Page 90 - Exim iar24_Ebook
P. 90
EXIM BANK MALAYSIA
88
STATEMENT OF
RISK MANAGEMENT
No. Primary Enterprise Risk Definition
3. Operational Risk Operational risk is the risk of loss resulting from inadequate or failed internal operational or
financial processes and systems, the actions of people or from external events.
4. Market Risk Market risk refers to the potential loss arising from adverse movements in the market prices.
5. Liquidity Risk Liquidity risk is the risk of Bank’s inability to fund increases in assets and meet cash flow
obligations as they come due, without incurring unacceptable losses.
6. Technology Risk Information and cyber security risk are the risks emanating from the use of information
technology (IT) and the Internet. These risks arise from failures or breaches of IT systems,
applications, platforms or infrastructure, which could result in financial loss, disruptions in
financial services or operations, or reputational harm to the Bank.
7. Compliance Risk Compliance risk is the risk of legal or regulatory sanctions, financial loss or reputational
damage which the Bank may suffer as a result of its failure to comply with legal and regulatory
requirements applicable to its activities.
8. Climate-related risks Potential risks that may arise from climate change, their related impacts and their economic
and financial consequences, which include drivers of climate risks, namely physical,
transition and liability risks.
PRIMARY ENTERPRISE RISK MITIGATION
No. Primary Enterprise Risk Mitigations
1. Credit Risk • Perform independent credit evaluation as well as periodic review of the Portfolio Risk
Rating (PRR), Target Market and Risk Acceptance Criteria (TMRAC), product programs,
Underwriting Standards and all other matters pertaining to credit risks.
• Proactive account management through identification of Significant Increase in Credit
Risk (SICR) events for timely account classification and re-classification with appropriate
expected credit loss provisioning and effective credit risk mitigation.
• Maintain comprehensive credit policy and limits within the Board approved Risk Appetite.
• All exposures and non-compliances including emerging risks are assessed and escalated
to the Management and Board Committees with action plan and monitoring status.
2. Shariah Non-Compliance • Ascertain the soundness of Shariah governance framework through four dedicated
(SNC) Risk functions - Shariah Research & Advisory, Shariah Risk Management, Shariah Review and
Shariah Audit - as required under BNM Shariah Governance Framework.
• Embedded risk function through the establishment of the Designated Compliance and
Operational Risk Officer (DCORO) functions in every division for active monitoring of
SNC risks and reporting matter.
• All SNC risk issues and incidents with detailed analysis and action plan are timely reported
to the Management, Board and Shariah Committee.
3. Operational Risk • Embedded risk function through the establishment of the Designated Compliance and
Operational Risk Officer (DCORO) functions in every division for active monitoring of
operational risks and reporting matters.
• All operational risk issues and incidents with detailed analysis and action plan are promptly
reported to Management and Board Committees.
