141 INTEGRATED ANNUAL REPORT 2025 GOVERNANCE | STATEMENT ON RISK MANAGEMENT & INTERNAL CONTROL Consolidation of climate risks into ERM risk Profile During FY2025, we achieved a significant milestone in our risk management approach by integrating our previously distinct risk profiles for enterprise risks and climate risks into a unified framework. This integration reflects the organisation’s growing risk management maturity and aligns with best practices for holistic risk oversight. By combining these profiles, we have enhanced our ability to identify interdependencies between enterprise and climate risks, providing the Board and management with a more comprehensive view of the organisation’s risk landscape. This integrated approach strengthens our decision-making processes, ensuring resilience and sustainability while safeguarding stakeholders’ interests and long-term business objectives. Revision of risk reporting A revision in the escalation of risk matters was introduced to strengthen the organisation’s risk management framework and better align it with strategic objectives. This enhancement prioritises broader risk awareness by expanding oversight beyond the key risks, allowing the Board to better understand the Group’s overall risk landscape. This broader focus ensures that critical risks, including emerging and long-term risks, are effectively identified and managed. The revision also emphasises a proactive approach to risk management by monitoring a wider range of key risks. This enables the organisation to adopt more focused and timely mitigation strategies, enhancing resilience. Furthermore, more precise definitions of risk ownership and accountability have been established to improve the risk assessment and reporting process, fostering a culture of accountability across all levels of the organisation. Ultimately, these refinements ensure that risk management supports achieving the Group’s strategic goals. Business continuity management The company undertook a comprehensive BCM journey to enhance operational resiliency during the year. A BCM consultant was appointed to provide expertise alongside the designation of Business Continuity (“BC”) Coordinators across key functions. Engagement programmes were conducted for Senior Management and BC Coordinators to foster understanding and commitment to BCM objectives. Workshops focused on key deliverables, including Risk and Threat Assessments (RTA), Business Impact Assessments (BIA), Business Continuity Strategy (BCS), and the development of departmental and Group-level BCP. The Crisis Management Plan (“CMP“) was reviewed, and a Group Crisis Communication Plan was established to ensure cohesive response strategies during emergencies. Following thorough evaluation, all plans were finalised and approved, reflecting the company’s commitment to safeguarding its operations and ensuring preparedness against potential disruptions. Yinson’s key risks FY2025 Project execution risk FY2025 proves Yinson’s ability to take on successive projects concurrently across its FPSO, renewables, and green technologies businesses. FPSO projects are particularly complex, capital-intensive undertakings with inherent risks of budget overruns, delays, and operational challenges. For Yinson, any deviation in project timelines or costs can significantly affect profitability and stakeholder confidence. These risks are particularly pronounced during the construction phase, where supply chain disruptions, fluctuating material costs, and regulatory changes can create unforeseen challenges. Yinson employs robust project management practices to mitigate risks, including fixed-price contracts, comprehensive procurement policies, and regular project reviews. These measures ensure adherence to timelines and budgets while maintaining high-quality standards. Additionally, Yinson’s focus on securing long-term charters and collaborating with experienced contractors further reduces exposure to project risks. By embedding rigorous risk management into its project execution framework, Yinson is better positioned to deliver its projects while maintaining operational and financial discipline. Cybersecurity risk In an increasingly digitalised operational environment, Yinson faces heightened risks of cyberattacks targeting critical assets, operational data, and intellectual property. FPSOs, for example, rely on advanced digital systems for monitoring and performance optimisation; any cybersecurity breach could disrupt operations, compromise safety, and result in reputational damage. Yinson has implemented a comprehensive cybersecurity framework to address these risks, including Mobile Device Management (MDM) to secure remote access, Data Loss Prevention (“DLP“) systems to safeguard sensitive information, and restricted USB access to mitigate external threats. These controls are complemented by regular employee training programmes and simulated cyberattack exercises to strengthen organisational awareness and response capabilities. Yinson’s proactive stance on cybersecurity ensures the resilience of its digital infrastructure and reinforces stakeholder confidence in the Company’s ability to protect its critical assets in an increasingly interconnected world.
RkJQdWJsaXNoZXIy NDgzMzc=