Enterprise Risk Management

The Board of Directors has the overall responsibility for the establishment and oversight of the Company’s risk management framework.

Risk management policies are established to identify and analyze the risks faced by the Company, to set appropriate risk limits and controls, and to monitor risks and adherence to limits. Risk management policies, processes, and practices are continuously reviewed to reflect changes in the Company’s activities and market conditions. The Company, through its training and management standards and procedures, aims to develop a disciplined and constructive control environment in which all employees understand their roles and obligations.

Risk management functions are performed at the management committee level of each operating subsidiary of the Company. Managers and those responsible for risk reporting are tasked to ensure compliance with all operational and financial controls within their areas of responsibility and to implement internal controls as part of the total system to achieve the goals of the Company. Managers conduct regular evaluation of existing policies, systems and procedures to ensure that these remain relevant and effective to the current operating environment. Management also gives prompt and cooperative consideration to the recommended improvement measures made by independent internal or external audit groups.

In 2017, the Company’s Board of Directors created a Board Risk Oversight Committee and tasked it to be responsible for the oversight of the Company's enterprise risk management (ERM) system to ensure its functionality and effectiveness. The Committee shall oversee the implementation of a formal ERM plan for the Company and annually review and advise the Board of the Company's risk appetite levels and risk tolerance limits based on changes and developments in the business, the regulatory framework and external economic environment. It shall also assess the probability of each identified risk becoming a reality and estimate its possible financial impact and likelihood of occurrence, and oversee management's activities in identifying, monitoring, assessing and managing credit, market, liquidity, operational, legal and other risk exposures of the Company.

The Audit Committee, on the other hand, performs oversight financial management functions, including the areas of managing credit, market liquidity, operational, legal and other risks. The Audit Committee is assisted in its oversight role by the Internal Audit Groups of its food, beer and spirits subsidiaries. The respective Internal Audit Groups of the Company’s food and beverage subsidiaries undertake both regular and ad hoc reviews of the risk management controls and procedures of these subsidiaries, the results of which are reported to the Audit Committee.