39

AEMULUS HOLDINGS BERHAD

TA R G E T I N G T H E B U L L’ S E Y E

Statement on Risk Management

and Internal Control

(Cont’d)

INTRODUCTION

The Malaysian Code of Corporate Governance 2012 requires listed companies to maintain a sound system of internal controls

to safeguard shareholders’ investment and the Group’s assets.

Guided by the Statement on Risk Management and Internal Control: Guidance for Directors of Public Listed Companies, the

Board of Directors of Aemulus Holdings Berhad is pleased to present the Statement on Risk Management and Internal Control

which is prepared in accordance with Paragraph 15.26(b) of the ACE Market Listing Requirements of Bursa Malaysia Securities

Berhad.

RESPONSIBILITY FOR RISK MANAGEMENT AND INTERNAL CONTROL

The Board recognises its overall responsibility for the Group’s systems of internal control and for reviewing the adequacy

and integrity of those systems. In view of the limitations that are inherent in any systems of internal control, the systems

of internal control are designed to manage risk within tolerable levels rather than eliminate the risk of failure to achieve

business objectives. Hence, such system by its nature can only provide reasonable and not absolute assurance against material

misstatement, error or losses.

The Board has established an ongoing process for identifying, evaluating and managing the significant risks faced, or

potentially exposed to, by the Group in pursuing its business objectives. This process has been in place throughout the

financial year and up to the date of approval of the annual report. The adequacy and effectiveness of this process have been

continually reviewed by the Board and are in accordance with the Internal Control Guidance.

RISK MANAGEMENT FRAMEWORK

The Board practises proactive risks identification in the processes and activities of the Group, particularly in major proposed

transactions, changes in nature of activities and/or operating environment, or venturing into new operating environment which

may entail different risks, and assesses the appropriate risk response strategies and controls. Day-to-day risk management

of operations are delegated to key management staff and Head of Department to manage identified risks within defined

parameters.

Periodic meetings attended by Head of Department and key management staff are held to discuss key operational issues,

business performance matters and appropriate mitigating controls, when necessary.

INTERNAL AUDIT

The Board acknowledges the importance of internal audit function and has outsourced its internal audit function to an

independent professional accounting and consulting firm, BDO Governance Advisory Sdn Bhd as part of its efforts to provide

adequate and effective internal control systems. The performance of internal audit function is carried out as per the annual

audit plan approved by the Audit Committee.

The internal audit adopts a risk-based approach in developing its audit plan which addresses all the core auditable areas of

the Group based on their risk profile. The audit focuses on high risk area to ensure that an adequate action plan has in place

to improve the controls in place. The audit ascertains that the risks are effectively mitigated by the controls. On a quarterly

basis or earlier as appropriate, the internal auditors report to the Audit Committee on areas for improvement. The highlighted

areas will be followed up closely to determine the extent of their recommendations that have been implemented by the

management.