1 128 Table of Contents 130 156

FGV Annual Integrated Report 2019

121 ANNUAL INTEGRATED REPORT 2019 04 S E C T I O N GROUP GOVERNANCE & RISK MANAGEMENT (GGRM) DIVISION At the Management level, the Board is supported by a dedicated GGRM Division that undertakes the following responsibilities within the ambit of its Strategic, Operational, Ethics & Integrity and Whistleblowing & Detection Departments: ETHICS & INTEGRITY Oversee and monitor implementation of the ethics and integrity programme, ensuring that all Group employees as well as Management are knowledgeable and comply with relevant policies and standards. Conduct educational and training programmes that focus on ethics, integrity and compliance Group-wide, including vendors, contractors and agents. ETHICS & INTEGRITY ENGAGEMENT ETHICS & INTEGRITY AWARENESS WHISTLEBLOWING & DETECTION Manage complaints on any improper conduct committed or about to be committed through whistleblowing channels and provide protection for the whistleblower and conduct awareness programmes. Investigate whistleblowing complaints received, focusing on bribery, abuse of power and fraud, and recommend appropriate actions. WHISTLEBLOWING DETECTION STRATEGIC Build core risk analytics and intelligence capability for risk analysis to produce quarterly report. Implement a robust Risk Management Framework and facilitate risk assessment process, strategic business initiatives and project proposals. Facilitate the formulation of P&P and provide advisory based on business needs and requirements. RISK REPORTING & ANALYTICS RISK FRAMEWORK & REVIEW QUALITY ASSURANCE OPERATIONAL Establish, review and monitor risk registers including mitigation plans via ERMS. Conduct awareness and training to improve competency on risk management. Facilitate the development of Business Continuity Plans and coordination of BCM testing and crisis simulation exercises. Promote strong BCM culture and awareness throughout the organisation. Analyse audit observations to identify corruption risk and establish corruption risk registers. Conduct training programmes and preparation for Corruption Risk Management (CRM) risk registers. ENTERPRISE RISK MANAGEMENT SYSTEM (ERMS) BUSINESS CONTINUITY MANAGEMENT (BCM) COMPLIANCE HOW WE ARE GOVERNED STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL

RkJQdWJsaXNoZXIy NDgzMzc=