Risk Governance

Reporting lines of Risk Management Function

The Audit, Risk and Compliance Committee (ARCC) was established in 2014. In 2018, it was elevated to the Board level and split into two separate entities: the Audit Committee (AC) and the Board Risk and Compliance Committee (BRCC). The BRCC aids the Board in meeting its supervisory responsibilities concerning risk management, compliance, and the preservation of ethics and integrity in compliance with current laws and regulations. In fulfilling its oversight role, the Committee carries out the tasks and responsibilities defined in the Risk and Compliance Committee Charter.

The Board Risk and Compliance Committee is entrusted with the following duties:

Developing policies tied to risk management that align with the strategic direction and overall risk appetite as determined by the Board of Directors.

Guaranteeing that the Senior Management abides by the risk tolerance boundaries set and suggesting adjustments as necessary in response to significant shifts in the internal and external environment.

Consistently supervising and evaluating the effectiveness of the Risk Management Policy.

The Enterprise Risk Management Department holds the responsibility for the oversight of AYA Bank's Enterprise Risk Management (ERM) framework and provides counsel on risk management across all branches and the entirety of the bank's business operations.

The obligations and duties of the Enterprise Risk Management Department include:

Recognizing and managing potential risk zones to safeguard the bank's and its shareholders' assets,

Evaluating if the correct risks have been identified and are being appropriately managed,

Acknowledging the current areas of highest risk (both financial and non-financial) and regularly reviewing these sectors,

Receiving frequent updates from management, the Bank's legal team, auditors, and any necessary external parties concerning audit, financial reporting, and risk management.

Assessing the adequacy of the management Information & Intelligence Systems for the effective management of the bank's customers and business – for instance, risks and profitability,

Reviewing and tracking the effectiveness of the bank's controls concerning credit, operational, and financial risks.