Page 179 - Bank Muamalat_AR24
P. 179
ANNUAL REPORT 2024 1 2 3 4 5 6 Governance 7 8 177
BUSINESS CONTINUITY MANAGEMENT (BCM) Advanced cybersecurity tools and protocols have been
deployed to proactively detect, prevent, and respond to
The Bank’s Business Continuity Management (BCM), emerging threats. Protecting systems and customer data
which entails enterprise-wide planning, coordination, and remains a top priority, supported by regular compromise
mobilisation of key resources and processes under a broad assessments, technology risk reviews, and continuous security
spectrum of business disruption scenarios arising from both enhancements.
internal and external events, has enabled the Bank to respond
and continue to operate critical business functions under
various adverse conditions. SUSTAINABILITY & CLIMATE RISK
The business continuity plan is reviewed annually based The Bank has strategically positioned itself to meet evolving
on detailed risk assessments and business impact analyses sustainability expectations by aligning with national priorities
performed on identified potential threats to business and international climate-related frameworks. In support
functions. Business impact analysis is used to identify of Malaysia’s ambitions under the National Sustainability
critical business functions and systems, and to formulate Reporting Framework (NSRF) and Bank Negara Malaysia’s
corresponding business continuity plans and management (BNM) Climate Change and Principle-based Taxonomy (CCPT),
actions. This includes assessment and analysis of the the Bank continues to embed sustainability considerations
materiality of outsourcing services by third-party service into the core of its business strategies and risk management
providers. practices.
The Bank has operationalised the Environmental, Social, and
SHARIAH RISK MANAGEMENT Governance (ESG) scorecard that integrates sustainability
metrics into its credit evaluation and decision-making
Shariah non-compliance risk is defined as the risk that arises processes. This tool enables structured assessments of
from failure to comply with the Shariah rules and principles clients’ operations, incorporating both ESG benchmarks
as determined by the Shariah Committee of the Bank and and CCPT due diligence. In doing so, the Bank promotes a
other relevant Shariah regulatory councils or committees. more inclusive and climate-aligned financing decisions that
facilitate the country’s transition towards a low-carbon and
The management of Shariah non-compliance risk is guided climate-resilient economy.
by established policies and guidelines on Shariah risk
management, as well as governance and oversight processes. Recognising that climate-related risks pose a material
These include approaches for identification and assessment threat to financial stability, particularly in vulnerable and
of Shariah non-compliance risks in business activities, high-emitting sectors, the Bank conducts regular portfolio
products, and services, and assessment of the effectiveness reviews and scenario analysis in line with BNM’s Climate
of existing controls and mitigation plans. Assessments of Risk Management and Scenario Analysis (CRMSA) guidance.
products, services, and operating procedures are continuously In addition, the Bank undertakes Climate Risk Stress Testing
performed from a Shariah risk perspective. Continuous training (CRST) as part of broader regulatory expectations. Insights
and awareness programmes on Shariah risk are conducted to from these exercises are taken into consideration in the
promote a cohesive Shariah compliance risk culture. Bank’s risk appetite and credit policies, enabling the
development of targeted and sector-specific mitigation
TECHNOLOGY AND CYBER RISK MANAGEMENT strategies to enhance climate resilience across its financing
portfolio.
Technology and cyber risks arise from threats that can disrupt
IT systems and compromise the confidentiality, integrity, The Bank’s long-term sustainability agenda is rooted in the
and availability of digital assets, as well as the resilience of goal of creating enduring stakeholder value while addressing
technology operations. pressing environmental and social challenges. By fully
embedding climate considerations into its Enterprise Risk
The Bank remains fully aligned with regulatory expectations, Management (ERM) framework, BMMB demonstrates a
including Bank Negara Malaysia’s Risk Management in firm commitment to balancing financial performance with
Technology (RMiT) guidelines, and continues to adopt industry climate resilience, transparency, and broader sustainable
best practices to strengthen its cyber and technology risk impact. This approach is aligned with the principles of
posture. Key initiatives include the implementation of a Value-based Intermediation (VBI), reinforcing the Bank’s
Cybersecurity Strategic Plan and the adoption of the Zero dedication in delivering outcomes that are not only financially
Trust Maturity Model, aimed at enhancing the Bank’s overall sound but also socially inclusive and environmentally
security architecture. The Bank has also operationalised responsible.
its Technology Risk Management Framework and Cyber
Resilience Framework, ensuring a robust and coordinated
approach to managing technology risks.
