Back Custom print Link Text Only Rich Text Print

  • HC-1.2 HC-1.2 The Board of Directors — Its Functions and Responsibilities

    • Strategy

      • HC-1.2.1

        In most banks, shareholders, creditors, employees, depositors and investment account holders ("stakeholders") are unable to closely monitor management, its strategies and the bank's performance due to a lack of information and resources. A key responsibility of the Board is to fill the gap between uninformed stakeholders to whom it owes a duty of care, and the more fully informed executive management by monitoring management closely on behalf of stakeholders.

      • HC-1.2.2

        The Board is ultimately accountable and responsible for the affairs and performance of the bank. The Board must establish the objectives of the bank and develop the strategies that direct the ongoing activities of the bank to achieve these objectives. The strategies should be communicated throughout the bank, and be disclosed publicly (e.g. via the website or in the annual report in an abbreviated form as applicable). In its strategy document, the Board must demonstrate that it is able to proactively identify and understand the significant risks that the bank faces in achieving its business objectives through its business strategies and plans.

      • HC-1.2.3

        The precise functions reserved for the Board, and those delegated to management and committees will vary, dependent upon the business of the institution, its size and ownership structure. However, at a minimum, the Board must establish and maintain a statement of its responsibilities for:

        a) The adoption and annual review of strategy;
        b) The adoption and review of management structure and responsibilities;
        c) The adoption and review of the systems and controls framework; and
        d) Monitoring the implementation of strategy by management.

      • HC-1.2.4

        In its strategy review process, the Board should:

        a) Review the bank's business plans and the inherent level of risk in these plans;
        b) Assess the adequacy of capital to support the business risks of the bank;
        c) Set performance objectives;
        d) Review the performance of executive management; and
        e) Oversee major capital expenditures, divestitures and acquisitions.

      • HC-1.2.5

        The BMA expects the Board to have effective policies and processes in place for:

        a) Ensuring a formal and transparent Board nomination process;
        b) Appointing senior managers, and ensuring that they have the necessary integrity, technical and managerial competence, and experience;
        c) Overseeing succession planning and replacing key executives when necessary, and ensuring appropriate resources are available, and minimising reliance on key individuals;
        d) Reviewing the remuneration and incentive packages of the executive management and members of the Board of Directors and ensuring that such packages are consistent with the corporate values and strategy of the bank;
        e) Effectively monitoring and making formal (annual) evaluations of senior management's performance in implementing agreed strategy and business plans;
        f) Approving budgets and reviewing performance against those budgets and key performance indicators; and
        g) The management of the bank's compliance risk.

    • Risk Recognition and Assessment

      • HC-1.2.6

        The Board is responsible for ensuring that the systems and controls framework, including the Board structure and organisational structure of the bank is appropriate for the bank's business and associated risks (see HC-1.2.3 c)). The Board must ensure that collectively it has sufficient expertise to identify, understand and measure the significant risks to which the bank is exposed in its business activities.

        In assessing the systems and controls framework, the BMA expects the Board to demonstrate that the bank's operations, individually and collectively:

        a) Are measured, monitored and controlled by appropriate, effective and prudent risk management systems commensurate with the scope of the bank's activities. The Board should ensure that senior management have put in place appropriate systems of control for the business of the bank and the information needs of the Board; in particular, there should be appropriate systems and functions for identifying as well as for monitoring risk, the financial position of the bank, and compliance with applicable laws, regulations and best practice standards. The systems should produce information on a timely basis; and
        b) Are supported by an appropriate control environment. The compliance, risk management and financial reporting functions must be adequately resourced, independent of business lines and must be run by individuals not involved with the day-to-day running of the various business areas. The Board must additionally ensure that management develops, implements and oversees the effectiveness of comprehensive know your customer standards, as well as ongoing monitoring of accounts and transactions, in keeping with the requirements of relevant law, regulations and best practice (with particular regard to anti-money laundering measures). The control environment should maintain necessary client confidentiality and ensure that the privacy of the bank is not violated, and ensure that client's rights and assets are properly safeguarded.

      • HC-1.2.7

        In its review of the systems and controls framework, the Board should:

        a) Effectively make use of the work of internal and external auditors. The Board should ensure the integrity of the bank's accounting and financial reporting systems through regular independent review (by internal and external audit). Audit findings should be used as an independent check on the information received from management about the bank's operations and performance and the effectiveness of internal controls; and
        b) Identify any significant issues related to the bank's adopted governance framework, processes and practices and ensure that appropriate and timely action is taken to address identified adverse deviations from the requirements of this Module.

        The determinations under HC-1.2.6 and this paragraph might be made through the use of self-assessments, stress/scenario tests, and/or independent judgments made by external advisors. The Board may appoint supporting committees, and engage senior management to assist it in the oversight of risk management, but the Board may not delegate its ultimate responsibility to ensure that an adequate, effective, comprehensive and transparent corporate governance process is in place.

    • Corporate Ethics, Conflicts of Interest and Code of Conduct

      • HC-1.2.8

        Banks are subject to a wide variety of laws, regulations and codes of best practice that directly affect the conduct of business. Such laws involve the Bahraini Stock Exchange Law, the Labour Law, the Commercial Companies Law, occupational health and safety, even environment and pollution laws, as well as codes of conduct and regulations of the Agency. The Board sets the "tone at the top" of a bank, and has a responsibility to oversee compliance with these various requirements. The Board should ensure that the staff conduct their affairs with a high degree of integrity, taking note of applicable laws, codes and regulations.

      • HC-1.2.9

        The Board should establish corporate standards for itself, senior management, and employees. This requirement should be met by way of a documented and published code of conduct or similar document. These values should be communicated throughout the bank, so that the Board and senior management and staff understand the importance of conducting business based on good corporate governance values and understand their accountabilities to the various stakeholders of the licensee. Banks' Boards, senior management and staff must be informed of and be required to fulfil their fiduciary responsibilities to the bank's stakeholders.

      • HC-1.2.10

        An internal code of conduct is separate from the business strategy of a bank. A code of conduct should outline the practices that Directors, senior management and staff should follow in performing their duties. Banks may wish to use procedures and policies to complement their codes of conduct. The suggested contents of a code of conduct are covered below:

        a) Commitment by the Board and management to the code. The code of conduct should be linked to the objectives of the bank, and its responsibilities and undertakings to customers, shareholders, staff and the wider community (see HC-1.2.8 and HC-1.2.9). The code should give examples or expectations of honesty, integrity, leadership and professionalism;
        b) Commitment to the law and best practice standards. This commitment would include commitments to following accounting standards, industry best practice (such as ensuring that information to clients is clear, fair, and not misleading), transparency, and rules concerning potential conflicts of interest (see HC-1.2.11);
        c) Employment practices. This would include rules concerning health and safety of employees, training, policies on the acceptance and giving of business courtesies, prohibition on the offering and acceptance of bribes, and potential misuse of company assets;
        d) How the company deals with disputes and complaints from clients and monitors compliance with the code; and
        e) Confidentiality. Disclosure of client or bank information should be prohibited, except where disclosure is required by law (see HC-1.2.6 b).

      • HC-1.2.11

        The Board must establish and disseminate to its members and management, policies and procedures for the identification, reporting, disclosure, prevention, or strict limitation of potential conflicts of interest. It is senior management's responsibility to implement these policies. Rules concerning connected party transactions and potential conflicts of interest may be dealt with in the Code of Conduct (see HC-1.2.9). In particular, the Agency requires that any decisions to enter into transactions, under which Board members or any member of management would have conflicts of interest that are material, should be formally and unanimously approved by the full Board. Best practice would dictate that a Board member or member of senior management should:

        a) Not enter into competition with the bank;
        b) Not demand or accept substantial gifts from the bank for himself or his associates;
        c) Not misuse the banks' assets;
        d) Not use company privileged information or take advantage of business opportunities to which the company is entitled for himself or his associates;
        e) Report to the Board any (potential) conflict of interest in their activities with, and commitments to other organisations. In any case, all Board members and members of senior management must declare in writing all of their other interests in other enterprises or activities (whether as a shareholder of more than 5% of the voting capital of a company, a manager, or other form of significant participation) to the Board (or the Nominations or Audit Committees) on an annual basis; and
        f) Absent themselves from any discussions or decision-making that involves a subject where they are incapable of providing objective advice, or which involves a subject or (proposed) transaction where a conflict of interest exists.

      • HC-1.2.12

        The Agency expects that the Board and its members individually and collectively:

        a) Act with honesty, integrity and in good faith, with due diligence and care, with a view to the best interest of the bank and its shareholders and other stakeholders (see paragraphs HC-1.2.8 to HC-1.2.11);
        b) Act within the scope of their responsibilities (which should be clearly defined — see HC-1.3.7 and HC-1.3.8 below) and not participate in the day-to-day management of the bank;
        c) Have a proper understanding of, and competence to deal with the affairs and products of the bank and devote sufficient time to their responsibilities;
        d) To independently assess and question the policies, processes and procedures of the bank, with the intent to identify and initiate management action on issues requiring improvement. (i.e. to act as checks and balances on management).

      • HC-1.2.13

        All Directors whether non-executive or executive should exercise independence in their decision-making. To facilitate independence, the Board should agree procedures whereby the Board or its individual members (or committees) may take independent professional advice at the bank's expense.