KPEI Corporate Governance

Enterprise Risk Management

Indonesia Clearing and Guarantee Corporation is committed to improving its capabilities as a Central Counterparty (CCP) having international standards, one of them by implementing the Good Corporate Governance (GCG) principles in the form of the risk management application in every company’s activity in order to mitigate or reduce the risk to be as small as possible so the company can achieve optimal results.

Risk Management in IDClear is implemented based on Three Lines of Defense approach, which consists of a component or business functions (Risk Owner), ERM (Enterprise Risk Management) and SPI (Internal Audit Unit). As a second line of defense, IDClear ERM is developed based on SNI : ISO 31000 risk management standard, which consists of risk management principles, risk management framework and risk management processes. According to ISO: ISO 31000, risk is the impact of uncertainties for the achievement of the organization’s objectives, while the definition of risk management is the coordinated activities undertaken in order to manage and control an organization with regard to the risks it faces. On the definitions that have been described we can see that Corporate Risk Management or Enterprise Risk Management (ERM) system is implemented to manage and control the risk of the company's business where corporate goals are expected to be achieved.

IDClearERM system is arranged based on the principles, framework and process of interrelated ERM and in accordance with SNI : ISO 31000 for ERM. The risk management principles functions as a cornerstone paradigm in implementing risk management frameworks and processes. ERM work stages consist of firstly context determination, secondly risk assessment which consists of risk identification, risk analysis and risk evaluation. Risk evaluation is carried out by determining the acceptable level of risk based on the company’s risk appetite and risk tolerance. The third stage is the risks handling by performing planning and determining priorities for the risk management implementation. All the stages or processes are done through communication and consultation with Risk Owner and monitoring and review by ERM where these processes will then produce IDClear's corporate risk profile.

BUSINESS CONTINUITY MANAGEMENT

As an institution that serves to provide clearing and guarantee services for securities transaction settlement, PT Kliring Penjaminan Efek Indonesia (IDClear) is obliged to ensure the availability of these services for stakeholders. IDClear has a risk management tool whose job is to ensure that all main services and functions run properly. One of the Company’s risk management tools is the Business Continuity Management System (BCMS), whose objective is to build corporate service resilience. Its aim is to prevent or reduce the disruption to the Company's operations, so that it can ensure the availability of services and the needs of stakeholders continue to be fulfilled.
 
To ensure its effectiveness when utilized, IDClear conducts BCM (Business Continuity Management) simulations at least once a year. IDClear also has an alternate site that is separate from the main office, which can be used to carry out business activities in the event of a disruption at the main office. Therefore, continuity of operational activities can be maintained.
 
BCMS implementation in IDClear refers to BCMS Guidelines. In its implementation, BCMS is supported by full commitment of the Board of Directors and Employees. The cycle of BCMS implementation involves the key elements of BCMS at IDClear, among others are:
  1. Initiation and planning
  2. Business Impact Analysis (BIA)
  3. Risk Assessment
  4. Development of a Recovery Strategy
  5. Development of Business Continuity Procedures
  6. Dissemination, Training, and Awareness for Business Continuity Procedures
  7. Testing of Business Continuity Procedures
  8. Maintenance of Business Continuity Procedures