(e) Employ multiple security measures such as vulnerability assessments, penetration testing and security baseline reviews to proactively fortify the Group’s security posture and overall cyber resilience; (f) Conduct targeted exercises such as simulated cyberattacks and phishing simulations, to test the Group’s preparedness, readiness and capabilities against cyber threats and incidents; (g) Enhancement of cyber incident response plan to effectively detect, respond to, mitigate and recover from cyber incidents in a timely; and (h) Drive proper data governance and management practices across the Group. We believe that our people are the cornerstone of our success, and we recognise the need to empower and enable them in contributing to the Group’s sustained success. We are dedicated to ensuring that our people are continuously upskilled and equipped to understanding emerging and current risks as this serves as a core element to GISGD’s initiatives. GISGD’s efforts will continue across the Group in 2025 as we strive to become the Bank that advances prosperity for all and provides value-added solutions. COMPLIANCE RISK MANAGEMENT Group Compliance Division as the Group’s second line of defence, plays a pivotal role in safeguarding the organisation against regulatory fines and administrative actions through robust compliance programs. The Group takes a proactive stance in addressing and mitigating financial crimes by developing detailed typologies and red flags to monitor financial flows, equipping frontline staff with the necessary training to identify suspicious transactions, and fostering public-private partnerships to exchange intelligence and best practices. Additionally, the Group contributes to industry-wide efforts to combat financial crime by providing specialised training and certification programs for compliance officers, focusing on financial crime risks and Anti-Money Laundering (AML) principles. Reaffirming its commitment to managing financial crime risks, the Group has implemented a comprehensive framework of controls designed to anticipate, prevent, detect, and respond to money laundering and terrorist financing activities. This framework is underpinned by a robust Anti-Money Laundering, Countering Financing of Terrorism and Countering Proliferation Financing (AML/CFT/CPF) policy and accompanying guidelines that delineate clear roles and responsibilities for the Board of Directors, Senior Management, and employees, ensuring effective governance and accountability across all levels. These controls include institutionalised monitoring and detection mechanisms, enabling the identification, investigation, and escalation of potential financial crimes. The Group’s commitment to addressing financial crime risk extends to its subsidiaries. Institutional Risk Assessments (IRAs) have been conducted across BIMB Investment Management Berhad, BIMB Securities Sdn Bhd, and Bank Islam Trust Company (Labuan) Ltd, ensuring residual risks are consistently and effectively managed throughout the organisation. Through these initiatives, the Group reaffirms its dedication to maintaining the integrity of the financial system while supporting regulatory and industry-wide efforts to combat financial crime. 251 www . b a n k i s l am. c om 01 02 03 04 05 06 07 ACCOUNTABILITY 08 09
RkJQdWJsaXNoZXIy NDgzMzc=