RESPONSIBILITIES OF THE BOARD The Board is committed to implementing and maintaining a robust risk management and internal control environment and is responsible for the system of risk management and internal control. The Board acknowledges that the risk management and internal control systems are designed to manage and minimise risks as it may not be possible to totally eliminate the occurrence of unforeseeable circumstances or losses. RISK MANAGEMENT COMMITTEE The Board has delegated the governance of Group risk to the Risk Management Committee (“RMC”). The RMC was established in the year 2018 and comprises three (3) Non-Executive Directors with a majority of Independent Directors. The RMC enables the Board to undertake and evaluate key areas of risk exposures. The primary responsibilities of the RMC are as follows: • To oversee and recommend the Enterprise Ri sk Management ( “ERM” ) st rategies , frameworks and policies of the Group. • To implement and maintain sound ERM frameworks, which identify, assess, manage and monitor the Group’s strategic, financial, operational and compliance risks. • To implement and monitor Business Continuity Plans (“BCP”) with procedures and systems to restore critical business functions in the event of any unplanned disaster. • To develop and inculcate a risk awareness culture within the Group. In fulfilling its responsibilities in risk management, the RMC is assisted by the Risk Management Department (“RMD”) MANAGEMENT The Management team is responsible for ensuring that policies and procedures on risk and internal control are effectively implemented. The Management team is accountable for identifying and evaluating risks as well as achieving business goals and objectives within the risk appetite parameters approved by the Board. RISK MANAGEMENT DEPARTMENT The Risk Management and Business Continuity Management framework is coordinated by the RMD in accordance with ISO 31000 and ISO 22301 standards. The RMD develops risk policies, sets minimum standards, provides guidance on risk related matters, coordinates risk management activities with other departments, as well as monitors the Group’s risks. The RMD’s principal roles and responsibilities are as follows: • Review and update risk management methodologies, specifically those related to the identification, measuring, controlling, monitoring and reporting of risks • Provide risk management training and workshops • Review risk profiles and mitigation plans of departments • Identify and inform the RMC and Management of critical risks faced by the Group • Monitor action plans for managing critical risks AUDIT COMMITTEE The Audit Committee (“AC”) monitors the adequacy and effectiveness of the system of internal controls through a review of the results of work performed by the Group Internal Audit Department (“GIAD”) and External Auditors and discussions with Senior Management. The AC, established by the Board in the year 2018, comprises two (2) Independent Non-Executive Directors and one (1) Non-Independent Non-Executive Director. The AC Report is disclosed on pages 174 to 177 of this Annual Report. The duties and responsibilities of the AC are set out in its Terms of Reference which is available on the Group’s corporate website at (https:// capitala.airasia.com/misc/terms-of-reference-of-audit-committees_v3.pdf). As part of our corporate governance and in line with best practices, Capital A Berhad (formerly known as AirAsia Group Berhad) (“Capital A” or “the Company”) is committed to maintaining a comprehensive and robust risk management and internal control system. The Board of Directors (“the Board”) of the Group is guided by the requirements set out within Paragraph 15.26 (b) of the Main Market Listing Requirements (“MMLR”) issued by Bursa Malaysia Securities Berhad as well as the Malaysian Code on Corporate Governance 2021 released by the Securities Commission Malaysia. The following statement outlines the nature and scope of the Group’s risk management framework and internal controls for the financial year ended 2021 (“Financial Year”). 1 7 8 C A P I T A L A B E R H A D Statement on Risk Management & Internal Control
RkJQdWJsaXNoZXIy ODU0MjU5