Page 151 - Bank-Muamalat-Annual-Report-2021
P. 151
ANNUAL REPORT 2021 149
SUSTAINABILITY STATEMENT OUR GOVERNANCE OUR NUMBERS OTHER INFORMATION
The primary focus of liquidity management is to assess SHARIAH RISK MANAGEMENT
all cash inflows against outflows to identify any potential
net shortfall going forward, including for those involving Shariah non-compliance risk is defined as the risk that arises
off-balance sheet commitments. The measurement and limits from failure to comply with the Shariah rules and principles as
used to monitor and manage liquidity risk are as prescribed determined by the Shariah Committee of the Bank and other
under the BNM’s liquidity framework, Liquidity Coverage relevant Shariah regulatory councils or committees.
Ratio (LCR) and Net Stable Funding Ratio (NSFR). The Bank
Management of shariah non-compliance risk is guided
has also commenced on an upgrade of its risk system to
via established policies and guidelines on Shariah risk
facilitate a robust liquidity risk management.
management as well as governance and oversight processes.
The Bank has established a liquidity contingency plan to ensure These include the approaches for identification and assessment
its readiness in dealing with any potential liquidity crisis. of Shariah non-compliance risks in business activities, products
and services, and assessment of the effectiveness of existing
controls and mitigation plan. Assessment of products,
OPERATIONAL RISK MANAGEMENT
services and operating procedures are continuously performed
from Shariah risk perspective and training and awareness
Operational risk is defined as the risk of loss resulting from
programme on Shariah risk are conducted to promote a
inadequate or failed internal processes, people and system
cohesive Shariah compliance risk culture.
or from various external events. The effects of operational risk
may extend beyond financial losses and could result in legal
and reputational risk impacts. TECHNOLOGY AND CYBER RISK MANAGEMENT
The risk management framework has been enhanced to Risk arising from technology vulnerabilities which could result
incorporate improvement to risk and control assessment in financial loss, disruptions to infrastructure, operations
approaches and reporting with the inclusion more leading risk and/or reputational harm while cybersecurity risk is the
indicators and control testing mechanism. probability of loss of customer information and banking
record due to cyber threat or attack.
Other mitigation actions include strengthening the first line of
defence via continuous operational risk training and awareness The Bank continuously ensures that the BNM’s RMiT is
for new recruits and risk agents and increased engagements adhered to along with various other regulatory requirements
with the risk owners at branches and departments. on technology and cybersecurity. The Bank has established
and operationalized its Technology Risk Management
BUSINESS CONTINUITY MANAGEMENT (BCM) Framework and Cyber Resilience Framework to ensure
confidentiality, integrity and availability of information aligned
The COVID-19 pandemic has demonstrated the importance with the risk profile.
of effective business continuity management to ensure
The Bank has made effort to safeguard the infrastructure
uninterrupted business operations. The Bank’s BCM, which
and information, whether it is in digital or physical form.
entails enterprise-wide planning, coordination and mobilisation
This entail putting controls in place through policies and
of key resources and processes under a broad spectrum of
procedures that comply with Bank Negara Malaysia’ RMIT,
business disruptions arising from both internal and external
PayNet’s requirements and international best practices.
events, has enabled the Bank to respond and continue to
The Bank ensures that the controls are appropriate, effective
operate critical business functions under various and prolonged
and constantly reviewed to ensure that our information is
adverse conditions.
safeguarded.
The BCP was prepared based on risk assessments and business
impact analyses performed on identified potential threats
to business functions. Business impact analyses are used to
identify critical business functions and systems and to formulate
corresponding business continuity plan and management
action.
