Operational Resiliency
• The SC Code of Conduct guides the conduct and behaviour expected of all employees and the consequences of breach. It provides clarity to employees on the SC’s values and principles which is uphold against standards of good governance and professional conduct.
• The new SC Corporate Scorecard and its alignment across the organisation and all levels provide transparency and line of sight on the corporate strategic objectives, key focus areas and expected deliverables to the employees. The focus on measuring outcome and impact would shape the mindset towards building a sustainable operation.
• The introduction of SC DNA consolidating the core values and leadership competencies provides the foundation for building a cohesive culture which gives focus to stakeholders and talent within. It also emphasises the need to uphold integrity and be innovative while staying prudent by considering the risk impact on the organisation and inculcating the building of resilient leaders.
• The Job Rotation Policy established provides upskilling opportunities for the staff and this is in line with the structured development of talent initiatives within the SC.
• IT operations and cyber security undergo continuous assessment, considering evolving technology and cyber security risks. This ongoing process aims to ensure that the SC’s infrastructure is effectively protected from threats such as malware, unauthorised access, insider breaches and other disruptions that could impact its operations. In addition to established processes and technologies, ongoing user awareness initiatives are conducted to enhance the SC’s resilience against phishing and other social engineering attacks that could potentially bypass security measures.
• This year, the SC has embarked on the 3-year Technology and Analytics Masterplan (TAAM) execution. TAAM outlines a series of initiatives aimed at ensuring long-term operational and technological resilience. These initiatives encompass
the development of a robust and secure infrastructure, supported by application architectures capable of addressing both current and future needs.
• In the first year of TAAM execution, the SC has prioritised foundational initiatives. These include infrastructure enhancements, modernisation of backup systems, cyber security improvements and the establishment of Central Platform Services for SC applications. These foundational steps will precede the development of identified applications, all of which align closely with the SC’s strategic priorities. The SC’s focus remains on enhancing supervision, surveillance, investor protection and the institutionalisation of knowledge.
Anti-Corruption Measures
• In line with National Anti-Corruption Plan (NACP) requirements, the SC developed the Organisational Anti-Corruption Plan (OACP) in 2020. The OACP represents a three-year strategy aimed at bolstering governance, integrity and anti- corruption controls. As the completion of SC’s OACP action plans from the previous cycle nears, the SC has developed the OACP for the years 2024 to 2026 which was approved by the SC’s Anti-Corruption Committee (JAR – Jawatankuasa Anti-Rasuah).
• In coming out with OACP 2024-2026, Corruption Risk Assessment (CRA) workshops were held comprising representatives from all departments within the SC. These workshops identified potential weaknesses and risk factors that could cause corruption or compromise integrity and provided opportunity to identify mitigation plans to enhance good governance.
• Based on the CRA workshop’s assessments, selected departments participated in a three-day Organisational Anti-Corruption Plan workshop. During these OACP workshops, proposed action plans were discussed and additional initiatives were identified. The forthcoming OACP for 2024-2026 will encapsulate the strategies and initiatives that focus on three priority areas namely Governance, Integrity and Anti-Corruption.
PART 5 ORGANISATION INFORMATION
 SECURITIES COMMISSION MALAYSIA ANNUAL REPORT 2023 167