GOVERNANCE Sect ion 04 Annual Report 2022 125 Statement on Risk Management and Internal Control Ranhill’s Board of Directors (“the Board”) is pleased to provide this Statement on Risk Management and Internal Control which outlines the nature and scope of the Group’s risk management and internal control for FY2022 that is in accordance with Paragraph 15.26(b) of Bursa Malaysia’s Main Market Listing Requirements (“MMLR”). BOARD’S RESPONSIBILITY The Board affirms its overall responsibility for establishing a sound risk management and internal control system with the objective of safeguarding the shareholders’ investment and the Group’s assets. The Board ensures that there is a robust framework of ongoing risk management process in identifying, evaluating and managing significant risks faced by the Group. In discharging its responsibilities, the Board is supported by Ranhill’s Governance Risk Management Committee (“GRMC”) and Audit Committee (“AC”) to oversee the risk management and internal control system during the FY2022. These Board committees update the Board periodically of their work, key deliberations and decisions on delegated matters. BOARD OF DIRECTORS (“BOD”) Responsible for identifying principal risks and ensuring the implementation of appropriate risk management system and mitigation measures RISK ORGANISATIONAL STRUCTURE BOARD COMMITTEE LEVEL Governance & Risk Management Committee (“GRMC”) • Review the Group’s risk profile and monitor management action plan to manage its critical and significant risks • Approve risk methodologies for measuring and managing risks arising from the Group’s business and operational activities MANAGEMENT LEVEL Management Assurance Risk Compliance Committee (“MARCC”) • Established at the Group level and responsible to monitor the Group’s assurance, risk and compliance matters • Significant risk issues evaluated are escalated to GRMC and Board Risk Management Working Committees (“RMWC”) • Established at the Group Company level. The RMWCs, chaired by the respective CEOs of the Group Company are responsible for the effective management of their risk profiles • Identify potential risks and escalate to MARCC the implementing measures to mitigate those risks CUSTODIAN LEVEL Group Corporate Assurance Division (“GCAD”) • MARCC Secretariat • Reviews and monitors risk reporting quarterly • Responsible in guiding the risk owners on risk related matters OPERATIONAL LEVEL Business Unit Management (“BUM”) • Accountable for the comprehensiveness of the risks identified, their assessment as well as their bottom-up reporting In view of the limitations inherent in any system of risk management and internal control, the Board recognizes that such a system can only provide reasonable but not absolute assurance against material misstatement, loss or fraud. RISK MANAGEMENT Risk Organisational Structure Our risk organizational structure facilitates the flow of information and effective oversight on the execution of riskmanagement activities within Ranhill. The structure provides clear delineated lines of accountability, authority and responsibility as explained below:
RkJQdWJsaXNoZXIy ODQxNzg=