The Board of Directors has established a Committee of the Board to be known as the Audit and Risk Management Committee.
2. COMPOSITION OF AUDIT AND RISK MANAGEMENT COMMITTEE
- The Audit and Risk Management Committee shall be appointed by the Board of Directors from amongst their members and shall consist of at least three (3) members, the majority of whom are independent directors. All members of the Audit and Risk Management Committee shall be non-executive directors.
- At least one member of the Audit and Risk Management Committee shall be a member of the Malaysian Institute of Accountants or possess at least three (3) years’ working experience and has passed the examinations sets out in Part I of the First Schedule or a member of one of the associations of accountants set out in Part II of the First Schedule of the Accountants Act, 1967 respectively or fulfils such other requirements as prescribed or approved by Bursa Malaysia Securities Berhad (“Bursa Securities”).
- No alternate Director(s) shall be appointed to be member(s) of the Audit and Risk Management Committee.
- The members of the Audit and Risk Management Committee shall elect a Chairman from amongst its members who shall be an Independent Non-Executive Director.
- The Board must ensure that the Chief Executive Officer shall not be a member of the Audit and Risk Management Committee.
- The Board must review the term of office and performance of the Audit and Risk Management Committee and each of its members at least once every 3 years to determine whether such Audit and Risk Management Committee and members have carried out their duties in accordance with their terms of reference.
(a) Frequency of Meeting
- The Audit and Risk Management Committee shall meet not less than four (4) times a year and as many times as the Audit and Risk Management Committee deems necessary with due notice of issues to be discussed.
(b) Proceedings of Meeting
- At least four (4) meetings are held in a year. However, meetings are also held as and when required or upon the request of the external auditors to consider any matters that the external auditors believe should be brought to the attention of the Directors and/or shareholders.
- The quorum for meeting of the Audit and Risk Management Committee shall be two (2) members of which the majority of members’ present must be Independent Non-Executive Directors.
- The agenda of the Audit and Risk Management Committee meetings shall be circulated before each meeting to members of the Audit and Risk Management Committee. The Audit and Risk Management Committee may require the external auditors and any officer of the Company to attend any of its meetings as it determines.
- If at any meeting, the Chairman of the Audit and Risk Management Committee is not present within fifteen (15) minutes of the time appointed for holding the same, the members of the Audit and Risk Management Committee present shall choose one of their number who shall be an Independent Non-Executive Director to be Chairman of such meeting.
- The Company Secretary shall be the Secretary of the Audit and Risk Management Committee.
Questions arising at any meeting shall be decided by a majority of votes. In case of an equality of votes, the Chairman of the Audit and Risk Management Committee shall have a second or casting vote.
(c) Attendance at Meeting
- The presence of external auditors and internal auditors (if any) at any meeting of the Audit and Risk Management Committee can be requested if required by the Audit and Risk Management Committee.
- Other members of the Board and officers of the Company and its Group may attend the meeting (specific to the relevant meeting) upon the invitation of the Audit and Risk Management Committee.
- The Audit and Risk Management Committee shall meet with external auditors without Executive Directors present at least twice a year.
(d) Keeping and Inspection of Minutes
- The Company shall cause minutes of all proceedings of the Audit and Risk Management Committee Meeting to be entered in books kept for that purpose within 14 days of the date upon when the relevant meeting was held.
- Those minutes to be signed by the Chairman of the Audit and Risk Management Committee Meeting at which the proceedings were had or by the Chairman of the next succeeding meeting shall be evidence of the proceedings to which it relates.
- The books containing the minutes of proceedings of the Audit and Risk Management Committee Meeting shall be kept by the Company at the place to be determined by the Board, and shall be open to the inspection of any members of the Board of Directors or Audit and Risk Management Committee members without charge.
The minutes of the Audit and Risk Management Committee Meeting shall be circulated to the members of the Board for notation.
The Audit and Risk Management Committee shall in accordance with the procedure determined by the Board and at the cost of the Company: -
(a) have the authority to appoint the Internal Auditor of the Company and establish an internal audit function which is independent of the activities and ensure that the Internal Auditor reports directly to the Audit and Risk Management Committee;
(b) have explicit authority to investigate any matter within the terms of reference;
(c) have the resources which the Audit and Risk Management Committee requires to perform the duties;
(d) have full and unrestricted access to any information which the Audit and Risk Management Committee requires in the course of performing the duties;
(e) have unrestricted access to the Chief Executive Officer of the Company;
(f) have direct communication channels with the external auditors and persons carrying out the internal audit function or activity (if any);
(g) be able to obtain independent professional or other advice in the performance of its duties at the cost of the Company;
(h) be able to invite outsiders with relevant experience to attend its meetings, if necessary;
(i) be able to convene meetings with the external auditors, the internal auditors or both, excluding the attendance of other executive Board members and employees of the Company, whenever deemed necessary; and
be able to oversee, consider, assess and monitor the risk management activities of the Group, approve the appropriate risk management procedures and measure the methodologies across the organisation as well as identify and manage the strategic business risks of the Group.
5. DUTIES AND RESPONSIBILITY
The duties and responsibilities of the Audit and Risk Management Committee shall include the following: -
(a) Matters relating to External Audit: -
- To consider the appointment of the external auditors, the audit fee and any question of resignation or dismissal;
- To review the nature, scope and quality of external audit plan/arrangements;
- To review quarterly and annual financial statements of the Company, before submission to the Board, focusing in particular on the going concern assumption, compliance with accounting standards and regulatory requirements, any changes in accounting policies and practices, significant issues arising from the audit and major judgement issues;
- To review the external auditors’ audit report on the financial statement;
- To review any management letter sent by the external auditors to the Company and the management’s response to such letter;
- To review any letter of resignation from the external auditors;
- To consider and review whether there is reason (supported by grounds) to believe that the Company’s external auditors are not suitable for re-appointment;
- To review the assistance given by the Company’s officers to the external auditors;
- To discuss problems and reservations arising from the interim and final audits on any significant audit findings, reservations, difficulties encountered or material weakness reported; and
To review any related party transaction and conflict of interest situation that may arise within the Company or group including any transaction, procedure or course of conduct that raises questions of management integrity.
(b) Matters relating to Internal Audit function, if any exists: -
- To review the adequacy of the scope, functions, competency and resources of the internal audit functions and that has the necessary authority to carry out the work;
- To review the internal audit programme, processes, the results of the internal audit programme, processes or investigation undertaken and where necessary ensure that appropriate actions are taken on the recommendations of the internal audit function;
- To review the follow up actions by the management on the weakness of internal accounting procedures and controls;
- To review on all areas of significant financial risk and the arrangements in place to contain those risks to acceptable levels;
- To review the assistance and co-operation given by the Company and its officers to the internal auditors;
- To review any appraisal or assessment of the performance of staff of the internal audit function, compliance with accounting standards and regulatory requirements, any changes in accounting policies and practices, significant issues arising from the audit and major judgement issues;
- To approve any appointment or termination of senior staff members of the internal audit function; and
To review any letter of resignation of internal audit staff members and provide the resigning staff member an opportunity to submit his reasons for resigning.
(c) Matters relating to Risk Management and Internal Control Functions: -
- To review the adequacy and integrity of internal control systems, including risk management and management of information system;
- To identify the principal risks in achievement of the Company’s objectives and ensure that the implementation of appropriate systems to manage these risks;
- To review and monitor the business and financial risks facing by the Group and to ensure that all high impact risks are adequately managed at various levels within the Group;
- To review and rate the risks of auditable areas and ensure that all high and critical risk areas are audited annually;
- To review the effectiveness of overall risk management and ensure that all the key risks and control lapses have been addressed;
- To oversee the risk management activities of the Group and ensure compliance and effective implementation of risk policy and objectives; and
- To provide assurance of the adequacy and reliability of the risk management processes in compliance with risk-related regulatory requirements.
(d) Roles and Rights of the Audit and Risk Management Committee: -
- To consider and review any significant transactions which are not within the normal course of business and any related party transactions that may arise within the Company and the Group;
- To report to Bursa Securities on any matter reported by the Board of the Company which has not been satisfactorily resolved resulting in a breach of the Bursa Securities Listing Requirements for Main Market; and
To carry out any other function that may be mutually agreed upon by the Audit and Risk Management Committee and the Board which would be beneficial to the Company and ensure the effective discharge of the Audit and Risk Management Committee’s duties and responsibilities.
(e) Retirement and Resignation of Member of Audit and Risk Management Committee:
- A member of the Audit and Risk Management Committee who wishes to retire or resign should provide sufficient written notice to the Company so that a replacement may be appointed before he leaves.
- In the event of any vacancy in the Audit and Risk Management Committee, the Company shall fill the vacancy within two (2) months, but in any case not later than three (3) months.