Enterprise Risk Management


Security Bank’s risk management adopts and promotes the basic tenet that risks are owned by the respective businesses and process owners. Everyone in the organization is therefore expected to proactively manage the risks inherent in their respective areas.

The Bank’s risk management framework aims to embed a risk management culture that seeks to constantly identify, measure, control, monitor and evaluate risks within the Bank. The Bank’s risk management structure is largely a system of checks and balances revolving around process and policy management, compliance and active risk oversight.


The Board of Directors (BOD) establishes the risk appetite of the Bank and aligns the direction of the business units to achieve strategic goals. The BOD takes the lead in establishing a strong risk management culture across the organization. The active participation of the BOD is reflected in various working committees it has established to extend its oversight into the Bank’s operations.

The BOD carries out its risk management function through its Risk Oversight Committee (ROC). The ROC is primarily responsible for the development and oversight of the risk management program of the Bank including its subsidiaries. The ROC reviews, approves and ensures the effective implementation of the Bank’s risk management framework including the ICAAP process. The Committee also oversees the Capital Management Committee in its role of managing, and reviewing the capital of the Bank and subsidiaries as well as the Outsourcing Committee in its role of managing and reviewing outsourcing contracts with third party providers.

The ROC’s execution and operational arm is primarily the Risk Management Group (RMG), headed by the Chief Risk Officer (CRO). RMG’s activities mainly assist the BOD through the ROC in fulfilling its risk management responsibilities which include development and review of policies and limits as well as the assessment, measurement, monitoring and reporting of the Group’s risk-taking and risk management activities including risk limit utilization and performance.


The Bank is faced with multiple risks inherent to the business largely in the form of credit, market, liquidity and operational risks. To protect the opportunities for growth and value creation, the Bank’s risk management is structured to continuously and effectively address these risks. The Banks’ risk management process ensures having a strong internal control environment that utilizes policies, processes, systems, appropriate controls and risk mitigation strategies.