Terms of Reference-The Audit and Risk Management Committee

1.0 OBJECTIVES

This Audit and Risk Management Committee’s (“ARMC”) Terms of Reference (“TOR”) is established pursuant to the ACE Market Listing Requirements of Bursa Malaysia Securities Berhad (“Bursa Securities”) (“Listing Requirements”) and approved by the Board of Directors of the Company (“Board”).

The primary objectives of the ARMC are to assist the Board in discharging its statutory duties and responsibilities relating to accounting and financial reporting practices of the Company and its subsidiaries (“Group”).

In addition, the ARMC shall assist the Board:-

  • in complying with specified accounting standards and required disclosure as administered by Bursa Securities, relevant accounting standards bodies, and any other laws and regulations as amended from time to time;
  • in presenting a balanced and understandable assessment of the Company’s position and prospects;
  • in establishing a formal and transparent arrangement for maintaining an appropriate relationship with the Company’s internal and external auditors and overseeing and appraising the quality of audit conducted by the Company’s internal and external auditors;
  • in determining the adequacy of the Group’s administrative, operating and accounting controls; and
  • undertake any such other functions as may be determined by the Board from time to time.

2.0 COMPOSITION

The ARMC shall be appointed by the Board from its members pursuant to a resolution of the Board and must fulfil the following requirements:-

  • The ARMC must comprise at least three (3) members, consisting wholly of non-executive Directors, with a majority of them being independent directors.
  • At least one (1) member of the AC must be:-
  • a member of the Malaysian Institute of Accountant (“MIA”); or
  • if he is not a member of MIA, he must have at least three (3) years of working experience and:
    • he must have passed the examinations specified in Part I of the First Schedule of the Accountants Act 1967; or
    • he must be a member of one of the associations of the accountants specified in Part II of the First Schedule of the Accountants Act 1967; or
  • fulfils such other requirements as prescribed or approved by Bursa Securities.
  • The Chairman of the ARMC must be an independent director and is not the Chairman of the Board.
  • No alternate Director shall be appointed as a member of the ARMC.
  • In the event of any vacancy resulting in non-compliance of (a), (b), (c) and (d) above, the Board shall upon the recommendation of the Nomination Committee, appoint such number of Directors to fill up such vacancy within three (3) months of the event.

All members of the ARMC, including the Chairman, will hold office only so long as they serve as Directors of the Company. The Board must review the term of office and performance of the ARMC, and each of its members, annually to determine whether the ARMC has carried out its duties in accordance with its Terms of Reference.

The ARMC has a policy that requires a former key audit partner who was part of the engagement team who made key decisions or judgments on significant matters with respect of the audit of the financial statements of the group, to observe a cooling-off period of at least two years before being appointed as a member of the ARMC.

3.0 SECRETARY

The Secretary of the Company shall be the Secretary of the ARMC. The Secretary plays an important role in organising and providing assistance at ARMC Meetings and has the following key responsibilities:-

  • Ensure meetings are arranged and held accordingly;
  • Assist the Chairman in planning the ARMC’s activities;
  • Draw up meeting agendas in consultation with the ARMC Chairman, maintain the minutes, and draft its scheduled activities for the financial year;
  • Ensure structured communications channels between the Board and the ARMC;
  • Ensure proceedings of meetings are recorded and the minutes circulated to, and confirmed by the ARMC before disseminating them to the Board; and
  • Ensure ARMC recommendations presented to the Board are supported by papers, including minutes that explain the rationale for the committee’s recommendations.

4.0 MEETINGS

  • The ARMC shall hold at least four (4) regular meetings per year, with due notice of issues to be discussed and shall record its conclusions in discharging its duties and responsibilities. Additional meetings may be called at any time, at the discretion of the Chairman of the ARMC.
  • The quorum for a meeting shall be two (2) members of the ARMC, who must both be Independent Directors.
  • The Executive Directors and other appropriate officer(s) may be invited to attend where their presence are considered appropriate as determined by the ARMC Chairman. Other Board members, employees of the Company and representatives of the External Auditors may attend meetings upon the invitation of the ARMC.
  • The internal and/or external auditors have the right to appear and be heard at any meeting of the ARMC and are recommended to attend each ARMC meeting to discuss their audit findings and recommendations relating to such findings.
  • The ARMC shall meet at least twice a year with the internal and/or external auditors without the presence of executive Board members and the Senior Management. Upon the request of the internal and/or external auditors, the ARMC Chairman shall also convene a meeting of the ARMC to consider any matter the auditor(s) believes should be brought to the attention of the Board or the shareholders.
  • Subject to paragraph (a) above, in appropriate circumstances, the ARMC may deal with matters by way of circular reports and resolutions in lieu of convening a formal meeting. A resolution in writing signed by all members in lieu of convening a formal meeting shall be as valid and effectual as it had been passed at a meeting of the ARMC duly convened and held. Any such resolution may consist of several documents in like form, each signed by one or more members.

5.0 AUTHORITY

In carrying out its duties and responsibilities, the ARMC shall have the following rights:-

  • the explicit authority to investigate any matter within its Terms of Reference;
  • access to the resources which are required to perform its duties;
  • full, free and unrestricted access to any information, records, properties and personnel of the Group;
  • direct communication channels with the internal and external auditors;
  • ability to obtain independent professional or other advice at the Company’s costs, and to invite external parties with relevant experience to attend the ARMC meetings, if required, and to brief the ARMC thereof;
  • ability to convene meetings with internal and/or external auditors, whenever deemed necessary, excluding the attendance of other Directors and employees of the Company;
  • promptly report to Bursa Securities where a matter reported by the ARMC to the Board has not been satisfactorily resolved resulting in a breach of the Listing Requirements;
  • the attendance of any particular ARMC meeting by other Directors and employees of the Company shall be at the ARMC’s invitation and discretion, and specific to that relevant meeting only; and
  • meet among itself exclusively, whenever deemed necessary.

6.0 RESPONSIBILITIES AND DUTIES

In fulfilling its primary objectives, the ARMC undertakes, amongst others, the following responsibilities and duties:-

External Audit

  • To consider the nomination and appointment/re-appointment of external auditors; and to consider the adequacy of experience and resources of the external auditors and determine the audit fee;
  • To review any letter of resignation from the external auditors and any issues regarding resignation or dismissal of external auditors;
  • To discuss with the external auditors, prior to the commencement of audit, the audit plan which states the nature and scope of audit and ensure co-ordination where more than one audit firm is involved in the audit;
  • To review major audit findings arising from the interim and final external audits, the audit report and the assistance given by the Group’s employees to the external auditors;
  • To review with the External Auditors, their evaluation of the system of internal controls, their management letter and management’s responses;
  • To review whether there is reason (supported by grounds) to believe that the External Auditors are not suitable for re-appointment; and
  • Discuss the contracts for the provision of non-audit services which can be entered into and procedures that must be followed by the External Auditors.

Internal Audit

  • To review adequacy of scope, functions competency and resources of the internal audit function (including firm that was engaged to undertake the internal audit function) and that it has the necessary authority to carry out its work;
  • To review the internal audit programme and results of the internal audit process and, where necessary, ensure that appropriate actions are taken on the recommendations of the internal audit function;
  • To review the major findings of internal audit investigations and management’s response, and ensure that appropriate actions are taken on the recommendations of the internal audit function; and
  • To review and approve any appointment, termination or resignation of the firm of internal auditors.

Risk Management

  • To review the adequacy of Group’s risk management framework and assess the resources and knowledge of the Management and employee involved in the risk management process;
  • To review the effectiveness of internal control systems deployed by the Management to address those risks;
  • To review and recommend corrective measures undertaken to remedy failings and/or weaknesses;
  • To review and further monitor principal risks that may affect the Group directly or indirectly that if deemed necessary, recommend additional course of action to mitigate such risks;
  • To monitor and communicate the risk assessment results to the Board; and
  • To assess the actual and potential impact of any failure or weakness, particularly those related to financial performance or conditions affecting the Group.

Whistleblowing

The ARMC shall review the Group’s arrangements for its employees to raise concerns, in confidence, about possible wrongdoing in financial reporting or other matters. The ARMC shall ensure that these arrangements allow proportionate and independent investigation of such matters and appropriate follow up action.

Others

  • To review the Company’s quarterly results, year-end annual financial statements of the Group and Annual Report before submission to the Board for approval, focusing on:-
    • compliance with applicable financial and reporting standards as well as regulatory requirements;
    • the going concern assumption;
    • any changes in or implementation of major accounting policies and practices; and
    • significant matters highlighted including financial reporting issues, significant judgments made by management, significant and unusual events or transactions, and how these matters are addressed.
  • To review any related party transaction and conflict of interest situation that may arise within the Group including any transaction, procedure or course of conduct that raises questions of management integrity;
    • in respect of related party transaction, including recurrent related party transactions, to:
      • ensure that the Group has adequate procedures and processes to identify, and where relevant, monitor and track related party transactions in a timely manner, and to review these procedures and processes annually;
      • assess the sufficiency of the procedures, policies and terms of the related party transactions to ensure that the transactions are fair, reasonable and on normal commercial terms; are not more favourable to the related party than those generally available to the public and are not detrimental to minority shareholders and in the best interest of the Group;
      • where the related party transactions are not comparable to quotations or comparative pricing with unrelated third parties, to review the basis of the transaction price determined by the management in comparison to transactions by/ to unrelated parties for substantially similar type transaction for approval by the Board; and
      • related party transactions and conflict of interest situations shall be a permanent agenda item of the AC meeting.
  • Review the Audit and Risk Management Committee Report for inclusion in the Company’s Annual Report;
  • Review the statement with regard to the state of risk management and internal controls of the Group for inclusion in the Annual Report and report the same to the Board;
  • Oversee the Company’s internal control structure to ensure operational effectiveness and efficiency, reduce risk of inaccurate financial reporting, protect the Company’s assets from misappropriation and encourage legal and regulatory compliance;
  • To promptly report to Bursa Securities if it is of the view that a matter reported by it to the Board has not been satisfactorily resolved resulting in a breach of the Listing Requirements; and
  • To consider any other functions as may be agreed between the ARMC and the Board.

7.0 THE COMMITTEE’S ETHICS AND PROCEDURES

All members of the ARMC shall safeguard all internal communications and treat them as strictly private and confidential, and for the use of the ARMC members only. The ARMC shall work diligently amongst the members of the Board and adhere to all applicable laws and regulations as wells as the prescriptions rendered in the Code of Conduct and Ethics.

8.0 REVIEW OF THE TERMS AND REFERENCE

The ARMC TOR shall be reviewed periodically, especially when there are changes to the Listing Requirements, the Malaysian Code on Corporate Governance 2017 and Companies Act 2016 or at least once every three (3) years. All amendments to the TOR of the ARMC must be approved by the Board.