Integrated Annual Report 2021

STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL GOVERNANCE To ensure that the organisation has the right competency and capability, a structured Functional Competency and Leadership Competency framework is applicable to all employees in the Group. The objective of the Functional Competency and Leadership Competency framework is to have a competent and capable workforce through a structured and holistic developmental process, which ultimately feeds into the talent pipeline for the Succession Planning framework. Through the framework, all employees are required to go through the functional and leadership competency assessment where they are assessed against the competency required for their roles and at their job levels respectively. Based on the competency gap identified from the assessment, employees are empowered to identify and propose suitable intervention plans to address their functional competency gap via one-on-one discussion with their supervisors and are enrolled in the structured leadership courses to enhance their leadership skills. The Functional Competency and Leadership Competency framework, together with the Succession Planning framework, demonstrate the Group’s commitment towards developing future leaders of MISC. Compliance & Ethics As MISC completes the Compliance and Ethics Programme 2020, the next 5-year Compliance and Ethics Programme for 2021 to 2025 has formed part of the Governance and Business Ethics Pillar under the Sustainability Strategy 2021-2025. Compliance & Ethics Programme 2020 Sustainability Strategy 2025 A robust Compliance & Ethics Programme that embeds a mature compliance and ethics culture within the organisation in tandam with MISC’s growth agenda Governance & Business Ethics Pillar [Compliance Programme 2025] approved by Board on November 16, 2020 The Sustainability Strategy 2025, the Strategic priority (Governance Pillar) under the values, assurance, and business ethics, is to continuously embed a culture of strong corporate governance and business ethics and conduct within the organisation. The Governance Pillar maps out the Group’s compliance strategy, objectives, and guidance through Compliance Management Framework to assist management, business and operations to develop, manage, and maintain the governance required to meet and sustain the compliance strategy and objectives across the Group. MISC has put in place fundamental policies in line with the Code of Conduct and Business Ethics (CoBE) that extends to employees and directors within the MISC Group and third parties performing works or services for or on behalf of MISC Group. Internal controls including policies and measures addressing the critical laws namely the personal data privacy laws, economic sanctions, global export, competition laws and human rights/modern slavery laws through the following policies: • MISC as per the Anti-Bribery and Corruption (ABC) Policy Statement (ABC Policy and Guidelines) and ABC Manual, has a zero-tolerance policy towards any form of bribery and corruption by employees or companies acting for or on behalf of MISC. The MISC CoBE and ABC Policy and Guidelines apply throughout the Group and reflect the Group’s commitment to fight against any corrupt or unethical practices in the course of conducting businesses in the jurisdictions in which it operates. This is further strengthened through the Anti-Bribery Management System (ABMS) which sets out the requisite requirements to prevent, identify and respond to bribery. To further fortify the internal control processes and systems of the Company in respect of anti-bribery and corruption management, MISC has received certification as per ISO 37001:2016 (ISO ABMS) in 2019. The Bribery and Corruption Risk Assessment is being conducted and reviewed on an annual basis to ensure MISC fulfils the requirements of the Adequate Procedures Guideline and is safeguarded against the new provision in the MACC Act (Amendment 2018) under Section 17A: Corporate Liability which was effective from 1 June 2020. • MISC has established the Corporate Privacy Policy and Master Guidelines which demonstrate the commitment to handle and manage personal data in accordance with the general principles of personal data protection and applicable laws in various jurisdictions. • The Economic Sanctions and Export Control Policy and Guidelines underpin the Group’s commitment to comply with relevant economic sanctions and export control regulations in the jurisdictions it operates in, through identifying, mitigating and managing such risks. • MISC has a policy under the Competition Law Guidelines and its supporting protocols on Meetings and Information Sharing and Merger and Acquisition Transactions for fully complying with competition laws of every country we operate in. The policy outlines the main competition laws applicable in most jurisdictions around the world and provides guidelines to ensure strict compliance with these rules in the day-to-day operations. • MISC Group has also adopted the Human Rights Commitment and Modern Slavery Policy on 24 May 2019 to ensure adherence to the CoBE, which outlines the standards and behaviours that the Group upholds, with emphasis on due respect for human rights and compliance applicable to global laws and rules. • For other relevant laws, MISC through the Regulatory and Legislation (R&L) Register, maintains regulations and legislations which can potentially impact the organisation. The R&L Register shall be the guide to ensure that MISC operates in accordance with the R&L requirements and for any potential exposures to be adequately mitigated. Dealing with third parties is part of MISC’s business operations and MISC expects Third Parties to comply with the same standards as MISC’s CoBE related policies and guidelines as mentioned above: • Due diligence exercises are carried out on all third parties as outlined in MISC’s Third Party Compliance Due Diligence Operational Guidelines. • Third parties are also required to adhere to MISC CoBE related policies and guidelines through the Declaration and Integrity Pledge. • Annual Trainings are also conducted to MISC’s Third Parties. There have been continuous awareness sessions through the “See.Speak.Support” Campaigns since 2017 with the objective of highlighting and creating awareness amongst employees on MISC’s principal elements of the CoBE. The campaigns were aimed at promoting MISC’s Whistleblowing Channels and processes to employees. Continuous training on the CoBE and its related policies covering the critical laws have been conducted for employees, directors and third parties. The Group continues to monitor any potential conflicts of interest through the annual declaration by employees, and the receipt and/or giving of any gifts via the employees’ Conflict of Interest Register and employees’ Gift Register. MISC’s Conflict of Interest (COI) Policy, as described in MISC CoBE, provides guidelines on the business and personal relationships between MISC’s employees and MISC’s competitors, suppliers, customers, and other business entities. As per the COI Review and Analysis Procedure, the disclosures are reviewed and analysed to ensure any potential conflict of interest exposures are adequately mitigated. BGRC as the governing body is updated on Compliance and Ethics related matters as good governance, and to ensure the objectives of the Sustainability Strategy 2025 (Governance Pillar) is effectively implemented. The Whistleblowing (WB) Policy provides an avenue for all parties to disclose and report any suspected unethical and/or unlawful conduct or non-compliance with the CoBE involving MISC and/ or any of its employees. In line with the highest standards of integrity expected of the Company and its employees and the Malaysian Code on Corporate Governance 2021, the BAC shall also review WB reports submitted. CORPORATE POLICIES MISC established its Corporate Disclosure Policy (CDP) and Corporate Disclosure Guidelines (CDG) in 2016. The CDP guides the Board, management and employees when communicating and making disclosure of information to external parties such as Bursa Malaysia Securities Berhad, investment community, media, government authorities and other relevant stakeholders. It also sets out the parameters to enable timely, adequate and accurate disclosure of such information. The CDG, which is an internal document, provides more definitive guidelines for communication and disclosure of information in the above areas. The Group keeps a register on conflict of interest or potential conflict of interest situations for directors in the Group which is reviewed on an annual basis. MISC Berhad 282 Integrated Annual Report 2021 MISC Berhad Integrated Annual Report 2021 283