Maintaining a Prudent Bank

(1)

Pertumbuhan bisnis harus diimbangi

dengan kemampuan bank untuk

melaksanakan tata kelola perusahaan

yang baik.

Business growth must be balanced with the ability of

bank to implement good corporate governance.

(2)

Bank OCBC NISP realized to become ‘Your Partner for Life’, business growth must be balanced with the ability of the Bank to implement good corporate governance. Both are requirements to achieve steady and sustainable business. At Bank OCBC NISP, the governance implemented by the management and all employees as part of corporate culture.

Good Governance as the Foundation to Grow

To implement good corporate governance, we develop and execute standards of governance based on the laws that apply in Indonesia and governance standards developed by OCBC Bank - Singapore, as the majority shareholder of Bank OCBC NISP, as well as Good Corporate Governance (GCG) best practice. For this purpose, the Bank has already set the Roadmap stages as the chart below.

Bank OCBC NISP menyadari untuk menjadi ‘Your partner for Life’, pertumbuhan bisnis harus diimbangi dengan kemampuan Bank untuk melaksanakan tata kelola perusahaan yang baik. Keduanya merupakan syarat untuk pertumbuhan Bank yang sehat dan berkelanjutan. Di Bank OCBC NISP, tata kelola diterapkan oleh jajaran manajemen dan seluruh karyawan Bank sebagai sebuah budaya perusahaan.

Tata Kelola sebagai Fondasi Pertumbuhan

Untuk menerapkan tata kelola perusahaan yang baik, kami melaksanakan dan mengembangkan standar tata kelola berdasarkan peraturan perundangan yang berlaku di Indonesia dan standar tata kelola yang dikembangkan oleh OCBC Bank – Singapura, sebagai pemegang saham mayoritas Bank OCBC NISP, serta praktik terbaik Tata Kelola Perusahaan yang berlaku. Untuk keperluan ini, Bank OCBC NISP telah menentukan tahapan Roadmap GCG seperti bagan di bawah ini.

Formulasi & Skema/ Formulation & Scheming

Sosialisasi & Implementasi/ Socialization & Implementation

Monitoring & Evaluasi/ Monitoring & Evaluation

Implementasi Berkesinambungan/ Continuous Implementation Phase 1 1. Membangun komitmen pelaksanaan Tata Kelola Perusahaan yang Baik. 2. Membangun Struktur dan

Proses Tata Kelola yang Terintegrasi.

3. Membangun infrastuktur Tata Kelola Perusahaan yang Baik yang mencukupi (sistem, kebijakan dan prosedur). 4. Menyusun Budaya

Perusahaan dan Kode Etik. Phase 2

1. Pemahaman atas cakupan Tata Kelola Perusahaan.

2. Pengumpulan pengetahuan.

3. Awareness, understanding dan ownership GCG.

4. Penguatan Budaya perusahaan dan Kode Etik.

5. Peran aktif Manajemen Puncak. 6. Optimalisasi peran organ pendukung

perusahaan seperti:

• Manajemen Risiko dan Sistem Pengendalian Internal. • Unit Compliance.

• Internal dan Eksternal Audit. • Sekretaris Perusahaan. 7. Corporate Communication.

8. Membangun sarana Tata Kelola Perusahaan yang Baik.

Phase 3 1. Menetapkan &

mengimplementasikan proses kunci. 2. Penilaian Tata Kelola

Perusahaan yang Baik. 3. Penerapan dan

pemantauan Tata Kelola Perusahaan yang Baik. 4. Evaluasi Kinerja

Perusahaan. 5. Pembaharuan dan

perbaikan sistem, kebijakan dan prosedur Tata Kelola Perusahaan yang Baik.

Phase 4

1. Pertumbuhan yang berkelanjutan. 2. Tata Kelola Perusahaan

yang Baik sebagai budaya. 3. Warga masyarakat

terhormat.

4. Bisnis yang berkelanjutan. 5. Menciptakan nilai tambah

bagi para pemangku kepentingan. 6. Pelayanan Prima. 7. Perusahaan sangat bernilai. 8. Perusahaan sangat

terpercaya.

9. Perusahaan yang memiliki integritas, etika dan tanggung jawab. Phase 1 1. Establishing Good Corporate Governance commitment. 2. Building integrated

Governance Structure and Governance Process. 3. Developing adequate

Good Corporate Governance infrastructure (system, policy and procedure). 4. Building Corporate

Culture and Code of Conduct.

Phase 2

1. Understanding the scope of Corporate Governance.

2. Acquire Knowledge.

3. GCG awareness, understanding and ownership.

4. Corporate culture and code of conduct reinforcement.

5. Active role of top management.

6. Optimizing the role of supporting organs, as follow:

• Risk management and internal control system.

• Compliance Unit. • Internal and external audit. • Corporate Secretary. 7. Corporate Communication.

8. Developing Good Corporate Governance tools.

Phase 3

1. Define and Implement Key Process. 2. Good Corporate Governance Assessment. 3. Good Corporate Governance Implementation and Monitoring. 4. Corporate performance evaluation. 5. Good Corporate Governance system, policy and procedure update and improvement.

Phase 4

1. Sustainable Growth. 2. Good Corporate

Governance as a Culture. 3. Good Corporate Citizen. 4. Business Sustainability. 5. Generating added value for

stakeholders. 6. Service Excellent. 7. Most Valuable Company. 8. Most Trusted Company. 9. Company with integrity,

ethics and responsibility.

Lapor an dari Manajemen Repor t fr om Manag emen t Kinerja Ek onomi Economic P er formanc e Kinerja Social Social P er formanc e Sumber Da ya Manusia Human R esour ces Kinerja Lingk ung an En vir onmen tal P er formanc e Tata K elola Corpor ate Go vernanc e

(3)

Pengembangan dan pencapaian Tata Kelola Bank OCBC NISP 2014 antara lain:

1. Merumuskan pedoman umum penerapan GCG di Bank OCBC NISP.

2. Melakukan penyempurnaan terhadap : • Kebijakan Kepatuhan.

• Pedoman dan tata tertib kerja Dewan Komisaris. • Pedoman dan tata tertib kerja Direksi.

• Pedoman dan tata tertib kerja Komite Remunerasi dan Nominasi.

• Pedoman dan tata tertib kerja Komite Pemantau Risiko.

• Prosedur Penetapan Calon Anggota Dewan Komisaris Dan Direksi Dan Komite Level Komisaris. 3. Meraih peringkat ke 2 kategori Private Financial

Listed pada Annual Report Award (ARA).

4. Meraih penghargaan Platinum Award pada Vision Award - Annual Report 2013 Competition dari League of American Communication Professionals (LACP), Florida, USA.

5. Meraih penghargaan sebagai “Perusahaan Sangat Terpercaya” pada Corporate Governance Perception Index (CGPI) Award dari Indonesian Institute for Corporate Governance (IIGC).

6. Meraih penghargaan sebagai “Best Responsibility of The Board” dari Indonesian Institute for Corporate Directorship (IICD).

7. Sebagai Top 10 Emiten dengan skor Corporate Governance Tertinggi Berdasarkan Asean Corporate Governance Scorecard (Asean CG Scorecard).

Struktur Tata Kelola Bank OCBC NISP

[G4-34]

Sebagai sebuah bank umum di Indonesia, Bank OCBC NISP tunduk dan patuh pada ketentuan peraturan dan perundangan yang berlaku, yaitu Undang-undang Pasar Modal dan Bursa, Undang-undang Perseroan Terbatas, peraturan Bank Indonesia, Otoritas Jasa Keuangan, Bapepam-LK, ketentuan dalam Anggaran Dasar Perusahaan, serta praktek terbaik global yang diberlakukan di Bank OCBC NISP.

Improvement and achievement of Bank OCBC NISP Good Corporate Governance in 2014 among others:

1. Formulate Bank OCBC NISP GCG guidelines. 2. Develop improvements on:

• Compliance Policy.

• Guidelines and code of conduct of the Board of Commissioners.

• Guidelines and code of conduct of Board of Directors.

• Guidelines and code of conduct of the Remuneration and Nomination Committee. • Guidelines and code of conduct of the Risk

Monitoring Committee.

• Determination of Procedure on Candidates for the Board of Commissioners and Board of Directors and Committees at the Commissioners Level. 3. Achieved the 2nd Winner for Private Financial Listed

category of Annual Report Award (ARA).

4. Awarded the Platinum Award in Vision Award-Annual Report 2013 Competition of the League of American Communications Professionals (LACP), Florida, USA. 5. Awarded as “Most Trusted Company” on Corporate

Governance Perception Index (CGPI) Award from the Indonesian Institute for Corporate Governance (IIGC). 6. Awarded as “Best Responsibility of The Board” from Indonesian Institute for Corporate Directorship (IICD). 7. Awarded as Top 10 Public Company with the highest score of Corporate Governance based on Asean Corporate Governance Scorecard (Asean CG Scorecard).

Governance Structure of Bank OCBC NISP

[G4-34]

As a commercial bank in Indonesia, Bank OCBC NISP subject to and comply with the provisions of applicable laws and regulations, the Capital Market Law and Stock, Limited Liability Company Act, the regulations of Bank Indonesia, the Financial Services Authority, Bapepam-LK, the Articles of Association of the Company, as well as global best practices applied in Bank OCBC NISP.

(4)

Bank OCBC NISP Good Corporate Governance Structure is described on bellow:

The highest governance bodies of Bank OCBC NISP include the General Meeting of Shareholders, the Board of Commissioners and Board of Directors. The General Meeting of Shareholders (GMS) is the highest organ of authority that is not delegated to the Board of Commissioners and Board of Directors. Board of Commissioners to supervise and provide independent advice to the Board of Directors related to the implementation of the Bank’s management conducted by Board of Directors. [G4-37]

The Board of Directors of Bank OCBC NISP is responsible for managing and developing the governance of Bank OCBC NISP, ensuring business continuity in the Bank, and to apply the prudential principle to all stakeholders. Selection and appointment of the Board of Directors of Bank OCBC NISP has met the composition, criteria, and the independence of the Board of Directors in accordance with Bank Indonesia. Appointment of the Board of Commissioners and Board of Directors membership made by the Remuneration and Nomination Committee Struktur Tata Kelola Bank OCBC NISP dapat digambarkan

pada bagan dibawah ini:

STRUKTUR TATA KELOLA | GOOD CORPORATE GOVERNANCE STRUCTURE

UNIT INDEPENDEN | INDEPENDENT UNIT ORGAN UTAMA | MAIN ORGANS

RUPS | GMS

Auditor Independen

Independent Auditor

KOMITE MANAJEMEN RISIKO BOARD RISK COMMITTEE KOMITE MANAJEMEN RISIKO KREDIT CREDIT RISK MANAGEMENT COMMITTEE

KOMITE MANAJEMEN RISIKO PASAR MARKET RISK MANAGEMENT COMMITTEE

KOMITE ASET & LIABILITIES (ALCO) ASSET LIABILITIES COMMITTEE (ALCO) KOMITE FRAUD | FRAUD COMMITTEE

KOMITE HUMAN CAPITAL HUMAN CAPITAL COMMITTEE KOMITE MANAJEMEN RISIKO OPERASIONAL

OPERATIONAL RISK COMMITTEE

KOMITE PENGARAH TEKNOLOGI INFORMASI INFORMATION TECHNOLOGY STEERING

COMMITTEE KOMITE NETWORK NETWORK COMMITTEE KOMITE HARGA PRICE COMMITTEE DEWAN KOMISARIS BOARD OF COMMISSIONERS DIREKSI BOARD OF DIRECTORS

KOMITE NOMINASI & REMUNERASI

NOMINATION & REMUNERATION COMMITTEE

KOMITE AUDIT

AUDIT COMMITTEE

KOMITE PEMANTAU RISIKO

RISK MONITORING COMMITTEE

AUDIT INTERNAL INTERNAL AUDIT KEPATUHAN COMPLIANCE MANAJEMEN RISIKO RISK MANAGEMENT SEKRETARIS PERUSAHAAN CORPORATE SECRETARY

Badan tata kelola tertinggi Bank OCBC NISP meliputi Rapat Umum Pemegang Saham, Dewan Komisaris dan Direksi. Rapat Umum Pemegang Saham (RUPS) merupakan organ tertinggi yang memiliki wewenang yang tidak dilimpahkan kepada Dewan Komisaris dan Direksi. Dewan Komisaris melakukan pengawasan dan memberikan saran independen kepada Direksi terkait dengan pelaksanaan pengelolaan Bank yang dilakukan Direksi. [G4-37]

Direksi Bank OCBC NISP bertanggung jawab untuk mengelola dan mengembangkan tata kelola Bank OCBC NISP, menjamin keberlangsungan usaha Bank, serta menerapkan prinsip kehati-hatian untuk seluruh pemangku kepentingan.

Pemilihan dan pengangkatan Direksi Bank OCBC NISP telah memenuhi komposisi, kriteria, dan independensi Direksi sesuai dengan ketentuan Bank Indonesia. Penunjukan keanggotaan Dewan Komisaris dan Direksi dilakukan oleh Komite Remunerasi dan Nominasi untuk kemudian diajukan untuk Penilaian Kemampuan dan

(5)

Kepatutan serta ijin dari Bank Indonesia. Keanggotaan Dewan Komisaris dan Direksi ditetapkan oleh Rapat Umum Pemegang Saham.

Susunan Dewan Komisaris dan Direksi Bank OCBC NISP per 31 Desember 2014 adalah sebagai berikut: [G4-38] [G4-LA12]

Dewan Komisaris Nama / Name Board of Commissioners

Presiden Komisaris Pramukti Surjaudaja Chairman

Wakil Presiden Komisaris

(Komisaris Independen) Peter Eko Sutioso (Independent Commissioner)Deputy Chairman

Komisaris (Komisaris Independen) Roy Athanas Karaoglan Commissioner (Independent Commissioner)

Komisaris Samuel Nag Tsien Commissioner

Komisaris (Komisaris Independen) Jusuf Halim Commissioner (Independent Commissioner)

Komisaris Lai Teck Poh (Dua Teck Poh) Commissioner

Komisaris (Komisaris Independen) Kwan Chiew Choi Commissioner (Independent Commissioner)

Komisaris Hardi Juganda Commissioner

Direksi Nama / Name Board of Directors

Presiden Direktur & CEO Parwati Surjaudaja President Director & CEO

Wakil Presiden Direktur Na Wu Beng1) _{Deputy President Director}

Direktur Yogadharma Ratnapalasari Managing Director

Direktur Rama Pranata Kusumaputra Managing Director

Direktur Emilya Tjahjadi Managing Director

Direktur (Direktur Independen) Hartati Managing Director (Independent Director)

Direktur Martin Widjaja Managing Director

Direktur Andrae Krishnawan W. Managing Director

Direktur Johannes Husin Managing Director

Direktur Low Seh Kiat Managing Director

Direktur Joseph Chan Fook Onn2) _{Managing Director}

1. Efektif mengundurkan diri sebagai Wakil Presiden Direktur pada tanggal 15 Agustus 2014

2. Efektif menjabat sebagai Direktur pada tanggal 2 September 2014

1. Resigned as Deputy President Director effective since August 15, 2014 2. Serving as Director effective since September 2, 2014

Dewan Komisaris Board of Commissioners

Komisaris Independen 4 – Independent Commissioners

Jumlah (orang) 8 – Number (of person)

Usia 30-50 tahun – – Age 30-50 years old

Usia >50 tahun 8 – Age <50 years old

Kewarganegaraan Indonesia 4 – Indonesian Citizen

Kewarganegaraan Asing 4 – Non Indonesian Citizen

to be submitted for the Fit and Proper Test and approval from Bank Indonesia. Membership of the Board of Commissioners and Board of Directors are approved at the General Meeting of Shareholders.

The composition of the Board of Commissioners and the Board of Directors are as follows: [G4-38] [G4-LA12]

(6)

Direksi Board of Directors

Jumlah (orang) 8* 3 Number (of person)

Usia 30-50 tahun 5 3 Age 30-50 years old

Usia >50 tahun 3* – Age >50 years old

Kewarganegaraan Indonesia 5 3 Indonesian Citizen

Kewarganegaraan Asing 3* – Non Indonesian Citizen

* Salah satu Direktur yaitu Na Wu Beng mengundurkan

diri efektif 15 Agustus 2014. * 1 (one) of Director, Na Wu Beng resigned effective since August 15, 2014.

Struktur Komite yang bertanggung jawab kepada

Dewan Komisaris Structure of Committees Responsible to the Board of Commissioners

No Nama_Name _{Position at Bank OCBC NISP}Jabatan di Bank OCBC NISP

Komite di bawah Dewan Komisaris

Committee under Board of Commissioners

Komite Audit Audit Committee Komite Pemantau Risiko Risk Monitoring Committee Komite Remunerasi dan Nominasi Remuneration and Nomination Committee

1. Pramukti Surjaudaja Presiden Komisaris

Chairman – AnggotaMember AnggotaMember

2. Peter Eko Sutioso Wakil Presiden Komisaris – Komisaris Independen

Deputy Chairman – Independent Commissioner

Anggota

Member – AnggotaMember

3. Roy Athanas

Karaoglan Komisaris IndependenIndependent Commissioner – AnggotaMember ChairmanKetua

4. Jusuf Halim Komisaris Independen

Independent Commissioner ChairmanKetua – –

5. Samuel Nag Tsien Komisaris

Commissioner – AnggotaMember AnggotaMember

6. Lai Teck Poh

(Dua Teck Poh) KomisarisCommissioner – AnggotaMember –

7. Kwan Chiew Choi Komisaris Independen

Independent Commissioner – ChairmanKetua –

8. Hardi Juganda Komisaris

Commissioner – – – Lapor an dari Manajemen Repor t fr om Manag emen t Kinerja Ek onomi Economic P er formanc e Kinerja Social Social P er formanc e Sumber Da ya Manusia Human R esour ces Kinerja Lingk ung an En vir onmen tal P er formanc e Tata K elola Corpor ate Go vernanc e

(7)

Struktur Komite yang bertanggung jawab kepada

Dewan Direksi Structure of Committees Responsible to the Board of Directors

No Nama_Name Jabatan di Bank OCBC NISP Position at Bank OCBC NISP

Komite di bawah Direksi Committees under Board of Directors Komite Manaje-men Risiko Board Risk Commit-tee Komite Mana-jemen Risiko Kredit Credit Risk Manage-ment Commit-tee Komite Mana-jemen Risiko Pasar Market Risk Manage-ment Commit-tee Komite Asset and Lia-bilities Assets and Lia-bilities Commit-tee (ALCO) Komite Mana-jemen Risiko Opera-sional Opera-tional Risk Manage-ment Commit-tee Komite Fraud Fraud Commit-tee Komite Penga-rah Te-knologi Infor-masi Infor-mation Tech-nology Steering Commit-tee Komite Human Capital Human Capital Commit-tee Komite Network Network Commit-tee Komite Harga Price Commit-tee 1. Parwati _Surjaudaja Presiden Direktur & CEO President Director & CEO Ketua

Chairman KetuaChairman - KetuaChairman - KetuaChairman KetuaChairman KetuaChairman KetuaChairman

-2. Na Wu Beng1) Wakil Presiden Direktur Deputy President Director Anggota dengan hak suara Member with vot-ing right Anggota dengan hak suara Member with vot-ing right

- Anggota_Member Anggota_Member -

-Wakil Ketua Deputy Chairman Wakil Ketua Deputy Chairman

-3. Yogadharma _{Ratnapalasari} DirekturManaging Director Wakil Ketua Deputy Chairman Anggota dengan hak suara Member with vot-ing right -Anggota Perenca-naan Member of Plan-ning Anggota

Member AnggotaMember AnggotaMember

-4. Rama Pranata _Kusumaputra DirekturManaging

Director -Wakil Ketua Deputy Chairman - - - -

-5. Emilya Tjahjadi DirekturManaging

Director - - -

-6. Hartati DirekturManaging Director Anggota dengan hak suara Member with vot-ing right Anggota dengan hak suara Member with vot-ing right

- Anggota_Member Anggota_Member Anggota_Member Ketua_Chairman

7. Martin Widjaja DirekturManaging

Director - - -

-8. Andrae _{Krishnawan W.} DirekturManaging

Director - - - -

-Anggota

Member

-9. Johannes Husin DirekturManaging Director Anggota dengan hak suara Member with vot-ing right - - -

-10. Low Seh Kiat DirekturManaging

Director - - - -

-Anggota

Member

-11. Thomas Arifin2) DirekturManaging

Director Wakil _Ketua

Deputy Chairman Wakil Ketua Deputy Chairman Ketua Chairman Wakil Ketua Deputy Chairman Ketua Chairman Wakil Ketua Deputy Chairman Anggota Member - -

-12. Joseph Chan _Fook3)

Direktur

Managing

Director - -

-1. Efektif mengundurkan diri sebagai Wakil Presiden Direktur pada tanggal 15 Agustus 2014 | Resigned as Deputy President Director effective since August 15, 2014

2. Berakhir masa jabatan sebagai Direktur pada tanggal 7 April 2014 | Term of Office as Director end since April 7, 2014

(8)

Risk Management [G4-14]

Bank is a financial institution that operates in a regulated environment, function as an intermediary institution. Banking activities and transactions can affect the stability of the economy, such as the national banking industry experienced in the past. The core of risk management is to manage the prudential principles in ensuring the qualified asset growth for Bank OCBC NISP. Therefore we have risk management strategies that involved the Board of Commissioners, the Board of Directors, Division Heads of business unit and supporting units until the frontliner, so that risks can be managed in line with the latest regulations and requirements.

Bank OCBC NISP implements 7 main principles for risk management:

1. Risk appetite set at the top.

2. Effective Risk Framework and Organization. 3. Integrated risk approach.

4. Business lines will be accountable for the risk taken. 5. Risk will be evaluated quantitatively, together with

appropriate qualitative analysis and stress testing. 6. Risk assessments will be independently reviewed. 7. Contingency plans will be established to ensure

resiliency against potential crises or unexpected events.

Manajemen Risiko

[G4-14]

Bank adalah lembaga keuangan yang diatur ketat oleh Regulator yang berfungsi sebagai lembaga intermediasi. Aktivitas dan transaksi perbankan dapat mempengaruhi kestabilan ekonomi, seperti yang pernah dialami perbankan nasional di masa lalu. Inti dari manajemen risiko adalah pengelolaan prinsip kehati-hatian dalam menjamin pertumbuhan aset yang berkualitas bagi Bank OCBC NISP. Oleh karenanya kami memiliki strategi manajemen risiko yang melibatkan Dewan Komisaris, Direksi, Division Head, baik dari unit bisnis maupun unit pendukung bisnis hingga frontliner, sehingga risiko-risiko dapat dikelola sejalan dengan peraturan dan persyaratan terkini.

Bank OCBC NISP menerapkan 7 prinsip utama untuk manajemen risiko:

1. Risk appetite set at the top.

2. Framework dan organisasi manajemen risiko yang efektif.

3. Pendekatan risiko yang integratif.

4. Unit Bisnis bertanggung jawab atas risiko yang diambil.

5. Risiko-risiko akan dievaluasi secara kuantitatif, bersamaan dengan analisa kualitatif dan stress testing yang sesuai.

6. Risk Assesment akan dikaji secara independen. 7. Contigency Plan dibuat untuk meyakinkan adanya

kemampuan menghadapi potensi krisis atau kejadian-kejadian yang tidak diharapkan.

Strategi New Horizon Risk Management Bank OCBC NISP

New Horizons Strategy of Bank OCBC NISP Risk Management

2011-2012

Stage III - NEW HORIZONS STRATEGY

2014-2015

• Organisasi/sumber daya manusia manajemen risiko • Analisa risiko dan pelaporan manajemen • Perbaikan dan rasionalisasi kinerja dan produktivitas • Kemampuan pengelolaan risiko secara geografis

• Risk management organization/human capital • Risk analytics and management reporting • Performance & productivity rationalization and

improvements

• Risk management capabilities geographically • Pendekatan “Enterprise Risk Management”

pada seluruh fungsi

• Mendorong efisiensi modal dan likuiditas • Common Enterprise Risk Management

approach across functions • Driving capital and liquidity efficiency

Menjadi Bank dengan Pengelolaan Risiko terbaik di Indonesia

To be The Best Risk House in Indonesia

Risk Management Architecture and

Capability

Kemampuan dan Arsitektur Manajemen Risiko Phase I Membangun Landasan dan Kerangka Kerja Build Foundation & Framework

2012-2013

Phase II Menetapkan Kedalaman dan Jarak Establish Depth & Distance Untuk mencapai: Pengelolaan, pengukuran, pemantauan, analisis, dan pelaporan manajemen risiko secara tepat waktu, komprehensif, holistik, dan terintegrasi.

To deliver:

Timely, comprehensive, holistic, integrated enterprise wide risk management, measurement, monitoring, analytics and reporting. Menciptakan

Sinergi Untuk Masa Depan

Crafting Synergies for the Future Phase III Lapor an dari Manajemen Repor t fr om Manag emen t Kinerja Ek onomi Economic P er formanc e Kinerja Social Social P er formanc e Sumber Da ya Manusia Human R esour ces Kinerja Lingk ung an En vir onmen tal P er formanc e Tata K elola Corpor ate Go vernanc e

(9)

New Horizon Strategy is a blueprint of Bank OCBC NISP to strengthen the risk management functions to achieve the vision ‘To be the best risk-house in Indonesia’. In 2014, Bank OCBC NISP has entered the phase-3 ‘Crafting Synergies for the future’ in which the achievement of synergies between business line as risk-taking units with supporting units and risk management unit as risk monitoring and managing units.

In Sharia Business Unit, the application of risk management is implemented for all UUS business activities, which is integrated with the implementation of risk management in the Bank. The implementation involves all elements of the Bank, including the Board of Directors with active supervision of the Board of Commissioners and completed by the supervision of the Sharia Supervisory Board (SSB).

Risk appetite is the overall level of acceptable risk exposure that the bank has set and is constantly monitored for compliance. Risk appetite is reviewed periodically against the business conditions, development of the Bank and existing regulations. Overall risk appetite is approved by the Board of Commissioners based on the recommendation of the President Director and Board Risk Committee. The risk management strategy is intended to achieve the Bank’s risk appetite that has been set. Risk management is implemented by Bank OCBC NISP continuously and sustainably by improving four main pillars, namely: Organization Structure & Human Capital, Policy & Procedure, Systems & Data Development & Maintenance, and Methodology, Approach, Model & Risk Analytics. The implementation of the four pillars is intended to provide the Bank with a clear reference to identify, measure, monitor, and control risk.

Three Lines of Defense

Risk management is a shared responsibility of all employees and risk awareness has become an integral part of the culture of the Bank. Bank OCBC NISP implements three lines of defense approach to manage risk in a comprehensive and layered.

New Horizon Strategy adalah cetak biru Bank OCBC NISP untuk memperkuat fungsi pengelolaan risiko untuk mencapai visi ‘To be the best risk house in Indonesia’. Pada 2014, Bank OCBC NISP telah memasuki fase-3 ‘Crafting Synergies for the future’ di mana tercapainya sinergi antara unit bisnis yang mengambil risiko dengan unit pendukung bersama unit manajemen risiko sebagai unit pemantau dan pengelola risiko.

Pada Unit Usaha Syariah, penerapan manajemen risiko dilakukan terhadap seluruh kegiatan usaha UUS yang merupakan satu kesatuan dengan penerapan manajemen risiko pada Bank. Penerapannya melibatkan semua unsur Bank, termasuk Direksi dengan pengawasan aktif Dewan Komisaris dan dilengkapi oleh pengawasan dari Dewan Pengawas Syariah (DPS).

Risk appetite merupakan tingkat keseluruhan eksposure risiko yang telah dipersiapkan untuk dihadapi dan selalu dimonitor pemenuhannya. Risk appetite secara berkala akan ditinjau kembali kesesuaiannya dengan kondisi bisnis, perkembangan Bank dan peraturan-peraturan yang ada. Risk appetite secara keseluruhan disetujui oleh Dewan Komisaris atas rekomendasi dari Presiden Direktur dan Komite Manajemen Risiko. Pengelolaan risiko perbankan ditujukan untuk mencapai strategi dan risk appetite Bank yang telah ditetapkan.

Pengelolaan risiko dilakukan oleh Bank OCBC NISP secara terus-menerus dan berkesinambungan dengan meningkatkan empat pilar utama yaitu: Organization Structure & Human Capital, Policy & Procedure, System & Data Development & Maintenance, dan Methodology, Approach, Model & Risk Analytics. Penerapan empat pilar ini dimaksudkan agar Bank memiliki acuan yang jelas dalam mengidentifikasi, mengukur, memantau, dan mengendalikan risiko.

Three Lines of Defense

Manajemen risiko merupakan tanggung jawab bersama seluruh karyawan dan kesadaran akan risiko (risk awareness) sudah menjadi bagian tak terpisahkan dari budaya Bank. Bank OCBC NISP menerapkan pendekatan three lines of defense untuk mengelola risiko secara komprehensif dan berlapis.

(10)

Dilaksanakan oleh manajemen puncak, seluruh unit bisnis (frontline businesses), dan seluruh unit pendukung (supports) yang mengembangkan usaha dengan tetap mempertimbangkan aspek kontrol risiko dalam setiap pengambilan keputusan.

Implemented by top management, all business units (frontline businesses), and the entire unit support (supports) that develop business by considering aspects of risk control in every decision.

Dilaksanakan unit kerja manajemen risiko dan unit kerja kepatuhan yang berfungsi mengelola risiko secara independen.

Implemented by risk management units and compliance unit that manage the risk independently.

Dilaksanakan oleh unit kerja audit internal yang memeriksa risk assurance dan melakukan pengawasan serta evaluasi secara berkala.

Implemented by the internal audit unit that checks the risk assurance and monitoring and evaluation on a regular basis.

FIRST LINE OF

DEFENSE

SECOND LINE OF

DEFENSE

THIRD LINE OF

DEFENSE

Struktur Organisasi Manajemen Risiko.

Risk Management Organization Structure.

Fraud Committee

BOARD OF DIRECTORS

INTERNAL

AUDIT COMPLIANCE RISK MANAGEMENTGROUP

OPERATIONAL RISK MANAGEMENT ENTERPRISE POLICY & PORTFOLIO MGT CONSUMER CREDIT RISK MANAGEMENT COMMERCIAL CREDIT RISK MANAGEMENT

CORPORATE CREDIT RISK

MANAGEMENT ASSET RECOVERYMANAGEMENT

MARKET & LIQUIDITY RISK MANAGEMENT BOARD OF COMMISSIONERS Board of Commissioners Risk Monitoring Committee

Board of Director Board Risk Committee

Special Provision Committee ALCO Operational Risk Management Committee Credit Risk Management Committee Credit Approval Committees Market Risk Management Committee BOC AUDIT COMMITTEE BOC RISK MONITORING COMMITTEE

Risiko Utama Perbankan

• Risiko Kredit: Unit Bisnis dan Unit Credit Risk Management melakukan emerging risk assessment dan memperhatikan kondisi ekonomi terkini Bank dan melakukan stress testing bulanan untuk melatih kemampuan dalam mengantisipasi potensi risiko yang mungkin terjadi dalam keadaan buruk (stressed condition).

• Risiko Pasar: Bank menetapkan berbagai limit yang sesuai dengan risk appetite di trading book dan juga di banking book (IRRBB) serta menghitung Kewajiban Penyediaan Modal Minimum (KPMM) dengan menggunakan Metode Standar sesuai pedoman.

The Main Risks Of Banking

• Credit Risk: Business Unit and Credit Risk Management Unit conduct an emerging risk assessment and by paying attention to the Bank’s current economic conditions and perform the monthly stress testing to practice the ability to anticipate potential risks that might occur in a stressed condition

• Market Risk: The Bank sets various limits in accordance to the risk appetite in the trading book as well as the risk in banking book (IRRBB) exposure and calculates the Capital Adequacy Ratio (CAR) using Standard Method as per the guidelines.

(11)

• Risiko Aset dan Liabilitas: Pelaksanaan manajemen risiko likuiditas dan risiko suku bunga dalam banking book (IRRBB) dilaksanakan berdasarkan Asset and Liability Management Framework, Liquidity Management Policy, dan Structural IRR Management Policy yang disusun dan dikaji secara berkala. • Risiko Operasional: Risiko operasional dapat timbul

akibat dari ketidakcukupan atau kegagalan proses internal, kesalahan manusia, kegagalan sistem, atau kejadian eksternal. Pengelolaan risiko operasional dilakukan melalui proses: risk identification, risk assessment, risk evaluation treatment dan risk monitoring dan reporting.

• Risiko Hukum: Pengelolaan Risiko Hukum dilakukan dengan cara mengidentifikasi dan melakukan pengendalian atas Risiko Hukum yang melekat dalam produk/aktivitas Bank serta rencana produk/ aktivitas baru sehingga bisnis Bank dapat tumbuh tidak menyimpang dari peraturan yang berlaku. Bank memiliki Corporate Legal Division, yang

bertindak sebagai “in-house legal counsel” di mana unit kerja Bank bisa memperoleh pendapat hukum dari situasi, produk dan jasa yang memerlukan tinjauan hukum.

• Risiko Strategis: Pengelolaan risiko strategis dilakukan melalui proses pertimbangan dan pengambilan keputusan secara kolektif dan komprehensif di lingkungan komite-komite pengawasan dan eksekutif, untuk menentukan langkah-langkah bisnis yang akan diambil sejalan dengan kerangka kebijakan dan arah yang telah ditetapkan.

• Risiko Kepatuhan: risiko kepatuhan melekat pada risiko Bank yang terkait peraturan perundangan dan ketentuan lain yang berlaku. Untuk memitigasi risiko kepatuhan, Bank terus melanjutkan upaya untuk senantiasa melaksanakan budaya kepatuhan dan memastikan terlaksananya fungsi kepatuhan Bank. • Risiko Reputasi: Pengelolaan risiko reputasi

mencakup pemantauan berita perusahaan, persepsi stakeholders, melalui monitoring media massa. Untuk meningkatkan reputasi, Bank OCBC NISP melakukan pengembangan budaya ONe PIC kepada karyawan, melakukan public relation, media relation, Corporate Social Responsibility, serta penanganan keluhan nasabah yang tepat.

• Risk on Assets and Liabilities: Implementation of liquidity risk management and interest rate risk in the banking book (IRRBB) conducted based on Asset and Liability Management Framework, Liquidity Management Policy, and the Structural IRR Management Policy prepared and reviewed periodically.

• Operational Risk: Operational risk can arise as a result of insufficient or failed internal processes, human error, system failure, or external events. Operational risk management is being performed through process: risk identification, risk assessment, risk treatment and risk monitoring and reporting. • Legal Risk: Legal Risk Management is conducted

by identifying and exercising control over the risks inherent in product/activities as well as in new product/activities plan of the Bank so that the Bank can grow not deviate from the regulations.

The Bank has a Corporate Legal Division, which acts as an “in-house legal counsel” in which the unit of the Bank could obtain a legal opinion on the situation, the products and services that require legal review. • Strategic Risk: strategic risk management is done

through a process of deliberation and decision-making collective and comprehensive inside the steering committee and the executives, to determine the business steps taken in line with the policy framework and direction that has been set.

• Compliance Risk: compliance risks inherent in the bank’s risk-related laws and regulations and other applicable provisions. To mitigate compliance risk, the Bank continued efforts to continually implement a culture of compliance and ensure the implementation of the Bank’s compliance function. • Reputation Risk: The management of reputation risk

include monitoring company news, perception of stakeholders, through the mass media monitoring. To improve a reputation, Bank OCBC NISP do cultural development ONe PIC to employees, doing public relations, media relations, Corporate Social Responsibility, as well as the proper handling of customer complaints.

(12)

Tinjauan atas Efektivitas Sistem Manajemen

Risiko

Fungsi pengawasan dan evaluasi manajemen risiko dilaksanakan melalui berbagai komite terkait risiko dan unit kerja Audit Internal. Komite terkait pengelolaan risiko Bank OCBC NISP terdiri dari:

• Komite Manajemen Risiko (KMR)

Komite Manajemen Risiko merupakan komite yang membantu Direksi Bank dalam menyusun kebijakan manajemen risiko, mengawasi pelaksanaan kebijakan serta memberikan rekomendasi mengenai hal-hal yang perlu dilakukan Direksi Bank terkait dengan manajemen risiko. Termasuk di dalamnya adalah manajemen risiko di Unit Usaha Syariah. • Komite Manejemen Risiko Kredit (KMRK)

Komite Manajemen Risiko Kredit (KMRK) merupakan komite yang membantu Direksi dalam memantau perkembangan dan kondisi portfolio kredit, merumuskan dan mengawasi pelaksanaan kebijakan perkreditan dan memberikan saran masukan langkah-langkah perbaikan.

• Komite Manajemen Risiko Pasar (KMRP)

Komite Manajemen Risiko Pasar (KMRP) adalah komite yang mendukung Komite Manajemen Risiko (KMR) dalam mengelola eksposur risiko pasar Bank secara menyeluruh. KMRP berfungsi mengawasi pelaksanaan manajemen risiko pasar Bank, dan memastikan kebijakan dan praktik manajemen risiko pasar Bank dilakukan dengan tepat, efektif, dan mendukung strategi bisnis Bank.

• Komite Assets Liabilities (ALCO)

ALCO adalah forum manajemen yang bertanggung jawab menetapkan kebijakan dan strategi pengelolaan Assets dan Liabilities dengan tujuan untuk mengelola risiko likuiditas dan risiko suku bunga secara dinamis dan efisien sesuai prinsip kehati-hatian dalam koridor risk appetite dan batas toleransi yang ditetapkan, yang dapat memaksimalkan net interest income Bank secara berkesinambungan serta menjaga likuiditas Bank secara sehat.

• Komite Manajemen Risiko Operasional

Komite Manajemen Risiko Operasional adalah komite yang didedikasikan dalam proses eskalasi atas penerapan pengelolaan operasional di Bank.

Review on the Effectiveness of Risk

Management System

Oversight and evaluation of risk management is performed by a number of committees related to risk management and Internal Audit Unit. Committees related to risk management in Bank OCBC NISP consist of:

• Board Risk Committee (BRC)

Board Risk Committee is a committee that helps the Board of Directors to formulate the risk management policies, oversee the implementation of policies and to provide recommendations on issues that need to be responded by the Directors of the Bank related to the risk management. This includes risk management in Sharia Business Units.

• Credit Risk Management Committee (CRMC)

Credit Risk Management Committee (CRMC) is a committee that helps the Board of Directors to monitor the progress and the condition of the credit portfolio, to formulate and oversee the implementation of credit policies and to provide feedback on corrective measures.

• Market Risk Management Committee (MRMC)

Market Risk Management Committee (MRMC) is a committee that supports the Board Risk Committee (BRC) in managing the Bank’s overall exposure to market risks. MRMC monitors the implementation of the Bank’s market risk management, and ensure that the policies and practices of Bank market risk management is done properly, effectively, and supports the Bank’s business strategy.

• Assets Liabilities Committee (ALCO)

ALCO is management forum that responsible to set the Assets and Liabilities Management policies and strategies in order to manage the liquidity risk and interest rate risk dynamically and efficiently according to the principles of prudence in the corridors of risk appetite and the set tolerance thresholds, which can maximize the net interest income of the Bank on an ongoing basis as well as maintaining a healthy liquidity.

• Operational Risk Management Committee

Operational Risk Management Committee is a committee dedicated in the escalation process of the implementation of operational management in the Bank. Lapor an dari Manajemen Repor t fr om Manag emen t Kinerja Ek onomi Economic P er formanc e Kinerja Social Social P er formanc e Sumber Da ya Manusia Human R esour ces Kinerja Lingk ung an En vir onmen tal P er formanc e Tata K elola Corpor ate Go vernanc e

(13)

• Komite Fraud

Komite Fraud adalah komite yang memiliki fungsi untuk memberikan pengarahan dan mengambil keputusan terhadap setiap laporan fraud/indikasi fraud dan penanganannya yang disampaikan oleh Tim Penanganan Fraud (TPF), pemberian sanksi, perbaikan proses/control yang bersifat fundamental atau yang sudah direkomendasikan oleh TPF dan Divisi Manajemen Risiko Operasional, namun tidak disepakati oleh unit kerja terkait.

Berdasarkan hasil penilaian yang dilakukan selama tahun 2014, Internal Audit berpendapat bahwa sistem pengendalian internal dan manajemen risiko Bank OCBC NISP dinilai secara umum memadai (generally acceptable). Hasil penilaian ini telah disampaikan oleh Internal Audit kepada Dewan Komisaris melalui Komite Audit.

Disamping evaluasi secara internal, evaluasi manajemen risiko secara independen juga diperoleh dari pihak eksternal. Sebagai bukti nyata bahwa tata kelola dan penerapan manajemen risiko pada Bank OCBC NISP telah dilakukan secara baik dan dapat memberikan nilai tambah bagi perusahaan, pada tahun 2014 Bank mendapatkan penghargaan dan pengakuan dari pihak eksternal antara lain The Best Managed Companies dari Finance Asia, dan Perusahaan Sangat Terpercaya dari Indonesian Institute for Corporate Governance (IICG).

Penerapan Konvensi Basel

Dengan pengelolaan risiko yang komprehensif, melibatkan semua pihak, dan sinergi, Bank OCBC NISP dapat mengantisipasi berbagai regulasi yang akan diterbitkan, baik oleh Bank Indonesia khususnya yang terkait dengan implementasi ketentuan Pilar 2 Basel seperti ICAAP (Internal Capital Adequacy Assessment Process) sejak 2013, risiko suku bunga pada banking book, dan risiko konsentrasi kredit.

Di masa mendatang sejalan dengan arahan Bank Indonesia/OJK, Bank OCBC NISP akan melakukan persiapan implementasi ketentuan Basel III, salah satunya adalah manajemen risiko likuiditas yaitu Liquidity Coverage Ratio, Net Stable Funding Ratio, dan Leverage Ratio.

Pengembangan Manajemen Risiko

Dengan perkembangan aktivitas perbankan yang semakin beragam dan kompleks serta diiringi dengan potensi risiko yang semakin meningkat, Bank senantiasa menyempurnakan pengelolaan risiko baik dari segi struktur organisasi dan sumber daya manusia, kebijakan dan prosedur, sistem pendukung, hingga metodologi.

• Fraud Committee

Fraud Committee is a committee set to provide guidance and to take decisions on any fraud reports/ indications of fraud and fraud handling, which reported by the Fraud Management Team (TPF), to provide sanctions, basic improvement on process/ control or that have been recommended by the TPF and the Operational Risk Management Division, but has not been agreed by the related units.

Based on the results of the assessment completed in 2014, the Internal Audit consider that the overall internal control and risk management system is generally acceptable. The result of this assessment has been submitted by the Internal Audit to the Board of Commissiners through the Audit Committee.

In addition, independent risk management evaluation is also done by an external parties. As testimony that risk management governance and application at Bank OCBC NISP has operated well and provided added value, in 2014 the Bank received numerous awards and recognition from external parties, among others the Best Managed Companies from Finance Asia, and Most Trusted Company from Indonesian Institute for Corporate Governance (IICG).

The Implementation of Basel Convention

With a comprehensive risk management, involving all parties, and synergy, Bank OCBC NISP is able anticipate the regulations that will be issued, either by Bank Indonesia, particularly related to the implementation of Basel’s Pillar 2, such as ICAAP (Internal Capital Adequacy Assessment Process) since 2013, the interest rates in the banking book and the credit concentration risk.

In the future, in line with the direction of Bank Indonesia/ OJK, Bank OCBC NISP will conduct a preparation for implementing the provisions of Basel III, one of which is the management of liquidity risk, namely Liquidity Coverage Ratio, Net Stable Funding Ratio, and Leverage Ratio.

The Development of Risk Management

Considering developments in banking activities that have become increasingly diverse dan complex and accompanied by rising potential risk, the Bank will continually refine risk management system, in terms of organizational structure and human resources, policies and procedures, support system, and methodologies. To achieve this, the Risk Management Group has a risk

(14)

Untuk mencapai ini, Risk Management Group telah memiliki perencanaan strategi pengelolaan risiko ke depan yang berfokus kepada:

• Menyelaraskan pertumbuhan portofolio kredit dengan kondisi makro sesuai dengan target pasar dan kriteria penerimaan risiko yang ditetapkan. • Membangun kapasitas sumber daya manusia dalam

rangka memenuhi kecukupan risk analytics dan sistem pemantauan yang memadai.

• Melakukan implementasi sistem dan perangkat manajemen risiko terdepan.

• Optimisasi penggunaan rating dan scoring model dalam rangka implementasi Basel 2 Internal Rating Based.

• Memastikan pemenuhan standar likuiditas Basel-III. • Membentuk fungsi control assurance pada area-area

kritikal.

• Menjalankan policy lifecycle management secara konsisten

Anti Korupsi dan Anti Pencucian Uang

[G4-SO3]

Sebagai salah satu implementasi pengelolaan manajemen risiko, Bank OCBC NISP menerapkan program Anti Pencucian Uang dan Pencegahan Pendanaan Terorisme (APU-PPT). Penerapan APU-PPT Bank dilakukan sebagai bentuk dukungan kepada pemerintah dalam pemberantasan tindak pidana pencucian uang, tindak pidana dana terorisme serta tindak pidana korupsi (Anti Korupsi). Hal ini juga diatur dalam Peraturan Bank Indonesia Nomor 14/27/ PBI/201 dan Surat Edaran Bank Indonesia Nomor 15/21/ DPNP tentang Penerapan Program Anti Pencucian Uang dan Pencegahan Terorisme Bagi Bank Umum.

Penerapan program APU dan PPT yang dilakukan Bank OCBC NISP meliputi penyesuaian kebijakan, penyempurnaan manajemen sistem informasi, pengkinian data nasabah, penerapan customer due diligence, dan penerapan pemantauan sampai ke kantor cabang serta pelaporan kepada regulator.

Bagi lingkungan internal Bank, dilakukan pelatihan dan sosialisasi kepada karyawan dalam bentuk Orientasi Karyawan Baru, pelatihan penyegaran dengan e-learning, dan pelatihan khusus. Tujuan pelatihan adalah untuk meningkatkan pengetahuan dan pemahaman karyawan tentang peraturan, modus, dan kebijakan Bank.

Fungsi pelaporan dilakukan oleh Departemen AML-CFT kepada Pusat Pelaporan dan Analisa Transaksi Keuangan dan Institusi Penegak Hukum terkait permintaan data (Badan Narkotika Nasional, Kepolisian Negara Republik Indonesia dan Komisi Pemberantasan Korupsi).

management strategy plan, focusing particularly on: • Aligning the growth of the loan portfolio with macro

conditions in accordance with the target market and risk acceptance criteria specified.

• Building the capacity of human resources in order to meet the adequacy of risk analytics and an adequate monitoring system.

• Implementing systems and leading-edge risk management tools.

• Optimizing the use of rating and scoring models for the implementation of Basel 2 Internal Rating Based Approach.

• Ensuring compliance with the Basel-III liquidity standards.

• Establishing a control function of assurance in critical areas.

• Running the policy lifecycle management consistently.

Anti-Corruption and Anti-Money Laundering

[G4-SO3]

One of the implementations of risk management, Bank OCBC NISP implements the Anti Money Laundering and Terrorism Financing Prevention (APU-PPT). The implementation of APU-PPT is a support to Government’s money laundering, financing terrorism, and corruption eradication program (Anti-Corruption). This is also stipulated in Bank Indonesia Circular number 14/27/PBI/201 and Bank Indonesia Circular Letter number 15/21/DPNP regarding The Implementation of Anti-Money Laundering and Terrorism Financing Prevention.

Implementation of AML and CFT program conducted by Bank OCBC NISP includes adjustment policies, improvement of information systems management, customer data updating, the application of customer due diligence, and the application of monitoring up to the branch office and reporting to regulators.

Internally Bank OCBC NISP conduct training and socialization to employees which includes the New Employee Orientation, Refresher training with e-learning and specialized training. The purpose of training is to increase the knowledge and understanding of the employees regarding the rules, modes, and the Bank’s regulations.

The reporting functions is carried out by the AML-CFT Department to Center for Financial Transaction Reporting and Analysis, National Narcotics Agency and the Indonesian National Police.

(15)

Fraud Prevention and Management

Bank OCBC NISP does not accept and tolerate any act of fraud. Fraud is an intentional violation or omission of standards, procedures, and/or code of conduct that occurred in the Bank or by means of the Bank and result in financial loss, either directly or indirectly to the Bank or its customers and provides benefits to the actors. Bank OCBC NISP has established guidelines Fraud Risk Management Framework, Policy and Procedures.

Fraud management aims to close the possibility of fraud in the Anti-Fraud strategy of prevention, detection, investigation, and monitoring. Anti-fraud culture campaign involving governance bodies and all employees of the Bank are conducted continuously. Bank OCBC NISP establishes Fraud Management Team for investigation, follow-up and reporting of fraud, as well as Fraud Committee which provides direction and decision based on reports from Fraud Management Team including decisions on sanction given and monitoring of control improvement.

Pencegahan dan Pengelolaan Fraud

Bank OCBC NISP tidak dapat menerima dan mentoleransi segala bentuk tindakan fraud. Fraud adalah sebuah pelanggaran atau pembiaran secara sengaja atas standar, prosedur, dan/atau code of conduct yang terjadi di lingkungan Bank atau menggunakan sarana Bank dan mengakibatkan kerugian finansial baik langsung atau tidak langsung bagi Bank atau nasabahnya dan memberikan keuntungan bagi pelaku baik secara langsung maupun tidak langsung. Bank OCBC NISP telah memiliki pedoman Kerangka Kerja Pengelolaan Risiko Fraud, Kebijakan dan Prosedur Penanganan Fraud. Pengelolaan fraud bertujuan untuk mencegah peluang terjadinya fraud. Penerapan strategi Anti-Fraud meliputi pencegahan, deteksi, investigasi, pelaporan dan sanksi, serta pemantauan, evaluasi dan tindak lanjut. Kampanye budaya anti-fraud melibatkan manajemen dan seluruh karyawan Bank yang dilakukan secara terus menerus. Bank OCBC NISP membentuk Tim Penanganan Fraud untuk menindaklanjuti, dan menginvestigasi setiap pelaporan fraud, dan Komite Fraud yang memiliki fungsi untuk memberikan arahan dan pengambilan keputusan atas laporan fraud dari Tim Penanganan Fraud, pemberian sanksi dan memonitor perkembangan perbaikan kontrol.

• Surprise Audit • Program Whistleblowing.

• Karyawan dan nasabah dapat melaporkan indikasi fraud.

• Pemantauan atas aktivitas/transaksi tidak wajar.

• Surprise Audit • Whistleblowing Program.

• Employees and customers can report indications of fraud.

• Monitoring on suspected transaction/activities.

• Tindaklanjut oleh unit independen (Tim Penanganan Fraud).

• Mekanisme pelaporan kepada manajemen dan regulator.

• Whistleblowing protection program bagi pelapor. • Sanksi tegas terhadap pelaku, pihak terkait,

termasuk kalalaian pimpinan unit.

• Follow up by an independent unit (Fraud Handling Team).

• Reporting mechanism to management and regulators.

• Whistleblowing protection program for whistleblowers.

• Strict sanctions against the perpetrators, related parties, including negligence by the unit head.

• Fraud awareness program untuk karyawan. • Kontrol dengan 4 eyes principle. • Desain dan kontrol pada product program. • Pengamanan (fisik dan logical) atas dokumen dan

aset Bank.

• Customer Due Diligence. • Know your employee.

• Fraud awareness program for employees. • Control with 4-eyes principle.

• Design and control of the product program. • Security (physical and logical) on document and

Bank’s assets. • Customer Due Diligence. • Know your employee.

• Evaluasi pada proses dan kontrol penyebab fraud. • Tindakan perbaikan.

• Pemantauan penerapan perbaikan.

• Evaluation of the process and control the causes of fraud.

• Corrective action.

• Monitoring the improvement implementation.

Pencegahan Prevention Investigasi, Pelaporan dan Sanksi Investigation, Report & Sanction Pemantauan, Evaluasi dan Tindak

Lanjut Monitoring Evaluation and Follow-up Deteksi Detection

(16)

Bank Management has built an anti-fraud culture to create a prudent working environment and to provide protection for customers and stakeholders from a variety of potential losses that may occur. The things that have been done to develop the culture, ethics and fraud prevention such as:

• Implementation of the Bank’s Code of conduct that must be adhered to by all employees of the Bank from the highest level to the bottom.

• Anti-Fraud Campaign, conducted by sending email blast to employees of the Bank, through the publication of the Bank’s intranet and organizes workshops Anti Fraud Awareness for the employees of the Bank.

• Monitoring carried out by the Commissioner and the Board of Directors on fraud risk management strategy to monitor the handling of fraud cases and provide guidance in the application of the Anti-Fraud Strategy which is conducted through the Anti-Fraud Committee, Board Risk Committee and Operational Risk Committee.

• Know Your Employee for the employees of the Bank. • The implementation of dual control and segregation

of duties over the work process as stipulated in the Bank’s policies and procedures.

• Conduct a review of the new work processes to ensure that existing control weaknesses have been corrected before the implementation process. • Build a whistleblowing process that encourages

employees to report incidents of fraud that knows no fear of pressure or threats over reports that have been made.

• Bank OCBC NISP Code of Conduct states that the Bank and its employees shall not accept gifts, including souvenirs, benefits from other parties that may affect attitudes or decisions.

Manajemen Bank telah membangun budaya anti fraud guna menciptakan lingkungan kerja yang taat dan patuh aturan serta aman untuk melindungi nasabah dan stakeholder dari berbagai potensi kerugian yang mungkin terjadi. Hal-hal yang sudah dilakukan untuk mengembangkan kultur, etik dan pencegahan fraud seperti:

• Penerapan Kode Etik perusahaan sebagai pedoman perilaku yang harus ditaati oleh seluruh karyawan Bank dari tingkat yang paling tinggi sampai yang paling bawah.

• Anti Fraud Campaign, dilakukan dengan

mengirimkan email blast kepada karyawan Bank, publikasi melalui intranet Bank serta mengadakan workshop peningkatan Anti Fraud Awareness bagi para karyawan Bank.

• Pengawasan yang dilakukan oleh Komisaris dan Direksi atas strategi pengelolaan risiko fraud dengan memonitor perkembangan penanganan kasus fraud dan memberikan pengarahan dalam penerapan Strategi Anti Fraud. Pengarahan dan monitoring penerapan strategi anti Fraud antara lain dilakukan melalui Komite Fraud, Board Risk Committee dan Operational Risk Committe.

• Know Your Employee terhadap karyawan Bank. • Penerapan dual control dan segregation of duties

atas proses kerja sebagaimana yang diatur dalam kebijakan dan prosedur Bank.

• Melakukan tinjauan atas proses kerja baru atau pengkinian proses yang sudah ada untuk memastikan kelemahan kontrol yang ada telah diperbaiki sebelum proses implementasi.

• Membangun proses whistleblowing yang mendorong karyawan untuk melaporkan kejadian fraud yang diketahuinya tanpa rasa takut terhadap tekanan atau ancaman atas laporan yang telah dibuatnya. • Kode Etik Bank OCBC NISP yang menyatakan

bahwa Bank dan karyawan tidak boleh menerima pemberian, termasuk hadiah, cinderamata, imbalan dari pihak lain yang dapat mempengaruhi sikap atau keputusan.

Direksi terlibat dalam memberikan persetujuan terhadap Kerangka Kerja Pengelolaan Risiko

Fraud, Kebijakan dan prosedur Penanganan Fraud dan Fraud. Direksi juga terlibat dalam

pengawasan pengelolaan fraud melalui Komite Fraud, Board Risk Committee dan Operational

Risk Committee. Dengan Pendekatan ini Direksi selalu diupdate mengenai hal-hal yang terkait

dengan kejadian fraud.

Board of Directors are involved in approving the Fraud Risk Management

Framework, Procedures Policy of Fraud Management. In addition, Board of Directors

are also involved in the oversight of fraud management through Fraud Committee,

Board Risk Committee and Operational Risk Committee. With this approach, Board

of Directors always receive updated information related to fraud events.

(17)

In 2014, Bank OCBC NISP has organized Anti-Fraud or Risk Awareness Training participated by 793 employees. From 2013 until 2014, 37% of total employees or 2,477 employees has participated in the Anti-Fraud or Risk Awareness Training. While for other working units are given the risk awareness programs in the form of introduction and prevention of fraud.

Whistleblowing

Whistleblowing is one of the ways being used to detect any incidence of fraud and abuse of authority or position. All employees of Bank OCBC NISP can report suspected acts of fraud through an oral report or e-mail or by using the notification web-based application which can be accessed at any time. Investigation of reports received conducted by the Internal Audit Division by appointing Whistleblowing Investigation Officer and then reported to the President Director to be followed up appropriately. Pada 2014, Bank OCBC NISP telah menyelenggarakan

pelatihan Fraud atau Risk Awareness yang diikuti oleh 793 karyawan. Sejak 2013 hingga 2014, jumlah karyawan Bank yang telah mengikuti pelatihan Fraud atau Risk Awarenes sebanyak 2.477 karyawan atau sebanyak 37% dari total karyawan Bank. Sedangkan kepada unit-unit kerja, diberikan program peningkatan risk awareness berupa pengenalan modus fraud dan pencegahannya.

Komunikasi dan Training Kebijakan dan Prosedur Anti

Korupsi 1) _[G4-SO4]

2014 2013

Communication and Training on Anti-Corruption Policies

and Procedures1)_[G4-SO4]

Jumlah Peserta Participants Persentase dari Total % of total Jumlah Peserta Participants Persentase dari Total % of total

Komunikasi Kebijakan dan Prosedur Anti Korupsi pada

organ perusahaan tertinggi 2) 19 100% 19 100%

Communication Anti-Corruption Policies and Procedures on the highest authority 2)

Komunikasi Kebijakan dan Prosedur Anti Korupsi pada

Karyawan 3) 6,746 100% 6,736 100%

Communication Anti-Corruption Policies and Procedures to Employees 3)

Training Anti Korupsi pada

Direksi dan Dewan Komisaris 5 62.5% 1 12.5%

Anti-Corruption Training on the Board of Directors and Board of Commissioners

Training Anti Korupsi pada

Karyawan 4) 793 11,76% 1,684 25% Anti-Corruption Training to _Employees4)

1. Anti Korupsi termasuk: APU, PPT dan Kampanye Anti-Fraud

2. Komunikasi kebijakan dan prosedur fraud dilakukan salah satunya melalui Rapat Komite terkait risiko.

3. Komunikasi kebijakan dan prosedur fraud kepada karyawan dilakukan melalui publikasi di web internal Bank yang dapat diakses oleh seluruh karyawan. 4. Training mengenai Fraud Awareness dan Risk Awareness.

1. Anti-Corruption including: AML, CFw T and Anti-Fraud Campaign 2. Communication fraud policies and procedures conducted through Committees meeting related to risk. 3. Communication fraud policies and procedures to employees made through the Bank’s internal web publication that can be accessed by all employees. 4. Training about Fraud Awareness and Risk Awareness.

Whistleblowing

Whistleblowing adalah salah satu cara yang digunakan untuk mendeteksi adanya kejadian fraud dan penyalahgunaan wewenang atau jabatan.

Seluruh karyawan Bank OCBC NISP dapat melaporkan perbuatan yang dicurigai sebagai fraud melalui laporan lisan atau email atau dengan menggunakan aplikasi pada website yang bisa diakses setiap saat. Investigasi atas laporan yang diterima dilakukan oleh Divisi Internal Audit dengan menunjuk Whistleblowing Investigation Officer untuk kemudian dilaporkan kepada Presiden Direktur untuk dilakukan langkah penanganan yang sesuai.

(18)

Sanctions applied to all those who committed fraud by granting sanctions policy, in accordance with the type of offense and the degree of involvement. The form of sanctions can be warning letters, Termination of Employment, as well as the transfer of the case to the authorities. Implementation of whistleblowing reports submitted regularly to the Audit Committee of Bank OCBC NISP.

To indicate fraud at an early stage, the Bank is also continuously doing socialization to employee regarding the importance of fraud reporting using various media such as email blast and posters.

Sanksi diterapkan pada semua pihak yang terbukti melakukan fraud atau penyimpangan atau pelanggaran hukum berdasarkan Kebijakan Pemberian Sanksi, sesuai dengan jenis pelanggaran dan tingkat keterlibatannya. Bentuk sanksi dapat berupa Surat Peringatan, Pemutusan Hubungan Kerja, serta pelimpahan kasus kepada pihak yang berwenang. Laporan pelaksanaan whistleblowing disampaikan secara berkala kepada Komite Audit Bank OCBC NISP.

Insiden Fraud yang Terbukti dan

Tindakan yang Dilakukan[G4-SO5] 2014 2013 Confirmed Incidents of Corruption and Actions Taken [G4-SO5]

Jumlah total dan jenis insiden fraud yang

terbukti* 1 10 Total number and nature of confirmed incidents of corruption*

Jumlah insiden fraud yang terbukti di mana

karyawan diberhentikan atau tindakan disiplin 1 9 Total number of confirmed incidents in which employees were dismissed or disciplined for corruption

Jumlah insiden fraud yang terbukti di mana kontrak rekanan diputus atau tidak diperpanjang

0 0 Total number of confirmed incidents when contracts with business partners were terminated or not renewed due to violations related to corruption

Jumlah kasus hukum terkait fraud terhadap organisasi atau karyawan selama periode pelaporan dan hasilnya

0 5 Public legal cases regarding corruption brought against the organization or its employees during the reporting period and the outcomes of such cases

* Kejadian Fraud Internal dengan eksposur Rp 100 juta keatas. * Internal Farud incident with exposure of IDR 100 million and above.

Agar kejadian fraud dapat teridentifikasi sejak dini, Bank secara rutin mensosialisasikan pentingnya pelaporan fraud kepada karyawan melalui berbagai sarana seperti email blast dan pemasangan poster.

Contoh materi komunikasi kepada karyawan tentang program Anti Fraud

Examples of communication material to employee about Anti Fraud Program

(19)

Selain program sosialisasi melalui email, Bank OCBC NISP juga menekankan pentingnya dalam menjunjung tinggi integritas dan profesionalisme melalui penerapan kode etik (Code of Conduct). Salah satu butir Kode Etik Bank OCBC NISP mengatur bahwa karyawan tidak diperbolehkan untuk menerima pemberian apapun dari pihak lain yang dapat mempengaruhi sikap atau keputusan.

In addition to the outreach programs via e-mail, Bank OCBC NISP also stressed the importance of upholding integrity and professionalism through the implementation of Code of Conduct. One of the points of Bank OCBC NISP’s Code of Conduct stipulates that employees are not allowed to accept any gifts from other parties that may affect attitudes or decisions.

Materi pada buku Code of Conduct tentang penerimaan gratifikasi

(20)

Selain itu, sebagai wujud komitmen Bank OCBC NISP untuk pelaksanaan tata kelola perusahaan yang baik, Bank juga secara rutin mensosialisasikan kepada seluruh stakeholder bahwa Bank OCBC NISP tidak menerima gratifikasi dalam bentuk apapun. Sosialisasi tersebut antara lain dilakukan dengan memuat pemberitahuan pada media massa.

* Iklan diterbitkan dalam Bahasa Indonesia di Harian Kontan, 6 Juli 2014.

Advertisement published in Indonesian on Kontan Daily Newspaper, 6 July 2014.

As realization of Bank OCBC NISP commitment to implement good corporate government, the Bank is routinely doing socialization to its stakeholders that the Bank will not receive any gratification in any form. Such socialization was done through mass media advertising.

(21)

Tujuan pelibatan pemangku kepentingan

adalah menciptakan manfaat timbal

balik antara Bank OCBC NISP dengan para

pemangku kepentingannya.

The objective of engaging the stakeholders is to create

reciprocal benefits between Bank OCBC NISP with all

stakeholders.

Pemegang Saham Shareholder

Masyarakat Society

Pemerintah Goverment

Karyawan Employee

Mitra Kerja Business Partner