STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL The Board of Directors is pleased to provide this Statement on Risk Management and Internal Control (Statement) pursuant to Paragraph 15.26(b) of the Main Market Listing Requirements of Bursa Malaysia Securities Berhad and as guided by The Statement on Risk Management and Internal Control: Guidelines for Directors of Listed Issuers. The following statement outlines the nature and scope of risk management and internal controls within MISC Berhad (MISC or Company) and its subsidiaries (Group or MISC Group) during the financial year ended 31 December 2022. The Board is responsible for establishing and maintaining a sound risk management and internal control framework with the objective of safeguarding the shareholders’ interest and the Group’s assets, as manifested in the Malaysian Code on Corporate Governance 2021. The Board recognises its principal responsibility to regularly review the adequacy and effectiveness of the risk management and internal control framework. By implementing sound risk management and internal control systems, it helps the Group to achieve its performance and profitability targets for better decision making whilst managing the risks. In discharging its responsibilities, the Board is supported by MISC’s Board Sustainability and Risk Committee (BSRC) (formerly known as Board Governance and Risk Committee) and Board Audit Committee (BAC) to oversee the risk management and internal control systems during the financial year ended 31 December 2022. The BSRC assists the Board in providing oversight and direction on the Group’s risk management policies, framework and process whilst the Group’s internal control framework is under the purview of the BAC. For more information on the BAC’s and BSRC’s responsibilities, please refer to their respective reports on pages 203 to 211 (for the BAC) and pages 212 to 217 (for the BSRC) of this Integrated Annual Report. Accountability of the Board Risk Governance Structure During the year under review, the BSRC was further supported by the MISC Risk Management Committee (RMC), which comprises Management Committee (MC) members and Heads of Divisions, to reflect the prominence and focus by Management on the oversight of risk management for the Group. In ensuring that the Group’s internal control systems are in place and effective in dealing with risks during the year under review, the BAC was supported by the MISC Management Audit Committee (MAC), which comprises MC members and Group Internal Audit (GIA). The Board, via BSRC and BAC, periodically reviews the efficiency and effectiveness of the Group’s risk management and internal control to ensure the viability and robustness of the systems. In view of limitations inherent in any process and risks which cannot be eliminated completely, the Group has in place, a system of internal control and risk management designed to mitigate rather than eliminate the risks that may impede the Group from achieving its objectives. Therefore, it can only provide a reasonable, but not an absolute assurance against material misstatements or losses or the occurrence of unforeseeable circumstances. Thus, the Board adopts a cost-benefit approach to ensure that the expected returns outweigh the cost of risk mitigation. The Group’s risk governance structure facilitates the flow of information and effective oversight of the implementation of risk management practices across its businesses. Risk management activities are undertaken at corporate, business/service units and subsidiaries and their risk reports are reviewed by the RMC prior to deliberation at the BSRC for subsequent approval by the Board. Each appointed and dedicated risk focal person has the responsibility for risk management activities in their units and subsidiaries to ensure consistent implementation of risk management processes across the Group. • Reviews the adequacy and effectiveness of MISC’s Risk Management Framework and on-going activities for identifying, evaluating, monitoring and mitigating risks. • Reviews the Group’s risk tolerance level. Provides a reasonable level of assurance to the BSRC that the Group’s risks are being managed appropriately. Responsible for implementing risk management processes at respective units/subsidiaries. Responsible for the overall oversight of Group risk management system and activities. Board of Directors RMC Risk Owners BSRC Corporate Planning (CP) • Reviews and monitors risk reporting quarterly • RMC secretariat Business unit/ Service unit/ Subsidiary Management level Board level Risk Oversight Structure The RMC was established to review and monitor the Group’s risk management practices. It is primarily responsible for driving the implementation of the risk management framework and acts as the central platform for the Group. RISK MANAGEMENT COMMITTEE Assist the management in identifying principal risks at Group level and providing assurance that the Enterprise Risk Management (ERM) is implemented group-wide to protect and safeguard MISC’s interest Review and recommend policies and frameworks specifically to address risks inherent in all business operations and environment pertaining to the Group Review, deliberate and recommend mitigation actions to ensure that the Group’s risks are being mitigated effectively Provide a reasonable assurance to the BSRC that the Group’s risks are being managed appropriately 219 218 Governance Governance MISC Berhad Integrated Annual Report 2022
RkJQdWJsaXNoZXIy NDgzMzc=