In running its operations, the Company encounters uncertainties that potentially become risks, both externally and internally, which may interfere the achievement of the Company’s objectives.
Hence, the Risk Management Division, together with management, all departments, branches and subsidiaries actively collaborate to assess the uncertainties that could become risks as well as potential opportunities.
Since 2011, Risk Management Division has implemented a risk management framework from the Committee of Sponsoring Organizations of the Treadway Commission (COSO) – Enterprise Risk Management to facilitate assessment of the Company’s operational risks involving all functions, departments, business units, branches, subsidiaries and corporations to identify inherent risks and mitigation actions for each risks that may potentially disrupt its operational activities and the achievement of Company’s objectives.
In 2018, the Company has also gradually implemented Enterprise Risk Management (ERM) to identify key risks at the corporate, subsidiaries and branches levels by building an ERM framework with the classifications, as follows:
- Financial Risk
- External Risk
- Relationship Risk with External Parties
- Technology Risk
- Operational Risk
- Human Resources Risk.
Considering these risks, the Company together with management in subsidiaries and branches determine mitigation actions which its implementation involves all divisions and related personnel.
Review On Risk Management System
Internal Audit periodically carried out risk-based audits which indirectly evaluates the implementation of the mitigation actions specified in the risk assessment.
In addition, Risk Management Division provides regular reports to the Audit Committee and Board of Commissioners, which is also considers as reviewing the risk management system implemented by the Company and provide necessary suggestions for improvement, align to the business and market practices.