Liquidity risk occurs when SSI loses its ability to fulfill its obligations to pay part or all of the due debts, failing to meet the demand for payment of securities purchased by investors using margin lending, or experiencing delay or failure to meet the requirements of payment activities of investors on accounts maintained at SSI. With the number of clients growing over the years, mounting to over 153 thousand accounts in 2018 across SSI branches in different cities, receiving hundreds of payment requests per day, SSI must ensure the quickest, safest, and most cost-effective way to conduct payment operations for investors. In order maintain flexibility in serving clients, SSI has connected with dozens of banks to manage an average investor deposit balance of over VND 3,373 billion in absolute safety. 

In 2018, SSI's margin lending service continued to maintain strong growth, requiring high flexibility in balancing daily cash flow between timely cash disbursement (in margin lending) and efficient use of cash flow when investors repay margin loans. SSI also holds the largest securities investment portfolio in the market, thus the management of low liquidity investments also requires a sound balance of owners' equity, to be able to reinvest the capital to capture investment opportunities. In 2018, SSI continued to ensure absolute liquidity management, without the occurring of any risky incident. Net capital ratio remained high between 326% and 490%, well above the regulatory 180% set forth by SSC.

This achievement was thanks to a stringent cash flow management process, which was established based on the particular priority given to liquidity risk management and the close collaboration fostered between SSI’s units. All business units have access to a regular and detailed reporting system for timely information update.



In 2018, in order to further increase margin lending activities, SSI mobilized more capital from bank loans and bond issuance, which leads to more complicated cash flow management. However, the Company maintained a reasonable and balanced ratio between assets and liabilities, following the basic liquidity risk management.


Every year, SSI reviews the Business Continuity Plan (BCP) of the organization and also performs rehearsal for key subjects. Due to the launch of new core system for cash market in 2018, the BCP has been revised dramatically. Most of critical subjects have been tested in 2018. Certain areas which are under our enhancement plan were deferred to early 2019. 
SSI continued to maintain the high alert policy on all security related protection from physical accessibility, hacking, attacking to information leakage. 
In 2018, the Company had a tier one international consultancy firm to review our facilities and environment. The purpose is to review and recommend improvements on three different categories – operations, stability and availability, and security protection. We are following their recommendations to fine-tune our security protection and other areas.
This year, SSI also had new facilities on monitor security risks. These include Security Information & Event Management (SIEM), and Security Operations Center (SOC), etc. These allow SSI to react security risks in earlier stage to avoid any material damage to the organization.
Compliance risk refers to the risk that the Company must face in the event that the Company or its employee violates or does not comply with the provisions of the law, the provisions of the Company's charter, internal and professional procedures, regulations, including professional code of ethics. 
Preventing and limiting compliance risks are considered an important task of the Company. A number of measures implemented by the Company to prevent compliance risks include: 
Process and operational design with cross-checking among individuals and departments. At the Company, operational procedures and operational apparatus are designed for mutual cross-check to enhance internal inspection and supervision, limiting power abusing and allowing early detection of violations;
Improving employees’ compliance awareness. Training and advocacy of compliance are attended to. Newly recruited employees are trained in common procedures, regulations and special regulations related to their areas of work. During the time at SSI, employees are trained periodically to have strong grab on work process and raise awareness of compliance;
Establishing an internal inspection and supervision system;
Applying stringent discipline to violations of the Company's regulations.
In 2018, the Company's Internal Control Department conducted 42 inspections across various departments for compliance checking of internal procedures and regulations and relevant laws. Based on data and risk assessment and departments’ objectives, the Internal Audit Department will develop a control program for comprehensive and objective implementation and risk reduction. Control results are reported to the CEO, Head of Unit and Compliance Department of the Company for timely handling of violations, updating and correcting operational procedures to mitigate risks and increase work performance. In addition, in order to enhance compliance, the Internal Audit Department periodically offered training courses on internal control system.  
In parallel with internal control activities, the Internal Audit Department also performed 37 internal audits in 2018 relating to accounting documents, taxes and financial statements. Internal audit activities promptly detected errors and proposed compliance measures to the Chief CEO. Internal audit activities have increased the effectiveness of compliance risk management in the Company. Published financial statements, tax reports and net capital reports of the Company ensured honesty and objectiveness, in accordance with accounting standards and regulations.
The Company maintained annual training for the entire staff on professional ethics, internal control, and money laundering prevention and control. The Finance and Accounting Departments also attended training to acquire knowledge and update regulations on accounting and tax, participated in training courses and seminars organized by the regulators, etc. In 2019, the Company plans to promote training through online training systems and channels, to facilitate employees’ quick access to internal regulations and policies. These systems and channels, on another hand, act as tools to evaluate qualifications, professional ethics and skills of employees to improve the quality of human resources.
A number of compliance risks that the Company has identified and developed control measures for 2018 is presented in the following table: 


By improving the awareness of compliance, increasing the frequency of control and timely updating and finalizing of process, in 2018, the number of violations and errors was strictly controlled and there were no significant errors.