2019 UEM Edgenta Annual Report

124 125 UEM Edgenta Berhad UEM EDGENTA AT A GLANCE MESSAGE FROM OUR LEADERSHIP STRATEGIC FOCUS OPERATIONAL REVIEW SUSTAINABILITY EFFORTS CORPORATE GOVERNANCE INTRODUCTION FINANCIAL REVIEW ADDITIONAL INFORMATION Annual Report 2019 Statement on Risk Management and Internal Control Summary of Risk Management Activities Risk management activities that were undertaken at both the Company and subsidiary levels to instil a proactive risk management culture and ownership are as follows: • Periodic risk awareness briefing, risk identification and mitigating action plans workshops are conducted as continuous efforts to inculcate proactive risk-aware culture within the Group. • Risk Management Status Reports are produced quarterly at the minimum and are presented to the RMC, ARC and Board of Directors for deliberation and approval. • Quarterly review and monitoring implementation of risk action plans by the risk management team. • Identification and reporting of emerging risks and mitigation plans to the RMC, ARC and Board of Directors for deliberation and approval. • Provides risk management consultation and advisory services to projects, investment and potential business leads. Integrity & Compliance Integrity & Compliance are the foundation and values in our day-to-day decision-making and business practices. A Board Governance and Risk Committee was set up on 1 January 2020 to undertake the integrity & governance activities in addition to the oversight of risk management & compliance matters. The BGRC is chaired by Independent and Non-Executive Director. Compliance Framework A Compliance Framework has been formalised and approved by the Board of Directors. The Framework aims to establish and embed the culture of ethics and integrity, consistent with the values of the organisation and promote the culture of commitment to lawful and ethical behaviour. Eight Elements of Compliance Framework Elements of Compliance Framework Respond Prevent Detect Governance & Culture Remediation and Reporting Investigation Compliance Monitoring Risk Assessment Policies & Procedures Training & Engage Control Activities Statement on Risk Management and Internal Control Code of Conduct UEM Edgenta Code of Conduct (“The Code”) expresses our commitment to build trust in our business ecosystem, and it outlines ethical behaviour standards in our business activities, accompanied by important policy statements. The Code applies to directors, officers, and employees of UEM Edgenta, as well as its Operating Companies (“the Company”). Code of Conduct for Business Partners Code of Conduct for Business Partners sets the expectations for our dealings with Business Partner. A commitment to full compliance with this Code is a fundamental requirement to working for or with UEM Edgenta. We believe our sustainable business relationship is based on key principles of integrity, honesty, accountability and compliance with applicable laws and regulations. The 8 principles of UEM Edgenta Code of Conduct for our Business Partners: C O N D U C T C O D E O F ETHICS INTEGRITY ACCOUNTABILITY - Work Culture - Conflict of Interest - Anti-Competition - Data Privacy & Protection - Intellectual Property & Confidential Information - Money Laundering & Terrorism Financing - Bribery & Corruption - Gifts & Business Entertainment - Dealings with Government & Local Authorities - Working with Suppliers & Business Partners At the Workplace Regulations Working with External Stakeholders Compliance with Laws Act with Integrity Maintain Accountability Avoid Conflict of Interest Maintain Confidentiality Provide a Safe Working Environment Maintain a Healthy Work Culture Prohibit Any Form of Gift / Business Courtesy