Page 144 - Bank-Muamalat-AR2020
P. 144

142    BANK MUAMALAT MALAYSIA BERHAD                   About Us           Our Leadership       Our Strategy
                                                            About Us
            ANNUAL REPORT FY2020

          STATEMENT ON RISK MANAGEMENT AND
          INTERNAL CONTROL








          BOARD RESPONSIBILITY                management  and  compliance  elements  which  have  been instituted  throughout the
                                              Bank and its subsidiaries are updated and reviewed from time to time to suit the
          T he B oard  ackno wled ges  its    changes in the business environment. This ongoing process has been implemented
          responsibility in ensuring that the   to strengthen the Bank’s internal controls and risk management system for the
          senior management establishes and   whole financial year under review.
          maintains an adequate and effective
          system of risk management and       Overview
          internal controls as well as reviewing
          its adequacy and effectiveness to keep   The unprecedented COVID-19 pandemic has emphasised the continuous need
          pace with the changes in the Bank’s   for an effective risk management system in achieving operational and financial
          activities and operating environment.   resiliency whilst persevering essential banking  services  to stakeholders and at the
          Such  system covers not only  financial   same time achieving the Bank’s strategic objectives.
          controls but  also non-financial controls   The Bank faced many challenges during the early onset of
          relating to governance, operations,     the  pandemic  including  the  lockdown of  its headquarters  during the Enhanced
          risk  management and  compliance  with   Movement Control Order imposed in April 2020. Nonetheless, pre-emptive business
          applicable laws, regulations, rules,   continuity measures undertaken to manage any such eventualities helped the Bank
          directives, guidelines as well as internal   to steer through the critical months and ensure minimal  interruptions to business
          policies, processes and procedures.  operations and customer service while safeguarding the health and safety of its
          The Board is of the view that       employees and customers.
          the  system  of  risk  management   Business  impact  assessments  along  with  stress  tests  were  rigorously  performed
          and internal controls includes an   during the year to ascertain impact to business operations, asset portfolios,
          established and ongoing process for   revenue, liquidity and capital positions, thus enabling the Bank to take appropriate
          identifying, evaluating, managing and   mitigation actions to avert adverse consequences and preserve its resiliency.
          reporting  significant  risks  that  may
          affect the achievement of the Bank’s   In managing technology and cyber resilience, steps have been taken to tighten and
          business objectives and strategies. The   mitigate the risk of cyber-attacks  on  the Bank’s  IT  network and digital platforms.
          Board recognises that risks cannot be   Digital platforms have fast become the primary option for carrying out transactions
          eliminated completely and as such,   in place of physical interaction and with the increased reliance on digital channels,
          systems and processes have been put   the industry has seen greater cyber threats and malware attacks. Unsurprisingly,
          in place to provide reasonable and not   technology and cyber risk management has become a top agenda at the Bank’s
          absolute assurance against material   board and management level where key initiatives, risks and solutions are being
          misstatement of financial information   reported and deliberated periodically.
          or  against  any  losses  or  fraud.  For
          this purpose, the Board has ensured   Risk Management Framework
          the  establishment  of  key  processes  for   The  Bank has  embarked on a journey to implement Enterprise Risk Management
          reviewing the effectiveness, adequacy   (“ERM”)  to  guide  and  streamline  its  risk  management  approaches  and  embed
          and integrity of Bank Muamalat’s    strategic management practices that focus on ongoing management of risks
          system of risk management and       associated with strategic business objectives. A new ERM framework was developed
          internal controls.
                                              and modelled after the ISO  31000:2018, an  internationally  accepted standards
          The Board is of the view that the   and guidelines on risk management, which is aimed at integrating sound risk
          internal control framework has been   management practices into all business activities and functions.
          instituted throughout the Bank to   The ERM principles form the foundation for managing all types of risk and has
          safeguard the shareholder’s investment,   been used in the establishment of the ERM framework and in streamlining of
          customers’ interest and the Bank’s   all other existing risk management frameworks, namely that of credit, market,
          assets.  The control  structure  and   operational and Shariah risks.
          process for financial, operational, risk
   139   140   141   142   143   144   145   146   147   148   149