Risk Management and Cybersecurity Strategy

We recognize the critical importance of establishing, implementing, and continuously enhancing robust cybersecurity measures to safeguard our information systems and ensure the confidentiality, integrity, and availability of our data assets.

Our cybersecurity strategy is designed to proactively identify, assess, and mitigate risks while aligning with our overall business objectives and operational requirements.

Managing Material Risks & Integrated Overall Risk Management

By embedding our cybersecurity management operations within our broader risk management practice, we ensure that cybersecurity considerations are incorporated into our risk management and operational decision-making. This cross-functional approach enables us to identify potential vulnerabilities, monitor evolving risks, and implement mitigation measures in a timely manner. Where appropriate, we leverage internal and external professional support, including support from an accounting and advisory firm, to strengthen our cybersecurity controls and risk management processes.

Overseeing Third-party Risks

As we acknowledge potential risks associated with third-party service providers, we have processes to oversee and manage cybersecurity risks from third-party service providers, including:

This approach is designed to mitigate potential risks related to data breaches or other security incidents originating from third-parties.

Risks from Cybersecurity Threats

We have not encountered cybersecurity threats or incidents that have materially impaired or affected our operations, business strategy or financial condition as of the date of this annual report.

Governance

Our board of directors acknowledges the critical nature of managing risks associated with cybersecurity threats and the significance of these threats to our operational integrity and stakeholder confidence. Accordingly, the Company has established oversight mechanisms to ensure effective governance in managing risks associated with cybersecurity threats.

Board of Directors Oversight

The Audit Committee is central to the board of directors’ oversight of cybersecurity risks and bears the primary responsibility for this domain. The Audit Committee includes members with backgrounds in risk management, finance, and information technology, which supports its oversight responsibilities effectively. The Audit Committee shall keep the board of directors informed of significant cybersecurity matters as appropriate.

Management’s Role in Managing Risks

Cybersecurity risks are monitored through internal management processes, with the Company’s IT function and relevant members of management responsible for day-to-day monitoring, review of alerts and incidents, and response coordination. Management also works with legal counsel and senior leadership to determine whether a potential cybersecurity matter should be escalated for further review. The Company’s cybersecurity risk management efforts are supported by personnel with relevant experience in information systems, cybersecurity, and risk oversight. These individuals help maintain monitoring processes, assess vulnerabilities, and support the prevention, detection, mitigation, and remediation of cybersecurity incidents. Material cybersecurity issues are escalated to senior management and reported to the Audit Committee for further actioning as appropriate. The Company continues to enhance its cybersecurity governance and oversight practices. The Audit Committee conducts an annual review of our cybersecurity measures and the effectiveness of its risk management strategies. This review helps in identifying areas for improvement and ensuring the alignment of cybersecurity efforts with the overall risk management framework.

Board of Directors Oversight

The Audit Committee is central to the board of directors’ oversight of cybersecurity risks and bears the primary responsibility for this domain. The Audit Committee includes members with backgrounds in risk management, finance, and information technology, which supports its oversight responsibilities effectively. The Audit Committee shall keep the board of directors informed of significant cybersecurity matters as appropriate.