201 SECTION 5 COMMITMENT TO GOVERNANCE INTEGRATED ANNUAL REPORT 2025 STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL BOARD’S RESPONSIBILITIES The Board of Directors (“Board”) is committed to upholding the highest standards of corporate governance through a robust framework of risk management and internal control. The Board provides strategic direction and maintains rigorous oversight of the Group’s risk management activities, which aligned with ISO 31000: 2018, ISO 37001:2016, and ISO 27001:2022 standards. This involves a regular review of the adequacy of processes for identifying, evaluating, and managing significant risks through a risk management process, which includes a reporting structure. The Group’s system of internal control is designed to manage and mitigate risks appropriately, rather than eliminate the risk of failure in achieving business objectives. Given the inherent limitations of all control systems, they can only provide reasonable assurance, not absolute certainty. The Board, through the Board Sustainability Committee (“BSC”), has received reports from the Risk Management Committee (“RMC”) confirming that the Group’s risk management and internal control systems are operating adequately and effectively in all material aspects, based on the existing frameworks in place for the financial year 2025 (“FY 2025”). Based on the reports received from the RMC through the BSC and the reports from various sources (including both internal and external auditors), the Board is of the view that the risk management and internal control system were adequate and effective in managing the Group’s risks within the approved risk appetite, and safeguards the Group’s assets and the interests of shareholders, customers, regulators and employees for FY 2025 and up to the date of approval of this Statement. The Board obtained assurance from the Managing Director/Group Chief Executive Officer and the Chief Financial Officer confirming that the Group’s risk management and internal control systems were operating adequately and effectively, in all material respects, throughout the financial year under review. RISK MANAGEMENT COMMITTEE The RMC, a sub-committee of the BSC, was established by the Board to ensure that a robust risk management framework is embedded in the Group’s culture, processes, and structures. The RMC oversees the effectiveness of the Group’s policies and processes for identifying, evaluating, and managing risks. To support this, the RMC meets quarterly to review identified risks and ensure they are managed within acceptable levels. The RMC is chaired by the Chief Financial Officer and comprises members of the Senior Management Team from the Group’s major business segments. The RMC key management responsibilities include amongst others; • Reviewing the Group Risk Management Framework, as needed, for approval by the BSC and Board; • Ensuring that the processes for identifying, assessing, treating, monitoring and reporting of all material business risks are operating as intended; • Maintaining and reviewing the Group’s top risks and segmental/business unit risk profiles with support from the Group Risk Management; • Providing guidance and direction to the Business Units on the adequacy and effectiveness of the internal control system in identifying and mitigating material business risks; and • Undertaking any other risk management tasks delegated to the committee by the BSC/Board. KEY ELEMENTS AND PROCESSES ON RISK MANAGEMENT AND INTERNAL CONTROLS The key elements and processes established for reviewing the adequacy and effectiveness of the risk management and internal control system include the following:-
RkJQdWJsaXNoZXIy NDgzMzc=