1 172 Table of Contents 174 366

Yinson Annual Report 2020

169 Annual Report 2020 This statement outlines the nature and scope of the Group’s risk management and internal controls for FYE 2020. This includes strategic, operational and compliance controls, as well as internal financial controls for safeguarding shareholder investments and Group assets. It ensures that we can continue to identify, evaluate, monitor and manage key risks that may affect achievement of our business objectives. statement on Risk Management and Internal Control It was identified that action plans for bribery risk were successfully implemented in FYE 2019, thus successfully lowering bribery risk for the Group Bribery risk was removed from Top 5 risks, and replaced with Cybersecurity risks, which the BRMC has highlighted as an emerging risk area Significant progress was made towards the completion of action plans for the remaining top 5 risks in FYE 2019. BRMC will continue to monitor these risks in FYE 2020 alongside other identified risks that may impact the Group Action plans for the Top 5 risks identified in FYE 2019 were implemented by risk owners and co- owners during FYE 2020 Progress on the action plans were reported to the Board via the Board Risk Management Committee (“BRMC”) during quarterly BRMC meetings Yinson’s Risk Management and Compliance Department (“Risk Department”) reviewed risk profiles and registers for Yinson’s Kuala Lumpur, Singapore, Oslo and Ghana offices Risk Department discussed functional risk areas with key risk owners and co-owners, focussing on controls and action plans for mitigation BOARD RESPONSIBILITY Yinson’s Board of Directors (“Board”) considers risk management as an integral part of business operations and acknowledges its responsibility towards maintaining a sound and effective system of risk management and internal control. The process is regularly reviewed by the Board in accordance with the Statement on Risk Management & Internal Control: Guidelines for Directors of Public Listed Companies. The Board also acknowledges that although the system cannot eliminate all risks, including material misstatement, loss and fraud, it is expected to safeguard the Group from risks identified in our overall risk profile. Although the Board does not have formal oversight over the risk management and control systems of Yinson’s joint ventures and associate companies, our interests are safeguarded through Board representations and/or monitoring controls we imposed within these companies. Key developments in FYE 2020

RkJQdWJsaXNoZXIy NDgzMzc=