The Company implements an Internal Control System based on Standard Operating Procedures (SOP) referring to a model developed by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). The Company’s Internal Control System SOP aims to ensure the effectiveness and efficiency of business activities, reliability of financial reports, asset security, and compliance with the laws and regulations. The Internal Control System plays an important role in preventing and detecting fraud and protecting the Company’s both tangible and intangible resources.

Implementation and Assessment of Internal Control System in 2022

Internal Control is a process designed and executed by the Board of Commissioners, Board of Directors and other management members. The Board of Directors ensures that the internal control and risk management functions are available and implemented in all the Company’s aspects and levels. To assess the design and effectiveness of the Internal Control implementation, the Board of Directors is supported by Internal Audit Unit, which coordinates with the Audit Committee, to ensure that the implementation of the Internal Control System is in accordance with the Company’s goals and objectives.

Throughout the fiscal year 2022, the Internal Audit Unit audited the Company and its subsidiaries according to the plan (Audit Planned) in terms of operational and compliance audits.

The Board of Commissioners and Board of Directors believe that the current Internal Control System has met the standards to ensure a level of effectiveness, efficiency, reliability, security and compliance with the regulations. In dealing with various internal and external changes, the Company is ready to make improvements to ensure the availability of an Internal Control System based on the Company’s business development.

Evaluation of Internal Control System Implementation in 2022

Implementation of a reliable and effective internal control system in the Company is the responsibility of all supporting work units and the Internal Audit Unit. Several matters that shall be considered in internal control system implementation are as follows:

  1. The Company has implemented an effective internal control system in the Company’s Risk Management practice by referring to the stipulated policies and procedures.
  2. Internal control system in the Risk Management implementation at least includes:
    • Conformity between the internal control system and the type and level of risk inherent in the Company’s business activities;
    • Determination of authority and responsibility to oversee compliance with policies, procedures and limits;
    • Determination of reporting lines and clear separation of functions from operational work units to the units that perform the internal control functions;
    • Organization structure that clearly describes duties and responsibilities of each work unit and individually;
    • Accurate and on-time financial and operational activities reporting;
    • Adequacy of procedures to ensure the Company’s compliance with prevailing laws and regulations;
    • Effective, independent and objective review of the Company’s operational policies, framework and procedures;
    • Sufficient testing and review of management information systems;
    • Complete and adequate documentation of the audit scope, operational procedures, findings, and the responses of the Company’s management based on the audit results;
    • Periodic and continuous verification and review of the Company’s material weaknesses follow-up and the actions taken by the Company’s management to improve the occurred deviations.

Improvements in the internal audit findings shall be monitored by the Company’s internal audit work unit. The audit findings that have not been followed up shall be informed by the Company’s Internal Audit Unit to the Board of Directors to take the necessary plans.