2 | P a g e
Company has identified the key risk areas and internal controls adequately address and mitigate
those risks.
O
FFICERS AND
K
EY
P
ERSONNEL
The management personnel of the Company constitute the front line of monitoring and preventing
fraud. Managers are responsible to monitor business activities of employees and be aware of and
alert to potential signs of fraud.
Management is accountable to “set the tone at the top”, point out the risks to which the operations
and the systems are exposed, establish an effective system of Internal Controls, Governance and
Risk Management process, and follow up systematically on the implementation of the Company’s
procedures and policies.
S
TAFF
Staff is responsible to act at all times with the highest degree of honesty, integrity, accountability, and
propriety. Staff should conduct their duties in a manner the does not jeopardize, to the contrary,
safeguards the Company’s resources and assets. Staff shall comply with the Company’s Code of
Business Conduct and Ethics, and the Code of Conduct and Ethics for Corporate Officers and
Directors. If fraud, violation, unethical conduct or dishonest practice is suspected and/or verified,
then it should be reported through the “Ethics and Compliance” Link and provide any required
information during the investigation process.
I
NTERNAL
A
UDITOR
“The Internal Auditor should have sufficient knowledge to identify the indicators of fraud but is not
expected to have the capacity of a person whose primary responsibility is detecting and mitigating
fraud.”
The Internal Auditor is responsible to evaluate the adequacy of the internal control system, prioritize
auditing activities in accordance with a documented risk assessment plan, and provide
recommendations, through consulting and assurance activities.
4. F
RAUD
R
ESPONSE
P
LAN
The fraud response plan is a guide to follow in the event of fraud being discovered or suspected. Its
purpose is to ensure that proper action is taken in case of fraud.
Any allegations of fraud, theft or other irregularity should be reported via the Ethics and Compliance link
on the web site of the Company.
All allegations are reported anonymously, are treated as confidential and are directed to the Audit
Committee, which will undertake any further investigation.
The Audit Committee is responsible to retain any relevant records, examine the allegations, and plan
the investigation and deterrence of fraud. Deterrence of fraud lies with management. The Audit
Committee will appoint a suitable person, internal or external, to investigate and ensure that the
investigation is conducted in a professional manner. The Audit Committee and the management are
responsible to secure the anonymity and prevent the harassment or discrimination of the people that
make such allegations.
The results of the investigation should be reported directly to the Audit Committee, which will determine
to whom should be communicated, including the Internal Auditor, the CFO, and the CEO. Upon
conclusion of the investigation, an action plan should be agreed, enforced, documented, and distributed
appropriately.