top of page

Governance & Risk

Governance & Risk Summary

Strong Governance, Robust Risk Management

At CasaNext, governance and risk are at the heart of our credibility and sustainability.

  • Governance: Transparent, accountable decision-making with independent oversight.

  • Risk Management: Systematic identification, assessment, and mitigation of financial, operational, regulatory, technological, and reputational risks.

  • Regulatory Alignment: Compliance with AMMC standards, Bank Al-Maghrib guidelines, Moroccan corporate governance practices, and global best practices (OECD, ISO 31000).

  • Accountability: Board-level responsibility with clear reporting lines and independent audit.

  • Resilience: Building long-term stability and protecting stakeholders from systemic and emerging risks.

CasaNext - Governance & Risk Policy

Last Updated: October 15, 2025 

1. Purpose and Scope

This Governance & Risk Policy sets out CasaNext FinCorp’s commitment to sound governance principles and effective risk management, ensuring the company operates with integrity, accountability, and resilience in all markets.

It applies to the Board of Directors, executive leadership, employees, contractors, and partners.

2. Governance Principles

CasaNext adheres to the following governance principles:

  • Transparency: Accurate, timely, and clear disclosure to stakeholders.

  • Accountability: Clear roles and responsibilities across all levels of management.

  • Independence: Oversight by independent directors and committees.

  • Ethics & Integrity: Decisions guided by CasaNext’s Ethics & Deontology Code.

  • Stakeholder Engagement: Acting in the best interests of investors, regulators, employees, and society.

3. Governance Structure

  • Board of Directors: Ultimate governing body, responsible for strategy, oversight, and risk management.

  • Executive Management: Implements strategy and ensures compliance with governance policies.

  • Committees:

    • Audit & Risk Committee – monitors risk, compliance, and audit functions.

    • ESG & Sustainability Committee – ensures integration of ESG into strategy.

    • Compliance Committee – oversees regulatory and ethical adherence.

  • Chief Risk Officer (CRO): Independent function responsible for risk identification, monitoring, and reporting.

  • Internal Audit: Provides assurance on controls, governance, and risk management effectiveness.

4. Risk Management Framework

CasaNext adopts the ISO 31000 Risk Management Standard and COSO Enterprise Risk Management (ERM) principles.

4.1 Risk Categories

  • Strategic Risks: Market volatility, geopolitical risks, regulatory shifts.

  • Financial Risks: Liquidity, credit, counterparty, and investment risks.

  • Operational Risks: Process failures, human errors, vendor risks.

  • Compliance Risks: Breaches of AMMC, Bank Al-Maghrib, AML/CFT, or data protection laws (GDPR, Law 09-08).

  • Technological Risks: Cybersecurity, data breaches, IT disruptions.

  • Reputational Risks: Public perception, ethical misconduct, stakeholder trust.

  • ESG Risks: Environmental, social, and governance-related risks.

4.2 Risk Management Process

  1. Identification: Proactive scanning of internal and external risk factors.

  2. Assessment: Measuring likelihood, impact, and velocity.

  3. Mitigation: Implementing policies, controls, and safeguards.

  4. Monitoring: Continuous review and audit of key risks.

  5. Reporting: Transparent reporting to management, Board, and regulators.

5. Compliance and Regulatory Risk

  • Strict adherence to AMMC and Bank Al-Maghrib directives.

  • Implementation of AML/CFT measures under Law 43-05.

  • Protection of personal data in compliance with GDPR and Law 09-08.

  • Monitoring sanctions and embargo risks in line with FATF and UN standards.

6. Technology & Cybersecurity Risk

  • Continuous investment in IT security (firewalls, encryption, multi-factor authentication).

  • Regular penetration testing and cybersecurity audits.

  • Business continuity and disaster recovery planning.

7. Business Continuity & Crisis Management

  • Contingency planning for market shocks, system outages, or geopolitical events.

  • Clear escalation procedures and crisis communication protocols.

  • Periodic stress testing and scenario analysis.

8. Oversight & Accountability

  • The Board of Directors retains ultimate accountability for governance and risk.

  • The Chief Risk Officer (CRO) ensures independent monitoring.

  • The Audit & Risk Committee reviews quarterly risk assessments.

  • Employees are required to escalate any risk or compliance concerns immediately.

9. Reporting & Transparency

  • Annual publication of CasaNext’s Governance & Risk Report summarizing risk exposures, governance practices, and mitigation efforts.

  • Timely disclosure of material risks to regulators and stakeholders.

10. Enforcement

  • Non-compliance with this Policy may result in disciplinary action, up to termination or legal liability.

  • Risk breaches will be escalated to the Board and regulators where necessary.

11. Continuous Improvement

CasaNext commits to:

  • Reviewing and updating governance and risk frameworks annually.

  • Benchmarking against best-in-class financial institutions.

  • Embedding a “risk-aware culture” across all levels of the organization.

12. Contact

For governance and risk-related inquiries:

Governance & Risk Office – CasaNext FinCorp
Email: saad@casanext.finance
Website: www.casanext.finance

bottom of page