Bank Directors’ Handbook

OF

Corporate Governance

Central Bank of Jordan

 Bank Directors’ Handbook of Corporate
Governance

Table of Contents

Foreword ........................................................................................................ 3
Introduction and Background ......................................................................... 5
1. What is corporate governance?........................................................ 5
2. Why is Corporate Governance important for a bank? ..................... 8
3. What Are Best Practices? ................................................................ 9
4. How Board of Directors Interacts with Management .................... 10
Director Standards, Values and Effectiveness.............................................. 13
1. Standards ....................................................................................... 13
2. Duties of Loyalty and Care............................................................ 16
3. Independence................................................................................. 17
4. Be Informed................................................................................... 18
5. Code of Conduct and Code of Ethics ............................................ 18
Management Selection and Oversight .......................................................... 20
1. Management Selection .................................................................. 20
2. Management Oversight ................................................................. 20
3. External Communications ............................................................. 21
Planning and Policies ................................................................................... 22
1. Planning......................................................................................... 22
2. Policies .......................................................................................... 23
Internal Control and Audit............................................................................ 25
1. Internal Control ............................................................................. 25
2. Audit.............................................................................................. 26
Annex 1: Risk Management ......................................................................... 29

2
 Foreword

Banking supervision cannot function as well if sound

corporate governance is not in place and, consequently,
banking supervisors have a strong interest in ensuring that
there is effective corporate governance at every banking
organization.

Enhancing Corporate Governance for Banking Organizations , Bank

for International
Dear Directors, Settlements (BIS), 1999.

Dear Directors,

The Central Bank’s vision is to have an efficient and

competitive banking system in Jordan that meets international
standards of best practices in risk management and corporate
governance, complies with applicable laws and regulations and
satisfies the credit needs of the domestic economy thereby
supporting the economic development of the Kingdom.

You have an integral role in our success: A safe and sound

banking system requires responsible and knowledgeable bank
management with good corporate governance and risk
management systems that support sound and prudent lending
and other bank policies. This Bank Directors Handbook of
Corporate Governance has been developed with the objective
of enhancing the corporate governance and risk management of
banks in the Kingdom.

The Handbook has five main sections, each of which addresses

a broad area of corporate governance and bank director
responsibilities or duties:

1. Introduction and Background defines corporate

governance, discusses why it is important for a bank’s safe
and sound operation and outlines best practices.

3
2. Director Standards, Values and Efficiency outlines
qualities of bank directors and how boards can effectively
and efficiency fulfill their responsibilities to shareholders,
depositors and other stakeholders.

3. Management Selection and Oversight describes one of the

board’s most important functions and how it interacts with
operating management.

4. Planning and Policies describes the board’s responsibilities

to approve and monitor implementation of plans and
policies.

5. Internal Control and Audit discusses how the internal

control system, internal audit and independent external audit
interact and complement bank supervision.

This Handbook does not substitute prevailing Banking Law or

Regulations issued by the Central Bank of Jordan. It is meant to
provide only guidance; bank directors are encouraged to review
their responsibilities and conduct on an ongoing basis and seek
counsel as necessary.

Sincerely,

Governor
Dr. Umayya Toukan

4
 Introduction and Background
1. What is Corporate Governance?

Corporate Governance involves “a set of relationships

between a company’s management, its board, its
shareholders, and other stakeholders. Corporate
governance also provides the structure through which
the objectives of the company are set, and the means of
attaining those objectives and monitoring performance
are determined. Good corporate governance should
provide proper incentives for the board and management
to pursue objectives that are in the interests of the
company and shareholders and should facilitate effective
monitoring, thereby encouraging firms to use resources
more efficiently.”

OECD Principles of Corporate Governance, June 21,1999.

Corporate governance establishes how the various

participants—shareholders and other stakeholders;
management; the board of directors—interact in determining the
direction and performance of corporations. Good governance
holds management accountable to boards and boards
accountable to the owners and other stakeholders. In the case of
banks, significant stakeholders include depositors and the
banking supervisor such as the Central Bank of Jordan.
Internal corporate governance factors relate to the effectiveness
of the interaction among a bank’s management, board,
shareholders and other stakeholders. Good corporate
governance is not an end in itself, but instead facilitates a
bank’s capacity to define and achieve its purposes. The board
must agree on the bank’s values (what it stands for), and the
strategy to achieve its purpose. It must account to shareholders
and be responsible for relations with its other stakeholders.

5
External governance factors also play a role in supporting good
corporate governance. The external environment includes the
laws and regulations that enforce the rights of shareholders and
other stakeholders, such as creditors. A good external
environment also includes appropriate oversight by government
or other regulatory bodies like CBJ and the Amman Stock
Exchange. The capital market infrastructure—depth and
breadth—supports the ability of shareholders to hold
management accountable; if a corporation is under-performing,
investors may significantly discount the value its shares, and in
severe cases the corporation may be taken over and reorganized
to produce acceptable returns for its owners. Accounting
standards prescribe the presentation of financial information—
in terms of timeliness and accuracy—that investors use to hold
management and the board accountable. The presence of
“reputational agents” or third parties who follow the bank’s
performance help mitigate the “information asymmetry” that
results from the fact that not all parties have access to the same
information at the same time. These include self-regulatory
organizations (“SROs”) such as stock exchanges and accounting
standards boards; independent investment or security analysts;
an autonomous business press; rating agencies; credit-reporting
agencies; and professional and trade associations.

The fact is that good corporate governance requires both a good

internal environment and a good external environment, and the
existence of one does not ensure the existence of the other. In
both the external and internal environments, the guiding
principles of good corporate governance are the following
factors:

Fairness: Minority shareholders and other stakeholders

are treated fairly and their interests are taken into
account.

Transparency: Disclosure of information—financial,

organizational, governance, related transactions, and
executive compensation — needs to be adequate and
timely for stakeholders to assess the performance of the
organization. It is through the performance evaluation

6
 process that shareholders and depositors decide whether
management and the board are performing to their
expectations and share the same philosophy and values.

Accountability: Management is accountable and must

answer to the board of directors for achieving plans and
implementing approved policies that ensure the
safeguarding of assets and the financial viability of the
bank. In turn, the board of directors is accountable to the
shareholders and other stakeholders.

Responsibility: Clear lines of responsibility need to exist

in terms of delegations of authority and which actions or
decisions require board approval or shareholder
approval. Responsibility must be attributed in order to
have accountability for results.

Boards are responsible for oversight of management;

management is responsible for the day-to-day operations of the
organization. Too much involvement in management can
undermine a board’s responsibility and management’s
accountability. Good governance underpins investor confidence,
usually leading to higher shareholder returns through dividends
and capital appreciation.

7
2. Why is Corporate Governance Important for a Bank?

Banks are a critical component of any economy... The

importance of banks to national economies is underscored
by the fact that banking is virtually universally a regulated
industry and that banks have access to government safety
nets. It is of crucial importance therefore that banks have
strong corporate governance.

Enhancing Corporate Governance for Banking Organizations, Bank

for International Settlements (BIS), 1999.

Governance is especially important for banks because they are

funded primarily by “other peoples’ money” and have potential
systemic effects that are amplified given the increasingly
competitive and volatile environment in which they operate.

Your responsibilities as a bank director are critically important

to our supervisory function; the more effective you are in
governing your bank, the more effective we are in supervising
the safety and soundness of your bank and the banking system
as a whole in Jordan.
Banks are in the business of managing risk; if your bank does
not take any risk it cannot make any returns. Losses result from
not managing that risk or not getting adequately paid for the
risks you take. A good risk management system allows you to
make the risk-reward tradeoffs within a given risk tolerance
level appropriate to your bank’s condition and strategy. But
good risk management depends on the presence of good
governance; otherwise risk management efforts can be
ineffective.

Corporate governance is critical to risk management of your

bank to minimize losses due to inadequate internal controls or
excessive risk taking. A good governance system includes
independent oversight and checks and balances that ensure that
bank policies are complied with and risk limits are adhered to.
Given the leverage associated with a bank’s financial

8
intermediation, a critical concern of bank governance is the
protection of depositors, which is closely aligned with the
Central Bank’s mission.
Governance essentially combines laws and regulation with close
supervision in an effort to ensure compliance and conformance
with a bank’s mission and safety and soundness standards.
Additionally, governance provides the link between the
ownership and other stakeholder interests and the institution to
enhance performance.

3. What Are Best Practices?

Good corporate governance is a powerful force to build

business excellence. It elevates board competence and
guides teamwork. The greatest gain is for shareholders.

Harvard Business Review on Corporate Governance, 2000.

In an effort to improve the internal control of banks in Jordan

and the effectiveness of the boards of directors, the Central
Bank referred all banks to guidelines issued by the Bank for
International Settlements (BIS) in 1999 promoting the adoption
of sound corporate governance practices by banking
organizations.1 The broad guidelines of best practices are
summarized below:

1. Establishing strategic objectives and a set of corporate

values that are communicated throughout the banking
organization.

2. Setting and enforcing clear lines of responsibility and

accountability throughout the organization.

1
See Circular 10/14125 dated August 30, 2000, referring to Enhancing
Corporate Governance in Banking Organizations, as found on the Bank for
International Settlements web site: www.bis.org.

9
 3. Ensuring that board members are qualified for their
positions and have a clear understanding of their role in
corporate governance and are not subject to undue influence
from management or outside concerns.

4. Ensuring that there is appropriate oversight by senior

management.

5. Effectively utilizing the work conducted by internal and

external auditors, in recognition of the important control
function they provide.

6. Ensuring that the compensation approaches are consistent

with the bank’s ethical values, objectives, strategy and
control environment.

7. Conducting corporate governance in a transparent manner.

While these are generally-accepted global “best practices” for

governance, each bank should adopt what is appropriate to the
scope and complexity of its operations, its traditions, policies,
priorities and capabilities. Each of these principles is addressed
in the sections that follow.

4. How Board of Directors Interacts with Management

Banking
Boards are responsible for oversight of management;
Law management is responsible for the day-to-day operations of the
Article 26 organization. The director’s role can be viewed as either
external which is related to representation of stakeholders and
establishing strategy, or internal which is related to establishing
Banking management policies. Alternatively, the director’s role is one of
Law monitoring compliance or affecting performance. The following
Article 21
diagram illustrates how the board roles intersect with
management’s roles in carrying out their respective
responsibilities:

10
 Compliance Roles Performance
Roles

Provide Strategy
accountability formulation
External Role

Approve and work with and

through the GM/CEO

Internal Role Monitoring and Policy making

supervising

Source: R.I. Tricker: International Corporate Governance (1994)

Clear lines of responsibility and accountability means that

responsibilities and functions are delineated, including through
formal delegations of authority, and through oversight of
performance where key risk factors are monitored and strategies
and policies are rigorously reviewed, management performance
criteria and business plans are matched with compensation, and
separation of duties and other proper controls are in place.

In order to preserve clear lines of responsibility and

accountability, it is best practice to separate the role of
Chairman of the Board and the role of General Manager (GM)
or Chief Executive Officer (CEO). The Chairman should be a
non-executive Board member, and not have any day-to-day
operating responsibilities.

Banking Board responsibilities (what boards should do) are usually

Law determined by a board pursuant to broadly defined powers
Article 21 established by an individual bank’s bylaws. The Banking Law
vests in the board of directors of banks “the responsibilities of
Companies formulating and monitoring the general policies of the bank. It
Law shall enjoy the authorities provided for in the Law of
Articles
152-154 Companies in effect. It shall particularly assume the following
duties and responsibilities”:

11
a. Defining objectives and drawing plans to be carried out by
the executive management of the bank. (See Planning and
Policies)

b. Selecting an executive management capable of managing

the activities of the bank competently and effectively. (See
Management Selection and Oversight)

c. Adopting a written credit and investment policy, that

defines criteria and terms for granting credit facilities and
principles of investment. (See Planning and Policies)

d. Monitoring the implementation of the policies of the bank

and verifying the accuracy of measures taken to achieve
such policies. (See Management Selection and Oversight)

e. Ensuring that no member of the board of directors or an

officer in its senior management would gain any personal
benefit at the expense of the bank’s interests. (See
Director Standards and Values)

f. Adopting measures to ensure the accuracy of all

information provided to the Central Bank pursuant to its
law and in accordance with the provisions of this law. (See
Internal Control and Audit)

g. Adopting sufficient measures to ensure compliance with

the provisions of the law and any other legislation related
to the bank’s operations and activities. (See Internal
Control and Audit)

h. Issuing internal regulations and instructions to specify the

functions and authorities of its various organs in order to
achieve administrative and financial control over its
operations. (See Internal Control and Audit)

12
 Director Standards, Values and Effectiveness
1. Standards

Ensuring that board members are qualified for their

positions, have a clear understanding of their role in
corporate governance and are not subject to undue
influence from management or outside concerns.
Sound Governance Practices, Enhancing Corporate Governance in
Banking Organizations, BIS.

Director Qualifications: The board of directors is ultimately

Banking responsible for the safe and sound operations of a bank,
Law although the day-to-day operating responsibilities are delegated
Article 22
to management. On an effective board, every director counts;
each must be “fit and proper” to serve the interests of the bank
and other stakeholders.
In addition to age, character and financial soundness
C.L. requirements for directors pursuant to Banking and Companies
Articles Laws, “fit and proper” standards may include any or all of the
(133,147-
148) following characteristics:

Competence as demonstrated by a minimum of five years of

experience.

Competence as demonstrated by level of education or

training.

Ability to exercise independent and informed judgment.

Financial literacy, including knowledge of financial

statements and an understanding of financial ratios in
measuring performance.

Possession of a particular skill set or experience that adds

value to the board’s deliberations, such as, accounting or
finance; banking; or other industry knowledge.

13

Commitment to learn the bank’s business, meet the stock
ownership requirements; offer to resign if there is a
substantive change in professional responsibilities; and
devote the necessary time and effort.

Business Judgment (Record of good business decisions).

Management (Understanding of current management “best

practices” and their application in rapidly evolving business
environments).

Crisis Management (Ability, and time, to deal with short

and/or long-term crises).

Industry Knowledge (Appropriate and relevant banking or

financial industry knowledge).

International Markets (Boards that operate in international

markets should have director(s) with experience in those
markets).

Leadership (Ability to empower and motivate a high-

performance management team).

Strategy and Vision (Ability to provide strategic direction,

conceptualize emerging trends and challenge innovation).

Composition: In addition to the attributes of individual

C. L. directors, the composition of the board as a whole is important.
Article The number should be small enough so that the directors have
(132)
individual accountability, but large enough to have a diversified
board. Although the Companies Law permits a few as three
directors, best practice boards usually have 9-11 members.
Committee Structure: Most boards delegate some of their
duties and responsibilities to committees composed of a smaller
number of directors. Committees can usually improve the
effectiveness of a board by concentrating the particular skills of
certain directors on particular oversight responsibility areas like
Audit, Compensation, and Nominating or Risk Management
committees. Committees meet separately to provide more in-

14
depth analysis to an issue, and then report their findings to the
board at large.

Committee Charters: Good governance practice dictates that

board committees have a clearly-defined charge from the entire
board as to the responsibilities which the board has delegated to
the committee. This is best accomplished through committee
charters, supported by a board resolution approving the charter.
A good charter briefly states the reason the board created the
committee (typically in “Whereas” clauses), the authority
pursuant to which the committee is created (typically, a
reference to the enabling board resolution or resolutions), and a
detailed recitation of the committee’s responsibilities, including
the scope of the board’s delegation.
Minutes: Corporate minutes serve as the permanent, official
record of the business transacted and actions taken at meetings
of the board and its committees. This record constitutes the
history of the collective action taken by the board, and is
therefore an important record not only for the bank and its
shareholders, but also for bank supervisors. Minutes are the
legal evidence of the action taken by the board or the
committee, and as such serve to confirm the participant’s
common perceptions and consensus of the events that took
place at the meeting as unambiguously as possible.
For these reasons, it is important that the minutes accurately and
carefully reflect the items presented and the actions taken at a
meeting with sufficient specificity to be clear “on their face.”
In general, the minutes should cover the items listed on the
meeting agenda, plus any other substantive matters that were
discussed. The minutes should record any vote taken at the
meeting, and document any dissenting or abstaining votes.
Documents considered at the meeting should be attached or
clearly referenced.

15
2. Duties of Loyalty and Care

One cornerstone of good corporate governance is the

recognition that a director holds a position of trust in relation to
the bank the director serves and thus should meet a standard of
conduct above that associated with ordinary commercial
dealings. Although different countries handle duties in different
ways, it is generally accepted that directors have obligations of
candor, loyalty and care to the bank:

Candor: means that the director’s communications with the

bank must be truthful and that a director, like other insiders,
must affirmatively reveal all information of importance before
entering into a transaction with the bank.
Loyalty: means that when a conflict of interest may exist for a
director, the parties must attempt to ensure that any transaction
is entirely fair to the bank. In practice, this means that a
director’s dealing with the bank should be on the same terms
and conditions that would apply in a fully arm’s-length
transaction with a party with no connection to the bank.

To avoid a breach of duty of loyalty, a director should:

Perform his or her role in good faith with the best interests
of the bank in mind.

Avoid conflict of interest or using position or bank
information for personal gain.

Advise the board of all potential conflicts and do not vote
on any related decisions.
Care: means that the director must exercise prudent business
judgment in fulfillment of the director’s duties. The director
should marshal the necessary information to be satisfied that a
decision is in the bank’s best interests. One shorthand way of
measuring care is to ask whether the director has performed the
level of due diligence that a person would take in dealing with
that person’s own property.

16
 To avoid a breach of duty of care, a director should:

Understand the business of the bank and the markets it
serves.

Attend board meetings and be well-prepared by reviewing
materials relating to issues that will be decided.

Perform director roles with “reasonable care,” look for
“warning signs” and follow up on issues of concern with
management.

Obtain objective advice when necessary to supplement
management information.

Comply with all laws, the bank’s articles of association and
shareholder resolutions.

3. Independence
The board must establish effective leadership independent of
management. There should be a limited number of “executive
directors” who are also part of senior management to minimize
the mixing of oversight with management, and to encourage
Banking management accountability. To provide effective oversight of
Law
Article 32
management, directors from management should be limited to
one or two for the board to provide an effective a check on
improper or imprudent management actions. Additionally, only
non-executive directors should serve on key committees such as
Audit and Compensation so as to avoid placing management
directors in a conflict of interest situation.

Other relationships that may compromise a director’s

independence can include interlocking directorships, any
existing significant consulting relationship; an existing
substantial commercial relationship between any business
interests, direct or indirect, of the director and the bank; or any
Banking new relationships that develop through board membership.
Law Whereas an executive director is by definition not
Article 31
“independent,” a non-executive director may not be an
“independent” director if these relationships exist. There should
be a minimum of two independent directors on a bank’s board.

17
 To ensure board independence, best practice boards:

Require that directors disclose on a regular basis all existing

business relationships of themselves or spouse or relative up
to the third degree or other financial interest between them
or their employer and the bank

Evaluate the extent to which, if any, a director’s other

activities compromise his or her independence.

4. Be Informed
It is incumbent on bank directors to be informed about their
bank’s operating environment, the risks it faces and the
C. L.
Article regulatory framework that governs its activities. This requires
(164) an understanding of the manner in which the profit/loss
statement is created as a result of the bank’s operations,
appreciating the risk/reward trade-offs of the banking business.
Although the director is not expected to be an expert, he or she
is expected to be aware of the laws and regulations that the bank
must comply with and ensure that an effective compliance
process exists. Directors should prepare for and attend board
and committee meetings regularly, reviewing carefully all
materials, reports and findings from management, auditors and
regulators to make informed decisions. This requires a
significant time commitment that should not be underestimated.

The director should stay abreast of emerging issues in the

financial services industry and other developments. This can be
accomplished, in part, by participating in management
presentations on the bank’s activities and other briefings from
internal and external auditors and counsel.

5. Code of Conduct and Code of Ethics

Values and ethics are at the core of board processes; it is critical

that the proper business ethics be established at the top and
communicated throughout the bank. Most banks accomplish
“setting the right tone at the top” with a strong Code of Conduct
or Code of Ethics.

18
At a minimum, values should include the following:

1. Discipline: Management’s commitment to correct

behavior and to the underlying principles of good
governance

2. Transparency: Ease with which outsider can make

meaningful analysis of corporate actions and
fundamentals using accurate and timely information
from management.

3. Independence: Extent to which internal processes and

decision-making are not influenced by potential conflicts
of interest

4. Accountability: Extent to which decision-makers are

accountable for actions, facilitating both transparency
and responsibility, and providing for assessment of
management

5. Responsibility: Management behavior that follows

internal mechanisms to allow for corrective actions and
recourse for mismanagement.

6. Fairness: Balanced system and decision-making to

consider all stakeholders, in particular minority
shareholders.

It is worth mentioning that the Bankers’ Association in

Jordan has issued in August, 2002 the Code of Conduct for
Jordanian Banks.

19
 Management Selection and Oversight
The board’s primary role is monitoring management
performance and compliance with the ethical and risk tone set
by the board. Key functions are hiring and retaining of the
General Manager (GM) or Chief Executive Officer (CEO) and
performance evaluation of the GM/CEO based on a written,
comprehensive position description.

1. Management Selection

The appropriate board committee should oversee the selection

process of the general manager and other senior management as
specified by the Banking Law or guidelines promulgated by the
Central Bank. Minimum requirements for the GM/CEO include:

Be of good conduct and character.

Shall not be a member of the board of directors of another

Banking bank unless it is a subsidiary of the appointing bank.
Law
Article 25
Must apply himself exclusively to the management of the
bank.

Must have the skills and financial experience required for

the business of the bank.

CBJ may oppose any of the appointments noted above;

however, the burden should be on the board to propose
competent candidates.

2. Management Oversight
The board’s management oversight role encompasses tracking
key operating performance indicators, evaluating the bank
relative to a peer group or the industry at large and assessing the
current and expected risks faced by the bank to ensure an
adequate risk management framework is in place. At a
minimum, the following information should be regularly
reviewed:

20

Operating statements, balance sheets and statements of cash
flow that compare current period and year to date results to
plan and the previous year.

Level and trend of aggregate interest rate risk, including key

assumptions, measurements relative to limits and capital
adequacy.

Distribution of loans in the portfolio; volume and severity

of problem assets; statistical information on portfolio
composition, concentrations of credit; delinquency
statistics, non-accrual information; and adequacy of the
allowance for loan losses.

Performance results relative to “mission” and current

targets.

Risk reports (liquidity, capital, and market) and compliance

with risk limits.

Management comments about the foregoing that explain the

reasons for variances from plan and provide a revised
forecast.

Share of market information; performance relative to peer

group.

Minutes of management committee meetings.

Key media articles on the bank and the competitive

environment.

Financial analysts’ report, if any.

Customer and employee attitude surveys.

3. External Communications

In addition to the internal management reporting, the board is

responsible for ensuring that external stakeholders receive
timely and accurate information. This allows management and

21
the board to be monitored and held accountable for the
stewardship of the bank’s assets.

The external communication includes reporting requirements

for the Central Bank and regular financial reports to
shareholders. Transparency standards mandate public disclosure
in the following areas:

Board structure (size, membership, qualifications, and

committees).

Senior management structure (responsibilities, reporting

lines, qualifications and experience).

Basic organizational structure (line of business structure,

legal entity structure).

Information about the incentive structure of the bank

(remuneration policies, executive and director
compensation).

Nature and extent of transactions with affiliates and related

parties.

Identification of key risk areas and risk management

policies.

Planning and Policies

1. Planning

A critical role for the board is helping the bank shape the
overall corporate strategy, including understanding the industry
fundamentals, major value drivers and critical success factors.
This includes regularly participating in the strategic plan and
the annual business plans and budgets.

22
Common elements include:

Ensuring that a planning process exists and that action plans

are in place and are monitored for results.

Validating the corporate mission, goals and objectives.

Understanding the strengths, weaknesses, opportunities and

challenges of the bank.

Ensuring that systems are developed to measure whether the

bank is achieving its mission, objectives and goals.

Ensuring that a management team and corporate structure,

including adequate capital and other resources, are in place
to enable the bank to achieve its stated mission, goals and
objectives.

Approving policies that support the bank’s stated mission,

goals and objectives.

2. Policies

Bank directors are responsible for the risk management of a

bank. This involves balancing safety and soundness issues with
an acceptable level of shareholder return. Policies and
guidelines for tolerance levels of credit, market, liquidity and
operational risks should be established and monitored. (See
Annex 1 for more detailed description of risk management).

All significant bank activities should be covered by clearly

communicated and understood written policies. Policies should
be reviewed regularly to ensure that they conform to any
changes in laws or regulations, the economic environment and
your bank’s circumstances. The policies should also provide for
any exceptions to the policy, how they are handled and how
they must be documented.

23
Typical written policies that should be established include the
following:

Credit Policy
 Loan classification system.
 Loan approval process.
 Loan review procedures.
 Provisioning policy.

Investment Policy
 Objectives of securities portfolio.
 Eligible securities.
 Maturity guidelines.

ALM/Funds Management Policy
 Capital Management.
 Funding and Liquidity Policy.
 Investment Policy.
 Interest Rate Risk Policy.
 Hedging Policy.

Treasury and Trading Policy

 Definition of Treasury’s Risks.
 Treasury Activities.
 Responsibilities and Authorities.
 Approval and Adherence to Limits.

Conflict of Interests Policy/Code of Ethics

Other activities that should be covered by written policies

include the profit planning and budget process, capital planning,
internal controls and internal audit program.

24
 Internal Control and Audit
1. Internal Control

A system of effective internal controls is a critical

component of bank management and a foundation for
the safe and sound operation of banking organizations.

Framework for Internal Control Systems in Banking Organizations,

BIS, 1998.

Circular The board has responsibility to ensure that an effective internal

10/4794 control environment is maintained by management of the bank.
dated The objectives of internal control are:
3/27/02

Effectiveness and efficiency of operations.

Reliability of financial reporting.

Compliance with laws and regulations.

An internal control system involves the following principles:

Management oversight and a control culture (Clear

organizational structure and lines of responsibility).

Risk Recognition and assessment (Well documented risk

policy(ies) and independent risk management function).

Control activities and segregation of duties (Dual controls

and “four eyes” policy separating the line “risk taker”
from the independent “risk controller”).

Information and communication (Timely and reliable

information for decision-making and control, including a
disaster recovery plan)

Monitoring activities and correcting deficiencies

(Independent risk monitoring and internal audit functions)

25
The internal control system should be approved by the board
and be audited on a regular basis by internal and external audits
for compliance and for assessing the adequacy of the controls.

2. Audit

Adequate internal controls within banking organizations

must be supplemented by an effective internal audit
function that independently evaluates control systems
within the organization. The external auditor can provide
feedback on the effectiveness of this process.

Internal Auditing in banks and the supervisor’s relationship with

auditors, BIS, 2001.

Internal audit is a valuable source of information; it helps bank

management identify and manage business risks by providing
an independent appraisal of the following:

The effectiveness, efficiency and economy of operations.

Compliance with laws, policies, and operating

instructions.

Reliability of information produced by accounting and

computer systems.

Effectiveness of the risk management system and

adequacy of capital levels given the risks.

The internal auditor must be independent and report to the

Audit Committee of the board, who is responsible for setting
the auditor’s salary and reviewing his or her performance. The
internal auditor and the Audit Committee are responsible for
follow-up by management of problems identifies in the external
auditor’s report, and any changes in their status should be
reported to the CBJ.

26
 External audits provide another level of independent appraisal
of the reliability of financial information produced by
accounting and computer systems, particularly as it relates to
expressing an opinion whether the bank’s financial statements
fairly reflect its financial conditions and to state the results of
the bank’s operations for a given year. Generally Accepted
Auditing Standards or International Standards of Accounting
require a review of internal control systems.

Best practice banks encourage consultation and coordination

between the internal and external auditors to make the two
functions as efficient and effective as possible. Their efforts
should be coordinated to avoid duplication, with each having
access to the other’s records.

The Audit Committee of the board oversees the internal and

external audit functions of a bank. As such, it is the board’s
“eyes and ears” in monitoring compliance with board policies
and applicable laws and regulations. The duties of the Audit
Committee include the following:

Monitoring the extent of comprehensiveness of the external
Banking
Law audit of the bank’s operations, and ensuring coordination
Article 32 between the external auditors in case they are more than one

Reviewing the observations in the reports of the CBJ and

the reports of the external auditor and following up
measures taken in their reports.

Studying the annual plan of the internal audit and

reviewing the notes in the inspection reports and the
internal audit reports and following up measures taken in
their respect.

Reviewing the financial statements of the bank before

presenting them to the board of directors, particularly
verifying the orders of the Central Bank regarding
adequacy of doubtful debts’ provisions and securities
portfolios’ provisions, as well as giving opinion on the
non-performing debts of the bank and on those proposed
to the classified as bad debts.

27

Ascertaining the accuracy and soundness of the
accounting and control procedures and the extent of
compliance therewith.

Considering any matter referred to the committee by the

board of directors of the bank, or considered by the
committee as a necessary matter to discuss and give an
opinion on.

Ensuring full compliance with the laws, regulations and
orders governing the activities of the bank.

The members of the Audit Committee should include a

Banking minimum of a Chairman and two non-executive directors.
Law
Article 33 Because it evaluates bank operations, it is best practice for all
members of audit committee be non-executive directors, and
have a thorough knowledge of international accounting
principles and standards; be a CPA or public accountant or
otherwise have audit or financial reporting experience; and have
a thorough understanding of CBJ regulations and general
banking practices or banking experience. The Audit Committee
shall meet at least once every three months, usually when the
quarterly financial results are available for review.

28
 Annex 1: Risk Management

The following definitions of risk and risk management are used

in this Handbook:

“Risk”= earnings or capital volatility.

“Risk Management” = the deliberate acceptance of risk for

profit. It involves making informed decisions regarding the
trade off between risk and reward, and using various financial
and other tools to earn a satisfactory risk-adjusted return.

The basic framework for risk management at a bank is

illustrated below:
1. Identify Risks 2. Measure Risks 3. Manage Risks 4. Monitor Risks
Manage risks for a Regular, ongoing
What kinds of The quantity of targeted return by evaluation of quantity
risks? risks in terms of pricing, hedging, of risk portfolios and
Where do they volatility of transferring, insuring, quality of risk
Cexist in your earnings or capital reserving for, management
bank? limiting, etc. risk practices

Credit Risk is volatility in earnings or capital due to credit

exposures. Credit risk is identified by the asset classification
system and measured by expected loss and unexpected loss.
Sound credit policies include the following limits:

Limit on outstanding loans relative to assets, deposits, or
capital.

Geographical diversification.

Limit on credit concentrations as required by CBJ.

Diversification of types of loans and other credit

instruments.

Maturity distribution.

Loan pricing differentiation.

29
 Assessment of a credit risk management function includes the
following:

The level, distribution and severity of non-performing
loans.

The adequacy of loan loss provisions.

Management’s ability to administer and collect problem

loans.

Undue concentrations of credit.

The adequacy and effectiveness of, including compliance

with, credit policies.

The adequacy and effectiveness of a bank’s process for

identifying and monitoring risks associated with approved
credit exposures.
Market Risk is volatility in earnings and/or economic value of
Circular equity due to a change in market rates such as interest rates or
16/2003
dated
foreign exchange rates, and related price changes, and equity
9/6/03 and commodity prices. It includes trading positions where prices
are subject to changes in interest rates, spreads, supply and
demand and currency exchange rates.
Sound market risk policies include the following:

Limits on interest rate and duration gaps.

Limits on open FX positions by currency and in the net

position.

Dealer and trader limits.

Liquidity Risk is volatility in earnings and/or capital due to a

lack of liquidity or an inability to raise funds at a reasonable cost
or the need to sell assets at a loss. Asset and Liability
Management Policy and/or Funding Policy address liquidity risk
that arises due to structural imbalances in the bank’s assets and
liabilities.

30
Sound liquidity risk policies include the following:

Diversification of funding sources.

Minimum liquidity gaps.

Contingent funding plans.

Operational Risk is the volatility of earnings or capital due to

human error or fraud, competitive disadvantage, incomplete
information or operational disruption.

Assessment of operational risk management function can

include the following:-

The volume of transactions in relation to systems
development and capacity. This analysis should
incorporate the institution’s historical record, current
condition, and prospective systems.

The complexity of processing transactions and delivering

services in comparison to systems development and
capacity.

The volume of administrative and accounting control

exceptions.

The history of litigation related to operations.

The volume and adequacy of controls over outsourcing

arrangements.

Whether policies are approved by the board or by an

appropriately delegated committee, as necessary.

How policies are communicated to responsible staff.

The existence of timely, accurate, and informative

management information.

The level and skill of management and staff.

31