Board Subcommittee Reports

Board Integrated Risk Management Committee Report

This year we evaluated the proposed material changes to the Bank’s risk appetite arising from planned, new or increased businesses.

Charter of the Committee

The BIRMC was established by the Board of Directors, in compliance with the Section 3 (6) of the Direction No. 11 of 2007, on “Corporate Governance for Licensed Commercial Banks in Sri Lanka”, issued by the Monetary Board of the CBSL under powers vested in the Monetary Board, in terms of the Banking Act No. 30 of 1988.The composition and the scope of work of the Committee are in compliance with the same as set out in the BIRMC Charter which was reviewed during December 2017 and clearly sets out the membership, source of authority, duties and responsibilities of the BIRMC as described in the “Managing Risk: An Overview” Section of this report.

BIRMC assists the Board of Directors in performing its oversight function in relation to myriad of risks faced by the Bank in its business operations and ensures adequacy and effectiveness of the risk management framework of the Bank. The Committee submits a risk assessment report within a week of each meeting to the Board of Directors. The duties of the BIRMC include determining the adequacy and effectiveness of such measures, and to ensure that the actual overall risk profile of the Bank conforms to the desirable risk profile of the Bank, as defined by the Board.

Activities in 2017

All key risks such as Credit, Operational, Market, Liquidity, Information Technology etc. are assessed by the Committee and tracked on a monthly basis through a set of risk indicators. The Committee works very closely with the Key Management Personnel and the Board in fulfilling its statutory, fiduciary and regulatory responsibilities for risk management.

In order to discharge the above duties and responsibilities, the Committee carried out the following activities:

• Reviewed and revised the Terms of Reference of all Management Committees dealing with specific risks or some aspects of risk, such as the Executive Integrated Risk Management Committee, the Executive Committee on Monitoring NPLs, the Credit Policy Committee, Information Security Council, IT Steering Committee, Business Continuity Planning Committee, the Asset and Liability Committee, etc.
• Monitored actions initiated by the Senior Management to test the effectiveness of the measures taken by the respective committees referred to above.
• Reviewed the annual work plans, related strategies, policies and frameworks of the above committees, to ensure that these committees have a good understanding of their mandates and adequate mechanisms to identify, measure, avoid, mitigate, transfer or manage the risks within the qualitative and quantitative parameters set by the BIRMC.
• Maintained a continuous dialogue with Management committees directly or indirectly dealing with specific risks, so that the BIRMC is immediately informed of any hindrance, obstacle, discouragement or constraint in the performance of their functions and/or the implementation of their decisions.
• Periodically reviewed and got involved in improving the ICAAP framework and ensured that ICAAP is subject to comprehensive internal audit oversight.
• Reviewed and improved the effectiveness of the risk-related policy framework of the Bank.
• Evaluated the proposed material changes to the Bank’s risk appetite arising from planned, new or increased businesses.
• Reviewed risk profiles of subsidiaries of the Bank.
• Reviewed key risk indicators in use for risk monitoring and results of stress tests to evaluate resilience and compliance with internal benchmarks.
• Reviewed the risk indicators designed to monitor the level of specific risks at any given time, with a view of determining the adequacy of such indicators to serve the intended risk management objectives and took proactive measures to control risk exposures.
• Reviewed the actual results computed monthly against each risk indicator and took prompt corrective action to mitigate the effects of specific risks, in case such risks exceeded the prudent thresholds defined by the Board of Directors.
• Approved the parameters and limits set by the Management against various categories of risk after ascertaining that they are in accordance with the relevant laws and regulations as well as the desired policy levels stipulated by the Board of Directors.
• Initiated appropriate actions against the failures of the officers responsible for risk management function through the Management to improve the overall effectiveness of risk management at the Bank.
• Monitored the effectiveness and the independence of the risk management function within the Bank and ensured the adequacy of resources deployed for this purpose.
• Reviewed the effectiveness of the compliance function, to assess the Bank’s compliance with laws, regulations, regulatory guidelines, internal controls, and approved policies in all areas of business operations.
• Reviewed Risk Control Self Assessment (RCSA) findings of the Bank on half yearly basis.
• Carried out the annual review of updated Business Continuity and Disaster Recovery plans and brought in required updates.

During the year 2017, the BIRMC supported execution of the overall business strategy within a set of prudent risk parameters that are reinforced by an effective risk management framework.

M P Jayawardena
Chairman – Board Integrated Risk Management Committee

Colombo
February 23, 2018