OUR GOVERNANCE 148 Roles And Responsibilities The following diagram illustrates the Group’s risk management and internal control accountability and reporting structure, which is based on the IIA’s Three Lines Model: BOARD OF DIRECTORS ("BOARD") GOVERNANCE, RISK AND SUSTAINABILITY COMMITTEE ("GRSC") AUDIT COMMITTEE ("AC") RISK MANAGEMENT WORKING GROUP Consisting of all heads of departments EXECUTIVE RISK COMMITTE Consisting of all Executive Directors and the head of risk and control RISK OWNERS Consists of all employees, including heads of departments INTERNAL AUDITORS Accountability, Reporting Delegation, Direction, Resources, Oversight Alignment, Communication, Coordination, Collaboration GOVERNING BODY MANAGEMENT EXTERNAL ASSURANCE PROVIDERS The Board retains ultimate responsibility for overseeing the Group’s risk management and internal control framework. In discharging its duties, the Board: (a) Establishes and oversees the Group’s risk governance structure and oversight processes. (b) Approves the risk management framework, policies, risk appetite and tolerance levels, to ensuring alignment with the Group’s strategic objectives. (c) Reviews, at least annually, the adequacy and effectiveness of the Group’s risk management and internal control systems including financial. operational, compliance and information technology controls. (d) Ensures appropriate assurance mechanisms are in place to support its oversight responsibilities. (e) Oversees communication of the Group’s risk profile to relevant stakeholders where appropriate. (f) Discharges such other responsibilities as set out in the Board Charter. The AC assists the Board in fulfilling its statutory and fiduciary responsibilities by providing independent oversight of the Group’s financial reporting and assurance processes. The AC: (a) Review the independence, scope and effectiveness of the internal audit function. (b) Oversees both internal and external audit activities to ensure objectivity and transparency. (c) Reviews the integrity and reliability of the Group’s financial reporting processes. STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL
RkJQdWJsaXNoZXIy NDgzMzc=