The management of PowerSeraya recognises the significance and impact of fraud risks if these are not well managed. The company has a Fraud Risk Management (FRM) framework which it views as important in protecting the interests of shareholders, employees as well as other stakeholders who have dealings with the company. The overall responsibility of implementing and overseeing the FRM framework lies with the Fraud Control Officer (FCO), supported by the Fraud Risk Assessment Committee. Diagram 5.4 shows the organisational structure for FRM.

In 2007, the Fraud Risk Management (FRM) Policy was formalised and approved by senior management and the Audit Committee. It aims to draw together the preventive, detective and resolution, and reporting initiatives adopted by PowerSeraya in one document and to:

• Promote awareness of potential high fraud risk areas
• Develop appropriate strategies and controls to minimise the risks of fraud and consequent losses.

At PowerSeraya, all business units are periodically analysed for fraud risks (including corruption which is a subset of fraud). Since the formulation of the FRM Policy in 2007, there have been no confirmed incidents of fraud arising from allegations received and investigated. Fraud risk assessments are conducted on business processes (e.g. procurement, treasury) which cut across multiple departments and functions in the organisation.

Complementing the FRM Policy are the Code of Ethics and the Code of Conduct. The former serves to guide employees in making sound and ethical decisions. The latter aims to uphold the integrity and image of the company through the employee's diligence and due care in the discharge of his/ her duties.

Fraud risk awareness workshops are also conducted periodically to help employees identify potential red flags. From FY 2006/2007 to FY 2008/2009, a total of three fraud awareness workshops were conducted involving close to 148 employees. The workshops covered topics like the fraud risk policy, potential activities leading to fraud and the role that employees have on fraud detection. Employees are also encouraged to report known or suspected incidences of malpractice in accordance to with the Employee Handbook.