104 CORPORATE GOVERNANCE & SUSTAINABILITY CORPORATE GOVERNANCE Accountability and Audit Financial Reporting The Board acknowledges its responsibility for: • the proper stewardship of the Company’s affairs, to ensure the integrity of financial information • preparing annual and interim financial statements and other related information that give a true and fair view of the Group’s affairs and of its results and cash flows for the relevant periods, in accordance with Hong Kong Financial Reporting Standards and the Hong Kong Companies Ordinance • selecting appropriate accounting policies and ensuring that these are consistently applied • making judgements and estimates that are prudent and reasonable • ensuring that the application of the going concern assumption is appropriate Risk Management and Internal Control The Board acknowledges its responsibility to establish, maintain and review the effectiveness of the Group’s risk management and internal control systems. This responsibility is primarily fulfilled on its behalf by the Audit Committee as discussed on pages 105 to 106. The foundation of strong risk management and internal control systems is dependent on the ethics and culture of the organisation, the quality and competence of its personnel, the direction provided by the Board, and the effectiveness of management. Since profits are, in part, the reward for successful risk taking in business, the risk management and internal control systems are designed to manage rather than eliminate the risk of failure to achieve business objectives and can only provide reasonable and not absolute assurance against material misstatement or loss. The key components of the Group’s control structure are as follows: Culture: The Board believes that good corporate governance reflects the culture of an organisation. This is more significant than any written procedures. The Company aims at all times to act ethically and with integrity, and to instill this behaviour in all its employees by example from the Board down. The Company has a Corporate Code of Conduct, which is posted on its website. The Company is committed to developing and maintaining high professional and ethical standards. These are reflected in the rigorous selection process and career development plans for all employees. The organisation prides itself on being a long-term employer which instills in individuals, as they progress through the Group, a thorough understanding of the Company’s ways of thinking and acting. Channels of communication are clearly established, allowing employees a means of communicating their views upwards with a willingness on the part of more senior personnel to listen. Employees are aware that, whenever the unexpected occurs, attention should be given not only to the event itself, but also to determining the cause. Through the Company’s Corporate Code of Conduct, employees are encouraged (and instructed as to how) to report control deficiencies or suspicions of impropriety to those who are in a position to take necessary action. The Company has a Whistleblowing Policy and system for employees and those who deal with the Group to raise concerns, in confidence and with anonymity, where desired, about actual or suspected cases of impropriety in any matter related to the Group. The policy is available on the Company’s website. The Company has an Anti-Bribery and Corruption Policy which sets out the Company’s policy and systems that promote and support compliance with applicable anti- bribery and corruption laws and regulations, and enhances the provisions relating to bribery and corruption in the Company’s Corporate Code of Conduct. The policy is available on the Company’s website. Risk assessment: The Board of Directors and the management each have a responsibility to identify and analyse the risks underlying the achievement of business objectives, and to determine how such risks should be managed and mitigated. The Company has implemented the three lines of defence model of risk governance which is designed to minimise conflicts of interest and ensure independent oversight of risk management. Details of the three lines of defence model are set out in the section of this annual report headed Risk Management.