33
ANNUAL REPORT 2015
Statement on Risk Management
and Internal Control
Introduction
Pursuant to the Malaysian Code on Corporate Governance (2012) issued by the Securities Commission Malaysia, the
Board of Directors (“The Board”) is required to acknowledge its responsibilities and establish a sound risk management
and internal control system. In addition, paragraph 15.26(b) of the Main Market Listing Requirements of Bursa Securities
also requires the Board to include in its annual report, a “statement about the state of internal control of the listed issuer
as a group”.
Accordingly, the Board is pleased to present the following statement by taking into consideration the Statement of Risk
Management and Internal Control: Guidelines for Directors of Public Listed Companies.
Board’s Responsibility
The Board acknowledges its responsibility for maintaining a sound risk management and internal control system to safeguard
the shareholders’ investments and the Group’s assets, as well as to discharge its stewardship responsibility in identifying
business risks and ensuring the implementation of an appropriate risk management and internal control system to manage
those risks in accordance with Principle 6 of the Malaysian Code on Corporate Governance.
The Board continuously reviews the adequacy and effectiveness of the Group’s risk management and internal control
system which has been embedded in all aspects of the Group’s activities and reviews the processes, responsibilities and
assesses for reasonable assurance that risks have been managed within the Group’s risk appetite.
Notwithstanding, the Group’s system by its nature can only reduce rather than eliminate the risk of failure to achieve business
objectives, such systems can only provide a reasonable but not absolute assurance against material misstatement, loss
or fraud.
The Board has received assurance from the Group Chief Executive Officer and the Chief Financial Officer that the Group’s
risk management and internal control system is operating adequately and effectively, in all material aspects, based on the
risk management and internal control framework of the Group.
Risk Management
The Board regards risk management as an integral part of the Group’s business operations and has oversight over this
crucial area through the Risk Management Committee (“RMC”).
To closely monitor the Group’s risk exposures, the RMC with its principal roles and responsibilities stated in the Risk
Management Policy and the Terms of Reference was established. The RMC that consists of Group Chief Executive Officer
and representatives from key senior management, monitors the Group‘s risk exposures by meeting on a bi-monthly basis
to review the risk profiles.
The RMC is supported by Risk Management Department (“RMD”) which is entrusted with the responsibility of facilitating
effective risk governance and risk management implementation in the Group.
The RMD meets with the divisional units and/or concerned risk owners to assess the risks relating to their areas, the
likelihood of the risks occurring, the impact if they do occur, and the actions being and/or to be taken to manage these risks
to the desired level. The RMD then communicates, to the RMC, an aggregated view of top risks as well as divisional risks
inherent in the business activities. The RMC reviews those significant risks taking into consideration the major business
assumptions, operational vulnerabilities and the collective impact on the Group.
The RMC and RMD are playing their respective roles in the Group’s risk management process, established with the aim of
providing a continuing and consistent approach in identifying and assessing risks as well as facilitating the review of the
adequacy and effectiveness of the management actions as well as the related key internal control procedure in mitigating
the risks identified. Such risk management process has been in place as at to date.
The Group will continue its focus in implementing key risk management strategies and initiatives towards institutionalization
of effective risk management as a culture throughout the Group.
