Risk Management and Internal Control

The Board has overall responsibility for maintaining and ensuring effective implementation of the risk management and internal control systems of the Group and reviewing their effectiveness through the Audit Committee to safeguard the shareholders’ interest and the Company’s assets. However, these systems are designed to manage rather than eliminate risk of failure in operational system, and can only provide reasonable but not absolute assurance against material misstatement or loss.
The Group has implemented an effective internal control system which includes a defined management structure with clear lines of responsibility and limits of authority, proper procedures for income and expenditure, monthly review by the Executive Directors of operational and financial reports provided by the management, regular business meetings between the Executive Directors and the core management team and periodic review of the Group’s financial results by the Board.
The Board, through the Audit Committee, reviews regularly the effectiveness and adequacy of the Group’s internal control system which includes financial, operational and compliance mechanisms and risk management functions in order to identify, evaluate and manage risks and take appropriate measures to avoid or mitigate those risks that could adversely impact the Group’s business activities. The review also includes the adequacy of resources, qualifications and experience of staff of the Company’s accounting and financial reporting function, and their training programmes and budget. The review process consists of, amongst other matters, assessment and implementation of material control issues identified by an independent external auditor during statutory audit.
During the year 2019, the Company has engaged an independent consultant to perform an internal audit review for the Group. The review included making enquiries with appropriate management and key process owners and performing walkthrough tests to identify the major risks and significant deficiencies, and making recommendations for improving and strengthening the internal control system to the Audit Committee for approval. In 2019, no material issues on the Group’s internal control system have been identified in the reviewed areas and reported to the Audit Committee. The independent consultant also performed follow-up review on the remedial actions undertaken by the management of the Group on the control deficiencies identified during the course of the internal audit review conducted in 2018. The Board considered that the risk management and internal control system was adequate and effective.
Procedures and Internal Controls for Handling and Dissemination of Inside Information

The Group acknowledges its responsibilities under the Securities and Futures Ordinance (Chapter 571 of the Laws of Hong Kong) and the Rules Governing the Listing of Securities on The Stock Exchange of Hong Kong Limited (the "Listing Rules") and the overriding principle that inside information should be announced immediately when it is the subject of a decision. The procedures and internal controls for the handling and dissemination of inside information are as follows:
  1. the Group conducts its affairs with close regard to the disclosure requirement under the Listing Rules as well as the “Guidelines on Disclosure of Inside Information” published by the Securities and Futures Commission of Hong Kong in June 2012;
  2. the Group regulates the handling and dissemination of inside information to ensure inside information remains confidential until the disclosure of such information is appropriately approved and the dissemination of such information is efficiently and consistently made;
  3. the Group strictly prohibits unauthorised use of confidential or inside information;
  4. the Group has also implemented procedures to guard against possible mishandling of inside information within the Group including pre-clearance on dealing in the securities of the Company by designated Directors and notification of regular blackout period and securities dealing restrictions to Directors and relevant employees; and
  5. the Group keeps the Directors and employees appraised of the latest regulatory updates on disclosure requirements of inside information.