GOVERNANCE B. EFFECTIVE AUDIT AND RISK MANAGEMENT (CONT’D) II. Risk Management and Internal Control Framework The Board is ultimately responsible for effectively managing risks across the Group, determining its risk appetite, and ensuring that each business area implements appropriate internal controls. To achieve this objective, the Group has adopted a Risk Management Policy. The Group’s risk management systems are designed to manage, mitigate, and eliminate risks (where possible) to achieve business objectives. However, these systems can only provide reasonable, not absolute assurance against material misstatement or loss. The Board has delegated its responsibility for reviewing the effectiveness of the Group’s internal control systems to the RMC. This includes oversight of all material controls, such as financial, operational, compliance, and risk management systems. The RMC is further supported by various sources of internal assurance within the Group to assess the adequacy and effectiveness of existing risk controls. To implement an internal audit function, the Group has outsourced this function as the most cost-effective solution. For FY2025, the independent third-party service provider for the internal audit services was Vaersa Advisory Sdn. Bhd. (“Vaersa” or “Internal Auditors”), which reported directly to the AC as specified in the Terms of Reference of the AC. The Internal Auditors perform their functions in accordance with the annual Internal Audit Plan, approved by the AC. Vaersa has approximately three (3) audit personnel assisting the person responsible for the internal audit. Details of the person responsible for the internal audit are as follows: Name : Quincy Gan Hoong Huat Qualification : Associate of Chartered Certified Accountant Independence : No family relationship with any Director and/or major shareholder of the Company Public Sanction or penalty : No convictions for any offences within the past five (5) years (other than traffic offences, if any) and no public sanctions or penalties by the relevant regulatory bodies during the financial year. Further information can be found in the Risk Management and Internal Control Statement and the Management Discussion and Analysis included in this IAR2025. C. INTEGRITY IN CORPORATE REPORTING AND MEANINGFUL RELATIONSHIP WITH STAKEHOLDERS I. Communication with Stakeholders The Board recognises that effective communication with stakeholders is essential to the Group’s sustainability. Accordingly, stakeholders are informed of all material business events and risks in a factual, timely, and widely accessible manner. The Board has formalised a Corporate Disclosure Policy and Procedure not only to comply with the disclosure requirements stipulated in the MMLR of Bursa Securities, but also to designate individuals authorised to approve and disclose material information to stakeholders. The Board acknowledges the importance of fostering effective two-way communication with investors and analysts to enhance their understanding of the Group’s vision, strategies, developments, and financial prospects. A variety of engagement initiatives, including direct meetings and dialogues with stakeholders, are conducted regularly to strengthen mutual understanding. The Group promptly disseminates its financial performance, major corporate developments, and other relevant information to shareholders and investors through quarterly results announcements, the annual report, corporate announcements to Bursa Securities, and press conferences. It is the Group’s practice to ensure that all material information for public disclosure - including annual and quarterly financial statements, press releases, and presentations to investors, analysts, and the media - is factual, reviewed internally for accuracy, and expressed in a clear and objective manner. CORPORATE GOVERNANCE STATEMENT (cont’d) 179
RkJQdWJsaXNoZXIy NDgzMzc=