LOADING

As at 31 December 2025

Dear Shareholder,

On behalf of the Audit Committee, I am pleased to present the Audit Committee (“Committee”) report for the year ended 31 December 2025. The report outlines how the Committee discharged its responsibilities during the year in relation to financial and other reporting, risk management and internal control, the Internal Audit functions, and relationship and interaction with external auditors

The Committee supported the Board in assessing the integrity of the Group’s financial reporting and emerging risks facing the Group. This included reviewing the Group’s risk management and internal control systems and overseeing the operation of the Internal Audit function including forensic audits.

Membership of Committee

The Committee currently comprises four Independent Non-Executive Directors and one Non-Executive Director, namely Mr Chandrasiri Kalupahana as the Chairman of the Committee with effect from 09 May 2025 and Messrs Nihal Fonseka-Independent, Non-Executive Director, Thennakoon Thilakarathne - Independent, Non-Executive Director, Mr Raghvendra Madhav - Independent, Non-Executive Director and A N Hapugala - Non-independent, Non-Executive Director, as members.

Mr Kalupahana is a Fellow Member of The Institute of Chartered Accountants of Sri Lanka (CA Sri Lanka) and holds memberships in several other professional bodies. He commenced his professional career at KPMG Sri Lanka and has served as a Governing Council Member and Chairman of the Business School of CA Sri Lanka for four years.

The Board is satisfied that the current members of the Audit Committee are competent in financial matters and have a good mix of skills, expertise and experience in commercial matters, telecommunications, finance and audit.

Roles and Responsibilities

The main roles and responsibilities of the Committee, which reflects the Code of Best Practice on Corporate Governance, published by the Institute of Chartered Accountants of Sri Lanka and the Guidance on Audit Committee, are set out in its written Terms of Reference (ToR) and Audit Charter which are available from the SLT’s website www.slt.lk or upon request.

The ToR and the Audit Charter is being reviewed at present based on regulatory developments and emerging risks to enhance oversight in key areas such as AI, cybersecurity, and new regulatory compliance. The updated ToR ensures compliance with new corporate governance codes, such as the review of risk management and internal control system

Primary Responsibilities of the Audit Committee are;

  • Oversight of the integrity of the financial statements of the Group and Company
  • Review of its quarterly and annual financial statements followed by recommendation for the approval of the Board
  • Oversight of risk management and internal control systems and processes
  • Oversight of its compliance with legal and regulatory requirements
  • Oversight of forensic audits
  • Review of the effectiveness of the internal audit functions and its resources
  • Review of revenue assurance and fraud management

Financial Reporting

The Committee’s oversight of financial reporting is to ensure the accuracy, completeness and timeliness in the management’s reporting of interim and annual financial results of the Group and its subsidiaries. The financial and management reporting of SLT comprises of monthly, quarterly and annual financial and management reports including the reporting of actual results against the budget, targets, key performance indicators and forecasts.

The Committee reviews these financial and management reports on a regular basis and directs the management on the strategies, plans and action required to improve the effectiveness of controls and performance of the Group and its subsidiaries.

The Committee has also obtained assurance from the CEO and CFO that the financial records have been properly maintained, and the financial statements give a true and fair view of the Company’s operations and finances.

External Auditors

In terms of Article 154 of the Constitution, Auditor General is continuing to be the Auditors of the Company and its subsidiaries as a result of the Government of Sri Lanka, acting through the Secretary to the Treasury, increasing its holding to more than 50.23% of shares of SLT. By virtue of the National Audit Act, No. 19 of 2018 and the powers vested therein with Auditor General, Ernst and Young have been appointed to assist the Auditor General to perform the audit of the financial statements of SLT.

The Auditor General, who functions as the principal auditor of the Company under Article 154 of the Constitution of

Sri Lanka and the National Audit Act No. 19 of 2018, is independent by virtue of statute and is not subject to the independence confirmation requirements applicable to auditors approved by the Securities and Exchange Commission.

The Committee has obtained written confirmation from Ernst & Young that they are independent in accordance with applicable professional and regulatory requirements.

The representatives of the Auditor General and the Partner of EY attended the audit committee meetings by invitation, and their input and suggestions are considered appropriate.

Independence and Provision of Non-Audit Services

The policy governing the provision of non-audit services by the external auditor is in accordance with the best practices and takes into account the relevant ethical guidance for auditors. The objective of the policy is to safeguard the objectivity and independence of the external auditor and to prevent the provision of services which could result in a potential conflict of auditor independence.

Internal Audit, forensic and Compliance

The Audit Committee is responsible for monitoring and reviewing the operation and effectiveness of the Group Internal Audit function including its focus, plans, activities and resources.

To fulfil these duties the Committee:

  • reviewed and approved the Group Internal Audit Plan for the year 2025;
  • considered and were satisfied that the competencies, experience and level of resources within the Internal Audit team were adequate to achieve the proposed plan;
  • considered the role and effectiveness of Internal Audit in the overall context of the Group’s risk management framework and was satisfied that the function has appropriate standing within the Group;
  • received updates from the Chief Internal Audit Officer on the principal findings from the work of Internal Audit and management’s actions to remediate issues identified;
  • conducted investigations at the request of senior management, Committee or the Board of Directors.
  • The Committee has discharged its responsibilities in compliance with the requirements of the Colombo Stock Exchange Listing Rules, the SEC Corporate Governance Code, and the Code of Best Practice on Corporate Governance issued by CA Sri Lanka.

Risk Management

SLT has implemented an enterprise risk management framework which covers the strategic, operational, compliance and financial risks of the Group and subsidiaries.

The risk overview highlights the main risks known to SLT, which could hinder it in achieving its strategic and financial business objectives.

The risk management function is focused on assessing various risks arising from the impact of the current market conditions and cybersecurity, of which the management has taken appropriate action to mitigate these risks.

The Committee reviews the adequacy of the risk management function in identifying and assessing key risks, and in working with the management to mitigate these risks through appropriate and timely action.

Revenue Assurance and Fraud Management

The key objective of the Revenue Assurance function and Fraud Management function is to minimise revenue leakages and fraud perpetrated by internal or external parties.

The Committee addresses Revenue Assurance (“RA”) and Fraud Management (FM) in three main perspectives: detection, correction and monitoring.

RA Division monitors the existing systems in place and evaluates the avenues for revenue loss and corrective actions taken to avoid possible revenue loss to the Company. The detections are achieved by both manual and automated means. Typical detection activities include comparison, investigation and auditing of information and processes. The aim is to find the root cause behind detected errors and deviations.

Correction is the set of activities and processes employed to minimise errors identified by the RA detection. Typically, some information or configuration needs to be added, edited or removed from a system, process or procedure in order to correct the detected anomaly. The process of correction of a root cause could involve modifications or enhancements of information, processes, systems, technology or organisation.

Prevention is the process of performing an activity in order to prevent anomalies that would be found using RA Detection.

The Committee reviews the findings and recommendations of these functions and ensures that appropriate and timely action is taken by the management to minimise revenue leakage and fraud.

Committee Meetings

The Committee met five times during the year and the attendance of the members of the Committee are disclosed in the Corporate Governance Report in page 167.

Typically, the Chief Executive Officer, the Chief Financial Officer and the Chief Internal Auditor (CIA), as well as representatives of the external auditor, are invited to attend meetings of the Committee. When required, other key executives and senior management are invited to attend to present and provide deeper insight on various topics as are required by the Committee to discharge its duties.

The Company Secretary functions as the Secretary to the Committee.

After each Committee meeting, the Chairman of the Committee reports to the Board on the key issues which have been discussed. The approved Audit Committee meeting minutes are submitted to the Board.

Key matters considered during the meetings held during the year are:

Month of Meeting Key Activities
8 May 2025
  • As a common agenda item, reviewing matters arising from previous AC meetings with the responses/updates provided by the management.
  • Reviewed internal audit findings, recommendations and management action presented by the Internal Audit.
  • Presented the Group Internal Audit Plan for 2025 covering SLT and its subsidiaries.
  • Recommended the unaudited Interim Financial Statements for the period ended 31 March 2025 for the approval of the Board.
  • Reviewed and recommended the consolidated audited financial statements made up to 31 December 2024 for approval of the Board including EY’s audit findings.
  • Management Representation letter on the Financial Statements was tabled.
  • Reviewed the adequacy of the risk management function in identifying and assessing key risks, and in working with the management to mitigate these risks through appropriate and timely action.
  • Reviewed and recommended the Mobitel (Pvt) Ltd Audited Consolidated Financial Statement for the year ended 2024 for the approval of the Board of Mobitel (Pvt) Ltd.
  • Reviewed and recommended for the approval of the Board, submission made on bad debts write off and inventory write off.
24 June 2025
  • Reviewed matters arising from previous AC meetings with the responses/updates provided by the management.
  • Reviewed internal audit findings, recommendations and management action presented by the CIA with the management.
  • Reviewed the revenue assurance findings, recommendations, and management action.
  • Reviewed the adequacy of the risk management function in identifying and assessing key risks, and in working with the management to mitigate these risks through appropriate and timely action.
  • Reviewed the forensic and compliance update made up to June 2025.
12 August 2025
  • Reviewed matters arising from previous AC meetings with the responses/updates provided by the management.
  • Reviewed internal audit findings, recommendations and management action presented by the CIA with the management.
  • Recommended the unaudited Interim Financial Statements for the period ended 30 June 2025 for the approval of the Board.
  • Recommended the engagement of Messrs EY to carry out the mid-year financial review of Mobitel (Pvt) Ltd for the financial year 2025 for the approval of the Board.
  • Reviewed the revenue assurance findings, recommendations, and management action.
  • Reviewed the adequacy of the risk management function in identifying and assessing key risks, and in working with the management to mitigate these risks through appropriate and timely action.
  • Reviewed the Group Compliance report.
11 November 2025
  • Reviewed matters arising from previous AC meetings with the responses/updates provided by the management.
  • Reviewed internal audit findings on Special Audit on Corporate Governance requirements of SLTS and audit in progress.
  • Recommended the unaudited Interim Financial Statements for the period ended 30 September 2025 for the approval of the Board.
  • EY presented the Audit Plan for SLT and Mobitel for the year ending 31 December 2025.
  • Recommended to proceed with annual Enhanced Capital Allowance (ECA) claim and finalize and submit the ECA claim for year 2024/25 of Mobitel (Pvt) Ltd., for the approval of the Board.
  • Reviewed the Group Forensic & Compliance report.
  • Reviewed the adequacy of the risk management function in identifying and assessing key risks, and in working with the management to mitigate these risks through appropriate and timely action.
  • Reviewed and recommended for the approval of the Board a few board submissions relating to writing off/accounting adjustments.
16 December 2025
  • Reviewed matters arising from previous AC meetings with the responses/updates provided by the management.
  • Reviewed internal audit findings, recommendations and management action presented by the management.
  • Reviewed the revenue assurance findings, recommendations, and management action.

On behalf of the Group Audit Committee

Signature of Audit Committee Chairperson

Chandrasiri Kalupahana

Chairman of the Audit Committee

14 May 2026