RISK MANAGEMENT AND INTERNAL CONTROLS
9 The Board is responsible for the governance of risk and ensures that Management maintains a sound system of risk management and internal controls, to safeguard the interests of the company and its shareholders17.
9.1 The Board determines the nature and extent of the significant risks which the company is willing to take in achieving its strategic objectives and value creation. The Board sets up a Board Risk Committee to specifically address this, if appropriate.
9.2 The Board requires and discloses in the company's annual report that it has received assurance from:
(a) the CEO and the Chief Financial Officer ("CFO") that the financial records have been properly maintained and the financial statements give a true and fair view of the company's operations and finances; and
(b) the CEO and other key management personnel who are responsible, regarding the adequacy and effectiveness of the company's risk management and internal control systems.
10 The Board has an Audit Committee ("AC")18 which discharges its duties objectively.
10.1 The duties of the AC include:
(a) reviewing the significant financial reporting issues and judgements so as to ensure the integrity of the financial statements of the company and any announcements relating to the company's financial performance;
(b) reviewing at least annually the adequacy and effectiveness of the company's internal controls and risk management systems;
(c) reviewing the assurance from the CEO and the CFO on the financial records and financial statements;
(d) making recommendations to the Board on: (i) the proposals to the shareholders on the appointment and removal of external auditors; and (ii) the remuneration and terms of engagement of the external auditors;
(e) reviewing the adequacy, effectiveness, independence, scope and results of the external audit and the company's internal audit function; and
(f) reviewing the policy and arrangements for concerns about possible improprieties in financial reporting or other matters to be safely raised, independently investigated and appropriately followed up on. The company publicly discloses, and clearly communicates to employees, the existence of a whistle-blowing policy and procedures for raising such concerns.
10.2 The AC comprises at least three directors, all of whom are non-executive and the majority of whom, including the AC Chairman, are independent. At least two members, including the AC Chairman, have recent and relevant accounting or related financial management expertise or experience.
10.3 The AC does not comprise former partners or directors of the company's existing auditing firm or auditing corporation: (a) within a period of two years commencing on the date of their ceasing to be a partner of the auditing firm or director of the auditing corporation; and in any case, (b) for as long as they have any financial interest in the auditing firm or auditing corporation.
10.4 The primary reporting line of the internal audit function is to the AC, which also decides on the appointment, termination and remuneration of the head of the internal audit function. The internal audit function has unfettered access to all the company's documents, records, properties and personnel, including the AC, and has appropriate standing within the company.
10.5 The AC meets with the external auditors, and with the internal auditors, in each case without the presence of Management, at least annually.
17 Rule 610(5) and Rule 719(1) of the SGX Listing Rules (Mainboard) / Rule 407(4)(b) and Rule 719(1) of the SGX Listing Rules (Catalist) require the Board to comment on the adequacy and effectiveness of the company's internal controls and risk management systems, and the AC's concurrence with the Board's comments. Where either the Board or the AC comments that the issuer's group's internal controls or risk management systems have weaknesses, the issuer must provide clear disclosure on the weaknesses and the steps taken to address them.
18 Rule 210(5)(e) of the SGX Listing Rules (Mainboard) / Rule 406(3)(e) of the SGX Listing Rules (Catalist) requires companies to establish one or more committees as may be necessary to perform the functions of an audit committee, a nominating committee and a remuneration committee. Each committee formed should have written terms of reference which clearly set out the authority and duties of the committee.