2019 UEM Edgenta Annual Report

124 Statement on Risk Management and Internal Control Summary of Risk Management Activities Risk management activities that were undertaken at both the Company and subsidiary levels to instil a proactive risk management culture and ownership are as follows: • Periodic risk awareness briefing, risk identification and mitigating action plans workshops are conducted as continuous efforts to inculcate proactive risk-aware culture within the Group. • Risk Management Status Reports are produced quarterly at the minimum and are presented to the RMC, ARC and Board of Directors for deliberation and approval. • Quarterly review and monitoring implementation of risk action plans by the risk management team. • Identification and reporting of emerging risks and mitigation plans to the RMC, ARC and Board of Directors for deliberation and approval. • Provides risk management consultation and advisory services to projects, investment and potential business leads. Integrity & Compliance Integrity & Compliance are the foundation and values in our day-to-day decision-making and business practices. A Board Governance and Risk Committee was set up on 1 January 2020 to undertake the integrity & governance activities in addition to the oversight of risk management & compliance matters. The BGRC is chaired by Independent and Non-Executive Director. Compliance Framework A Compliance Framework has been formalised and approved by the Board of Directors. The Framework aims to establish and embed the culture of ethics and integrity, consistent with the values of the organisation and promote the culture of commitment to lawful and ethical behaviour. Eight Elements of Compliance Framework Elements of Compliance Framework Respond Prevent Detect Governance & Culture Remediation and Reporting Investigation Compliance Monitoring Risk Assessment Policies & Procedures Training & Engage Control Activities