Who Govern Us

From Left to Right:

  • FAISAL @ PISAL ABDUL GHANI [Non-Independent Non-Executive Alternate Director]
  • SAHERAN SUHENDRAN [Independent Non-Executive Director]
  • BALASINGHAM A. NAMASIWAYAM [Independent Non-Executive Director]
  • DATUK ZALEKHA HASSAN [Senior Independent Director]
  • DR FARID MOHAMED SANI [Non-Independent Non-Executive Director]
  • DATO’ ASRI HAMIDIN @ HAMIDON [Non-Independent Non-Executive Director]
  • DATO’ MOHD NAIM DARUWISH [Non-Independent Non-Executive Director]
  • ROSLI MAN [Non-Independent Non-Executive Chairman]
  • GEE SIEW YOONG [Independent Non-Executive Director]
  • TUNKU AFWIDA TUNKU DATO’ A.MALEK [Independent Non-Executive Director]
  • HISHAM ZAINAL MOKHTAR [Independent Non-Executive Director]
  • HAMIZAH ABIDIN [Group Company Secretary]
  • ZAITON AHMAD [Joint Secretary]

Profile of Company Secretaries

FAISAL @ PISAL ABDUL GHANI
Non-Independent Non-Executive Alternate Director
Malaysian / 40 / Male
Date of Appointment:
  • 31 December 2018
Date of Last Re-election:
  • Not Applicable
Qualification
  • Master of Public Administration from University of Alabama, Birmingham, USA
  • Bachelor of Business Administration (Finance) from Universiti Tenaga Nasional (UNITEN)
  • Diploma in Public Administration from INTAN
Working Experience:

Faisal began his civil service career in February 2004 in the MOF as an Assistant Secretary. He was later promoted as Senior Assistant Secretary in 2006, in the Investment, MOF Inc. and Privatisation Division. He then served as a Principal Assistant Secretary in the GIC Division, MOF, in 2015 and in June 2016 was appointed the Section Head for Energy, Utilities and Technologies, a position he currently held to date.

In June 2018, he was appointed member of an Executive Committee of Suria Strategic Energy Resources Sdn Bhd, a MOF subsidiary. Faisal also serves as director in private companies under the purview of MOF, among others PDX.com Sdn Bhd and Northern Gateway Sdn Bhd.

Directorship
Listed Issuers:
  • Telekom Malaysia Berhad
Public Companies:
  • Nil
Board Committee:
  • Alternate member to Dato’ Asri Hamidin @ Hamidon in BTC and BIC
Attendance at Board Meeting in 2018

Nil (No meeting held since his appointment during the year)

Other Information

Alternate Director to Dato’ Asri Hamidin @ Hamidon, Non-Executive Director nominated by MOF Inc.

HAMIZAH ABIDIN
Group Company Secretary
Malaysian / 48 / Female
Qualification
  • Bachelor of Law (Hons) from International Islamic University of Malaysia
  • Licenced Company Secretary since December 1998
Working Experience:

Hamizah started her career in private legal practice and was a qualified advocate and solicitor of the High Court of Malaya. She subsequently joined TM as an Assistant Company Secretary in 1996 and promoted to Assistant General Manager in 2007. She was appointed as Joint Secretary on 15 July 2011 and thereafter as General Manager of Company Secretarial Unit of Group Legal, Compliance and Company Secretarial Division in 2012. She was made the Group Company Secretary of TM effective 1 January 2017, heading the Group Company Secretarial Division of TM. Hamizah has more than 22 years corporate experience attending to company secretarial and compliance matters, due diligence exercises and special projects.

ZAITON AHMAD
Joint Secretary
Malaysian / 58 / Female
Qualification
  • Chartered Secretary of The Institute of Chartered Secretaries and Administrators (ICSA), UK
  • Associate member of the Malaysian Institute of Chartered Secretaries & Administrators (MAICSA) since 1993
Working Experience:

Zaiton started her career in a public listed company in 1984 and has over 35 years’ experience in corporate secretarial matters. She joined TM in 1991 as an Assistant Company Secretary and was named as one of the Joint Secretaries of TM in 1996. She became an Assistant General Manager in 2006 and remains as a Joint Secretary of TM and its Group of Companies.

ADDITIONAL INFORMATION OF THE BOARD OF DIRECTORS

Family Relationship
Save as disclosed, none of the Directors has any family relationship with any Director and/or major shareholder of TM.

Conviction for Offences
Save as disclosed, none of the Directors has any conviction for offences, other than traffic offences, for the past 5 years.

Conflict of Interests
Save as disclosed, none of the Directors has any conflict of interests with TM.

Public Sanction or Penalty
Save as disclosed, none of the Directors has any sanction or penalty imposed on them by any regulatory bodies during the financial year ended 31 December 2018.

Who Leads Us

From Left to Right:

  • Mohamad Mohamad Zain
  • Dato’ Mohd Rais Azhar
  • Rohaila Mohamed Basir
  • Moharmustaqeem Mohammed
  • Nor Fadhilah Mohd Ali
  • Imri Mokhtar
  • Dato’ Kairul Annuar Mohamed Zamzam
  • Ahmad Azhar Yahya
  • Ir Ts Azizi A Hadi
  • Izlyn Ramli
  • Hazimi Kassim
  • Mohd Farid Shah Mohd Basir
  • Amar Huzaimi Md Deris

Directors’ Statement on Risk Management and Internal Controls

Pursuant to Paragraph 15.26(b) of the Main Market Listing Requirements (Main LR) of Bursa Malaysia Securities Berhad (Bursa Securities), the Boards of listed companies are required to include in their annual report, a statement about the state of internal control of the listed issuer as a group. Accordingly, TM Board is pleased to provide the following statement that has been prepared in accordance with the Statement on Risk Management and Internal Control: Guidelines for Directors of Listed issuers endorsed by Bursa Securities which outlines the nature and scope of the risk management and internal control within TM Group during the financial year under review.

RESPONSIBILITY AND ACCOUNTABILITY

THE BOARD

The Board is responsible for the establishment as well as oversight of the Group’s risk management framework and internal control systems that are designed to manage the Group’s risk appetite within acceptable levels of tolerance as set by the Board and Management, rather than eliminate totally the risk of failure to achieve the Group’s goals and objectives in generating returns to shareholders. The Board periodically reviews the effectiveness and adequacy of the framework and systems by identifying, assessing, monitoring and communicating key business risks to safeguard shareholders’ investment and the Group’s assets.

The two (2) committees at the Board level that have primary risk management and internal control oversight responsibilities are:

RISK COMMITTEE (BRC)

The main responsibility of the BRC is to assist the Board in ensuring a sound and robust Enterprise Risk Management (ERM) framework and its implementation to enhance the Group’s corporate governance practices with focus on risk issues. The Terms of Reference (ToR) and main duties of the BRC in relation to risk management are incorporated in the Board Charter which is accessible on the Company’s official website at www.tm.com.my.

AUDIT COMMITTEE (BAC)

The main responsibility of the BAC is to assist the Board in assessing the effectiveness of the Group’s internal control structure and review of the financial reporting. BAC also reviews the adequacy and integrity of the Group’s internal control systems and management information systems, including compliance with applicable laws, rules, directives and guidelines through Group Internal Audit (GIA) function. The BAC’s ToR is stipulated in the Board Charter which is accessible in the Company’s website. The main duties of the BAC in assessing the adequacy and effectiveness of the internal control systems implementation within the Group are detailed in pages 143 and 144.

Other Board Committees such as the Nomination and Remuneration Committee, Tender Committee and Investment Committee are also established with clearly defined duties and responsibilities to oversee various key business activities involved within the Group. The Board acknowledges that it remains responsible for all the actions of the committees with regard to the execution of the delegated roles, including the outcome of the review and disclosure on key risks and internal control systems in this integrated annual report.

MANAGEMENT

Management is accountable to the Board and responsible for implementing the processes of identifying, evaluating, monitoring and reporting of risks and the effectiveness of internal control systems, taking appropriate and timely corrective actions as required. The Management has assured the Board that the Group’s risk management and internal control systems are operating adequately and effectively in all material aspects, based on the ERM framework and internal control systems adopted by the Group. In respect of risk management, Management has implemented the necessary processes to:

  • Identify and analyse the risk appetite relevant to the business and determine the level of risk tolerance towards the achievement of the Group’s objectives and strategies;
  • Design, implement and monitor the ERM framework in accordance with the Group’s strategic vision and overall risk appetite; and
  • Identify changes to risks or emerging risks, take appropriate actions and bring these promptly to the attention of the Board.

Statement of Internal Audit

GIA assists TM Group in achieving its business objectives by implementing a systematic and disciplined approach to evaluate and improve the effectiveness of risk management measures, controls and governance processes. GIA provides independent, objective assurance and consulting services designed to enhance and protect organisational value. The internal audit charter approved by the BAC defines GIA’s purpose, authority and responsibility.

GIA reports directly to the BAC to preserve its independence and objectivity, and ensure audit personnel are free from any relationships or conflicts of interest which could impair their objectivity and independence. The Chief Internal Auditor (CIA) has an administrative reporting line to the AGCEO which enables the requisite stature and authority of Internal Audit to fulfil its responsibilities.

BAC reviews and approves GIA’s audit plans, annual budget and human resources requirements to ensure resources with the right competencies are sufficient to carry audit functions aligned with the Group’s objectives. The CIA periodically reports on activities performed by GIA as well as key strategic and control issues observed to the BAC. In addition to the above, the BAC approves and periodically reviews GIA’s and the CIA’s performance to observe their progress and achievements.

GIA adopts the International Professional Practices Framework (IPPF)® inclusive of the mandatory elements – Core Principles for the Professional Practice of Internal Auditing, International Standards for the Professional Practice of Internal Auditing of the Institute of Internal Auditors (IIA), the definition of Internal Auditing, and Code of Ethics – to manage its functions and perform the audit engagements.

PRACTICES AND FRAMEWORK

GIA is guided by the internal policies, procedures and framework as well as the Internal Control Framework of the COSO and Control Objectives for Information and Related Technology (COBIT) in assessing and reporting on the adequacy and effectiveness of the design, implementation and efficiency of the Group’s overall system of internal controls, risk management and governance.

SCOPE AND COVERAGE

GIA continues to adopt a risk-based audit plan approach to provide independent assurance to the Board that programmes being carried out are prioritised based on the Group’s strategies, objectives, key risks and core/priority areas. Input from various sources – inclusive of ERM, Annual Operating Plan, past internal and external audit issues, Management and the Board – permits the identification of auditable risk areas.

During the year, GIA conducted reviews on governance, risk management and controls in the areas of finance, compliance, human resources, operations, project management, network and information technology as well as data analytics. Key areas covered include:

  • Sales and marketing;
  • Service agreement management;
  • Customer experience management;
  • Credit management;
  • Product lifecycle management;
  • Service fulfilment and assurance management;
  • IT security and governance;
  • ID management;
  • Billing and revenue assurance;
  • Major project deliverables and management;
  • Procurement, inclusive of contract management;
  • Asset and customer premises equipment management;
  • Accounting and financial reviews;
  • Internal investigations and reviews.

All internal audit reports were presented to the BAC with recommendations from GIA and feedback from Management. GIA subsequently monitors and verifies the implementation status of the recommendations on a quarterly basis through the ABAC.

In providing value to the organisation, GIA’s key performance indicators include value creation and protection, in form of cost avoidance, opportunity loss as well as significant process improvements identified during audit engagement.

In addition to performing audit engagements, GIA is also actively involved with the Management in strengthening compliance teams within management units, sharing best practices as well as knowledge on internal auditing, risk management and internal controls to the various stakeholders in TM. GIA carried out several initiatives to strengthen and institutionalise ethics and integrity in TM, focusing on relevant laws and regulations, governance, rules and practices, policies, religions and cultures.

Enterprise Risk Management (ERM) - Risk Committee Report

This year has been challenging for TM in the wake of the economic slowdown, shift in the regulatory environment and change of the political landscape. Consequently, TM’s profitability was affected due to stiff competition, pressure on reducing broadband prices and impact of the Mandatory Standard on Access Pricing (MSAP). TM continues to focus its efforts on anticipating and reducing risks while taking advantage of emerging opportunities.

TM’s ERM Framework provides reasonable assurance by identifying, analysing and addressing inherent and emerging risks with the effective implementation of mitigation controls to minimise its impact to the Group.

A project risk framework has been established to incorporate risk assessments during project initiation, project implementation and up to post-implementation review. This will empower the project owner to anticipate the level of risk and subsequently gauge the effectiveness of the mitigation actions including the benefit realisation from the projects.

The BRC played the vital role in overseeing risks that adversely affect TM. Management was also involved for a more active discussion on matters relating to the Group’s business strategy, regulatory, legal and project management. The key risks were highlighted and deliberated for better decision making 1. and ensure appropriate mitigation controls were put in place to address the risks.

SUMMARY OF PRINCIPAL ACTIVITIES

Various activities were carried out throughout the year with the objective of increasing awareness and empower a risk-based decision- making culture across TM’s employees, specifically for the risk fraternity. Amongst others, the following activities were included:

  • Communication and engagement sessions to encourage a risk decision-making culture, improve foresight and preserve an alert mindset in managing risk.
  • State Risk Assessments to widen the risk implementation coverage at states, as well as to inculcate risk-based thinking among regional employees.
  • Business Continuity Management (BCM) programmes, which include the 14th General Election (14th GE) Preparedness, TM Disaster Simulation Exercise 2018 and GITN Disaster Recovery Plan (DRP) Live Testing exercise. 3.
  • Supply sustainability risk assessment on China-based suppliers.
  • Refresher training on ERM system to increase system awareness.

MANAGING CORPORATE RISKS

Through the adoption of the ERM framework and robust processes, TM was able to appropriately manage the Corporate Risks to minimise impact to an acceptable level.

  1. Competition
    Constant changes in the market landscape 4. have resulted in stiff competition from other telecommunication service providers. TM anticipated the potential increase of new players providing broadband products and services in the market that poses a threat to TM’s existing market share. As part of the mitigation actions, TM increased its efforts to promote attractive new products and services with affordable pricing to retain existing consumers while attracting new customers.
  2. Regulatory Landscape
    Changes in the regulatory landscape, involving MSAP and spectrum assignment, have affected TM’s business operations to a certain extent. TM therefore continued to engage with the Regulator and worked closely with other stakeholders to address the regulatory issues. TM has put in place several efforts to arrest the decline in revenue growth as well as retain customer confidence in TM.
  3. National Fiberisation and Connectivity Plan (NFCP)
    The implementation of NFCP is anticipated to improve broadband quality and coverage, reduce broadband prices, enable internet access for all and expand fibre networks. Apart from upgrading the eligible customer broadband packages towards a higher broadband speed, TM has introduced unifi packages for new customers as well as offer upgrades to existing customers as part of its retention programme. TM also engaged with the Regulator to collaborate on the development of the NFCP.
  4. Loss of Reputation
    Corporate image and reputation are key towards building customer trust and business competitive advantage. Any negative customer experience can easily spread through social media, to the detriment of TM. In order to meet customer satisfaction and regulatory requirements, TM continued to improve its customer service, complaints resolution as well as maintained a close relationship with the relevant regulatory bodies.
  1. Revenue Gap and Profitability Shortfall
    The implementation of regulatory requirements on MSAP to double the broadband speed for half the price had a major impact on TM’s revenue. This affected TM’s capability to preserve the existing revenue base, generate new revenue and increase market presence. In order to address these challenges, the PIP2018 was introduced to emphasise on revenue uplift, sustained profitability, improved cash flow and enhanced productivity.
  2. Credit Risk
    The adoption of multiple collection strategies through the implementation of a new Credit Management System (CONCISE) has effectively mitigated the credit risk exposure despite the challenging economic scenario.
  3. Forex Sensitivity
    The weakening of the Ringgit throughout 2018 had an unfavourable impact on TM’s foreign borrowings and procurement spending. The revenues generated in foreign currency from TM global business acted as a natural hedge, while the reinforcement of Ringgit- based payment in procurement contracts helped to mitigate TM’s forex risk exposure.
  1. Implementation of Digital Initiatives
    TM’s digital initiatives focuses on Liberalising Digitisation and Accelerating Digitalisation to create efficiencies and opportunities in monetising the digitised systems. The Group Digital Centre (GDC) spearheaded a number of new digital applications to enhance customer experience and improve process optimisation that serves both TM’s customers as well as employees.
  2. Corporate Security
    • Logical/Cyber Security
      There were no significant security threats reported against TM’s equipment relating to ransomware, virus, DDoS and Malware attack. To protect the business, TM continuously enhanced its security controls with the deployment of new corporate antivirus, system patch update and security feature upgrades as well as conducting awareness programmes, security advisory and vulnerability assessments to ensure TM assets are secured.
    • Cable Theft
      The incidence of cable theft continued to decrease due to effective controls such as anti-cable theft features, installation of alarm systems focusing on hotspots and collaborating with the Royal Malaysia Police for patrolling activities.
  1. OSHE
    A safe and conducive work environment is important to TM employees for business continuity and to safeguard our reputation. To enable a healthier and safer workplace environment, TM focused its effort on the continuous campaign and awareness programmes to various levels of employees. Additionally, TM was successfully certified with OSH MS ISO 45001:2018, hence strengthening TM’s commitment towards better work standards and best industry practices.
  2. Revenue Leakage
    Revenue leakage occurs from the failure of billing processing, billing system and human error in managing billing activities. Mitigation of this risk is affected through the newly implemented TM Revenue Assurance System (TRACE), periodic Forensic Review/Control Assessment and strengthening operational governance.
  3. Fraud
    Fraud risk in TM comprises of service frauds such as Private Automatic Branch Exchange (PABX) fraud, resellers fraud and staff fraud. TM’s fraud monitoring system (CLIFF-Customer & LOBs in Fraud Frontier) has been enhanced to provide effective detecting and monitoring of service related fraud cases.
  4. Supply Sustainability
    The importance of managing Supply Sustainability Risk has brought significant impact to TM in ensuring service continuity. Global bilateral trade issues may impact TM’s sustainability as most of TM’s network assets comprise of China-based equipment. TM continued to strengthen its control measures in order to ensure adequate security in TM’s network equipment and its business continuity in the potential event of a crisis or disaster.

EMERGING RISK & OPPORTUNITY

The ongoing global bilateral trade issues has led to the emergence of supply sustainability risk on telecommunications network equipment. Chinese telecommunications equipment makes up a substantial part of TM’s overall network of elements. Recent actions taken by U.S authorities against two (2) of the largest Chinese telecommunications equipment suppliers in the world has increased the risk of equipment supply disruption to the telecommunication service industry, including TM. Such a disruption would pose a serious impact to TM in terms of financial exposure, customer service and network security. To mitigate this risk, TM has taken precautionary actions, amongst others, from finding suitable local partners for maintenance and support services to exploring the selection strategy of technology partners.

The next generation of mobile internet connectivity 5G will begin its trial phase in 2019. The nascent 5G technology deployment in Malaysia raises several significant risks, namely the unavailability of a 5G spectrum policy, adoption time for 5G devices and high investment costs to implement the 5G network. In-depth knowledge and competency of 5G market developments are essential for TM to ensure the successful deployment of the network.

Corporate Governance Overview

2018 was undoubtedly one of the most challenging times faced by TM. Changes to the business and industry landscape, solidify the need for us to make significant adjustments on how we operate and do business, taking into consideration the Company’s status and long term sustainability. The Board fully supported Management’s transformation initiatives.

Our governance provides much needed guiding principles to wade through the challenges, imparts the moral compass that directs and leads the Company whilst continuing to accord honour, integrity, transparency and accountability in our business conducts.

The Board underwent significant changes but continues to uphold the highest standards of corporate governance. This is due to the fact that the Board understands its ultimate responsibility is towards the Company and all stakeholders by taking cognisance of its role towards society, environment and upholding ethical integrity.

OUR GOVERNANCE MODEL AND FRAMEWORK

Our governance model is based on relevant requirements of the Main Market Listing Requirements (Main LR) of Bursa Malaysia Securities Berhad (Bursa Securities), Malaysian Code on Corporate Governance 2017 (MCCG 2017), Corporate Governance Guide 2017 (CG Guide), Corporate Disclosure Guide, Green Book on Enhancing Board Effectiveness, international best practices and standards, in addition to being benchmarked against the ASEAN Corporate Governance (CG) Scorecard.

The Board approves the Group’s governance framework where specific powers of the Board are delegated to the relevant Board Committees and Management based on their specialised skills such as financial information review, human capital management, internal controls and risk management as well as governance, procurement and investment matters, as depicted below:

Governance Framework
Shareholders
Board
Audit Committee
Nomination & Remuneration Committee
Risk Committee
Tender Committee
LTIP Committee
Investment Committee
(1 May 2017 to 6 June 2018) (1 April 2017 to 6 June 2018) (6 June 2018 to 16 November 2018) (16 November 2018 to present)
Management Committee
Group Leadership Team
Sub-Management Committees
Governance Framework Includes:
1
Open, clear and timely communication with our shareholders
2
A skilled, experienced, diverse and independent Board, with a Board Committee structure suited to our needs
3
Clear delegation, decision making and accountability framework
4
Robust systems of risk management and assurance
5
Our Values, Code of Conduct and policy framework which define the standards of behaviour we expect of each other in delivering our purpose and to achieve our strategy

Business Continuity Management

FACTS AT A GLANCE

TM Business Continuity Plan (BCP) Strategy identified preventive and recovery strategies driven through exhaustive Business Impact Analysis.
14th GE increased TM’s readiness towards business fulfilment and assurance by minimising potential impact from any untoward incidents.
Contingency measures identified as China-based network equipment formed an integral part of TM network that run the risk of supply disruptions

TM BUSINESS CONTINUITY MANAGEMENT (BCM) – OVERVIEW

BCM identifies potential threat and provides a holistic management process for building organisational resilience in safeguarding the interests of the stakeholders and the company’s reputation.

Business Impact Analysis (BIA) is a major component within BCM that determines the most appropriate business continuity strategies. The BIA identifies the urgency of the activity undertaken by assessing the impact over time caused by any potential or actual disruption on the delivery of products and services.

Malaysia’s 14th GE saw the historic event that altered the political landscape of the nation. TM as an organisation identified various possible scenarios and planned the strategies to ensure that the business operates as usual.

Ongoing global bilateral trade issues also contributed to potential supply disruptions risk by the China-based vendors affecting the telecommunication service industry, including TM. TM’s Business Continuity Plan (BCP) was tested and further strengthen to respond swiftly to potential business and supply disruptions. Furthermore, TM Corporate Crisis Management Plan (CCMP) was executed to tackle issues and minimise business interruptions.

Business Continuity Management