Page 91 - Exim iar24_Ebook
P. 91
EXIM BANK MALAYSIA ANNUAL REPORT 2024
6 UPHOLDING ACCOUNTABILITY 89
No. Primary Enterprise Risk Mitigations
4. Market Risk • Maintain a comprehensive market risk policy and control.
• Proactive monitoring, analysis and reporting by Treasury Middle Office to ensure the
market risk management is within the Board approved Risk Appetite.
• All exposures and non-compliances including emerging risks are properly assessed and
escalated to the Management and Board Committees with action plan and monitoring
status.
5. Liquidity Risk • Maintain a comprehensive liquidity risk policy and control.
• Proactive monitoring and liquidity risk management to ensure it is within the Board
approved Risk Appetite
• Conduct forward-looking scenario analysis and stress test to identify the areas that
are vulnerable to liquidity risk and mitigate it with right amount of liquidity buffer and
contingency funding plan.
• All exposure and non-compliance including emerging risks are properly assessed and
escalated to the Management and Board Committees with action plan and monitoring
status.
6. Technology Risk • Establish adequate internal process and controls, include system backup & recovery.
• Maintain listing of IT-related issues and incidents with close monitoring of rectification
progress by the working level committees, for escalation to the Management and Board
Committees, where relevant.
7. Compliance Risk • Support the Bank’s strategy by establishing clear roles and responsibilities to help embed
good compliance and risk management practices throughout the business to align
business outcome with the risk appetite.
• Integrating a Compliance Risk Management Program (CRMP) into the daily management
of business and strategic planning. The CRMP helps to protect the Bank’s reputation, lower
the cost of capital, reduce costs and helps the Bank to minimise the risk of investigation,
prosecution, and penalties.
• Maintain robust and comprehensive compliance framework, policies and procedures.
• Embedded compliance function through the establishment of the Designated Compliance
and Operational Risk Officer (DCORO) functions in every division for active monitoring of
compliance and reporting matters.
• Compliance issues are promptly highlighted and presented for deliberation at the
Management and Board Committees.
8. Climate-related risks • Integration of material climate-related risk factors into the existing enterprise-wide risk
management framework.
• Continuously develop data capabilities, tool and methodologies to effectively aggregate
and report material climate-related risks.
• Reflect the climate-related risk considerations in the governance, business strategy and
operations, reporting and risk management systems.
• The climate-related risks must be part of comprehensive risk assessment to identify and
measure all material risks.
