SECTION 3: OUR GOVERNANCE 134 The above objectives and processes are applied across the Group’s structural elements such as entity-level, division, business unit and subsidiary. The following diagram illustrates the Group’s risk management and internal control accountability and reporting structure: BOARD OF DIRECTORS AUDIT AND RISK MANAGEMENT COMMITTEE RISK MANAGEMENT WORKING GROUP Consisting of all heads of departments. EXECUTIVE RISK COMMITTEE Consisting of all Executive Directors and the head of risk and control department. RISK OWNERS INTERNAL AUDITORS Accountability, Reporting Delegation, Direction, Resources, Oversight Alignment, Communication, Coordination, Collaboration The Audit and Risk Management Committee has the following roles and responsibilities: 1. Review and recommend risk governance and oversight processes to the Board for approval. 2. Review and recommend risk policies, framework, appetite and tolerance to the Board for approval. 3. Review the adequacy and effectiveness and oversee the assurance, of the Group’s risk management and internal control systems/framework including financial controls, operational controls and compliance controls. 4. Review the risk profile of the Group (including risk registers) and the Executive Risk Committee’s plans to mitigate business risks as identified from time to time. The Board has the following roles and responsibilities: 1. Establish risk governance and oversight processes. 2. Ensure the establishment and approval of risk policies, framework, appetite and tolerance. 3. Ensure the periodic review, assurance and approval of the Group’s risk management and internal control systems/ framework including financial controls, operational controls and compliance controls. 4. Communicate the Group’s risk profile to key stakeholders, including regulators, stock analysts, rating agencies and business partners. STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL
RkJQdWJsaXNoZXIy NDgzMzc=