1. Objective of Policy
- To establish a comprehensive framework for the identification, assessment, monitoring, and management of risks associated with PMRC’s operations, in line with regulatory requirements and best practices.
2. Risk Management Scope
- Risk management is embedded at strategic, management, and operational levels across the organization.
3. Board Oversight
- The Board of Directors approves the Risk Appetite Statement and risk management policies, with oversight exercised through the Board Risk Management Committee.
4. Senior Management Responsibility
- Senior Management ensures effective implementation of the risk management framework through appropriate governance structures and management committees.
5. Risk Management Framework
- PMRC’s framework comprises policies and procedures, internal controls, MIS, and risk reporting and escalation processes.
6. Risk Appetite and Policies
- Risk Appetite and risk policies are defined in accordance with PMRC’s objectives, regulatory requirements, and prevailing best practices.
7. Key Risks Covered
- The Policy addresses credit, market, liquidity, operational, compliance, Shariah non-compliance, and other material risks.
8. Independence of Risk Management Function
- The Risk Management function operates independently of business units to ensure objective monitoring, reporting, and escalation of risk exposures.
9. Three Lines of Defence
- PMRC follows the Three Lines of Defence Model, with clear segregation of duties among Business units, Independent Risk and Compliance functions, and Internal & External audit.
10. MIS and Risk Reporting
- Effective MIS and periodic risk reporting provide timely information to Senior Management and the Board to support prudent decision making and maintenance of PMRC’s overall risk profile.
