GHL System Berhad Annual Report 2017

ANNUAL REPORT 2017 45 SUMMARY OF ACTIVITIES DURING FINANCIAL YEAR ENDED 31 DECEMBER 2017 (cont’d) Regarding related party transaction: a. Reviewed annual related party transactions and recurrent related party transactions, if any, undertaken by the Group for compliance with the MMLR and the appropriateness of such transactions entered into by the Company and its subsidiaries to avoid potential or actual conflict of interest to ensure the decisions are based on the best interest of the Company and its shareholders. b. Reviewed the procedures for securing the shareholders’ mandate for recurrent related party transactions. Other activities: a. Members of the Committee attended various seminars and conferences to enhance and update their knowledge as part of discharging their duties as ARC members and as a Director of the Group. The seminars and conferences attended by the Committee members during FY 2017 are reported under the Statement on Corporate Governance. b. Reviewed the Statement on Risk Management and Internal Control which provided an overview of the state of internal controls within the Group prior to the Board’s approval for inclusion in the Annual Report. The Statement on Risk Management and Internal Control which had been reviewed by the External Auditors is set out on pages 47 to 51 of this Annual Report. c. Conducted a self-assessment to evaluate the Committee’s overall effectiveness in discharging its responsibilities. d. Obtained update on Executives Share Scheme (“ESS”) from ESS Committee and verified allocation of ESS to executives during FY 2017, as being in compliance with the ESS By-Law 5.2. e. Reviewed compliance with MCCG 2017, compliance with Payment Networks Malaysia rules and regulations. f. Reviewed Management’s actions on IT security control including security patches updates, security certifications and audit conducted. INTERNAL AUDIT FUNCTION The Group has established an internal audit function as a key component of its internal control appraisal process. The Head of Internal Audit, reports independently to the ARC and is guided by a formalised Internal Audit Charter and The Institute of Internal Auditor’s International Professional Practice Framework. The main responsibility of the Group Internal Audit (“GIA”) function is to undertake independent assessments on the adequacy and effectiveness of internal controls pertaining to key areas as below: • Reliability and integrity of financial and operational information; • Effectiveness and efficiency of operations; • Safeguarding of assets; and • Compliance with applicable laws, and regulations In attaining this, the GIA adopts a risk-based approach towards undertaking Internal Audit reviews for the Group based on an annual internal audit plan approved by the ARC. The GIA has also incorporated a structured internal audit rating methodology that appraises an overall rating of an audit report by using a scoring system. The said system provides the Management and the ARC a consistent and concise assessment of the risks posed by the area or function being reviewed. AUDIT AND RISK COMMITTEE REPORT CONT’D