136 YINSON HOLDINGS BERHAD CORPORATE COMPLIANCE The Corporate Compliance function was established to oversee the compliance initiatives, compliance monitoring reviews and reports to the BRSC and Board of Directors. The following subsections describe policy initiatives aimed at strengthening our Corporate Compliance Framework. These initiatives enhance consistency, traceability and management oversight of compliance risks across the Group, supporting effective governance and regulatory compliance. COMPLIANCE POLICIES AND COSO ALIGNMENT Yinson’s compliance policies and procedures operate in an integrated manner to support the Group’s internal controls system and mitigate compliance-related risks. These policies are aligned with the Committee of Sponsoring Organizations (“COSO”) Internal Control–Integrated Framework and are applied consistently across the Group. The following table demonstrates how Yinson’s compliance policies and procedures, namely COBE, ABAC, Whistleblowing, Conflict of Interest (“COI”) and Dealing with Third Parties, align with the COSO components and their respective principles: COSO Component Compliance Policies Mapped Compliance Integration & Policy Application Control environment i. COBE ii. ABAC iii. COI The COBE and ABAC establish ethical standards, expected behaviours and zero tolerance for misconduct and bribery. The COI policy reinforces policy integrity and objectivity through mandatory disclosure and management of actual or perceived conflicts. Oversight by the Board and management is embedded through structured approvals, tone-from-the-top messaging and disciplinary enforcement. Risk assessment i. ABAC ii. Dealing with Third Parties Risk-based due diligence and periodic risk assessments incorporate country, transaction and counterpart risk considerations to support bribery, corruption and fraud risk identification and assessment. Control activities i. ABAC ii. COI iii. Dealing with Third Parties Preventive and detective controls such as approval thresholds, segregation of duties, gifts, hospitality and entertainment controls, voluntary disclosures, due diligence procedures and contractual safeguards are formalised through documented policies and standard operating procedures. Information and communication i. COBE ii. ABAC iii. Whistleblowing Compliance expectations are communicated internally through mandatory COBE and ABAC training and externally by requiring third parties to adhere to the Group's ABAC standards. The whistleblowing channel enables confidential reporting to ensure relevant information flows to management and the Board. Monitoring activities i. Whistleblowing ii. ABAC iii. Dealing with Third Parties Monitoring is performed through whistleblowing investigations, compliance reviews, audits, half-yearly management/Board reporting and corrective actions. Issues identified are tracked, remediated and escalated where necessary to strengthen the control environment. Collectively, these compliance policies and procedures form an integral part of Yinson’s internal control system and support the effective design, implementation and monitoring of controls across all five COSO components. GOVERNANCE
RkJQdWJsaXNoZXIy NDgzMzc=