ESR Group ESG Report 2022 EN

51 Environmental, Social and Governance Report 2022 PILLAR 3: CORPORATE PERFORMANCE Risk Management & Compliance ENTERPRISE RISK MANAGEMENT The Group’s Enterprise Risk Management (ERM) Framework provides a holistic and systematic approach for the identification, assessment, monitoring and reporting of risks, including topics covered by our ESG Framework. The ERM Framework is designed to be dynamic with the intent of fostering the right risk culture and responds promptly and effectively in the constant evolving business environment. The ERM Framework is adapted from ISO 31000 International Risk Management Standards, COSO Internal Control-Integrated Framework and the TCFD recommendations. In addition, the Group has also developed internal key risk indicators that serve as an early-warning system to highlight risks that have escalated beyond the agreed tolerance levels, including climaterelated indicators. We have established required follow-up actions when risk thresholds are breached. 4th Line of Defence: Board Oversight 3rd Line of Defence: Independence Assurance 2nd Line of Defence: Management and Assurance People Processes Systems Risk Management Compliance 1st Line of Defence: Business Governance/Policy Management Operational Governance Financial Governance Policy Management Internal / External Audit From the front lines to the four lines of defence, the top-down and bottom-up risk review processes are integral to ESR’s risk management culture and management strategy. To proactively identify and analyse sustainability-related risks and opportunities, we evaluate material ESG risks and integrate the findings into our operational and risk framework. Throughout the year, the ESG Committee tracks and examines market trends and indicators with the help of external experts and consultants to ensure that the sustainability-related risks are relevant to our business. When integrating ESG related risks within the ERM Framework, we have identified sustainability and climate change risk as one of the key risks within our Group risk profile. We have assessed the potential drivers, likelihood of the risk occurring and consequences, as well as mitigating controls that are put in place to manage the risk. Key updates on material changes to our risk profiles, activities and controls are presented to senior management, Audit Committee and Board of Directors for regular reviews and discussions on a half-yearly basis during board meetings. In addition, we consider the impact of emerging risks over a long-term horizon. As the world transitions to a low-carbon economy, climate change poses both physical and transition risks which will have medium and long-term effects on our business. We also stay vigilant of rising threats posed by sophisticated and prevalent cyberattacks. Guided by the Group’s ERM Framework, we have identified climate change and cybersecurity concerns as long-term emerging risks and established mitigating measures to manage these risks to an acceptable level. More details on the impacts and mitigation measures to address these emerging risks are included in the Risk Management section in Page 64 to 69 of our 2022 Annual Report, as well as the Climate Change Resilience section under Pillar 2: Property Portfolio of this report.

RkJQdWJsaXNoZXIy MTIwODcxMw==