TAN CHONG MOTOR HOLDINGS BERHAD
Annual Report 2014
26
INTERNAL CONTROL STATEMENT
Paragraph 15.26 (b) and Practice Note 9 of the Main Market Listing Requirements of Bursa Malaysia Securities Berhad require
the Board of a listed issuer to include in its Annual Report a statement on the state of risk management and internal control of
the listed issuer as a Group, referring to paragraphs 40, 41 and 42 of the Statement on Risk Management & Internal Control:
Guidelines for Directors of Listed Issuers in respect of the information to be disclosed therein. Accordingly, the Board of
Directors is pleased to provide the following statement which outlines the nature and scope of risk management and internal
control of the Group during the financial year ended 31 December 2014.
BOARD RESPONSIBILITY
The Board acknowledges its responsibility for maintaining a sound system of risk management and internal control to
safeguard shareholders’ investments and the Group’s assets and for reviewing the adequacy and effectiveness of the
risk management and internal control system. The system of risk management and internal control of the Group covers all
aspects of its business. In view of the limitations inherent in any systems, the Board is aware that the system is designed
to manage, rather than to eliminate, the risk of failure to achieve the Group’s corporate objectives. Accordingly, the system
can only provide reasonable, but not absolute assurance against material misstatement, loss or fraud.
RISK MANAGEMENT AND INTERNAL CONTROL STRUCTURE
Risk management and internal control are regarded as an integral part of the Group’s overall management processes. The
following represents some of the key elements of the Group’s risk management and internal control structure:
(i)
An organizational structure in the Group with formally defined lines of responsibility and delegation of authority;
(ii) Review and approval of annual business plan and budget of all major business units by the Board. This plan sets out the
key business objectives of the respective business units, the major risks and opportunities in the operations and ensuing
action plans;
(iii) Quarterly review of the Group’s business performance by the Board, which also covers the assessment of the impact of
changes in business and competitive environment;
(iv) Active participation and involvement by the President, Executive Vice Presidents and Chief Financial Officer in the
day-to-day running of the major businesses and regular discussions with the Management of smaller business units on
operational issues; and
(v) Monthly financial reporting by the subsidiaries to the holding company.
The Board Risk Management Committee (“BRMC”) oversees the risk management framework of the Group, reviews the risk
management policies formulated by Management and makes relevant recommendations to the Board for approval. This
enables the Management to identify, evaluate, control, monitor and report to the Board the principal business risks faced
by the Group on an ongoing basis, including remedial measures to be taken to address the risks. The Group continues to
maintain and review its risk management and internal control procedures to ensure, as far as possible, the protection of its
assets and its shareholders’ investments.
A Fraud Prevention Policy, supplemented by a Special Complaints Policy (“Policies”) has been adopted by the Group with the
aims to provide broad principles, strategy and policy for the Group to adopt in relation to fraud to promote high standard of
integrity. The Policies define and highlight the roles and responsibilities at every level for preventing and responding to fraud.
This process serves as a platform for the timely identification, evaluation and management of significant risks affecting the
business.
The risk management and internal control processes of the Group are further supported by formalized limits of authority for
different management levels. Matters beyond the formalized limits of authority for Management are referred upward to the
Board for approval. Group support functions such as Finance and Administration, Taxation, Treasury, Risk Management,
Internal Audit, Secretarial, Legal, Human Resources, Insurance and Information System play a vital role in the overall risk
management and internal control processes of the Group. Various management committees have been established to
manage and control the Group’s businesses.
The Board has received assurance from the Management that the Group’s risk management and internal control system is
operating adequately and effectively, in all material aspects.
