Enterprise Risk Management is defined as a process, affected by an entity’s Board of Directors, Management and other personnel, applied in a strategic setting and across the enterprise. It is designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.
(i) Composition of the Risk Management Committee (“the Committee” or “RMC”)
(ii) Criteria of Selection
Members of the Committee need to have the will to deliberate issues, rationally, objectively and practically. Secondly, the Members shall not be worried of “witch-hunt” or suppression by fellow Directors in discharging their responsibilities.
(i) Reporting Line
The Committee shall report directly to Board.
The quorum for all meetings of the RMC shall not be less than two third (2/3) of the entire Committee, where the members present shall comprise of a majority of Independent Directors.
(i) Meetings shall be held not less than four (4) times a year and the RMWG, Board or the Audit Committee and the Internal Auditor (“IA”) shall normally be invited to attend the meetings. Other Management members shall be invited to attend as and when required by the RMC.
(ii) Company Secretaryshall be the Secretary of the RMC and shall provide the necessary administrative and secretarial services for the effective functioning of the RMC. The draft minutes shall be circulated to the RMC members for comment within two (2) weeks after the meeting and the signed minutes shall be tabled at the subsequent RMC meeting.
The Board has defined the roles and responsibilities of RMC. This is to ensure that risk management framework is in place with an adequate awareness and understanding of risk and control by the Management and risk owners in order to safeguard stakeholders’ interests and add value to the organisation.
As such, the Board has delegated the monitoring and reviewing of the risk management plan to the Committee and such other functions as it may deem fit.
(i) Role of Chairman
The Chairman will act as facilitator at meetings of the Committee and ensure that no Committee member, whether executive or independent non-executive, dominates the discussion, and that appreciates discussion takes places and that relevant opinion among Committee members are forthcoming.
The key roles and accountabilities of the Chairman include:
(a) Managing Committee communications and its effectiveness.
(b) Creating conditions for good deliberation and decision making
(c) Ensuring Company’s policies and procedures are in compliance with good conduct and best practices.
(d) Maintaining good contact and effective relationships with external parties, investing public,regulatory agencies and trade associates.
(e) Ensuring that quality information to facilitate decision-making is delivered to the Board on timely manner.
(f) Focal point of communications with external parties (in particular External Auditors, Investors, bankers and shareholders).
The Chairman shall also coordinate with the Chairman of the Audit Committee to assist the Audit Committee in its review of the Company’s system of internal control that have been delegated to the Audit Committee in its charter.
(ii) Role of Committee
The function of RMC in which their authority and responsibilities have been incorporated shall be as follows:
(a) To review and discuss with RMWG the Company’s risk governance structure, risk assessment and risk management practices and the guidelines, policies and processes for risk assessment and risk management.
(b) To review and discuss with Board and the Management of the Company’s risk appetite.
(c) To discuss with the Company’s Chairman of the RMWG of the Company’s risk assessment and risk management guidelines, policies and processes, as the case may be. The Committee shall have a private meeting (excluding the Executive Director) at least twice a year with the Company’s Chairman of the RMWG.
(d) To receive, as and when appropriate, reports from the Company’s Internal Auditors’ internal audit function on the results of risk management reviews and assessments.
(e) To receive, deliberate and accept, as and when appropriate, reports from the Company’s RMC their risk management report.
(f) To approve the appointment and, when and if appropriate, replacement of the Company’s Chairman of the RMWG, whom shall have a reporting relationship with the Committee.
(g) To review the disclosure regarding the risk management and internal control statement.
(h) To review reports on selected risk topics as the committee deems appropriate from time to time.
(i) To be given unrestricted access to the Group’s Management and the accurate and complete information pertaining to the Company and/ or the Group including from the Company and / or the Group’s auditors and consultants.
(j) To discharge any other duties or responsibilities delegated to the Committee by the Board.
(k) The Committee shall have the authority to delegate any of its responsibilities to Sub-Committees as the Committee may deem appropriate. The Committee shall have authority to retain such outside legal counsel. Experts and other advisors as the committee may deem appropriate in its sole discretion. The Committee shall have sole authority to approve related fees and retention terms.
(l) The Committee shall report its actions and any recommendations to the Board and shall conduct and present to the Board an annual performance evaluation of the Committee. The Committee shall review at least annually the adequacy of this Charter and Framework and recommend any proposed changes to the Board for approval.
(m) Attend all necessary and required trainings (internal and external courses) at the expense of the Company in order to equip and update themselves on the latest pronouncement and regulations concerning risk management and internal audit.
(iii) New Committee members
A new Committee member shall be briefed on the terms of their appointment, their duties and obligations and on the operations of the Group. Copies of the following shall be provided to the newly appointed Committee:
(a) Board Charter;
(b) Risk Management Charter;
(c) Auditor Committee Charter;
(d) Memorandum and Articles of Associates;
(e) Committees’ composition and terms of reference;
(f) Latest business plans;
(g) Latest annual reports and financial statements;
(h) Site visitation.
(i) Executive Powers of the Committee
Independent AdvisorsThe Committee shall have the authority to engage such independent legal and other advisors as it deems necessary or appropriate to carry out its responsibilities. Such independent advisors may be the regular advisors to the Group. The Committee is empowered, without further action by the Board, to cause the Group to pay the compensation of such advisors as establish by the Committee.
Implementation of ControlsThe Committee shall have the authority to instruct any of the Management to execute the corrective action plan proposed by the Risk Owners as long as the plan does not hamper/in conflict with the Organisation’s objectives. The Committee also have the authority to request the Risk Owner or the Management to report directly to the Committee of their action plan.
8. CORPORATE GOVERNANCE DISCLOSURE
The Committee guided by paragraph 15.27 of the Main Market Listing Requirements (“MMLR”) shallensure the Company provide adequate narrative statement of its risk management framework (“RMF”).
The Risk Management and Internal Control Statement would be concurrently recommended by the Committee and also the Audit Committee. Both the Committees shall then propose to the Board of Directors for approval.Disclosure of the statement are made by way of circulating the Annual Report in publicly available domain and at the Company’s website (if recommendation) by the Board.
The Committee shall also oversee the publication of the risk management framework the official company’s official website.