NTUC Income AR 2019

CORPORATE GOVERNANCE COMMUNICATION WITH MEMBERS Members of the Co-operative can access relevant information on the Co-operative at its website at www.income. com.sg. Members are also given the opportunity to participate actively at the Co-operative’s AGMs where they can ask questions and communicate their views. The directors, senior management and external auditors are present at these meetings to address queries and concerns raised by members. ENTERPRISE RISK MANAGEMENT The Risk Management Strategy, as formulated by the RMC and approved by the Board, serves to ensure that the risk management framework is in place to identify, measure, manage, monitor and report material risks consistently across all business activities. Enterprise Risk Management Framework Enterprise Risk Management (ERM) Framework at the Co-operative level involves the overall assessment of risks which the Co-operative can be exposed to, over the present as well as reasonably foreseeable future, and its integration with capital management. The Co-operative’s enterprise-wide Risk Appetite Statement articulates quantitatively and qualitatively, the level of risk that the Co-operative is ready to accept and tolerate, and provides the basis for oversight and governance for the Co- operative. The foremost principle underlying the Co-operative’s ERM Framework is that all risk management activities are aimed at facilitating the achievement of its stated corporate objectives and social priorities, in a manner that is consistent with the Co-operative’s stated aim of financial stability and serving the community whilst protecting and enhancing the reputation and standing of the Co-operative. Within the ERM Framework, the Co-operative operates a “Three Lines of Defense” model for the management of the risks facing the business. The first line of defense comprises the various business units and are the ultimate owners of the risks. They have responsibility to identify, measure, manage and monitor the risks in their respective areas. The second line of defense comprises the Risk Management and Compliance functions. They provide a review and challenge of the processes and controls in the first line business activities and propose risk limits and polices for approval by the RMC or Board, as appropriate. The third line of defense comprises the Internal Audit function which provides independent assurance that the risks are being managed effectively. Risk Management Principles Risk is a key part of the Co-operative’s business and is defined as events which have a range of probabilistic outcomes, some of which have a negative impact on the organisation. The risk management framework ensures that risks are properly measured, managed and monitored. The framework is tailored to the organisation and business structure to ensure that it is relevant and effective. Review of the framework is performed regularly to ensure that it remains fit for purpose and that it does provide the safeguards and assurances that the business is soundly run. ANNUAL REPORT 2019 29