INTERNAL CONTROLS SYSTEM The Board has established internal controls systems to provide an effective governance and oversight which include the following key components: • Organisational Structure An organisation structure with clearly defined lines of responsibility and accountability has been established in line with the business and operating requirements to support a strong control environment. • Annual Business Plan and Budget All key operating divisions are involved in the preparation of the annual business plan and budget taking into consideration the established risk appetite. They will have to go through a challenge session with the Management before the proposal is deliberated by the Board for approval. The Board will regularly review the performance achievements and any revision to the business plan and budget will be re-tabled for the Board’s approval. • Authority Limits There is an Authority Limits document in place which outline the approving authority and the approving limits to the respective Management Executive Committees as well as to the relevant Heads of Division. The Authority Limits document is reviewed regularly to ensure efficiency and control. The Authority Limits document is approved by the Board and changes to any limit therein are also approved by the Board. • Oversight by the Board Audit & Examination Committee (BAEC) The BAEC is established to assist the Board in ensuring a reliable and transparent financial reporting process and internal controls systems are in place within the Group and provide an independent oversight on the effectiveness of the internal and external audit functions. Material control lapses are escalated to the BAEC for deliberation. The BAEC also deliberates on any unresolved audit findings to ensure the Management undertakes the relevant remedial actions within the timeline. • Oversight by the Board Risk Committee (BRC) The BRC assists the Board in ensuring that a sound and robust risk management framework as expected by BNM is in place and effectively implemented. The BRC provides an independent oversight on the Management’s activities in managing credit risk, market risk, liquidity risk, operational risk (which includes legal risk, compliance risk, Shariah non-compliance risk, IT risk and business continuity risk), sustainability risk (including climate-related risk) and other relevant risk and to ensure that the risk management processes are in place and functioning for the Group. • Oversight by Other Board Committees There are other Board Committees established to assist the Board in discharging its overall governance responsibilities and oversight functions. These Board Committees are the Board Nomination & Remuneration Committee (BNRC), the Board Financing Review Committee (BFRC), the Board Strategic & Sustainability Committee (BSSC) and the Board Information Technology Committee (BITC). The Board has delegated these Board Committees the authority to review all matters within the scope defined in their respective Terms of Reference and make the relevant recommendations to the Board. • Management Executive Committees The Management has set up various Management Executive Committees to assist and support the various Board Committees in overseeing the relevant areas of business operations and controls. This includes Group Management Executive Committee, Management Risk & Control Committee, Asset & Liability Management Committee, Management Audit Committee, Management IT Committee and three (3) Financing Committees. • Policies and Guidelines Policies and guidelines governing the Group’s business and operations have been put in place and are made available to employees via the intranet portal for reference and compliance. These policies and guidelines are regularly reviewed and updated by the respective business and support units to cater for any changes in laws and regulations as well as changes to the business and operating environments. 240 Bank Islam Malaysia Berhad ◆ Integrated Annual Report 2023 Statement on Risk Management and Internal Control
RkJQdWJsaXNoZXIy NDgzMzc=