SEC.docx

Transcript

**10. INCREASING FOCUS ON NON-FINANCIAL AND SUSTAINABILITY REPORTING**

Principle 10

The company should ensure that the material and reportable non-
financial and sustainability issues are disclosed.

Recommendation 10.1

The Board should have a clear and focused policy on the disclosure of
non-financial information, with emphasis on the management of economic,
environmental, social and governance (EESG) issues of its business,
which underpin sustainability. Companies should adopt a globally
recognized standard/framework in reporting sustainability and
non-financial issues.

Explanation

As external pressures including resource scarcity, globalization, and
access to information continue to increase, the way corporations respond
to sustainability challenges, in addition to financial challenges,
determines their long-term viability and competitiveness. One way to
respond to sustainability challenges is disclosure to all shareholders
and other stakeholders of the company\'s strategic (long-term goals) and
operational objectives (short-term goals), as well as the impact of a
wide range of sustainability issues.

Disclosures can be made using standards/frameworks, such as the G4
Framework by the Global Reporting Initiative (GRI), the Integrated
Reporting Framework by the International Integrated Reporting Council
(IIRC) and/or the Sustainability Accounting Standards Board (SASB)\'s
Conceptual Framework.

**11. PROMOTING A COMPREHENSIVE AND COST-EFFICIENT ACCESS TO RELEVANT
INFORMATION**

Principle 11

The company should maintain a comprehensive and cost-efficient
communication channel for disseminating relevant information. This
channel is crucial for informed decision-making by investors,
stakeholders and other interested users.

Recommendation 11.1

The company should include media and analysts\' briefings as channels of
communication to ensure the timely and accurate dissemination of public,
material and relevant information to its shareholders and other
investors.

Explanation

The manner of disseminating relevant information to its intended users
is as important as the content of the information itself. Hence, it is
essential for the company to have a strategic and well-organized channel
for reporting. These communication channels can provide timely and
up-to-date information relevant to investors\' decision-making, as well
as to other interested stakeholders.

INTERNAL CONTROL SYSTEM AND RISK MANAGEMENT FRAMEWORK

**12. STRENGTHENING THE INTERNAL CONTROL SYSTEM AND ENTERPRISE RISK
MANAGEMENT FRAMEWORK**

Principle

To ensure the integrity, transparency and proper governance in the
conduct of its affairs, the company should have a strong and effective
internal control system and enterprise risk management framework.

Recommendation 12.1

The Company should have an adequate and effective internal control
system and an enterprise risk management framework in the conduct of its
business, taking into account its size, risk profile and complexity of
operations.

Explanation

An adequate and effective internal control system and an enterprise risk
management framework help sustain safe and sound operations as well as
implement management policies to attain corporate goals. An effective
internal control system embodies management oversight and control
culture; risk recognition and assessment; control activities;
information and communication; monitoring activities and correcting
deficiencies. Moreover, an effective enterprise risk management
framework typically includes such activities as the identification,
sourcing, measurement, evaluation, mitigation and monitoring of risk.

Recommendation 12.2

The Company should have in place an independent internal audit function
that provides an independent and objective assurance, and consulting
services designed to add value and improve the company\'s operations.

Explanation

A separate internal audit function is essential to monitor and guide the
implementation of company policies. It helps the company accomplish its
objectives by bringing a systematic, disciplined approach to evaluating
and improving the effectiveness of the company\'s governance, risk
management and control functions. The following are the functions of the
internal audit, among others:

a\. Provides an independent risk-based assurance service to the Board,
Audit Committee and Management, focusing on reviewing the effectiveness
of the governance and control processes in (1) promoting the right
values and ethics, (2) ensuring effective performance management and
accounting in the organization, (3) communicating risk and control
information, and (4) coordinating the activities and information among
the Board, external and internal auditors, and Management;

b\. Performs regular and special audit as contained in the annual audit
plan and/or based on the company\'s risk assessment;

C. Performs consulting and advisory services related to governance and
control as appropriate for the organization;

d\. Performs compliance audit of relevant laws, rules and regulations,
contractual obligations and other commitments, which could have a
significant impact on the organization;

e\. Reviews, audits and assesses the efficiency and effectiveness of the
internal control system of all areas of the company;

f\. Evaluates operations or programs to ascertain whether results are
consistent with established objectives and goals, and whether the
operations or programs are being carried out as planned;

g\. Evaluates specific operations at the request of the Board or
Management, as appropriate; and

h\. Monitors and evaluates governance processes.

A company\'s internal audit activity may be a fully resourced activity
housed within the organization or may be outsourced to qualified
independent third party service providers.

**Recommendation 12.3**

Subject to a company\'s size, risk profile and complexity of operations,
it should have a qualified Chief Audit Executive (CAE) appointed by the
Board. The CAE shall oversee and be responsible for the internal audit
activity of the organization, including that portion that is outsourced
to a third party service provider. In case of a fully outsourced
internal audit activity, a qualified independent executive or senior
management personnel should be assigned the responsibility for managing
the fully outsourced internal audit activity.

Explanation

The CAE, in order to achieve the necessary independence to fulfill
his/her responsibilities, directly reports functionally to the Audit
Committee and administratively to the CEO. The following are the
responsibilities of the CAE, among others:

a\. Periodically reviews the internal audit charter and presents it to
senior management and the Board Audit Committee for approval;

b\. Establishes a risk-based internal audit plan, including policies and
procedures, to determine the priorities of the internal audit activity,
consistent with the organization\'s goals;

c\. Communicates the internal audit activity\'s plans, resource
requirements and impact of resource limitations, as well as significant
interim changes, to senior management and the Audit Committee for review
and approval;

d\. Spearheads the performance of the internal audit activity to ensure
it adds value to the organization;

e\. Reports periodically to the Audit Committee on the internal audit
activity\'s performance relative to its plan; and

f\. Presents findings and recommendations to the Audit Committee and
gives advice to senior management and the Board on how to improve
internal processes.

Recommendation 12.4

Subject to its size, risk profile and complexity of operations, the
company should have a separate risk management function to identify,
assess and monitor key risk exposures.

Explanation

The risk management function involves the following activities, among

others:

a\. Defining a risk management strategy;

b\. Identifying and analyzing key risks exposure relating to economic,
environmental, social and governance (EESG) factors and the achievement
of the organization\'s strategic objectives;

c\. Evaluating and categorizing each identified risk using the company\'s
predefined risk categories and parameters;

d\. Establishing a risk register with clearly defined, prioritized and
residual risks;

e\. Developing a risk mitigation plan for the most important risks to the
company, as defined by the risk management strategy;

f\. Communicating and reporting significant risk exposures including
business risks (i.e., strategic, compliance, operational, financial and
reputational risks), control issues and risk mitigation plan to the
Board Risk Oversight Committee; and

g\. Monitoring and evaluating the effectiveness of the organization\'s
risk management processes.

Recommendation 12.5

In managing the company\'s Risk Management System, the company should
have a Chief Risk Officer (CRO), who is the ultimate champion of
Enterprise Risk Management (ERM) and has adequate authority, stature,
resources and support to fulfill his/her responsibilities, subject to a
company\'s size, risk profile and complexity of operations.

Explanation

The CRO has the following functions, among others:

a\. Supervises the entire ERM process and spearheads the development,
implementation, maintenance and continuous improvement of ERM processes
and documentation;

b\. Communicates the top risks and the status of implementation of risk
management strategies and action plans to the Board Risk Oversight
Committee;

c\. Collaborates with the CEO in updating and making recommendations to
the Board Risk Oversight Committee;

d\. Suggests ERM policies and related guidance, as may be needed; and

e\. Provides insights on the following:

- Risk management processes are performing as intended; Risk measures
reported are continuously reviewed by risk owners for effectiveness;
and

- Established risk policies and procedures are being complied with.

- There should be clear communication between the Board Risk Oversight
Committee and the CRO.

**CULTIVATING A SYNERGIC RELATIONSHIP WITH SHAREHOLDERS**

**13. PROMOTING SHAREHOLDER RIGHTS Principle**

The company should treat all shareholders fairly and equitably, and also
recognize, protect and facilitate the exercise of their rights.
SHAREHOLDERS SHOULD BE TREATED FAIRLY AND EQUITABLY

Recommendation 13.1

The Board should ensure that basic shareholder rights are disclosed in
the Manual on Corporate Governance and on the company\'s website.

Explanation

It is the responsibility of the Board to adopt a policy informing the
shareholders of all their rights. Shareholders are encouraged to
exercise their rights by providing clear-cut processes and procedures
for them to follow.

Shareholders\' rights relate to the following, among others:

- Pre-emptive rights;

- Dividend policies;

- Right to propose the holding of meetings and to include agenda items
ahead of the scheduled Annual and Special Shareholders\' Meeting;

- Right to nominate candidates to the Board of Directors; Nomination
process; and

- Voting procedures that would govern the Annual and Special
Shareholders\' Meeting.

The right to propose the holding of meetings and items for inclusion in
the agenda is given to all shareholders, including minority and foreign
shareholders. However, to prevent the abuse of this right, companies may
require that the proposal be made by shareholders holding a specified
percentage of shares or voting rights. On the other hand, to ensure that
minority shareholders are not effectively prevented from exercising this
right, the degree of ownership concentration is considered in
determining the threshold.

Further, all shareholders must be given the opportunity to nominate
candidates to the Board of Directors in accordance with the existing
laws. The procedures of the nomination process are expected to be
discussed clearly by the Board. The company is encouraged to fully and
promptly disclose all information regarding the experience and
background of the candidates to enable the shareholders to study and
conduct their own background check as to the candidates\' qualification
and credibility.

Shareholders are also encouraged to participate when given sufficient
information prior to voting on fundamental corporate changes such as:
(1) amendments to the Articles of Incorporation and By-Laws of the
company; (2) the authorization on the increase in authorized capital
stock; and (3) extraordinary transactions, including the transfer of all
or substantially all assets that in effect result in the sale of the
company. In addition, the disclosure and clear explanation of the voting
procedures, as well as removal of excessive or unnecessary costs and
other administrative impediments, allow for the effective exercise of
the shareholders\' voting rights. Poll voting is highly encouraged as
opposed to the show of hands. Proxy voting is also a good practice,
including the electronic distribution of proxy materials.

The related shareholders\' rights and relevant company policies should
be contained in the Manual on Corporate Governance.

Recommendation 13.2

The Board should encourage active shareholder participation by sending
the Notice of Annual and Special Shareholders\' Meeting with sufficient
and relevant information at least 28 days before the meeting.

Explanation

Required information in the Notice include, among others, the date,
location, meeting agenda and its rationale and explanation, and details
of issues to be deliberated on and approved or ratified at the meeting.
Sending the Notice in a timely manner allows shareholders to plan their
participation in the meetings. It is good practice to have the Notice
sent to all shareholders at least 28 days before the meeting and posted
on the company website.

Recommendation 13.3

The Board should encourage active shareholder participation by making
the result of the votes taken during the most recent Annual or Special
Shareholders\' Meeting publicly available the next working day. In
addition, the Minutes of the Annual and Special Shareholders\' Meeting
should be available on the company website within five business days
from the end of the meeting.

Explanation

Voting results include a breakdown of the approving and dissenting votes
on the matters raised during the Annual or Special Stockholders\'
Meeting. When a substantial number of votes have been cast against a
proposal made by the company, it may make an analysis of the reasons for
the same and consider having a dialogue with its shareholders.

The Minutes of Meeting include the following matters: (1) A description
of the voting and the vote tabulation procedures used; (2) the
opportunity given to shareholders to ask questions, as well as a record
of the questions and the answers received; (3) the matters discussed and
the resolutions reached; (4) a record of the voting results for each
agenda item; (5) a list of the directors, officers and shareholders who
attended the meeting; and (6) dissenting opinion on any agenda item that
is considered significant in the discussion process.

Recommendation 13.4

The Board should make available, at the option of a shareholder, an
alternative dispute mechanism to resolve intra-corporate disputes in an
amicable and effective manner. This should be included in the company\'s
Manual on Corporate Governance.

Explanation

It is important for the shareholders to be well-informed of the
company\'s processes and procedures when seeking to redress the
violation of their rights. Putting in place proper safeguards ensures
suitable remedies for the infringement of shareholders\' rights and
prevents excessive litigation. The company may also consider adopting in
its Manual on Corporate Governance established Alternative Dispute
Resolution (ADR) procedures.

Recommendation 13.5

The Board should establish an Investor Relations Office (IRO) to ensure
constant engagement with its shareholders. The IRO should be present at
every shareholders\' meeting.

Explanation

Setting up an avenue to receive feedback, complaints and queries from
shareholders assure their active participation with regard to activities
and policies of the company. The IRO has a designated investor relations
officer, email address and telephone number. Further, creating an
Investor Relations Program ensures that all information regarding the
activities of the company are properly and timely communicated to
shareholders.

1. **Defining a Risk Management Strategy**: The company should outline
a comprehensive strategy that aligns with its overall objectives and
risk appetite. This strategy serves as a roadmap for managing risks
effectively.

2. **Analyzing Risks**: This involves a thorough examination of risks
related to various factors such as economic conditions,
environmental impacts, social responsibilities, and governance
practices. Understanding these risks helps in anticipating potential
challenges and opportunities.

3. **Categorizing Risks**: Once identified, risks should be categorized
based on their nature and potential impact. This helps in
prioritizing which risks need immediate attention and which can be
monitored over time.

4. **Creating a Risk Register**: A risk register is a detailed document
that lists all identified risks, their categories, potential
impacts, and mitigation measures. It serves as a central repository
for risk information and is crucial for tracking and managing risks.

5. **Developing Mitigation Plans**: For each identified risk, the
company should develop specific plans to mitigate or manage the
risk. These plans outline the steps to be taken to reduce the
likelihood or impact of the risk.

6. **Reporting Significant Risks to the Board**: Regular reporting to
the Board of Directors ensures that significant risks are
communicated at the highest level. This allows for informed
decision-making and ensures that the Board is aware of the company's
risk landscape.

7. **Evaluating the Effectiveness of Risk Management Processes**:
Continuous evaluation and improvement of risk management processes
are necessary to ensure they remain effective. This involves regular
reviews and updates to the risk management strategy and practices.