KENANGA INVESTMENT BANK BERHAD 142 INTEGRATED ANNUAL REPORT 2025 STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL Employee misconduct is managed through the established Consequence Management Framework and Group Disciplinary Policy and Procedure. Business Continuity Management Business Continuity Plans and Disaster Recovery Plans are established to ensure non-disruption of business or efficient business resumption. Regular testing or drills are also conducted for the purpose of staff preparedness, readiness of disaster recovery site, effectiveness of communication, escalation and recovery procedures. For effective business continuity management (“BCM”), awareness training is held annually for BCM coordinators and key persons. Information Technology Security The use of IT is essential and central to the Group’s business. In order to ensure the reliability and resiliency of the business operations to meet the expectations of customers and all stakeholders, and in line with the guidelines of regulators such as BNM’s Policy Document on Risk Management in Technology and SC’s Guidelines on Technology Risk Management, the Group has established the corporate Cyber Security Policy and implemented the necessary security procedures to protect the confidentiality, integrity and availability of information systems and data. With the increase in the adoption of digitalisation and service delivery via cyberspace, the Group will continue to reinforce its IT security efforts and initiatives to be aligned with the Group’s current and envisaged operations, strategies and business environments. The IT security posture of the Group is also continuously reviewed and enhanced to mitigate the risks arising from new and emerging threats. In-house IT security training and security updates on the latest threats are constantly provided to all staff to ensure their awareness on the importance of IT security. Climate Change and Sustainability Risk Management The Group integrates climate change risks into our risk management framework to safeguard investments and enhance resilience. Managing climate change risk is core to our sustainability journey. We take a wholesome and integrated risk-based approach in addressing the multi-dimensional implications of climate change risk, including incorporating climate change risk drivers across credit, market, liquidity, operational and reputational risks. Considering the wideranging and significant implications of climate change risk on our business operations and, in line with BNM’s guidelines such as Climate Risk Management & Scenario Analysis and Climate Change and Principle-Based Taxonomy, we developed our Climate Change Risk Management Framework to provide strategic guidance to the Group in respect of climate change risk governance and implementation. This includes risk management practices, transition pathway and corporate direction in aligning its strategies and business operations with the applicable regulatory policies on climate change risk. In addition, in alignment with the National Sustainability Reporting Framework (“NSRF”), which adopts the International Sustainability Standards Board (“ISSB”) S1 and S2 requirements, the Group has developed a Sustainability Risk Management Framework to integrate sustainability risk and opportunity assessments across all business units and subsidiaries. This initiative will enhance our preparedness for NSRF disclosure requirements and establish a comprehensive sustainability risk profile for the Group. A climate risk profiling exercise has also been initiated to identify areas of vulnerability, guide strategic prioritisation, and further strengthen our readiness for ISSBaligned reporting. Climate change and sustainability risk management related matters, where relevant, are deliberated at the Board level by the GBRC. The GBRC is supported by the GRC which provides risk management oversight including reviewing and recommending frameworks, policies and procedures, as well as evaluating climate risk-related propositions within the Group. Meanwhile, the Group Sustainability Management Committee (“GSMC”) provides oversight and guidance on the Group’s sustainability strategies, policies, goals, and reporting, while overseeing the effective implementation of the Group’s sustainability strategies and the integration of sustainability considerations into day-today operations to support long-term business objectives. Compliance Function The Board is unreservedly committed and always strives to adopt the principles and recommendations of the MCCG issued by the SC, as well as other relevant regulatory requirements relating to corporate governance. Compliance reviews and monitoring are undertaken by GCE using various tools and approaches based on the framework set by Group Compliance, a department of GCE. These reviews and monitoring are performed to assess the level of compliance with the relevant regulatory requirements and the respective companies’ internal policies and procedures. Any regulatory deviation or compliance breaches will be reported to the respective Boards of operating entities within the Group and the relevant regulators. Pursuant to this, appropriate corrective actions including disciplinary actions will be taken to address the breach with a view to preempt and prevent the occurrence of a similar breach.
RkJQdWJsaXNoZXIy NDgzMzc=