CFSL - Annual report 2018

6. RISK MANAGEMENT Risk management refers to an ongoing process that supports the implementation of the business strategy which allows for an appropriate assessment of the types and significance of risks affecting the business, including its sensitivity to those risks and its ability to mitigate them. The Board is committed to establishing a sound system of risk oversight and management and internal control to identify, assess, monitor and manage material risks related to the Group’s activities. The Board acknowledges the importance of having an effective risk management system with well-defined risk appetite and overall risk tolerance limits and fully supports initiatives that would enhance risk management capabilities. The Board’s vision of risk management is integrated into the day to day management and operation of its business and forms an integral part of the Group’s culture. Its aim is to: • Continually improve the management of risk • Evaluate, Respond and Monitor Top Risks • Reduce the risks to acceptable levels The Group has a structured risk management framework to support the identification and effective management of risks across the Group. The goal of the risk management approach, based on ISO 31000, is to continue to support Cim Group in meeting its strategic and operational objectives. Risk assessment is performed regularly at management level in line with the defined risk appetite. A risk register tracks all risks which are relevant to the main business units, namely Cim Finance Ltd, Cim Forex Ltd and Lavastone Properties Ltd (formely Cim Property Holdings Ltd) which are approved and tabled at their relevant Risk Management Committees and Boards. The Group risk register of the principal risks faced by the Group is maintained and tabled at the CIM Financial Services Ltd’s RMAC. The monitoring and the review of the risk management processes generate improvement action which is integrated into the mitigating action plan. The major initiatives completed at the level of Cim Finance Ltd in the financial year under review were: • Implementation of robust application and behavioural credit scorecards with relevant credit policies to mitigate impairment risk in Consumer Finance activities. In parallel, a new collections system was deployed to support the collections strategy. • Development of expected credit loss models under the IFRS9 framework which became effective as from 1 st October 2018 • Setting up of an incident reporting framework to ensure independent end-to-end reviewof incidents and implementation of controls by business owners. • Setting up of a Cybersecurity working group with an agreed action plan to enhance internal capabilities and protect against potential threats and vulnerabilities. A description of the financial risks facing the Group is set out from page 86 to 93. The priorities for Cim Finance Ltd in the financial year 2018/2019 are: • Reinforcing the risk team by appointing a Chief Risk Officer and revamping of the Enterprise Risk Management Framework. • Enhancing client limit management by implementing of a risk-based client limit management framework for the Consumer Finance portfolio. CORPORATE GOVERNANCE REPORT 32 CIM FINANCIAL SERVICES LTD ANNUAL REPORT 2018