Page 79 - EXIM-Bank_Annual-Report-2022
P. 79
A VISION COMMITMENT EMPOWERING ENSURING ENHANCINg FINANCIAL
76 EXIM BANK MALAYSIA ANNUAL REPORT 2022 TO SERVE TO LEAD GROWTH SUSTAINABILITY gOVERNANCE STATEMENTS 77
Management Committees
Management Audit, a. Responsible for monitoring and reviewing the management of key and emerging risks of the Bank.
Risk and Compliance These include review the framework, policies, risk appetite as approved by the Board, procedures,
Committee adequacy of internal control and systems as well as the review of new products or material
(MARCC) variation to existing product offering.
b. The MARCC, if deemed appropriate, may recommend to the BRC for review and approval at the
Board.
Management Credit Responsible for reviewing, deliberating and approving new and renewal of loan/financing/credit/
Committee (MCC) insurance related proposals including recovery, restructuring, and rescheduling proposals as prescribed
in the Approving Authority and Authority Limits.
Assets and Liabilities Responsible to oversee the overall asset and liability (ALM) management including endorsing the
Committee (ALCO) appropriate strategies for ALM management, deliberation on net interest income (NII) performance
and ensuring that all ALM risks remain within the risk appetite set by the Board.
Information a. Responsible in providing oversight in Information Technology (IT) governance and to formulate the
Technology Steering IT strategic plans in ensuring that IT is capable of supporting the Bank’s strategic business plans.
Committee (ITSC) b. These functions include monitoring and deliberation on any new IT regulations that may have an
operational impact to the Bank. The ITSC, if deemed appropriate, to recommend to the MARCC and
BRC for review and approval at the Board.
The Three Lines of Defense model adopted by the Bank is as follows:
Line of Defense
First Line Business units and functional lines are responsible and accountable for identification, reporting and
mitigating the risk exposures through agreed monitoring and reporting tools.
Second Line a. Second line of defense shall remain well-defined, effective and independent from business and
operational decisions.
b. Compliance Department (CD) and the Risk Management Division (RMD) as part of the second line
of defense must possess the knowledge and expertise required to effectively perform compliance
and risk management functions. They should provide constructive challenge to business units and
functional lines in managing risk.
c. Appropriate resources and support are provided to enable them to fulfil their risk management and
responsibilities, including unrestricted access to internal system and information.
d. To ensure effective compliance and risk management throughout the Bank, regular communication
with the first line of defense is established.
Third Line a. To ensure the integrity, accuracy, and reasonableness of the Bank’s risk management processes,
as well as to provide assurance overall compliance with applicable laws, regulations, internal policies,
procedures and limits, periodic review are conducted.
b. The Audit and Assurance Department (AAD) shall closely interact with the second line of defense
to escalate the risk issues and ensure effective controls and compliance with risk management
Bank-wide.
c. Part of this process includes to following through and following up on the action plans related to
the risk findings prior to submission to relevant authorities.
