Maxis Berhad
Annual Report 2015
page
64
5. Revenue Assurance
The Revenue Assurance department is responsible for the continuous monitoring of potential revenue leakage that may arise
from day-to-day operations. Processes and controls within the revenue cycle are reviewed on a rotational basis to ensure they
function effectively and efficiently. This includes performance and examination of regular test calls, reconciliations of chargeable
transactions from network and IT systems to the billing systems and independent rating of key services via automated tools.
These findings and corresponding actions taken are reported to the Management on a monthly basis. Key issues on identified
revenue leakages and mitigation action taken are reported to the Audit Committee on a half-yearly basis. The Revenue Assurance
department meets key stakeholders on an ongoing basis to address key revenue assurance issues and drive revenue assurance
initiatives across the Group.
6. Subscriber Fraud Management
The Subscriber Fraud Management (“SFM”) function complements the Revenue Assurance function. While the Revenue
Assurance function reviews controls within the revenue cycle as indicated above, the SFM function monitors daily subscriber calls
on a near real-time basis. Appropriate actions are taken immediately on suspected fraudulent calls which are detected, using an
industry developed system that monitors call patterns on a 24/7 basis throughout the financial year and other manual reporting
investigations. It also reviews key new products and services for possible fraud risk and recommends counter-measures. Fraud
findings with remedial actions taken are reported to key stakeholders on an ongoing basis and presented half-yearly to the Audit
Committee.
7. Business Continuity Planning
The Business Continuity Planning (“BCP”) team is responsible for identifying activities and operations that are critical to sustain
business operations in the event of a disaster. These include facilitating the building of additional redundancies in network
infrastructure, establishing alternate sites where key operational activities can be resumed and mitigating the risk of high-impact
loss events through appropriate insurance coverage. A risk-based approach is applied in identifying the key initiatives and their
levels of importance by reviewing critical systems and single-point of failures as well as their impact on the business of the Group
as a whole. During the financial year, selected critical areas as identified by risk priority were tested to assess the effectiveness of
the implemented BCP initiatives. These tests were successfully executed and the progress of these initiatives was presented half-
yearly to the Audit Committee. Since January 2014, Maxis is also certified under ISO 22301, the international certification standard
for Business Continuity Management systems.
8. Regulatory
The Regulatory function ensures compliance with the Communications and Multimedia Act 1998 (“CMA”), and its applicable rules
and regulations, which governs the Group’s core business in the communications and multimedia sector in Malaysia. As a licensee
under the CMA, the Group adheres to its licensing conditions, as well as economic, technical, social and consumer protection
regulations embedded in the CMA and its subsidiary legislation. The Group actively participates in new regulatory and industry
development consultations initiated by the regulator, MCMC.
The Regulatory function also frequently engages the MCMC and the KKMM in discussions on pertinent industry issues.
9. Legal
The Legal department plays a pivotal role in ensuring that the interests of the Group are preserved and safeguarded from a legal
perspective. It ensures that the Group’s operations and transactions with third parties are in compliance with all laws. It also plays
a key role in advising the Board and Management on legal and strategic matters. The Board is also briefed through reports to the
Audit Committee on material litigation and any changes in law affecting the Group’s operations.
10. Company Secretary
Please refer to Statement on Corporate Governance on pages 44 to 57 of this Annual Report.
11. Limits of Authority
A Limits of Authority (“LOA”) manual sets out the authorisation limits for various levels of Maxis’ Management and staff and
also those matters requiring Board approval to ensure accountability, segregation of duties and control over the Group’s financial
commitments. The LOA manual is reviewed and updated periodically to align with business, operational and structural changes.
Statement on
Risk Management and Internal Control
