My EG Services Berhad Annual Report 2019

ANNUAL REPORT 2019 65 GOVERNANCE PRINCIPAL B: EFFECTIVE AUDIT AND RISK MANAGEMENT I. AUDIT AND RISK MANAGEMENT COMMITTEE The Audit and Risk Management Committee (“ ARMC ”) comprises three (3) Independent Non-Executive Directors and plays a key role in ensuring integrity and transparency of corporate reporting. The ARMC’s role is to review and where necessary, to challenge Management to ensure that appropriate disclosures of accounting treatment and accounting policies are made. The ARMC has a duty to provide assurance to the Board that robust risk management, internal controls and assurance processes are in place. It continues to monitor the potential risks of the Group and ensures that mitigating measures are in place to safeguard the health, safety and business continuity of the Group. The ARMC with the assistance of the internal audit function had undertaken a thorough review of the following areas within the Group to ensure that appropriate controls and effective management processes are in place:- a) Management information system b) Operation – Security Paper Printing Process c) Operation Management d) Tele-Marketing Annually, the composition of the ARMC is reviewed by the NC and recommended to the Board for its approval. With the view to maintain an independent and effective ARMC, the NC ensures that only Independent Non- Executive Directors who have the appropriate level of expertise and experience and have a sound understanding of the Group’s business would be considered for membership on the ARMC. Further details pertaining to the activities undertaken by the ARMC can be obtained in the ARMC Report set out on pages 82 to 88 of this Annual Report. II. RISK MANAGEMENT AND INTERNAL CONTROL FRAMEWORK Risk management is a critical component of good management practice and effective corporate governance. With the Risk Management Framework being in place, the Board’s decision-making was supported by sufficient information for the right discussions and considerations. The enhanced level of risk debate and greater involvement from the Management was also critical in ensuring that appropriate monitoring and mitigations were embedded to support the proposals under discussion. The Board fulfils its responsibilities in the risk governance and oversight functions through its ARMC in order to manage the overall risk exposure of the Group. In addition to reviewing the adequacy and effectiveness of the internal control in relation to internal audit function of the Group, the ARMC also assessed and monitored the efficacy of the risk management and controls. The Board is satisfied with the performance of the ARMC in discharging its responsibilities, based on the results of the Board’s evaluation undertook during the year. The Board will continue to drive a proactive risk management approach and ensure that the Group’s employees have a good understanding of the application of risk management principles in order to work towards cultivating a sustainable risk management culture. The Board will also continue to challenge the Group’s risk reporting mechanism and ensure that it is data-driven to capture and quantify exposures where applicable and necessary. The Board is of the view that the system of risk management and internal control in place during the FP2019 is sound and sufficient to safeguard the Group’s assets, as well as shareholders’ investments and the interest of its stakeholders. The details of the Risk Management and Internal Control Framework can be obtained in the Risk Management and Internal Control Statement set out on pages 89 to 91 of this Annual Report. In line with the recommended practice of the MCCG, the Board had on 27 February 2020 approved upon the recommendation from the NC to separate ARMC into two committees, namely the Audit Committee and Risk Management Committee. Subsequent to the separation, the Audit Committee would assist the Board on financial reporting and accounting policies while the Risk Management Committee would assist the Board on risk management framework, policies and internal controls. CORPORATE GOVERNANCE OVERVIEW (CONT’D)