Yinson Annual Report 2021

170 YINSON HOLDINGS BERHAD SECTION 06 : GOVERNANCE STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL This Statement outlines the nature and scope of the Group’s risk management and internal controls for FYE 2021. This includes strategic, operational and compliance controls, as well as internal financial controls for safeguarding shareholder investments and Group assets. It ensures that we can continue to identify, evaluate, monitor and manage key risks that may affect achievement of our business objectives. BOARD RESPONSIBILITY Yinson’s Board of Directors (“Board”) considers risk management as an integral part of business operations and acknowledges its responsibility towards maintaining a sound and effective system of risk management and internal control. The process is regularly reviewed by the Board in accordance with the Statement on Risk Management & Internal Control: Guidelines for Directors of Listed Issuers . The Board also acknowledges that although the system cannot eliminate all risks, including material misstatement, loss and fraud, it is expected to safeguard the Group from risks identified in our overall risk profile. Although the Board does not have formal oversight over the risk management and control systems of Yinson’s joint ventures and associate companies, our interests are safeguarded through Board representations and/ or monitoring controls we imposed within these companies. Key developments in FYE 2021 It was identified that action plans for Investment Evaluation Risk were successfully implemented in FYE 2021, thus effectively lowering this risk for the Group Investment Evaluation Risk was removed from Top 5 risks, and Project Delay Risk was identified as one of the Top 5 Significant progress was made towards the completion of action plans for the remaining Top 5 risks in FYE 2021. BRMC will continue to monitor these risks in FYE 2022 alongside other identified risks that may impact the Group Action plans for the Top 5 risks identified in FYE 2020 were implemented by risk owners and co-owners during FYE 2021 Progress on the action plans were reported to the Board via the Board Risk Management Committee (“BRMC”) during quarterly BRMC meetings Yinson’s Governance, Risk Management and Compliance Department (“GRC”) reviewed risk profiles and registers for Yinson’s Kuala Lumpur, Singapore, Oslo and Ghana offices GRC discussed functional risk areas with key risk owners and co-owners, focusing on controls and action plans for mitigation RISK MANAGEMENT STRUCTURE GRC is responsible for the coordination and implementation of the Group’s Enterprise Risk Management (“ERM”) Policy and Framework as well as monitoring and reporting of key risk issues to the Management Committee (“MC”) and BRMC. The Board approves the risk management strategies but delegates authority for day-to-day risk management decisions to Management and business unit heads. In fulfilling its oversight responsibility, the Board as a whole or through delegation to the MC and assisted by GRC, reviews the adequacy, integrity and implementation of appropriate systems for risk management. Yinson’s ERM Policy and Framework identifies, evaluates, monitors and manages risks encountered by the Group. The Policy and Framework are ISO 31000 compliant.