Sembcorp’s risk management frameworks and internal controls safeguard our people and assets and protect and enhance shareholder value.

Managing risk is an integral part of our business activities and is performed to create value for the Group.

The Group manages risk under an overall strategy determined by the board of directors and supported by the board’s Risk Committee and Audit Committee. The Risk Committee reviews and enhances the effectiveness of the Group’s risk management and health, safety and environment (HSE) plans, systems, processes and procedures. It also regularly reviews group-wide risk and HSE policies, guidelines and limits, as well as significant risk exposures relating to foreign exchange rates, commodity prices and major investment projects and corresponding risk mitigation plans. Oversight responsibility for risk management within the Group’s listed entities lies with their respective boards.


The Group is committed to ensuring that we have an effective and practical enterprise risk management (ERM) framework in place to safeguard our people and assets, protect shareholders’ interests, make informed decisions for intrinsic value creation and ultimately uphold and enhance our brand and reputation amongst our stakeholders. In designing our ERM framework, the Group has adapted and made reference to various industry risk management standards, such as ISO 31000 and the COSO framework, to ensure that we are in line with best practice. To sustain a successful ERM programme, we believe in having the right processes and tools, as well as instilling and embedding the right risk awareness culture. Our ERM framework specifically sets out a systematic and structured approach towards risk management through the following activities:

  • Awareness trainings and workshops
  • Risk identification and assessment
  • Formulation of key risk management strategies
  • Design and implementation of risk mitigation controls (preventive, detective and
        responsive controls)
  • Monitoring and timely reporting of risk management performance and risk exposure levels
  • Continuous improvement of risk management mitigation measures and capabilities

  • Our ERM framework is supported by the following key pillars:

    a.   Fraud risk management
    b.   Operational risk management
    c.   Financial, market and credit risk management
    d.   Investment risk management

    a.  Fraud Risk Management

    The risk of fraud is an inherent risk within any organisation. To manage this, the Group has established a fraud risk management policy which was approved by the board’s Risk Committee. The fraud risk management policy provides a framework and comprehensive guidance on anti-fraud measures to pro-actively manage the risk of fraud, bribery and corruption. All subsidiaries are required to have a fraud control plan in place and we actively influence and encourage our joint ventures and associates to adopt our fraud risk management framework. The Group adopts a zero tolerance policy on fraud, which we take to include corruption and bribery, and this policy stance is regularly communicated
    to employees.

    The following key activities and complementary policies and procedures are part of our holistic approach towards fraud risk management and also address the risk of bribery and corruption:

    Preventive anti-fraud measures

  • Employee code of conduct
  • Conflict of interest policy
  • Corporate gift policy
  • Fraud risk assessments
  • Employee and third party due diligence

  • Detective anti-fraud measures

  • Whistle-blowing policy
  • Forensic data analysis
  • Compliance and monitoring
  • Pre-employment screening

  • Responsive anti-fraud measures

  • Fraud reporting procedures
  • Fraud investigation procedures
  • Grievance handling procedures

  • Whistle-blowing policy

    Since 2005, Sembcorp has maintained a whistle-blowing policy and procedure which provides employees with well-defined and accessible channels within the Group through which they may, in confidence, raise concerns about possible improprieties in the conduct of business activities, financial reporting or other matters to the Audit Committee. This arrangement facilitates independent investigation of such matters for appropriate resolution. The policy is communicated to all employees and is subject to review on a regular basis.

    Employees are encouraged to report suspected wrongdoing, in confidence and without fear of reprisal, in relation to the following:

  • Mail or wire fraud, bank fraud, or fraudulent acts
  • Violations of laws, rules or regulations applicable to the company and related to accounting, internal     accounting controls and auditing matters
  • Intentional error or fraud in the preparation, review or audit of any financial statement of
        the company
  • Significant deficiencies in or intentional non-compliance with the company’s internal accounting
  • Any reportable conduct, defined to mean anyone of the following:
  • –    Unlawful, unethical, corrupt or improper conduct
    –   Conduct that is in breach of any policy of the company
    –   Misuse of funds or assets of the company
    –   Conduct that jeopardises the safety of the company’s employees, the environment in which they are working, or the public
    –   Abuse of authority
    –   Any other conduct which may cause financial or non-financial loss to the company or damage to the company’s reputation
    –   Suppression or concealment of any information relating to any of the above types of actions
    –   Acts to mislead, deceive, manipulate, coerce or fraudulently influence any internal or external accountant or auditor in connection with the preparation, examination, audit or review of any financial statement or record of the company or the Group
    –   Criminal acts, including theft, the sale or use of drugs, money laundering, violence or threatened violence and criminal damage against property
    –   Detrimental actions taken in reprisal against a whistle-blower

    A whistle-blower may submit his / her allegations or concerns either by telephone, email or through other written forms or existing communication channels. The company will protect the confidentiality and anonymity of the whistle-blower. The whistle-blowing case will be received by the head of Group Internal Audit and an investigation will be conducted in compliance with the requirements set out in the company’s whistle-blowing policy. If an employee who uses whistle-blowing channels is found to have wilfully done so in bad faith, disciplinary action will be taken against him / her. A copy of our whistle-blowing policy is available on our company website, www.sembcorp.com.

    b.  Operational Risk Management

    Crisis management and business continuity

    With operations extending across the globe, the Group monitors for emerging threats that may disrupt its operations, and formulates and updates its strategies and mitigation measures accordingly. Focus is placed on establishing a robust and effective crisis management framework that is relevant to the current business environment and risk landscape, and on improving existing emergency response protocols and business continuity plans across our business entities to strengthen operational readiness. Crisis communication procedures are also embedded as part of the Group’s crisis management framework. The Group’s crisis management, emergency response and business continuity procedures and plans are regularly tested and fine-tuned to ensure that the Group can respond effectively to crises and emergencies. The Group also addresses crises and emergencies through the implementation of appropriate prevention, preparedness, response and recovery programmes. In addition, the Group adopts key standards and practices set out by ISO 22301:2012 under Societal Security – Business Continuity Management Systems – Requirements and by SS540 Singapore Standard for Business Continuity Management. This approach enables us to build resilience and enhance our capability in managing and responding to emergencies. It also helps to minimise the impact of incidents on people and the environment, prevent loss of assets and mitigate disruption to business operations while safeguarding the company’s reputation.

    Health, Safety and Environment

    The Group HSE department is guided by our Group President & CEO and the board-level Risk Committee, reflecting the high priority accorded to HSE issues at Sembcorp. The department has formalised a Group HSE management system and promotes global HSE efforts to ensure effective and timely management of HSE issues across the Group. This management system is aligned with ISO 14001 and OHSAS 18001 standards and provides guidance to business units in actively managing HSE risks associated with our activities and services in a systematic manner. For more information on the company’s HSE management, please refer here.


    The Group actively reviews its insurable and uninsurable risks, and identifies comprehensive and cost-effective risk management tools to manage such risks. As a risk transfer mechanism, the Group has purchased a comprehensive set of insurance policies to protect itself against financial loss resulting from property damage, machinery breakdown, business interruption and general liability. The Group has also engaged a panel of top-tier insurance consultants to leverage their technical expertise and resources to negotiate for competitive pricing and comprehensive coverage with commercial insurance companies. To balance the cost of risk transfer, the Group focuses on insuring catastrophic events while maintaining its emphasis on improving internal controls over operations and maintenance. Sembcorp Captive Insurance, a wholly-owned captive insurance subsidiary, provides first layer coverage against property damage and business interruption losses for the Group’s operations in Singapore and on the Wilton International site in the UK. Sembcorp Captive Insurance serves not only as an internal risk transfer mechanism, but also showcases the efforts of the Group in promoting greater accountability and responsibility in the operations and maintenance of each business unit. Over the years, Sembcorp Captive Insurance has successfully built up a strong capital surplus, allowing it to extend its insurance reach to other operations and broaden its scope of coverage.

    c.   Financial, Market and Credit Risk Management

    The Group actively manages its financial, market and credit risk exposure with respect to foreign exchange rates, commodity prices and interest rates via established policies, including the Group’s treasury policies, financial authority limits and system of financial discipline. These policies set out the parameters for management of the Group’s exposure to counterparty, liquidity, foreign exchange and other material transaction risks.

    Financial and market risk

    The Group defines and utilises approved financial instruments to manage exposure to foreign exchange, commodity prices and interest rate fluctuations arising from operational, financing and investment activities. The commodities include fuel oil, coal and natural gas. Transactions such as foreign exchange forwards, interest rate swaps, commodities swaps, purchase of options and contracts for differences are used to manage these risks as appropriate. Under the Group’s overall treasury policy, transactions for speculative purposes are strictly not allowed. Transactions are allowed only for hedging purposes based on the underlying business and operating requirements. Exposure to foreign currency risk is also hedged naturally where possible. In addition, the Group has financial authority limits, which seek to limit and mitigate operational risk by setting out the threshold of approvals required for entering into contractual obligations and investments.

    Default and credit risks

    Default and credit risks arise when counterparties fail to fulfill their contractual obligations. The Group generally deals with counterparties with satisfactory creditworthiness and this is achieved by evaluating and monitoring default and credit risks of trade customers, suppliers, contractors, off-takers, joint venture partners and financial institutions. Credit evaluations are performed on counterparties from time to time based on an appropriate methodology. On a case-by-case basis, additional securities and shorter payment terms will be required as risk mitigation measures when dealing with counterparties of weaker credit standing. The Group also reviews material concentration risk with individual counterparties or geographically.

    d.  Investment Risk Management

    To ensure that the necessary prudence is exercised in all investment decisions, the Group has in place an investment approval process whereby a disciplined approach is taken to review the key risks and opportunities presented by potential investments. As part of our investment approval process, all new investments and transactions are reviewed by a cross-functional project team that provides risk assessments, mitigation measures and recommendations to the respective authorised persons for approval in accordance with applicable financial authority limits.

    In addition, to ensure that Sembcorp maintains appropriate diversification across different geographies, the Group has put in place a country risk framework to monitor and report its investment exposure globally. Countries are classified into high, medium and low risk categories based on their macroeconomic and sovereign risks, political and corruption risks, regulatory and transfer risks, as well as social and environmental risks. Furthermore, our investment exposure under each country is regularly reported to the board’s Risk Committee. This framework also defines limits that have been approved by the board and stipulates that any deviation from these country limits requires board approval according to a set procedure. In reviewing any request for deviations from the country limits, the board will consider the key risk drivers at hand, in terms of investment size, duration and economic life of the project, as well as the level of residual risk after the implementation of mitigation plans.

    With this country risk framework, the board has currently set the limit of the Group’s investment exposure in countries deemed to be of high and medium risk to be no more than 65% of its total investment exposure, and has also set appropriate single country limits to prevent concentration risk.

    As at December 31, 2014, the countries outside of Singapore in which the Group (excluding the Marine business) holds the largest shareholders’ invested capital are China (S$1.1 billion), the UK (S$711 million) and India (S$534 million).


    The Group adopts a governance assurance framework that is integrated with its ERM framework, under which a logical and systematic approach is used to identify, analyse, treat and monitor key risks. The effectiveness of key controls is rated, and the rationale for ratings documented, to enable management to better identify and manage key control gaps or weaknesses.

    Sembcorp’s governance assurance framework comprises four lines of defence to manage key risks identified:

    i.  Business Governance / Policy Management

    As a first line of defence, business units establish a risk management and control environment in their day-to-day operations and operate within the parameters of policies established for operational and financial governance. Group governance and functional policies are developed to communicate corporate governance culture and to set principles and guidelines for business operations. Business units, in turn, develop operating procedures and manuals aligned with the Group’s governance policies to operate effectively and efficiently and to ensure legal, regulatory and contractual compliance.

    ii.   Management Assurance

    The second line of defence is a system of self-review and assessment by the management of the Group’s key businesses. This system of financial discipline is a comprehensive compliance self-review process to ensure that transactions are in compliance with Singapore accounting standards, and that internal controls are adequate and effective. Fines and sanctions arising from non-compliance to laws and regulations are also reported. In addition, an annual self-assessment is conducted by key businesses, under which significant risk areas are assessed, mitigating controls are reviewed for effectiveness and action plans are identified to further address key areas of risk.

    iii.   Independent Assurance

    Reviews by internal auditors of our system of internal controls provide independent assurance on the adequacy and effectiveness of these controls in addressing the financial, operational and compliance risks of the company. In the course of performing the full-year audit, our external auditors also consider internal controls relevant to the preparation of financial statements that give a true and fair view in order to design the appropriate audit procedures.

    Internal Audit

    The Group Internal Audit department assists the board’s Audit Committee in promoting a sound system of internal controls and good corporate governance across the Group. Using a risk-based methodology, our internal auditors perform periodic audits to assess the effectiveness of the Group’s internal controls in addressing financial, operational and compliance risks, as well as our information technology controls and risk management system. For more information on the company’s independent internal audit function, please refer to the Corporate Governance Statement.

    iv.   Board Oversight

    The board and its Audit Committee endorse Sembcorp’s governance assurance framework and provide oversight on the effectiveness of internal controls and risk management processes.