Why this is material
Responsible business conduct ensures the long-term viability of our businesses by building trust and confidence with our stakeholders. Our businesses operate in highly regulated environments where non-compliance may subject us to statutory and regulatory fines or sanctions, and could result in the loss of our licence to operate.

Our approach
We are committed to high standards of behaviour and integrity in everything we do and expect the same from those whom we do business with. We seek to ensure that we comply with all legal and statutory requirements, and have zero tolerance for fraud, bribery and corruption.

We adopt various measures that aid in deterring non-compliance. These include annual mandatory training on the Code of Conduct and key policies, periodic review of the risks, controls, systems, procedures, know-your-counterpartyscreening and due diligence on key counterparties prior to contracting. We also leverage data analytics to identify any trends and anomalies that may require further action.

Ethical business and compliance falls under the oversight of our general counsel, supported by the Group Ethics and Compliance division. Ethics and compliance matters are reported quarterly to the senior leadership council. The Group Integrated Audit division provides independent assurance to the senior leadership council and the board’s Audit Committee on the reliability, adequacy and effectiveness of our internal controls system, risk management, governance framework and processes.

All employees are required to comply with the principles and requirements of our Code of Conduct. Performance incentives for all employees are linked to the completion of mandatory compliance training.

Why this is material
The global energy transition towards decarbonization has led to significant risks and business model disruptions. As a diverse company with a global presence, we are exposed to various risks and threats.

Our approach
We manage risk through our Group Integrated Assurance Framework (IAF). Our risk management strategy and the IAF are set in place by our board of directors and supported by the board’s Risk Committee and Audit Committee. Oversight of risk management within the Group’s listed entities lies with their respective boards.

Please refer to the Sustainability Governance section of the Sustainability Report for more details on our governance structure.

The board’s Risk Committee reviews and enhances the effectiveness of the Group’s IAF, including its risk management plans, systems, processes and procedures. It also regularly reviews group-wide risks including significant risk exposures as well as corresponding risk mitigation plans.

Risk Appetite Framework
The board has determined a risk appetite framework which guides the board and management in the execution of our strategy and objectives. Under this framework, the board has approved risk appetite statements with respect to economic, environmental, social and governance areas, in line with our material issues for the management and reporting of our overall sustainability performance. Our risk appetite statements are also supported by key risk indicators, which are monitored and reported to the board’s Risk Committee on an ongoing basis.

Enterprise Risk Management
The Group is committed to ensuring effective enterprise risk management (ERM) through the IAF. The IAF sets out a systematic and structured approach towards risk management. It seeks to safeguard our people and assets, protect shareholders’ interests, facilitate informed decision-making for value creation, and ultimately enhance our brand and reputation.

The IAF incorporates various industry risk management standards, such as ISO 31000 and the Enterprise Risk Management – Integrated Framework of the Committee of Sponsoring Organizations of the Treadway Commission.

The Group has a whistle-blowing policy that sets out avenues for legitimate concerns to be objectively investigated and addressed. This policy and the communication channels are communicated across the organisation. Employees and third parties including suppliers and customers can use this channel to raise concerns about possible fraud, financial and / or other non-financial improprieties and irregularities that may adversely affect the company, in confidence. The Group will use reasonable endeavours to protect employees who whistle-blow in good faith and persons involved in the investigations, against detrimental actions. Cases will be investigated and reported to the board’s Audit Committee.

If the outcome results in a proven case of wrongdoing or malpractice, disciplinary action, including loss recovery, shall be instituted against the related employees in accordance with the company’s policy.

The Group Integrated Audit division provides independent assurance to the board’s Risk Committee and Audit Committee on the adequacy and effectiveness of our risk management, financial reporting processes, and internal control and compliance systems.

For details of our risk appetite framework and enterprise risk management, please refer to the Risk Management section of our Sustainability Report.