KEY COMPLIANCE ACHIEVEMENTS AND ACTIVITIES FOR FY2022 PayNet has accredited the Bank with the Best Independent Assessment for Retail Standalone Category 2022 due to successful adoption of a structured risk-based review methodology which facilitated the overall review process. The review was jointly prepared with Group Internal Audit. A total of 116 compliance reviews were conducted comprising mandatory, risk-based and thematic reviews inclusive of 99 on Regulatory and AML/CFT areas and 17 on Shariah Compliance, resulting in 60 and 25 areas for improvement, respectively, to further strengthen the internal controls. Elaborative investigation has been performed on all 12 reported cases that may have Shariah implications to the Bank’s operations, businesses, affairs and activities prior to confirmation as Potential Shariah Non-Compliance (PSNC) or No Shariah Issue. The decision is crucial as the result will determine the state of purity of the income to be further recognised by the Bank. The process involves scrutinising the detailed facts, data and information related to the issues and proposing remedial action plans which may entail corrective and preventive measures. IGD has also laid the groundwork for Anti-bribery Management System (ABMS) ISO 37001 certification which is an international standard to prevent, detect and respond to bribery by adapting relevant anti-bribery policies and strong internal controls. While outsourcing is necessary for operational efficiency, we continue to instil strict governance in reviewing each outsourcing party to uphold the zero-tolerance principle particularly on corruption, bribery and adverse media. Effective collaboration with our service providers will create synergy and improve our service deliveries and spurring “Real Economy” as part of our VBI initiatives. We have introduced e-learning on outsourcing which will assist the business units in complying with the outsourcing requirements which will inadvertently help enhance quality and timeliness of outsourcing approvals. In upholding governance and integrity, the Group Compliance through the Integrity and Governance Department (IGD) has executed its Corruption Risk Management (CRM), embarked on CRM review on all Divisions and subsidiaries, developed the blueprint for the Organisational Anti-Corruption Plan (OACP) through the formation of the Anti-Corruption Committee and the OACP Development Committee. Issuance of Group Whistleblowing Policy and further strengthened communication and awareness on compliance and integrity related matters through the publication of the Integrity Ignition Notes, Integrity Bulletins, compliance communiques, communiques videos and disseminated the Bank’s Integrity Kit to the Board & GMEC members. In safeguarding customers’ information and data, we have instilled the Compliance Culture by creating awareness amongst our staff and service providers on the importance of preserving banking secrecy and confidentiality. Any incidents are detected through our review process and thoroughly investigated to ensure the appropriate remedial actions are taken to avoid recurrence. We do not tolerate any unethical practices and any transgressions are severely dealt with by imposing consequence management action to the parties involved. Integrated Report 2022 216 Statement on Risk Management and Internal Control
RkJQdWJsaXNoZXIy NDgzMzc=