ABMS Manual This Manual sets out requirements in relations to MS ISO 37001:2016 Anti-Bribery Management System and provide guidance of a management system designed to help UEM Edgenta to prevent, detect, respond, and address to bribery and corruption. No Gift Policy UEM Edgenta upholds the “No Gift Policy” to avoid actual or perceived conflict of interest, in accordance with UEM Edgenta’s Code of Conduct. Conflict of Interest Declaration Procedure This procedure serves as a guide to making a declaration on a possible conflict of interest and actions to be taken therefrom. Investigation Procedure T he procedure has established a consistent process to ensure that alleged violations of UEM Edgenta Code of Conduct, policies and procedures, and applicable rules and regulations are assessed and investigated properly, that outcomes are recorded uniformly and in a timely manner, and that any necessary corrective action and/or external reporting is executed appropriately. Authorities’ Raid/Visit Procedures This procedure sets out the key practical points to be considered in providing an effective response when facing the authorities’ raid. Whistleblowing Policy Statement UEM Edgenta is committed to adhering to the highest standards of ethical behaviour in terms of governance, integrity, accountability, and transparency in the conduct of our business and operations, which is in line with Edgenta’s core values of FIRST. We aspire to conduct our business dealings and relationships in an ethical, responsible, and transparent manner. The policy encourages the reporting of wrongdoings in good faith, with the assurance that personnel or any parties making such reports shall be treated fairly, their identity remains confidentiality and are protected from retaliation. Whistleblowing Procedure UEM Edgenta’s Whistleblowing Procedure provides an avenue for its employees, stakeholders and members of the public to report any actual or suspected malpractice, misconduct or violation of Group’s policies and procedures through dedicated and confidential channels (Whistleblowing Lodgement Form to the Chairman of the Board or Chairman of BGRC or email to the Whistleblowing Committee at whistleblowing@edgenta.com) which are available on our UEM Edgenta Official Website. The Whistleblowing Procedure encourages the reporting of such allegations in good faith, with the assurance that employees or any parties making such reports will be treated fairly, their identity remains anonymous and are protected from reprisal. All disclosure will be verified and evaluated by the Whistleblowing Committee. The Chairman of the Whistleblowing Committee shall then report to the BGRC and Board on all outcomes and recommendations of the investigation. INTERNAL CONTROLS The key elements of the internal control system established by the Board that provides effective governance and oversight of internal control include: Policies and Procedures Written policies are established to guide how a department or an individual within the Group works or behaves and provides guidance to employees as to what their obligations are. Some policies are supported by procedures which describe the steps the employees shall take to produce an output or to complete a process. The policies and procedures also form part of the various management systems which are reviewed and updated periodically to ensure that they remain relevant and reflective of the Group’s operating and business environment. The Group, via its subsidiaries, have in place several Internationally Accredited Management Systems (for e.g., ISO 9001:2015 – Quality Management System, ISO 45001:2018 – Occupational Quality Health & Safety Management System, ISO 14001:2015 – Environmental Management System, ISO 13485 – Medical Devices Quality Management System and ISO 39001:2012 – Road Traffic Safety Management System) to standardise its management and operational processes and to further improve its efficiency. These certifications reflect the Group’s commitment to ensuring quality deliverables to customers, safeguard safety and health of employees and safeguard the environment. STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL The Group has also established a HSSE Management Systems, comprising HSSE Rules, standard operating procedures and processes, to inculcate a strong HSSE culture and sustainable HSSE performance. This also includes introducing an enhanced UEM Edgenta HSSE Management System Manual which seeks to make the HSSE execution simpler and more aligned within the Group. The Group has dedicated teams to carry out Quality Assurance/ Quality Control, and Health, Safety and Environment activities to ensure continuous improvement of processes and ongoing compliance with the established internal policies and procedures, International Management System Standards, contracts and relevant legal requirements. Organisational Structure The organisational structure of the Group is clear and detailed, defining the roles, responsibilities and reporting line of the various Committees of the Board; Management of the Corporate Office and subsidiaries; departments and individuals. The Board appoints the Managing Director/Chief Executive Officer of the Group, Chief Financial Officer, Chief Strategy Officer, Chief People Officer, Chief Digital Officer, and Heads of Divisions/ Business within the Group, as well as holders of mission-critical position. The organisational structure is reviewed regularly to assess its effectiveness and to ensure that it is in line with any changes in business requirements. Operating Plans and Strategies The Group undertakes a comprehensive annual budgeting and forecasting exercise to ensure that the development of business plan for respective operating divisions are in line with the Group’s 5-year operating plan, short-term and long-term strategic plans. Each Business Unit is responsible for carrying out a comprehensive analysis on current and prior years’ performances and identifying the strategic priorities for consideration and commitment in the Group Annual Operating Plan (“AOP”), 5-year operating plan and strategic plan. These form the basis for the development of Key Performance Indicators (“KPIs”) to be included in the Group’s Corporate Scorecard and MD/CEO’s Scorecard which are deliberated, reviewed by the Board for approval. The approved AOP, 5-year operating plan and strategic plans are then cascaded to the senior management team across the Business Units for planning, monitoring and execution. The Group monitors the business performance of respective business divisions through its KPIs and measures them against the approved AOP, 5-year operating plan and strategic plan on a regular basis via its General Management Committee meetings and other ad hoc meetings to be carried out by the senior management as and when necessary. Reports and analysis on variances against the AOP are prepared and monitored, taking into consideration current and future macro/microeconomic situations and business landscapes. A report on the year-to-date quarterly Group results and performance is submitted and presented to the Board on a quarterly basis. The management is responsible for identifying and executing any mitigation actions, where necessary. Employee’s Authority and Responsibility UEM Edgenta’s internal controls are embedded within the responsibility of each employee as specified in the Job Description. The establishment of performance monitoring serves as a tool to monitor performance against the set KPIs and targets at various levels, covering key financials, customers, internal business processes and learning and growth indicators. Discretionary Authority Limits Clear delegation of authority is defined in the Discretionary Authority Limits (“DAL”), which sets the limit for strategic, operating and capital decisions and expenditures, as well as decision authority for each level of management within the Group, and also the Board’s authority. The DAL is reviewed from time-to-time to ensure effectiveness of strategic and operational executions. Procurement In parallel with the implementation of Oracle ERP, GPCM functions as a centralised and coordinated procurement function to control and manage procurement activities within each of the Group’s key business division, encompassing eight (8) key areas, namely, Procurement Strategy & Performance, Category Management, Vendor Management, Sourcing, Purchasing Admin, Contract Management, Master Data Management, and Inventory Management. The potential risks pertaining to these key areas are mitigated through procedural governance and compliance monitoring of the SOPs users. The SOPs will be reviewed periodically and updated as and when required to ensure continuous improvement of internal controls and taking into consideration any additional process improvement required. STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL p.242 p.243 UEM EDGENTA BERHAD INTEGRATED ANNUAL REPORT 2022 1 2 3 4 5 6 7 8 9 GOVERNANCE
RkJQdWJsaXNoZXIy NDgzMzc=