STATEMENT ON RISK MANAGEMENT & INTERNAL CONTROL Yinson’s Revised Risk Matrix Risk Heat Map Risk Impact Insignificant Minor Moderate Major Catastrophic 1 2 3 4 5 Risk Likelihood Almost Certain 5 Medium (5) Medium (10) High (15) Critical (20) Critical (25) Likely 4 Low (4) Medium (8) High (12) High (16) Critical (20) Possible 3 Low (3) Medium (6) Medium (9) High (12) High (15) Unlikely 2 Low (2) Low (4) Medium (6) Medium (8) Medium (10) Rare 1 Low (1) Low (2) Low (3) Low (4) Medium (5) Top 5 Risks No Top 5 Risks Descriptions Key Controls & Mitigations in FYE 2022 1. Energy transition risk Energy transition risk is the newly added risk to the top 5 risks that the Group monitors closely and reports to the Board on a quarterly basis. Energy transition risk in essence refers to the energy sector’s shift from fossil-based resources (i.e. oil, coal, natural gas, etc.) to renewable energy (i.e. solar, wind, hydropower, etc.). Examples of energy transition risk may include climate-related risk pertaining to market demand for fossil fuels, regulatory changes and reputational risks. • Establishment of Yinson’s Climate Goals Roadmap and Climate Report. • Operationalisation of carbon abatement strategies for carbon-heavy assets (i.e. closed flaring, hydrocarbon blanketing system, combined cycle technologies to maximise energy efficiency and utilising low-emission alternatives for energy source). • Embark on the initiative to integrate the climate risk assessment within the ERM Policy Statement & Framework. 2. Corporate funding risk Corporate funding refers to the risk that the Group may not be able to source sufficient funds (i.e. through equity, right issues, debt funding, etc.) to cover working capital and capital expenditure. Any inability to secure funding may lead to defaults on debt obligations or failure to meet repayment schedules. • Development of Corporate Funding Policy and Plan. • The Group was able to secure the HSBC RM1.0 billion Sustainability-Linked Sukuk bond with coupon interest rate of 5.55%. • Currently the Group is working on the issuance of a rights issue to raise additional funding. 3. Cybersecurity risk Cybersecurity risk is the probability of the Group’s internal system/applications being exposed to various cyberattacks including hacking, ransomware, phishing, etc. A breach in our internal IT system security may result in financial loss, leakages, or loss of confidential or critical data. • The cybersecurity team has developed a Cyber Risk Management Roadmap which was tabled to theManagement and Board and is currently in the process of implementation and continuous refinement based on the feedback garnered from the Board and businesses. The Cyber Risk Management Roadmap consists of multiple initiatives which will strengthen the cybersecurity systemwithin the Group. • Implementing cybersecurity awareness training for the Group. 4. Project cost overrun risk As FPSO projects are long-term in nature, project cost overruns could have a negative impact on the project profit margins and affect the cash flows of the Group. • Continuous review and improvement of project cost management. • Enhancement and improvement of the Project Standard Procedure for screening to be utilised for future projects. 5. Project and client concentration risk Some of the Group’s contracts are concentrated in a specific geographical region (i.e. Brazil) and client specific (with the recent award of the Parque das Baleias contract). • To continue to focus on the Renewables and Green Technologies Divisions, establishing them as one of the main revenue streams. • The Group is in the midst of exploring other projects outside of Brazil for a more diversified portfolio. 203 ANNUAL REPORT 2022 GOVERNANCE
RkJQdWJsaXNoZXIy NDgzMzc=