonisation, which has gone live on 1 October 2025, the Group is now progressing into two (2) key initiatives as follows: Financial Planning & Analysis Aims to replace the legacy system with a more flexible and scalable solution to support budgeting, forecasting, financial consolidation and reporting. Target Operating Model Covers the expansion of Finance Shared Service Centre into Wave 2 Business Units. Both initiatives are scheduled to be completed in 2026. Looking ahead, the Group’s focus shifts toward enhancing operational efficiency and unlocking business value through advanced data analytics, empowering more informed and strategic decision-making. PROCUREMENT The MISC Group Procurement Programme focuses on the digitalisation of procurement processes and the embedding of relevant policies within the platform, such as LOA and approval flow, among others, will automate and effectively enforce compliance to policies and improve visibility of procurement activities and approval flow. CONTRACT MANAGEMENT The framework for digitalised contract has been regularly reviewed to ensure ongoing improvement and alignment with organisation’s evolving needs and strategic direction. A hybrid approach, combining conventional and digitalisation method, is currently being applied to support contract management compliance. STATEMENT ON RISK MANAGEMENT & INTERNAL CONTROL PROJECT MANAGEMENT Project management of newbuilding Engineering and Construction for GAS & Petroleum business are handled by the Asset Construction & Conversion (ACC) department of MISC Marine, whereas the project management for the Offshore Business is managed by the Project Delivery (PD) department of the Offshore Business Unit. The primary objective of the ACC and PD departments is to strategise, lead and control the shipbuilding/conversion of vessels and the newbuild/conversion of floaters respectively, to ensure safe and successful execution of projects within the agreed schedule and allocated budget limits. Two main functions of MISC Marine’s ACC are: Project engineering team, which mainly provides technical support in project bidding and contracting, feasibility and conceptual studies, retrofitting and modification projects; and Project management team, which handles project execution post contract signing, engineering review, supervision, guarantee claim management and appraisal of builders’ performance depending on the agreed scope of work with the project owner. 1 2 The ACC continuously reviews the execution of the project against the project execution plan, which includes the planned programme, procurement schedule, factory test schedule and commissioning schedule. The ACC also provides regular reporting to Management on the progress and escalating pertinent issues. The Offshore Business’ PD manages all project phases from the bid, through Front End Engineering Design and execution until handover to the asset management team. During project execution, the team will carry out regular project reviews and risk assessments and formulate risk mitigation to ensure that appropriate actions are taken in a timely manner. Independent reviews which may include external experts, if required, are performed during the project execution phase led by MISC’s GIA. GROUP INFORMATION & COMMUNICATION TECHNOLOGY MISC Group is responsible for the implementation and maintenance of enterprise Information and Communication Technology (ICT) system and corporate applications that enable and support core business operations. ICT operates in a Managed State, where processes are well-defined to monitor, track, and control ICT operations, ensuring system availability and safeguarding information security. ICT RISK AND GOVERNANCE Group ICT risks are governed through the following governance bodies: Digital Steering Committee (DSC) Serves as the central governance platform for evaluating and monitoring Group ICT strategic and enterprise investments, providing management oversight, ensuring business alignment, and tracking the progress of initiatives to achieve successful implementation. Enterprise Architecture Committee (EAC) EAC oversees Group ICT architecture decisions, ensuring alignment with business goals, and promoting future-proof solutions that deliver business value while minimising risk. To support this, an Enterprise Architecture Team is established under the governance of the EAC through: • The Digital Foundation and ICT Standards, Unified Control Framework (UCF), and Project Management Procedures to ensure robust control and risk management. • The ICT UCF defines minimum standards to enhance ICT control effectiveness across the Group, thereby minimising risks and improving Information Technology (IT) governance.
RkJQdWJsaXNoZXIy NDgzMzc=