CapitaLand Integrated Commercial Trust - Annual Report 2021

Material Risks Risk Details Opportunities Key Mitigating Actions Political & Policy • Exposure to political leadership uncertainty, inconsistent public policies, social unrest, change in property- related events and other political and policy risks. • Such risks may have a direct impact on the economic and sociopolitical environment, which may in turn affect the financial viability of CICT Group’s investments. • Keeping abreast with economic and political development and policy changes. • Focus on investments in developed markets such as Singapore and other key gateway cities, with the latter comprising up to 20% of CICT’s portfolio value. • CICT Group’s operations are managed by experienced managers and teams familiar with local conditions and cultures. Project Management • Inability to meet the project’s key deliverables in relation to cost, quality and time to completion which may adversely impact profitability of CICT Group. • Adopting a systematic assessment and rigorous monitoring process to identify and manage the key risks in ongoing projects. • Conduct regular site visits to closely monitor progress of development projects. • Appoint vendors through a stringent pre-qualification procedure to assess key criteria such as vendors’ track records and financial performance. • Leverage CapitaLand Development Limited’s in-house teams of experienced technical staff to provide guidance and independent audit checks on safety, quality of architectural design, and mechanical and electrical engineering detailing. Regulatory & Compliance • Non-compliance with applicable local laws and regulations, including relevant data protection and privacy regulations, in the markets CICT Group operates in, which may lead to hefty penalties/ fines and negative publicity. • Keeping abreast of the changing regulatory landscape allows us to focus on the potential improvements in the various compliance areas. • Maintain a framework that proactively identifies the applicable laws and regulations, and embeds compliance into day-to-day operations. • Leverage in-house specialised teams in CLI such as compliance and tax to provide advisory services and updates on latest changes to laws and regulations. • CLI establishes group-wide procedures and policies to address the requirements of the applicable data protection and privacy laws through policies such as Personal Data Protection Policy, Group Data Breach Reporting & Management Policy, Group Vendor Management Policy, Global Omnichannel Marketing Policy, Group Data Governance Policy and PDPA Group Compliance Manual. • Report significant regulatory non- compliance cases to the AC on a quarterly basis for oversight by the Board. Annual Report 2021 49 Risk Management