Yinson Integrated Annual Report 2025

138 YINSON HOLDINGS BERHAD GOVERNANCE STATEMENT ON RISK MANAGEMENT & INTERNAL CONTROL The Statement is made under Paragraph 15.26 (b) of the Bursa Securities MMLR. It aligns with the MCCG 2021, where the Board of Directors are required to make a statement about the state of risk management and internal control of the listed issuer of a Group. BOARD’S RESPONSIBILITIES Yinson’s Board recognises the importance of maintaining sound risk management processes and internal control practices to safeguard stakeholders’ interests, including the Group’s reputation, shareholder returns, and assets. The Board affirms its overarching responsibility for establishing and maintaining a robust risk management and internal control system, ensuring its adequacy in identifying, assessing, evaluating, and addressing risks that could materially impact the Group’s ability to achieve its strategic objectives. In assessing the effectiveness of risk management and internal control across the Group, the Board is assisted by the BRSC and Board Audit Committee (“BAC”). These committees oversee and ensure that the updated Enterprise Risk Management (“ERM”) Framework is implemented effectively and consistently, supported by comprehensive internal control processes and procedures designed to manage risks across the Group. The Board adopts a proactive approach to safeguarding Yinson’s interests in joint ventures and associated companies. It leverages its representatives and implements monitoring controls within these entities to promptly identify and address potential issues. However, it is vital to recognise the inherent limitations of any risk management system, which can only provide reasonable rather than absolute assurance against material errors, misstatements, fraud, or unforeseeable circumstances. BOARD RISK & SUSTAINABILITY COMMITTEE’S RESPONSIBILITIES The BRSC, chaired by an Independent Non-Executive Director, convenes every quarter to assess the effectiveness of the Group’s risk management process. During these meetings, the BRSC reviews matters related to risk management activities, evaluates the reports generated, and analyses new and emerging risks along with the corresponding actions and mitigation plans to address identified risks. The BRSC’s duties and responsibilities are guided by its TOR, which is readily accessible on Yinson’s corporate website. MANAGEMENT & SUSTAINABILITY COMMITTEE’S RESPONSIBILITIES The MSC is tasked with implementing the policies and procedures established by the Board to ensure robust risk management and control processes while embedding sustainability considerations into the Group’s operations. Within their respective areas of responsibility, MSC members collectively ensure that all identified risks are effectively managed within acceptable thresholds. The Group CEO oversees the day-to-day management of risks. At the same time, the business CEOs represent the Group CEO’s responsibilities across respective businesses. The MSC’s responsibilities include, but are not limited to the following: • Formulate relevant risk policies, procedures, and frameworks to manage these risks per the Group’s risk appetite; • Design, assist and implement the effective risk management and internal control system to ensure that standardised methodology is used throughout the Group; • Monitor and ensure that remedial action plans are taken to mitigate the likelihood and the impact of the risk from escalating further; • Communicate the requirements of the ERM Policy Statement and Framework and ensure continuous enhancement of ERM annually or as and when required; • Ensure that the ERM reports are submitted to BRSC/Board promptly and flash reports are submitted in the event of any new risk(s) that require urgent attention; and • Review the ERM Policy Statement and Framework and consider adopting the best practices based on the corporate governance framework. RISK GOVERNANCE & OVERSIGHT The Governance, Risk and Compliance (“GRC”) Department is entrusted with establishing, coordinating, and implementing the Group’s ERM Policy Statement and Framework to ensure that internal risk management processes remain current and sufficiently robust to manage risks effectively. Additionally, the GRC Department diligently monitors and reports key risk issues to the MSC and escalates them to the BRSC every quarter. Yinson’s ERM Policy Statement and Framework is designed to systematically identify, evaluate, monitor, and manage risks faced by the Group.

RkJQdWJsaXNoZXIy NDgzMzc=