100
AirAsia X Berhad • Annual Report 2014
The Board of Directors (“Board”) of AirAsia X Berhad (“AAX” or “the Company”) remains
committed to complying with the Malaysian Code on Corporate Governance 2012 (the Code)
which “... requires listed companies to maintain a sound risk management framework and
internal control system to safeguard shareholders’ investment and the Company’s assets”
and guided by the Bursa Malaysia’s Main Market Listing Requirements Paragraph 15.26
(b) and Statement on Risk Management & Internal Control: Guidelines for Directors of
Listed Issuer. The Board is pleased to issue the following statement of risk management &
internal control for the financial year ended 31 December 2014.”
Responsibility
The Board of Directors (“Board”) of AirAsia X Berhad (“AAX” or “the Company”)
acknowledges its responsibility for maintaining sound internal control and risk management
systems that would provide reasonable assurance in ensuring the effectiveness and
efficiency of operations, reliability of financial reporting and compliance with applicable
laws and regulations, to safeguard shareholders’ interests and the Group’s assets. The
system of internal control is designed to manage the Company’s risk within acceptable
risk profile, and provides reasonable assurance against material errors, misstatement or
irregularities.
In view of the limitations inherent in any system of internal control, such a system is
designed to mitigate rather than eliminate risks of failure to achieve corporate objectives.
Accordingly, the system provides reasonable and not absolute assurance against material
error, misstatement or loss. The system of internal control covers, inter alia, risks
management, financial, operational and compliance controls. The Board confirms that the
system of internal control and risk management of the Company was in place during the
financial year. The system is subject to regular review by the Board.
Risk Management
By virtue of AAX is one of the players in low cost aviation industry, our businesses have
unique risks that are specific to our industry. We recognize the fact that these risks must
be effectively managed to ensure the long-term growth and enhancement of shareholder
value. As such, AAX adopts a comprehensive risk management framework that includes
risk management policy, clear lines of responsibility and accountability as well as an
efficient framework on procedures and reporting guidelines. Our risk management system
is also linked to the Group’s internal control system, thus providing us an efficient and
reliable decision making tool. AAX Risk Management Framework has been approved by the
Board of Directors for adoption in year 2013 and AAX Group Risk Register and status on
Action Plans were deliberated diligently during the quarterly Audit Committee and Board of
Directors meetings respectively.
Key Objectives of the Risk Management Process
Our Risk Management structure aims to enhance the understanding and acceptance of risk
management within AAX in order to assist the decision making process and ensuring our
strategic objectives are fulfilled. It also aims to develop and sustain a risk management
culture, initiatives and activities within AAX community. Finally, it ensures we are
continuously in compliance with corporate governance best practices and the relevant laws
including Bursa Malaysia’s Listing Requirements. The following diagram outlines the risk
management reporting structure that is in place at AAX. The company utilise the similar
tools and processes which have been developed by AirAsia Berhad’s (“AAB”) Group Risk
Management Department.
Role of the Board of Directors
Below are the roles of the Board with regards to risk management initiatives in AAX:
• To approve the risk management policy and framework, this includes risk parameters,
thresholds & boundaries;
• To ensure that overall corporate risks are measured & thresholds are controlled within
pre-determined limits;
• To ensure that there are sufficient internal controls and clear mitigation plans for major
risks and that these plans include accountabilities and timelines;
• To ensure that a culture of identifying and managing risk exists throughout AAX
organisation; and
• Setting the right example and tone at the top for risk management culture and ensure risk
analysis and quantification is conducted for all major investments or strategic decisions.
Role of the Audit Committee
The Audit Committee’s role is to implement and support the overseeing functions of
the Board’s role in risk management. It performs risk oversight and review risk profiles
on quarterly basis. It identifies and communicates to the Board on critical risks and
corresponding management action plans as well as highlighting any changes to AAX’s Risk
Profile.
Role of the Risk Management Department (“RMD”)
The RMD is tasked with reviewing AAX Risk Register, highlighting any new risk that may
arise to the Audit Committee and updating the Risk Register accordingly. It is responsible
for the following activities:
• Recommending procedures and reporting formats on the risk management process;
• To assist Audit Committee in coordinating the risk management activities and reviewing
of the Risk Register;
• Preparing risk progress report for the presentation to the Audit Committee;
• Considering new entries for the risk register from the time of the last review and updating
entries of the last reported register;
• To coordinate risk management training for management team members; and
• Discussing and recommending improvement plans on risk management issues and
procedures that can be implemented or incorporated by any function in AAX to Audit
Committee;
Risk Management Structure
AAX Board of Directors
AAX Audit Committee
AAX Risk Management Department
AAB’s Group Risk
Management
Department
STATEMENT ON RISK MANAGEMENT
& INTERNAL CONTROL
