The Board of Directors is ultimately responsible for the Group’s system of internal control and for reviewing its effectiveness in providing shareholders with a return on their investments that is consistent with a responsible assessment and management of risks.

Because of the limitations that are inherent in any system of internal control, such systems are designed to manage rather than eliminate the likelihood of fraud, error or failure to achieve Tanjong’s business objectives. Accordingly, these systems can provide only reasonable and not absolute assurance against material misstatement or loss. The concept of reasonable assurance also recognises that the cost of controls should not exceed the expected benefits.

The Malaysian firm of the External Auditors, Messrs. PricewaterhouseCoopers has reviewed this Statement on Internal Control as required by paragraph 15.24 of the Listing Requirements of Bursa Securities. Their review was performed in accordance with Recommended Practice Guide 5 (“RPG 5”) issued by the Malaysian Institute of Accountants. Based on their review, the External Auditors have reported to the Board that nothing has come to their attention that causes them to believe that this Statement is inconsistent with their understanding of the process the Board has adopted in the review of the adequacy and integrity of the internal control of the Group. RPG 5 does not require the External Auditors to and they did not consider whether this Statement covers all risks and controls, or to form an opinion on the effectiveness of the Group’s risk and control procedures.

There were no significant internal control deficiencies or material weaknesses resulting in material losses or contingencies requiring disclosure in the Annual Report.

In addition to the monitoring of internal controls by the Audit Committee, the Group’s system of internal controls comprises the following key elements:

The Board has approved a Statement of General Business Principles and Human Resource Policies and Procedures that set the tone of control consciousness and employee conduct. There is also in place supporting procedures for the reporting and resolution of actions which contravene these policies. There is, furthermore, a Limits of Authority manual that delineates authorisation limits between various levels of Management and matters that need to be escalated to the respective Boards of the operating subsidiary groups and the Tanjong Board, to ensure proper identification of accountabilities and segregation of duties.

Detailed budgets are prepared requiring Management and Board approval. Operational manuals have been established to guide key business processes and accounting manuals are in place towards ensuring that the recording of financial transactions are complete and accurate. Procedures also exist for mitigating exposures to losses arising from business interruption, material fraud or error, as well as ensuring compliance with legal and regulatory requirements.

Group business units monitor and explain performance against budgets on a monthly basis. The results are reviewed by the Board on a quarterly basis to enable it to gauge the Group's achievement of its annual targets. Financial reports are submitted prior to each quarterly meeting, analysing trend and budget variances as well as reporting on fluctuations in non-financial metrics. Operational reports are issued every quarter discussing key matters such as strategy implementation, industry analysis, legal and regulatory developments and operational performance. The Board recognises the need for a robust reporting framework given the growth of the Group's international assets notably in the power generation segment, and will work towards further strengthening that element of the internal control system.

In addition to Management’s monitoring procedures, which are embedded within the Group’s policies, processes and activities, independent engagements are carried out by Group Corporate Assurance and are communicated to the Audit Committee and ultimately to the Board, to enable a timely evaluation of the adequacy and integrity of the Group’s system of internal control.

There is in place a structured and on-going process to identify, evaluate and manage risks that may significantly impact the Group. This process entails the establishment of an enterprise-wide framework to embed risk management precepts in the processes and activities of the Group.

Effectively, this includes identifying principal business risks in critical areas, assessing the likelihood and impact of material exposures and determining the corresponding risk mitigation and treatment measures. A schematic diagram of the process is presented below.