Enterprise Risk Management
The Company abides by the policies formulated by management and the Board to serve as framework to manage Enterprise risks.
The Board appoints a Risk Oversight Committee to act as custodian of the Company’s Risk Management Plan. The primary purpose of this Committee is to assist the Board in managing enterprise risks, including financial, regulatory, strategic and operational risks, and ensuring that there is an effective and integrated risk management process developed for the benefit of the Company and its shareholders. This committee ensures that risks affecting the Company are properly identified, assessed for potential impact, and controls are implemented to manage these risks.
The Management Committee (Mancom) of each subsidiary, led by the business unit heads, ensures internal operational and financial controls are in place and complied with across the business. Mancom conducts regular review of policies, systems, and procedures to maintain effectiveness and relevance with the dynamic business environment.
The Board also appoints an Audit Committee who is responsible for overseeing the Mancom in establishing and maintaining an adequate, effective and efficient internal control framework. It ensures that systems and processes are designed to provide assurance through internal and external audits in areas including financial reporting, monitoring compliance with laws, regulations and internal policies, efficiency and effectiveness of operations, and safeguarding of assets.