S E C T I O N 5 C O R P O R A T E G O V E R N A N C E 117 STATEMENT ON RISK MANAGEMENT & INTERNAL CONTROL 19. Senior management team conducts regular discussions with property, maintenance, and service managers to discuss issues for improvement and to promote better understanding to facilitate cognizance in decision-making capability. During the year under review, eleven (11) meetings with the Property Manager were carried out on 3 February, 25 February, 31 March, 28 April, 3 June, 28 June, 2 August, 24 August, 23 September, 27 October, and 29 December 2021. 20. The Manager launched its Anti-Bribery & Corruption Framework and the Whistleblowing Policy effective 1 June 2020, which is guided by the Guidelines on Adequate Procedures issued under section 17A(5) of the MACC Act to mitigate corruption and integrity risks. 21. On 7 September 2021, the Personal Data Protection (PDP) Policy was tabled and approved by the Board to provide assurance to its data owners – tenants, directors and employees that their personal data will be safeguarded and protected by the Fund. 22. The Board, on 2 December 2021 has also approved the Anti-Money Laundering and Anti-Terrorism Financing Policy and undertakes the following approach: (a) Compliance with laws: Service is not provided where there is good reason to suppose that transactions are associated with money laundering (ML) or terrorist financing (TF) activities. (b) Co-operation with law enforcement agencies: The Management and the Board must co-operate fully with relevant law enforcement agencies. This includes taking appropriate measures such as timely disclosure of information to relevant law enforcement agencies. (c) Establishing internal controls: Issue and adopt policies and procedures which are consistent with the principles set out under the AMLA and these Guidelines, which include ongoing training programmes to keep its board of directors, the management, and employees abreast on matters under the AMLA and SC AMLA Guidelines. (d) Risk-based approach: Ensure that the depth and breadth of its policies and procedures to identify, assess, monitor, manage and mitigate risks commensurate with the nature, scale and complexity of its activities. (e) Customer Due Diligence: Have an effective procedure to identify its customers and to obtain satisfactory evidence to verify its customers’ identity. 23. The Group has established processes and procedures to ensure the quarterly and annual reports, which cover the Group’s performance, are submitted to Bursa Malaysia for release to shareholders and stakeholders on a timely basis. All quarterly results are reviewed by the Board prior to their announcements. The Annual Report of the Group is issued to the shareholders within the stipulated time as prescribed under the MMLR of Bursa Securities. INTERNAL AUDIT The Manager outsources its Internal Audit function, which reports independently to the BARC to provide the Board with adequate assurance it requires regarding the adequacy and effectiveness of risk management, internal control and governance processes. The Internal Audit Team (IAT) adopts a risk-based approach in executing the annual audit plan that focuses on major business units and/or operations. The annual audit plan is reviewed and approved by the BARC. The IAT reports directly to the BARC on the outcome of its appraisal of the operational activities. Significant audit findings are presented and deliberated by the BARC on a quarterly basis or as appropriate. The IAT also monitors the implementation of audit recommendations in order to obtain assurance that all major risks and controls measures identified have been reasonably addressed by the management in an effective and timely manner.
RkJQdWJsaXNoZXIy NDgzMzc=