Committees Manual

This guideline is a work guideline for the Remuneration and Nomination Committee in carrying out its duties and responsibilities, which is part of the creation of a Good Corporate Governance system. 

Company Risk Management

Company Risk Management is a process in planning, managing, controlling and monitoring the activities of the Company to reduce risks that can have an impact on the condition of the Company's capital management and income. Risk Management in the Company covers credit, financial (liquidity and funding), operational, legal and regulatory, strategic / business risks, and other risks faced by the Company in daily activities.

BFI applies a holistic risk management approach to manage the risks faced and their potential impacts on financial performance. Control over risks is carried out by identifying and evaluating the main risks faced by the Company, developing mitigation strategies and controls to manage risks, and measuring the level of risk after risk control is carried out.

By implementing a comprehensive risk management system, it allows the Company to effectively manage risk exposure so that it can estimate risk portfolios and take preventive actions and maximize the achievement of profits.

Risk Management System

With increasing business competition, good, measured and documented risk management practices are the main pillars in every decision making process. The company operates in a very dynamic environment characterized by intense competition, a growing customer demographic, changing legal conditions and an ever-challenging macroeconomic climate. Senior management is responsible for effectively controlling the risks faced by the Company to estimate potential risks and implement preventive actions. This provides certainty for stable and healthy profit growth.

The Company's Framework Guidelines in risk management systems are based on the Three Lines of Defense approach, which consists of oversight, control and management functions.

1. First Line of Defense
   Business and operational units act as the first line of defense and are responsible for identifying, assessing, monitoring and managing risks. The main responsibility is to manage risk exposures on a daily basis, according to the target market, established policies and procedures.
2. Second Line of Defense
   The Corporate Risk Management Division, the Financial Control Department, and the Law and Litigation Department are the main units in the second layer of defense through an independent oversight function. The Company's Risk Management Division is responsible for reviewing and approving acceptable strategies and levels of risk, and working closely with business and operational units to ensure that risks faced by the Company can be identified, measured and managed within the limits that have been set.
   The Department of Law and Litigation manages legal compliance risks and is responsible for ensuring that applicable regulations are disseminated and followed by all relevant units.
3. Third Line of Defense
   The Internal Audit Department conducts tests and audits independently of the processes carried out by business and operational units. This check is to ensure that the units carry out their roles and responsibilities in accordance with established policies and procedures.