Governance

Scroll

As Malaysia’s sovereign wealth fund, Khazanah maintains strong corporate governance and embeds risk management as a core part of our organisational culture.

Following the strategic refocus of our mandate in 2019, we enhanced our governance and risk management capabilities to support our long-term goals.

This included elevating our risk maturity, embedding structured risk approaches across functions and strengthening the capabilities of our governance, risk and compliance teams.

Governance and Accountability

Risk Appetite and the Framework of Integrity, Governance and Risk Management

Khazanah’s Risk Appetite defines the level of risk we are prepared to accept in delivering our dual mandate, generating risk-adjusted financial returns through commercial investments and achieving socioeconomic outcomes.

This is supported through:

Strategic Asset Allocation

Reflects the Board’s risk appetite and long-term market outlook, aimed at optimising risk-return balance and capital efficiency

Set limits and Management Action Triggers (MATs) for liquidity, insolvency, investment, operational and reputational risks

Evaluates portfolio resilience under adverse but plausible macroeconomic scenarios

Preserves investment-grade credit quality through disciplined asset-liability management and adequate liquidity buffers

Monitors exposure across Investment, Asset-Liability Management (ALM), ESG, Operational and Strategic risk categories 

Khazanah’s Framework of Integrity, Governance and Risk Management (FIGR) outlines our governance structure and responsibilities, based on the Three Lines of Defence model adopted since 2004. The framework supports effective risk oversight and promotes a strong culture of integrity and accountability across the organisation.

Governance Structure

The Board holds ultimate responsibility for overseeing risk management at Khazanah. Risks are managed using the established Three Lines of Defence governance model.

Our Framework of Integrity, Governance and Risk Management (FIGR) is grounded in our Core Values: accountability, mutual support, respect for diverse perspectives and integrity in all that we do.

The Board, chaired by the Prime Minister of Malaysia, is supported by three sub-committees:

Executive Committee (EXCO)

Assists the Board in deliberating strategic, financial and investment matters

Audit and Risk Committee (ARC)

Oversees internal controls, risk management and audit integrity

Nomination and Remuneration Committee (NRC)

Advises the Board on human capital matters related to directors, senior management and employees

Framework of Integrity, Governance and Risk Management

1

SAA

Strategic Asset Allocation

2

ALM

Asset and Liability Management

3

K-3P

Khazanah’s Policies, Procedures & Practices

4

ERM

Enterprise Risk Management

5

ORM

Operational Risk Management

6

BCM

Business Continuity Management

7

EXCO

Executive Committee

8

ARC

Audit & Risk Committee

9

NRC

Nomination & Remuneration Committee

Khazanah’s governance structure is based on the Schedule of Matters for the Board (SMB) and Limits of Authority (LOA).

The SMB defines the responsibilities of the Board and its sub-committees, while the LOA sets authority limits for senior management, supporting clear accountability across the organisation.

The RICA matrix, Recommend, Inform, Consult, Approve, complements the SMB and LOA by providing checks and balances across decision-making processes.

01

Management Committee (MC)

The Management Committee (MC) reviews strategic and operational matters, including financial and organisational performance

02

Investment Committee (IC)

The Investment Committee (IC) evaluates and approves investment and divestment proposals within the authority levels set by the LOA

Operationally, we remain guided by Khazanah’s Policies, Processes and Procedures (K3Ps), which include key documents such as the Investment Policy, Sustainable Investment Policy, Shareholder Expectations and Investment Stewardship, ESG Framework, Code of Business Ethics and Code of Conduct, all accessible on our website.

To promote consistency and good governance, we have adopted a framework to standardise the implementation of K3Ps. This includes using set templates, defined approval levels and regular updates by designated document owners.

Level 1

Framework / Policy
Framework and Policies are to be approved by the Board or Board Committee (EXCO, ARC, NRC)

Level 2

Process and Procedures – Enterprise P&P
Enterprise P&Ps are to be approved by the MD

Level 3

Divisional P&Ps
Divisional P&Ps are to be approved by this HOD

Guidelines / Manuals
Guidelines / Manuals are to be approved by the HOD

Governance, Risk and Compliance Division

While the Audit and Risk Committee (ARC) oversees risk management at Khazanah, the Governance, Risk and Compliance (GRC) Division is responsible for implementing the Board’s strategic direction on risk matters.

The GRC, through the Chief Risk Officer (CRO), reports directly to the ARC and administratively to the Managing Director. This dual reporting structure ensures independent governance through clear separation of duties.

Together with the Internal Audit & Investigation team, GRC supports the Second and Third Lines of Defence within Khazanah:

The Second Line focuses on strengthening enterprise governance practices and providing risk advisory support, particularly for investment-related decisions

The Third Line provides independent assurance to the Board, ensuring that both the First and Second Lines are functioning effectively and that existing governance standards are appropriate and sufficient

See Next /

Integrity