FIMA CORPORATION BERHAD ANNUAL REPORT 2020

Fima CORPORATION Berhad

(197401004110) (21185-P) •

Annual Report 2020

(c) Issued internal audit reports to the Management on risk management and internal control issues identified from the risk-

based audits together with recommendations for improvements for these processes.

(d) Reported on a quarterly basis to the ARC on significant risk management and internal control issues from the internal audit

reports issued and the results of follow-up of matters reported.

(e) Reported on a quarterly basis to the ARC the achievement of the audit plan and status of GIA function.

(f)

Conducted regular follow-up and monitoring on the implementation of recommendations made by the Group internal audit

function to ensure that appropriate corrective actions are taken on a timely basis or within agreed timelines.

(g) Reviewed the procedures relating to related party transactions entered into by the Group to ensure that the related party

transactions have been conducted on the group’s normal commercial terms and are not to the detriment of the Group’s

minority shareholders.

(h) Revised GIA’s Standard Operating Procedures.

(i)

Reviewed compliance with MS2530-3:2013 Malaysian Sustainability Palm Oil (“MSPO”) Certification Standard of Part 3:

General Principles for Oil Palm Plantations and Organised Smallholders requirements for all estates operated by the Group.

(j)

Preparation of the Audit and Risk Committee Report and Statement on Risk Management and Internal Control for the

Company’s 2019 Annual Report.

During financial year, eleven (11) internal audit reports were issued on various operating units of the Group covering reviews on

control environment, risk management, revenue assurance, procurement, finance, human resource, occupational safety and

health and MSPO regulatory compliances and operations.

ENTERPRISE RISK MANAGEMENT (“ERM”)

The Group’s riskmanagement framework is generally alignedwith the principles of MS ISO31000:2010 RiskManagement – Principles

and Guidelines, encompassing the features such as risk management processes, organizational oversight i.e. the accountability and

responsibility for each reporting functions, and continual improvement of the framework. The framework provides the foundation

and arrangement for the Group in managing the risks adequately. Systematic approach and process in managing risks and risk

mitigation plans such as risks identification, evaluating, treating, monitoring, reviewing and reporting have been developed and

further defined in the risk management policies and procedures which offers guide to risk owners in implementing effective and

efficient risk management aligned with the business objectives.

The Risk Management Committee which has been renamed as Risk Steering Committee (“RSC”) on 22 July 2020 is established to

assist the Board, ARC and Management in implementing effective risk management activities for the Group. The RSC principally

conducts the risk reviewprocess across the business units within the Group and ensure that the process of assessing risk, control and

governance, including operational and financial controls, business ethics and compliance, are properly managed and monitored

according to the ERM policies and procedures. The ARC after conducting overall ERM implementation review, is satisfied with the

RSC effectiveness in facilitating the ERM activities for the group during the financial year.

The RSC communicates to the Management, ARC and the Board the present and potential critical risks the Group faces, their

changes and the Management action plans to manage these risks. The RSC is assisted by the GIA in facilitating the implementation

and monitoring of the risk management activities. Below is the structure of ERM reporting established within the Group.

ENTERPRISE RISK MANAGEMENT REPORTING STRUCTURE

Board of Directors

Audit and Risk Committee

Risk Steering Committee

Risk Management Unit

Risk Management Function

(Risk owners/Control owners)

Group Internal Audit Department

Line of Defence