1. Composition

The Audit & Risk Management Committee shall be appointed by the Board from amongst the Directors of the Company and shall consist of not less than 3 members of whom the majority shall be independent directors. All members of the Audit & Risk Management Committee shall be non-executive directors.

    All members of the Audit & Risk Management Committee shall be financially literate and at least one member of the Audit & Risk Management Committee:
    • must be a member of the Malaysian Institute of Accountants; or
    • if he is not a member of the Malaysian Institute of Accountants, he must have at least three years working experience and;
      • he must have passed the examinations specified in Part I of the 1st Schedule of the Accountants Act 1967;
      • he must be a member of one of the associations of accountants specified in Part II of the 1st Schedule of the Accountants Act 1967; or
      • fulfils such other requirements as prescribed or approved by the Bursa Malaysia Securities Berhad.

No alternate Director shall be appointed as a member of the Audit & Risk Management Committee. The members of the Audit & Risk Management Committee shall elect a Chairman from among their members who shall be an independent non-executive director. In the absence of the Chairman and/or an appointed deputy, the remaining members present shall elect one of themselves to chair the meeting.

Appointments to the Audit & Risk Management Committee shall be for a period of up to three (3) years, which may be extended further periods of up to three (3) years, provided the director still meets the criteria for membership of the Audit & Risk Management Committee.

2. Meeting

The quorum shall not be less than 2, the majority of whom shall be independent directors.

The Audit & Risk Management Committee shall meet as the Chairman deems necessary but not less than 4 times a year. The Chairman shall be entitled where deemed appropriate to invite any person(s) to meetings of the Audit & Risk Management Committee.

The Audit & Risk Management Committee shall meet with the external auditors, internal auditors or both, without executive board members and employees present at least twice a year.

Group Chief Financial Officer, outsourced internal audit, representatives of the external auditor and the secretary also attend the meetings of the Audit & Risk Management Committee.

3. Authority 

The Audit & Risk Management Committee is authorised by the Board:

    • to seek any information relevant to its activities from employees of the Company;
    • the necessary resources required to carry out its duties and to obtain independent professional advice it considers necessary; and
    • full and unlimited access to any information and documents pertaining to the Company.

4. Functions

A. Financial Statements, External Audit and Other Information

The duties of the Audit & Risk Management Committee shall be:

    • to make appropriate recommendations to the Board on matters pertaining the nomination, appointment and dismissal of external auditors and the fee thereof;
    • to review and discuss with the external auditors and internal auditors before the commencement of audit, the nature and scope of the audit;
    • to review the quarterly and year-end financial statements of the Group and Company prior to submission to the Board of Directors, focusing particularly on:
      • public announcement of results and dividend payments;
      • any significant changes in accounting policies and practices;
      • significant adjustments and unusual events resulting from the audit;
      • the going concern assumption; and
      • compliance with stock exchange, accounting standards and legal requirements;
    • to discuss problems and reservations arising from the interim and final audits, and any other matters the external auditors may wish to discuss (in the absence of Management where necessary);
    • to review any external auditors’ letter to management (if any) and management’s response;
    • to review the adequacy of the scope, functions, competency and resources of the internal audit function and that it has the necessary authority to carry out its work;
    • review the internal audit planning memorandum and results of the internal audit process and where necessary ensure that appropriate action is taken on the recommendations of the internal audit function;
    • review any appraisal or assessment of the performance of Head of the internal audit function;
    • approve any appointment or dismissal of the Head of internal auditors;
    • inform itself of resignation of the Head of internal auditors and provide him/her an opportunity to submit reasons for resigning;
    • to consider any related party transactions and conflict of interest situation that may arise within the Company or Group that may raise questions over management’s integrity; and
    • to consider the findings of internal audit investigations and management’s response.

B. Risk Management, Internal Control and Information Systems

The Audit & Risk Management Committee will review and obtain reasonable assurance that the risk management, internal control and information systems are operating effectively to produce accurate, appropriate and timely management and financial information. This includes:

    • to advise the board on the Group’s overall risk appetite, tolerance and strategy, taking account of the current and prospective macroeconomic and financial environment drawing on financial stability assessments and other authoritative sources that may be relevant for the Group’s risk policies;
    • to champion and promote the Enterprise Risk Management and to ensure that the risk management process and culture are embedded throughout the Group;
    • to provide routine monthly and quarterly reporting and update the Board on key risk management issues and Potential Loss Event;
    • to review Risk Management Framework and Policy & Guide annually;
    • to oversee and advise the board on the current risk exposures of the Group and future risk strategy to ensure development and growth of the Group on a sustainable basis;
    • in relation to risk assessment:
      • to keep under review the Group’s overall risk assessment processes that inform the board’s decision making, ensuring both qualitative and quantitative metrics are used;
      • to review regularly and approve the parameters used in these measures and the methodology adopted;
      • to set a standard for the accurate and timely monitoring of large exposures and certain risk types of critical importance; and
      • to consider whether the Group has effective management systems in place to identify, assess, monitor and manage its key risk areas;
    • to review the Group’s capability to identify and manage new risk types;
    • to review reports on any material breaches of risk limits and the adequacy of proposed action;
    • to follow up on management action plans based on the status of implementation compiled by the management;
    • to review the Business Risk Analysis & Evaluation and Mitigation Plans to be escalated to the Board on an annual basis and to report any major breach of Risk policies and tolerance limits and ensure Risk Mitigants are in place;
    • to give a view on proposal/feasibility studies prepared by project sponsor or project consultants which meet the requisite threshold before recommending to the Board for final decision;
    • to keep under review the effectiveness of the Group’s internal financial controls and internal controls and risk management systems and review and approve the statements to be included in the annual report concerning internal controls and risk management;
    • to review the Group’s procedures for preventing fraud; and
    • to consider and approve the remit of the risk management function and ensure it has adequate resources and appropriate access to information to enable it to perform its function effectively and in accordance with the relevant professional standards. The Committee shall also ensure the function has adequate independence and is free from management or other restrictions.

C. Internal Audit Function

The Company has established an in-house Internal Audit Department since May 2011 in addition to utilising the services of the outsourced internal audit. The internal audit review of the Company’s operations encompasses an independent assessment of the Company’s compliance with its internal controls and makes recommendations for improvements.

The in-house and outsourced internal audit who reports directly to the Audit & Risk Management Committee, is to provide the Audit & Risk Management Committee and thereafter to the management independent and objective advice on the effectiveness of the Group’s internal control. The Internal Audit function is also concerned with every aspect of the Group’s business and operations. It recognizes that it is management’s responsibility to analyse the risks, which arise from them, and to devise and implement effective systems of internal control. The fulfillment of the above objectives is achieved by providing reasonable assurance through an effective and efficient programme of independent review across the Group to Management and to the Board on an on-going basis. This is not confined to but includes:

    • appraising the adequacy and integrity of the internal control and management information system of the Group;
    • ascertaining the effectiveness of operating management in identifying principal risks and to manage such risks through appropriate systems of internal control set-up by the Group;
    • ascertaining the level of compliance with Group’s plans, policies, procedures and adherence to laws and regulations;
    • appraising the effectiveness of administrative and financial controls applied and the reliability and integrity of data that is produced within the Group;
    • ascertaining the adequacy of controls for safeguarding Group’s assets;
    • conducting special reviews or investigations requested by Management or by the Audit & Risk Management Committee; and
    • in consultation with Management, reviewing operations as a whole from the viewpoint of economy and productivity, with which resources are employed and making cost effective recommendations to Management.

5. Reporting Procedures

The Secretary shall circulate the minutes of meetings of the Audit & Risk Management Committee to all members of the Audit & Risk Management Committee. Detailed audit reports by the Internal Auditor and the respective management response are circulated to members of the Committee before each meeting of the Committee at which the said reports are tabled.



1. Objectives

The objectives of the Committee with regard to the nomination role are as follows:

    • to identify and recommend new nominees to the Board as well as the Board Committees, however all decision as to who shall be appointed shall be the responsibility of the Board after considering the recommendations of the Committee;
    • to assist the Board in reviewing the Board’s required mix of skills, experience and other qualities, including core competencies which both Executive and Non-Executive Directors should bring to the Board;
    • to implement the process formulated by the Board designed to assess the effectiveness of the Board and the Board Committee as a whole;
    • to develop policies, practice and recommend proposals appropriate to facilitate the recruitment, retention and removal of Executive Director as well as the length of service; and
    • to review the Executive Directors’ objectives, goals and the assessment of performance.


The objectives of the Committee with regard to the remuneration role are as follows:

    • to determine the level and make-up of Executive Directors’ remuneration so as to ensure that CHHB attracts and retains the Directors of the appropriate calibre, experience and quality needed to run the CHHB Group successfully. The level and make-up of the remuneration should be structured so as to link rewards with corporate and individual performance; and
    • to determine the remuneration packages of Non-Executive Directors which shall be a decision of the Board as a whole.

2. Authority

The Committee is authorised by the Board:

    • to seek assistance from the Company Secretary on matters related to the responsibilities of the Committee under the rules and regulations to which it is subject to and how those responsibilities should be discharged;
    • to have full and unrestricted access to the Company’s records, properties and personnel; and
    • to seek independent professional advice and expertise deemed necessary for the performance of its duties.

3. Responsibilities

The responsibilities in relation to nomination matters are as follows:

    • to formulate the nomination, selection and succession policies for the Board and Board Committees as may be determined by the Committee from time to time;
    • to make recommendations to the Board on new candidates for election/ appointment, and re-election/re-appointment of the Directors to the Board;
    • to make recommendations to the Board for appointment to fill casual vacancies;
    • to conduct a review in determining whether a director can continue to be independent in character and judgement, and also to take into account the need for progressive refreshing of the Board; and
    • to review the required mix skills, experience and other qualities of the Board annually.


The responsibilities in relation to remuneration matters are as follows:

    • to formulate and/or review the remuneration policies and packages for the members of the Board and Board Committees and recommend to the Board for approval; and
    • to approve the utilisation of the provision for annual salary increment, performance bonus and long term incentives (if any) in respect of each financial year.


The Committee shall consider any other matters referred by the Board to the Committee and, in discharging its duties, the Committee shall at all times be mindful of the provisions of all applicable laws, regulations and guidelines.

4. Composition

The composition of the Committee shall be three (3) members and shall be composed exclusively of Non-Executive Directors, a majority of whom are independent. 

5. Meetings

The Committee shall meet at least once each year and at such other time(s) as it deems necessary to fulfil its responsibilities.

The quorum for a meeting shall be two (2) members.

Each member of the Committee is entitled to one (1) vote in deciding the matters deliberated in the meeting. The decision that gained the majority votes shall be the decision of the Committee. In the event of an equality of votes, the Chairman of the Committee shall be entitled to a second or casting vote.

6. Communication to the Board

The minutes of each Committee’s meeting shall be tabled to the Board for notation.

The Committee shall report on the effectiveness of the Board as a whole and the individual performance of each Director.

The Committee may from time to time submit to the Board its recommendation on matters within its purview, for the Board’s decision.


7. Circular Resolution

A resolution in writing signed by a majority of all members shall be valid and effectual as if it had been passed at a meeting of the Committee. All such resolutions shall be described as “Members’ Circular Resolutions” and shall be forwarded or otherwise delivered to the Company Secretary without delay and shall be recorded by the Company Secretary in the minutes book. Any such resolution may consist of several documents in the like form, each signed by one (1) or more members. The expressions “in writing” or “signed” include approval by legible confirmed transmission by facsimile, telex, cable, telegram or other forms of electronic communications.


8. Secretary

The Secretary of the Committee shall be the Company Secretary

The Secretary shall draw up an agenda for each meeting, in consultation with the Chairman. The Agenda shall be sent to all members of the Committee and any other persons who may be required to attend the meeting.