The implementation of the Risk Management function is carried out by managing sound risk management, inter alia by establishing an independent Division of Compliance & Risk Management, along with formulating appropriate policies and procedures, in order to maintain the level of risk at the specified limits.
POLICY OF THE 5 (FIVE) PILLARS OF RISK MANAGEMENT
In accordance with the Risk Management Policy of PT MNC Guna Usaha Indonesia, the application of Risk Management includes at least 5 (five) pillars as follows:
1. Pengawasan Aktif Direksi dan Dewan Komisaris.
2. Adequacy of Policies, Procedures, and Risk Limit Determinations.
3. Adequacy of Risk Identification, Measurement, Monitoring and Control Processes.
4. Risk Management Information System.
5. Comprehensive Internal Control System.
RISK MANAGEMENT FRAMEWORK
The risk management framework is a set of strategies, rules, facilities, and infrastructures that are used to implement risk management concepts and principles comprehensively.
THREE LINES OF DEFENSE
The implementation of risk management in the Corporate involves all elements in the organization from top management to executive employees. All of these elements play an active role in the context of risk management 'three lines of defense' as below:
Line -1 : First Line of Defenses (Business Units and Supporting Units)
As a risk taker or owner, a business unit and a support unit that deals with various types of daily activities and the possibility of risk is in the first line of defense against the risks faced by the Corporate. All personnel in the first line of defense are expected to have high-risk awareness so that they are able to carry out effective risk management, including identifying, measuring, monitoring, and controlling and reporting risks and ensuring compliance with existing regulations, standards, policies, and procedures.
Lini-2: Second Line of Defenses (Risk Management Unit, Compliance and Support Unit)
The second line of defense against risk is the units which are responsible for the development and implementation of risk management strategies of the Corporate, the adequacy of the availability of risk control tools/tools such as the adequacy of policies and procedures, templates, frameworks, and so forth. Units in the second tier defense include the Risk Management Unit, Compliance Unit, and several units related to certain risks in business units and supporting functions.
Lini-3: Third Line of Defenses (Internal Audit Unit)
The third line of defense against risk is the Internal Audit Unit as an independent unit tasked with exercising control through testing and auditing the implementation of the Corporate’s activities, to ensure that the first and second lines of defense against risk have carried out their functions and responsibilities well including ensuring compliance with the Corporate management policies and the applicable regulations.
MANAGEMENT OF RISK
Risks managed by the Corporate include 7 (seven) risks that must be managed by finance companies and other risks arising from MNC Leasing as a member of the Financial Conglomerate of PT MNC Kapital Indonesia, Tbk, which are:
a. Strategic Risk
b. Operational Risk
c. Asset and Liability Risks
d. Management Risk
e. Governance Risk
f. Fund Support (Capital) Risk
g. Financial Risk
h. Additional Risk (related to the Financial Conglomerate), such as Reputation Risk, Legal Risk, Compliance Risk,
and Intra-Group Transaction Risk