العربية

Risk Management

  • CINET pays special attention to risk management and governance requirements, as its Board of Directors can understand and analyze the nature and magnitude of the risks facing the Company’s business. Thus, it mitigates these risks to the maximum extent possible and determines the appropriate response procedure. Therefore, the Board of Directors has developed approaches for responding to risks through developing strategies and policies for risk management and appetite
  • The Executive Management has taken significant and effective steps to upgrade the risk measurement, monitoring and reporting systems. Risks exposures are further monitored, analyzed and reported to the Risk Committee, which provides relevant recommendations to the BOD and the Executive Management. This in turn has positively impacted the Company, especially its final financial statements.
  • CINET has established multiple functions under the umbrella of non-financial risks, which are consistent with the Company’s risk management strategy and frameworks, including operational risks, business continuity management, technological risk management and cybersecurity risk management.
  • Risk management focuses on strengthening capabilities needed to manage and monitor the key risks facing CINET, by identifying potential weaknesses and ensuring that appropriate plans and controls are being developed to address them and mitigate the resulting risks. Concerning technological risk management, it seeks to effectively optimize information technology services, ensure the required level of compliance and ensure the effectiveness of the internal control environment.
  • The Business Continuity Unit is constantly working to develop and implement a business continuity framework, which includes business recovery strategies, crisis management plans, and business resilience programs. This is to enable an effective response to service failures and protection of the interests of the Company, participating members, customers and shareholders.
  • Given the increasing importance of information security in banking and financial activities and the challenges associated with the risks resulting from the rapid development of modern technologies in credit and banking sectors and considering CBK instructions issued on 10/09/2019 regarding Corporate Governance Rules and Regulations in Kuwaiti banks, the management has assumed responsibility for the ongoing monitoring of the external security threats related to the network and technological systems and for detecting these threats and developing prevention methods to ensure the integrity of internal and external data. Accordingly, rigid policies, procedures and standards have been established to prevent incidents, hacks and unauthorized access to databases and to ensure rapid recovery in the event of any cybersecurity breaches
  • The Board of Directors, through its affiliated Risk Committee, is responsible for the general supervision of CINET risks. Its responsibilities include reviewing and approving risk management policies, risk appetite, risk exposure and risk exposure limits and ensuring the availability of the required infrastructure and resources. Risk management seeks to strengthen the risk governance framework, support comprehensive policies that define the roles and responsibilities of relevant parties, consolidate the culture of risk management on an ongoing basis, provide guidance to all the Company’s employees, provide advice to the Executive Management, the Board of Directors and its affiliated committees, especially in what concerns the Company’s position and performance within the approved risk standards and issue recommendations to reestablish the Company’s acceptable risk limits.

Adherence to Laws and Regulations:

  • The Compliance and Conformity Framework adopted by the BOD reflects the principles of promoting sound compliance practices and demonstrate the Company’s commitment to the applicable legal and regulatory requirements and high professional standards. Accordingly, one of the roles of the Compliance Department is to assist the Executive Management in ensuring that all the Company’s activities and employees comply with laws and regulatory instructions in accordance with the best professional standards and the relevant proper practices. The Compliance Department Director may refer to the Board of Directors through the Audit and Corporate Governance Committees, if necessary.
  • Compliance risks are the risks of legal or regulatory penalties, material losses or damages to the Company’s reputation as a result of non-compliance with the regulating laws, applicable rules and regulations and standards and rules of professional conduct. Compliance Policy outlines the Company’s approach to manage compliance risks and the compliance program requirements and defines the roles and responsibilities of the Board of Directors, Executive Management, employees, internal audit, and the three lines model for managing compliance risks. These requirements together provide a comprehensive and risk-based approach applied to proactively identify, manage and escalate compliance risks throughout the Company. In addition, Compliance Policy also stipulates the requirements of reporting risks to the Executive Management and the Board of Directors or its affiliated committees. The Board of Directors monitors compliance risks mainly through the Audit Committee, the Governance Committee and the Nominations and Remuneration Committee.