Risk Management Policy

ESG Policies and Commitments

(Oriental InfraTrust)

Risk Management Policy

Purpose

OIT operates in an interconnected ecosystem with a wide range of regulatory compliance on ESG requirements, changing geopolitical risks, and fast-paced technological disruptions that can have a material impact across the value chain. Owing to this, OIT’s Risk Management Policy aims to identify and mitigate the existing and emerging risks in its business operations in a timely manner. It ensures a systematic and structured approach to the risk management process, enabling a well-informed decision-making process to achieve its business objectives.

Scope

This Policy is applicable to OIT and SPVs business activities and operations.

Policy Statement

OIT shall adopt a proactive approach to risk management which is based on the following underlying principles:

  • OIT shall set up a framework for risk identification, assessment, prioritization, mitigation and resolution.
  • OIT shall proactively identify risks from both external and internal environments. The risks may include, but not be limited to financial risks, legal risks, political risks, ESG related risks, quality assurance, contractual compliance and risks related to revenue concentration.
  • OIT shall strive to anticipate and take preventive action to manage or mitigate risks and deal with the residual risk.  OIT shall develop, implement, review and monitor a uniform risk management policy, framework and plan across all business units, functions and locations.
  • OIT shall develop relevant capability for concerned employees and relevant stakeholders to ensure effective risk management.
  • OIT shall endeavor to create a culture of informed decision-making at all levels of the organization. All employees of OIT shall take responsibility for the effective management of risks in all aspects of the business.

Governance Management

Managing risks at OIT is seen as a collective responsibility of all employees in general and of Key Management Personnel (KMPs) in particular. To monitor this, the KMPs work with advice from the Compliance Officer who acts as the Chief Risk Manager.

Review

The Chief Risk Manager/Compliance Officer shall review this Policy periodically to ensure effectiveness of the policy and recommend appropriate revisions to the Board for consideration and approval.

Table of Contents

Policy

1.  Code of Conduct

Environment

2. Environment Policy

Social

3. CSR Policy

4. Human Rights Policy

5. POSH Policy

6. Human Resource Policy

7. Occupational Health and Safety Policy

Governance

8. Anti-Bribery Anti-Corruption Policy

9. Board Diversity Policy

10. Supplier Code of Conduct

11. Data Privacy & Security Policy

12. Nomination & Remuneration Policy

13. Risk Management Policy

14. Whistle Blower Policy

Commitments

15. Climate Change Commitment

16. Biodiversity Commitment

17. Commitment on Water Management

18. Commitment on Road User Safety

19. Board Independence Statement

20. Commitment on Political Involvement