S E C T I O N 5 C O R P O R A T E G O V E R N A N C E 109 BOARD AUDIT AND RISK COMMITTEE REPORT Internal Audit (a) Provided input on key areas to be included as part of the annual Internal Audit Plan. Deliberated the risk-based Internal Audit Plan to ensure adequate scope and comprehensive coverage of business activities, prior to recommending to the Board for approval. Monitored the progress of the approved Internal Audit Plan, including the status of the planned reviews and approved changes to the Internal Audit Plan due to changes in business and/or risk environment. (b) Reviewed and deliberated on internal audit reports, the audit recommendations and adequacy of Management’s response to these recommendations. Significant issues were discussed at length with the presence of relevant Management team members to ensure satisfactory and timely remediation actions have been committed by Management to address identified risks. Additional presentations were made at the request of the ARC to ensure adequate actions were taken in addressing the issues raised. (c) Monitored the implementation of corrective action plans agreed by the management on outstanding audit findings on a quarterly basis to ensure that all actions have been implemented on a timely basis in the related areas. (d) Discussions with the internal audit team, to assure itself of the soundness of internal control systems and internal audit activities, and to provide guidance on ad hoc matters arising from on-going internal audit activities. (e) Reviewed the effectiveness of the Internal Audit function through evaluation of its performance and competency, and monitoring the sufficiency of resources and costs, to ensure that it has the required expertise and professionalism to discharge its duties. (f) Received updates on the status of investigation cases handled by Internal Audit to provide guidance where relevant. Risk Management and Internal Control (a) Reviewed quarterly top risk profiles which covers Strategic, Finance, Operational and Compliance Risks and deliberated on the significant threats and opportunities, including status and adequacy of mitigation strategies. (b) Discussed the improvements to the Enterprise Risk Management framework and process to ensure proactive and holistic risk identification, and monitoring of mitigation actions to reduce risk impact to an acceptable level. (c) Evaluated the overall adequacy and effectiveness of internal controls through review of the work performed by both internal and external auditors, other assurance providers and through discussions with Management (d) Ensures appropriate controls are in place in management of the Fund, that the Manager has a well defined organisational structure with clear lines of responsibility and a comprehensive reporting system and adequate procedures in financial reporting, risk management, internal control and are in place. Further details in respect of risk management and internal controls are set out on pages 112 to 118 (Statement on Risk Management and Internal Control of this Annual Report). Details in respect of the principal risks and uncertainties are set out on pages 55 to 56 under Management Discussion and Analysis. (e) The Committee also reviewed and deliberated on four frameworks relating to compliance and internal controls and recommended to the Board the implementation of the frameworks and policies put forward by the Management, listed as below: No Frameworks & Policy Date of Meeting Effective Date 1 Procurement Policy (New) 18 Feb 2021 1 March 2021 2 Business Continuity Management 18 Feb 2021 18 Feb 2021 Framework (Revised) 3 Investment Policy 18 Feb 2021 1 March 2021 4 Personal Data Protection Policy (New) 28 May 2021 18 June 2021 5 IT Policy (Revised) 2 Dec 2021 2 Dec 2022 6 Limits of Authority (Revised) 2 Dec 2021 2 Dec 2021 7 Enterprise Risk Management 2 Dec 2021 2 Dec 2021 Policy & Framework (Revised) 8 Anti-Money Laundering and Terrorism 2 Dec 2021 1 Jan 2022 Financing Policy (AMLTF)
RkJQdWJsaXNoZXIy NDgzMzc=