Statement on risk management
and internal control
BOARD RESPONSIBILITY
The Board of Directors (“Board”) recognises the importance of sound risk management and internal control practices for good corporate governance. The Board affirms its
responsibility for ensuring the Group’s system is able to adequately and effectively manage significant risks.
The Group has in place an ongoing process for identifying, evaluating and managing significant risks through a framework which includes a reporting structure. This is
supported through a Risk Management Committee that meets regularly, receiving risk management updates and taking necessary actions to ensure that risks are managed
within the acceptance levels of the company within which they reside.
The Group’s system of internal control is designed to manage and control risks appropriately, rather than eliminate the risk of failure to achieve business objective. Due to the
inherent limitations in all control systems, these control systems can only provide reasonable and not absolute assurance.
The Board has received reports from the Risk Management Committee that the Group’s risk management and internal control system is operating adequately and effectively in
all material aspects based on the existing risk management and internal control system of the Group.
Based on the reports received from the Risk Management Committee and the assurance reports from various sources (including both internal and external auditors) the Board
is of the view that the system of risk management and internal control in place for the year under review and up to the date of issuance of this Annual Report is adequate and
effective to safeguard shareholders’ interest in the Group, interest of customers, regulators, employees and the Group’s assets.
In addition, the Board also received assurance from the Group Chief Executive Officer, Chief Financial Officer of the Oil & Gas Division and Financial Controller of the Industrial
Services Division that the Group’s risk management and internal control system is operating adequately and effectively in all material aspects, based on the risk management
model adopted by the Group.
KEY ELEMENTS AND PROCESSES ON RISKMANAGEMENT AND INTERNAL CONTROLS
The key elements and processes that have been established in reviewing the adequacy and effectiveness of the risk management and internal control system include the
following:-
RISKMANAGEMENT
The Risk Management Committee (“RMC”) being the sub-committee of the Audit Committee was established by the Board towards ensuring a sound system of risk management
and control framework is embedded into the culture, processes and structures of the Group. The RMC provides oversight on the effectiveness of the Group’s policies and
processes in identifying, evaluating and managing the Group’s risks.
The RMC is headed by the Deputy Managing Director and made up of the Heads/CEOs of the Group’s business divisions.
The principal responsibilities of the RMC includes:-
• Reviewing the Group Risk Management Policy and Framework, as and when necessary, for approval by the Audit Committee and the Board;
• Ensuring that the processes to identify, assess, treat, monitor and report on all material business risks are functioning as designed;
• Reviewing risk reports of the Business Division/Units;
• Providing guidance and direction to the Business Units on the adequacy and effectiveness of internal control system for the identification and mitigation of material
business risks; and
• Establishing procedures for the identification of and compliance with relevant laws, licensing and regulatory requirements.
42
Wah Seong Corporation Berhad • Annual Report 2014
