Page 46 - Bank-Muamalat_Annual-Report-2023
P. 46
BANK MUAMALAT MALAYSIA BERHAD
PRINCIPAL RISKS AND
UNCERTAINTIES
Type of Risk Description and impact of the risk How we manage or mitigate the risk
Operational The risk of loss resulting from inadequate • Enhance monitoring of key risk indicators to better track risk
Risk or failed internal processes, people and exposures and provide early warning signals
systems or from various external events. • Ongoing review and validation of operational risk tools, i.e.
The effect may extend beyond financial Risk & Control Self-Assessment (RCSA), Key Risk Indicators (KRI)
losses and may result in legal and and Incident Management & Data Collection (IMDC)
reputational risk impacts • Ongoing management of bank-wide operational risks and
This risk could also create an impact on monitoring of risk ratings
the Bank’s profitability and ability to meet • Ongoing management of business continuity strategy and plan
regulatory requirements as well as disrupt • Ongoing management and monitoring of outsourcing
the Bank’s business arrangements and mitigation strategy
• Ongoing review, enhancements and monitoring of risk appetite
• Conduct periodic stress testing and scenario analysis
• Streamline and enhance Operational Risk Management policies
and procedures
Link to Material Matter Link to Impact on Capitals
Shariah The risk that arises from failure to comply • Ongoing Shariah review
Non- with the Shariah rules and principles as • Continuous monitoring and reporting of Shariah non-
Compliance determined by the Shariah Committee compliances
Risk (SC) of the Bank and relevant Shariah • Enhanced monitoring and tracking of Shariah non-compliance
regulatory councils or committees. risk exposures via risk tools i.e. Key Risk Indicators (KRI),
This risk creates regulatory, profitability Risk & Control Self-Assessment (RCSA) and Incident
and reputation impacts. Management & Data Collection (IMDC)
• Ongoing review, enhancements and monitoring of risk appetite
• Conduct periodic stress testing and scenario analysis
• Streamline and enhance Shariah Risk Management policies and
procedures
Link to Material Matter Link to Impact on Capitals
Technology Risk arising from technology • Establish and operationalise new Technology Risk Management
and vulnerabilities which could result in Framework (TRMF) and Cyber Resilience Framework (CRF)
Cybersecurity financial loss, disruptions to infrastructure, • Develop and implement IT & Cybersecurity Strategic Plan in
Risk operations and/or reputational harm. alignment with business requirements and adherence to BNM’s
Cybersecurity risk is the probability of Risk Management in Technology (RMiT) policy
loss of customer information and banking • Foresight by gathering FI threat intelligence through identify,
records due to cyber threat or attack manage, and address related risks
This risk creates regulatory, profitability • Strengthen cyber resilience level and monitor sustainability of
and reputation impacts as well as disrupts technology and cybersecurity controls
the Bank’s business • Ongoing review, enhancements and monitoring of risk appetite
Link to Material Matter Link to Impact on Capitals
Ethics & Economic Entrepreneur Procurement Digital Energy Consumption
M1 M2 M3 M4 M5 M6
Integrity Performance Development Practices Banking and Environmental
Impact
Community Customer Diversity and Training and Financial Responsible
M7 M8 M9 M10 M11 Employment M12 M13
Development Experience Equal Opportunity Education Inclusion Financing
44
