Page 84 - EXIM-Bank_Annual-Report-2022
P. 84
A VISION COMMITMENT EMPOWERING ENSURING ENHANCINg FINANCIAL
82 EXIM BANK MALAYSIA ANNUAL REPORT 2022 TO SERVE TO LEAD GROWTH SUSTAINABILITY gOVERNANCE STATEMENTS 83
STATEMENT OF RISK MANAGEMENT
Primary Enterprise
No Risk Definition
5. Liquidity Risk Liquidity risk is the risk of Bank’s inability to fund increases in assets and meet cash flow
obligations as they come due, without incurring unacceptable losses.
6. Technology Risk Information and cyber security risk are the risks emanating from the use of information
technology (IT) and the Internet. These risks arise from failures or breaches of IT systems,
applications, platforms or infrastructure, which could result in financial loss, disruptions in
financial services or operations, or reputational harm to the Bank.
7. Compliance Risk Compliance risk is the risk of legal or regulatory sanctions, financial loss or reputational
damage which the Bank may suffer as a result of its failure to comply with legal and regulatory
requirements applicable to its activities.
8. Environmental, Risk that may have an impact on the internal and external environment of the Bank’s operating
Social and Governance and banking activities, reputation, financial and going concern as a result of climate change
(ESG) Risk affecting natural and human systems.
PRIMARY ENTERPRISE RISK MITIgATION
Primary Enterprise
No Risk Mitigations
1. Credit Risk • Perform independent credit evaluation as well as periodic review of the Portfolio Risk
Rating (PRR), Target Market and Risk Acceptance Criteria (TMRAC), product programmes,
Underwriting Standards and all other matters pertaining to credit risks.
• Proactive account management through identification of Significant Increase in Credit
Risk (SICR) events for timely account classification and re-classification with appropriate
expected credit loss provisioning and effective credit risk mitigation.
• Maintain comprehensive credit policy and limits within the Board approved Risk Appetite.
• All exposures and non-compliances including emerging risks are assessed and escalated
to the Management and Board Committees with action plan and monitoring status.
2. Operational Risk • Embedded risk function through the establishment of the Designated Compliance and
Operational Risk Officer (DCORO) functions in every division for active monitoring of
operational risks and reporting matters.
• All operational risk issues and incidents with detailed analysis and action plan are
promptly reported to Management and Board Committees.
3. Shariah • Ascertain the soundness of Shariah governance framework through four dedicated
Non-Compliance functions - Shariah Research & Advisory, Shariah Risk Management, Shariah Review and
(SNC) Risk Shariah Audit - as required under BNM Shariah Governance Framework.
• Embedded risk function through the establishment of the Designated Compliance and
Operational Risk Officer (DCORO) functions in every division for active monitoring of
SNC risks and reporting matter.
• All SNC risk issues and incidents with detailed analysis and action plan are timely
reported to the Management, Board and Shariah Committee.
