My EG Services Berhad Annual Report 2019

MY E.G. SERVICES BERHAD [Registration No. 200001003034 (505639-K)] 90 RISK MANAGEMENT AND INTERNAL CONTROL STATEMENT (CONT’D) INTERNAL AUDIT FUNCTION (CONT’D) The assessment of the adequacy and effectiveness of the internal controls established by the Management in mitigating risks is carried out through interviews and discussions with key management staffs, review of the relevant established policies and procedures, and authority limits and observing and testing of the internal controls on a sample basis. The results of the internal audit reviews including action plans to be taken by the Management to address the identified weaknesses and recommendation of enhancement opportunities are then reported to the ARMC, which in turn reports these matters to the Board. During the FP2019, internal audits were carried out in accordance with the risk based internal audit plan which has been reviewed and approved by the ARMC. The business processes reviewed were Management Information System and E-Service Centre operations processes of the Group. The results of the internal audit reviews were discussed with Senior Management and subsequently, the internal audit findings, including the recommendations for improvement were reported to the ARMC at the quarterly meetings. Based on the internal audit reviews conducted, none of the weaknesses noted have resulted in any material losses, contingencies or uncertainties that would require separate disclosure in this annual report. The total costs incurred for the internal audit function for FP2019 was approximately RM30,000. In addition, internal auditors met with ARMC on 30 May 2019 and 29 August 2019 without the presence of executive board members and the Management to discuss audit related matters. OTHER KEY ELEMENTS OF INTERNAL CONTROLS The other key elements of the Group’s internal control systems are: (i) Quarterly review of the financial performance of the Group by the ARMC and the Board. (ii) Clearly defined and structured lines of reporting and responsibility. (iii) Operations review meetings are held to monitor the progress of business operations, deliberate significant issues and formulate corrective measures. (iv) Documented internal policies as set out in a series of memorandums to various departments within the Group. (v) Whistle Blowing Policy which provides an avenue for employees to report suspected malpractices, misconduct or violations of the Company’s policies and regulations in a secured and confidential manner. ASSURANCE The Group Managing Director and Chief Financial Officer have provided assurance to the Board on the adequacy and effectiveness of the Group’s risk management and internal controls, in all material aspects. Taking into consideration the assurance from the Management and relevant assurance providers, the Board is of the view that the risk management and internal control practices and processes are operating adequately and effectively to safeguard the shareholders’ investment, customer’s interests, and Group’s assets. CONCLUSION The Board is of the view that the Group’s system of risk management and internal control is adequate to safeguard shareholders’ investments and the Group’s assets. However, the Board is also cognisant of the fact that the Group’s system of risk management and internal controls practices must continuously evolve to meet the changing and challenging business environment. Therefore, the Board will, when necessary, put in place appropriate action plans to further enhance the Group’s system of risk management and internal controls. The Group’s risk management and internal controls systems do not apply to the associate companies. The Group’s interest in the associate companies is served through Board representation and periodic review of the associate companies’ management accounts by Senior Management and the Board.