GOVERNANCE

87

Bursa Malaysia •

Annual Report 2015

STATEMENT ON INTERNAL CONTROL

AND RISK MANAGEMENT

ii. Cyber Attack Risk

In order to ensure that our systems are secured, Bursa

Malaysia has invested in and set in place adequate

IT security tools and mechanisms to detect, protect

against and respond to cyber security threats that are

constantly evolving and emerging globally. These tools and

mechanisms include:

TOOLS AND MECHANISMS

i.

FIREWALL AND INTRUSION

PREVENTION SYSTEM

ii.

CLEAN PIPE SERVICES

iii.

APPLICATIONS AND SYSTEMS SEGMENTATION

iv.

ANTI-VIRUS AND ANTI-MALWARE

v.

ROUND-THE-CLOCK CYBER THREATS

MONITORING

We will continue to review and enhance these tools and

mechanisms to address new and increasingly sophisticated

cyber threats.

iii. Talent Management Risk

In 2015, we further strengthened our 2014 initiatives to

focus on talent management, developmental growth for

employees and diverse engagement programmes by:

• Refining our Succession Management Framework

and development plan to accelerate the successors’

readiness for critical positions.

• Focusing on several learning approaches to support

employees’ development interventions to ensure

consistent progress in their Individual Development Plan.

• Implementing initiatives and programmes to sustain

and improve levels of engagement at corporate and

divisional levels as part of our talent retention strategy.

iv. Increasing Competition Risk

Our Blueprint, established in 2012 together with the

strategic intents, remains relevant in guiding Bursa Malaysia

towards the desired end state of becoming Asia’s Leading

Marketplace. In the face of increasing competition, we have

refined our 2014-2016 strategy to reflect the state of overall

progress and to enable greater focus and alignment to our

aspirations to:

OUR ASPIRATIONS

i.

BE A DYNAMIC NATIONAL EXCHANGE THAT

PROPELS ECONOMIC GROWTH AND CAPITAL

MARKET DEVELOPMENT

ii.

HAVE A CLEAR NICHE IN ISLAMIC

CAPITAL MARKETS, SUSTAINABILITY AND

COMMODITIES

iii.

HAVE A DEEPER AND WIDER ASEAN FOOTPRINT

v. Central Counterparty Credit Risk

Bursa Malaysia has in place robust risk management

processes and procedures to manage counterparty/

settlement risks and prevent any systemic impact on the

market. Bursa Malaysia Securities Clearing Sdn Bhd and

Bursa Malaysia Derivatives Clearing Berhad act as the

central counterparty for equities and derivatives trades

respectively, and thus are subject to counterparty credit

risk. The processes and procedures of these two clearing

houses are in line with the Principles for Financial Market

Infrastructures (“PFMI”) issued by the Committee on

Payment and Settlement Systems (“CPSS”), Technical

Committee of the International Organisation of Securities

Commissions (“IOSCO”), which include the following:

• Daily mark-to-market positions, initial and variation

margin requirements and collateral management;

• Monitoring Trading Clearing Participants’ (“TCP”) and

Clearing Participants’ (“CP”) capital requirements and

adequacy;

• Managing credit exposures via price, trading, single

client, equity and position limits;

• Monitoring monthly the financial health of the clearing

settlement banks via the risk weighted capital ratio

(“RWCR”) and credit ratings. The concentration risk

is also monitored based on the TCP or CP total trade

settlements with the relevant clearing settlement banks;

• Maintenance and stress-testing of the Clearing

Guarantee Fund (“CGF”) and the Clearing Fund for

equities and derivatives trading, respectively to ensure

that they are sufficient to protect the Clearing Houses

under extreme but plausible market scenarios; and