67 ANNUAL REPORT 2023 Strategic Operational Financial Technology Compliance RISK GOVERNANCE AND INTERNAL CONTROL As a Group, we adopt a balanced approach to risk management. As not all risks can be eliminated, we will only undertake appropriate and well considered risks to optimise returns for the Group. RISK FACTORS Our financial performance and operations are influenced by a vast range of risk factors. Many of these affect not just our businesses, but also other businesses in and outside the industry. These risks vary widely and many are beyond the Group’s control. There may also be risks that are either presently unknown or not currently assessed as significant, which may later prove to be material. However, we aim to mitigate the exposures through appropriate risk management strategies and internal controls. KEY RISKS A clear and comprehensive risk categorisation is used to define and organise relevant risks to facilitate risk identification, assessment, measurement, monitoring and reporting. STRATEGIC RISKS Associated with the business plans, strategies, and strategic positioning of the enterprise. Have longer term perspective and could result in significant material impact to the business. OPERATIONAL RISKS Associated with the delivery of goods or services to the customers, often relating to people, processes and systems. TECHNOLOGY RISKS Associated with use, ownership, operations, involvement, protection and adoption of IT. Includes IT reliability and continuity, data protection and cyber security. COMPLIANCE RISKS Associated with compliance to regulations imposed by authorities or contractual commitments to business contracts. FINANCIAL RISKS Associated with the financial performance of the business and the recording of business activities in the financial statements. A. STRATEGIC RISK MARKET AND COMPETITION The Group’s strategic risks comprise market and competition risks. These include market driven forces, increased competition and changing customer demands. The Group remains vulnerable to challenges and uncertainties in the industry markets in which it serves, implications from geo-political developments on globalisation and threats of disruptive technology. The Group holds strategy meetings to review business strategies and develop action plans to mitigate against these risks. The ARC guides the Group in formulating and reviewing risk policies and limits. These are subject to periodic reviews to ensure they continue to support business objectives and are aligned to our risk tolerance level. Taking into consideration the prevailing business climate and the Group’s risk appetite, the policies aim to address risks effectively and proactively.
RkJQdWJsaXNoZXIy NTM2MDQ5