63 Annual Report 2024 RISK GOVERNANCE AND INTERNAL CONTROL CSE GLOBAL RISK MANAGEMENT FRAMEWORK OVERVIEW Risk management is integral to the whole business of the Group. The Group has a system of controls in place to create an acceptable balance between the cost of risks occurring and the cost of managing the risks. CSE’s Board is responsible for governing risks and ensuring that management maintains a sound system of risk management and internal controls to safeguard shareholders’ interests and the company’s assets, and determining the nature and extent of the significant risks which the Board is willing to undertake in achieving its strategic objectives. Assisted by the Audit & Risk Committee (“ARC”), the Board provides valuable advice to management in formulating the risk management framework, policies and guidelines. The ARC oversees how management monitors compliance with the Group’s risk management policies and procedures and reviews the adequacy of the risk management framework in relation to the risks faced by the Group. The ARC is assisted in its oversight role by Internal Audit. Internal Audit undertakes both regular and ad hoc reviews of risk management controls and procedures, the results of which are reported to the ARC. The management continually monitors the Group’s risk management process to ensure that an appropriate balance between risk and control is achieved. Risk management policies and systems are reviewed regularly to reflect changes in market conditions and the Group’s activities. The management surfaces key risk issues for discussion with the ARC and the Board regularly. The internal auditor’s primary role in relation to risk management is to provide management and the board objective assurances in: a. The design of the risk management processes and how well they are working b. The effectiveness in management of key risks c. The reliability and appropriateness in risk assessment and the reporting of the risk and control status The external auditor will provide objective assurance of the effectiveness of risk management and internal controls, particularly within the financial system and reporting. OBJECTIVE The Board has put in place three risk tolerance guiding principles for the Group. These principles serve to determine the nature and extent of the significant risks, which our Board is willing to undertake in achieving its strategic objectives. These principles are: 1. Risk taken should be carefully evaluated, commensurate with rewards and in line with the Group’s core strengths and strategic objectives. 2. No risk arising from a single area of operation, investment or undertaking should be so huge as to endanger the entire Group. 3. The Group does not condone safety breaches or lapses, non compliance with laws and regulations, as well as acts such as fraud, bribery and corruption. CSE ENTERPRISE RISK MANAGEMENT (ERM) FRAMEWORK CSE is committed to establishing an organisation that ensures ‘managing risks’ is an integral part of its business activities and a core capability where ERM is used to support decision-making. In CSE, ERM implementation aims to achieve more specifically the following objectives: • Promote good corporate governance and a sound system of Risk Management and internal controls; • Embed a structured and disciplined approach to systematically identify key risks that will impact CSE’s businesses, assess the likelihood and impact of these risks and develop action plans to treat these risks; • Establish a system to monitor and report key risks to the Group CEO through the Risk Management Committee (RMC) as part of the risk management framework; • Develop and embed an organisational risk culture within CSE; • Enhance compliance with relevant legal and regulatory requirements; and • Minimise unexpected losses and manage expected losses. CSE’s Enterprise Risk Management (ERM) framework provides the Group with a holistic and systematic approach to risk management. It outlines the reporting structure, monitoring mechanisms, processes and tools, as well as policies and limits, in addressing the Group’s key risks.
RkJQdWJsaXNoZXIy NTM2MDQ5