MANAGEMENT RESPONSIBILITY The Management is accountable to the Board for effective implementation of the Board’s decisions pertaining to policies and procedures on risk management and internal control. This involves identifying and evaluating the risks faced by the Group and designing, operating and monitoring the risk management and internal control system to mitigate and control those risks for the Board’s consideration. This includes taking appropriate and timely corrective actions as required. The Management has assured the Board that the Group’s risk management and internal control systems are operating adequately and effectively, in all material aspects, based on the risk management framework and internal control systems adopted by the Group. The Management’s responsibilities in respect of risk management and internal control include: (a) Monitoring and assessing the overall risk profile of the Group including emerging risks such as credit risk, market risk, liquidity risk, non-financial risk (which includes legal risk, compliance risk, Shariah noncompliance risk, technology & cyber risk and business continuity risk), sustainability risk (including climaterelated risk) and other relevant risk that will have an impact to the Group; (b) Reviewing and recommending to the BRC relevant policies and guidelines to manage risks in accordance with the Group’s strategic vision and overall risk appetite; (c) Designing, implementing and monitoring the effective implementation of risk management and internal control system; (d) Implementing remedial actions to address compliance deficiencies as directed by the Board; and (e) Reporting in a timely manner to the Board on any material changes to the risks together with the corrective and mitigation actions taken. RISK MANAGEMENT The Board recognises that sound risk management and internal control form an integral part of the Group’s business operations and decision-making process and are critical in ensuring the Group’s success and sustainable growth. The Enterprise Risk Management (ERM) Framework is the foundation of the control mechanisms within the Group. It consists of an ongoing process to identify, assess, measure, manage, control and report material risks affecting the achievement of the Group’s strategic business objectives. The key elements of the internal control system which is guided by the Group’s ERM framework consists of the following: 1 Risk Governance 2 Risk Culture 3 Risk Appetite 4 Risk Management Process 5 Stress Testing 245 www . b a n k i s l am. c om 01 02 03 04 05 06 07 ACCOUNTABILITY 08 09
RkJQdWJsaXNoZXIy NDgzMzc=