139 ANNUAL REPORT 2022 21. The Personal Data Protection ("PDP") Policy was approved by the Board in prior year to provide assurance to its data owners – tenants, directors and employees that their personal data will be safeguarded and protected by the REIT. The Manager carried out a refresher briefing on PDP Policy on 25 July 2022 and ensure that all employees undertook a pledge to safeguard and protect the data of the tenants, directors, employees, and other stakeholders. 22. The Board also approved the Anti-Money Laundering and Anti-Terrorism Financing Policy in 2021 to commit with the Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act 2001. The Manager uses its best endeavours to meet the requirements imposed and all applicable laws to commensurate with the nature of the Company’s businesses and activities. 23. The Group has established processes and procedures to ensure the quarterly and annual reports, which cover the Group’s performance, are submitted to Bursa Malaysia for release to shareholders and stakeholders on a timely basis. All quarterly results are reviewed by the Board prior to their announcements. The Annual Report of the Group is issued to the shareholders within the stipulated time as prescribed under the MMLR of Bursa Securities. INTERNAL AUDIT The internal audit function is outsourced to an independent professional consulting firm, Messrs. PKF Risk Management Sdn Bhd (“PKF”), which adopts the International Professional Practices Framework (“IPPF”) in carrying out the internal audit assignments and reports directly to the BARC. The team from PKF is led by Dr. Wong Ka Fee, the Director of Risk and Governance Advisory. He possessed doctoral degree in Behavioural Finance and Master of Science in Management Consultancy. Dr. Wong Ka Fee has over 15 years of experience in a wide range of governance advisory, risk and internal audit work. The Internal Audit Team ("IAT") at PKF consists of 10 permanent internal audit personnel staffs who are qualified in the areas on internal audit and assurance. All the internal PKF audit personnel involved are free from any relationships or conflicts of interest, which could impair their objectivity and independence. IAT adopts a risk-based approach in executing the annual audit plan that focuses on major business units and/or operations. The annual audit plan is reviewed and approved by the BARC. The IAT reports directly to the BARC on the outcome of its appraisal of the operational activities. Significant audit findings are presented and deliberated by the BARC on a quarterly basis or as appropriate. The IAT also monitors the implementation of audit recommendations in order to obtain assurance that all major risks and controls measures identified have been reasonably addressed by the management in an effective and timely manner. BOARD ASSURANCE AND LIMITATION The Board acknowledges its overall responsibility for reviewing the adequacy and integrity of the Group’s systems of internal control, identifying principal risks, and establishing an appropriate control environment and framework to manage risks. The Board continues to derive its comfort of the state or risk management and internal control of the REIT from the following oversight mechanisms and information compiled for these oversight processes:- - periodic review of financial information covering financial performance and quarterly financial results; - BARC’s oversight of risk management framework, changes in risk magnitudes, and status of management implementation of risk mitigation plan; - Identifying principal risks and ensuring the implementation of appropriate systems to manage these risks; - BARC’s review and consultation with Management on the integrity of the financial results and audited financial statements; - audit findings and reports on the review of systems of internal control provided by the internal auditors and the status of Management’s implementation of the audit recommendations; and - Management’s assurance that the Group’s risk management and internal control systems, including systems for compliance with applicable laws, regulations, rules directives, and guidelines have been operated adequately, effectively, and with integrity, in all material respects. CEO, Compliance Officer and Head of Finance of the Company ensure that the Group’s risk management and internal control system is operating adequately and effectively, in all material aspects, based on the risk management and internal control system of the Company. STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL
RkJQdWJsaXNoZXIy NDgzMzc=