Committees Manual

This guideline is a work guideline for the Remuneration and Nomination Committee in carrying out its duties and responsibilities, which is part of the creation of a Good Corporate Governance system. 

Company Risk Management

Company Risk Management is a process in planning, managing, controlling and monitoring the activities of the Company to reduce risks that can have an impact on the condition of the Company's capital management and income. Risk Management in the Company covers credit, financial (liquidity and funding), operational, legal and regulatory, strategic/business risks, and other risks faced by the Company in daily activities.

BFI Finance applies a holistic risk management approach to manage the risks faced and their potential impacts on financial performance. Control over risks is carried out by identifying and evaluating the main risks faced by the Company, developing mitigation strategies and controls to manage risks, and measuring the level of risk after risk control is carried out.

By implementing a comprehensive risk management system, it allows the Company to effectively manage risk exposure so that it can estimate risk portfolios and take preventive actions and maximize the achievement of profits.

Risk Management System

With increasing business competition, good, measured and documented risk management practices are the main pillars in every decision making process. The company operates in a very dynamic environment characterized by intense competition, a growing customer demographic, changing legal conditions and an ever-challenging macroeconomic climate. Senior management is responsible for effectively controlling the risks faced by the Company to estimate potential risks and implement preventive actions. This provides certainty for stable and healthy profit growth.

The Company's Framework Guidelines in risk management systems are based on the Three Lines of Defense approach, which consists of oversight, control and management functions.

1. First Line of Defense
   Business and operational units act as the first line of defense and are responsible for identifying, assessing, monitoring and managing risks. The main responsibility is to manage risk exposures on a daily basis, according to the target market, established policies and procedures.
2. Second Line of Defense
   Enterprise Risk Directorate, Compliance team, Operational Risk team, Anti-Fraud team, Financial Control Department, as well as Legal & Litigation Unit (as part of the Asset Management, Recovery & Inventory Department) carry out their independent supervisory functions. Enterprise Risk Directorate is responsible for carrying out studies and approving acceptable risk levels and strategies, as well as cooperating with business and operational units in ensuring risk is managed according to established limits. Financial Control Department manages and is responsible for setting up overall budget and setting the acceptable risk levels in it, monitoring its fulfilment, and managing short term and long term funding sources and liquidity positions based on portfolio quality development. Legal & Litigation Unit manages compliance risks related to legal matters and is responsible in ensuring the dissemination and adherence of applicable regulations by all related units
3. Third Line of Defense
   The Internal Audit Department conducts tests and audits independently of the processes carried out by business and operational units. This check is to ensure that the units carry out their roles and responsibilities in accordance with established policies and procedures.