138 YINSON HOLDINGS BERHAD In preparing the annual IA plan, IA adopts a risk based approach that covers Yinson's businesses core operational areas, and critical support functions. This ensures that audit resources are focused on areas with the greatest potential impact on operational reliability, financial integrity, and strategic objectives. IA Department has unrestricted access to records and personnel during audit execution. Upon completion of each audit engagement, IA reports its assessments and recommendations to the AC. The status of Management’s action plans to address identified improvement opportunities is monitored closely, with quarterly progress updates presented to the AC. This process enables the Board to maintain clear oversight of internal control enhancements and overall compliance posture. BOARD’S COMMENTARY For the financial year under review and up to the date of approval of this statement for inclusion in the Annual Report, the Board considers the system of risk management and internal controls described in this Statement to be satisfactory and has not led to any material losses, contingencies, or uncertainties, ensuring that risks are reasonably managed within the context of the Group’s business environment. The Board is not aware and nor has it been made aware of any material weaknesses or lapses in the internal control system of the Group occurring within the financial year under review and up to the date of approval of this statement for inclusion in the annual report. The Board has received assurance from the Group CEO and Group Chief Financial and Strategy Officer that the Group’s risk management and internal control system is operating adequately and effectively, in all material aspects, based on the risk management and internal control systems of the Group. The Board and MSC also hereby confirm that having reviewed the audited financial statement for the financial year ended 31 January 2026, no adverse auditor opinion or material restatements was observed for the financial year ended 31 January 2026. The Board and MSC will continue to take measures to strengthen the Group’s risk management and internal control system. REVIEW OF THE STATEMENT BY EXTERNAL AUDITORS As required by Paragraph 15.23 of the Listing Requirements, the external auditors have conducted a limited assurance review on this Statement pursuant to the scope set out in the Audit and Assurance Practice Guide (“AAPG”) 3: Guidance for Auditors on Engagements to Report on the Statement on Risk Management and Internal Control included in the Annual Report issued by the Malaysian Institute of Accountants (“MIA”). AAPG 3 does not require the external auditors to consider whether this Statement covers all risks and controls or to form an opinion on the adequacy and effectiveness of the risk management and internal control systems of the Group including the assessment and opinion by the Board of Directors and management thereon. The external auditor is also not required to consider whether the processes described to deal with material internal control aspects of any significant problems disclosed in the annual report will, in fact, remedy the problems. This Statement on Risk Management and Internal Control was made in accordance with a resolution of the Board on 14 May 2026. GOVERNANCE
RkJQdWJsaXNoZXIy NDgzMzc=