[BCM] [CGC] [E3] [BIA] [DP] [CBF] [1] Risk Assessment and Guarantee Issuance

[Business Continuity Strategy] [Template 1]

CBF-1: Risk Assessment and Guarantee Issuance

In today’s complex financial ecosystem, the ability of financial institutions to maintain continuity during disruptions is paramount.

For Credit Guarantee Corporation Malaysia (CGC), which plays a vital role in facilitating access to financing for small and medium enterprises (SMEs), the continuity of critical business functions is essential to economic resilience and national development.

Among its core operational pillars, Risk Assessment and Guarantee Issuance stand out as a fundamental process that directly supports CGC’s mission. This function encompasses a series of interconnected sub-processes that evaluate SME creditworthiness and enable the issuance of guarantees to partnering financial institutions.

This chapter analyses the “Risk Assessment and Guarantee Issuance” function, structured under CGC’s Business Continuity Management (BCM) framework. It outlines the sub-critical business functions (sub-CBFs), their ownership, activities, tools, and criticality levels.

By identifying and detailing each sub-CBF, CGC ensures that operational resilience is built into the backbone of its guarantee operations, safeguarding its strategic objectives, stakeholder confidence, and service delivery commitments, even in the face of disruptions.

Detailed Business Processes for Risk Assessment and Guarantee

This function is the cornerstone of CGC’s operations, involving the evaluation of SMEs' creditworthiness and issuing guarantees to banks on their behalf. Below is a breakdown of the end-to-end business process:

1. Application Intake

• Process Owner: Relationship Manager / Frontline Officers
• Steps:
  • Receive a guarantee application from an SME or partner financial institution.
  • Verify the completeness of the required documentation.
  • Log the application into the enterprise system.
• Criticality: High (delays affect service delivery timelines)

2. Preliminary Eligibility Check

• Process Owner: Credit Analyst
• Steps:
  • Check if the SME meets minimum eligibility criteria (business registration, size, industry, etc.).
  • Flag non-compliant or ineligible cases for rejection or further review.
• Tools: Internal eligibility checklist
• Criticality: Medium

3. Credit Risk Assessment

• Process Owner: Credit Risk Department
• Steps:
  • Perform financial analysis (e.g., liquidity, solvency, profitability ratios).
  • Conduct qualitative assessments (management experience, market outlook).
  • Assign a risk rating using internal risk models.
• Tools: Risk Rating Models, Credit Scoring Engines
• Criticality: High (core to guarantee issuance decision)

4. Site Visits / Due Diligence (if required)

• Process Owner: Credit Risk / Relationship Team
• Steps:
  • Schedule and conduct site visits or virtual interviews with SME.
  • Collect operational and contextual data.
  • Update findings into the risk evaluation system.
• Criticality: Medium

5. Guarantee Structuring

• Process Owner: Risk Structuring Officer / Legal
• Steps:
  • Determine guarantee terms: coverage amount, tenure, fees, risk-sharing ratio.
  • Structure guarantee according to product type (e.g., portfolio scheme vs. individual).
• Criticality: High (affects exposure and risk profile)

6. Approval Process

• Process Owner: Credit Committee / Approving Authority
• Steps:
  • Submit application and risk report to the appropriate approval level based on risk exposure.
  • Review and either approve, reject, or request modifications.
• Criticality: High

7. Issuance of Guarantee

• Process Owner: Operations Department
• Steps:
  • Generate and issue a guarantee certificate or letter to the partnering bank.
  • Update systems and notify relevant stakeholders.
  • Archive documentation in DMS (Document Management System).
• Criticality: Very High (Guarantee must be enforceable and legally sound)

8. Post-Issuance Monitoring Setup

• Process Owner: Credit Monitoring Team
• Steps:
  • Register the guarantee in post-issuance tracking systems.
  • Set alerts for key milestones (e.g., expiration, review dates).
  • Initiate onboarding for periodic SME updates.

• Criticality: High

Business Continuity Considerations

To ensure the resilience of this critical function:

• Redundancy in IT Systems: Real-time backups, off-site DR systems.
• Staff Cross-Training: Enable critical functions to be performed by alternates.
• Remote Access Capabilities: Secure VPN access for analysts and approvers.
• Alternative Communication Channels: Backup methods for liaising with banks and SMEs.
• Pre-defined Manual Workflows: In case of system outages, especially for issuance steps.

Here is the table format of the "Risk Assessment and Guarantee Issuance" critical business function, broken down into its sub-critical business functions (sub-CBFs):

Risk Assessment and Guarantee Issuance – Sub-CBFs and Details

Summing Up ...

The Risk Assessment and Guarantee Issuance function is not only central to CGC’s operational model but also instrumental in supporting the broader SME financing ecosystem.

By systematically breaking down this function into distinct sub-critical business functions, CGC is better positioned to embed resilience and maintain service continuity under adverse conditions. Each sub-CBF—from application intake to post-issuance monitoring—carries specific responsibilities and risk exposure, warranting tailored continuity strategies.

Through this structured approach, CGC reinforces its ability to withstand operational shocks while ensuring that SME clients continue to benefit from timely and effective credit support.

As Business Continuity Management becomes increasingly vital in the financial services sector, CGC’s rigorous process mapping and prioritisation of key functions exemplify a proactive and sustainable continuity planning model.