Enterprise Risk Management

It is our commitment to manage our risks effectively to maintain long term financial strength and enhance value creation. Our risk management aims to optimise risk-return profile by incorporating risks information in our strategic business decisions. The risk management framework identifies, assesses, controls, mitigates, monitors and reports our critical risks factors. This entails a better understanding of our company risk profile which allows us to efficiently allocate our resources to utilize prevailing risk opportunities.

Three Lines of Defence for Risk Management
1st Line of Defence:
Operation Units
 2nd Line of Defence:
Risk Committee
3rd Line of Defence:
Internal Audit
Senior management for each operation units are responsible for the development and the implementation of internal policies, and the execution of risk control procedures on a day-to-day basis. Risk Committee provides oversight, monitoring, and reporting of the all risk management procedures implemented by operational management. Internal Audit provides independent assurance to the Board on the completeness of risk management policies. Reports to governing body, ensure compliance of risk management standards.

The Board is responsible for overseeing the enterprise risk management framework and setting of the risk appetite. The Board delegates to the Risk Committee the authority to oversee the risk management processes and controls, ensuring the business units operate within its risk appetite.