129 INTEGRATED ANNUAL REPORT 2026 The Statement is made under Paragraph 15.26 (b) of the Bursa Securities MMLR. It aligns with the MCCG and the Statement on Risk Management and Internal Control: Guidelines for Directors of Listed Issuers where the Board of Directors are required to make a statement about the state of risk management and internal control of the listed issuer of a Group. BOARD’S RESPONSIBILITIES Yinson’s Board recognises the importance of maintaining sound risk management and internal control practices to safeguard stakeholders' interests, including the Group’s reputation, shareholder returns and assets. The Board affirms its overarching responsibility for establishing and maintaining a robust risk management and internal control system, ensuring its adequacy and effectiveness in identifying, assessing, managing principal and emerging risks that could materially impact the Group’s ability to achieve its strategic objectives. The Board is also responsible to determine the risk appetite for the Group to set direction for the risk management activities within Yinson. The Board is assisted by the Board Risk and Sustainability Committee (“BRSC”) and Audit Committee (“AC”) in discharging these responsibilities. These committees oversee and ensure that the Enterprise Risk Management (“ERM”) Policy Statement and Framework is implemented effectively and consistently, supported by comprehensive internal control processes and procedures designed to manage risks across the Group. BRSC also provide oversight on ESG and sustainability-related risks. The Board adopts a proactive approach to safeguarding Yinson’s interests in joint ventures and associated companies by leveraging its representatives and implementing monitoring controls within these entities to promptly identify and address potential issues. However, it is important to recognise the inherent limitations of any risk management system, which can only provide reasonable, rather than absolute assurance against material errors, misstatements, fraud or unforeseeable circumstances. BOARD RISK & SUSTAINABILITY COMMITTEE’S RESPONSIBILITIES The BRSC, chaired by an INED, convenes on a quarterly basis to assess the effectiveness of the Group’s risk management process. During these meetings, the BRSC reviews matters related to risk management activities, evaluates the reports generated and analyses new and emerging risks along with the corresponding actions and mitigation plans. In line with Yinson’s advancing risk maturity and strengthened governance across management and businesses, the Board undertook a review on BRSC’s meeting cadence, taking into account the overall stability of the Group’s risk profile and the embedded nature of risk oversight within the management structures. In December 2025, the Board approved the revision of BRSC meeting cadence from quarterly to twice a year, effective from the subsequent financial year. The revised cadence is intended to enhance the quality of strategic risk discussions while optimising Board time allocation. The BRSC continues to exercise robust oversight through escalation thresholds, interim risk reporting and ad-hoc briefings, where material risk developments or emerging issues arise. The BRSC’s responsibilities are guided by its TOR, which is accessible on Yinson’s corporate website. MANAGEMENT & SUSTAINABILITY COMMITTEE’S RESPONSIBILITIES The Management & Sustainability Committee (“MSC”) implements the policies and procedures established by the Board to ensure robust risk management and control processes while embedding sustainability considerations into the Group’s operations. Within their respective areas of responsibility, MSC members are accountable for managing risks within the approved risk appetite and implementing appropriate mitigating measures. The Group CEO oversees the day-to-day management of risks while the Head of Businesses represent the Group CEO’s responsibilities across all businesses. The MSC’s responsibilities include, but are not limited to the following: • Formulate relevant risk policies, procedures, and frameworks to manage these risks in accordance with the Group’s risk appetite; • Design, assist and implement the effective risk management and internal control system to ensure that standardised methodology is used throughout the Group; • Monitor and ensure that remedial action plans are taken to mitigate the likelihood and impact of the risk from escalating further; • Communicate the requirements of the ERM Policy Statement and Framework and ensure continuous enhancement of ERM annually or as and when required; • Ensure that ERM reports are submitted to BRSC/Board in a timely manner, and flash reports are submitted in the event of any new risk(s) that require urgent attention; and • Review the ERM Policy Statement and Framework and consider adopting best practices based on the corporate governance framework. STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL GOVERNANCE | STATEMENT ON RISK MANAGEMENT & INTERNAL CONTROL
RkJQdWJsaXNoZXIy NDgzMzc=