Page 173 - Bank-Muamalat_Annual-Report-2023
P. 173
ANNUAL REPORT 2023
GOVERNANCE
STATEMENT ON
COMPLIANCE
The ever-changing nature of the operating environment that could negatively impact the Bank. Gap analysis
led to evolvement of legal and regulatory requirements in assessment is a vital process that helps the Bank to
which non-compliance may have greater and more adverse assess the adherence to the specific law, regulations, and
effects to the integrity, trust and stability of the banking standards as well as to identify areas of improvement
institutions and the industry as a whole. Recognising this, or potential compliance risk that may affect the Bank’s
the Bank has put in place a robust compliance risk product, activities, and initiatives. Through gap analysis,
management programme to ensure adherence to applicable the Bank is able to identify and prioritise processes
laws, regulations and meet industry best practices while that must be improved and assist Board and senior
protecting the interest of stakeholders, customers, and the management in making a decision by allocating the
broader society. resources, budget and priority accordingly.
The Board has established tone at the top and maintain ii. Risk Control
overall oversight responsibility including defining the
appropriate governance structure and setting risk appetite. Based on the risk assessment, the Bank has established
The Board is assisted by Board Risk & Compliance Committee comprehensive policies, procedures and manuals
(BRCC) and Board Audit Committee (BAC) to oversee that outline the Bank’s compliance expectations and
matters relating to management of compliance risk and requirements. These documents are regularly reviewed,
implementation of its controls mechanism. At management updated, and communicated to relevant stakeholders
level, Executive Risk Management Committee is responsible to ensure that the controls established are effective to
to oversee the implementation of risk management minimise the risk and able to prevent new or emerging
programme. risk from occurring.
Bank Muamalat’s Compliance Risk Management Programme The Bank continuously enhances and develops
adopts the three lines of defence mechanism, designed products, services and initiated various projects to
to ensure effective controls in managing compliance risk. offer better range of products and services to enhance
In this method, the primary responsibilities in managing customers’ experience. These initiatives are well
the compliance risk are with the first line of defence which supported by the regulatory advisory function as a control
implements the management controls to ensure compliance measure to ensure all regulatory requirements and
in day-to-day operations. The second line of defence which expectations are met and compliance risk are proactively
is independent from the first line is responsible to establish managed by the Bank.
appropriate policies, procedures, and control mechanism
with the objective to ensure continuous compliance with The Bank acknowledged that having staff with
the regulatory requirements. The third line of defence is good compliance culture is paramount in managing
the Internal Audit Function which is independent from the compliance risk. Thus, the Bank is continuously
first line and second line where the role is to provides provide regular training and awareness programs to
independent assessment and validation of the adequacy employees at all level of the organisation to ensure
and effectiveness of overall compliance programme. they understand their compliance responsibilities and
obligations. Training is tailored to matters relevant to
their roles, helping them to understand their
COMPLIANCE RISK MANAGEMENT PROGRAMME responsibilities and keep updated on regulatory
requirements.
The Bank has put in place a systematic Compliance Risk
Management Programme that designed to ensure adherence iii. Risk monitoring
to specific regulations, standards, and internal policies. It is a
continuous methodical process comprise of risk assessment, Monitoring mechanism is in place to assess and assure
control, monitoring, and reporting of risk exposures within the that the Bank’s operations, activities, and practices
Bank. comply with the regulatory requirements, industry
standard. Compliance review function is carried out
i. Risk assessment based on systematic identification of compliance
risk areas which form a basis for Annual Review Plan.
The Bank conduct compliance risk assessment to The main objective is to provide reasonable assurance
identify, evaluate, prioritise, and manage risks inherent to Board and senior management on the adherence
in the Bank’s products, initiatives and business to the compliance programme, identify areas of
operations as well as emerging risks that may led to non-compliance or potential risk and take corrective
non-compliance to regulatory, Anti-Money Laundering/ actions to mitigate those risk. The review coverage
Counter Terrorist Financing and Shariah requirements includes regulatory compliance, Anti Money Laundering/
171
