Internal Audit has diligently raised awareness of key risks impacting the organization and provided advice to Management and the Board in developing control solutions.

ICD has institutional and governance mechanisms in place to ensure the utmost compliance with Shari’ah principles, regularity, transparency, integrity, and legality in all its activities, transactions, and operations. Our greatest priority lies in the adherence to the highest accountability and transparency standards to ensure public confidence while delivering maximum development effectiveness.

Risk Management

The mandate and strategic focus of ICD’s risk management function is to ensure active risk management of various risks inherent in ICD’s operations, including credit, market and operational risks, thereby ensuring its long-term financial sustainability and preserving its creditworthiness.

In a world where market volatility, complexity, disruption, and technology innovations are fundamentally changing how the business of multilateral development banks such as ICD should operate, the Risk Management function is aligned with the organizational structure and equipped with industry best-practice and facilitates building a high-performance and resilient organization through the development and maintenance of a comprehensive risk management framework i.e. policies, guidelines, processes, methodologies and IT systems, managing the portfolio with a specialized and dedicated team, establishing effective business continuity management and ensuring regular measurement, reporting and mitigation of major risks inherent to ICD’s activities.

The Risk Management function supports ICD’s strategic plan and business delivery, thereby helping it to achieve sustainable growth and profitability. It also promotes a strong risk culture and establishes governance standards and best practices where strategic decisions and day-to-day operations are made from a risk-return/development impact perspective. It aims to achieve efficiencies within the Corporation and strengthen synergies with IsDB Group entities and other multilateral development banks. It maintains a constructive relationship with credit rating agencies and other stakeholders.


Based on the Anti Money Laundering, Combating Financing Terrorism and the Know Your Customer Policy of the IsDB Group, ICD is strongly committed to ensuring that all its activities are governed by its strict rules, procedures and guidelines. All activities are undertaken based on rigorous scrutiny, due diligence, monitoring and oversight using automated filtering and screening systems which cover all major international sanctions programs, embargoes, politically exposed persons (PEPs) and legal and regulatory enforcement lists etc. This policy was approved by the IsDB Board of Executive Directors in 2019 and the ICD Board adopted the policy in 2020. Additionally, ICD takes into consideration the latest version of the unbiased and non-political recommendations of specialized international entities such as the Financial Action Task Force (FATF) on Anti-Money Laundering and Combating Financing of Terrorists, International Convention for Suppression of the Financing of Terrorism and the UN Security Council Resolution No. 1373, as measures to combat money laundering and the financing of terrorism. As a member of the IsDB Group, ICD also has an approved Integrity Policy, Disclosure of Information & Conflict of Interest Policy and Whistleblowing Policy dealing with anti-bribery, anti-corruption, anti-fraud and conflict of interest.

All compliance-related matters are entrusted to and handled by a dedicated Compliance Unit within ICD, which reports functionally to the CEO and submits semi-annual reports to Audit, the Risk and Compliance Committee of the Board and is responsible for: the development and implementation of compliance-related policies, manuals and procedures; the oversight and monitoring of all activities relating to the prevention, detection and combating of Money Laundering (ML) and Terrorism Financing (TF);  conducting compliance-related training and awareness activities; and the provision of support and guidance to ICD senior management, as well as to all ICD employees. This ensures that ML and TF risks are adequately identified, excluded, and mitigated.

Internal Audit

The Internal Audit function is an independent assurance and consulting activity that adds value to ICD by assisting it to accomplish its objectives. With numerous changes occurring across the globe significantly impacting ICD and our member countries, the function has employed a more dynamic, systematic, and disciplined approach in evaluating and improving the effectiveness of ICD’s governance, risk management and internal control mechanisms. Internal Audit has diligently raised awareness of key risks impacting the organization and provided advice to Management and the Board in developing control solutions.

The function is free from interference from any element in ICD on matters of audit selection, scope, access to information, procedures, frequency, or internal audit report content. Its independence is further ensured by functionally reporting to the Audit, Risk and Compliance Committee of the ICD Board.

The function utilizes a risk-based approach to develop its Annual Audit Plan, which it aligns with ICD’s strategic priorities and objectives, thereby confronting ICD’s most pressing risks. Audit coverage is achieved through channelling audit efforts to business, support, and control functions within the Corporation. In 2022, the function focused on providing assurance services to ICD’s core business functions but with other critical areas in Human Resources and financial control and reporting also being audited.

Looking ahead, as part of its continuous improvement processes, the function seeks to enhance the efficiency of its activities by upgrading some of its audit systems and evaluating some of its procedures for better efficiency and quality. Internal Audit shall also be seen not only as an assurance provider, but also an advisor and strategic partner. Whilst this requires a sufficient level of trust and open exchange of timely information, the function shall ensure that candid dialogue continues to occur, especially when differing views have arisen. With 2023 earmarked for further enhancing the Corporation’s corporate governance, culture, systems and controls, the Audit team shall, alongside other assurance activities, play an enhanced advisory role to both Management and the Board while ensuring that it remains independent.


The Legal function has steadily carried on with its mandate to support and complement the mission of ICD through the provision of accurate, effective, and efficient and timely legal services that protect ICD’s interests. The Legal Department has also successfully managed all the legal risks emanating from the operations of ICD and institutional affairs (internal and external), provided support at the organizational and business unit levels, and advised on all projects, transactions and corporate arrangements of ICD. To further streamline the process for partnership engagement, the Memorandum of Understanding (MoU) has been standardized to ensure minimum legal resource utilization.