2018 UEM Edgenta Annual Report

STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL INTRODUCTION IN ACCORDANCE WITH THE PRACTICE SET OUT IN THE MALAYSIAN CODE ON CORPORATE GOVERNANCE 2017, A LISTED COMPANY SHOULD ESTABLISH AN EFFECTIVE RISK MANAGEMENT AND INTERNAL CONTROL FRAMEWORK. THE BOARD OF DIRECTORS (“BOARD”) IS PLEASED TO PROVIDE THIS STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL PURSUANT TO PARAGRAPH 15.26(B) OF THE MAIN MARKET LISTING REQUIREMENTS OF BURSA MALAYSIA SECURITIES BERHAD AND AS GUIDED BY THE STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL: GUIDELINES FOR DIRECTORS OF LISTED ISSUERS. RESPONSIBILITY OF THE BOARD The Board acknowledges the importance of maintaining a sound framework in managing risks to safeguard the shareholders’ investments and the Group’s assets. The Board is constantly and actively identifying the Group’s level of risk tolerance, assessing and monitoring the key business risks. These include updating the internal control systems of the Group. The Board however, acknowledges that the system of internal control is designed to manage and reduce the risk of not achieving business objectives and only provide reasonable and not absolute assurance of effectiveness against material misstatement of management and financial information and records or against financial losses or fraud. MAIN FEATURES OF RISK MANAGEMENT AND INTERNAL CONTROL SYSTEM The Board recognises the importance of key risk management and internal control system that sets the tone for the Group. In recognising the importance of risk management and internal control system in the overall governance process, the Board of the Company has instituted the following: - Board and Board Committees • For the financial year under review, there are ten (10) Directors on the Board comprising one (1) Managing Director/Chief Executive Officer, six (6) Independent Non-Executive Directors and three (3) Non- Independent Non-Executive Directors. The Board also consist of one (1) alternate director to a Non- Independent Non-Executive Director. However, he has since resigned effective from 28 February 2019. • The Board has established the Audit and Risk Committee (“ARC”), Nomination and Remuneration Committee (“NRC”) and Board Tender Committee (“BTC”) with specific Terms of Reference, which have the authority to examine all matters within its scope of responsibilities and report to the Board with its recommendations for the Board’s decision. • The responsibilities and functions of the Board, each of its committees and the individual directors are specified in its respective Terms of Reference and Board Charter. General Management Committee • The General Management Committee (“GMC”) is chaired by the Managing Director/Chief Executive Officer and comprises the senior management teammembers from respective divisions. • The key role of GMC is to deliberate and resolve the Group’s key strategic and operational issues in a timely manner and keep track of key business developments. • The GMC also serves as a platform for members to report on their respective business and operation plans to the Managing Director/ Chief Executive Officer and to address other matters as directed by the Board and/or the Managing Director/Chief Executive Officer. Risk Management Committee • Risk Management Committee (“RMC”) assists the Board in ensuring sound and robust Risk Management Framework (“RMF”) to achieve the Group’s strategic objectives, safeguard shareholders’ investments and its assets. Terms of Reference was established and endorsed by the Board to govern its responsibilities and activities. • The RMC is chaired by the Group’s Managing Director/Chief Executive Officer and consists of Head of Companies of the Group and co-opted members from the management team of the Group. The RMC undertakes the following responsibilities: - Review and recommend risk management policies and procedures for the approval or acknowledgement of the ARC and Board; - Act as Primary Champion of risk management at strategic and operational levels; - Review the on-going adequacy and effectiveness of risk management process; - Review the consolidated risk registers to identify significant risks and whether these are adequately managed; and - Ensure that the ARC and Board receive adequate and appropriate information for review and decision-making respectively. • The RMC is assisted by the Risk Management and Compliance Department (“RMCD”), which is primarily responsible for the implementation of RMF and operationalisation of risk management processes and practices. A Charter, which defines RMCD’s responsibilities, scope and authority for the Group has been established and endorsed by the ARC and Board. Management Discussion & Analysis UEM Edgenta Berhad Annual Report 2018 About UEM Edgenta Chairman’s Statement 118