The Board has overall responsibility to establish and maintain appropriate and effective risk management and internal control systems and, through the Audit Committee, to review the effectiveness of such systems so as to protect Shareholders’ interest and to safeguard the Group’s assets. The Board has authorised the management to design, implement and maintain its risk management and internal control systems by clearly defined responsibility, authority and accountability. Under the guidance of the Audit Committee, the Internal Audit Department of the Company monitors the risk management and internal control systems by conducting independent reviews.
The Board acknowledges that effective risk management and internal control are essential for long term growth and sustainability of the Group. The risk management and internal control systems are designed to manage rather than to eliminate the risk of failure to achieve business objectives, and can only provide reasonable and not absolute assurance against material misstatement or loss.
五礦地產有限公司 二零一七年年報 59
A. 風險管理架構
本集團的風險管理架構由業務單位、管理 層 及 內 控 審 計 部 三 道 防 線 所 組 成,採 用
「由上而下」和「由下而上」的方式識別、評 估及管理在企業層面、營運層面及職能層 面的重大風險。
各業務單位及其管理團隊負責日常營運過 程中的風險管理工作,當中包括識別、衡 量及監察個別風險的管理措施,以合乎本 集團的風險承受能力,並根據內控審計部 及審核委員會之建議,落實執行有關的風 險管理計劃,以處理影響其業務運作的重 大風險。
審核委員會連同內控審計部及管理層定期 監控及更新本集團的風險承受能力情況。
審核委員會通過內控審計部和管理層提交 的業務和營運報告,協助董事會持續監督 風險管理及內部監控系統,並與內控審計 部檢討有關系統的有效性。
內控審計部按照審核委員會的指示,奉行 以風險為導向之方針制定每年的內控審計 計劃。內控審計部向審核委員會匯報內控 審計報告調查結果,提供風險管理及內部 監控系統有效性的獨立客觀評估。本年度 的 主 要 內 控 審 計 工 作,包 括 檢 討 業 務 營 運、監察系統,以及於法律、法規以至公 司規則的遵守情況,重點專注審查存在重 大風險或重大變動的事項。
A. Risk Management Framework
The Group adopts a “Top-down” and “Bottom-up” approach whereby the three defensive lines formed by business units, the management and the Internal Audit Department join hands to identify, assess and manage significant risks at corporate, operational and functional levels.
Each business unit and its management team has the duty to manage its own risks in the course of its daily operations. It requires the identifying, measuring and monitoring of the management measures of individual risk to ensure that it is within the risk appetite of the Group. It also requires the implementation of risk management plans as recommended by the Internal Audit Department and the Audit Committee to address those significant risks that may affect its operation.
The Audit Committee together with the Internal Audit Department and management regularly monitor and update the Group’s risk profile and appetite. By reviewing business and operation reports from Internal Audit Department and management, the Audit Committee assists the Board to oversee the risk management and internal control systems on an on-going bases and review its effectiveness with the Internal Audit Department.
Directed by the Audit Committee, the Internal Audit Department follows a risk-oriented approach to furnish annual internal audit plan. The Internal Audit Department performs internal audit works and reports findings to the Audit Committee that provide the Audit Committee with an independent and objective assessment on the effectiveness of the risk management and internal control systems of the Group. The principle tasks of internal audit works of the year include audit reviews of operations, controlling mechanism, legal compliance and compliance of internal rules and regulations. Special attention has been given to matters of significant risks or changes.
Minmetals Land Limited Annual Report 2017
60
Corporate Governance Report 企業管治報告
內控審計報告將提呈審核委員會會議,重 要的審查結果及有關建議會予以跟進及定 期向審核委員會匯報。審核委員會會議紀 錄亦會提呈董事會會議,以匯報審核委員 會 對 風 險 管 理 及 內 部 監 控 事 宜 的 檢 討 意 見,當中包括自上一次檢討後出現風險程 度轉變而成為具重大風險性質的事項,以 及須董事會關注的新增重大風險事項,以 及就管理層對該事項之回應而提出的建議 或意見。
本公司按其「披露內幕消息制度」處理及發 放內幕消息,以確保該等消息在披露前保 密,並獲有效及一致地發放。
B. 重大風險及監控措施
重 大 風 險 籍 風 險 識 別 及 評 估 程 序 得 以 識 別。有關本集團於年內之重大風險連同相 關之內部監控措施概述如下︰
a. 營運資金及債務風險
營運資金及債務風險仍是本集團面 對 的 主 要 挑 戰,其 風 險 程 度 亦 較 去 年 有 所 增 加。本 集 團 於 國 內 的 住 宅 及 商 業 地 產 發 展 及 投 資,受 到 國 內 政 策 轉 變、供 求 再 平 衡、整 體 經 濟 狀況轉變及融資供求情況等市場風 險 因 素 所 影 響,或 會 對 本 集 團 的 財 務及營運狀況造成不利影響。
Internal audit reports are presented at the Audit Committee meetings. Major findings and recommendation are followed up and updated to the Audit Committee on a regular basis.
Minutes of the Audit Committee meetings are then tabled at Board meetings to report the Audit Committee’s findings on risk management and internal control issues such as changes in the nature and extent of significant risks since the last review, those newly identified risks of material nature that require the attention of the Board, and the recommendation or opinion on management’s response thereto.
The Company regulates the handling and dissemination of inside information in accordance with its “Policy on Disclosure of Inside Information” to ensure that inside information remains confidential until disclosure and the dissemination of such information is efficiently and consistently made.
B. Significant Risks and Control Measures
Significant risks have been identified through the process of risk identification and assessment. A summary of the significant risks of the Group together with the relevant internal control measures imposed during the year is listed below.
a. Working Capital and Debt Risk
Working capital and debt risk remains the key challenge of the Group and it increased as compared to last year.
All of the Group’s residential and commercial property development and investment in mainland China are subject to risks associated with the PRC property market such as policy change, demand-supply rebalance, change in overall economic conditions and availability of financing which may pose an adverse impact on the Group’s financial and operation condition.
五礦地產有限公司 二零一七年年報 61
b. 營運風險
營運風險為本集團於年內面對的另 一 項 重 大 風 險:來 自 客 戶 及 策 略 性 業 務 夥 伴 的 失 責 行 為,以 及 人 為 失 誤 及 系 統 性 不 足 或 失 誤,均 可 能 對 本 集 團 的 營 運 帶 來 相 關 影 響,引 致 財務損失、法律訴訟或聲譽受損。
c. 風險管理及內部監控系統之檢討 董事會透過審核委員會檢討風險管 理 及 內 部 監 控 系 統 的 有 效 性。審 核 委員會指示內控審計部執行獨立審 查以確定系統的成效。
各業務單位的管理層每年均會檢討 彼 等 之 風 險 登 記 冊,確 保 監 控 措 施 已 融 入 業 務 營 運 中 並 已 取 得 成 效。
有關管理層每年亦會對內部監控進 行 自 我 評 估,確 認 已 制 定 及 妥 善 遵 守 適 當 的 內 部 監 控 政 策 及 程 序。經 考慮本集團風險承受能力(即本集團 為實現策略目標願意承擔的風險程 度),以及根據管理層及內控審計部 之 評 估,審 核 委 員 會 檢 討 下 列 各 項 從而評估整體風險管理及內部監控 系統之有效性:
a. 提供予審核委員會及董事會的 及時而全面的資訊,令其能夠 對本集團在財務匯報可靠度、
遵守適用法例、規則及規例,
以及風險管理成效等方面的監 控情況作有效的評估;
b. Operational Risk
Operational risk is another significant risk identified by the Group during the year. The events of default caused by purchasers and strategic partners together with human error and system inadequacies or failure may bring about corresponding impact on the Group’s operations where financial loss, litigation, and reputation damage may follow.
c. Review of Risk Management and Internal Control Systems
The Board shall, through the Audit Committee, review the effectiveness of the Company’s risk management and internal control systems. The Audit Committee instructs the Internal Audit Department to carry out independent reviews to assess the effectiveness of the risk management and internal control systems.
The management of the business units annually review and update their risk registers, and provide assurance that effective controls are embedded. They also conduct self-assessment on internal control and confirm that appropriate internal control policies and procedures have been established and properly complied with. In consideration of the Group’s risk appetite (i.e. the extent of risk the Group is willing to bear in pursuit of its strategic and business objectives), the Audit Committee reviews the following with reference to the assessment made by the management and the Internal Audit Department to assess the effectiveness of the risk management and internal control systems:
a. the provision of timely and comprehensive information to the Audit Committee and the Board to enable effective assessment of the monitoring measures within the Group in areas such as the reliability of financial reporting, the compliance with applicable laws, rules and regulations and the effectiveness of risk management;
Minmetals Land Limited Annual Report 2017
62
Corporate Governance Report 企業管治報告
b. 檢討內部審計報告,以確定於 糾正已識別的內部監控缺失的 效率,以及有關方面在落實內 控審計部的建議的最新情況及 監察結果;及
c. 檢討管理層報告,以評估主要 的業務風險,以及管理層就本 集團業務及外圍環境轉變而作 出之應變舉措。
審核委員會或主動或應董事會的委派,就 嚴重內部缺失事項進行獨立調查,並對調 查結果及管理層的回應進行檢討。
根據管理層和內控審計部之評估,以及經 考慮獨立核數師的審計工作結果,董事會 及審核委員會認為於二零一七年內,並無 與風險管理及內部監控有關的重大事宜需 予關注。
根據年內對風險管理及內部監控系統表現 有效性的檢討,董事會認為該等系統有效 及為足夠。
b. reviewing internal audit reports to ascertain the efficiency in rectifying internal control deficiencies a n d s t a t u s u p d a t e o n i m p l e m e n t i n g o f recommendation provided by the Internal Audit Department; and
c. reviewing management reports to assess the principal business risk and the management’s response to changes in the Group’s business and external environment.
The Audit Committee initiates or as delegated by the Board, directs independent investigations on material internal control defects and reviews the findings and the management’s feedback thereof.
Based on the assessments made by the management and the Internal Audit Department and taking into account the audit work of the independent auditor, the Board and the Audit Committee consider that no significant areas of concern in respect of the Group’s risk management and internal control systems were identified during the year of 2017.
Based on the review of the effectiveness of the risk management and internal control systems performed during the year, the Board considers such systems effective and adequate.
五礦地產有限公司 二零一七年年報 63