REPORT ON CORPORATE GOVERNANCE
RISK MANAGEMENT AND INTERNAL CONTROLS
(Principle 11)
The Board recognises that it is responsible for risk governance and ensuring that the Management maintains a sound system of
risk management and internal controls to safeguard shareholders’ investments and the Group’s assets. The Board appreciates
that risk management is an on-going process in which the Management continuously participate to evaluate, monitor and report
to the Board and AC on significant risks.
The AC under its Terms of Reference as delegated by the Board, has the responsibility to oversee the Group’s risk management
framework and policies.
The Group has engaged KPMG Services Pte. Ltd. to develop and implement a Board Assurance Framework which includes an
enterprise risk management framework to identify the significant risks facing each major business segment, the potential impact
and likelihood of those risks occurring, the control effectiveness and action plans taken to mitigate those risks. The Group has also
developed a risk governance structure, which provides details on the roles and responsibilities for the Board and Management
in risk monitoring, escalation, mitigation and reporting.
The Group has established key risks indicators with tolerance limits to monitor movements in its significant risks and to proactively
manage them within acceptable levels. These key risk indicators have been reviewed and approved by the Board and they are
also monitored on a quarterly basis.
The internal auditors regularly review all significant controls, policies and procedures and highlight all significant matters to the
Management and the AC.
During FY2014, the Board and AC reviewed the adequacy and effectiveness of the Group’s internal controls in relation to the
significant risks, including financial, operational, compliance and information technology controls, and risk management systems.
Based on the work performed by the external and internal auditors, Management’s representations and Board enquiries and
discussions, the Board is assured that the Group’s risk management and internal controls systems are adequate and effective. In
addition, the Board has received assurance from the Management that the financial records have been properly maintained, that
the financial statements give a true and fair view of the Group’s operations and finances and that the Group’s risk management
and internal control systems are effective.
Based on the internal controls established and maintained by the Group, work performed by the internal and external auditors,
and reviews performed by and assurance from the Management, the internal auditors, various Board Committees and the Board,
the Board, with the concurrence of the AC, is of the opinion that the Group’s system of risk management and internal controls,
addressing financial, operational, compliance and information technology risks, were adequate and effective as at 31 December
2014.
However, the Board is also aware that such a system can only provide reasonable, but not absolute, assurance that the Group
will not be adversely affected by any event that could be reasonably foreseen as it strives to achieve its business objectives. The
Board also notes that no system of internal controls and risk management can provide a complete assurance against human
error, poor judgement in decision making, losses, fraud or other irregularities.
INTERNAL AUDIT
(Principle 13)
The Company’s internal audit function has been outsourced to KPMG Services Pte. Ltd. The internal auditors reported directly
to the Chairman of the AC on audit matters.
In carrying out its duties, the internal auditors have adopted the Standards for Professional Practice of Internal Auditing set by
The Institute of Internal Auditors.
40
THE STRAITS TRADING COMPANY LIMITED ANNUAL REPORT 2014
