•
Information Technology (IT)
The Corporate IT Policy continues to be a focus item. The
Board recognizes the importance of a well-formulated IT
strategy, architecture and implementation. The Group IT
team in the Technology Division continued to focus on the
ongoing improvement programmes and to implement a
holistic IT strategy. IT standardization has been a key focus
area and in this regard the Global Price Books (GPBs) for
various categories of IT Infra – Server, Storage and Storage
Virtualization have been established across the group
jointly by Group IT, OpCos IT, Group Procurement and
OpCos Procurement. Further progress has been made by all
OpCos in the key areas identified as part of IT architecture
blueprint, in-line with the targeted future state architecture.
Enterprise Resource Planning (ERP) had been identified as
another potential area towards standardisation at group
level and EZBuy, a new end-to-end e-Procurement tool
across the Group has been introduced to deliver a user
friendly, automated way of buying the goods and services.
Another area of focus for the year was Cyber Security and
to enhance the capability to monitor the cyber threats
proactively. Dialog has already established a Cyber Security
Operations Center (CSOC) in this regard and pre-work has
been done to establish a group wide CSOC for all other
OpCos and this will be in place within 2016.
3.3 Regulatory and Compliance
•
Group Regulatory Affairs (GRA)
The approach used is to pro-actively shape the landscape
(external environment) at each OpCo market thus enabling
proper and effective management of regulatory issues
confronting the OpCos. The regulatory issues are those
identified and monitored via regular reviews of the Group’s
risk matrix and managed as part of the Enterprise Risk
Management process.
This approach encompasses:
1.
Regulatory Strategy:
a.
Constant monitoring of regulatory developments
and identification of regulatory issues for each OpCo
based on issues of highest strategic, financial and/or
reputational impact;
b.
Periodic review of national OpCo annual regulatory
strategies which addresses these issues. This would
translate into an advocacy plan engaging regulators
and other authorities through formal and informal
submissions and where appropriate, joint advocacy
with international partners such as GSMA; and
c.
Development of group-wide positions on key issues
such as availability of new spectrum bands, review of
spectrum strategy, same service same rules for ‘Over-
The-Top’ (OTT) providers, net neutrality, competition
and the ASEAN Digital Revolution Framework.
2.
Stakeholder Engagement:
a.
Engagement plan covering key government and
political stakeholders in each OpCo market including
key agencies such as the National Regulatory Agencies
with effective messages based on the regulatory
strategy; and
b.
Engagement plan covering international and regional
regulatory bodies, inter-governmental agencies and
trade bodies with effective messages based on the
regulatory strategy.
3.
Regulatory Compliance Framework:
a.
Forms an essential part of the Corporate Governance
Framework of the Group and states the principles
and the tone by which regulatory compliance is to be
approached and implemented;
b.
Objectives of the Regulatory Compliance Framework:
i.
Set baseline expectation in relation to regulatory
compliance;
ii.
Place Axiata and OpCos in the best position to
comply with regulatory obligations;
iii.
Manage exposure to unacceptable compliance
risk; and
iv.
Avoid surprises on regulatory compliance and
action from regulatory authorities.
In addition, GRA constantly embarks on ensuring a
group-wide baseline of best practice regulatory skills and
knowledge, through the development of industry collaterals,
position papers and regular capacity building programmes.
The Group Regulatory Policy outlined in the Group Policy
document provides guidance and establishes internal
policies and procedures that attempt to manage the risk
and impact of adverse regulatory decisions. Underpinning
the Group Regulatory Policy is the understanding that the
Group shall comply with all applicable laws and regulations,
regulatory obligations and governmental policies in the
jurisdictions in which it operates, and that regulatory advice
should be obtained in an efficient and cost effective manner
as and when required.
It should be noted that the regulatory risks faced by
Axiata in most markets are typical of those faced by
communications operators in emerging markets, where
regulatory frameworks may be incomplete, there may
be insufficient consultation with stakeholders, or political
influence may materially affect the operations of mobile
markets. Current regulatory risks which affect Axiata in
multiple national communications markets include but
not limited to: spectrum refarming, availability of new
spectrum and associated acquisition costs, levels of sector-
specific taxation, quality of service, subscriber registration,
competition, level playing field challenges from ‘Over-The-
axiata group berhad | annual report 2015
079
