59 Annual Report 2024 RISK GOVERNANCE The Boards of Directors of the Managers (the Boards) oversee risk governance and ensure that the Management maintains robust risk management and internal control systems to safeguard the interests of CLAS and its stakeholders. The Boards, with support from the Audit and Risk Committee (ARC), approve CLAS’ risk appetite (risk tolerance) that determines the nature and extent of material risks CLAS is willing to take to achieve strategic objectives. The Boards also regularly review CLAS’ risk profile, material risks and mitigation strategies, and ensure the adequacy and effectiveness of the risk management framework and policies. The Management supports the Boards and the ARC to ensure effective risk governance and oversight. They are responsible for directing and monitoring the implementation of risk management practices throughout CLAS, which includes tracking risk exposure using key risk indicators. Approve CLAS’ risk appetite and review CLAS’ risk profile Direct and monitor the implementation of risk management practices CLAS’ Boards of Directors Audit and Risk Committee Management INTERNAL CONTROLS SYSTEM The ERM Framework operates within a risk governance structure comprising three lines of defence to foster a strong culture of risk awareness. Third line The Internal and External Audit teams evaluate the design and implementation of risk management and internal control systems to ensure their adequacy and effectiveness. This in turn, provides the Boards with reasonable assurance. A Strong Culture of Risk Awareness • Nurturing a strong risk culture helps ensure effective and consistent implementation of risk management practices throughout CLAS. • The first line of defence, comprising employees, risk champions or representatives from business units and corporate functions, collaborates closely with the second line of defence to instill a culture of risk ownership and accountability. • In addition, the departments under the second line of defence regularly conduct workshops to enhance employees’ understanding of risk management and ensure the integration of risk management principles into decision-making and business processes. • The Management reinforces this culture by setting the tone at the top, leading by example, and effectively communicating our risk management strategy to employees. Second line Specialist functions, including risk management and compliance, provide oversight of risk management and compliance practices, fostering and embedding a culture of risk ownership and accountability. First line Employees are responsible for effectively identifying and managing risks arising from their business activities. Risk Champions are appointed to drive this effort.
RkJQdWJsaXNoZXIy NTkwNzg=