RISK MANAGEMENT: AN ACT OF BALANCING RISK AND REWARD
Risk lies in every sector of our businesses and presents both positive and negative opportunities. Hence, an effective risk management system is necessary to explore and maximize positive opportunities and mitigate adverse outcomes of the negative ones in order to secure long-term value for our stakeholders.
Risk Governance Structure
Our risk governance structure is applied at all levels in the company and within the group.
Risk Management Process
Adopting the ISO 31000 Risk Management Framework, we started 2014 with a Black Swans workshop, facilitated by risk experts, to understand existing and potential risks that may impact achievement of business objectives. In understanding our value drivers, we identified key trends and key risk indicators for constant monitoring.
As part of the review of our enterprise risk management framework, we revisited our risk tolerance matrix. The degree of impact was determined to include financial, reputational, and regulatory considerations; probability of occurrence was focused on speed of change and complexity of environment, among others.
Using this risk matrix, we identified and prioritized key risks and accordingly allocated resources without losing sight of tail-end risks. Through collaboration and consultation, Management, assisted by the Group Risk Management Unit, identified existing key controls and directed actions for continuous improvement. Constant monitoring and regular reporting on key risks were done in 2014.
Finally, we annually assess our risk management maturity level in the areas of governance and organization, risk management strategy, reporting and communication, tools and technology, and culture and capability. Results provide input to improvements of our risk management framework.