Accountability

Board Subcommittee Reports

Integrated Risk Management Committee

Committee composition during 2022

The composition of the committee during the year 2022 was as follows:

  • Mr R M Priyantha Rathnayake
    Chairman/Non-Executive
    Ex officio Director
  • Mr G Harsha Wijayawardhana
    Member/Independent
    Non-Executive Director
  • Major General (Rtd) G A Chandrasiri vsv
    Member/Independent Non-Executive Director –
    From 19 October 2022 to date
  • Mr Jayampathy Molligoda
    Member/Independent Non-Executive Director – From 04 March 2021 till
    31 January 2022

(Mr G Harsha Wijayawardhana ceased to be a Director on the Board of Bank of Ceylon w.e.f 13 January 2023.

Mr Ronald Perera, Chairman, Bank of Ceylon was appointed as a member of
this Committee w.e.f. 31 January 2023.)

Secretary to the Committee

The Secretary, Bank of Ceylon/ Secretary to the Board who is an Attorney-at-Law and a Deputy General Manager, functions as the Secretary to the Committee.

Regular participants

  • General Manager
  • Chief Financial Officer
  • Deputy General Manager
    (Compliance)

Attend upon invitation

  • Any other members of the Board/ Corporate Management/any other Staff Member

Meetings held in 2022: 08

(Attendance given in the section on Corporate Governance of this Report)

Quorum: Two members

Role of Committee

Integrated Risk Management Committee Charter

The Terms of Reference (TOR) of the Integrated Risk Management Committee are governed by the Committee Charter, approved and adopted by the Board.

The Committee also ensures that the scope and coverage of its functions addresses the requirements of the Banking Act Direction No. 11 of 2007 on “Corporate Governance for Licensed Commercial Banks in Sri Lanka” and its subsequent amendments issued by the Central Bank of Sri Lanka.

Principal Focus

To assist the Board in fulfilling its oversight responsibilities for all aspects of risk management. In this connection the Committee focuses on and reviews credit, market, liquidity, operational, Information Security and strategic risks through appropriate risk indicators and management information.

Medium of Reporting

The proceedings of the Integrated Risk Management Committee meetings are tabled and ratified at the Board meetings and Board approval obtained thereof.

Areas of Focus and Activities in 2022

Liquidity

  • Utmost priority was given to managing the liquidity position of the Bank, lengthy deliberations were done on liquidity position reports. Unconventional strategies, special teams and tasks were recommended to ensure that the Bank remain steady in a challenging economic scenario.
  • Amidst the dearth in the FCY liquidity in the Bank a rule based system was established to cater to the customers requesting Letters of Credit, a special committee viz. Outflow Management Committee was set up comprising the Chief Risk Officer to govern this task.
  • Special emphasis was given to the requests of the SOEs to complete the tasks with national interest. Continuous following up was done through the committee to assess the appropriateness and viability of accommodating the business with them while safeguarding the stability of the Bank.

Asset Quality

Year under review called for special attention on deteriorating credit quality levels given the challenging economic position faced by the country. Deliberations on asset quality were multifaceted. A comprehensive plan to curtail increasing non-performing advances were formulated while monitoring the credit quality through the credit quality units with strict monitoring and regular reporting. Special emphasis on revival of under performing segments and customers were focused with a view to arresting deterioration of credit quality.

Compliance

Assessed the compliance risk issues emphasised in the branch network as well as the divisions and suggested suitable strategies to mitigate the same. Compliance risks of subsidiaries were monitored through frequent reports and suitable strategies were validated to be implemented.

Committee continuously monitored the progress of the implementation of the goAML, which is the regulatory reporting platform required by the regulator.

Recommended the adoption of a comprehensive risk matrix to assess the AML/CFT risk of exchange companies and banks with correspondent relationships.

Comprehensive risk reviews of subsidiaries were done to ascertain its risk profile and necessary recommendations were made to ensure that they remain as per the risk mandate of the Bank.

Internal Capital Adequacy Assessment Process (ICAAP) and Recovery Plan

Reviewed and recommended the ICAAP of the Bank of Ceylon group with a view to maintaining adequate capital levels to accommodate Pillar II risks and withstand any unforeseen but plausible events which were highlighted in the stress testing process of the Bank.

Recommended the first submission of the recovery plan of the Bank prepared according to the regulator’s directions with full range of credible recovery options. Subsequent follow ups on alert and trigger events were discussed in detail with remedial actions taken by the management.

ESMS initiatives Adopted the Bank’s Environmental & Social Management System Policy and comprehensive set of guidelines issued to the business units on Environmental & Social risk management process.

Information security/IT Risk – In line with providing a seamless banking experience to the customers disruptions to services on digital platforms were taken as high priority. Risks emanating from information security and IT were deliberated with controls available to mitigate them.

Risk limits – Continuously monitored the exceptions to the Committee approved Risk Appetite of the Bank through risk reports submitted by the Risk Division. The exceptions to the limit management framework established at the Bank were strictly monitored with course of action proposed by the management to validate the suitability of them.

Policies and management level committees – All Policies related to Risk, including foreign branch policies were recommended to the Board with relevant changes either business or regulatory for the approval of the Board. Reviewed and revised the Terms of Reference of all Management Committees dealing with specific risks or some aspects of risk. Effectiveness of all management Committees of the Bank were evaluated against its respective objective to ensure that they remain and carry out its tasks according to the mandate of each committee.

Performance Evaluation

Carried out the performance evaluations of the Chief Risk Officer and Deputy General Manager (Compliance).

Members collectively evaluated the Committee performance.

Conclusion

The Committee has a direct and obvious link to good corporate governance. Risk management policies are framed so as to reduce the chances of threats to the going concern by taking informed and calculated risks rather than taking risks for the sake of taking risks.

The Committee is cognisant of the fact that it needs to be vigilant and attuned to its risk combat strategy with the advancement of technology, increased vulnerability with macroeconomic shocks and volatility and industrywide frauds and cyber-crimes beginning to pose greater threats.

Increasing awareness among staff over the need for managing risks, ensuring compliance and training staff are important components of this approach. The Committee is of the view that the Bank is on the right path towards meeting the challenges of risk management and compliance whilst safeguarding the interests of Bank’s stakeholders.

On behalf of the
Integrated Risk Management Committee

R M Priyantha Rathnayake
Chairman,
Integrated Risk Management Committee

24 February 2023hy3