Our approach

We are committed to upholding the highest standards of corporate governance in all that we do. We comply with all corporate governance regulations, codes and guidelines established in Malaysia. The OCBC Code of Conduct and Group policies set out the expected standards of behaviour for all employees. Our Board and senior management are committed to a zero-tolerance approach towards all forms of bribery and corruption, which is clearly communicated to all employees and others we work with.

To further strengthen our Bank’s culture which is guided by our core values, LIFRR (Last Value, Integrity, Forward-Looking, Respect and Responsibility), we have rolled out the initiatives highlighted below.

Featured programmes/initiatives

Revised Anti-Bribery and Corruption (ABC) policy 

• Revamped the Bank’s ABC programme to strengthen the internal controls to align with Malaysian Anti-Corruption Commission (MACC) adequate procedures guidelines against all forms of bribery and corruption risks. 

• Implemented ABC Risk Assessment to ensure all external parties engaged by the Bank are properly assessed and screened against bribery and corruption risks prior to onboarding. 

• Implemented a comprehensive Bribery and Corruption Risk Assessment within the Bank, which is performed periodically, and the results are reported to the Board.

Whistleblowing programme

Employees can raise concerns of fraud or misconduct through the In-person, Email or Mail reporting channels. Anonymous and non-anonymous whistleblowing reports received by Audit are investigated independently by Audit, where the findings will be reported to the Audit Committee.

Read more on OCBC’s whistleblowing programme 

Our approach

Over the years, we have earned the trust and confidence of our customers by maintaining a reputation anchored on integrity and honesty – underpinned by our core values. Our brand promise, to be Simply Spot On, underscores our commitment to deal fairly with customers by:

• Providing our customers with clear, relevant and timely information to help them make informed decisions.

• Recommending only products that are aligned with our customers’ financial objectives and risk profiles.

• Training and certifying our sales employees so that they are equipped to give appropriate advice and recommendations.

• Ensuring customers’ feedback and complaints are addressed in an effective and prompt manner.

Featured programmes/initiatives

Fair Treatment Committee, Framework and Monitoring Programme

Our Fair Dealing journey began about a decade ago and has today evolved to the Fair Treatment of Financial Consumers (FTFC), following the launch of BNM’s FTFC guidelines on 6 May 2020. We enhanced the Fair Dealing framework to the FTFC framework to account for these changes on 4 February 2020. Through it, we:

• Oversee strategic initiatives and measurement to ensure we deal fairly, including conducting quarterly reviews of our FTFC performance. In 2021, no adverse issues were encountered in our review.

• Monitor and assess the Bank’s FTFC performance based on two aspects:-

• Quantitative – such as the number of regulatory breaches reported to BNM, audit results, compensation amount arising from mis-sellings.

• Qualitative – to understand the systemic nature of misconduct.
  
  

Product Suitability Committee, Policy and Framework

Our Product Suitability Policy Guidelines, overseen by the Malaysia Product Suitability Committee governs the approval of new investment products to ensure they are appropriate for the target customer segment based on OCBC’s Product Suitability Risk Rating Methodology which assesses both the risk factors of new investment products and risk profiles of the target customers, before matching both to ensure only suitable products are recommended to our customers.

GiFT Policy

We have long encouraged our employees to log all feedback and complaints, stemming from our long running maxim that complaints are ‘Gifts’.

Our approach

We take a holistic approach to managing financial crimes and cyber threats, implementing measures across risk governance, people, process, and technology. 

Our robust processes help protect customers' information and assets from financial crime and cyber threats.  The Bank proactively invests in new technologies to help prevent, detect, and respond to evolving cyber threats and financial crimes. Our networks are monitored through a 24-hour Cybersecurity Operations Centre.

The ongoing global pandemic has necessitated  large-scale remote working arrangements and higher degrees of digital engagement with our customers. Therefore, our internal controls and risk management processes are progressively strengthened to support the increasing volume of digitalisation initiatives to help us serve our customers better.

From a regulatory perspective, we conform with high ethical standards and guard against undertaking any transaction that is or may relate to the facilitation of Money Laundering / Terrorism Financing (ML/TF), proliferation financing or sanctions evasion.

Beyond the Bank, we contribute at industry level via the Compliance Officer Networking Group (CONG) and the Association of Banks Malaysia (ABM) in discussions regarding mitigating measures against emerging trends and so forth. We will continue to partner and collaborate with law enforcement agencies and other financial institutions to actively gather cyber threat intelligence and collectively combat the associated crimes and threats.

We recognise the need to continuously elevate the effectiveness of controls to keep pace with the evolving risk environment, as well as improve and strengthen surveillance & detection capabilities via risk surveillance and data analytics.

Featured programmes/initiatives

Anti-fraud measures 

• Consistently invest in fraud surveillance and anti-financial malware systems.

• Continue to raise scam awareness among customers and employees across multiple channels, including internet and mobile banking, social media, electronic direct mails, and webinars. 

Preventing data breaches

Considering a significant proportion of staff work remotely, data protection is of paramount importance. OCBC has an existing comprehensive set of measures in place, including robust polices, standards and processes, controls to restrict accesses on a need-to basis, regular monitoring to facilitate prompt detection and follow-up of possible data breaches, as well as regular risk awareness broadcasts in line with evolving threats – for example, phishing and ransomware – to uplift staff vigilance. In addition, the Bank continues to implement progressive enhancements such as further strengthening endpoint data loss prevention controls to enable adequate data protection in the new norm of remote working.

Cyber resilience

• We reviewed and strengthened OCBC’s preventive, detective, and response capabilities to enhance the Bank’s cyber resilience to better address the evolving cyber threat landscape. 

• We uplifted cyber vigilance of our customers through advisory via customer touchpoints like our mobile banking application and internet banking website, helping our customers be more cyber aware & avoid falling prey to common attacks. 

Anti-Money Laundering (AML) and countering the Financing of Terrorism, Sanctions

• Revamped AML/CFT & Sanctions online training programme to strengthen staff’s awareness of ML/TF and Sanctions risk. 

• Maintained updated policies & procedures to tackle newly identified risks and typologies.  

• Deepened organisational AML/CFT risk awareness via Bank-wide AML Quizzes.

• Supported Police Diraja Malaysia (PDRM) in their launch of eFSA, a new secured digital platform developed & administered by PDRM’s Commercial Crime Investigation Department (CCID), for the submission of permitted customer information disclosures from banks to PDRM in a more efficient and structured manner. 

• Proactively provided Sanctions education to targeted customer segments via a Sanctions Questionnaire and ensure the OCBC Sanctions Notice on our webpage is up to date, declaring OCBC’s stance on complying with sanctions laws and regulations.