9.
Operational Risk
The Group relies on third party vendors in many aspects of our
business. As such, the Group’s operations may be affected as a result
of the non-performance of these vendors. In addition, the industry is
dominated by a few key vendors and any failure or refusal by the key
vendor to meet their agreed obligations may significantly affect our
core business and operations. Recognising this challenge, the Group
has established the Axiata Procurement Centre where one of its key
role is to monitor our relationships with strategic vendors and develop
new relationship to mitigate supply risks.
The reliability of the network infrastructure and systems in each OpCo
is crucial in ensuring the delivery of high quality services to customers.
Some of the countries which the Group operates in are susceptible
to natural catastrophes such as typhoons, floods, earthquakes and
volcanic eruptions. There are also other man-made events such as
sabotage, and blackouts which are beyond the Group’s control. Such
incidents could adversely affect our facilities as well as potentially
cause death and injury to our personnel. This may significantly disrupt
operations and hence adversely affect our ability to deliver services to
our customers.
Cognisant of the risks, the Group continues to evaluate and ensure
robust operating procedures with appropriate incident escalation
procedures and adequate disaster recovery plans in place at each OpCo
to ensure seamless business continuity. The Group has also taken steps
to maintain best in class operations through continuous maintenance
and upgrades in its efforts to enhance security and service delivery and
hence, providing superior quality of service and customer experience.
In addition, the Group maintains a global insurance programme to
further mitigate business losses.
A key element of the Group’s strategy is to leverage on the financial,
strategic and operational synergies arising from the consolidation
of the mobile businesses of its key subsidiaries. Any interruption or
delay of those subsidiaries in achieving their strategic and operational
objectives will have adverse effect on the operations of Axiata’s and
the results of operations of the Group.
10. Cyber Risk
Cyber terrorism and hacks have become a significant and common
threat globally. As the Group relies heavily on information technology,
the Group seeks to protect the privacy of our customers as well as
company confidential information stored within our network and
systems infrastructure. A successful cyber-attack will undermine
customer’s confidence towards the Group and may materially impact
our businesses and tarnishing the Group’s reputation. The Group may
also be subjected to regulatory financial penalties and legal actions as
a result of these leakages. The Group has in place security policies,
procedures, technologies and tools to minimise the risk of a security
breach as well as timely response in the event of an attack, to minimise
the impact.
11. Governance & Integrity Risk
The Group strives to maintain a high ethical standards and corporate
governance to ensure that our stakeholders’ interests are protected
whilst complying with the relevant regulatory requirements. We
believe that sound corporate governance is a key success factor when
conducting business in a global, highly competitive and changing
market. The Group’s Code of Conduct sets out rules and guidelines
on how personnel acting for or on behalf of the Group are expected
to conduct business. The Group will continue its focus on maintaining
and further developing the strong ethical platform and corporate
governance standard to support Axiata’s business integrity and
continuing strong performance.
STATEMENT ON RISK MANAGEMENT
AND INTERNAL CONTROL
axiata group berhad | annual report 2015
082
