137 INTEGRATED ANNUAL REPORT 2026 Compliance Management System To enhance the the effectiveness and scalability of the compliance framework, the Corporate Compliance function utilises an integrated Compliance Management System (“CMS”) to support monitoring, documentation and reporting processes. During the financial year, the following core modules were operationalised and strengthened: • Independent Whistleblowing Channel: A secure and confidential platform managed by an external service provider to ensure independence and accessibility. • Third-Party Due Diligence: Automated screening and monitoring processes to support risk-based assessment of third parties in alignment with the Group’s ethical and regulatory standards. The CMS enables structured workflow management, data integrity and audit traceability, supporting timely escalation and management oversight of compliance risks. Whistleblowing Yinson maintains a formal whistleblowing framework that encourages employees, business partners and external stakeholders to report suspected misconduct, including breaches of the COBE, financial improprieties or noncompliance with applicable laws and internal policies. The Whistleblowing Policy & Procedure, established in 2018 and recently revised in 2025, incorporates a risk-based, tiered triage mechanism to ensure appropriate oversight and timely resolution. Key features of the framework include: • Independent reporting channel: managed by an external provider and accessible globally. • Non-retaliation protection: safeguards for individuals who report concerns in good faith. • Structured escalation protocols: differentiation of reports based on risk severity and subject matter. Reports are categorised as follows: • Reportable Conduct Allegations involving fraud, bribery, corruption or serious breaches of COBE are escalated to the AC Chairperson within three working days for independent oversight and direction. • Workplace-Related Grievances Personnel matters are directed to Group Human Resources for resolution under established HR grievance procedures. • Operational Concerns Business process matters are referred to the relevant businesses for management review and corrective action. Where required, the AC Chairperson may mandate an independent investigation and review the findings before determining remedial actions. The Prescribed Officer communicates the outcome of each report to the whistleblower, subject to confidentiality considerations. ISO 37001:2016 Anti-Bribery Management System Audit Following the successful ISO 37001:2016 recertification of Yinson Holdings Berhad (“YHB”) and Yinson Production Offshore Pte Ltd (“YPOPL”) in August 2024, the Group has continued to maintain its Anti-Bribery Management System in accordance with the ISO standard. In August 2025, both entities underwent Surveillance Audit 1, conducted by Bureau Veritas, a leading internationally accredited certification body. The audit concluded without any non-conformities, reaffirming that the Group’s antibribery policies, controls, and procedures remain effectively implemented and aligned with the requirements of the ISO 37001:2016. Looking ahead, YHB and YPOPL are scheduled for Surveillance Audit 2 in the second half of FY2027, which will coincide with the transition to the revised ISO 37001:2025 standard. During FY2026, the Group undertook a review of its Anti-Bribery Management System to align with these updated requirements, including enhancements to the risk assessment processes, focusing on integrating climaterelated considerations into our anti-bribery risk assessment framework. Through continued adherence to internationally recognised standards, the Group reinforces its governance framework for preventing, detecting and responding to bribery risks. INTERNAL AUDIT & CONTROLS The Group maintains an independent IA Department that provides the Board, through the AC, with objective assurance on the adequacy, effectiveness, and robustness of the Group’s internal control system and management information processes. The IA function operates under a structured audit methodology and a disciplined review cycle designed to deliver meaningful insights, strengthen governance, and support the Group’s overall risk management framework. The audit approach emphasises continuous improvement, alignment with evolving business risks, and the development of relevant competencies, such as data analytics to meet the Group’s assurance needs. GOVERNANCE | STATEMENT ON RISK MANAGEMENT & INTERNAL CONTROL
RkJQdWJsaXNoZXIy NDgzMzc=