GOVERNANCE

Axiata Group Berhad | Annual Report 2016

103

APPENDIX 1 - Key Risks Faced by the Group

1.

Financial Risk

2016 was a volatile year for certain emerging markets currencies such

as the Indonesian Rupiah and Malaysian Ringgit against US dollar. As a

global player with presence across 10 countries, the Group is exposed

to these volatilities which could adversely affect the Group’s cash

flow and financial performance. The Group has borrowings in foreign

currencies and is cognisant of the foreign exchange and interest

rates exposures. To mitigate this risk, Axiata Treasury Management

Centre has been tasked to oversee and control the Group’s treasury

and funding matters, develop hedging strategies which are governed

strictly by the treasury policies, taking into consideration current and

future outlook of the relevant economies and foreign exchange markets

with the ultimate objective of preserving the Group’s profitability and

sustainability.

2.

Market Risk

The Group’s key markets are predominantly emerging markets which

are generally characterised as being economically less developed. These

countries are also more prone to economic uncertainties and sensitive

towards any changes in developed countries. The unexpected vote for

Brexit in United Kingdom, the new American President and its policies,

and the volatile price of oil have had an impact on the global economy.

These developments have affected investor sentiment, lowered

economic growth and hence resulting in lower levels of disposable

income among customers. In addition, our OpCos are challenged by

stiff price competition, from both incumbents, new players and smaller

scale players, leading to lower profitability and a damaging price war

in certain markets. It is imperative that the Group takes the necessary

measures to drive efficiencies and innovations through investments in

new technologies, establish strategic ties with ‘Over-the-Top’ (OTT) or

other digital product developers in order to create products and services

that meets evolving customer needs, increase the Group’s share of

customers’ wallet and rebuild customer loyalty.

3.

Regulatory Risk

The telecoms sector where the Group operates is subjected to a broad

range of rules and regulations, put in place by various regulatory bodies.

Hightaxrates,significantspectrumfees, levies,ValueAddedTaxes(VAT),

call drop penalties, etc, are common challenges faced by the Group.

In some countries, the Group is faced with prolonged tax litigations

while others are challenged with a systematic increase in taxes and

more favourable treatment accorded to the domestic operators. Such

policies and regulations could disrupt the Group’s business operations

and impair its business returns and long-term growth prospects. These

rules and regulations may also limit our flexibility to respond to market

conditions, competition and new technologies. In responding to such

a challenging environment, the Group advocates strict compliance,

transparency and putting our case before the relevant authorities.

We have instituted dedicated personnel and resources to constantly

monitor all relevant developments and maintain regular contact and a

courteous relationship with the governing authorities. The Group has

also been at the forefront in engaging regulatory officials, participating

in government consultations, and sharing knowledge and best practices

in the development of healthy regimes for the telecoms sector.

Spectrum, a scare resource, remains critical for the Group’s core

business of providing mobile voice and broadband services and is often

seen as means of raising funds by the local government as evident

in previous spectrum auctions within the Asian region. The Group

saw two spectrum renewal exercises in 2016 which, through prudent

planning, we were able to obtain sufficient spectrum capacity within

the confined budget approved by the Board.

4.

Cyber Risk

The increase connectedness of many everyday goods and services via

the Internet (digitisation) has meant that telecom operators are facing

greater challenges of security breaches from such connections. Such

breaches may result in the loss or compromise of sensitive information

or interruption to services. The Group considers this as a heightened

risk, following the increase in malicious and high profile attacks against

major corporations around the world. As the Group relies heavily on

information technology, the Group has to protect the privacy of our

customers as well as company confidential information stored within

our network and systems infrastructure. A successful cyber-attack will

undermine customers’ confidence in the Group and may materially

impact our businesses and tarnish theGroup’s reputation. Such breaches

are also costly to rectify and could result in criminal or civil action in

addition to regulatory penalties. Mindful of the risk and repercussions,

the Group has established a Cyber Security Steering Committee, which

focuses on the accelerated implementation of security initiatives.

The committee has been at the forefront of safeguarding the Group

by ensuring strict compliance with security policies, procedures, and

putting in place technologies and tools to minimise the risk of security

breaches. Other technical action have also been instituted to monitor

and detect security breaches.

5.

Operational Risk

The Group relies on third party vendors in many aspects of our business.

Their non-performance will have an impact on the Group’s operations.

The telecoms industry is dominated by a handful of vendors which

means any failure or refusal by these key vendor to meet their agreed

obligations may significantly affect our core business and operations.

One of Axiata Procurement Centre’s key role is to be on the lookout for

ways to manage these risks, monitor the performance of the vendors

and develop new relationships to reduce such dependencies.

The telecoms network within our OpCos are subjected to risks of

failures, some within our control while others are not. Repeated

failures or service outages could disrupt services, resulting in revenue

losses, damage to reputation and eventually customer churn. In some

countries, the OpCo could be fined with stiff penalties for poor quality

of services or drop calls. The IT systems are also crucial in running

operations, from providing end-to-end customer services to running

internal processes such as billing. The IT architecture changes regularly

due to newer versions, upgrades and security patches. Failure to keep

the architecture updated may result in a system crash or security

breaches. Cognisant of the risks, the Group continuously address

issues such as network congestions, drop calls, upgrades to network

coverage, etc., to ensure better quality network and service delivery.

Operating procedures with appropriate incident escalation procedures

and adequate disaster recovery plans are in place at each OpCo to

ensure seamless business continuity. In addition, the Group maintains a

global insurance programme to mitigate business losses.