INTRODUCTION
The Board of Directors (“the Board”) is pleased to present its Statement on Risk Management and Internal Control for inclusion in the Annual Report 2020 of WCT Holdings Berhad (“WCT” or “Company”). This statement serves to outline the nature and scope of risk management and internal control system of the Company and its subsidiaries (“Group”) for the financial year ended 31 December 2020 (“FYE2020”). This Statement is prepared pursuant to paragraph 15.26(b) of the Main Market Listing Requirements (“MMLR”) of Bursa Malaysia Securities Berhad (“Bursa Securities”) and guided by the “Statement on Risk Management and Internal Control – Guidelines for Directors of Listed Issuers” issued by the publication of Bursa Securities on the issuance of internal control statement.
BOARD’S RESPONSIBILITY
The Board affirms its responsibility in maintaining a sound system of internal control and risk management procedures within the Group and constantly reviewing its adequacy and integrity to safeguard the assets of the Group as well as to protect shareholders’ interest and investment.
The Board also recognises that reviewing of the Group’s systems of risk management and internal control is a concerted and continuing process and the objective of risk management and systems of internal control is to manage rather than eliminate risk of failure to achieve business objectives. It shall be noted that all risk management and internal control can only provide reasonable and not absolute assurance against material misstatement or loss. Nonetheless, in striving for continuous improvement, the Board will put in place appropriate action plans, when necessary, to further enhance the Group’s systems of risk management and internal control.
RISK MANAGEMENT AND INTERNAL CONTROL FRAMEWORK
1. RISK MANAGEMENT
The Group’s risk management activities are governed by the Risk Management Policy and Risk Management Framework approved by the Board.
The Board has delegated the responsibility of risk management oversight and control to the Board Risk & Sustainability Committee (“BRSC”). The BRSC, comprising four (4) Independent Non-Executive Directors of the Company, reviews the Group’s enterprise-wide risk management framework and ensures effectiveness of process to identify, evaluate, control, report and manage risks.
The Group Risk Management Committee (“GRMC”), comprising senior management personnel from various business divisions and support services, is responsible for developing, executing and maintaining an effective risk management system, including the continual review process of identified risks and the effectiveness of mitigation strategies and controls.
At operating unit level, risk owners are responsible for identifying risks that may have an impact on achieving their operational/financial and other business objectives. Gross risks are ranked accordingly, after taking into consideration of gross likelihood and gross impact should the risks occur, before they are ranked according to the residual risks, after taking into consideration the effectiveness of controls and action plans taken or proposed to be taken to mitigate such identified risks. Detailed action plans would then be implemented in order to manage such risks to an acceptable level.
During the FYE2020, all risks identified by respective owners together with the controls and action plans undertaken or proposed to be undertaken to mitigate and manage the risk exposure are reviewed, appraised and assessed by GRMC. Where applicable, the GRMC had also raised other issues of concerns and recommended additional mitigation actions to further mitigate the risk exposure. GRMC then reports the key risks and mitigations actions which have been deliberated and recommended to be implemented on a quarterly basis to BRSC. After due deliberation, BRSC would then present a summary of the key risks, mitigation actions and its recommendation to the Board for final endorsement.
2. AUDITS
i. The Group Internal Audit Department (“GIAD”)
The GIAD, which reports directly to the Audit Committee of the Company, performs internal audits on various operating units within the Group based on an audit plan approved by the Audit Committee. The GIAD performed checks for due compliance by the respective operating units with Group’s policies and procedures as well as the effectiveness and adequacy of the internal control systems and accordingly highlighted material audit findings, together with recommendations and proposed action plans. Detailed internal audit reports are prepared by the GIAD on a quarterly basis or if require on an ad hoc basis and such reports are submitted for deliberation by the Audit Committee during the Audit Committee meetings held throughout the financial year. Details of the GIAD’s functions and activities are set out in the Audit Committee Report as contained in the Company’s Annual Report 2020.
During the FYE2020, GIAD had performed twenty-seven (27) internal audits on the adequacy and operating effectiveness of the Group’s internal controls which have been duly reviewed by the Audit Committee. Audit findings reported by the GIAD and actions taken or proposed to be taken by the operating units to address the findings were deliberated at Audit Committee meetings. The minutes of the Audit Committee meetings held to deliberate the internal audit reports were subsequently escalated to the Board for notation.
ii. External auditors
The external auditors’ audit plan, scope of work, and audit procedures to be adopted in relation to the financial statements of the Group for the financial year have been reviewed by the Audit Committee. The review also includes a review on the suitability, objectivity and independence of the external auditors.
iii. Quality, Environmental and Safety & Health; Management Systems
During the FYE2020, Quality, Environment, Safety & Health; certification relevant to the Group are as follows: -
|
Type
|
Ref
|
Certification No
|
Issued to
|
Valid until
|
|
Quality Management System (“QMS”)
|
ISO 9001: 2015
|
QMS 00887
|
WCT Berhad (including WCT Construction Sdn Bhd)
|
8 Apr 2022
|
|
QMS 01762
|
WCT Machinery Sdn Bhd
|
4 Oct 2021
|
|
QMS 01306
|
WCT Land Sdn Bhd and its subsidiaries
|
2 Sept 2022
|
|
QMS 03141
|
WCT Properties Sdn Bhd
|
13 Jul 2023
|
|
Environmental Management System (“EMS”)
|
ISO 14001: 2015
|
EMS 00520
|
WCT Berhad (including WCT Construction Sdn Bhd)
|
8 Apr 2022
|
|
EMS 00931
|
WCT Machinery Sdn Bhd
|
14 Dec 2023
|
|
Occupational Health & Safety Management System (“OHSMS”)
|
ISO 45001: 2018
|
OHS 00221
|
WCT Berhad (including WCT Construction Sdn Bhd)
|
8 Apr 2022
|
|
OHS 00503
|
WCT Machinery Sdn Bhd
|
4 Oct 2021
|
|
OHS 00227
|
WCT Land Sdn Bhd and its subsidiaries
|
2 Sept 2022
|
3. AUTHORITY AND RESPONSIBLITY
The Group operates under an organisation structure with clearly defined reporting lines, areas of responsibilities and delegated authority limits by the Board.
The following board and management committee have been established to assist the Board to discharge its duties: -
Audit Committee
The Audit Committee is responsible to review the internal control procedures and processes of the Group and evaluate the adequacy and effectiveness of the Group’s internal controls system. The Audit Committee also seeks assistance from the GIAD and input from the external auditors of the Group, whenever required.
BRSC
The BRSC, is responsible for providing an independent oversight of the implementation and operation of the Group’s enterprise-wide risk management framework.
GRMC
The GRMC is responsible for monitoring and performing regular reviews on the Group’s risk management processes and for ascertaining if the enterprise-wide risk management framework approved by the Board is properly implemented throughout the Group’s business and operations. The GRMC reports directly to the BRSC.
Nomination & Remuneration Committee
This Committee assists the Board to,
- establish formal and transparent procedures for the appointment of new directors to the Board;
- identify, consider, assess and recommend new directors to the Board;
- annually review the effectiveness of the Board as a whole (in relation to its size and composition);
- develop the Group’s remuneration policy and determine the remuneration package for the Company’s directors holding executive positions; and
- review and recommends the appropriate remuneration payable to each Director for their services at the Board level as well as at the respective committees of the Board.
- The Policy on Renumeration of Directors and Senior Management are available in Company’s official website at www.wct.com.my.
Option Committee
The Option Committee is responsible for administering the offering, granting and dealing of the share options and new ordinary shares issued under the Group’s employees share option scheme (“
ESOS”) in accordance with relevant rules and regulations as well as the approved by-laws governing the ESOS.
Management Committee (“MC”)
The MC comprising key senior management personnel reports to the Board and is responsible for the development and effective implementation of strategic business plans for the Group in line with the strategic directions approved by the Board. The MC reports regularly to the Board on the progress of the execution of the strategic business plans approved by the Board with periodic financial and operational performance of the various business divisions as well as other strategic, financial and operational matters.
4. POLICIES, PROCEDURES AND VALUES
-
The Group’s policies, procedures and guidelines are properly documented and made accessible to all employees to ensure that all employees are aware of and will comply with them. These policies, procedures and guidelines are subject to periodic review and improvements.
-
Discretionary Authority Limits (“DAL”) duly approved by the Board are prescribed to govern the authority limits granted to the designated personnel who are duly authorised to carry out their respective job responsibilities as well as to represent the Group in all official correspondences and documentations on behalf of the Group covering procurement, payments, investments, acquisitions and disposals. During the FYE2020, DAL was updated in relation to implementation of ABAC policy with effect from 1 June 2020.
-
Proper guidelines for recruitment and termination of personnel and a performance appraisal system are in place. Employee’s performance is regularly monitored, appraised and rewarded accordingly. Training programmes are identified and regularly scheduled for the Group’s employees with the objective of continuously upgrading their skills, broadening their knowledge, improving their competency as well as sharing their experience to keep them proficient and competent in handling their day-to-day job functions, as well as to meet the current business requirements and future business needs.
- The Group’s Vision, Mission and Core Values, are shared and communicated to all levels of employees of the Group and are accessible on the Company’s official website and intranet. The Code of Conduct & Ethics for Employees is available on Company’s website at
www.wct.com.my.
- Centralised controls of selected key functions of the Group include: -
- Finance & Accounts (including Tax and Treasury);
- Legal & Company Secretarial;
- Tender, Procurement & Budget;
- Quality, Environment, Safety & Health;
- Human Resource & Administration;
- Sales & Marketing;
- Project Management (including Planning & Design, Contracts, Liaison with authorities);
- Mall Management (including Leasing & Promotions);
- Corporate Affairs; and
- Information Technology;
The centralisation of these key functions enables the Management to have a more effective and efficient control over of the Group’s operations, whilst monitoring and managing the risks associated therewith.
5. INFORMATION, COMMUNICATION AND MONITORING
-
A financial system is in place to ensure all financial transactions of the Group are timely and properly captured in the accounting system to generate a periodic management financial report for performance review and decision making by the Management and the Board.
-
Annual strategic business plans and financial budgets are prepared by all key business units and are being monitored at quarterly Management Committee meetings and subsequently presented to the Audit Committee and Board for deliberation. The Audit Committee and the Board also review the operational and financial results of the Group on a quarterly basis before the Group’s quarterly interim financial results and annual financial results are released to Bursa Securities for public announcement.
-
Directors and Senior Management conduct regular visits to the Group’s project sites and offices as well as key investment properties and regularly engage with the Group’s customers, suppliers, bankers and other business associates in order to gain better insight and first-hand knowledge of the Group’ operations, challenges faced as well as industry dynamics and changes.
-
The Group’s operating performance and financial results are communicated to the Company’s shareholders, stakeholders and the general public on a quarterly basis via the release of interim quarterly financial reports as well as on an annual basis via the Company’s annual report. In addition, once a year, the Company would convene an Annual General Meeting whereby the Board would be able to brief the shareholders of the Company on the operational and financial performance of the Group. Company briefings for financial analysts and institutional investors are also conducted regularly to keep the investment community abreast with the development and latest financial results of the Group.
6. ANTI-BRIBERY AND ANTI-CORRUPTION
Pursuant to amendment of Section 17A of the Malaysian Anti-Corruption Commission (MACC) Act 2018 which come into force on 1 June 2020, both the Group’s Anti-Bribery and Anti-Corruption Policy (“ABAC Policy”) and Anti-Bribery and Anti-Corruption Policy standard operating procedures (“ABAC SOP”) was implemented on 1 June 2020 after it was approved by the Board. The ABAC policy prohibits bribery or corrupt acts by any Director, employee or persons performing services for the Group while the ABAC SOP provide guidance to a person on how to deal with common forms of bribery and corrupt activities, including but not limited to guidelines for and/or prohibitions against the following: -
i. Paying commissions and incentive payments;
ii. Paying unofficial facilitation fees;
iii. Giving kickbacks and gifts,
iv. Providing entertainment and hosting hospitality events;
v. Making political donations and contributions; and
vi. Making donations, charitable support and sponsorships.
During the FYE2020, activities related to this includes (but not limited to) the following: -
i. Appointment of Compliance Officer.
ii. ABAC training for employees.
iii. Declaration of integrity by employee.
iv. Declaration of integrity by service provider.
v. ABAC risk assessment
vi. Gift register.
The ABAC policy is available on Company’s website at
www.wct.com.my.
7. WHISTLEBLOWING
Subsequent to implementation of ABAC policy and ABAC SOP on 1 June 2020, the revised Whistleblowing Policy and that Whistleblowing Reporting Procedure was approved by the Board. During the FYE2020, activities related to this includes (but not limited to) the following: -
i. Investigation of reported whistleblowing report.
ii. Whistleblowing register.
8. INSURANCE
As an entity with a diversified business portfolio, the Group faces exposure to various form of risks. Where possible, all such insurable risks relating to the Group’s business operations, assets and employees are adequately insured in order to minimise any adverse financial impact.
9. COVID-19
The Group’s COVID-19 Task Force was set-up in March 2020 to assess, co-ordinate and monitor initiatives which are required to be undertaken by the Group to manage, mitigate and contain, the extent possible, the risks arising from COVID-19 outbreak in order to safeguard the safety of all the employees of the Group as well as to protect the interests of our stakeholders. During the FYE2020, some action taken related to this includes (but not limited to) the following: -
i. Issuance of advisories and memos to employees by COVID-19 Task Force and Human Resource & Admin Department.
ii. Segregation of work place for employees.
iii. Physical distancing at work place.
The Group Managing Director and the Director of Finance and Accounts have provided the Board with assurance that the Group risk management and internal control system are operating adequately and effectively. All internal control weaknesses identified during the period under review have been or are being addressed. There were no major internal control weaknesses that require disclosure in the Annual Report. The Management continues to review and take measures to strengthen the risk management and control environment.
Review of the Statement by External Auditors
As required by Paragraph 15.26(b) of the MMLR of Bursa Securities, the external auditors of the Company have reviewed this Statement on Risk Management and Internal Control prepared by the Company for the FYE2020. Their limited assurance review was performed in accordance with Malaysian Approved Standard on Assurance Engagements, ISAE 3000 (Revised), Assurance Engagements Other than Audits or Reviews of Historical Financial Information and Audit and Assurance Practice Guide (“AAPG”) 3, Guidance for Auditors on Engagements to report on the Statement on Risk Management and Internal Control included in the Annual Report issued by the Malaysian Institute of Accountants.
AAPG 3 does not require the external auditors to form an opinion on the adequacy and effectiveness of the risk management and internal controls system of the Group. The review by the external auditors was made solely for the benefit of the Board in connection with the compliance with the MMLR of Bursa Securities by the Company. The external auditors do not assume responsibility to any person other than the Board in respect of any aspect of their review.
Conclusion
Having considered all aspects of the Group’s risk management and internal control system in place as set out in this Statement, the Board is generally satisfied with the adequacy and effectiveness of the Group’s risk management and internal controls during the FYE2020 and the period up to the date of issuance of this Statement.
(This Statement on Risk Management and Internal Control is made in accordance with the resolution of the Board dated 30/04/2021)
