Risk Management FORWARD TOGETHER 64 The Group takes a proactive approach in having a sound and robust risk management framework that ensures the Group is ready to meet challenges and seize opportunities through risk-informed decision-making. The risk management programme not only plays an integral part of our business, both strategically and operationally but also aims to create value for ESR’s stakeholders. Our objective is not risk minimisation, but rather the optimisation of opportunities within the known and agreed risk levels set by the Board of Directors (Board). The Group’s Enterprise Risk Management (“ERM”) Framework provides a holistic and systematic approach for the identification, assessment, monitoring and reporting of risks. It is designed to be dynamic with the intent of fostering the right risk culture and responds promptly and effectively in the constant evolving business environment. At ESR, the risk management culture involves both top-down oversight from the Board and management and bottom-up engagement from employees. This ensures a risk approach that is aligned with the Group’s business objectives and strategies and also helps the organisation anticipating its risk exposure, putting mitigating controls in place to counter threats, while pursuing its objectives. STRONG OVERSIGHT AND GOVERNANCE The Board is responsible for determining the Group’s overall risk strategy and governance and maintenance of a sound system of risk management and internal controls in accordance to market practices and regulatory requirements. The Board also approves the risk appetite statements, which set out the nature and extent of risks that can be taken to achieve the Group’s business objectives. The Board reviews the adequacy of the resources involved in establishing the risk management framework across the Group and monitors the independence of risk management function throughout the Group. The Board, which is supported by the Audit Committee, comprises directors, whose collective diverse experience and knowledge serve to provide guidance and strategic insights and oversees the design, implementation and monitoring of risk management within the Group. The Audit Committee comprises three Independent Non-Executive Directors and meets at least twice annually. In establishing an organisation-wide risk governance structure, ESR adopts an ERM Framework which is adapted from ISO 31000 International Risk Management Standards, COSO Internal Control-Integrated Framework and the Task Force on Climate-Related Financial Disclosures (“TCFD”) recommendations. It provides a holistic and consistent process for identifying, assessing, monitoring and reporting of risks. This framework aims to drive risk accountability and ownership at all levels of the organisation, at the same time maintaining the right level of commitment and segregation across stakeholder groups. The Group Risk Management department works closely with the management to continually review and enhance the risk management system in accordance with market practices and regulatory requirements, under the guidance and direction of the Audit Committee and the Board. Major changes to the ERM Framework, risk policies, risk parameters and terms of references are discussed with the Audit Committee. Risk Appetite, Tolerance, Attitudes and Philosophy Risk Strategy Risk Governance Identify Assess Manage Monitor & Report Strategic | Financial | Operational Compliance | Technology | Financial Governance | Compliance Governance | Operational Governance Internal Audit | Delegation of Authority | Whistle blowing | Policy Management Risk Reporting Structures, Roles, Responsibilities, Communication Risk Management Process Iterative and continuous 4-Step Process KeyRisk Categories Key Assurance 1 4 2 3
RkJQdWJsaXNoZXIy MTIwODcxMw==