Risk Management Policy
The risk management policy is one of the Company’s management efforts to ensure a strong foundation for the implementation of operational activities so that operations can be conducted within measurable limits of risk to achieve the target of increasing shareholder value.
The objectives of the risk management are:
- To ensure that all business and support activities in the Company’s operations have taken into consideration all potential risks that may arise.
- To perform the function of supervision and management of all risks inherent in the Company’s business activities within the specified risk tolerance limits.
- To optimize the use of the Company’s capital.
- To ensure compliance with all relevant regulations, including regulations of Financial Services Authority (OJK), Bank Indonesia, the Ministry of Finance and other authorities.
- To increase shareholder value over in the long run.
Strategies to support the goals and objectives of risk management is developed through the formation and development of a strong risk culture, the implementation of good corporate governance practices, preserving the values of compliance with regulations, adequate infrastructure, as well as structured and healthy working processes. This strong risk culture is created by building a strong awareness of risk starting from the Board of Commissioners, Board of Directors and to the entire employees of the Company. Good corporate governance is socialized and developed thoroughly in all components and activities within the Company to ensure that they are being implemented without compromise.
As the Company engages in financing activities, the Company’s Management is fully committed to implement comprehensive risk management, which essentially covers the adequacy of policies, procedures and methodology of risks management; hence, the Company's business activities could remain to be directed and controlled at an acceptable risk limit, at the same time the Company can still be profitable. Risk Management Department is playing an active role in coordinating preventive, proactive and responsive actions with all employees from various levels within the Company in order to support the implementation of risk management, because all divisions of the Company will play their respective important roles.
In the application of risk management, the Company realizes the importance of having an adequate mechanism to accommodate the risks faced by the Company. The Company has a mechanism that rests on five (4) risk management pillars, which can be described as follows:
Pillar 1: Active Supervision by Board of Commissioners and Directors
Active supervision is reflected starting from the annual business planning, which includes:
- Approving and evaluating risk management policies periodically;
- Evaluating and approving actions that require the approval of the Board of Commissioners or Board of Directors;
- Establishing risk management policies and strategies, including establishment of authority in setting limits and evaluation of the quality of the portfolio on a regular basis;
- The existence of the Audit Committee and Risk Monitoring as an organ of the Board of Commissioners in carrying out its oversight responsibilities.
Pillar 2: Adequacy of Policy, Procedure and Application of Limits Determination
- The Company formulates policies related to risk management which are checked regularly and continually adapted to current business conditions. The policies are translated into the Standard Operating Procedures and Internal Memos which are distributed to all employees. The Company also has policies regarding restrictions approval/authorization limits for credit transactions and non-credit transactions.
Pillar 3: Adequacy of Identification Process, Assessment, Control and Monitoring Process and Management Information System
The processes of identification, assessment, monitoring and risks control are the main components of the process of risks management implementation in the Company which is used to analyze resources and potential risks along with the impacts. Risk Management Department is a division responsible to analyze the level, trend, and course of the risk.
The Company has tools to identify, assess and monitor risks, particularly credit risk and operational risk through the existing reporting mechanism and the management information systems also through regular meetings of Audit Committee and Risk Monitoring Committee. In addition, the Company’s main information technology system is able to provide, quick, accurate and in real time online data/information for Management.
Pillar 4: Comprehensive Internal Control
The Company has an Internal Audit Department, which independently reports the process and results of its investigations to the Board of Commissioners and the President Director. The accountability of the Internal Audit Department includes:
- Providing an assessment of the adequacy and effectiveness of all existing processes within the Company;
- Reporting on key issues related to the process of monitoring activities within the Company, including potential improvements to these processes;
- Coordinating with other control and oversight functions (risk management, compliance, legal and external audit);