36

Maybank Sustainability Report

2014

G4-57, G4-58

Whistleblowing Mechanism

The Integrity Hotline (formerly the Fraud Reporting Hotline) is in place,

having been initiated in 2004. All employees can raise their concerns

regarding any misconduct or wrongdoing including, but not limited to,

unethical incidences such as criminal activities or contravention of laws

or regulations committed by another employee or any person who has

dealings with the Group via the following channels without any fear of

retribution:

þ 7ROO IUHH PHVVDJH UHFRUGLQJ OLQH DW ƊƑƉƉ ƌƑ ƑƑƌƌ RU IRU RYHUVHDV DW

+603 2026 8112

þ 3URWHFWHG HPDLO DGGUHVV DW LQWHJULW\#PD\EDQN FRP P\

þ 6HFXUHG 32 %R[ PDLO DGGUHVV DW 32 %R[ ƊƊƏƌƎ ƎƉƐƎƋ .XDOD /XPSXU

Malaysia.

Confidentiality of all matters raised and the identity of the whistleblower

are protected under the Policy.

“We at Maybank believe in moving forward with transparency. This can

only be achieved through continuous feedback and communications

- not forgetting the complaints. For an organisation to receive such

comments, protecting the whistleblower is vital. The channels we

provide protect the confidentiality of all matters raised and the

identity of the whistleblower. Concerns raised anonymously will also be

considered, provided they are clear and specific. This policy, to an extent,

expands not only to employees but anyone related to Maybank, such as

vendors, lawyers, and other stakeholders.”

G4-SO4

Policy on Gifts and Donations

We have a Group-wide policy on donations and sponsorship.

Every year, we receive more requests than we can support. Clear

Guidelines are necessary to ensure transparency and accountability

in the decision-making process. Consideration depends on the area

of impact as well as the number of beneficiaries. There are strict

application procedures including procedures in writing, providing

additional information when required, and approval by the Group

for all requests by regional offices and sectors involving an amount

exceeding RM750.

Corporate

Governance

G4-14, G4-45, G4-46

Building a Strong Internal Risk Culture

Risk is an inherent component in all aspects of the Group’s businesses. We

work to identify risks in all areas of our operations. Our risk management

has evolved into an important business driver for strategic decisions in

support of the Group’s business objectives, balancing the appropriate

level of risk taken in proportion to the desired level of reward, while

maintaining the sound financial position and capital of the Group. The

Group’s approach to risk management involves the establishment of risk

principles and strategies as the core foundation in driving strong risk

management culture and practices across the Group. The Group manages

its risk actively, with six key elements underpinning its risk management

governance and framework.

Maybank Group’s risk management practices enable the Group to

systematically identify, measure, control, monitor, and report risk

exposures across the Group.

Three Lines of Defence

The Group established the three lines of defence concept: risk-taking

units, risk control units and internal audit. The risk-taking units

manage the day-to-day management of risks inherent in their business

activities, while the risk control units are responsible for setting the

risk management framework and developing tools and methodologies.

Complementing this is an internal audit, which provides independent

assurance of the effectiveness of the risk management approach.

Moving forward, Group Risk will be leading a team in implementing

Environmental, Social and Governance (ESG) risk management,

particularly in lending pratices. For this purpose, we will be evaluating the

necessary policies and processes to guide our approach.

Jans Lim

Head, Group Risk - Compliance