KENANGA ANNUAL REPORT 2017

The AC, pursuant to its Terms of Reference, oversees the effectiveness of the internal audit function of KIBB including: • reviewing, approving and reporting to the Board the audit scope, procedures and frequency; • reviewing and reporting to the Board key audit reports and ensuring that Senior Management is taking necessary corrective actions in a timely manner to address control weaknesses, non-compliance with laws, regulatory requirements, policies and other problems identified by the internal audit; • noting significant disagreements between the GCIA and the rest of the Senior Management team, irrespective of whether these have been resolved, in order to identify any impact the disagreements may have on the audit process or findings; • establishing a mechanism to assess the performance and effectiveness of the internal audit function; • reviewing and reporting to the Board the adequacy of scope, functions, competency and resources of the internal audit function and that it has the necessary authority to carry out its work; and • appointing, setting compensation, evaluating the performance and deciding on the transfer and dismissal of the GCIA and of any staff member of the internal audit function at the request of the GCIA. Group Board Risk Committee The GBRC comprises a majority of INEDs and is chaired by an INED who is not the Chairman of the Board. Details on the GBRC composition, as well as its members’ attendance at the GBRC meetings during the financial year ended 31 December 2017 are provided in Section B of the CG Report. The GBRC was established to support the Board in meeting the expectations on risk management as set out in BNM’s Policy Document on Risk Governance. It assists the Board in the implementation of a sound remuneration system, by examining whether incentives provided by the remuneration system take into consideration risks, capital, liquidity and the likelihood and timing of earnings, without prejudice to the tasks of the NRC. The functions and responsibilities of the GBRC are set out in the Terms of Reference of the GBRC which is available on KIBB’s website at https://www.kenanga.com.my/GBRC_TOR.pdf Risk Management and Internal Control The Board is responsible to ensure that KIBB has in place effective and comprehensive risk management policies, procedures and infrastructure to identify, measure, monitor and control the various types of risks undertaken by Kenanga Group. In discharging this responsibility, the Board approves and periodically reviews the risk management capabilities of KIBB to ensure their ability to support KIBB’s business activities and any expansion thereof. It is important to emphasise that the ultimate responsibility for ensuring a sound internal control system and reviewing the effectiveness of the system lies with the Board. The Company’s inherent system of internal control is designed to manage, rather than eliminate, the risk of failure to achieve the Company’s corporate objectives, as well as to safeguard the shareholders’ investments and the Company’s assets. Details of KIBB’s internal control system and risk management framework are set out in the Statement on Risk Management and Internal Control in this Annual Report. Kenanga Investment Bank Berhad 48 corporate governance overview statement