The Credit Risk Audit Program is essential for financial institutions operating in Malaysia to maintain effective oversight of their credit risk management practices. This document becomes necessary when institutions need to establish or update their credit risk audit methodology in compliance with Bank Negara Malaysia's guidelines and the Financial Services Act 2013. It provides a structured approach to evaluating credit portfolios, assessing underwriting standards, reviewing credit administration processes, and ensuring regulatory compliance. The program is designed to accommodate both conventional and Islamic banking operations, incorporating relevant Shariah compliance aspects where applicable. It includes comprehensive audit procedures, sampling methodologies, reporting templates, and quality assurance mechanisms tailored to the Malaysian regulatory environment.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Your data doesn't train Genie's AI
You keep IP ownership of your docs
1. 1. Purpose and Scope: Defines the objectives of the credit risk audit program and its scope of coverage
2. 2. Authority and Responsibilities: Outlines the audit team's authority and key stakeholders' responsibilities
3. 3. Risk Assessment Framework: Details the methodology for assessing credit risk and determining audit frequency
4. 4. Core Audit Areas: Identifies mandatory areas for review including credit policies, underwriting standards, and portfolio management
5. 5. Audit Methodology: Describes the standard audit procedures, sampling methods, and testing approaches
6. 6. Documentation Requirements: Specifies required documentation for audit working papers and evidence
7. 7. Reporting Framework: Details the structure and timing of audit reports and follow-up procedures
8. 8. Quality Assurance: Outlines quality control measures for the audit process
9. 9. Regulatory Compliance: Addresses compliance with relevant Malaysian banking regulations and BNM requirements
1. Specialized Lending Reviews: Additional procedures for specialized lending products (include if institution offers project finance, commodity finance, etc.)
2. Islamic Banking Considerations: Specific requirements for Shariah-compliant credit products (include if institution offers Islamic banking services)
3. Digital Lending Assessment: Procedures for reviewing digital lending platforms and algorithms (include if institution offers digital lending products)
4. Cross-border Lending: Additional requirements for international credit exposure (include if institution has significant cross-border operations)
5. SME Lending Procedures: Specific considerations for SME credit assessment (include if institution has significant SME portfolio)
1. Appendix A: Audit Planning Templates: Standard templates for audit planning and risk assessment
2. Appendix B: Sampling Methodology: Detailed guidance on sampling techniques and sample size determination
3. Appendix C: Credit Review Checklists: Comprehensive checklists for different types of credit facilities
4. Appendix D: Report Templates: Standardized templates for audit reports and management responses
5. Appendix E: Risk Rating Matrix: Criteria and methodology for risk rating assignments
6. Appendix F: Regulatory Requirements: Summary of relevant BNM regulations and compliance requirements
7. Appendix G: Exception Tracking Template: Template for monitoring and tracking audit exceptions and their resolution
Find the exact document you need
Credit Risk Audit Program
A Malaysian-compliant framework for conducting systematic credit risk audits in financial institutions under Bank Negara Malaysia's regulatory requirements.
Download
Operational Resilience Policy
A Malaysian-compliant internal policy document establishing operational resilience framework and guidelines, aligned with Bank Negara Malaysia's requirements and industry best practices.
Download
Genie’s Security Promise
Genie is the safest place to draft. Here’s how we prioritise your privacy and security.
Your documents are private:
We do not train on your data; Genie’s AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
We are ISO27001 certified, so your data is secure
Organizational security:
You retain IP ownership of your documents and their information
You have full control over your data and who gets to see it
.png)
.png)