FGV Annual Report 2018

REINFORCED OUR STANDARDS OF GOVERNANCE 01 02 05 03 07 06 04 08 09 97 ANNUAL INTEGRATED REPORT 2018 STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL HOWWE APPROACH RISK The achievement of the strategies enshrined in the strategic plan requires a strong risk-centric approach to ensure the Group is always aware and prepared for the myriad risks faced by the business. This is underpinned by our robust internal controls and oversight framework which are necessary prerequisites to the achievement of the Group’s objectives. OVERVIEW OF OUR APPROACH Effective risk management is an integral part of our business model and is intended to seek opportunities from the risks, lessen the potential impacts in the event risks are crystallised and protect our reputation whilst ensuring profitability and business growth remain paramount. The matrix for oversight, assurance, risk management and internal control is clearly set up in FGV. Our risk management oversight approach is premised on the four lines of defence model, coordinating various players involved and their activities to effectively inculcate sound risk culture. RESPONSIBILITIES AND ACCOUNTABILITIES The Board acknowledges the principal risks in all aspects of the Group’s businesses and recognises that business decisions involve taking appropriate risks. The Board must ensure that there are systems in place which effectively monitor and manage these risks. For areas pertaining to risk management and internal control, the Board is responsible for the following: i. Determine the Group’s overall risk appetite, level of risk tolerance and actively identify, assess and monitor key business risks to safeguard Shareholders’ investments and the Group’s assets, and communicate the same to the Senior Management. ii. Appraise the Group’s major current and emerging risks and oversee that appropriate risk management and internal control procedures are in place. iii. Consider and approve the Group’s overall risk-reward strategy and framework for managing all categories of current and emerging risks relevant to the sustainability of the Group’s businesses and wellbeing of the Group and its Stakeholders, consistent with its level of risk tolerance. iv. Ensure proper implementation and review the Group’s internal controls system, which is continually upgraded to mitigate the Group’s current and emerging risks. BOARD AND BOARD COMMITTEES MANAGE First line of defence - Functions that own and manage risks OVERSEE Second line of defence - Functions that oversee risks, control and compliance ASSURANCE Third line of defence - Internal functions that provide independent assurance Business Clusters Policies and Standard Operating Procedures Group Governance Division Other Corporate Centres Group Internal Audit EXTERNAL ASSURANCE Fourth line of defence - set requirements and/or perform independent assurance External Auditors Regulators Other External Bodies Group Risk Management Division GROUP MANAGEMENT COMMITTEE & TOP MANAGEMENT