STEERING INTEGRITY AND ACCOUNTABILITY SEC 6 148 STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL The diagram below shows FGV’s risk management oversight matrix. Fourth line of defence - Setting requirements and/ or performing independent assurance Other External Bodies External Auditors Regulators EXTERNAL ASSURANCE Board and Board Committees Group Management Committee, Risk Management Committee and Senior Management Business Units Policies and Standard Operating Procedures Group Internal Audit Group Risk Management Division Other Corporate Centres MANAGE OVERSEE ASSURANCE First line of defence – Owns and manages risks Second line of defence – Oversees risks, control and compliance Third line of defence – Provides independent assurance KEY INITIATIVES 2023 The key initiatives drive the implementation of framework and process methodology enhancements, fostering resilience and preparedness against key risk threat. KEY INITIAVITES OUTCOME Risk Appetite Statement (RAS) The Group enhanced its RAS framework by incorporating KRIs and establishing thresholds to assess corporate risk profiles. The assessment covered primary risk categories: geopolitical, catastrophic, market, strategic, financial, and operational, with a focus on trading functions. The Group RAS is a vital framework for informed decisionmaking, instilling confidence in risk navigation and integrating with key management activities. It serves as a governance mechanism for risk-taking, driving current and future business activities in line with strategic objectives. Enterprise Risk Management System (ERMS) Enhancement Project 2.0 This enhancement is a strategic initiative aimed at improving process ownership and efficiency. It includes key changes like better user experience, refining risk priority moderation, upgrading KRI status, implementing Bow-Tie Analysis, and integrating the Corruption Risk Management (CRM) module. The project also covers top risks nomination, escalation protocol, risk aggregation processes, and dashboard review. The Project successfully upgraded the ERMS methodology, process, and functionality, integrating the CRM module. This improved ERMS ensures higher-quality input for registered risk assessments, enhances risk reporting, facilitates ongoing and future reviews by respective risk register owners. Location-Based Crisis Management (LBCM) FGV conducted a LBCM exercise in ESSZONE, Sabah, to proactively address potential disruptions caused by militant threats to operations and businesses in Northern Sabah. The exercise aimed to focus on refining notification and escalation procedures, optimising decision-making efficiency, and increasing overall awareness of Business Continuity Management fundamentals amidst militant threat scenarios. The LBCM exercise underscored the necessity for improvements to bolster the preparedness and resilience of the participating companies. Regular awareness and training programmes, coupled with ongoing reviews and refinements of notification procedures, can deepen the participants’ understanding of crisis management.
RkJQdWJsaXNoZXIy NDgzMzc=