30
GRAND BANKS YACHTS LIMITED
ANNUAL REPORT
2016
CORPORATE GOVERNANCE REPORT
Risk Management And Internal Controls
Principle 11:
The Board is responsible for the governance of risk. The Board should ensure that the Management maintains
a sound system of risk management and internal controls to safeguard the shareholders’ interests and the
company’s assets, and should determine the nature and extent of the significant risks which the Board is
willing to take in achieving its strategic objectives.
Guidelines Of The Code
Grand Banks Corporate Governance Practices
11.1 The Board should determine the company’s level
of risk tolerance and risk policies, and oversee
Management in the design, implementation and
monitoring of the risk management and internal
control systems.
With the help of the external organization serving as the
independent internal auditor, JF Virtus Pte Ltd, the Group has
designed an enterprise risk management (ERM) framework
to monitor, manage and build awareness within the Group of
the various risks to which the Group is exposed. The Board
also reviews the Group’s business and operational activities to
identify areas of significant business risk as well as appropriate
measures to control and mitigate these risks within the Group’s
policies and business strategies. The independent internal
auditor retained to perform the Group’s internal audit function
continues to update the Group’s enterprise risk profile by
facilitating management risk self-assessment to generate an
updated risk register to be used by the Risk Management
and Audit Committee (RMAC) to monitor and the independent
internal auditor to review the manner in which the Group
manages such risks. The objective of the risk assessment
is to identify and assess risks which include key financial,
operational, strategic, compliance and information technology
risks as well as to evaluate the internal control systems.
The RMAC is regularly updated on the Group’s risk management
program and internal control systems.
11.2 The Board should, at least annually, review the
adequacy and effectiveness of the company’s risk
management and internal control systems, including
financial, operational, compliance and information
technology controls. Such review can be carried out
internally or with the assistance of any competent
third parties.
The internal controls provide reasonable but not absolute
assurance that the Group will not be adversely affected by
any event that could be reasonably foreseen as it strives to
achieve its business objectives. Reviews and tests of the
internal control procedures and systems are carried out by
an independent internal audit firm. The Board is thus satisfied
with the adequacy and effectiveness of the Group’s risk
management and internal control systems including financial,
operational, strategic, compliance and information technology
controls.
