Internal Controls and Risk Management Systems

(1) An issuer should have adequate and effective systems of internal controls (including financial, operational, compliance and information technology controls) and risk management systems. The audit committee may commission an independent audit on internal controls and risk management systems for its assurance, or where it is not satisfied with the systems of internal controls and risk management. In arriving at the decision, the audit committee should consider the recommendation of the continuing sponsor.

Suspected Fraud or Irregularity

(2) If the audit committee of an issuer becomes aware of any suspected fraud or irregularity, or suspected infringement of any Singapore laws or regulations or rules of the Exchange or any other regulatory authority in Singapore, which has or is likely to have a material impact on the issuer's operating results or financial position, the audit committee must discuss such matter with the external auditor and, at appropriate times, report the matter to the board and to the sponsor. The sponsor should inform the Exchange where necessary.

Internal Audit

(3) An issuer must establish and maintain on an ongoing basis, an effective internal audit function that is adequately resourced and independent of the activities it audits.

Amended on 29 September 201129 September 2011 and 1 January 20191 January 2019.