KENANGA ANNUAL REPORT 2018

63 ANNUAL REPORT 2018 INTRODUCTION Pursuant to Paragraph 15.26(b) of the Main Market Listing Requirements (“ MMLR ”) of Bursa Malaysia Securities Berhad (“ Bursa Securities ”), a listed issuer must ensure that its Board of Directors (“ Board ”) includes in its annual report a statement about the state of its risk management and internal controls as a group. In addition, the Malaysian Code on Corporate Governance also stipulates that the Board should maintain a sound system of internal controls, including a review of its effectiveness to safeguard shareholders’ investments and Kenanga Investment Bank Berhad and its Group of Companies (“ Kenanga Group ” or “ the Group ”)’s assets. Set out below is the Board’s Statement on Risk Management and Internal Control in compliance with the MMLR of Bursa Securities. BOARD RESPONSIBILITY The Board is committed to maintaining a sound system of internal controls and has instituted a risk management framework, as well as, good corporate governance measures to monitor the Group’s effectiveness in safeguarding the shareholders’ investments and the Group’s assets. Hence, this will complement well with the Board’s responsibilities for the overall effectiveness of the Group-wide risk management framework and a sound system of internal controls. The Board is responsible for determining key strategies and policies for significant risks and control issues, whereas functional management is responsible for the effective implementation of the Board’s policies by way of identifying, monitoring and managing risks. However, as any system of internal controls will have its inherent limitations, the system has been designed to manage risks rather than provide absolute assurance against material misstatement, fraud or loss. The Board has also received reasonable assurance from the Group Managing Director and Group Chief Financial and Operations Officer that the Group’s risk management and internal control system is operating adequately and effectively, in all material aspects. STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL RISK MANAGEMENT AND INTERNAL CONTROL SYSTEM The Board and Management of the Group are committed to the implementation of an internal control system to manage those risks that could affect the Group’s continued growth and financial viability. As such, measures are taken to continuously evaluate changes in the risk profile of the Group and business complexities to assist the Board and Management to anticipate and manage all potential risks and protect the shareholders’ value. The key elements of the Group’s internal control system include the following: 1. An organisational structure, which is aligned to business and operational requirements, and led by Heads of Departments with accountability in place; 2. Integrated business planning and operational budgeting processes driven by commercial objectives; 3. A clear definition of authority and responsibilities that have been approved by the Board and subject to continuous updating and review; 4. Standard operating manuals which document the organisation-wide policies and procedures to ensure compliance to internal controls and applicable laws and regulations are reviewed periodically to meet changes in business operations and regulatory requirements; 5. Regular training and updates for employees on requirements/ guidelines of Bank Negara Malaysia (“ BNM ”), Bursa Securities and the Securities Commission Malaysia (“ SC ”), as well as, on the importance of corporate governance, risk management and internal control; 6. Establishment of strong risk management governance with an enterprise risk management framework as a pillar for other risk guidelines and sound practices by Group Risk Management (“ GRM ”). The risk governance structure in the framework defines the roles and responsibilities throughout the organisation to ensure accountability and ownership;