The case for CSR/ Sustainability Reporting Done Responsibly


Insights on how you can protect the environment, maintain and increase the value of your company, through a structured process.

Insights on how you can protect the environment, maintain and increase the value of your company, through a structured process.

Home / case studies / Case study: How Maybank promotes ethical business conduct

Case study: How Maybank promotes ethical business conduct

Established in 1960, Maybank is the largest financial services group in Malaysia, providing a full suite of conventional and Shariah-compliant products and services in commercial banking, investment banking and insurance. Maybank is committed to protecting its customers and the group from risk by upholding sound business practices and meeting its legal and regulatory requirements.

This case study is based on the 2019 Sustainability Report by Maybank published on the Global Reporting Initiative Sustainability Disclosure Database that can be found at this link. Through all case studies we aim to demonstrate what CSR/ ESG/ sustainability reporting done responsibly means. Essentially, it means: a) identifying a company’s most important impacts on the environment, economy and society, and b) measuring, managing and changing.

Layout 1Abstract

Maybank remains committed to maintaining high standards of integrity, corporate governance and transparency across its operations.  Tweet This! In order to promote ethical business conduct Maybank took action to:

  • fight financial crime, bribery, corruption and fraud
  • protect personal data
  • promote integrity
  • respect human rights

What are the material issues the company has identified?

In its 2019 Sustainability Report Maybank identified a range of material issues, such as good governance, cyber security, responsible financing, sustainable business growth, product and service innovation, leadership and talent pipeline. Among these, promoting ethical business conduct stands out as a key material issue for Maybank.

Stakeholder engagement in accordance with the GRI Standards              

The Global Reporting Initiative (GRI) defines the Principle of Stakeholder Inclusiveness when identifying material issues (or a company’s most important impacts) as follows:

“The reporting organization shall identify its stakeholders, and explain how it has responded to their reasonable expectations and interests.”

Stakeholders must be consulted in the process of identifying a company’s most important impacts and their reasonable expectations and interests must be taken into account. This is an important cornerstone for CSR / sustainability reporting done responsibly.

Key stakeholder groups Maybank engages with: 

Stakeholder Group                Method of engagement



·      Conferences and non-deal roadshows

·      Quarterly conference calls and biannual analyst briefings on financial performance

·      Thematic investor day briefings

·      One-on-one and group investor meetings with Group President and CEO (GPCEO), Group Chief Financial Officer or Head of Group Investor Relations

·      Dissemination of information and disclosure of materials on Maybank’s website

·      AGM and EGM

·      Annual and Sustainability Reports




·      Digital touchpoints (e.g. Maybank2u and Maybank Trade mobile apps, Maybank2u and Maybank2e websites and Etiqa online portals)

·      Physical branches and self-service terminals

·      Customer Service Centres

·      Sales representatives: Relationship Managers, Personal Financial Advisors and Client Coverage Teams

·      Maybank social media platforms

·      Customer satisfaction surveys



·      Reporting and periodic updates to regulators

·      Active participation in and contribution to industry and regulatory working groups, forums and consultation papers






·      Employee dialogue sessions with Group EXCO and Conversation Series with C-Suite

·      Employee engagement programmes and initiatives

·      Regular electronic and printed communication (e.g. email and newsletters)

·      Employee engagement and feedback surveys/platforms (e.g. Employee Engagement Survey, electronic “Ask Senior Management”, Group Human Capital Contact Centre)



·      Partnerships and employee volunteerism in strategic community initiatives

·      Websites and social media platforms

How stakeholder engagement was made to identify material issues

To identify and prioritise material topics Maybank engaged with its stakeholders through survey forms that were distributed to both internal and external stakeholder groups.

What actions were taken by Maybank to promote ethical business conduct?

In its 2019 Sustainability Report Maybank reports that it took the following actions for promoting ethical business conduct:

  • Fighting financial crime, bribery, corruption and fraud
  • Maybank is committed to fighting financial crime and ensuring compliance with relevant laws and regulations. In order to protect the integrity and reputation of the Group, Maybank aims to establish effective controls to anticipate, prevent, detect and respond to money laundering and terrorist financing risks. Maybank also adopts a zero-tolerance approach against all forms of bribery and corruption in carrying out its daily operations and complies with the Malaysian Anti-Corruption Commission Act 2009, as well as other laws and regulations in the countries where it operates. Maybank’s revised Anti-Bribery and Corruption Policy aims to provide a clear guidance to all Maybank directors, employees and third parties/associated persons on Maybank’s commitment to address and manage bribery and corruption risks. The Policy makes references to top level commitment, enterprise wide risk assessment, control measures, monitoring and training. In 2019, 22,338 employees participated in anti-bribery and corruption training. Additionally, Maybank’s Anti-Fraud Policy outlines how the Group effectively manages fraud, from detection to remedy. Robust and comprehensive tools and programmes are employed to reinforce the Policy, with clear roles and responsibilities outlined at every level of the organisation. Stern disciplinary action is taken against employees involved in fraud.
  • Protecting personal data
  • Maybank is constantly improving its cyber security to protect its customers, has a 24/7 security monitoring and response unit and conducts assessments on various entities across the Group. Group Technology also carries out rigorous tests to make sure that vulnerabilities in the bank’s systems are quickly identified and resolved immediately and Data Loss Prevention measures are implemented to protect confidential customer data.
  • Promoting integrity
  • Under Maybank’s Code of Ethics and Conduct, employees are expected to conduct themselves with integrity at all times. Maybank’s Whistleblowing channels (formerly Integrity Hotline) have been in place since 2004 to provide an avenue for disclosure regarding any improper conduct. All employees can raise concerns regarding any misconduct or wrongdoing including, but not limited to, bribery and corruption, fraud, theft or embezzlement, abuse of power by an employee, conflict of interest, breach of Maybank’s Code of Conduct, failure to comply with legal and regulatory obligations or unauthorised disclosure of customer information. Maybank’s Board has recently approved revisions to the Maybank Group Whistleblowing Policy, for enhanced public knowledge. Any person who is aware of, or has reasonable grounds to suspect that any improper conduct has been committed by an employee or representative of Maybank can make a disclosure. The identity of a whistleblower who made a disclosure in good faith will be kept confidential and will only be disclosed on a strictly need-to-know basis. Employees who whistleblow in good faith will also be protected by Maybank from any repercussion.
  • Respecting human rights
  • Maybank operates in a number of emerging markets of the ASEAN (Association of Southeast Asian Nations) region and monitors human rights situations in its operating environment closely. Maybank also monitors human rights aspects within the organisation and through its business, from labour rights in the supply chain to collective bargaining and the right to privacy. In 2019, 53% of employees were covered by collective bargaining agreements. In line with the terms of Maybank’s Group Procurement Manual, any form of child labour is prohibited within Maybank’s value chain. The Maybank Group People Policies define Maybank’s commitment to providing a work environment free from any form of harassment and unlawful discrimination, and where every employee, customer, client and contractor is treated with dignity and respect. Minimum wages are strictly observed in all country operations and there is no gender disparity in pay. The protection of human rights is also ensured through Maybank’s ESG (Environmental, Social, and Corporate Governance) Policy, which is aligned with global best practices. Maybank makes sure that all transactions are reviewed against applicable requirements and that its clients understand its ESG commitments, which include human rights.

Which GRI Standards and corresponding Sustainable Development Goals (SDGs) have been addressed?

The GRI Standard addressed in this case is: Disclosure 205-2 Communication and training about anti-corruption policies and procedures

Disclosure 205-2 Communication and training about anti-corruption policies and procedures corresponds to:


80% of the world’s 250 largest companies report in accordance with the GRI Standards

SustainCase was primarily created to demonstrate, through case studies, the importance of dealing with a company’s most important impacts in a structured way, with use of the GRI Standards. To show how today’s best-run companies are achieving economic, social and environmental success – and how you can too.

Research by well-recognised institutions is clearly proving that responsible companies can look to the future with optimism.

FBRH GRI Standards Certified, IEMA & CIM recognised Sustainability Course | Venue: London LSE

By registering for the next 2-day FBRH GRI Standards Certified, IEMA & CIM recognised course you will be taking the first step in gaining the many benefits of sustainability reporting.

Most importantly, you will gain the knowledge to use the GRI Standards, project manage your own first-class sustainability report and:

  • Identify your most important impacts on the Environment, Economy and Society
  • Begin taking solid, focused, all-round sustainability action ASAP



1) This case study is based on published information by Maybank, located at the link below. For the sake of readability, we did not use brackets or ellipses. However, we made sure that the extra or missing words did not change the report’s meaning. If you would like to quote these written sources from the original, please revert to the original on the Global Reporting Initiative’s Sustainability Disclosure Database at the link:


Note to Maybank: With each case study we send out an email requesting a comment on this case study. If you have not received such an email please contact us.