8 2

Corporate GovernanCe

STATEMENT ON

RISK MANAGEMENT

AND INTERNAL CONTROL

1.

INTRODUCTION

The Board acknowledges that the practice of good corporate

governance is an on-going process and not just an annual

matter to be covered as compliance in the Annual Report.

The Board is committed to practise the highest standards of

corporate governance and observing best practices throughout

the Group. The Board’s Statement on Risk Management and

Internal Control is in compliance with Paragraph 15.26(b) of

the Bursa Malaysia Securities Berhad Main Market Listing

Requirements and the Statement on Risk Management and

Internal Control: Guidelines for Directors of Listed Issuers.

2.

RESPONSIBILITY

The Board recognises their responsibility for the Group’s

system of internal control, which is designed to identify and

manage the principal risks facing the business in pursuit of its

objectives, to review its adequacy and integrity and to ensure

good corporate governance. The management is accountable

to the Board for monitoring the Group’s system of internal

control and for providing assurance to the Board that it has

done so.

The system of internal control covers risk management,

financial, operational, administration, human resource,

information technology and compliance controls to safeguard

shareholders’ investments and the Group’s assets. This

system is designed to manage rather than to eliminate the

risk of failure to achieve business objectives and can only

provide reasonable but not absolute assurance against

material misstatement or loss.

The Board is of the view that the system of internal control and

risk management in place for the year under review, and up to

the date of approval of this Statement on Risk Management

and Internal Control, is sound and sufficient to safeguard the

Group’s assets, as well as the shareholders’ investments, and

the interest of other stakeholders. The Board has received

assurance from the Group Managing Director (“Group MD”)

and the Chief Financial Officer (“CFO”) that the Group’s

risk management and internal control system is operating

adequately and effectively, in all material aspects, based on

the Group’s risk management and internal control system.

3.

INTERNAL CONTROL

The key processes that the Board has established in reviewing

the adequacy and integrity of the system of internal control

and risk management systems include the following:

3.1 Operational and follow-up audits are conducted

throughout the financial year based on approved

annual audit plan to provide reasonable assurance that

the systems of internal controls and its framework, and

governance processes put in place by management

continue to operate satisfactorily and effectively

and to add value and improve the Group’s business

operations.

3.2 A meeting of Heads of Divisions which is chaired by

KFima’s Group MD is held monthly to deliberate on

the KFima Group’s financial performance, internal

audit reports, business development, legal/litigation,

operational, and corporate issues. The Group MD will

update the Board of any significant matters that require

the Board’s immediate attention.

3.3 The Group MD actively participates and involves in the

day-to-day running of the major business and regular

discussions with the senior management.

3.4 There is a budgeting and forecasting system. Each line of

business submits a business plan annually for approval

by the Board. The results of the lines of businesses

are reported monthly and variances are analysed

against budget and acted on in timely manner. The

Group’s strategic directions are also reviewed annually

taking into account changes in market conditions and

significant business risks.