Page 137 - Bank-Muamalat-AR2020
P. 137
135
Governance
Our Performance Sustainability Statement Our Governance Our Numbers Other Information
EFFECTIVE RISK MANAGEMENT AND
ACCOUNTABILITY
RISK MANAGEMENT AND THE BOARD AND ITS COMMITTEES
INTERNAL CONTROLS
BRMC is responsible for reviewing and setting the Group’s overall risk strategy
The Board, supported by its committees, and risk appetite, and for approving the risk management policies. BAC reviews
operates within a framework of the effectiveness of the Internal Control System on an annual basis and carries out
prudent and effective controls in the assurance on the Financial Control Framework on a quarterly basis. The Board
interests of shareholders, customers reviewed the effectiveness of the Bank’s risk management and internal control
and other stakeholders. The Group’s systems including financial, operational and compliance controls and concluded
Governance of Risk Management and that they were appropriate and had operated effectively during the year.
Internal Controls ensures the safety
and soundness of the Group and its RISK MANAGEMENT SYSTEM
key entities. This is achieved through a
robust governance structure designed • A common framework through which risk management and control is embedded.
to deliver a well-managed business
with effective decision-making, good • Consistent approach throughout the Group to identify, measure, manage, monitor
procedures and strong controls. and report risks.
The Group’s Risk Management and • Consistent and comprehensive set of policies are maintained.
Internal Controls comprises three (3) • Risk Management Policy establishes a framework of standard risk management
elements:
processes.
The Board and its committees: • Risk Management System is underpinned by the ‘Three (3) Lines of Defence’
How the business is managed. model.
INTERNAL CONTROL SYSTEM
The Group’s Internal Control System sets out the processes and frameworks
Risk Management System: required to ensure effective and efficient delivery of the Group’s strategic objectives
How risks are identified,
measured, managed, monitored and is designed to identify and mitigate, rather than eliminate, the potential risk of
failure to achieve business objectives and can only provide reasonable not absolute
and reported.
assurance against material financial misstatement or loss. Implementation and
maintenance of the Internal Control System is delegated to senior management. The
Group has an effective Internal Control System which contains administrative and
accounting procedures, an internal control framework, with appropriate validation,
Internal Control System: assurance and reporting arrangements at all levels of the Group, a delegated
The controls behind the Corporate authority framework, and a compliance framework. The internal control system is
Governance Framework and the underpinned by the three (3) lines of defence model.
Risk Management System.
For further details on Effective Risk Management and Accountability, please refer
to Statement on Risk Management and Internal Control on pages 142 to 153 of the
Annual Report.
