FGV Annual Report 2017

FELDA GLOBAL VENTURES HOLDINGS BERHAD HOW WE ARE GOVERNED 108 REVIEW OF RISK MANAGEMENT AND INTERNAL CONTROL In the spirit of ensuring continuous improvement of the Risk Management and Internal Control system, FGV conducted the following review processes in the financial year: Assessment of Controls Detailed risk assessments were carried out in close collaboration with our Stakeholders (Risk Owners and Risk Champions) in which mitigation controls for the risks are performed quarterly. The effectiveness of these mitigations are measured by monitoring and updating the outcomes of these controls against identified key objectives. The controls and mitigations are approved by the relevant Senior Management of the subsidiaries, corporate centres, and sectors and finally the GP/CEO prior to reporting to BGRMC. Review of Risk Register At the Group level, the consolidated risk register was analysed on a quarterly basis by Group Risk Management Division (GRMD) to ensure it was in accordance to the policies and procedures. Parallel to this, GRMD also facilitated risk register Review sessions with specific subsidiaries and corporate centres to identify and communicate improvement opportunities in the individual risk registers. Project/Business Proposal Risk Review GRMD facilitates business units to identify, assess risks and formulate the necessary mitigation plans for relevant projects. Independent Group Internal Audit Review The Group Internal Audit Division (GIA) conducts regular and systematic reviews to provide an independent and objective assurance to the Audit Committee and management, focusing on the adequacy and effectiveness of the governance, risk management and controls processes in place. Business Continuity Plan (BCP) Documentation Review GRMD regularly reviews the effectiveness of the BCP Documentation together with Business Continuity Management (BCM) Coordinators across the Group. The BCP Documentation was designed to cater for every business stream. Business mitigation strategy was reviewed and revised according to the business operation environment annually. These practices ensure the Group are well versed with their BCP Strategy and thus, be able to respond effectively in the event of a disaster. RISK MANAGEMENT APPROACH FOR FGV’S LISTED SUBSIDIARY MSM Malaysia Holdings Berhad (MSM), as a listed subsidiary of FGV, undertakes its risk management and internal control responsibilities through MSM’s Audit Committee, MSM’s Investment Committee and MSM’s Board Governance & Risk Management Committee for subsequent deliberation at MSM’s Board. Any risks identified as having significant impact on FGV Group are reported to BGRMC and where it has direct impact to the financial performance of the Group, is reported directly to Audit Committee, and subsequently to FGV’s Board. REVIEW OF STATEMENT BY EXTERNAL AUDITORS As required by Paragraph 15.23 of the Bursa Malaysia Securities Berhad Main Market Listing Requirements, the external auditors have reviewed this Statement on Risk Management and Internal Control. Their limited assurance review was performed in accordance with Audit and Assurance Practice Guide (“AAPG”) 3 issued by the Malaysian Institute of Accountants. AAPG 3 does not require the external auditors to form an opinion on the adequacy and effectiveness of the risk management and internal control systems of the Group. STATEMENT BY THE BOARD Based on the processes and measures undertaken by the Board and its Committees during the financial year and assurance provided by the GP/CEO and the Group CFO, the Board is of the view that the risk management framework and internal control system as described in this Statement are operating adequately and effectively in all material aspects to safeguard the interests of our Stakeholders. This Statement is made in accordance with the resolution of the Board dated 28 March 2018. STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL