Based on the commitment to conduct business activities lawfully and in a manner that will enhance achieving the goals of the (Strategic Plan) by means of ensuring compliance, ethics and individual accountability; DERAYA has established a compliance function that is responsible for implementing an effective program for compliance- to form a functional and integral part of its management process, with its primary concern being the identification, assessment and management of significant compliance areas and the risks of non-compliance.
DERAYA dedicates considerable efforts to achieve effective risk management. For this purpose we have created a comprehensive plan to manage risks that the company is exposed to, in addition to providing a common framework and comparable measures across the company’s departments so that senior management and the board can communicate, understand and assess the types and levels of risks that they are willing to accept.
Risk appetite is considerably more than a sophisticated Key Performance Indicator (KPI) system for risk management, it’s the core instrument responsible for aligning DERAYA’s overall strategy with portfolio selection and risk.
A comprehensive risk appetite framework is the cornerstone of new risk management’s foundation, it is embedded in DERAYA’s strategy and risk culture, through it, high-level risk categories are defined and operationalized, with risk appetite and tolerances established for each. Categories A, B and C represent all operational risks identified within DERAYA and its iterative process, and the risks are updated frequently.
Fully understanding and implementing risk management culture through the company’s business processes helps DERAYA manage operational risks more efficiently, by translating risk responses and methods into strategic decisions, reporting, and day-to-day business decisions.