Page 144 - Bank-Muamalat-AR2020
P. 144
142 BANK MUAMALAT MALAYSIA BERHAD About Us Our Leadership Our Strategy
About Us
ANNUAL REPORT FY2020
STATEMENT ON RISK MANAGEMENT AND
INTERNAL CONTROL
BOARD RESPONSIBILITY management and compliance elements which have been instituted throughout the
Bank and its subsidiaries are updated and reviewed from time to time to suit the
T he B oard ackno wled ges its changes in the business environment. This ongoing process has been implemented
responsibility in ensuring that the to strengthen the Bank’s internal controls and risk management system for the
senior management establishes and whole financial year under review.
maintains an adequate and effective
system of risk management and Overview
internal controls as well as reviewing
its adequacy and effectiveness to keep The unprecedented COVID-19 pandemic has emphasised the continuous need
pace with the changes in the Bank’s for an effective risk management system in achieving operational and financial
activities and operating environment. resiliency whilst persevering essential banking services to stakeholders and at the
Such system covers not only financial same time achieving the Bank’s strategic objectives.
controls but also non-financial controls The Bank faced many challenges during the early onset of
relating to governance, operations, the pandemic including the lockdown of its headquarters during the Enhanced
risk management and compliance with Movement Control Order imposed in April 2020. Nonetheless, pre-emptive business
applicable laws, regulations, rules, continuity measures undertaken to manage any such eventualities helped the Bank
directives, guidelines as well as internal to steer through the critical months and ensure minimal interruptions to business
policies, processes and procedures. operations and customer service while safeguarding the health and safety of its
The Board is of the view that employees and customers.
the system of risk management Business impact assessments along with stress tests were rigorously performed
and internal controls includes an during the year to ascertain impact to business operations, asset portfolios,
established and ongoing process for revenue, liquidity and capital positions, thus enabling the Bank to take appropriate
identifying, evaluating, managing and mitigation actions to avert adverse consequences and preserve its resiliency.
reporting significant risks that may
affect the achievement of the Bank’s In managing technology and cyber resilience, steps have been taken to tighten and
business objectives and strategies. The mitigate the risk of cyber-attacks on the Bank’s IT network and digital platforms.
Board recognises that risks cannot be Digital platforms have fast become the primary option for carrying out transactions
eliminated completely and as such, in place of physical interaction and with the increased reliance on digital channels,
systems and processes have been put the industry has seen greater cyber threats and malware attacks. Unsurprisingly,
in place to provide reasonable and not technology and cyber risk management has become a top agenda at the Bank’s
absolute assurance against material board and management level where key initiatives, risks and solutions are being
misstatement of financial information reported and deliberated periodically.
or against any losses or fraud. For
this purpose, the Board has ensured Risk Management Framework
the establishment of key processes for The Bank has embarked on a journey to implement Enterprise Risk Management
reviewing the effectiveness, adequacy (“ERM”) to guide and streamline its risk management approaches and embed
and integrity of Bank Muamalat’s strategic management practices that focus on ongoing management of risks
system of risk management and associated with strategic business objectives. A new ERM framework was developed
internal controls.
and modelled after the ISO 31000:2018, an internationally accepted standards
The Board is of the view that the and guidelines on risk management, which is aimed at integrating sound risk
internal control framework has been management practices into all business activities and functions.
instituted throughout the Bank to The ERM principles form the foundation for managing all types of risk and has
safeguard the shareholder’s investment, been used in the establishment of the ERM framework and in streamlining of
customers’ interest and the Bank’s all other existing risk management frameworks, namely that of credit, market,
assets. The control structure and operational and Shariah risks.
process for financial, operational, risk