MANAGEMENT RESPONSIBILITY The Management is accountable to the Board and is overall responsible for the effective implementation of the Board’s decisions pertaining to policies and procedures on risk management and internal controls. This is done by identifying and evaluating the risks faced by the Group and designing, operating and monitoring the risk management and internal controls systems to mitigate and control risks for consideration by the Board. This includes taking appropriate and timely corrective actions as required. The Management has assured the Board that the Group’s risk management and internal controls systems are operating adequately and effectively, in all material aspects, based on the risk management framework and internal controls systems adopted by the Group. The Management’s responsibilities in respect of risk management and internal controls include: (a) Monitoring and assessing the overall risk profile of the Group including emerging risks such as credit risk, market risk, liquidity risk, operational risk, Shariah non-compliance risk, regulatory/compliance risk, contagion risk, IT and cyber risk, and sustainability risk (including climate-related risk) and other relevant risk that will have an impact to the Group; (b) Reviewing and recommending to the BRC relevant policies and guidelines to manage risks in accordance with the Group’s strategic vision and overall risk appetite; (c) Designing, implementing and monitoring the effective implementation of risk management and internal controls systems; and (d) Reporting in a timely manner to the Board on any material changes to the risks together with the corrective and mitigation actions taken. RISK MANAGEMENT The Board recognises that sound risk management and internal controls form an integral part of the Group’s business operations and decision-making process and are critical in ensuring the Group’s success and sustainable growth. The Enterprise Risk Management (ERM) Framework is the foundation of the control mechanisms within the Group. It consists of an ongoing process to identify, assess, measure, manage, control and report material risks affecting the achievement of the Group’s strategic business objectives. The key elements of the internal controls systems which is guided by the Group’s ERM framework consists of the following: Risk Governance Risk Appetite Risk Management Process Risk Culture 232 Bank Islam Malaysia Berhad ◆ Integrated Annual Report 2023 Statement on Risk Management and Internal Control
RkJQdWJsaXNoZXIy NDgzMzc=