A L - S A L Ā M R E I T A N N U A L R E P O R T 2 0 2 1 114 STATEMENT ON RISK MANAGEMENT & INTERNAL CONTROL Responsibilities and Processes in the Three Lines of Defence Model The Board and the BARC Responsibilities Governing overall risk oversight responsibility including defining the appropriate governance structure and risk appetite. Process • Articulates and provides direction on risk appetite, organisational control environment and risk culture. • Provide an independent view on specific risk and control issues, the state of internal controls, trends and events 3rd Level of Defence: Internal Audit Responsibilities • Provide independent assurance design and effectiveness on an organisation's risk management, governance and internal control processes are operating effectively. • Assurance about design and effectiveness Process Perform risk-based internal audit and independent reporting to Management and BARC 2nd Level of Defence: Risk Management and the ERMC Responsibilities • Oversees the operationalisation of risk management strategies as well as frameworks and policies. • Independent reporting to the management and BARC • Advisor to 1st line/ 1st Level of Defence: Business Line Management/ Risk Owners Process Monitors the consistent enforcement of ERM Policy & Framework, reviews and endorses risk parameter, risk appetite, risk profile and treatment options and risk action plans. 1st Level of Defence: Business Line Management/ Risk Owners Responsibilities • The Senior Management who form the 1st line of defence are primarily responsible for managing process, • They are also responsible for controlling risks by using business control and compliance frameworks, implement internal control processes and adequate control • Manage day-to-day risk inherent in business activities as guided by the established risk strategies, frameworks and policies Process Identification and assessment of risk, implementation and monitoring of risk action plans. In ensuring that there is a consistency to the methods used in managing risks throughout the organisation, both at the strategic and operation level of risk appetites were pre-determined to ascertain that the risk management efforts are aligned with the Fund’s business objectives. The risk appetites also outline enhanced and explicit requirements for managing risks and assists in understanding the impact of uncertainties inherent in business decisions especially impacts relating to the Covid-19 outbreak and the Movement Control Order (MCO) in business operations and strategic direction. An expansion of risk appetite parameters was proposed at the Board Investment Committee (BIC) to further regulate future diversification exercises. In addition to the above, the revised ERM Policy & Framework also incorporate the ESG risks to provide a holistic approach to risk management.
RkJQdWJsaXNoZXIy NDgzMzc=