56 C I M F I N A N C I A L S E R V I C E S L T D R I S K M A N A G E M E N T Risk Management Report Bolstering our safeguards in an uncertain business environment and fostering a strong risk culture to identify and manage risk in a holistic manner. Risk Management forms an integral part of Cim Finance’s strategy, business decisions and operations, even more so in the context of economic uncertainty and evolving market dynamics. Cim Finance is committed to nurturing a strong risk culture within the organisation, supported by an Enterprise-wide Risk Management (ERM) framework and a proactive approach to managing risk exposures. This approach ensures that we take a holistic view of the risks that are inherent to our strategy and operations. In the lingering COVID-19 environment, the Group continues to reinforce its ERM framework through a closer strategic focus and the systematic monitoring of the organisation’s portfolios and operations, whilst ensuring that our control mechanisms are resilient in view of the evolving operating landscape. RISK GOVERNANCE Recognising that good risk management goes hand in hand with strong governance, the Group has a wellestablished risk governance structure based on the three lines of defence approach, which facilitates the identification and escalation of risks, whilst providing assurance to the Board. Our governance structure is supported by an active and engaged Board of Directors and a dedicated Risk Management team, which operates independently of the business units. The Chief Risk Officer reports directly to the Chairperson of the Risk Management Committee of the Board. The Group’s risk management governance structure begins with oversight by the Board of Directors, either directly or through its committees, to ensure that decision-making is aligned with the Board’s approved risk appetite. The executive management is responsible for translating the Board’s high-level guidance into operational realities, before monitoring and reporting them back periodically to the Board/ Board Committees. The aggregate enterprise-wide risk profile and portfolio appetite are discussed at the respective risk management forums, and further reported to the Board’s Risk Management Committee on a quarterly basis. The Risk Management Team and Compliance Team are independent of the business units. The Risk Management Team is responsible for identifying, measuring, monitoring and reporting significant risks across the organisation. The Compliance team ensures that there are appropriate controls to comply with applicable laws and regulations, and escalates significant non-compliance matters to Management and to the Board’s Audit & Compliance Committee. STRATEGIC LAYER MANAGEMENT LAYER L1 Board of Directors Board Committees Management Forums Risk Management Team Compliance Team L2 L3
RkJQdWJsaXNoZXIy MzQ3MjQ5