Bursa Malaysia
Bursa Marketplace
Bursa Anywhere
Bursa Academy
Bursa Sustain
Bursa 2U
EN
Market Information
Equities Prices
Indices
Bonds Prices
Derivatives Prices
Security Futures Prices
Shariah Compliant Equities Prices
Market Statistics
Securities
Bonds
Derivatives
Market Data
Information Services License
Website Linking Service
Historical Data Packages
Information Vendors
Announcements
Company Announcements
Structured Warrants
Entitlement by Ex-Date
SPEEDS
Trade
Market
Securities Market
Derivatives Market
Islamic Markets
Labuan International Financial Exchange (LFX)
Risk & Compliance
Overview
Risk & Compliance Framework
BMSC and BMDC as Central Counterparty (CCP)
PFMI Disclosure
Our Product & Services
Equities
Bonds
Derivatives
Islamic Markets
Indices
Labuan International Financial Exchange (LFX)
Co-Location Service
BTS2 On-Boarding
Network Access and Infrastructure Services (NAIS)
Central Depository System (CDS)
Trading Resources
Listing Directory
Equities
Brokers for Equities
Non Broker Participants
Bonds
Brokers for Bonds
Derivatives
Brokers for Derivatives
Islamic Markets
Post Trade
Securities Borrowing & Lending (SBL)
Islamic Securities Selling & Buying Negotiated Transaction (ISSBNT)
Securities Clearing & Settlement
Derivatives Clearing & Settlement
Transaction Costs, Fees and Changes
SST
Listing
Why Bursa Malaysia
Your Listing Destination
Get Listed
Listing Criteria
Listing Process
Cost of Listing
Fees and Charges
Issuer Services
Advisers / Sponsors
Supporting Partners
Listing Resources
IPO
IPO Prospectus
LFX Prospectus
Corporate Governance and Sustainability
Labuan International Financial Exchange (LFX)
Market Participants
Listing Sponsors List
Issuers
Financial Instruments
Fees
Business Process
Regulation
Overview
Structure
Overview
Regulatory Committees
Regulatory Oversight Body
Overview of Rules
Rules Making Process
About Bursa Malaysia Regulatory
Regulatory Approach/Philosophy
Supervision of Issuers
Supervision of Brokers
Enforcement
Market Surveillance
Listing Requirements
Main Market
ACE Market
LEAP Market
FAQs
Securities
Rules of Bursa Malaysia Securities
Rules of Bursa Malaysia Securities Clearing
Rules of Bursa Malaysia Depository
Derivatives
Rules of Bursa Malaysia Derivatives
Rules of Bursa Malaysia Derivatives Clearing
Bonds
Rules of Bursa Malaysia Bonds
Islamic
Rules of Bursa Suq Al-Sila' (BSAS)
Best Practices for Islamic Stockbroking Services
Labuan International Financial Exchange (LFX)
Rules of LFX
Directives / Circulars
FAQs Relating to Bursa Malaysia Rules
Public Consultation
Communication Notes/Guides
AskListing@Bursa
Bursa Link
prospectus_exposure
Reference
Bursa Digital Research
Market Updates
Bursa BLITZ
IPO Factsheets
ETF Reports
insights
Derivatives
Islamic Markets
Bursa Broadcast
Regulatory Insights
Bursa Academy
KnowledgeCentre@Bursa
Market Terminologies
Market Commentaries
FAQs
Securities
Derivatives
Islamic Markets
Labuan International Financial Exchange (LFX)
LEAP
Central Depository System (CDS)
Public Listed Companies Transformation Programme
Overview
Guidebooks
FAQs
About Bursa
About Us
Overview
Who We Are
Our Organisation
Corporate Governance
Board of Directors
Top Management Team
Other Corporate Information
Corporate History
Awards and Certification
Calendar
Tenders
Related Links
Investor Relations
IR Home
Financial Information
Stock Information
Shareholdings
Information for Shareholders
Information Request
Other Information
Sustainability
Overview
Economic/Markert
Social
Environment
Sustainability Governance
Approach on Materiality and stakeholder engagement
Yayasan Bursa Malaysia
Sustainability Reports
Risk & Compliance
Overview
Framework & Governance
Enterprise Risk Management
Compliance Management
Business Continuity Management
Media Centre
Speeches
Gallery
Media Releases
Articles
Careers
Company Announcements 
EN
Bursa Malaysia Icon
Bursa Malaysia
Bursa Marketplace Icon
Bursa Marketplace
Bursa Anywhere Icon
Bursa Anywhere
Bursa Academy Icon
Bursa Academy
Bursa Sustain Icon
Bursa Sustain
Contact Us Icon
Bursa 2U
English
Bahasa Malaysia
简体中文

Management of Operational Risk

The management of operational risk is guided by the definition and Principle 17 of the IOSCO PFMI. Operational risk is identified as the risk that deficiencies in information systems or internal processes, human errors, management failures, or disruptions from external events that will result in the reduction, deterioration, or breakdown of services provided by Bursa Malaysia. 

The management of some of the significant operational risks faced by the Group are outlined below:

Business interruption

Appropriate systems with adequate capacity, security arrangements, facilities and resources are in place to mitigate risks that could cause interruption to the Group’s critical business functions. The Group has a comprehensive Business Continuity Plan (BCP), including a Disaster Recovery Plan which is tested annually to ensure continuity of the business and technology operations. Besides the mandatory industry wide tests, the Group also facilitates BCP exercises for the market participants. The objective of this exercise was to ensure market participants’ backup sites / systems can be connected successfully to Bursa Malaysia in the event of a disruption.

Cyber security

Bursa Malaysia has implemented various mitigation measures to manage Cyber Security risk including a robust network architecture which is segmented into private and public networks. This aims to isolate the problem within the segment in the event of a cyber-attack. Bursa Malaysia has invested and set in place adequate IT security tools and mechanisms to enhance the cyber resilience capabilities to anticipate, withstand, contain and rapidly recover from a cyber incident with the objective of limiting the escalating risks that cyber threats pose to Bursa Malaysia and the broader capital market. There has not been any compromise to the mitigation measures taken by Bursa Malaysia which will leave Bursa Malaysia’s infrastructure and system to be vulnerable to a cyber-attack. The tools and mechanisms are reviewed and assessed on an annual basis or as and when needed. In addition, review on the cyber security architecture by an independent party is conducted periodically. It aims to ensure observance with the Guidance on Cyber Resilience for Financial Market Infrastructures issued by IOSCO as well as to comply with the Guidelines on Management of Cyber Risk issued by the SC Malaysia.

Bursa Malaysia has put in place several controls to mitigate physical breaches covering the main Bursa building as well as the Disaster Recovery site. To ensure that Bursa Malaysia is sufficiently prepared to meet any eventuality, there are plans that have been developed and exercised to address multiple possible scenarios which can impact the physical security at Bursa Malaysia’s premises.

Policies & Procedures

The effective operations of Bursa Malaysia is dependent to a significant extent on the availability, adequacy and effectiveness of its frameworks, policies, processes and procedures. Hence, Bursa Malaysia has put in place the key frameworks, policies and procedures which include the following:

  • System/Operations – IT Security Policy, Information Management Policy, Business Rules, Trading & Clearing procedures, ISMS Manual

  • Risk & Compliance – ERMPF, Compliance Framework, BCM Framework

  • People – Code of Ethics, Employee Handbook, Group Disciplinary Policy

  • Budget – Finance Policies & Procedures, Corporate Authority Manual, Contract Management Guidelines

The key frameworks, policies and procedures will continue to be reviewed to ensure that the effectiveness and adequacy of the implementation are in accordance with global best practices and standards.