> > > Pursuant to paragraph 15.26(b) of the Main Market Listing Requirements of Bursa Malaysia Securities Berhad, the Board of Directors (“the Board”) is pleased to provide the following statement on the state of internal control and risk management of the Group. This statement was prepared in accordance with the “Statement on Risk Management and Internal Control: Guidelines for Directors of Listed Issuers” issued by the Institute of Internal Auditors Malaysia. The framework is integrated into the Group’s overall management systems, defining the authorities involved, their responsibilities and accountability for implementing relevant internal controls. RESPONSIBILITIES OF THE BOARD The Board of Directors (the “Board”) of Tropicana Corporation Berhad (the “Group”) is highly committed to maintain a sound system of risk management and internal control in the Group. The Risk Management Framework includes the ongoing process of identifying, evaluating, responding, managing and monitoring significant risks that may affect the Group’s business performance, ensuring that optimum operational function is maintained at an acceptable risk appetite while striving to achieve Tropicana’s overall strategic objectives. The Board endorses the Group’s risk management framework; delegating primary responsibilities for the implementation of the framework across the Group’s business operations to the Risk Management Committee, the Risk Management Department and Business/Operations Head. The Board acknowledges and approves the ongoing process of identifying, evaluating and managing all significant risks faced by the Group that has been in place for the year and up to the date of approval of this Statement for inclusion in Annual Report. In view of the inherent limitations in any system of the risk management and internal control processes, the said system, therefore, is put in place to provide reasonable, but not absolute assurance, against material misstatements, financial losses, defalcations or fraud. During the financial year, the adequacy and effectiveness of the system of internal controls was reviewed by the Audit Committee in relation to the internal audits conducted by Group Internal Audit, as well as control issues reported by the external auditors. For the purpose of this review, the extent of responsibility does not extend to include that of the Group’s associated companies. KEY FEATURES OF THE RISK MANAGEMENT FRAMEWORK The Group’s systems of risk management and internal controls include several key features to safeguard assets, shareholder interests and business operations throughout the reporting year: • Risk Management Framework The Group strives to inculcate an organisational culture of risk awareness and management across all business processes and strategic planning. The risk appetite has been set by the Board and expect management to operate and ensure the risk management framework is established to provide a strong foundation for proactive risk considerations to be applied throughout business processes and decision making. The Board affirms its endorsement of the Group’s risk management framework and continuously oversees the management of organisational risks and opportunities with the support of the RMC through periodic reviews on the integrity of systems and controls that are in place to identify, analyse, evaluate, manage and monitor significant financial and non-financial risks. Objectives of the Risk Management Framework include, but are not exclusive to: v Provision for decision makers to make informed business decisions within the tolerable risk threshold while leveraging on potential opportunities; v Guidance on a structured approach to identifying, classifying, reporting, managing and monitoring risks; v Clear reporting structure on a timely manner; and v Systematic review on key risks to evaluate the effectiveness of internal controls and any proposed action plans for further mitigation. • Risk Management Process Primary responsibility and accountability on ensuring the risk management framework and internal controls are applied across the Group is overseen by the Group Chief Executive Office and supported by the Managing Director – Finance, as well as the rest of the members in the RMC. The Board receives reasonable assurance on the effectiveness of the Group’s risk management practices and internal control systems as reported and advised by the RMC. The RMC comprises representatives from the Board of Directors, the Chief Executive Officer and Managing Directors who are guided by formalised risk reporting and operational feedback provided by the Risk Management Department. The overall risk reporting process is conducted on a quarterly basis with emphasis on three key focus areas: v Risk Register, encompassing significant and potential risks; v Risk rating, recording changes in risk status upon the implementation of mitigation measures; and v The Group Risk Profile, highlighting significant risks and mitigating controls pertinent to the operations of the Group. People, Systems, Operations Corporate Governance Performance Management Budgeting Strategic Planning Risk Management Risk Identification Risk Prioritisation Risk Monitoring Risk Assessment Risk Controls Risk Reporting > > Board of Directors Risk Management Committee Risk Management Department Head of Departments Risk reporting Risk control, monitoring, reporting Risk identification, assessment, prioritisation > > > & INTERNAL CONTROL STATEMENT ON RISK MANAGEMENT Annual Report 2021 TROPICANA CORPORATION BERHAD GOVERNANCE 188 189
RkJQdWJsaXNoZXIy NDgzMzc=