The Board is fully committed in ensuring effective internal control in the Group’s business operations both strategically and operationally. The key controls include:

Board of Directors

The Board, as governed by its Board Charter incorporates risk management in all aspects of the Group affairs with the defined roles and responsibilities and appropriate tools to support the System. The Board sets appropriate policies to ensure the System is functioned effectively in managing risks that may impede the achievement of the Group’s objectives.

Board Committees

The Board Committees including the BRMC, the BAC, the Board Nomination Committee (‘BNC’), the Board Remuneration Committee (‘BRC’) and the Board Employee Share Option Scheme Committee (‘BESOS’) assist the Board in overseeing and examining all matters within their respective scope of responsibilities and terms of reference. The Board Committees meet on a regular basis and their decisions are subsequently tabled to the Board for notation or approval. For more details on the composition of the Board Committees, please refer to the list of Board Committees of this Annual Report.

Organisational Structure

The Board establishes a defined organisational structure with clear demarcation of responsibility and accountability within the Group that is directly aligned to the business’ strategy and operational demands. Each operational unit is headed by an individual who is fully accountable to ensure that the business activities are implemented in full compliance to the Group’s objectives and policies. The structure and its function are regularly reviewed to ascertain the effectiveness and if needed to cater for the changes of business requirements.

Limit of Authority

The delegation of responsibilities to the Board Committees and the Management as well as the delineation of their respective authority limits are defined in the KUB Management Guidelines (‘KUBMaG’). The KUBMaG provides a framework that clearly defines and specifies the authority levels for personnel to carry out their assigned responsibilities. The KUBMaG is to create awareness among all employees with regards to the internal control components and the basic control policy of the Group.

Business Plan and Budget, Financial and Operational Review

The Group prepares business plan and budget each year to establish targets against which performances are compared and monitored as well as to facilitate resource allocation by focusing on areas of concerns.

The Board Members and Senior Management play an important role in the stages of strategic review and update, which include among others, reviewing the plan before its finalisation, the budget approval process to ensure that the plan reflects the corporate intent of the Group and that resource allocation is strategically aligned.

Subsequently, the BAC reviews the quarterly and annual financial statements and performance of the Group together with the Management before tabled to the Board for approval. The quarterly reviews enable the BAC to deliberate and assess the Group’s financial results and operational performance.

Policies and Procedures

Policies and standard operating procedures (‘SOP’) are established to provide management and operating guidelines to the Group’s operating units. These policies and procedures are documented and subject to regular review, update and enhancement to reflect the current requirement and maintain its relevance. Amongst the policies are:

Procurement and Strategic Sourcing (‘Procurement’)

Procurement Policy aims to support good and sustainable procurement practices on goods, works and services for the Group. It outlines that all procurement decisions within the Group are guided by defined principles i.e. to ensure the Group and the suppliers comply with all applicable laws and regulations throughout the procurement life cycle. The Policy at all times encourages ethical vendor management via KUB vendor code of ethics that includes Anti-Corruption and Anti- Bribery Policy and Conflict of Interest in the selection of vendor, tender and procurement process.

Information and Communication Technology (‘ICT’) Policy

ICT Policy supports to monitor, escalate and report cyber or information security threats. A Disaster Recovery Centre is maintained to support identified critical business applications during disruption aligned with the Business Continuity Management System’s (‘BCMS’) requirement. Scheduled exercises were conducted to ensure readiness in the event of a disaster recovery activation. To ensure proper protection in responding to cybersecurity threats, adequate ICT security tools and procedures are in place to detect, respond and mitigate the threats.

Human Resource (‘HR’) Policies and Procedures

A comprehensive set of HR Policies and Procedures are established within KUB Group to ensure the Group complies with relevant legislation and applies the best human resource practices on workforce planning, recruitment, compensation and benefits, industrial relations, employee engagement, employee development, performance management and salary administration.

The Code of Ethics and Conduct (‘the Code’) is communicated to all employees to reinforce the Group’s core value on integrity by providing guidance on moral and ethical behaviour that is expected from all employees. The Code is incorporated in the Employee Handbook and it is accessible online through Human Resource System (‘BOSSiNet’). The Code covers six(6) broad categories of ethics in regards to the Group’s operation and personal conduct namely:

a) Conflict of Interest;

b) Misuse of Position;

c) Misuse of Information;

d) Integrity and Accuracy of Record/ Transaction;

e) Fair and Equitable Treatment; and f ) Confidentiality

Integrity Related Policies

The established KUB Integrity Framework is implemented by all subsidiaries to emphasise the Zero Tolerance towards all forms of bribery and corruption. The Framework is supported with thirteen (13) anti-bribery related policies including Political Contribution Policy, Management Letter of Support Policy, Money Laundering Policy, Declaration of Asset Policy, Whistleblowing Policy and more. The Group continuously improves the governance policies and practices to ensure it aligned with the requirement of Corporate Liability Provision of MACC Act 2009.

Project Management Policy, Procedures and Guidelines (‘PMPP’)

The scope of PMPP includes project sales (prospecting, tenders and post-tender), project initiation (project authorisation

& initiation and project dashboard), project planning, project execution (site administration, inspection & testing, control of monitoring and measuring equipment, maintenance and repair of plant machinery and equipment) and project post execution (final inspection & project handover and defects liability). PMPP is designed to cover revenue generating projects and contracts from external parties on the acceptance, delivery and management.

Staff Competency, Training and Development Programs

The Group believes that an effective organisation requires employees at all levels to be competent, skilful and capable to contribute to the achievement of the Group’s vision and mission. Training and development programs are implemented to ensure that employees are equipped with the necessary competencies.

The implementation of the training and development programs is to address the deficiency of the competency in bridging the gap between performance and opportunity, thus assisting the Group to develop talented employees to be potential leaders in the industry.

Health, Safety and Environment (‘HSE’)

As of 2019, the Group follows the international HSE standards and controls on safety management. One of the subsidiary, Solar Gas, maintained the OHSAS 18001: 2007 certification for continuous improvement on safety management system.

The system will be upgraded in 2020 following the migration of OHSAS 18001:2017 to ISO 45001:2018.

Insurance on Employee and Assets

In order to attract and retain talent, KUB Group believes it is important to offer a competitive reward package and to increase the compensation positioning against the market compensation to at least to seventieth percentile (70%). Group Hospitalisation and Surgical and Group Term Life Insurance are amongst the benefits covered by KUB Group. Both benefits and insurance include the coverage for the cost of inpatient and outpatient treatment, critical illnesses, rehabilitation and death from all causes.

Besides insurance for its employees, KUB Group also purchases insurance for its physical assets including computers and servers. The coverage includes damage or loss of assets in the event of fire, theft of assets, liability coverage for the legal responsibility to others for accidents, bodily injury or property damage.

Insurance coverage is reviewed on a yearly basis to ensure comprehensive coverage to mitigate business risks in view of the ever-changing business environment or assets.

Internal Audit

Internal audit function assesses the Group’s system of internal control, risk management and governance process. The assurance that the internal control, risk management and governance processes within the Group are adequate and complied with relevant requirement is independently and regularly reported to BAC. The corrective actions for the findings raised in the internal audit reports will be taken by the Management based on agreed action plan. Details of Internal Audit activities are provided in the Board Audit Committee Report of this Annual Report.

Business Continuity Management (‘BCM’)

The Group establishes BCM System (‘BCMS’) by adopting the principles provided by ISO 22301: 2012. The structure, responsibilities and relevant processes in regards to BCM are reflected in the BCM Framework. BCMS is maintained to protect the Group against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incident when it arises.

Sustainability Reporting and Strategies

The Group believes that the emerging trend of Economic, Environmental and Social (‘EES’) risks and opportunities increasingly affecting business value as well as share prices and stakeholders’ areas of concerns. By incorporating sustainability considerations into the process, it shall lead to value creation in the long run as organisation looks beyond short term profitability and consider medium to long term business viability. It also serves as a business strategy that advocates long term value creation for business, support business continuity and creating competitive advantage over the long term.

The Board approved Sustainability Policy and Framework as guide to ensure standardisation for implementation within the Group.

Sustainability reporting and strategies are driven by the Sustainability Committee that reports to the BRMC. For more details, please refer to the detail Sustainability Statement 2019 of this Annual Report.