FGV Annual Report 2017

ANNUAL INTEGRATED REPORT 2017 HOW WE ARE GOVERNED 105 STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL RISK MANAGEMENT KEY ACTIVITIES In 2017, we have enhanced the integration of our strategies and risk management, thereby enabling us to take the appropriate mitigation measures towards achieving our objectives. Listed below are the key risk management activities undertaken by GRMD in 2017 to inculcate and embed risk management culture in the Group: Activities Description Risk Management Framework Various initiatives were undertaken to strengthen FGV’s Risk Management Framework, in line with the two-year implementation roadmap which commenced last year. This includes the Risk Appetite Statement, new ERM System and the GRMD Intranet Hub, amongst others. Governance Quantum Leap GRMD led the Governance Quantum Leap project to improve perceived weaknesses in FGV’s corporate governance. Areas addressed are tightening finance policies and procedures, strengthening internal controls and enhancing Board oversight. Risk Appetite Statement The Risk Appetite Statement was approved and implemented for the Group effective 3rd Quarter 2017. It is a tool developed to measure empirically the corporate risk profile by using pertinent variables including key risk indicators, risk weightage and risk tolerance thresholds. Quarterly Risk Report for FGV Group Enhanced the efficacy of theQuarterly Risk Report by incorporating empirical quantification of the potential loss quantumof FGV’s key risks.This is on top of the coverage of enterprise & business risks, emerging risks, project risks and reputational risks. Project/Business Proposal Risk Review Assisted the business by facilitating risk assessments of various business proposals and projects. GRMD ensured sound methodology is applied in the dimensioning and quantification of the relevant project or business risks. New ERM System GRMD deployed a new Enterprise Risk Management (ERM) System which automates and elevates FGV’s internal risk management processes in line with ISO standards. The new system improves risk identification, assessment and mitigation monitoring of the FGV risk registers. New Risk Registers Five new risk registers were created for companies within the Group with material risk exposures yet to have risk registers. Risk Intranet Hub A GRMD intranet hub was launched as a source of information, training and awareness for risk practitioners across the Group, and also serves as a gateway to the new ERM System. Training and Awareness 15 risk review sessions, 26 risk based awareness trainings and 26 BCM training sessions were conducted in FGV for year 2017. BCM Testing 28 BCM testing exercises were conducted across the Group. Reviewing, assessing, enhancing and monitoring the Group’s Risk Management Framework including risk management policies and procedures Preparing risk reports to BGRMC and the Board Maintaining the risk registers of the Group Undertaking analysis on specific risks and where necessary, reporting the same to BGRMC and the Board Providing guidance to the Group’s operations in identifying and assessing risks, developing relevant and effective mitigation strategies to manage the risks Overseeing the Group’s Business Continuity Management (BCM) GROUP RISK MANAGEMENT DIVISION At management level, Board is supported by a dedicated Group Risk Management Division (GRMD) which undertakes the following responsibilities: