155 GOVERNANCE STATEMENT ON RISK MANAGEMENT & INTERNAL CONTROL Governance Structure Descriptions Lines of Defence • Governance of ERM Policy and Strategy, oversee overall risk management and review risk profiles • BRSC - Oversee and approve the company-wide risk management and sustainability practices • BAC - Provide an objective view and independent report on the effectiveness of ERM and internal control system to the Board • Internal Audit - Provide independent Audit Report on ERM and internal control effectiveness Board of Directors (“Board”) Board Risk & Sustainability Committee (“BRSC”) Board Audit Committee (“BAC”) Internal Audit 3rd line of defence Yinson Renewables Yinson Production Regulus Offshore Corporate Yinson GreenTech Risk Coordinator • To assist MC in managing risk related measures or issues/concerns • Monitor and report all types of risk to the MC Risk Owner 1st line of defence • Monitor ERM Policy Implementation, risk reporting and action plans • Assist MC in managing risk related measures or issues/concerns • Monitor and report all types of risk to the MC and BRSC Group Chief Strategy Officer (“GCSO”) Management Committee (“MC”) Governance, Risk Management and Compliance (“GRC”) 2nd line of defence The Framework is key to ensuring that all potential business strategic risks of the Group are reasonably recognised and the Group demonstrates commitment to manage existing and emerging risks to protect our key stakeholders’ and shareholders’ interests. RISK GOVERNANCE & OVERSIGHT The Governance, Risk Management and Compliance (“GRC”) Department is responsible to establish, coordinate and implement the Group’s ERM Policy Statement and Framework to ensure that our internal risk management processes are kept up-to-date and sufficiently robust to manage risks effectively. In addition, the GRC Department will monitor and report key risk issues to the MC and escalate to the BRSC on a quarterly basis. Yinson’s ERM Policy Statement and Framework identifies, evaluates, monitors and manages risks encountered by the Group. Our risk governance structure facilitates risk identification and escalation whilst providing assurance on the key risks and controls to the Board. It elaborates and assigns clear roles and responsibilities within each line of defence and facilitates the implementation of the updated ERM Policy Statement and Framework. The current governance structure that assumes the roles of risk and governance perspective is further explained as below:
RkJQdWJsaXNoZXIy NDgzMzc=