Under the risk management process, the Company regularly identifies the possible risks to which the Company is exposed, assesses the impact of such risks on the Company and deal with it appropriately.
The identified risks of the Company include market risk, premiums risk, claims risk, social risk, reinsurance risk, economic and currency risk, investment risk, liquidity risk, credit risk, operational risk, dependency risk and group risk. We undertake the following procedures in order to manage the risks.
1. Establishing our risk environment;
2. Identifying our risks;
3. Analyzing the identified risks;
4. Assessing / evaluating the risks;
5. Treating/managing the risks;
6. Monitoring and reviewing the risks and the risk environment regularly; and
7. Continuously communicating and consulting with stakeholders.
Management undertake every step to put in place policies, procedures and controls to mitigate existing and potential risks on an on-going basis. The internal controls implemented are tested by the internal audit on a regular basis.
However, risk management and risk profiling is a continuous process. The Company is supported by an ERM Support Team formed on Group level to implement a holistic approach to risk profiling based on the Enterprise Risk Management Integrated Framework issued by COSO (Sponsoring Organization of the Treadway Commission) in the United States. This base is being adapted to the special environment of the Gulf Area. Moreover, the company has installed the enterprise risk assessor, which is enterprise risk management software, to facilitate the ERM implementation process. The Implementation of the ERM framework through this risk management tool is in progress. ERM software gives the power to enforce a risk culture within the organization. It can serve as the central hub for all risk management information. Segment data by region or department, and easily aggregate it across the enterprise for reporting and analysis. It can deal with the issues arising from Governance, risk, and compliance.