CIMB emphasises ethical banking, robust risk management, and a dedication to transparency, accountability, fairness, and integrity for sustainable business practices. The governance and ethics regulations Malaysia's banking sector are under stringent regulations, demanding constant vigilance amid rapid technological shifts.  


This commitment involves strong governance integrating sustainability into transactions, products, and services, aiming for long-term stakeholder value, and contributing to an inclusive and environmentally sustainable economy. Mitigating harm through financial services is crucial, with risks including reputational damage, regulatory fines, financial losses, and potential erosion of integrity and transparency in organisational culture. 



Governance of Sustainability​


The Board is responsible for CIMB's sustainability strategy and ESG matters, as detailed in the board charter. Sustainability agenda is also incorporated into various Board and management level committees. The Group Sustainability and Governance Committee (GSGC) oversees the implementation of sustainability strategy and framework, supporting the Board in providing guidance on strategic sustainability matters. The Group Sustainability Council (GSC) formulates and monitors climate change strategy, goals, targets and action plans.​Group Sustainability and Governance Committee.


  • Group Sustainability and Governance Committee
    The Group Sustainability and Governance Committee (GSGC) convenes every quarter and assists the Board in fulfilling its responsibilities in advocating and fostering a culture of sustainability, ethical conduct, and integrity in our corporate DNA. The GSGC provides oversight on implementing the Group's sustainability and climate change strategy, where we aim to proactively create a net positive impact on our material matters. The committee also oversees the management of bribery, corruption and other related risks.

  • Board Risk and Compliance Committee
    Provides oversight and advice to the Board and management in respect of sustainability and climate-related risks, including monitoring of the Group's exposure to high sustainability risk sectors and clients, sustainability risk appetite setting as well as regulatory compliance.

  • Audit Committee
    Supports the Board in ensuring reliable and transparent reporting and a robust internal control system for sustainability-related matters.

  • Group Nomination and Remuneration Committee
    Assesses and builds Board-level climate competency, and oversees the integration of climate-related matters in the performance of top management.


Enhanced Governance Structure​


The Group Sustainability Division drives implementation of our sustainability strategy along with Business Units and Business Enablers in our key operating markets. Our Integrated Sustainability Operating Model aims to scale up sustainability efforts, fostering innovation and accountability across the Group.

Group Sustainability Policy


Our sustainability governance is detailed in our Group Sustainability Policy (Policy). The Policy outlines our comprehensive approach to sustainability, detailing our commitment to:


1. Managing Sustainability Risks

We actively identify, assess, and mitigate sustainability risks embedded in our business activities.


2. Developing Green, Social, and Sustainable Impact Products and Services (GSSIPS)

We offer innovative financial solutions that support a sustainable future and societal well-being. We uphold high ethical and sustainability standards throughout our GSSIPS product development and offerings. We also encourage responsible business practices by offering financing solutions linked to sustainability performance.


3. Achieving Net Zero Operations

We are committed to reducing our environmental footprint and achieving net zero GHG emissions in our operations.


4. Ensuring Sustainable Procurement

We embed sustainability considerations into our procurement practices, fostering responsible sourcing and supply chains.


5. Promoting Sustainability Communication

We actively engage with stakeholders on our sustainability journey, ensuring transparency and accountability.


This Policy strives to create long-term value for our stakeholders, contribute to a sustainable future, and be a leader in responsible banking in alignment with internal and external expectations.

Sustainability Linkages To Pay


Our commitment to sustainability is evidenced by the fact that our Group CEO, top management and all divisions have sustainability key performance indicators (KPIs) in their collective scorecards. Collective scorecards are a team-based performance appraisal system whereby employees are assessed as part of a collective team rather than only as individuals. The KPIs in these collective scorecards reflect our material matters, and their performance against these KPIs are directly linked to the funding of the bonus pool of all divisions, thereby directly impacting the compensation of the executive management and employees in the division.

Code of Conduct​


The CIMB Code of Ethics and Conduct sets out the standards of conduct expected of all CIMB employees in our engagement with customers, business associates, regulators, colleagues and other stakeholders across the region. Each year, all employees are required to attest their commitment and adherence to our code.​

Whistleblowing Policy


The CIMB Group Whistleblowing Policy provides multiple anonymous channels for employees, business relations, suppliers, clients and the public to report inappropriate, unethical or unlawful behaviour and practices involving the management or employees.​


Grievance Mechanism​


We provide appropriate and safe channels to facilitate employer-employee communication through our grievance settlement process and whistleblowing channels. These channels allow employees to safely raise and address issues concerning their working conditions, supervisors, colleagues or incidences of harassment, discrimination or violence.​

Bribery and Corruption


We maintain a strict stance against bribery and corruption guided by our Anti-Bribery and Corruption Policy, which requires all Board members and employees, to comply with local laws and promptly report any wrongdoing. All employees must complete anti-bribery and corruption training every two years. ​

Our Integrity and Governance Unit (IGU) oversees our anti bribery and corruption efforts, reporting to the Board monthly. IGU follows the Group Integrity and Governance Framework and integrates anti-corruption measures into our Compliance Risk Assessment Methodology.


In accordance with our Anti-Bribery and Corruption Policy Statement, CIMB Group prohibits contributions to political parties, political party officials, or candidates for political office. Despite this, CIMB Group remains actively engaged in various initiatives spearheaded by industry associations, financial industry bodies, and apex institutions. These engagements may play a role in shaping public policy. Our primary objectives for participating in these initiatives include sharing best practices, transferring knowledge and technical skills, and collaborating with industry peers to address common challenges and devise future solutions. We take proactive measures to advocate for specific issues, facilitate meaningful dialogue, and influence industry actions.


Details regarding our contributions related to these engagements are provided below. The majority of our contributions are in the form of subscription fees.


Our largest contribution was to Perhimpunan Bank Nasional (PERBANAS) and Association of Islamic Banking and Financial Institutions Malaysia.



Monetary Contribution

(RM mil)







2023 2.2  

Number of Claims or Incidents of Non-Compliance


CIMB follows a standard approach to closely address and report the number of claims or incidents of non-compliance, although specific details are not publicly disclosed. 

Safeguarding Against Financial Crime​


The Anti-Money Laundering and Counter Financing of Terrorism Policy guides our approach to safeguard the bank against financial crimes. This includes conducting a thorough Customer Due Diligence (CDD) on both face-to-face and online customers. The CDD process involves a watch list screening which strengthens the risk identification process.


We have established procedures to handle, review and monitor Politically Exposed Persons (PEPs). We require our senior management to sign off on PEP customers as well as customers from countries, businesses and products with a higher risk of money laundering and terrorism.

Responsible Tax Management ​


CIMB Group complies with tax laws and pays all taxes legally due in all jurisdictions in which we operate. We are committed to timely and accurate registration, filing of tax returns by their due dates and payment of taxes, appropriate documentation and tax reporting. 


We apply professional due care when adopting any tax technical positions on areas of uncertainties, including seeking written opinion from third party advisors/legal counsels or ruling/confirmation from tax authorities where necessary to ensure that position taken is supportable and defendable in a tax audit.


We manage our relationships with tax authorities and regulators in a transparent and professional manner. CIMB Group contributes to the development of tax policy and legislation, typically through direct engagement with tax authorities, public consultation processes or in our role as a member of an industry group.​

The Board of Directors formally reviews and approves the CIMB Group’s Tax Policy, whenever there are required changes which will be triggered upon a review by Group Tax of the said Policy which takes place at least once in every two years. Subject to the degree of risks or nature of the transactions involved, tax related decisions will be referred to the relevant Board of Directors or Delegated Authority for approval and guidance.​

CIMB Group employs an Enterprise-Wide Risk Management (EWRM) framework with Three Lines-of-Defence model as a standardised approach to effectively manage our risks and opportunities including tax risks. The system of internal controls is designed to mitigate these risks by identifying and assessing, measuring, managing and controlling, monitoring and reporting risks, including operational tax risk.​

CIMB Group Tax also works together with business units and business enablers to provide advice and guidance on tax related areas in strategic implementations or changes, significant business transactions, new products, implementation of new tax laws etc as part of efforts to ensure that the implementation of the said Policy is embedded into the organisation.​

Tax is considered part of relevant business decisions and we only engage in tax planning or utilize tax incentives that supports a genuine business purpose and commercial activity and in line with the intended policy objectives of the Governments which introduced the incentives. We do not enter into transactions whose sole purpose is to minimise or reduce tax cost. Similarly, we do not promote products to our customers where the tax treatment is contrary to the intent of the law. We are committed not to use secrecy jurisdictions or so-called “tax havens” for tax avoidance. We fully support and will always comply with tax laws aimed at preventing the facilitation of tax avoidance and fraud.​


Transactions between group entities are priced on an arm’s length basis, reflecting the economic reality of the transaction in accordance with international standards and local government law. We pay our share of taxes in each jurisdiction in accordance with the relevant laws and regulations. We adhere to the OECD transfer pricing guidelines in accordance with local and international tax law and prevailing standards. We do not artificially divert profits to low tax jurisdictions. To further enhance tax transparency, the Group has also been filing its Country-by-Country-Report (CbCR) annually with aggregate data on the global allocation of income, profits, taxes paid and economic activities among tax jurisdictions in which we operate. This CbCR Report is shared with tax administrations in these jurisdictions for use in high level transfer pricing and tax risk assessments.​

We also support tax authorities in their efforts to tackle tax evasion by complying with client tax information regimes such as FATCA and the Common Reporting Standard. Our reported tax data are subject to independent external verification as part of the annual financial audits. Paying taxes is one of the many ways we contribute to sustainable growth in local economies.


CIMB Group is committed to the implementation of e-invoicing in 2024 with the aim of streaming the tax system, reducing business costs and supporting the Government’s economic goals, thereby contributing to a more efficient and transparent economy.