Dalam kegiatan operasinya, Perseroan menghadapi risiko umum pada semua bisnis, termasuk yang terkait kondisi politik dan ekonomi, kompetisi, dampak lingkungan dan kesehatan dan keselamatan di tempat kerja. Selain ini, Perseroan menghadapi sejumlah risiko khusus untuk bisnis ritel modern, termasuk risiko keamanan. Untuk mengurangi ini, Perseroan telah menginstalasi sistem Electronic Article Surveillance canggih, yang termasuk Closed Circuit Television CCTV untuk melengkapi pekerjaan staf keamanan Perseroan. Secara agresif Perseroan mempromosikan budaya sadar risiko melalui pelatihan untuk tim operasi gerai dan divisi lainnya di kantor pusat. Kampanye dan newsletter yang didistribusikan ke pemilik proses bisnis divisi dan departemen untuk membagi informasi mengenai risiko signifikan dan rekomendasi mitigasi yang relevan. Di 2012, Perseroan memulai proyek Manajemen Risiko di seluruh Perseroan, yang menghasilkan masukan komprehensif tentang risiko utama dan kontrol pada setiap proses bisnis, memungkinkan Perseroan untuk mengidentikasi kemungkinan risiko, kerusakan atau dampak yang berkaitan dengan situasi keuangan, operasi, karyawan, citra dan reputasi, dan peraturan yang berlaku. In the course of its operations, the company is exposed to risks that are common to all businesses, including those related to political and economic conditions, competition, environmental impact and health and safety at work. As well as these, the Company faces a number of risks specific to the modern retail business, including security risks. To mitigate this,the company has installed a sophisticated Electronic Article Surveillance system, which includes Closed Circuit Television CCTV to complement the work of the company’s security staff. The company are aggressively promoting a risk awareness culture through training for store operation teams and other divisions at head office, communication campaigns and a newsletter, which is distributed to business process owners divisions and departments to share information on significant risks and advice on relevant mitigating measures. In 2012 the company initiated an organisation-wide Managing Risk Project, which is generating comprehensive input on key risks and controls in each business process, enabling the company to identify their likelihood, severity or impact related to our financial situation, operations, employees, image and reputation, and regulatory matters. AUDIT INTERNAL Perseroan memiliki Internal Audit Unit IAU, yang melapor langsung kepada Presiden Direktur. IAU diciptakan untuk memberikan penilaian independen tentang kontrol internal Perseroan dan sistem dan implementasi pengelolaan risiko, serta untuk memberikan keyakinan pada praktek tata kelola perusahaan secara umum. Audit dilaksanakan secara teratur di seluruh organisasi, dengan fokus pada unsur dan aspek yang memiliki peringkat risiko lebih tinggi, sesuai dengan risiko assessment, maka dapat berdampak buruk pada kepentingan Perseroan dan pemangku kepentingan. Piagam Audit Internal Piagam Internal Audit Perseroan secara eksplisit menggambarkan struktur dan posisi Unit Internal Audit IAU dalam Perseroan; kualifikasi, tugas, tanggung jawab dan wewenang auditor; pengangkatan mereka, penggantian, pemberhentian; rencana dan pedoman dari IAU dan prosedur untuk laporan; independensi dan obyektifitas IAU dan Kode Etik Auditor Internal. Piagam Internal Audit dibentuk berdasarkan Keputusan Ketua Bapepam-LK No.KEP-496BL2008 tanggal 28 November 2008 mengenai Pembentukan dan Pedoman Audit Intern Charter, dan sebagai pengakuan akan kuatnya nilai internal tata kelola. Terakhir diperbaharui 25 Oktober 2013 dan sesuai dengan hukum, piagam tersebut telah dimasukkan di situs. Struktur Audit Internal Ketua IAU dan tim IA independen terhadap perusahaan. Unit Audit Internal saat ini dipimpin oleh Maju Tarigan, yang diangkat pada 1 Mei 2013. Ia mengawasi satu tim berisi tujuh auditor perusahaan. Ketua IAU dipilih dan hanya bisa diberhentikan oleh Presiden Direktur sesuai dengan Surat Edaran mengenai Pengangkatan Internal Audit Unit Head, yang disetujui oleh Dewan Komisaris. Untuk profil singkat mengenai Maju Tarigan, silahkan lihat di halaman 251. INTERNAL AUDIT The Company has an Internal Audit Unit IAU, which reports directly to the President Director. The IAU was created to provide an independent assessment of the Company’s internal control and risk management systems and implementation, and to provide assurance on the Company’s corporate governance practices in general. Audits are carried out regularly across the organization, focusing on aspects and elements that have a higher risk rating, according to the risk assessment, and could therefore have an adverse impact on the interests of the Company and its stakeholders. Internal Audit Charter The Company’s Internal Audit Charter explicitly describes the structure and position of the Internal Audit Unit IAU within the Company; the qualifications, duties, responsibilities and authority of the auditors; their appointment, replacement and termination; the plans and guidelines of the IAU and the procedures for reporting; the independence and objectivity of the IAU and the Code of Ethics for Internal Auditors. The Internal Audit Charter was established pursuant to the Decision of the Chairman of Bapepam-LK No.KEP-496BL2008 dated November 28, 2008 regarding the Establishment and Guidelines for Internal Audit Charters, and in recognition of the value of strong internal governance. It was last updated on October 25, 2013 and in accordance to the law, the charter has been posted in the Company’s website. Internal Audit Structure The Head of the IAU and the IA team are independent of all the Company’s business units. The Internal Audit Unit is currently headed by Maju Tarigan, who was appointed on May 1, 2013. He supervises a team of seven corporate auditors. The Head of the IAU is selected and can be removed by the President Director pursuant to a Circular Letter regarding the Appointment of the Internal Audit Unit Head, which is approved by the Board of Commissioners. For a brief profile of Maju Tarigan, please see page 251. manajemen risiko Risk Management Tugas dan Tanggung Jawab Tanggung jawab utama dari Unit Audit Interal termasuk: • Menyiapkan dan mengimplementasikan Rencana Audit Tahunan; • Mengevaluasi pelaksanaan kontrol internal dan sistem pengelolaan resiko, merekomendasikan area perbaikan dan memantau efektivitas dari tidank lanjut yang relevan; • Mengevaluasi efisiensi dan efektivitas kinerja Perseroan di area termasuk keuangan, akuntansi, operasional, sumber daya manusia, pemasaran dan teknologi informasi; • Melaksanakan audit khusus danatau investigasi jika diperlukan; • Menyiapkan laporan atas temuan audit untuk Presiden Direktur, Dewan Komisaris dan Komite Audit; • Memberikan rekomendasi untuk perbaikan dan memberikan informasi tentang kegiatan yang sedang ditinjau secara obyektif di seluruh tahapan manajemen; • Memonitor, analisa, dan melapor eksekusi dari tindak lanjut atas perbaikan yang disarankan; • Bekerjasama dengan Komite Audit; • Merancang program untuk penilaian kualitas kegiatan yang dilaksanakan oleh Unit Internal Audit. Duties and Responsibilities Key responsibilities of the IAU Unit include: • Preparing and implementing the Annual Internal Audit Plan; • Evaluating the implementation of the internal control and risk management system, recommending areas for improvement and monitoring the effectiveness of relevant follow-up action; • Evaluating the efficiency and effectiveness of the Company’s performance in areas including finance, accounting, operation, human resources, marketing and information technology; • Conducting special audits andor investigation as required; • Preparing reports on audit findings for the President Director, the Board of Commissioners and the Audit Committee. • Giving recommendations for improvement and providing objective information about the activities under review at all management levels; • Monitoring, analysing and reporting the execution of follow-up actions on recommended improvements; • Cooperating with the Audit Committee; • Designing programs for quality assessment activities conducted by the Internal Audit Unit. Head of Risk Management and Internal Audit Maju Tarigan Head of Internal Audit and Compliance Audit Manager Senior Auditor Senior Auditor Reporting and Audit Manager Senior Auditor Senior Auditor manajemen risiko Risk Management Sistem Kontrol Internal IAU mengaudit seluruh aspek operasional dan keuangan Perseroan sesuai dengan audit checklist, yang sejalan dengan kerangka kontrol internal yang dikeluarkan oleh COSO, berdasarkan Standard Operating Procedures SOP dan Store Operational Manual MOT referensi yang sebelumnya telah disetujui oleh manajemen. Departemen Pencegahan Kerugian dan Keselamatan Keamanan melakukan tinjauan gerai, berjalan dan pelatihan seluruh gerai setidaknya dua kali setahun untuk memastikan bahwa sistem kontrol internal diterapkan secara efektif mendukung pencapaian obyektif dari Perseroan dan pemegang saham. Implementasi Program di 2013 Di 2013, Perseroan meninjau 125 gerai dan enam departemen Procurement, Merchandising, Marketing, Maintenance, Finance and Accounting and Human Resources dengan hasil yang secara umum sangat memuaskan. Seperti di tahun sebelumnya, seluruh gerai Matahari dinilai telah sukses dalam mempresentasikan dirinya sebagai gerai yang menarik dan dinamis. Namun, masih ada ruang untuk perbaikan: pengalaman belanja konsumen masih dapat ditingkatkan di sekitar 50 gerai dengan sebagian pembetulan dan lebih banyak perhatian ke detil. SISTEM WHISTLE BLOWING Sadar akan perlunya pendekatan yang ketat untuk menjunjung standar etika yang tertinggi dalam perusahaan yang tumbuh cepat, di 2011 Perseroan menerapkan sistem whistleblowing. Kami sangat yakin bahwa kelanjutan dari viabilitas dan integritas Perseroan tak hanya tergantung dari melindungi seluruh aset, termasuk karyawan Perseroan, aset fisik, dan informasi milik Perseroan, tetapi juga menjaga keamanan dan kesehatan dari seluruh karyawan Perseroan dan memastikan bahwa mereka diperlakukan secara jujur dan adil setiap saat. Untuk menjamin perlindungan penuh bagi informan, Perseroan telah menunjuk administrator independen, Deloitte, untuk mengoperasikan hotline whistleblower, yang dikenal sebagai Suara Matahari. Melalui Suara Matahari, manajemen, karyawan dan pemasok bisa melaporkan setiap tindakan ilegal atau tidak dengan sangat rahasia dan dengan anonimitas penuh. Whistleblower hotline diiklankan secara luas untuk manajemen, karyawan dan pemasok dan dikelola oleh operator berpengalaman yang menangani laporan masuk, dan ahli investigasi forensik yang menyelidiki laporan yang diterima dan melaporkan masalah ke manajemen. Internal Control Systems The IAU audits all operational and financial aspects of the Company in accordance with the audit checklist, which is aligned with the internal control framework issued by COSO, and based on the Standard Operating Procedures SOP and Store Operational Manual MOT references previously approved by management. The Loss Prevention and Security Safety Department undertakes a store review, walkthrough and training of all stores at least twice a year to ensure that the internal controls in place are effectively supporting the achievement of the objectives of both the Company and our stakeholders. Program Implementation in 2013 In 2013, the Company reviewed 125 shops and six departments Procurement, Merchandising, Marketing, Maintenance, Finance and Accounting and Human Resources with generally very satisfactory results. As in the previous year, all Matahari stores were judged to have successfully presented themselves as inviting and dynamic. Nevertheless, there is scope for improvement: customers’ shopping experience could be enhanced in some 50 of stores with selective adjustments and greater attention to detail. WHISTLE BLOWING SYSTEM Conscious of the need for a stringent approach to upholding the highest ethical standards in a rapidly growing company, in 2011 the Company instituted a whistleblowing system. The Company firmly believe that the Company’s continued viability and integrity depends not only on protecting all assets, including employees, physical assets, and proprietary information, but also on maintaining the safety and wellbeing of all the employees and ensuring that they are treated honestly and justly at all times. To guarantee full protection for informants, the Company has appointed an independent administrator, Deloitte, to operate its whistleblower hotline, known as Suara Matahari. Through Suara Matahari, management, employees and suppliers can to report any illegal or inappropriate acts in strict confidence and with full anonymity. The whistleblower hotline is advertised widely to management, employees and suppliers and is staffed by experienced operators who handle incoming reports and forensic investigation experts who investigate the reports received and report issues to management. Suara Matahari meliput sebagai berikut: 1. Sejumlah media hotline– telepon toll-free landline, fax, website, e-mail dan mailbox; 2. Sosialisasi anti-fraud awareness dan program whilstleblower yang ditujukan kepada manajemen, karyawan, pemasok; 3. Operator contact-center yang berpengalaman; 4. Ahli investigasi forensik untuk menindaklanjuti laporan yang diterima dan melaporkannya ke manajemen; 5. Rekomendasi untuk perbaikan. Laporan dapat dimasukkan melalui berbagai channel: 1. Hotline Pemberi informasi informan dapat menghubungi Suara Matahari di 500-070. Jasa ini anonim; informan tidak perlu menyebutkan nama jika tidak berkenan. 2. Facsimile Laporan dapat dikirimkan melalui faksimili ke +62 21 2350-7055 3. E-mail Laporan dapat dikirim melalui e-mail ke suaramataharitipoffs.com. Alamat e-mail informan tidak akan diungkapkan tanpa izin. Suara Matahari features the following: 1. Numerous hotline channels – toll-free phone lines, fax, website, email and mailbox; 2. Promotion of anti-fraud awareness and the whistleblower program to all management, employees and suppliers; 3. Experienced contact center operators; 4. Forensic investigation experts to follow up the reports received and present issues to management; 5. Recommendations for improvements. Reports may be submitted through a variety of channels: 1. Hotline The informant can contact Suara Matahari on 500-070. This service is anonymous; the informant need not state their name if they are unwilling to do so. 2. Facsimile Reports can be sent by facsimile to +62 21 2350-7055 3. Email Reports can also be sent via email to suaramataharitipoffs.com. The informant’s email address will not be disclosed without permission. manajemen risiko Risk Management