GHL System Berhad Annual Report 2019

A N N U A L R E P O R T 2 0 1 9 61 INTRODUCTION The Board recognises the importance of a sound framework of risk management and internal control for good corporate governance and to safeguard the Group’s assets and shareholders’ interests. Towards this end, the Board is committed to maintain a sound risk management framework and internal control system for the Group and ensuring its continued effectiveness, adequacy, and integrity through a process of periodic review. Guided by the Statement on Risk Management and Internal Control – Guidelines for Directors of Listed Issuer and Main Market Listing Requirements, the Board is pleased to present the Statement on Risk Management and Internal Control (“SORMIC”). RESPONSIBILITIES OF THE BOARD The Board assumes the responsibility for effective and adequacy of the Group’s risk management and internal control system and has an established Term of Reference to assist in discharging of this responsibility. The Board has delegated the responsibility of undertaking this process of periodic review to the Audit and Risk Committee (“ARC”), whose responsibilities and duties are detailed in the Audit and Risk Committee Report of this Annual Report. However, the Board as a whole remains ultimately responsible for the effectiveness, adequacy, and integrity of the system of risk management and internal control. The Board is aware that the expansion into new areas of business and operating in different countries would involve new and different risk considerations. Whenever these events occur, the Board will, in addition to its normal risk management process, pay particular attention to the impact of Group’s overall risk profile and sufficiency of existing internal controls in addressing the additional risks, if any. The Board has, during FY2019, continued to strengthen the Groups’ governance and risk management framework to identify, assess, mitigate, report, and monitor the significant risks in an effective manner. The Board recognises the integral role of key management in the risk management and internal control process. The Board had established the Risk Management Committee (“RMC”) comprising Senior Management of the Company to identify and assess the Group’s risks and thereafter to design, implement, and monitor the appropriate risk management processes and internal controls to address and mitigate such risks. RMC reports to the Board through ARC on significant matters arising. KEY INTERNAL CONTROL PROCESSES The Groups’ internal control system comprises the following key processes: 1. Authority and Responsibility a) Board Committees Board Committees are established and operate under clearly defined Terms of Reference, which are reviewed periodically, to objectively and independently focus on certain responsibilities delegated by the Board. b) Delegation of Authority In the financial year 2019, the Management has implemented a revised Delegation of Authority, which is in line with the growth of the business of the organisation. The revised Delegation of Authority clearly defines the authority and authorisation limits of the Management in all aspects of the Company’s key business decisions. STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL