GHL System Berhad Annual Report 2019

A N N U A L R E P O R T 2 0 1 9 65 KEY INTERNAL CONTROL PROCESSES (Cont’d) 6. Information Technology Controls and Security (Cont’d) c. Personal Data Protection Policy The Group has implemented a Personal Data Protection Policy as companies within the Group processes personal data in the course of its business activities and operations, recognises the importance of protecting the rights and privacy of individuals, and is committed to protecting the same. In preparing this Personal Data Protection Policy, the Board has taken steps to ensure conformity, to the extent possible, with the principles underlined in the Malaysian Personal Data Protection Act 2010. 7. Human Capital a. Performance Appraisal & Employee Trainings Annual appraisal system is implemented for the employees at all levels within the Group, enforcing dialogue between management and subordinates for continuous improvement on employees’ performance. Arising from this appraisal, training-need analysis is performed to identify the required training for employees, to address the areas of improvement identified. b. Code of Ethics and Conduct A set of Code of Ethics and Conduct, setting out expected ethical standards and code of conduct, has been established, which is binding on all employees in the Group, and is available on the official website www.ghl.com . c. Whistle Blowing Policy The Group has implemented a Whistle Blowing Policy to provide an avenue for employees and all stakeholders to report any suspected acts that are in breach of the Group’s code of ethics, internal policy, and applicable laws or regulations in a confidential manner. The policy also guarantees an employee or stakeholder making a report of improper conduct in good faith shall not be subject to reprisal action or discrimination of any kind by the Company. The Board and ARC Chairman are primarily responsible to ensure that all whistleblowing reports are properly followed up. d. Anti-Bribery and Corruption Policy The Group has implemented a policy on acts of Bribery and Corruption which provides the specific procedures or instructions regarding the appropriate actions needed to be undertaken in cases of suspected violations. e. Anti-Money Laundering , Anti-Terrorism Financing, and Unlawful Activities Policy The Group had implemented the policy on Anti–Money Laundering, Anti-Terrorism, and Unlawful Activities which is to establish the framework and specific procedures against money laundering, financing of terrorism, and unlawful activities. The Group is committed to high standards of anti-money laundering, financing of terrorism, and unlawful activities compliance and requires all Directors and employees across the Group to adhere to these standards in preventing the use of its products and services for money laundering or terrorism financing purposes. STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL CONT’D