The Board recognises the importance of risk management in helping the Group to achieve its objective and sustain success. Accordingly, this risk policy is established by the Board with the aim of setting and providing references of the intents and fundamentals of risk management practices in the Group.

The Board is primarily responsible for overseeing risk management in the Group. In doing so, the Board will perform the following responsibilities. However, the Board may delegate its risk management oversight role to a board committee, if needed.

1. Review management practices, policies, processes, responsibilities and actions on risk management;
2. Review the status of principal risks and management action and assess whether these risks are being managed adequately and effectively based on the Company’s risk appetite;
3. Obtain feedback on the adequacy and effectiveness of risk management and internal control from the senior management, Internal Auditors and External Auditors annually; and
4. Review and ensure that risk disclosure in the annual report are made in compliance with the provisions of the Bursa’s Listing Requirement.

Risk appetite is defined as the amount of risk that the Group is willing to accept in pursuit of its business. The Board will consider its priority, financial position of the Group as well as adequacy of its resources and timing in determining its risk appetite.

Following are management’s responsibilities on risk management:

1. To promote risk awareness culture among the employees of the Group;
2. To educate the heads of departments and line managers of their collective assurance responsibilities to the Board;
3. To monitor and manage risk in accordance with the Group’s risk appetite;
4. To assure the Board that the Group’s risk management and internal control systems are operating adequately and effectively; and
5. To brief the Board on the status of risk and management actions.

The Executive Director and senior management responsible for the management and financial matters respectively shall ensure that the above responsibilities are being carried out and at the same time provide assurance to the Board stating whether the Group’s risk management and internal control systems are operating adequately and effectively.

The annual report shall include meaningful information necessary to assist shareholders’ in understanding the main features of the Group’s risk management processes and systems of internal control. In making its disclosures, the Board shall make reference and comply to the latest Malaysia Code on Corporate Governance, Bursa’s Listing Requirements and Guidelines on risk management and internal control.

The Board shall publish this policy in the Company’s website. The Board shall also review this policy annually and make necessary or desirable amendments to ensure that the policy remains consistent with the Board’s objectives, current regulation requirements and governance best practice. Changes in the policy shall be adopted by the Board with a resolution.