The primary responsibility for the design, implementation and maintenance of internal control rests on Management; while the Board and its Audit and Risk Management Committee oversee the actions of Management and monitor the effectiveness of the controls put in place. The independent mechanisms to monitor and evaluate the existence and effectiveness of internal controls are provided by the external auditor and the internal auditor. The external auditor provides an independent and objective assurance on the preparation and presentation of the Company's financial statements, while the internal auditor functions as an independent audit that provides reasonable assurance on the achievement of the Company's internal control objectives, specifically on the reliability of financial reporting, effectiveness and efficiency of operations, and compliance with the applicable laws and regulations.
Since 2005, the Company has been conducting periodic strategy and self-assessments to evaluate risks and their likely impact on its business performance.
In 2010, the Company adopted an expanded approach to manage various business risks to cover its subsidiaries and associate companies. Management embarked on a series of briefings and workshops aimed at building competencies, identifying threats, exploiting opportunities and managing risks among its core business units. Using the Meralco Enterprise Risk Management Framework contained in the Meralco Risk Management Policy Manual, an enterprise risk management capability development program for subsidiaries and associate companies was conducted with the assistance of an expert from the Asian Institute of Management.
An executive briefing on Corporate Governance for the Board, the Management, and key officers of subsidiaries and affiliates was conducted on December 15, 2010 by the Asian Risk Management Institute (ARiMI), which discussed the integration of Corporate Governance and Enterprise Risk Management to foster sustainable effective performance.
