146 YINSON HOLDINGS BERHAD | INTEGRATED ANNUAL REPORT 2023 CORPORATE GOVERNANCE OVERVIEW STATEMENT Financial Reporting The Board has responsibility for effective management of risk for the Group including determining its risk appetite, identifying key strategic and emerging risks, and reviewing the risk management and internal control framework. The AC and BRSC, in supporting the Board to assess the effectiveness of risk management and internal control processes, rely on a number of Companyspecific internal control mechanisms to support the preparation of the Annual Report and Accounts and the financial reporting process. This includes both the Board and Committees receiving regular management reports to include analysis of results, forecasts and comparisons with last year’s results, and assurance from the external auditor. With the regulatory environment evolving quickly, the Committee is kept fully informed of all new legislation, IFRS advice and best practice and the requirements of the MCCG 2021 and disclosure and transparency rules. The Committee and Board receive, in advance of the full-year results, a periodic report on management’s opinion on the effectiveness of internal control over financial reporting. In relation to the financial statements, the Company has specific internal mechanisms that govern the financial reporting process and the preparation of the Annual Report and Accounts. The Committee oversees that the Company provides accurate, timely financial results and implements accounting standards and judgements effectively, including in relation to ongoing concerns and viability. Our financial processes include a range of system, transactional and management oversight controls. Our businesses prepare detailed monthly management reports that include analyses of their results, along with comparisons to relevant budgets, forecasts and the previous year’s results. Risk Management and Internal Controls The Board is responsible for maintaining and reviewing the effectiveness of our risk management activities from a strategic, financial, and operational perspective. These activities are designed to identify and manage, rather than eliminate, the risk of failure to achieve business objectives or to successfully deliver our business strategy. The risk management process is designed to identify, assess, respond to, report on and monitor the risks that threaten our ability to achieve our business strategy and objectives, within our risk appetite. There is an ongoing process for identifying, evaluating and managing the principal and emerging risks we face. This process was in place for the financial year and up to the date of approval of this Annual Report. The AC considers emerging risks with management as part of the standing risk management update it receives. The Company follow the Three Lines of Defence approach to risk management. Risks are owned and managed within the business and reviewed by our businesses at least quarterly. Governance teams review risks and controls, including those relating to information security, compliance and business continuity. Internal Audit assesses our risks and controls independently and objectively. The results of these reviews feed into our reporting cycle, including through the risk management governance structures. Risk management is essential in a global, innovationdriven business such as ours. It helps to create long-term shareholder value and protects our business, people, assets, capital and reputation. It operates at all levels throughout the organisation, across regions, business activities and operational support functions. Our approach to risk management encourages clear decisions about which risks we take and how we manage them, based on an understanding of their potential customer, financial, regulatory, consumer, legal and reputational impact. As risk management and internal control systems are designed to manage rather than eliminate the risk of failure to achieve business objectives, they can provide reasonable but not absolute assurance against material financial misstatement or loss. EFFECTIVE AUDIT AND RISK MANAGEMENT B
RkJQdWJsaXNoZXIy NDgzMzc=