Managing risk is an integral part of our business activities and is performed to create value for
the Group.
The Group manages risk under an overall strategy, determined by the board of directors and supported by the board’s Risk Committee and Audit Committee. The Risk Committee reviews and enhances the effectiveness of the Group’s risk management and health, safety and environment (HSE) plans, systems, processes and procedures. It also regularly reviews group-wide risk and HSE policies, guidelines and limits, as well as significant risk exposures relating to foreign exchange rates, commodity prices and major investment projects and corresponding risk mitigation plans. Oversight responsibility for risk management within the Group’s listed entities lies with their respective boards.
The board has determined a risk appetite framework for Sembcorp that forms a common understanding for both our board and management in the execution of the Group’s strategy and objectives. Under this framework, the board has approved risk appetite statements with respect to the following five focus areas. These are aligned to the focus
areas under which the Group categorises its material issues, in managing and reporting its overall sustainability performance:
a. Economic
Sembcorp actively pursues global strategies to meet our growth objectives. We will continue to invest in and develop our capabilities and expand our assets in both existing and new markets, with a particular emphasis on emerging markets. Investing in such markets inevitably carries with it inherent risks; however, the Group is a disciplined investor with a robust investment approval process that calls for the necessary due diligence and risk management to be done. The Group has a defined set of country limits and the limit for investment exposure in countries deemed to be of high and medium risk has been set at no more than 65% of our total investment exposure. In addition, we also maintain appropriate single-country limits.
The Group commits to maintaining a strong financial position and targets to achieve an investment grade equivalent credit rating to ensure access to funding and protect shareholder value. The Group will not take part in any form of transaction that is deemed speculative in nature, under
any circumstances.
b. Governance, Risk & Compliance
As a listed company on the Singapore stock exchange that has both responsibility and accountability to a wide range of stakeholders, Sembcorp takes a very serious view of governance, risk and compliance. The Group commits to comply with all applicable laws and regulatory requirements in the countries where
it operates. The Group adopts a zero tolerance stance towards any form of fraud, bribery
or corruption.
c. People
Sembcorp recognises the need to have in place a strong and competent workforce that is aligned to our core values and ethical standards. The Group will also continue to attract, develop and retain employees with the relevant skill sets and competencies to meet our business needs and growth plans and ensure leadership continuity.
d. Health, Safety and the Environment
In its pursuit of operational excellence and business growth, Sembcorp will not compromise the health and safety of both its internal and external stakeholders. The health and safety of all our employees is of paramount importance to the Group. We take a serious view of any breaches in health, safety and environmental standards and regulations in all our operations and facilities.
e. Community
Sembcorp believes that as an integral part of our communities, we should conduct our business in a responsible manner and make a positive contribution to the communities in which we operate. The Group is therefore committed to high standards of business conduct, to engaging our stakeholders and to managing our environmental and social impact
on local communities responsibly.
The above risk appetite statements are also supported by key risk indicators, which are continuously monitored and reported to the Risk Committee on an ongoing basis.
The Group is committed to ensuring that an effective and practical enterprise risk management (ERM) framework is in place to safeguard our people and assets, protect shareholders’ interests, facilitate informed decisions for intrinsic value creation and ultimately uphold and enhance our brand and reputation. In designing our ERM framework, the Group has adapted and made reference to various industry risk management standards, such as ISO 31000 and the Enterprise Risk Management – Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). This ensures that we are in line with best practice. To sustain a successful ERM programme, we believe in having the right processes and tools as well as instilling the right risk awareness culture. Our ERM framework specifically sets out a systematic and structured approach towards risk management through the following activities:
Awareness trainings and workshops
Risk identification and assessment
Formulation of key risk management strategies
Design and implementation of risk mitigation controls (preventive, detective and responsive controls)
Monitoring and timely reporting of risk management performance and risk exposure levels
Continuous improvement of risk management mitigation measures and capabilities
Our ERM framework is supported by the following key pillars:
a. Fraud Risk Management
The possibility of fraud is an inherent risk in
any organisation. To manage this, the Group has established a fraud risk management policy, which has been approved by our board’s Risk Committee. The policy provides a framework and comprehensive guidance on anti-fraud measures to pro-actively manage the risk of fraud, bribery and corruption. All subsidiaries are required to have a fraud control plan in place. We actively influence and encourage our joint ventures and associates to adopt our fraud risk management framework. The Group maintains a zero tolerance policy for fraud, which we take to include corruption and bribery. This stance is regularly communicated to employees through awareness training sessions, workshops and e-learning programmes.
The following key activities and complementary policies and procedures are part of our holistic approach towards fraud risk management and also address the risk of bribery and corruption:
Preventive anti-fraud measures
Code of business conduct
Employee code of conduct
Conflict of interest policy
Corporate gift policy
Fraud risk assessments
Employee and third party due diligence
Detective anti-fraud measures
Whistle-blowing policy
Forensic data analysis
Compliance and monitoring
Pre-employment screening
Responsive anti-fraud measures
Fraud reporting procedures
Fraud investigation procedures
Grievance handling procedures
Whistle-blowing policy
Since 2005, Sembcorp has maintained a whistle-blowing policy and procedure. We provide employees with well-defined and accessible channels within the Group through which they may, in confidence, raise concerns regarding possible improprieties in the conduct of business activities, financial reporting or other matters to the Audit Committee. This facilitates independent investigation of such matters for appropriate resolution. The policy is communicated to all employees and is subject to review on a regular basis.
Employees are encouraged to report suspected wrongdoing, in confidence and without fear of reprisal, in relation to the following:
Mail or wire fraud, bank fraud or fraudulent acts
Violations of laws, rules or regulations applicable to the company and related to accounting, internal
accounting controls or audit matters
Intentional error or fraud in the preparation, review or audit of any financial statement of
the company
Significant deficiencies in or intentional non-compliance with the company’s internal
accounting controls
Any reportable conduct, defined to mean any one of the following:
|
–
|
Unlawful, unethical, corrupt or improper conduct
|
|
–
|
Conduct that is in breach of any policy of the company
|
|
–
|
Misuse of funds or assets of the company
|
|
–
|
Conduct that jeopardises the safety of the company’s employees, the environment in which they are working, or the public
|
|
–
|
Abuse of authority
|
|
–
|
Any other conduct that may cause financial or non-financial loss to the company or damage to the company’s reputation
|
|
–
|
Suppression or concealment of any information relating to any of the above conduct
|
|
–
|
Acts to mislead, deceive, manipulate, coerce or fraudulently influence any internal or external accountant or auditor in connection with the preparation, examination, audit or review of any financial statement or record of the company or the Group
|
|
–
|
Criminal acts, including theft, the sale or use of drugs, money laundering, violence or threatened violence and criminal damage against property
|
|
–
|
Detrimental actions taken in reprisal against a whistle-blower
|
A whistle-blower may submit his / her allegations or concerns either by telephone, email or through other written forms or existing communication channels. The company will protect the confidentiality and anonymity of the whistle-blower. The whistle-blowing case will be received by the head of Group Internal Audit and an investigation will be conducted in compliance with the requirements set out in the company’s whistle-blowing policy. If an employee who uses whistle-blowing channels is found to have wilfully done so in bad faith, disciplinary action will
be taken against him / her. A copy of our whistle-blowing policy is available on our company website,
www.sembcorp.com.
b. Operational Risk Management
Crisis management and business continuity
With operations extending across the globe, the Group monitors for emerging threats that may disrupt its operations, and formulates and updates its strategies and mitigation measures accordingly. Focus is placed on establishing a robust and effective crisis management framework that
is relevant to the current business environment and risk landscape. We aim to enhance and improve existing emergency response protocols and business continuity plans across our business entities, to strengthen operational readiness. Crisis communication procedures are also embedded as part of the Group’s crisis management framework.
The Group’s crisis management, emergency response and business continuity procedures and plans are regularly tested and fine-tuned to ensure that the Group can respond effectively to crises and emergencies. The Group also addresses crises and emergencies through the implementation of appropriate prevention, preparedness and response and recovery programmes, while ensuring
that critical business functions can recover and continue in a timely manner. In addition, the Group adopts key standards and practices set
out by ISO 22301:2012 under Societal Security – Business Continuity Management Systems – Requirements. This approach enables us to build resilience and enhance our ability to manage and respond to emergencies. It also helps to minimise the impact of incidents on people and the environment, prevent loss of assets and mitigate disruption to business operations, while safeguarding the company’s reputation.
Health, safety and the environment
The Group HSE department is guided by our
Group President & CEO and the board-level Risk Committee, reflecting the high priority accorded
to HSE issues at Sembcorp. The department has formalised a group-wide HSE management system and promotes global HSE efforts to ensure effective and timely management of HSE issues across the Group. This management system is aligned with
ISO 14001 and OHSAS 18001 standards and provides guidance to business units in actively managing HSE risks associated with our activities and services in a systematic manner. For more information on the company’s HSE management, please refer
here.
Insurance
The Group actively reviews its insurable and uninsurable risks, and identifies comprehensive and cost-effective risk management tools to manage such risks. As a risk transfer mechanism, the Group has purchased a comprehensive set of insurance policies to protect its business operations against financial loss resulting from property damage, machinery breakdown, business interruption or general third party liability. The Group has also engaged a panel of top-tier insurance consultants, leveraging their technical expertise and resources to negotiate for competitive pricing and comprehensive coverage with commercial insurance companies. To balance the cost of
risk transfer, the Group focuses on insuring catastrophic events while maintaining its emphasis on improving internal controls over operations
and maintenance. Sembcorp Captive Insurance,
a wholly-owned captive insurance subsidiary, provides first layer coverage against property damage and business interruption losses for the Group’s operations in Singapore and on the Wilton International site in the UK. Sembcorp Captive Insurance serves not only as an internal risk transfer mechanism, but also showcases the Group’s efforts to promote greater accountability and responsibility in the operations and maintenance of its business units. Over the years, Sembcorp Captive Insurance has successfully built up a strong capital surplus, allowing it to extend its insurance reach to other operations and broaden its scope
of coverage.
c. Financial, Market and Credit Risk Management
The Group actively manages its financial, market and credit risk exposure with respect to foreign exchange rates, commodity prices and interest rates via established policies, including treasury policies, financial authority limits and a system of financial discipline. These policies set out the parameters for managing the Group’s exposure to counterparty, liquidity, foreign exchange and other material transaction risks.
Financial and market risk
The Group defines and utilises approved financial instruments to manage exposure to foreign exchange, commodity prices and interest rate fluctuations arising from operational, financing and investment activities. The commodities include fuel oil, coal and natural gas. Transactions such
as foreign exchange forwards, interest rate swaps, commodities swaps, purchase of options and contracts for differences are used to manage
these risks as appropriate. Under the Group’s overall treasury policy, transactions for speculative purposes are strictly not allowed. Transactions are allowed only for hedging purposes based on the underlying business and operating requirements. Exposure
to foreign currency risk is also hedged naturally where possible. In addition, the Group has financial authority limits, which seek to limit and mitigate operational risk by setting out the threshold of approvals required for entering into contractual obligations and investments.
Default and counterparty credit risks
Counterparty credit risk refers to the risk that a counterparty may fail to fulfil its payment or performance obligations under contracts to
which it is a party. Sembcorp has a group-wide credit risk policy in place, under which we will, as far as possible, maintain a practice of dealing with counterparties who are creditworthy. To this end, we perform periodic credit evaluations to establish and verify the credit rating of current and potential counterparties, such as customers, contractors, joint venture partners and financial institutions. Appropriate credit limits are then set, according to the established credit rating and business volume, to avoid undue credit exposure. Credit exposure and overdue accounts are closely monitored and managed through vigorous collection efforts.
For counterparties that do not meet the minimum credit rating requirement, credit protection such as additional securities, guarantees, advanced payment and shortened payment terms may be requested on a case-by-case basis as risk mitigation measures. Another area of focus is managing concentration risk with respect to our credit exposure. Our concentration risk is diligently reviewed to ensure that no single counterparty or group of related counterparties has excessive credit exposure that may result in a material impact on the Group in the event of a default.
d. Investment Risk Management
To ensure that prudence is exercised in all investment decisions, the Group has in place an investment approval process, under which a disciplined approach is taken to review the key risks and opportunities presented by potential investments. As part of our investment approval process, all new investments and transactions are reviewed by a cross-functional project team that provides risk assessments, mitigation measures and recommendations to the respective authorised persons for approval in accordance with applicable financial authority limits.
In addition, to ensure that Sembcorp maintains appropriate diversification across different geographies, the Group has put in place a country risk framework to monitor and report its investment exposure globally. Countries are classified into high, medium and low risk categories based on their macroeconomic and sovereign risks, political and corruption risks, regulatory and transfer risks, as well as social and environmental risks. Furthermore, our investment exposure under
each country is regularly reported to the board’s Risk Committee. This framework also defines
limits that have been approved by the board and stipulates that any deviation from these country limits requires board approval according to a set procedure. In reviewing any request for deviations from the country limits, the board will consider the key risk drivers at hand, in terms of investment size,
duration and economic life of the project, as well as the level of residual risk after the implementation of mitigation plans.
As at December 31, 2015 the countries outside of Singapore in which the Group has the largest investment exposure are India (S$2.8 billion), China (S$2.3 billion) and Brazil (S$1.4 billion). Investment exposure comprises invested capital, including reserves, and committed contingent support for projects and assets.
Supporting the ERM framework is a system of internal controls, comprising a code of business conduct, a comprehensive set of group-wide governance and functional policies, approval authorities and limits, which ensures that entity-level controls are implemented across the Group. The Group’s internal control policy and manual, which adopts COSO principles, provides a framework
for an effective and adequate system of internal controls that business units should put in place. It also guides us on the appropriate segregation of duties and checklist of internal controls.
The ERM framework is complemented by a governance assurance framework and a risk-based control self-assessment programme. The effectiveness of key controls is rated, and the rationale for ratings documented, to enable management to better identify and manage key control gaps or weaknesses.
Collectively, the respective risk management and internal control frameworks and initiatives support the overall risk and governance ecosystem. This comprises the board, the Group’s risk and governance departments, our business units,
as well as the internal audit team.
