138
PERENNIAL REAL ESTATE HOLDINGS LIMITED
Annual Report 2015
CORPORATE GOVERNANCE
The key elements of Perennial’s system of controls to
manage financial, operational, compliance and IT risks
are as follows:
A. Policies and Governance
Perennial has a well-defined operating structure
with clearly established lines of responsibility and
delegated authority, as well as proper reporting
mechanisms to both the Management and the
Board, thus providing good visibility on the
control measures adopted by Perennial.
Internal controls are detailed in formal and clearly
stipulated procedures, policies and manuals.
Such policies and procedures govern financial,
operational and compliance matters, and are
reviewed and updated periodically. Perennial’s
internal audit function verifies compliance with
these internal controls. Perennial’s Employee
Code of Conduct identifies values and practices
which all employees of Perennial are expected to
adhere to.
B. Financial and Management Reporting
Management reviews on a monthly basis the
performance of each asset to instill a high level of
financial and operational discipline within
Perennial. Key financial risks (such as liquidity
risk) which Perennial is exposed to, are managed
by a centralised finance and treasury function for
effective and coordinated oversight.
The Board is regularly updated on Perennial’s
performance through the provision of operational
and financial reports. These reports provide
explanations for significant variances of financial
performance. Where relevant, these financial
reports are also supplemented with additional
information to highlight key operational and
financial performance indicators.
Perennial’s financial results are reported to the
Shareholders on a quarterly basis, in accordance
with the requirements of the SGX-ST. These
results announcements provide analyses of
significant variances in financial performance.
Detailed disclosure and analyses of the full year
financial performance of Perennial are covered in
the Annual Report.
C. Information Technology Management
The Management has established the mandate
that it is the responsibility of every employee to
understand as well as to pre-empt and manage IT
risks in the course of their employment.
In governing IT-related risks, Management has put
in place a process to manage IT security and data
recovery risks. A suite of protection systems
against IT security vulnerabilities, such as hacking
and cyber-attack incidents, have also been
implemented. In addition, Perennial’s IT
infrastructure is equipped with firewall protection,
including intrusion prevention systems, application
control, web-filtering and gateway anti-virus, email
security gateway and endpoint security, including
anti-virus and anti-malware software.
To provide assurance on IT compliance, annual
internal audits are conducted on the IT
processes and systems. Any potential risks or
lapses identified are highlighted to the
Management, the ARC and the Board for
necessary actions and further monitoring.
D. Fraud Risk Management
The Management and the Board take a serious
view on promoting an anti-fraud culture. Non-
compliance with Perennial’s policies, procedures
and Employee Code of Conduct are strictly dealt
with. Anti-fraud controls such as segregation of
duties, access controls, new vendor evaluations
and appropriate key performance indicators are
implemented and vigorously observed. Internal
audits are also regularly carried out to
independently evaluate the design and operating
effectiveness of these anti-fraud controls.
A Whistle-blowing policy and its reporting channel
have been established for employees and
external parties to report on probable
improprieties and suspected wrongful activities
without fear of reprisal. Please refer to details set
out below on the “Whistle-blowing Programme”
in pages 140 to 141 of this report.
