To ensure the effectiveness of compliance risk management, the Company has adopted three lines of defense practice. This model structures the roles and responsibilities across the organization to ensure comprehensive oversight and control.

First Line: Operational departments, which are at the forefront of daily business operations ensure that operations are conducted without being exposed to unnecessary risks by adhering strictly to the policies and guidelines.

Second Line: Compliance department, which plays an important role in strengthening business units by formulating and assessing policies to align with both laws & regulations and organizational objectives. Besides, when any business concerns arise, the compliance team collaborates closely with the legal department to provide advice for execution.

Third Line: Internal audit function, which provides an independent assessment of the performance of both the first and second lines, ensuring all business processes are functioning effectively. The Audit Committee oversees this function to ensure alignment with best practices and regulatory requirements.

In addition, the compliance department promotes awareness and alignment with laws and regulations, fostering a culture of adherence to both internal policies and external regulations.