SEO Version
Enterprise
Risk Management
ENTERPRISE RISK
MANAGEMENT FRAMEWORK
Risk management is an integral
part of CMT and its subsidiaries
(CMT Group) business culture
whether at a strategic or
operational level. Through
proactive risk management,
which supports CMT Group’s
business objectives, value is
created and preserved.
The Board of Directors of the
manager of CMT (Board) is
responsible for the governance
of risk. The Audit Committee
(AC) reviews and recommends
to the Board, the adequacy
and effectiveness of the risk
management and internal
control systems including
financial, operational, compliance
and information technology
within the CMT Group. The AC
meets on a quarterly basis. The
meetings are attended by
the Chief Executive Officer and
key management staff of the
manager of CMT (Manager).
The Manager recognises that
risk management is about
opportunities as much as threats.
To capitalise on opportunities,
CMT Group has to take risks.
Therefore, risk management
is not about pursuing risk
minimisation as a goal but
rather optimising the risk-reward
relationship. CMT Group
will therefore take risks in a
prudent manner for justifiable
business reasons.
The Manager has adopted
an Enterprise Risk Management
(ERM) framework for the CMT
Group that enables it to manage
risks in an integrated, systematic
and consistent manner. As a
foundation to this framework,
the Manager aims to create a
risk-aware culture which embeds
prudent risk-taking in decision-
making and business processes.
A robust internal control system
as well as an effective
independent review and audit
process are the twin pillars that
underpin the ERM framework,
addressing financial, operational,
compliance and information
technology risks to safeguard
its Unitholders’ interests and
the CMT Group’s assets, and
also to manage risks. The line
management is responsible for
the design and implementation
of effective internal controls
using a risk-based approach.
The Manager has in place
an internal audit function
supported by CapitaMalls
Asia Limited’s Internal Audit
Department (CMA IA).
CMA IA carries out independent
review to test the design
and implementation to provide
reasonable assurance to the
AC on the adequacy and
effectiveness of the internal
control system. The Manager
also conducts assessment of
its risks and control environment.
Key risks and their associated
controls are consolidated and
reviewed at the CMT Group
Risk-Aware Culture
ERM Framework
Risk Strategy
Board Oversight & Senior Management Involvement
Risk
Identification
& Assessment
Risk Monitoring
& Reporting
Risk
Response
H_ia 9edjheb
Self Assessment
?dl[ijc[dj H_ia
Evaluation
IY[dWh_e 7dWboi_i
M^_ijb[#Xbem_d]%
Business Malpractice
A[o H_ia
Indicators
Fehj\eb_e
Monitoring of
Financial Risks
7YY[fj
7le_Z
C_j_]Wj[
JhWdi\[h
Independent
Review and Audit
Internal Control System
Clarity
48
CapitaMall Trust
Annual Report 2013
Powered by FlippingBook Publisher