You Are In
- Who We Are
- Sustainability
- Our Businesses
- Investor Relations
- Newsroom
- Careers
Who We Are
- About Us
- Contact Us
- Forward30
- Leadership
- Group Structure
- Our Rich Heritage
- Awards
- Corporate Governance
- Corporate Data
- Regulatory Information
We will be right with you.
Material Issue | Opportunities | Risks |
---|---|---|
Cybersecurity & Data Privacy (mature) |
Opportunities to build trust with clients by being transparent in our policies and raising awareness via campaigns.
Build trust with established governance, security and privacy policies and standards
Leverage our existing adoption of globally recognised cybersecurity frameworks such as (NIST, ISO 27001) to enhance resilience against evolving threats
Enhance customer and data protection through fraud and privacy awareness initiatives
Improve fraud detection with advanced risk monitoring |
Identification: We identify cybersecurity risks such as cyber threats, data breaches and the need to comply with evolving regulations.
Assessment: Our assessment includes cyber threat intelligence, penetration testing, and IT system audits to evaluate the scope and severity of these risks.
Prioritisation: We prioritise cybersecurity risks based on regulatory compliance, reputational risks and potential business disruption.
Risk Response: Our response strategies include enhanced cyber defenses, robust regulatory compliance frameworks and comprehensive employee training programs.
Monitoring and Reporting: We monitor and report on cybersecurity risks through incident reports, vulnerability assessments, and regulatory audits to ensure ongoing vigilance and transparency. |
Climate Change (maturing) | Develop strategies to expand climate finance, for example in green buildings, electrification and adaptation solutions
Embed these opportunities within our Green, Social, Sustainable Impact Products and Services (GSSIPS) Framework and business strategies
Drive accountability by linking climate finance performance to key performance indicators (KPIs) and compensation
Scale impact through partnerships in blended finance and carbon credit initiatives
|
Identification: We identify climate-related risks from investors, regulators, and civil society. Climate change poses transition and physical risks affecting our lending portfolios, operational resilience and regulatory exposure.
Assessment: We assess these risks through scenario analysis on exposure to carbon-intensive sectors and physical climate vulnerabilities.
Prioritisation: We prioritise climate-related risks based on their influence on credit, market, and operational risk, as well as by sector based on their impact on the environment and communities (e.g., exposure to highly carbon-intensive sectors) and their impact on CIMB (e.g., modeled impact on credit, market and operational risk).
Risk Response: Our response includes setting net zero targets, curbing lending to coal and upstream oil sectors, and engaging with clients on decarbonization strategies.
Monitoring and Reporting: We monitor climate-related risks via risk appetite dashboards and developed a climate disclosure framework based on IFRS S2 standards. |
Nature & Biodiversity (nascent) | Support nature conservation through finance solutions and corporate citizenship
Develop innovative financial products that support conservation, such as the EcoSave Savings Account-i which channels the equivalent of 0.2% of total average portfolio balance annually (subject to cap) to conservation projects
Explore new financing mechanisms, such as nature bonds, to fund conservation efforts
Integrate nature conservation into mid-term strategies, leveraging LEAP analysis to assess opportunities and impact |
Identification: We identify nature-related risks largely from investors and civil society, focusing on the impact of our business activities on ecosystems and our dependency on healthy natural systems.
Assessment: We conduct a thorough analysis of impacts and dependencies using the LEAP (Linking Environment And Profit) analysis.
Prioritisation: We prioritise these risks by sector, initially through a high-level nature risk analysis of key sectors such as palm oil, and are currently working on sectoral LEAP analysis.
Risk Response: Our response includes managing outbound impacts through sector guides,No Deforestation, No Peat, No Exploitation commitments and biodiversity risk assessments. Financial impact assessments are ongoing.
Monitoring and Reporting: We monitor and report on nature-related risks using environmental impact metrics, compliance tracking and biodiversity reporting to ensure accountability and progress. |