140 YINSON HOLDINGS BERHAD GOVERNANCE Monitoring and assurance The GRC department facilitates developing and reviewing action plans for risk treatment. These plans are closely monitored and escalated to the MSC and BRSC as necessary. This structured approach ensures that all root causes and controls are addressed comprehensively. This structured and methodical risk treatment process reflects Yinson’s commitment to proactive risk management and its ongoing dedication to safeguarding stakeholders’ interests while aligning with international best practices. RISK APPETITE STATEMENT This section outlines Yinson’s risk appetite, which defines the level of risk the Group is prepared to accept to achieve its strategic objectives and business goals. The risk appetite reflects the commitment to balancing risk and opportunity, ensuring sustainable growth while safeguarding stakeholders’ interests. Key areas Risk appetite Strategic Yinson is committed to pursuing innovative growth opportunities and strategic ventures, accepting a low to medium level of residual risk, provided these align with our long-term goals and do not jeopardise our core business stability and integrity. Financial Yinson adopts prudent financial risk management, balancing risk and reward for sustainable growth and stakeholder value. We focus on maintaining financial stability and managing credit, liquidity, and market risks within low to medium levels. Environment & sustainability Yinson is committed to minimising its environmental footprint and promoting sustainable practices. We have zero tolerance for risks that lead to significant environmental harm or non-compliance with sustainability regulations. Compliance & regulatory Yinson is committed to upholding the highest compliance and regulatory adherence standards. We have zero tolerance towards any legal, financial, or reputational damage and strive to ensure continuous alignment with evolving regulatory landscapes, maintaining transparency in our operations and fostering a culture of ethical conduct and compliance throughout the organisation. Operations Yinson is committed to operational excellence and maintains a balanced approach, aiming for low- to medium-risk tolerance on our standard operations. We strive to continuously improve our processes, systems and controls to minimise disruptions and ensure robust project execution and business continuity. Health & safety Yinson is committed to maintaining the highest standards of health and safety in all aspects of our operations. We have a zero-tolerance policy towards compromising on safety protocols and employee well-being. Yinson strives to keep all health and safety risks as low as reasonably practicable and ensures strict adherence to industry standards and regulatory requirements. Reputation Yinson is committed to maintaining and enhancing our reputation as a trustworthy, ethical, and reliable entity across all our business practices and stakeholder interactions, with a low tolerance for risks that could lead to a loss of trust or damage to our reputation. Technology & cybersecurity Yinson is committed to maintaining a robust and secure technological environment. Yinson encourages the adoption of innovative technologies along with stringent controls to drive business growth, tolerating low to medium risk but not at the expense of compromising critical systems’ integrity or data security. KEY ACTIVITIES IN FY2025 ERM Framework review The Group has updated its ERM Framework to enhance relevancy, accountability, and alignment with its decentralised structure. The ERM Policy Statement has been refined to emphasise proactive risk management, calculated risk-taking, and continuous improvement. Risk appetite definitions have been broadened with measurable thresholds, while the three lines of defence have been distinctly outlined, ensuring clear accountability across risk-taking units, GRC functions, and IA. Other enhancements include a streamlined risk escalation process for immediate action on material risks and standardised parameters for assessing risk impact based on disruption and recovery efforts. Additionally, processes for control effectiveness, emerging risks, and scenario planning have been formalised, with updates to roles, reporting structures, and governance frameworks to support sustainability goals and organisational growth.
RkJQdWJsaXNoZXIy NDgzMzc=