Doing Right
Enterprise Risk Management
The Board oversees the overall governance of risk, strategic direction and accountability of the Group. To pursue a sustainable long-term growth strategy amidst increasing ESG concerns, the Board recognises the importance of and has the responsibility of ensuring that the Management designs, implements and monitors an effective system of risk management and internal controls that incorporate stakeholders’ considerations as part of good governance. The adequacy and effectiveness of the Group’s risk management and internal control systems are also reviewed by the Board annually.
The ARMSC assists the Board in its responsibility of overseeing the Group’s risk profile, providing guidance on key risks, and monitoring the adequacy and effectiveness of the risk management framework and policies, alongside the system of internal controls. The ARMSC reviews, and the Board endorses the Group’s risk appetite, strategy and policies. These then determine the nature and extent of significant risks that the Group is willing to take to achieve our strategic and business objectives.
At the Management level, the Group Risk Management Committee (GRMC), chaired by the Group Chief Executive and comprising the Senior Management staff from both property and hospitality businesses, reports to the ARMSC on a half-yearly basis, or as frequently as needed. The GRMC highlights significant risk issues, both existing and emerging, for discussion with the ARMSC and the Board, considering the immediate operating environment and the longer-term business implications. In addition, the GRMC directs and monitors the implementation and running of enterprise-wide risk management across the Group.
The Group has established an ERM Framework to efficiently and systematically address key risks, to increase confidence in the Group’s strategies, businesses and operations. An integrated top-down and bottom-up risk review process is in place to enable comprehensive risk identification and assessment. Business functions undergo and perform self-assessment of key risks and mitigation measures, which are aggregated for reporting. The GRMC examines them, in conjunction with the Group’s top-tier risks, to identify potential significant threats or opportunities that may impact the Group’s businesses, at both strategic and operational levels. New or emerging concerns highlighted from these forums are addressed in consultation with business owners, for further assessment and action. Where necessary, cross-functional support and/or external consultants are involved to ensure risk management measures are implemented effectively. This continual dialogue with relevant stakeholders facilitates a robust ERM Framework within the Group. The Management practices and continuously reinforces the “risk-aware” culture within the Group, with the belief that risk management is every employee’s responsibility.
The Management strives to maintain constant communication and integrate risk management principles in day-to-day decision-making and business processes. Business owners and line managers are also accountable for and own their respective risks. To promote risk awareness and enhance risk management knowledge, the Management staff in both property and hospitality businesses actively participate in regular ERM discussions and training, as well as workshops to acquire and maintain an adequate understanding of ERM concepts, methodologies and tools.
We will progressively phase in climate risk management in the short, medium and long term as part of the overall ERM framework in line with the TCFD recommendations and ISSB requirements.
