Central Bank of Liberia Risk-Based Supervision Policy Framework

1 CENTRAL BANK OF LIBERIA REGULATION & SUPERVISION DEPARTMENT GUIDELINE No. CBL/RSD/003/2012 RISK-BASED SUPERVISION POLICY FRAMEWORK

2 Table of Contents

1. INTRODUCTION……………………………………………………………………………3
2. UNDERSTANDING RISK-BASED SUPERVISION…………………………………….3
3. BENEFITS AND RATIONALE OF RISK-BASED SUPERVISION……………………4
4. RISK CATEGORIES……………………………………………………………………….5
5. GENERIC RISK MANAGEMENT FRAMEWORK………………………………………6
6. RISK-BASED SUPERVISION FRAMEWORK………………………………………….6
7. UNDERSTANDING THE INSTITUTION – STEP 1……………………………………. 7
8. ASSESSING THE INSTITUTION’S RISK – STEP 2………………………………….8
9. PLANNING / SCHEDULING SUPERVISORY WORK – STEP 3……………………. 15
10. DEFINING EXAMINATION ACTIVITIES – STEP 4…………………………………….19
11. PERFORMING ON-SITE EXAMINATION – STEP 5………………………………….. 21
12. FOLLOW-UP AND MONITORING– STEP 6………………………………………34 APPENDICES……………………………………………………………………………………. 38

3

1. INTRODUCTION 1.1. This policy framework sets out the Central Bank of Liberia’s risk-based approach to supervision of banking institutions and banking groups under its regulatory and supervisory jurisdiction. The policy framework is also applicable to such non-resident banking groups in respect of which the Central Bank of Liberia (hereafter “Central Bank” / “the Bank” / “CBL”) is the designated lead supervisor for consolidated supervision purposes. 1.2. The main objective of the Central Bank’s risk-based approach to supervision is to provide an effective and efficient process to assess the safety and soundness of institutions.
2. UNDERSTANDING RISK-BASED SUPERVISION 2.1. Risk-based supervision is a structured, forward-looking process designed to identify key risk factors to which individual financial institutions and the entire industry1 are exposed; assess the risk management policies and practices that are used to mitigate risk; and focus supervisory resources (including examination time) based on the risk characteristics of the institutions. 2.2. The process is said to be “structured” because it systematically considers all key functional activities (business lines or operational areas) of a banking institution and, within each key functional area, evaluates the level, quality of management, and direction of risk. 2.3. Risk-based supervision entails moving away from a rigid rules-based style of regulation to one more reliant on the supervisor’s discretion and professional judgment. It provides bank examiners with flexibility to focus on areas exhibiting material current and potential risks. Activities posing the highest risk receive most scrutiny. Supervisory attention thus remains properly focused on institutions

1 The principles of risk-based supervision are also applicable to the supervision of non-bank financial institutions such as insurance companies, pension and provident funds, etc.

4 exhibiting serious weaknesses or adverse trends. 2.4. A risk-based supervision system focuses on validating management’s ability to identify, measure, monitor and control risk. Risk-based supervision thus encourages banks to continuously improve management of risk and allocation of capital. The development of risk based supervision has also facilitated the use of sophisticated internal models as provided for in Basel II. 2.5. The condition of a banking institution is dynamic, and arguably fluid, if not fragile. As such, in a risk-focused supervision framework, on-site and off-site examination efforts are on a continuum. 2.6. On one end, supervisory concerns identified via the off-site analysis (early warning system) could trigger an on-site examination while on the other end, deficiencies identified during on-site examinations should be subject to off-site monitoring in-between on-site examinations. 3. BENEFITS AND RATIONALE OF RISK-BASED SUPERVISION 3.1. Risk-based supervision provides a number of benefits to supervisors as well as to the banking institutions, including the following: i. enhances banking institutions’ ability to identify, measure, monitor, and control risks as well as correct deficiencies; ii. encourages frequent, open communications between banking institutions and bank examiners; iii. enhances surveillance effort, in which the monitoring of new developments and strategic changes at a given institution are conducted throughout the examination cycle; iv. less examination time spent on banking institutions’ premises, as preliminary analysis is done off-site; v. greater emphasis on supervision of banking institutions and areas exhibiting highest risk or adverse trends; vi. improved quality of working papers necessary to support examiners’ analysis and conclusions; and vii. customized examination reports

5 3.2. Risk-based supervision results in improved communication between banking institutions and the Central Bank through conduct of prudential meetings. Prudential meetings are an integral part of risk-focused supervision, and may take place at various stages of the process. Such meetings enable examiners to gain a better understanding of the institution’s business strategy, the risks a bank faces, quality of risk management, and progress made in addressing deficiencies identified in previous examinations. 4. RISK CATEGORIES 4.1. The Central Bank assesses banking risks by their impact on the bank’s earnings, capital as well as set goals/objectives. Quantitative and qualitative factors are considered. Types of risks… 4.2. The Central Bank has identified and defined eight categories of risk for the purpose of risk-based supervision namely: a) Credit risk; b) Liquidity risk; c) Interest rate risk; d) Foreign exchange risk; e) Operational risk; f) Legal & compliance risk; g) Strategic risk; and h) Reputation risks. 4.3. It should be noted that these categories are not mutually exclusive, and any activity may expose a bank to multiple risks. 4.4. Definitions of the above risks are detailed in the Risk Management Guideline (BSD01/01/10).

6 5. GENERIC RISK MANAGEMENT FRAMEWORK 5.1. The Central Bank requires each banking institution to develop an appropriate risk management system, tailored to its needs and circumstances. 5.2. All sound risk management programs regardless of their design, have several common fundamentals. A typical risk management process should include risk identification, measurement, control; and monitoring. 5.3. The evaluation of the risk management systems should take into account a) adequacy of board and senior management oversight; b) effectiveness of risk management tools and techniques for identification, measurement and controlling of risks; c) banking institution’s policies, procedures, and limits; and d) internal control system and management information system (MIS). 5.4. Further details of the risk management process are documented in the Risk Management Guideline. 6. RISK-BASED SUPERVISION FRAMEWORK 6.1. The risk-based supervision methodology reflects a dynamic and continuous process. The risk-focused supervision methodology has six key steps, each with specific deliverables, as illustrated in the diagram below:

7 Risk-Based Supervision Conceptual Framework 6.2. An overview of each activity is provided in the subsequent sections. 7. UNDERSTANDING THE INSTITUTION – STEP 1 7.1. The first step in risk-based supervision is to develop an understanding of the institution’s unique characteristics or risk profile through the preparation of an institutional profile. The profile provides a concise portrait of an institution’s structure and activities, functional business lines, nature and level of risk. 7.2. This step is critical to tailoring the supervision program to meet the characteristics of the bank and adjusting the program on an ongoing basis as circumstances change. A Desk (Task) Officer for each bank should review certain information on an ongoing basis and prepare an institutional profile that will communicate his

8 understanding of that institution. 7.3. The information used to construct an institutional profile is gathered from various sources ranging from discussions with management, supervisory early warning systems, off-site or on-site examination reports, bank’s own MIS reports, management reports to board committees, internal and external audits, press releases, market intelligence and any source that may provide information that can have an impact on the risk profile of the institution. 7.4. The institutional profile provides a summary of the institution’s structure, present financial condition, and its current and prospective risk profiles, as well as highlighting key issues and past supervisory findings. It contains information pertaining to the ownership, capital and group structure (where applicable), branch network, staffing, corporate governance systems, the institution’s business profile and strategy, risks and challenges facing the institution, regulatory and any other ratings, and the condition and performance of the institution. 7.5. The institutional profile should be updated continuously to keep track of significant developments that occur in-between on-site examination cycles. Institutional profiles should reflect the current risk profile of an institution. At a minimum they should be updated quarterly. It is necessary for management to subject institutional profiles to random checks to ensure consistency in quality and completeness. 7.6. The format of an institutional profile is shown in Appendix 1.

ASSESSING THE INSTITUTION’S RISK – STEP 2 7.7. The second step in the risk-based supervision framework, assessing the institution’s risk, is designed to develop a comprehensive risk profile of the institution. The purpose of the risk assessment exercise is to identify the type, level, management and direction of all significant risks affecting a banking institution, or inherent in a banking institution’s activities.

9 7.8. The risk assessment process ensures that supervisory activities are always focused on the areas of greatest risk to the bank and the periodic (quarterly) risk assessment forms part of the institutional profile. The Examiner-In-Charge (EIC) updates this risk assessment as part of his/her pre-examination planning work. This risk assessment highlights both strengths and vulnerabilities of a bank and provides a foundation for determining the supervisory activities to be conducted. 7.9. Risk assessment focuses supervisory effort on those risks posing the most severe challenge to the safety and soundness of a bank. 7.10. The risk assessment process produces two documents, namely a Risk Matrix and a Risk Assessment Narrative. A Risk Matrix identifies, in a tabular format, the type, level, management, and direction of risks inherent in a bank. It is used to present in a concise manner various risk categories, the level of inherent risks for each, the adequacy of risk management over these risks and the direction of risks. A detailed risk matrix is shown in Appendix 9, as part of an examination report. 7.11. The Risk Assessment Narrative describes in a concise manner the type and level of inherent risks in the banking institution’s activities, the adequacy of risk management systems in place, and the direction of risk. 7.12. An example of a summarized Risk Matrix is tabulated below: Type of Inherent Risk Level of Inherent Risk Adequacy of Risk Management System Overall Composite Risk Direction of Overall Composite Risk Credit Low Weak Moderate Stable Liquidity High Acceptable High Increasing Interest Rate Moderate Strong Moderate Stable Foreign Exchange Low Acceptable Low Decreasing Operational High Strong Moderate Stable Legal & Compliance High Weak High Increasing Strategic Low Acceptable Moderate Increasing Reputation Low Acceptable Low Decreasing Overall Moderate Acceptable Moderate Stable

10 Phases in Risk Assessment … 7.13. The risk assessment exercise can be effectively accomplished via adoption of a four phase approach as illustrated by the diagram below: Phase One – Gathering Information 7.14. During phase one, sufficient information must be gathered to understand the institution’s business activities and risk management systems. One or more on-site visitations may be conducted to obtain additional information or to clarify information already received. Phase Two – Defining Functional Business Lines 7.15. In phase two the key business activities or functional areas of a banking institution, and the relative significance of the activities should be properly

11 identified. These activities present various combinations and concentrations of risks, depending on the nature and scope of the particular activity. Certain functional activities should be broken down to the extent possible according to the banking institution’s own internal classification and reporting arrangements. 7.16. Activities, and their significance, can also be identified by reviewing information generated by the institution. 7.17. In addition to financial factors, information on strategic plans, new and possible management changes need to be considered. Industry segmentation and the position the institution occupies within its markets should also be considered. Phase Three – Completing the Risk Matrix 7.18. Phase three, completing the risk matrix, consist of eight stages or dimensions as indicated hereunder. Stage 1 – Determine Quantity of Risk… 7.19. An assessment of the level of inherent risk in each functional area takes into account several factors including the frequency of occurrence, probability of occurrence and/or severity of impact. 7.20. Various impact and probability factors are aggregated to give the level of inherent risk posed to the safety and soundness of the banking institution. 7.21. No regard to the adequacy and quality of risk management systems in place is made when assessing level of inherent risk. In all cases an assessment of the degree of potential loss in relation to earnings and capital must be considered. 7.22. The level or quantity of inherent risk per functional area may be assessed as “high”, “moderate” or “low”. Qualitative and quantitative factors should be considered. Stage 2 – Assess Adequacy of Risk Management 7.23. The second stage is the assessment of quality and adequacy of risk management

12 for significant functional areas or activities which is determined by considering the following key elements: a) active board and senior management oversight; b) adequate policies, procedures and limits for managing business activities; c) adequate risk management, monitoring and management reporting systems; and d) comprehensive internal controls including an effective internal audit function. 7.24. The quality and adequacy of risk management systems should be characterized as “strong”, “acceptable” or “weak” depending on the availability, completeness, suitability, and compliance with/of the risk management systems implemented in the banking institution. Stage 3 – Determine Functional Composite Risk 7.25. The third stage is an assessment of the functional composite risk profile for each significant activity. The overall composite risk profile per each inherent risk is determined by balancing the observed quantity of aggregate inherent risk rating with the perceived strength of the related aggregate risk management systems rating for each inherent risk. 7.26. Functional composite risk is a summary judgment about the level of supervisory concern about a bank and is characterized as “low”, “moderate” or “high”. Risk mitigants may be taken into account. Stage 4 – Determine Aggregate Inherent Risk 7.27. Aggregate inherent risk assessments provide overall risk ratings across the entire bank per given category of inherent risk. Each category of inherent risk may be rated as low, moderate or high. In assessing aggregate inherent risk, all functional areas that constitute the bank are not necessarily given equal weighting as relative importance or significance of proportion is taken into account. 7.28. The risk rating scale is discussed in Appendix 2 while further guidance on the assessment of each of the inherent risks may be gleaned from Appendix 3 – Risk

13 Evaluation Factors. Stage 5 – Aggregate Risk Management Systems 7.29. Stage 5 calls for an assessment of the adequacy of risk management systems per sub-component thereof, and on an aggregate basis for each inherent risk across the institution. Aggregate risk management systems may be rated as strong, acceptable or weak. Stage 6 – Assess Overall Composite Risk 7.30. The sixth stage involves assessment of the Overall Composite Risk profile per each inherent risk. This is accomplished by balancing the Aggregate Inherent Risk rating with the Aggregate Risk Management Systems rating for each inherent risk. 7.31. The Overall Composite Risk may be characterized as “high”, “moderate “or “low”. 7.32. The table below provides guidance regarding the determination of the overall composite risk by balancing the observed quantity of aggregate inherent risk with the perceived strength of the related risk management systems. Overall Composite Risk Aggregate Risk Management Systems Aggregate Inherent Risk Low Moderate High Overall Composite Risk Weak Low or Moderate Moderate or High High Acceptable Low Moderate High Strong Low Low or Moderate Moderate or High Stage 7 – Determine Direction of Overall Composite Risk 7.33. This involves determining the direction of overall composite risk by each type of

14 inherent risk across the institution. Direction of overall composite risk is the probable change in the bank’s overall risk profile for each of the overall composite ratings over the next 12 months and is characterized as decreasing, stable, or increasing. 7.34. Definitions of risk directions are discussed in Appendix 2. Stage 8 – Determine Institution’s Overall Composite Risk 7.35. The final stage is the determination of the entire institution’s overall inherent risk, overall risk management systems, overall composite risk, and direction of overall composite risk. 7.36. A bank’s overall inherent risk takes into account aggregate inherent risks across all risk categories. Overall risk management systems consider all the aggregate risk management systems across the institution. 7.37. A bank’s overall composite risk rating is determined by balancing the overall inherent risk and overall risk management systems. Direction of overall composite risk will be assigned to complete the process. Phase Four – Preparation of the Risk Assessment Narrative 7.38. The Risk Assessment Narrative shows the overall level of risk by inherent risk category and direction. It also analyses the business activities within each of the inherent risk categories and evaluates qualitatively the effectiveness of risk management systems. 7.39. The Risk Assessment Narrative provides the background to how the overall risk profile for the banking institution has been derived. The format and content of the Risk Assessment Narrative should be flexible and tailored to the characteristics of the individual banking institution. In general the risk assessment should incorporate the following: a) an overall risk assessment of the banking institutions; b) state the types of inherent risks, their level and direction; c) identify all major functions, business lines and products from which

15 significant risks emanate; d) description of a banking institution’s risk management system; and e) consider the relationship between the likelihood of an adverse event and its potential impact on a banking institution. 7.40. The narrative will also contain a comment on the consolidated risk management system and the internal and external audit function. 7.41. The format for the risk assessment narrative is shown in Appendix 4. 8. PLANNING / SCHEDULING SUPERVISORY WORK – STEP 3 Supervisory Strategy 8.1. Supervisory strategies are comprised of objectives, activities, and work plans. An identification of the ongoing bank supervisory activities and the targeted examinations recommended for each year. 8.2. This information is often consolidated by each RAS element included on CBL quarterly risk assessment and then modified to address the bank’s specific risk profile, including areas of potential or actual risk, emerging risks, and regulatory mandated examination areas. 8.3. An indication of the complexity, workdays, and expertise of staff needed to perform the bank supervisory activities recommended for the year. 8.4. A preliminary budget projection of the work to be completed. 8.5. An internal and external communications strategy for the year. This communications strategy details the types of information examiners will exchange with boards of directors, bank management and staff, and other regulators and describes how this information will be exchanged (i.e., meetings, reports). The communications strategy will also describe what information about the bank will be produced and shared internally with management and staff. 8.6. An overview of the profiles of the significant lines of business (optional). The strategies are prepared by the EIC of each institution and approved by the Assistant Director. These strategies are updated throughout the year based on changing risks to

16 national banks and the banking system, conflicting resource demands, system conversions, and changes in supervisory priorities. Updates to supervisory strategies are documented in the appropriate CBL supervisory information system. Supervisory Plan 8.7. Following the risk assessment of a banking institution, the bank examiner should schedule supervisory work through the development of a Supervisory Plan2 . 8.8. A supervisory plan provides a bridge between the supervisory concerns identified through the risk assessment process and the supervisory activities to be conducted. 8.9. To be effective, planning requires an initial statement of objectives and identification of related strategies for them to be achieved. Supervisory plans should incorporate a schedule of off-site and on-site activities to be undertaken for the given planning horizon, which is generally 18 months. 8.10. A good plan should demonstrate that the supervisory concerns identified in the risk matrix and risk assessment narrative as well as the deficiencies noted in the previous examination are being, or will be addressed. 8.11. The supervisory plan should be current and relevant to a banking institution’s size, complexity and changing risk profile. Generally, a supervisory plan may be developed yearly and reviewed at least half yearly to reflect new risk trends. 8.12. The plan should itemize examination activities per different areas / activities of a bank to be evaluated, including scope of the review (minimum, standard or expanded), the objectives (e.g. review of specific business lines, products, support functions, legal entities); and other supervisory concerns regarding those areas. It should be institution specific based on an analysis of factors such as the bank’s current condition, results of operations, and the economic environment.

2 There are two types of supervisory plans: a sector-wide plan and institution specific plans. The industry-wide supervisory plan prioritizes examination resources according to both the relative risk profiles of all banking institutions on the market and their systemic importance. Institution specific plans are the subject of this section.

17 8.13. The different supervisory techniques that may be applied include: (i) Off-site surveillance: this involves off-site monitoring of the institution on the performance and condition together with progress on implementation of various directives and/or recommendations from the supervisor; (ii) Full scope on-site examination: a full scope on-site examination is one that is sufficient in scope to assess an institution’s CAMELS components and the risk management systems and make a conclusion about its safety and soundness. Full scope on-site examinations should be conducted at least every 18 months; (iii) Limited scope examination: this is an on-site examination which does not cover all the CAMELS components but rather focuses on a specific product, area, or risk e.g. consumer loans, treasury or operational risk; (iv) Ad hoc examination: prompt on-site examinations usually limited scope designed to test a specific area of supervisory concern e.g. compliance with laws and regulations, liquidity, capital adequacy etc.; (v) Liaison with home/host supervisors: correspondence or visit to the home/host supervisors to obtain further information or to discuss supervisory issues or action that might be taken by the appropriate supervisor. This also include other local supervisory bodies; (vi) Prudential meetings: meetings with institution’s management to discuss its financial performance, risk profile, strategies, the market in which it operates, and/or any other issues of supervisory concern. These meetings should be conducted at least once during the supervisory period. 8.14. Prudential meetings should be held with bank management, internal and external auditors, board chairpersons, chairpersons of selected board committees, risk managers, heads of compliance and heads of key functional areas such as treasury. 8.15. As a general guide, the minimum benchmarks for the conduct of prudential meetings and on-site examinations are as follows:

18 On-site / Off-site Composite CAMELS Rating Frequency of Prudential Meetings Frequency of On-Site Examinations Strong “1” Half-yearly Within 24 months Satisfactory “2” Half-yearly Within 18 months Fair “3” Quarterly Within 12 months Weak “4” Quarterly Within 6 months Critical “5” Quarterly Within 6 months 8.16. For institutions assigned overall CAMELS ratings of “1” or “2”, the frequency of scheduled prudential meetings and/or examinations may remain low provided the following criteria are met: (a) Management team and board of directors have not significantly changed since the last examination. (b) The institution has not experienced a significant change in ownership or a change in control since the last examination. (c) No significant changes in the risk profile – there are no adverse conditions that might materially affect the condition of the banking institutions from on-site and/or off-site examinations. (d) Not a new banking institution – this excludes banking institution with less than three years operating experience. (e) No significant new business lines since the last examination. Regulation & Supervision Department (RSD) Pre-examination Time Line… 8.17. The pre-examination planning effort may be accomplished using both on- and off-site data. As a general guide, the Central Bank, via RSD arranges for bank management to complete and submit the Pre-Examination Questionnaire (PEQ) approximately 30 – 45 days in advance of the examination. Details of the pre-examination time line are summarized in the table below for easy reference.

19 Pre-examination Time Line DATE REQUIRED ACTIVITY Day 1 Dispatch PEQ Day 15 Receive completed PEQ from subject bank Days 16 to 19 Review completed PEQ submitted by bank Day 20 Submit pre-examination plan & preliminary assessment to Principal Bank Examiner (PBE) & Quality Assurance (QA) Day 22 Submit tentative plan, preliminary risk assessment and scope memorandum to the Director Day 23 Dispatch letter requesting prudential meeting to bank management Day 25 Conduct pre-examination prudential meetings with bank management Days 26 to 29 Conduct on-site review of sensitive information Day 30 Commission on-site examination of the bank. 8.18. Exceptions to this general policy may include problem institutions or instances where an institution’s condition is deteriorating rapidly. 8.19. Generally, examinations should be scheduled according to the approved supervisory strategy. 8.20. A Supervisory Plan will have to be prepared for each institution and an overall plan for the banking Supervision Department. An institution with a low risk profile will normally be subject to a less intensive supervisory plan. Nevertheless, a minimum level of supervision is required across all institutions to keep abreast of changes in the business. At a minimum, all institutions should be subject to off-site surveillance and planned meetings. 8.21. Appendix 5 provides an illustration of the Supervisory Plan. 9. DEFINING EXAMINATION ACTIVITIES – STEP 4 9.1. Details of the on-site examination activities are defined in the Examination Scope Memorandum (ESM). The purpose of the ESM is to communicate the reasons for

20 the examination; specific objectives and activities to be evaluated; the scope of the particular examination; the examination procedures to be used; and delineate staffing needs and timeframes for given activities, in accordance with a banking institution’s size, complexity, and risk profile. 9.2. The ESM provides a detailed roadmap to the examination team regarding objectives of the examination, procedures to be followed, and the resource requirements. It identifies the key objectives and scope of the on-site examination and should be tailored to the characteristics of each banking institution. 9.3. In determining the scope of examination, the following matrix for the various functional areas will assist: Determining Scope of the Examination Inherent Risk Strong Risk Controls Acceptable Risk Controls Weak Risk Controls High Moderate to High Aggregate risk. Standard Core Assessment at minimum Moderate to High Aggregate Risk Standard Core Assessment at minimum High Aggregate Risk Expanded Scope Core Assessment Moderate Moderate Aggregate Risk Standard Core Assessment Moderate to High Aggregate Risk Standard Core Assessment at minimum Moderate to High Aggregate risk Standard Core Assessment at minimum Low Low Aggregate Risk Minimum Scope Core Assessment Low Aggregate Risk Minimum Scope Core Assessment Low to Moderate Aggregate Risk Minimum Scope Core Assessment and broad testing on target areas 9.4. The preliminary scope may also be adjusted, expanded, contracted or otherwise refined once the on-site examination begins, as a result of additional information obtained from discussions with management, review of policies and procedures, internal control reports, files and ledgers. The focus of the on-site examination activities, identified in the ESM should be oriented to a top-down approach that includes a review of the institution’s risk management systems and an appropriate level of transaction testing.

21 9.5. Examiners also utilize information submitted via the PEQ in planning examination procedures and resources and make any necessary changes in the preliminary scope. Contents of an Examination Scope Memorandum 9.6. The scope memorandum must be in writing and should address the following: a) reasons and objectives of the examination; b) summary of condition and risk profile of the institution using CAMELS and the RAS rating systems; c) summary of pre-examination meetings outside the bank and any liaison with other divisions; d) proposed preliminary scope and focus of the examination, i.e. summary of issues to be investigated or areas to be targeted, and the reasons; e) areas not included in the scope of the examination, and the reasons; f) summary of examination procedures to be used/ followed; g) assessment of examination resource needs (i.e. team, work assignments and time budgets); and h) attachments. 9.7. Appendix 7 provides an illustrative examination scope memorandum. 10. PERFORMING ON-SITE EXAMINATION – STEP 5 Examination Entrance Meetings… 10.1. At the beginning of each examination, an Examination Entrance Meeting should be held. The purpose of the meeting is to formally commission the examination, indicate scope and focus of the examination, highlight previous examination concerns; explain how examiners will conduct the examination; provide details on the roles of participating examiners; and respond to any questions from the bank.

22 Examination Procedures … 10.2. Examination procedures should reflect the risk profile of each banking institution. The examination team should perform procedures tailored to fit the Risk Assessment and the Scope Memorandum. Further guidance is in the RBS Examination Manual (RSD/01/03/12). 10.3. The focus should be on assessing management’s ability to identify, measure, monitor, and control or mitigate risks. Procedures should be completed to the degree necessary to determine whether the institution’s management understands and adequately manages the levels and types of risks that are assumed. 10.4. The volume of transaction testing should correspond to the examiner’s initial risk management assessment as shown in the preliminary Risk Matrix. Likewise, the level of transaction testing for compliance with laws and regulations should take into account the effectiveness of management systems to monitor, evaluate, and ensure compliance with applicable laws and regulations. Further, examiners are expected to evaluate other areas that would enable them to assign CAMELS rating at the conclusion of the examination. In practice these would relate to qualitative factors (RAS) that are not captured in the quantitative analysis of CAMELS components. 10.5. The EIC should undertake examination procedures most suited to the institution’s risk profile as summarized in the preliminary risk matrix. Flexibility in examination procedures is important so as to take care of varying risk profiles. For instance, under Liberia’s RBS Framework, the examination procedures comprise: a) minimum-scope core assessment; b) standard core assessment; and c) expanded procedures. 10.6. The minimum-scope core assessment procedures are used in low-risk areas while standard assessment procedures are used in areas identified as moderate risk. A combination of standard core assessment and expanded procedures (as needed) are used in high-risk rated areas.

23 10.7. Minimum Scope Core Assessment Procedures, which is the foundation for review in low overall composite risk areas, determines whether any significant changes have occurred in business activities, the risk profile, management, or the condition of a low risk area from the prior risk assessment. 10.8. These procedures will be used in low-risk areas to assign the appropriate CAMELS and risk ratings. If no significant changes in the institution’s risk profile are identified after completion of the minimum procedures, no further work will be done. However, if the assessment identifies supervisory concerns, the EIC has the flexibility to expand the scope of the examination by completing other procedures from the Standard Core Assessment and/or Expanded Procedures. 10.9. The minimum-scope core assessment procedures are considered critical to evaluating the functional area under review. A series of procedures are presented under each decision factor that may be considered by examiners in reaching a conclusion on a particular factor. These procedures assist examiners in documenting their conclusions. 10.10. Standard Core Assessment Procedures provide a set of procedures that examiners can use when deficiencies or weaknesses are noted during the review of the core decision factors. These procedures are used for areas not identified as low-risk. Examiners have to complete a number of other procedures consistent with the institution’s complexity and level of supervisory concern. While other procedures in the standard core assessment contain detailed procedures or clarifying steps, examiners typically will not need to carry out every procedure. 10.11. Expanded Procedures will be applied when specific areas or risks warrant a detailed review. If significant issues or areas of increasing risk are identified during the completion of the core assessment, the EIC may also expand the examination to review areas of concern with more depth. Expanded procedures may include detailed transaction testing or thorough assessment of the risk management process. 10.12. Expanded procedures require the examiner to assess the financial impact of identified deficiencies on the institution and possible supervisory actions.

24 10.13. The table below shows the relationship between the risk rating and the examination procedures applicable: Low Risk Rating Moderate Risk Rating High Risk Rating Minimum scope core assessment Standard core assessment Standard core assessment with more detailed review (Expanded) WORKING PAPERS 10.14. Working papers should be prepared for every area reviewed during the examination in order to document examination procedures and support conclusions. They must provide sufficient documentation for a reviewer to understand what was done, why it was done, and how conclusions were reached. Objectives, findings, risks associated with deficiencies, conclusion and recommendations should be clearly outlined in working papers. 10.15. The working papers for each area should contain only essential information that supports conclusions, violations of law or regulations, or any applicable corrective actions. Working papers are the property of CBL and should not be released to external parties without prior authorization. 10.16. The templates for various working papers used by bank examiners during on-site examinations are provided in the RBS Examination Manual (RSD/01/03/12). BANK RATING SYSTEMS 10.17. The Central Bank uses the CAMELS3 uniform bank rating system and the Risk Assessment System (RAS) to determine the financial and general condition of a banking institution on an individual basis (Solo Supervision). 10.18. A bank’s CAMELS Composite Rating integrates ratings assigned to the six key individual components of the system, namely: Capital adequacy, Asset quality, Management capability, Earnings quantity and quality, Liquidity adequacy, and

3 CAMELS is an acronym for Capital Adequacy, Asset Quality, Management, Earnings, Liquidity, and Sensitivity to Market Risk.

25 Sensitivity to market risk. 10.19. Composite and component ratings range from “1” where the bank poses the least supervisory concern and “5” indicating the most critically deficient level of performance and inadequate risk management practices which poses the greatest supervisory concern. 10.20. Detailed definitions of CAMELS composite ratings are discussed in Appendix 7. Relationship between RAS & CAMELS… 10.21. RAS and CAMELS are distinct yet closely related bank evaluation methods. Both provide information about a bank’s overall soundness, financial and operational weaknesses or adverse trends, problems, and risk management practices. 10.22. The major distinction is that RAS is prospective in nature whereas the CAMELS rating system primarily provides a point-in-time assessment of an institution’s current performance and condition. RAS reflects an examiner’s judgment about current and future quantity of risk, quality of risk management, and direction of risk in each bank. RAS may influence the CAMELS component rating. MANAGING AN EXAMINATION 10.23. Managing an examination is as important as planning it. The level and sophistication of management methods and procedures varies depending on the activities to be performed and the size and nature of the banking institution. 10.24. The EIC has a responsibility to ensure that supervisory objectives are met and activities are completed timely. To accomplish these goals, the EIC must continually monitor the progress of the examination and supervise, coordinate, and evaluate the work flow. 10.25. Key elements the EIC should consider during the course of the examination are discussed in the RBS Examination Manual.

26 Correction 10.26. One of the key objectives in managing an examination is to effect a correction process of identified deficiencies. Examiners seek bank management’s commitment to correct significant deficiencies and verify that the bank’s corrective actions have been successful and timely. 10.27. In correction, examiners • Solicit commitments from management to correct each significant deficiency. • Review bank-prepared action plans to resolve each significant deficiency, including the appropriateness of the time frames for correction. • Verify that the bank is executing the action plans. • Evaluate whetherthe actions the bank has taken (or plans to take) adequately address the deficiencies. • Resolve open supervisory issues through informal or formal actions. 10.28. Examiners should ensure that bank management’s efforts to correct deficiencies address root causes rather than symptoms. To do so, examiners may require management to develop new systems or improve the design and implementation of existing systems or processes. 10.29. The bank’s plans for corrective actions should be formally communicated through action plans. Action plans detail steps or methods management has determined will correct the root causes of deficiencies. Bank management is responsible for developing and executing action plans. Directors are expected to hold management accountable for executing action plans. 10.30. Action plans should • Specify actions to correct deficiencies. • Address the underlying root causes of significant deficiencies. • Set realistic time frames for completion.

27 • Establish benchmarks to measure progress toward completion. • Identify the bank personnel who will be responsible for correction. • Detail how the board and management will monitor actions and ensure effective execution of the plan. 10.31. The CBL’s supervision of deficient areas focuses on verifying execution of the action plan and validating its success. When determining whether to take further action, examiners consider the responsiveness of the bank in recognizing the problem and formulating an effective solution. When the bank is unresponsive or unable to effect resolution, the CBLmay take more formal steps to ensure correction. POST EXAMINATION TIME LINE 10.32. RSD employs the following time line to ensure effective and prompt scheduling of its post on-site examination activities: DATE ACTIVITY REQUIRED Day 1 End of on-site Examination Day 3 Submission of provisional report to the Assistant Director Day 5 Onward submission of the provisional report to Quality Assurance Committee for review and approval by senior management in Regulation & Supervision Department. Day 8 Exit meetings to be held with the institution Day 10 Submission of the report to the Deputy Governor or Executive Governor for consideration and approval One day after approval by the Governor After the Executive Governor’s approval, submit draft report to the board of directors of the institution 14 days after release of final report Receipt of Acknowledge Form signed by directors of the institution after release of final report 60 days after release of final report Receipt of responses to recommendations arising from the report depending on the condition of the institution, follow-up after release of the final report Exit Meeting… 10.33. After the conclusion of every on-site examination, the examination team shall hold

28 an exit meeting with management to discuss examination findings, conclusions, and recommendations based upon the CAMELS and Risk Assessment of the institution; discuss potential courses of action to address deficiencies. 10.34. The meeting will discuss the areas of greatest risk to the bank, preliminary ratings, and plans for future supervisory activities. The EIC should encourage bankers to respond to CBL concerns, provide clarification, ask about future supervisory plans, and raise any other questions or concerns. At the exit meeting, the examiners will ask for management’s commitment to correct weaknesses noted during the supervisory activity and will, when appropriate, offer examples of acceptable solutions to identified problems. 10.35. Before the exit meeting, the EIC should discuss significant findings, including preliminary ratings, with the CBL supervisory management. This discussion helps ensure that CBLpolicy is consistently applied and that CBL management supports the conclusions and any corrective action. The EIC and the supervisory office should also decide who will attend the exit meeting on behalf of the CBL, and inquire about the attendance of senior bank managers and others. 10.36. Examiners must ensure that any significant decisions discussed during the exit meeting are effectively conveyed in the meeting with the board and in written correspondence. Examiners should discuss all issues with management before discussing them with the board, unless, in the supervisory office’s view, the subject is best approached confidentially with the board. Written Communication 10.37. Written communication of supervisory activities and findings is essential to effective supervision. Examiners should periodically provide written communication to the board highlighting significant issues that arise during the supervisory process. This communication should focus the board’s attention on CBL’s major conclusions, including any significant problems. This written record, along with other related correspondence, helps establish and support the CBL’s supervisory strategy.

29 10.38. Written communication must: • Be consistent with the tone, findings, and conclusions orally communicated to the bank. • Convey the condition of the bank or, if appropriate, the condition of an operational unit of the bank. • Be addressed to the appropriate audience based on how the bank or company is structured and managed. • Discuss any concerns the CBLhas about bank risks, deficiencies in risk management, or significant violations. • Summarize the actions and commitments that the CBLwill require of the bank to correct deficiencies and violations. • Be concise to ensure that the issues are clear. 10.39. In addition to written communication throughout a supervisory cycle, the CBL will provide each bank’s board of directors a report of examination (ROE) at least once during every supervisory cycle. The ROE conveys the overall condition and risk profile of the bank, and summarizes examination activities and findings during the supervisory cycle. Meeting with the board of directors 10.40. The CBL maintains communication with boards of directors throughout the supervisory cycle to discuss CBL examination results and other matters of mutual interest, including current industry issues, emerging industry risks, and legislative issues. The EIC will meet with the board of directors or an authorized committee that includes outside directors after the board or committee has reviewed the report of examination findings. If necessary, the CBL will use board meetings to discuss how the board should respond to supervisory concerns and issues. 10.41. The CBL will conduct a board meeting at least once during every supervisory cycle for the bank. More frequent meetings should be conducted when justified by the

30 bank’s condition or special supervisory needs. 10.42. The EIC conducting the meeting should be prepared to discuss methods of corrective action, as well as to discuss all findings, conclusions, and concerns. The EIC should encourage board members to ask questions or make comments. Senior management of the appropriate CBL supervisory office should attend and participate in board meetings. If the examination was conducted jointly with another regulator, the supervisory office should invite a representative from that agency to participate in the board meeting. REPORTING 10.43. The final step is to communicate the findings and recommendations to the examined bank and to undertake subsequent follow-ups on any enforcement action or agreed action plans. The report of the examination should clearly and concisely communicate to the bank’s board of directors and management any supervisory issues, non-compliance with laws and regulations, problems, or concerns related to the institution and should disclose both the CAMELS rating and the risk assessment. 10.44. The report should also include appropriate comments regarding deficiencies noted in the institution’s risk management systems. Bearing in mind that on-site examinations could either be full scope or limited scope, the output could also be a normal full scope report or a special targeted report of examination. The results of a limited scope examination or prudential meeting can be communicated through a special report or a mere supervisory letter allowing for supervisory freedom. As was under the traditional approach, under RBS the examination report must be confidential between the institution and the supervisory authority and therefore not to be published. 10.45. The examination team will follow a three-tier reporting system to discuss all major issues that will be included in the final Examination Report. Examination findings will initially be presented to the functional head; secondly to senior management

31 in an Exit Meeting; and the bank’s board of directors. Examination Report… 10.46. An examination report is the Central Bank’s primary vehicle for communicating examination findings in writing to the bank’s management and board of directors. The report should define the objectives and focus of the examination, state conclusions, and identify any significant problems, corrective action, and timeframes for corrective action. 10.47. The objectives of a report of examination are: a. to inform the board and management of the examiners’ assessment of the banking institution’s condition, risks, and adequacy of risk management systems; b. recommend to the banking institution’s management on the corrective measures which need to be taken and timeframes for corrective action; and c. serve as a permanent record of evaluation of the overall condition of a banking institution to be used for future reference. 10.48. Supervisory ratings should be disclosed and they should reflect the adequacy of the risk management systems/structures in light of the quantity and types of risks identified. The Examination Report should contain both qualitative and quantitative factors. 10.49. Excerpts of the imaginary Monrovia Banking Corporation’s Examination Report in Appendix 9 provide practical guidance. 10.50. The examination report comprises three mutually reinforcing sections, namely: Executive Summary, Core Assessment, and the Supplementary Sections. 10.51. The Executive Summary section provides the Institutional Overview; Objectives and Scope of Examination; Overall Condition; Matters Requiring Attention; CAMELS ratings and results of the Risk Assessment.

32 10.52. The Core Assessment section consists of a detailed Risk Management Review (using RAS) and a CAMELS assessment. The section starts with the Risk Management Review in order to underscore the primacy of risk management. 10.53. Further details on the examination report are indicated in the RBS Examination Manual. QUALITY ASSURANCE 10.54. The Central Bank has a Quality Assurance process that is designed to ensure consistent, high quality banking supervision, and conformity to international best practice. 10.55. The quality assurance programs incorporate both ongoing quality control processes, which ensure that work products are in compliance with established procedures and policies, and an after-the-fact review of material to assess the effectiveness of policies and procedures. The latter process should not amount to a re-examination of the bank. 10.56. The Quality Assurance process ensures that the supervisory process is administered in a fair and equitable manner. In other words similar findings are treated similarly. 10.57. Disagreements which arise between examiners and the bank during the supervisory process should be resolved fairly and expeditiously, in an amicable manner. 10.58. Where disputes cannot be resolved, an appeal maybe made to CBL senior management, on merit, and not as an avenue to frivolous negotiation of ratings. 10.59. Quality Assurance covers all aspects of banking supervision on a continuous basis, and may provide a basis for changes in policies. All key reports are subjected to a formal review as shown below.

33 Name of Report ………………………………........................................…………….. Prepared By ….......................................……… Checked By…….......…............…….. Approved By……...................………...

34 FOLLOW-UP AND MONITORING – STEP 6 10.60. The objective of this activity is to follow-up on implementation of the supervisory directives and recommendations made to the examined institution. The Task Officer should maintain an ongoing list of issues to be followed up with the institution’s management within a specified timeframe. The results may be incorporated in the institutional profile updates. 10.61. Off-site Surveillance reports are principal tools used for monitoring and are generated on a periodic basis using quantitative and qualitative information submitted through regular prudential returns and other sources of reliable information. 10.62. The main reports are Quarterly Off-site Analysis reports based on the CAMELS rating systems; quarterly Board Reports; quarterly Status of the Banking Sector Report; half-yearly Financial Stability Report; and a Weekly Status Report. 10.63. The Bank also makes use of Early Warning Systems, Stress Testing and Prompt Corrective Action programs to detect areas of supervisory concern and take pre-emptive action. 10.64. After the on-site examination, the Institutional Profile, Risk Assessment Narrative, Risk Matrix, and Supervisory Plan should be updated to reflect any significant examination findings or post examination actions (e.g. Corrective Orders). This step is critical in ensuring that the risk-focused documentation encompasses all substantive on-site examination findings. QUARTERLY OFF-SITE ANALYSIS 10.65. The framework for off-site analysis comprises of a number of stages involving data collection; preliminary analysis and validation; detailed analysis and report writing. 10.66. The table below provides an overview of some of the processes involved, and their respective results.

35 Quarterly Off-site Analysis Process 10.67. Details of the off-site analysis framework are discussed in the RBS Off-Site Manual. SUBMISSION OF EXTERNAL AUDITOR’S REPORTS 10.68. The Central Bank expects banks to share any adverse findings of their audits with bank examiners. Banks are required to submit copy of the management letter and the audited financial accounts to the Central Bank at the conclusion of every audit. 10.69. Every banking institution is expected to publish audited financial statements within four months from the end of each financial year. External auditors are also expected to certify the authenticity of informational databases maintained by financial institutions on an annual basis. PRE-EMPTIVE STRATEGIES 10.70. The paradigm shift to enhanced risk-based supervision will be complimented by an array of pre-emptive and market stabilization strategies. The pre-emptive strategies will focus on financial stability, stress testing, early warning systems,

36 and prompt corrective action programs. Financial Stability Reports… 10.71. The challenge to maintain financial stability is an on-going process which should not be limited to the banking sector activities alone. 10.72. The Central Bank will publish Financial Stability Reports (FSRs) bi-annually. The objective is to assess the condition of the Liberian financial system, taking into account significant developments in the financial sector and the greater economy, as well as international developments with a bearing on financial stability as follows: international and domestic macroeconomic environment; financial sector structure and condition; developments in the non-bank financial sector and real sector; local and international regulatory developments. Stress Testing Framework… 10.73. The Central Bank employs a number of stress testing methodologies to assess the ability of individual banks and the entire financial sector to withstand shocks. Stress testing methodologies are deployed as part of the arsenal in use to assess stability of the financial sector. Stress testing measures financial system's ability to withstand shocks. 10.74. The Central Bank uses stress testing models that encompass several risk factors such as interest rate, exchange rate, credit, liquidity, and operational risk shocks. 10.75. For detailed information of the stress testing framework refer to RBS Examination Manual. Early Warning Systems… 10.76. Early warning systems help to identify problem banks for early intervention, and are also useful in scheduling and prioritizing examinations. In any early warning system the quality of data and depth of analysis are very important in order to

37 draw the right conclusions. Back testing of models also helps to improve the quality of early warning systems deployed. 10.77. The Central Bank's early warning system makes use of macro-prudential indicators, in the form of the IMF Financial Soundness Indicators (FSIs), over and above the usual CAMELS indicators. FSIs are sub-divided into the Core Set, which is mandatory, and the Encouraged Set which can be used at the discretion of national regulatory authorities. 10.78. Appendix 10: Summarizes the FSIs adopted by the Central Bank in its off-site analysis of banking institutions. RSD will use off-site analysis as a pre-emptive tool to identify weak institutions. 10.79. Results of early warning systems should not be used mechanically but subjected to qualitative evaluation. ACKNOWLEDGEMENTS

1. Augustino N. Hotay, “Guidebook on Implementation of Risk Based Supervision”, Bank of Tanzania, January 2009
2. Bank Negara Malaysia, “Risk-Based Supervision Framework”, [no date].
3. Comptroller of the Currency Administrator of National Banks (OCC), “Large Bank Supervision Handbook”, May 2001].
4. Federal Central System, “Framework for Risk-Focused Supervision of Large Complex Institutions”, August 1997
5. Hong Kong Monetary Authority, “Risk-based Supervisory Approach”, October
7. Office of Thrift Supervision, “Holding Companies Handbook”, July 2004.
8. Reserve Bank of Zimbabwe, “Enhanced Risk Based Supervision Framework”, January 2012

38 APPENDICES

39 APPENDIX 1: Illustrative Format of an Institutional Profile A. Overall Condition 1.1.Summarizes the overall condition based on the level of supervisory concern, assessment of risk management systems and adequacy of management oversight over the banking institution. Any key issues/concerns relating to the strategies employed should also be highlighted. B. Risk Assessment Summary 1.2. States the level of inherent risk, the adequacy of risk management systems, the overall composite risk and the direction of overall composite risk. C. Corporate Profile C1 Background 1.3. Captures the history of the institution in brief covering among other things, date of establishment, name changes (if any), mergers and acquisitions, conversions of banking license. C2 Shareholding Structure 1.4. Indicate names of shareholders, number of shares held and percentage shareholding over the past three years. If the institution is owned by a holding or parent company, this is also shown in the holding or parent company’s shareholding structure. C3 Capital Structure 1.5. The institution’s capital components over the past three years should be presented in tabular form. C4 Related Organizations 1.6. Present in tabular form, the institution’s subsidiaries, associates and any other related organization showing the percentage shareholding in each. C5 Vision/Mission/ Strategies 1.7. State the institution’s vision, mission, values and strategic goals and initiatives.

40 C6 Key Functional Lines 1.8. Identify the institution’s key functional lines and products offered under each line. Also include the major support services such as Information Technology (IT). C7 Risk Management Framework 1.9. Provide details of the risk management structures, systems and procedures used to manage the various risks inherent in the institution’s operations. The roles and responsibilities of individuals and departments involved in the risk management process should be clearly articulated. Board and senior management reports, limits in place and IT Systems capabilities should be covered. C8 Branch Network 1.10. Indicate number of branches, agencies and other points of representation and their respective physical addresses. C9 Staff Compliment 1.11. State the total number of employees, indicating managerial and non-managerial staff of the institution. Where necessary, comment on the adequacy of the human capital particularly in key operational areas, in respect of numbers, qualifications and skills. C10 External Auditors and Lawyers 1.12. Show the names, addresses, telephone numbers and the auditor and attorney in charge. C11 Board of Directors 8.24 Present in tabular form, the names, ages, qualifications, experience and other directorships of all the board members. C12 Senior Management 1.13. Present in tabular form, the names, ages, qualifications and experience of all the senior managers. C13 Board Committees

41 1.14. State the compositions of the various board committees and their terms of reference. Comment on any irregularities. C14 Management Committees 1.15. State the compositions of the various management committees and their terms of reference. Comment on any irregularities. C15 Overview of Management 1.16. Comment on adequacy of board and management oversight in terms of: a) the overall risk management framework; b) policies and procedures in key risk areas; c) internal control systems; and d) strategic planning and policy formulation. 1.17. Also comment on the management information systems in terms of reliability and timely production of financial and/ or regulatory reports. C16 Top 10 Borrowers as at (latest Quarter) 1.18. Present in tabular form, the top ten borrowers showing the counterparty, limit, current balance, maturity date, nature of exposure and security type. C17 Top Ten Depositors as at (latest quarter) 1.19. Present in tabular form, the top ten depositors showing name of client, amount and type of deposit. C18 Industry Rankings as at (latest Quarter) 1.20. Present in tabular form, the institution’s position in relation to other institutions in the same sub-sector. Show the total deposits, total loans and total assets by amount, percentage and market share. D. Examination Results, Audit Findings & External Credit Rating D1 Results of Past On-site Examinations 1.21. Present in tabular form, the results of the last three on-site examinations showing the respective overall and CAMELS ratings.

42 D2 Significant Findings of Last On-site Examination 1.22. Summarize the significant findings of the latest on-site examination. D3 External and Internal Audit Findings 1.23. Summarize the significant findings of the latest external and internal audits, and highlights of prudential meetings with auditors. D4 External Credit Rating 1.24. Indicate the latest ratings obtained by the institution, the rating date and the name of the rating company. E. Off-site Analysis as at (latest quarter) 1.25. Provide a summary of the overall condition of the institution based on the latest quarterly financial returns, and comment on the following: E1 Capital Adequacy E2 Asset Quality E3 Management E4 Earnings E5 Liquidity and Funds Management E6 Sensitivity to Market Risk F. Non-Compliance with Regulatory and Supervisory Requirements 1.26. Comment on the institution’s compliance with banking rules, regulations and directives issued by CBL. State any violations noted. G. Environmental Considerations 1.27. Identify and state any external environmental factors, which may have an impact on the operations and condition of the institution, for example, property, debt and equity markets, and economic conditions. H. Financial Stability and Stress Testing Assessment H1 Stress Testing Results 1.28. State the assumptions and results of stress tests conducted by RSD and the institution itself. H2 Financial Stability Considerations 1.29. Comment on the bank’s financial performance, brand strength, chances of failure and the contagion effect on the financial system, in the event of failure.

43 H3 Future Prospects 1.30. Comment on the bank’s strategic initiatives/forecasts/projections for key performance areas, budget projections, and/or new markets and products. I. Attachments 1.31. The following attachments should be included as appendices to the institutional profile: Appendix a) Key Ratios Appendix b) Comparative Income Statement Appendix c) Comparative Balance Sheet Appendix d) Organizational Structure Appendix e) External Credit Rating Report Appendix f) Annual Report

44 APPENDIX 2: Key to the RAS Rating System INHERENT RISK High Inherent Risk … 1.32. Generally, an assessment of high inherent risk would reflect a higher than average probability of potential loss. High inherent risk exists when the functional area is significant or positions are large in relation to the banking institution’s resources, where the volume of transactions or where the nature of the functional area is more complex than normal. Moderate Inherent Risk … 1.33. Moderate inherent risk exists where positions are average in relation to the institution’s resources or to its peer group, where the volume of transactions is average, and where the activity is more typical or traditional. Thus, while the activity potentially could result in a loss to the organization, the loss could be absorbed by the organization in the normal course of business. Low Inherent Risk … 1.34. Low inherent risk exists where the volume, size, or nature of the activity is such that even if the internal controls have weaknesses, the risk of loss is remote or, if a loss were to occur, it would have little negative impact on the institution’s overall financial condition. RISK MANAGEMENT SYSTEMS Strong Risk Management Systems … (a) Management effectively identifies, measures, monitors and controls all types of risk posed by the relevant functional area, or per inherent risk; (b) The board and senior management are active participants in managing risk and ensure appropriate policies and limits are put in place; (c) Board fully understands, reviews and approves all policies and procedures; (d) The policies comprehensively define the bank’s risk tolerance,

45 responsibilities and accountabilities are effectively communicated; (e) Internal controls and audits are comprehensive and appropriate to the size and activities of the banking institution; (f) Few exceptions to established policies and procedures of which none would lead to significant loss of earnings or capital ; and (g) Policies and limits are effectively supported by risk measurement, monitoring and control procedures and management information systems which are timely, accurate, complete and reliable. Acceptable Risk Management Systems … (a) Overall, board and senior management oversight, policies and limits, risk monitoring procedures and MIS are considered effective in maintaining a safe and sound banking institution; (b) Management of risk is largely effective but lacking to some modest degree. Risks are generally being controlled in a manner that does not require more than normal supervisory attention; (c) Reflects an ability to cope successfully with existing and foreseeable exposure that may arise in carrying out the institution’s business plan. (d) While the institution may have some minor risk management weaknesses, these have been recognized and are being addressed; (e) Management satisfactorily identifies measures, monitors and manages risk including risk diversification; (f) Policies satisfactorily define risk tolerance, responsibilities and accountabilities; (g) Management information systems at various levels are generally adequate. Weak Risk Management Systems … (a) Risk management systems are inadequate or inappropriate given the size, complexity and risk profile of the banking institution;

46 (b) Bank personnel lack knowledge on risk management and are inexperienced; (c) Risk management systems are weak in important ways and cause for more than normal supervisory concern; (d) The policies do not adequately define risk tolerance, responsibilities and accountabilities; (e) Management is unable to identify or monitor risk; or do not implement timely and appropriate actions in response to changing conditions; (f) Weak internal controls and audit function as well as failure to adhere to written policies and procedures; (g) Management information systems at various level exhibit significant weaknesses and may not consolidate total exposures; and (h) The deficiencies could have adverse effects on the safety and soundness of the banking institution. OVERALL COMPOSITE RISK 1.35. A high overall composite risk generally would be assigned to an inherent risk where the risk management system does not significantly mitigate its high aggregate risk. Thus, a financial loss might occur that would have a significant impact on the bank’s overall condition, even in some cases where the systems are considered strong. 1.36. A moderate overall composite risk generally would be assigned to a moderate aggregate risk where the risk management systems appropriately mitigate the risk. For a low aggregate risk, significant weakness in the risk management systems may result in a moderate overall composite risk assessment. On the other hand, a strong risk management system may reduce the overall composite risk of a high aggregate risk area so that any potential financial loss would have only a moderate negative impact on the financial condition of the banking institution.

47 1.37. A low overall composite risk generally would be assigned to a low aggregate risk. A moderate aggregate risk may be assessed as low overall composite risk where internal controls and risk management systems are strong and effectively mitigate much of the risk. DIRECTION OF RISK 1.38. Decreasing direction indicates that the examiner anticipates, based on current information that the overall composite risk will decline over the next 12 months’ examination cycle. Such a scenario reflects decreasing aggregate inherent risks and/or improving risk management systems. 1.39. Increasing direction denotes anticipation of higher risk over the examination cycle. This denotes that inherent risks may be increasing and/or risk management systems are getting weaker. 1.40. If the inherent risks are stable and/or the risk management systems are unchanged, the direction of the overall composite risk will be considered stable.

48 APPENDIX 3: Summary Risk Evaluation Factors per Risk Category Low Credit Risk … (a) Current or prospective loss of earnings or capital is minimal, i.e. there is lower than average probability of adverse impact. (b) Credits constitute an insignificant proportion of the bank. (c) Portfolio and repayment sources are well-diversified. (d) Portfolio growth presents no concerns. (e) The portfolio’s return is adequate to justify the risk being assumed. (f) There are minimal complex facility structures. (g) Low level of past due and/or non-performing loans (NPLs) relative to capital. (h) Sound credit underwriting and monitoring standards; (i) The volume of substantive exceptions or overrides to sound underwriting standards poses minimal risk. (j) Losses will be absorbed during normal course of business. Moderate Credit Risk … (a) Current or prospective exposure to loss of earnings or capital does not impact materially on financial condition. (b) There is an average probability of adverse impact on earnings or capital, but the losses could be absorbed in the normal course of business. (c) Credit related losses do not seriously deplete the bank’s current reserves or necessitate large provisions relative to earnings. (d) Exposure does not reflect significant concentration. (e) Portfolio growth is in accordance with a reasonable plan. (f) Exceptions to underwriting standards do not pose significant risk. (g) Volume of NPLs does not pose undue risk to capital and can be resolved within the normal course of business. High Credit Risk … (a) Current or prospective loss of earnings or capital is material. (b) Credits constitute a significant proportion of the bank’s balance sheet or business activities. (c) Excessive growth of the portfolio which is not matched by a growth in capital.

49 (d) Deteriorating macroeconomic conditions. (e) High concentration of exposures and/or low grade customers. (f) High levels of non-performing loans (NPLs). (g) Portfolio return is inadequate to justify the risks being assumed. (h) Large volume and extent of exceptions to, or violation of, board approved under writing standards. (i) Poor underwriting and monitoring standards. (j) Collection efforts do not facilitate timely collection. Low Liquidity Risk … (a) The bank is not vulnerable to funding difficulties should a material adverse change in market perception occur. (b) Earnings and capital exposure from the liquidity risk profile is negligible. (c) Sources of deposits and borrowings are widely diversified, with no material concentrations. (d) Ample funding sources and structural cash flow symmetry exist in all tenors. (e) Stable deposits and a strong market acceptance of the bank's name offers the bank a competitive liability cost advantage. (f) Reasonable alternatives to credit sensitive funding, if relied upon, have been identified by management and can easily be implemented with no disruption in strategic lines of business. Moderate Liquidity Risk … (g) The bank is not excessively vulnerable to funding difficulties should a material adverse change in market perception occur. (h) Earnings or capital exposure from the liquidity risk profile is manageable. (i) Sources of deposits and borrowings are reasonably diverse, but minor concentrations may exist, and fund providers may be moderately credit sensitive. (j) Sufficient funding sources and structural balance sheet and cash flow symmetry exist to provide stable, cost effective liquidity in most environments, without significant disruption in strategic lines of business.

50 High Liquidity Risk … (a) The bank's liquidity profile makes it vulnerable to funding difficulties should a material adverse change occur. (b) Significant concentrations of funding may exist, or there may be a significant volume of providers that are highly credit sensitive. (c) The bank may currently or potentially experience market resistance, which could impact its ability to access needed funds at reasonable cost. (d) There may be an increasing demand for liquidity with declining medium and long term alternatives. (e) Potential exposure to loss of earnings or capital due to high liability costs of unplanned asset reduction may be substantial. (f) Funding sources and balance sheet structures may currently result in or suggest potential difficulty in sustaining long term liquidity on a cost effective basis. (g) Liquidity needs may trigger the necessity for funding alternatives under a contingency funding plan, including the sale of or disruption in a strategic line of business. Low Interest Rate Risk … a) Exposure reflects minimal repricing, basis, yield curve and options risk. b) No significant mismatches on longer-term positions exist. c) The current or future volatility of earnings and capital is relatively insensitive to changes in interest rates. d) Interest rate movements will have minimal adverse impact on the earnings and capital of the bank. Moderate Interest Rate Risk … a) Exposure reflects manageable repricing, basis, yield curve and options risk. b) Mismatches on longer-term positions are managed. c) The volatility in earnings and capital is not significantly affected by changes in interest rates. d) Interest rate movements will not have a significant adverse impact on the earnings

51 and capital of the bank. e) The bank has access to a variety of risk management instruments and markets to close or hedge positions at reasonable cost, given the size, tenor and complexity of open positions. High Interest Rate Risk … a) Exposure reflects significant repricing, basis, yield curve and options risk. b) Significant mismatches on longer-term positions exist. c) Current or future volatility of earnings and capital due to changes in interest rates. d) Interest rate movements could have a significant adverse impact on the earnings and capital of the bank. e) Exposures may be difficult or costly to close out or hedge due to size, complexity or generally illiquid markets, tenors or products. Low Foreign Exchange Risk … a) Exposures to foreign currencies exist, but revaluations or translation adjustments will have an immaterial impact on capital and earnings. b) No significant mismatches on longer-term positions denominated in foreign currency exist. Moderate Foreign Exchange Risk … a) Exposures to foreign currencies exist, but revaluations or translation adjustments are not expected to have an adverse impact on capital. b) Mismatches on longer-term positions denominated in foreign currency are manageable. High Foreign Exchange Risk … a) Exposures to foreign currencies could produce revaluations or accounting translation adjustments that will have a material adverse impact on capital. b) Significant mismatches on longer-term positions denominated in foreign currency exist. Low Operational Risk … a) The volume of transaction processing, complexity of operations, and the state

52 of systems development expose the bank to negligible reputational risk and loss of earnings or capital. b) The volume and complexity of products and services expose the bank to minimal risk from fraud, errors, or processing disruptions. c) The risk from planned strategic initiatives is minimal. Moderate Operational Risk … a) The volume of transaction processing, complexity of operations, and the state of systems development expose the bank to increased reputational risk and loss of earnings or capital. b) The volume and complexity of products and services increase risks from fraud, errors, or processing disruptions. c) Risk from planned strategic initiatives exists, but is manageable. High Operational Risk … a) The level of transaction processing, complexity of operations, and the state of systems development expose the bank to significant damage to reputation or loss of earnings and capital. b) The volume and complexity of products and services significantly increase potential risks from fraud or error, processing disruptions, control failure or system development weaknesses. c) The risk is heightened by planned strategic initiatives (e.g. conversions, merger integration, emerging products and technology). Low Legal and Compliance Risk … a) The nature and extent of business activities limit the company's potential exposure to violations or non-compliance. b) The bank has few violations. c) Violations will not impact reputation, value, earnings or business opportunity. d) The bank's history of complaints or litigation is good. Moderate Legal and Compliance Risk … a) The nature and extent of business activities may increase the potential exposure to violations or non-compliance.

53 b) The bank may have violations outstanding, which are correctable in the normal course of business without impacting reputation, value, earnings or business opportunity. c) The bank's history of complaints or litigation is not a concern. High Legal and Compliance Risk … a) The nature and extent of business activities significantly increase the potential for serious or frequent violations or non-compliance. b) The bank may have substantive violations outstanding, which could impact reputation, value, earnings or business opportunity. c) The bank may have a history of serious complaints or litigation. Low Strategic Risk … a) The impact of strategic decisions or external pressures is expected to nominally affect image and value of the bank. b) Exposure reflects strategic goals that are sound, and are very compatible with business direction and a changing environment. c) Strategic initiatives are well-conceived and supported by a business plan. d) Management has a successful record in accomplishing their stated strategic goals. e) Initiatives are supported by sound due diligence and effective risk management systems. f) Strategic decisions can be reversed with only negligible cost or difficulty. g) Strategic goals and the corporate culture are effectively communicated and consistently applied throughout the organization. h) MIS effectively support strategic direction and initiatives. Moderate Strategic Risk … a) The impact of strategic decisions or external pressures is not expected to significantly affect image and value of the bank. b) Exposure reflects strategic goals that, although aggressive, are compatible with the business direction and responsive to changes in the environment. c) Strategic initiatives are usually well conceived and supported by a business plan. d) Management has a reasonable record accomplishing their stated strategic goals.

54 e) Strategic decisions can be reversed without significant cost or difficulty. The quality of due diligence and risk management is consistent with the strategic issues confronting the organization. f) Strategic goals and the corporate culture are appropriately communicated and consistently applied throughout the organization. g) MIS effectively support the bank’s strategic direction. High Strategic Risk … a) The impact of strategic decisions or external pressures is expected to adversely affect image and value of the bank. b) Strategic initiatives may be nonexistent, overly aggressive, incompatible with the business direction, or non-responsive to changes in the environment. c) Strategic decisions may be difficult or costly to reverse. d) Strategic goals may be nonexistent, poorly defined, or fail to consider changes in the business environment. e) Strategic initiatives may be poorly conceived or inadequately supported by a business plan. f) Management does not consistently accomplish their stated strategic goal. g) Less than effective risk management systems or a lack of adequate due diligence in the case of new products and services, or acquisitions. h) Strategic goals and the corporate culture may not be clearly communicated and consistently applied throughout the organization. i) Management information systems may be insufficient to support the bank’s strategic direction or address a changing environment. Low Reputational Risk … a) Vulnerability to changes in market and public perception is nominal due to favorable market and public perception of the bank. b) The level of litigation, losses and customer complaints is minimal. c) The potential exposure to franchise value is nominal relative to the number of accounts, the volume of assets under management and the number of affected transactions.

55 d) Management anticipates and responds well to changes of a market, technological or regulatory nature that impacts its reputation in the market place. e) Management is well versed in complex risks and has avoided conflicts of interest and other legal or control breaches. f) Management has a clear awareness of privacy issues and uses customer information responsibly. Moderate Reputational Risk … a) Vulnerability to changes in market and public perception is not material given the level of litigation, losses and customer complaints. b) The potential exposure is manageable and commensurate with the volume of business conducted. c) Management has a good record of self-policing and correcting problems. d) Administration procedures and processes are satisfactory. High Reputational Risk … a) Vulnerability to changes in market and public perception is material in light of significant litigation, large losses or persistent customer dissatisfaction. b) The potential exposure may be increased by the number of accounts, the volume of assets under management or the number of affected transactions. c) Management does not anticipate or take timely or appropriate actions in response to changes of a market, technological or regulatory nature. d) Weaknesses may be observed in one or more critical operational, administrative or investment activities. e) Management has either not initiated or has a poor record of corrective action to address problems. f) Poor administration, conflicts of interests and other legal or control breaches may be evident. g) Management is not aware of significant privacy issues or sometimes uses customer information irresponsibly.

56 APPENDIX 4: Risk Evaluation Factors Factor Low Moderate High COMPLIANCE RISK INDICATORS Board and Operational Management Understanding Fully understands all aspects of compliance risk and exhibits a clear commitment to compliance. Commitment is communicated throughout the institution. Reasonably understands the key aspects of compliance risk. Commitment to compliance is reasonable and satisfactorily communicated. Does not understand, or has chosen to ignore, key aspects of compliance risk. The importance of compliance is not emphasized or communicated throughout the organization Authority and accountability Authority and accountability for compliance are clearly defined and enforced. Authority and accountability are defined, although some refinements may be needed. Management has not established or enforced accountability for compliance performance. Responses to changes Anticipates and responds well to market or regulatory changes. Adequately responds to market or regulatory changes. Does not anticipate or take timely or appropriate actions in response to market or regulatory changes. Product and systems development Compliance considerations are incorporated into product or systems development. While compliance may not be formally considered when developing product or systems, issues are typically addressed before they are fully implemented. Compliance considerations are not incorporated in product or systems development. Violations & Risk Exposure Violations, non-compliance, or litigation are insignificant, as measured by their number or seriousness. The frequency or severity of violations, noncompliance, or litigation is reasonable. Violations, non-compliance, or litigation expose the bank to significant impairment of reputation value, earnings, or business opportunity. Error Detection and Corrective Action When deficiencies are identified, management promptly implements meaningful corrective action. Problems can be corrected in the normal course of business without a significant investment of money or management attention. Management is Errors are often not detected internally, corrective action is often ineffective, or management is unresponsive.

57 responsive when deficiencies are identified. Risk Management Good record of compliance. The bank has a strong control culture that has proven effective. Compliance management systems are sound and minimize the likelihood of excessive or serious future violations. Compliance management systems are adequate to avoid significant or frequent violations or non-compliance. Compliance management systems are deficient, reflecting and inadequate commitment to risk management. Controls and Systems Appropriate controls and systems are implemented to identify compliance problems and assess performance. No shortcomings of significance are evident in controls or systems. The probability of serious future violations or non-compliance is within acceptable tolerance. The likelihood of continued violations or noncompliance is high because a corrective action program does not exist, or extended time is needed to implement such a program. Training and Resources Training programs are effective and the necessary resources have been provided to ensure compliance. Management provides adequate resources and training given the complexity of products and operations Management has not provided adequate resources or training. INTEREST RATE RISK INDICATORS Board and Operational Management Understanding. Fully understands all aspects of IRR. Reasonably understands key aspects of IRR Does not understand or ignores key aspects of IRR. Responsiveness to Market Conditions Anticipates and responds well to changes Adequately responds to changes. Does not anticipate or take timely and appropriate actions in response to changes. Monitoring & Measuring Process is independent from those executing risk –taking decisions. Effective reporting of IRR exists. Process is independent from those executing risk-taking decisions. Adequate reporting of IRR exists. Process is not independent from those executing risk taking decisions. Lack of monitoring and reporting of IRR. Risk Exposure Little repricing risk and minimal exposure to basis and yield curve Repricing risk, basis risk, yield curve risk, and options risk exposures are collectively maintained at Significant levels of repricing risk, basis risk, yield curve risk, or significant levels of options

58 risk. manageable levels. risk exist. Mismatches Mismatched positions are short-term. Mismatched positions may be longer but are managed effectively. Mismatched positions are longer term and inadequately managed. Risk to capital and Earnings Mismatches are unlikely to cause earnings or capital volatility due to the movement of interest rates. Substantial volatility in earnings or capital due to the movement of interest rates is not anticipated. High probability of substantial volatility in earnings or capital due to the movement of interest rates. IRR Process Effective, documented, and proactive. Adequate Deficient Measurement Tools and methods Enhance decision making by providing meaningful and timely information under a variety of defined and reasonable rate scenarios. Minor weaknesses, but are appropriate given size and complexity of the banking institution’s on-and –off balance sheet exposures. Overly simplistic in light of the relative size and complexity of the banking institution’s on and off balance sheet exposures. MIS Reporting Timely, accurate, complete and reliable For the most part, timely, accurate, complete and reliable. Significant weaknesses. Risk Limits Clear parameters, that are regularly reviewed, are set for risk to earnings and the economic value of equity under defined stressed interest rate scenarios. Adequate to control the risk to earnings and the economic value of equity under defined stressed interest rate scenarios. Not reasonable or do not reflect and understanding of the risk to earnings and the economic value of equity. CREDIT RISK INDICATORS Board and operational Management Understanding Fully understands all aspects of credit risk and has a fully effective process in place to control that risk. Reasonably understands key aspects of credit risk and has an adequate process in place to control that risk. Does not understand risks, has chosen to ignore, or does not have a satisfactory process in place for key aspects credit risk. Risk Management Management anticipates and identifies issues before they become problems, including those resulting from changes in market Management has an adequate system in place to identify problems and adequately respond to those signals, including those resulting from Management does not anticipate problems or is ineffective in responding to problems once they occur.

59 conditions changes in market conditions Policies Current, effective and followed Satisfactory Ineffective Diversification Credit risk diversification is actively managed Adequate attention to credit risk diversification Unsatisfactory credit risk diversification Loans Granted, Loans or Investments Purchased Conservative in structure, terms, growth, or settlement practices. Effective due diligence. Prudent in structure, terms growth, or settlement practices. Due diligence is adequate. Aggressive in structure, terms, growth, or settlement practices. Due diligence is lacking, ineffective, or inadequate. Underwriting Standards Sound and few or no exceptions exist Sound with a limited volume of exceptions. Not adequate are not prudent and a large volume of exceptions exist. Concentrations Appropriate diversification Adequate diversification Significant concentrations exist Collateral values Collateral values satisfactorily support credit exposure Values protect exposure Collateral is illiquid or values provide inadequate reporting. Problem Assets Low volume, resolution times are within normal course of business and process is controlled. Moderate volume, reasonable resolution times ad adequate reporting. High volume, extended resolution times and inadequate reporting Reserves Reserves adequately cover inherent losses. Exposure to loss of earnings or capital from credit risk is minimal. Inherent losses should not seriously deplete current reserves or require more than normal provisions. Exposure to loss of earnings or capital is manageable. Losses may seriously deplete current reserves or require abnormal provisions. Exposures to loss of earnings or capital is substantial. Internal Audit and Review Timely, comprehensive, and independent. Promotes early identification of emerging risks. Management responds to findings quickly. Acceptable. Promotes reasonable identification of problems. Management responds to findings. Serious weaknesses exit such as lack of independence, timeliness, scope of review. Does not promote early identification of problems and risk Management ignores findings. ALLL Evaluation method is sound, well documented, Method is generally acceptable and provides Method is flawed and provides insufficient

60 Methodology and appropriate coverage of risks exist an acceptable coverage of risks. coverage of risks. REPUTATION RISK INDICATORS Board and operational Management Response to change Anticipates and responds well to changes of a market or regulatory nature that impact the institution’s reputation in the market place. Adequately responds to changes of a market or regulatory nature that impact the institution’s reputation in the market place. Does not anticipate or take timely or appropriate actions in response to changes of a market or regulatory nature. Organization and overall operations Management fosters a sound that is well supported throughout the organization and has proven very effective over time. Administrative procedures and processes are satisfactory. Management has a good record of correcting problems. Weaknesses may be observed in one or more critical operational or administrative activities. Management information at various levels exhibits significant weaknesses Risk Management The banking Institution effectively self-policies risks The Banking institution self-policies risks The banking institution’s performance in self – policing is suspect Internal controls and Audits Fully effective Generally effective Not effective in reducing exposure. Management has either not initiated, or has a poor record of, corrective action to address problems. Net Worth Exposure Net worth is only minimally exposed by reputation risk. Minimal member complaints received, involving minor issues. Complaints are handled promptly, effectively and efficiently. The exposure of net worth from reputation risk is controlled. Adequate systems exist to process member complaints satisfactorily. Net worth is substantially exposed by reputation risk shown in significant litigation, large dollar losses, or a high volume of member complaints. The potential exposure increases with the number of accounts. The volume of accounts, the volume of assets under management, or the number of affected transactions. Legal Risk Losses from fiduciary activities are low relative The banking institution has avoided conflicts of Poor administration, conflicts of interest, and

61 to the number of accounts, the volume of assets under management, and the number of affected transaction. The banking institution does not regularly experience litigation or member complaints. interest and other legal or control breaches. The level of litigation, losses, and member complaints are manageable and commensurate with the volume of business conducted. other legal or control breaches may be evident. Disaster Recovery Plans Documented, tested and effective plans are in place. Adequate plans are in place Inadequate or non-existent plans Promotional and education efforts Effective promotional and educational efforts are made to reach existing and potential members. Adequate promotional and educational efforts are undertaken. Inadequate or non-existent promotional and education efforts. STRATEGIC RISK INDICATORS Risk Management Practices Practice are an integral part of strategic planning Quality is consistent with strategic issues confronting the banking institution. Practices are inconsistent with strategic initiatives. A lack of strategic direction is evident. Strategic Planning Strategic goals, objective, culture, and behavior are effectively communicated and consistently applied throughout the institution. The depth of management talent enhances strategic direction and organizational corporate efficiency. Demonstrated the ability to implement goals and objectives and successful implement goals and objectives and successful implementation of strategic initiative is likely. Operating policies and programs inadequately support strategic initiatives. The structure and talent of the organization do not support long-term strategies. Management/Staff Turnover Changes in key management or staff are well managed and minimal. Succession plans are documented and effective. Key management or staff changes recently occurred. Succession plans are adequate Key management or staff turnover is high and poorly managed. Succession plans are non-existent, inadequate, or ignored. Track record Management has been successful in Management has a reasonable record in Deficiencies in management

62 accomplishing past goals and is appropriately disciplined. decision-making and controls. decision-making and risk recognition do not allow the institution to effectively evaluate new products, services or FOM expansions. MIS Management information systems effectively support strategic direction and initiatives. Management information systems reasonably support the banking institution’s short –term direction and initiatives. Management information systems supporting strategic initiatives are seriously flawed or do not exist. Risk Exposure Exposure reflects strategic goals that are not overly aggressive and are compatible with developed business strategies. Exposure reflects strategic goals that are aggressive but compatible with business strategies. Strategic goals emphasize significant growth or expansion that is likely to result in earnings volatility or capital pressures. Impact and Risk of initiatives Initiatives will have a negligible impact on capital, systems or management, resources. The initiatives are well foreseeable future and pose only nominal possible effects on earnings volatility. Actual practices have only minor inconsistencies with planned initiatives. Initiatives are reasonable considering the capital, systems and management. Decisions are not likely to have a significant adverse impact on earnings or capital and can be reversed without significant cost or difficulty. The impact of strategic decisions is expected to significantly affect net worth. Strategic initiatives may be aggressive or incompatible with developed business strategies. Decisions are either difficult or costly to reverse. Appropriateness of New Products & services New products/services are supported by sound due diligence and strong risk management. The decision can be reversed with little difficulty and manageable costs. New products/services will not materially alter business direction, can be implemented and cost effectively, and are within management’s abilities. Strategic goals are unclear or inconsistent and have led to an imbalance between the financial institution’s tolerance for risk and willingness to supply supporting resources for new product/service offerings. OPERATIONAL RISK INDICATORS Board and Fully understands all Reasonably understands Does not understand, or

63 Operational Management Understanding aspects of operational risk key aspects of operational risk chooses to ignore key aspects of operational risk Responsiveness to market and Technological conditions Anticipates and responds well to changes Adequately responds changes Does not anticipate or take timely or appropriate actions in response to changes. Risk Exposure Only a slight probability of damage to reputation, capital, or earnings. Possible loss or reputation, earnings or capital exists but is mitigated by adequate internal controls. Weak internal controls expose the financial institution to significant damage to reputation, or loss of earnings or capital. Transaction Processing Controls History of sound operations likelihood of transaction processing failures is minimal due to strong internal controls, audit and contingency and business recovery plans that are sound. Adequate operating and information processing systems, internal controls, audit coverage and contingency and business recovery plans are evident. Serious weaknesses exist in operating and information systems, internal controls, audit coverage, or contingency and business recovery plans. MIS Satisfactory Minor deficiencies may exist that relate to transaction and information processing activities. Significant weaknesses in transaction and information processing activities New products or services Favorable performance in expansions and introductions of new products and services Planning ad due diligence prior to introduction of new services are performed although minor weaknesses exist. Inadequate. The bank is exposed to risk from the introduction or expansion of new products and services. Conversion Management Conversion plans are clear comprehensive and followed. Conversion plans are evident, although not always comprehensive. The bank may be exposed to risk from the introduction or expansion of new products and services. Problem Identification and Corrective Action Management identifies weaknesses quickly and takes appropriate action. Management recognizes weaknesses and generally takes appropriate action. Management has not demonstrated a commitment to make the corrections required to improve transaction processing risk controls. LIQUIDITY RISK INDICATORS

64 Board and operational Management understanding Fully understands all aspects of liquidity risk Reasonably understands key aspects of liquidity risk. Does not understand or chooses to ignore key aspects of liquidity risk. Management responsiveness Anticipates ad responds well to changes in market conditions Adequately responds to market condition changes Does not anticipate or take timely or appropriate actions in response to changes Liquidity position and Risk Exposure Favorable position with negligible exposure to earnings and capital Not excessively vulnerable to funding difficulties should an adverse change in market perception occur. Earnings or capital exposure is manageable. Access to funds is impacted by poor market perception or market resistance, resulting in substantial exposure to loss of earnings or capital. Funding sources Ample funding sources exist. Funding sources provide the Financial institution with a competitive cost advantage. Sufficient funding sources exist to provide cost – effective liquidity. Funding sources and portfolio structures suggest current or potential difficulty in sustaining long-term and cost-effective liquidity Borrowing Sources Widely diversified, with little or no reliance on wholesale or other credit-sensitive funds providers. Diversified with few providers or groups sharing common investment objectives and economic influences. Concentrated in a few providers with common investment objectives or economic influences. Future Liquidity Position Market alternatives exceed demand for liquidity with no adverse changes expected. Liquidity position is not expected to deteriorate in the near term. Liquidity needs may be increasing with declining medium and long-term funding alternatives. Risk management processes Processes reflect a sound culture that has proven effective overtime. Processes are adequate Processes are deficient MIS Reporting Timely, complete, reliable and reviewed by management For the most part, timely complete reliable and reviewed by management Do not provide useful information for managing liquidity risk. Balance Sheet Management Appropriate attention is given to balance sheet management and the cost effectiveness of liquidity alternatives. Attention to balance sheet management is appropriate. Access o funding markets is properly assessed and diversified based upon Attention to balance sheet management is inappropriate. Management has no realistically assessed the financial institution’s access

65 size and complexity. to funds and has not paid sufficient attention to diversification. Contingency Plans Well developed and effective Effective and the cost of liquidity alternatives is adequately considered Non-existent or incomplete. Cost of alternatives has not been adequately considered. High probability exists that contingency funding sources are needed. Improvement is not expected in the near future. Cashflow Analysis Effective, reliable and timely analyses are conducted. Adequate analysis conducted based upon size and complexity. Analysis not done or is 99inadequate.

66 APPENDIX 5: Illustrative Format - Risk Assessment Narrative Banking Institution (BI):__________________________________________ Reporting Date: _______________________________________________ Internal Risk Assessment System Assess the adequacy of the risk management systems of the banking institution in detail, especially in the four key areas of: a) board and management oversight; b) policies, procedures and limits; c) risk management and monitoring; and d) MIS. Overall Assessment Overall Risk Rating: Date of Update: Direction: ___________________ Assess the overall risk rating and general trend of risk of the BI across all its functional areas. Also state any future plans or prospects of the BI that might affect its risk profile in the near future. Credit Risk Credit Risk Rating:________________ Date of Update:______________ Direction :___________________ Assess credit risk rating and trend across the functional areas in which credit risk is concentrated, e.g.: • Lending activities • Treasury activities Analyze credit risk by sectors of concentration as well as the performance of the NPL portfolio, comparing with previous periods. Comment on the adequacy of the risk

67 management systems in mitigating credit risk. Operational Risk Overall Risk Rating:_________________ Date of Update:___________ Direction :_____________________ Assess operational risk and trend across the BI, especially in areas that are prone to high operational risk, e.g.: • Branch operations • Fraud Comment on the adequacy of the risk management systems in mitigating operational risk. Liquidity Risk Liquidity Risk Rating:_________________ Date of Update:___________ Direction:______________________ Assess liquidity risk and trend across the functional areas of the BI, especially in areas of: • Asset-Liability Management • Inter-bank Borrowings • Depositor Structure Comment on the adequacy of risk management systems in addressing the liquidity risk of the BI. Interest Rate Risk Interest Risk Rating:__________________ Date of Update:___________ Direction:______________________ Assess the interest rate risk rating and the trend across the functional areas of activity in the BI especially in areas of: • Treasury (e.g. Investments, Derivatives)

68 Analyze the effects and trends of interest rates in areas in which the BI has significantly high interest rate risk. Comment on the adequacy of risk management systems in addressing the interest rate risk of the BI. Foreign Exchange Risk Foreign Exchange Risk Rating: Date of Update: Direction: _____________ Assess the foreign exchange risk rating and the trend across the functional areas of activity in the BI especially in areas of Treasury (e.g. Investments, Derivatives). Analyze the effects and trends of exchange rates in areas in which the BI has significantly high foreign exchange risk. Comment on the adequacy of risk management systems in addressing the foreign exchange risk of the BI. Legal and Compliance Risk Overall Risk Rating:_________________ Date of Update:__________ Direction:_____________________ Assess the legal and compliance risk rating and the trend across the overall BI. Mention any cases of litigation that the BI has been involved in over the review period as well as any ongoing litigation yet to be resolved. Comment on the adequacy of the risk management systems in addressing the legal and compliance risk of the BI. Reputation Risk Overall Risk Rating: _______________ Date of Update: _____________ Direction: _________________ Assess the reputation risk rating and the trend across the BI as a whole. Mention any

69 cases of adverse publicity that the BI has been involved in over the past period. Comment on the adequacy of the risk management systems in addressing the reputation risk of the BI. Strategic Risk Overall Risk Rating: _______________ Date of Update: _____________ Direction: ________________ Comment on the adequacy of the risk management systems in addressing the reputation risk of the BI.

70 APPENDIX 6: Illustrative Format for a Supervisory Plan Banking Institution Reporting Date: A. Supervisory Concerns: Identify supervisory concerns by reviewing the following: • Risk assessment; • CAMELS assessment; • Other available information (e.g. previous examination findings, internal and external audit reports, liaison with various parties); and • Other significant events (e.g. mergers, acquisitions) B. Supervisory Strategies and Activities to be Conducted: Identify strategies to address the supervisory concerns as well as specific activities to be conducted on (Banking Institution, holding company and key non-bank subsidiaries within the group).

1. Off-site Monitoring Comments Provide information on proposed off-site activities, taking into consideration the objectives, scope and specific supervisory concerns. No. Activity Objective/Scope Period Remarks Supervisory Strategies and Activities to be Conducted:
2. On-site Examination Comments Provide information on proposed on-site examination activities, taking into consideration the objectives, scope, date of last on-site examination and specific supervisory concerns No. Activity Objective/Scope Period Remarks

71 Sign-Off Name Signature Date Designation Prepared by Bank Examiner Reviewed by Principal Bank Examiner Approved by Assistant Director Director of RSD

72 APPENDIX 7: Format of Examination Scope Memorandum

1. Camels and Credit Ratings Indicate offsite CAMELS ratings for the past two quarters and the last on-site rating. Also indicate external credit ratings for the past three years.
2. Reasons for Examination 2.1 Highlight reasons for conducting the on-site examination which may include: • Assessment of the bank’s condition focusing on functional areas with composite risk ratings of moderate or high • Follow-up on issues highlighted by internal and external auditors; and • Follow up on issues raised in the previous on-site examination.
3. Summary of Monrovia Bank Risk Profile as at xxxx • Insert a pre-examination summary risk matrix
4. Objectives 4.1 Objectives may include focusing on risk areas rated moderate as indicated in the risk matrix and evaluation of the adequacy of risk management and internal control systems in the functions areas such as: a. Corporate Banking and Credit; b. Treasury; c. International Operations; d. Accounting and Finance; e. Information Technology; f. Risk Management; g. Centralized Operations; h. Custodial Services; i. Internal Audit; and j. Branch Operations, among others.

73 5. Summary of Pre-Examination Meetings 5.1 Prudential Meeting with Senior Management -Highlight major issues raised by management with regards to strategic thrust of the bank, target market, sources of income, major cost drivers and challenges faced by the institution. 5.2 Prudential Meetings with Functional Heads -Highlight issues of supervisory concern arising from meetings with functional heads. 5.3 Meeting with External Auditors -Highlight issue of supervisory concern raised by auditors. The meeting will be arranged through the banks. 6. Examination Scope and Focus - Based on issues arising from prudential meetings, indicate areas of focus per functional area during on-site examination. 7. Examination resource needs The Examiner–In-Charge should indicate examination resource needs clearly indicating (in a table)functional areas to be examined, team leaders and examiners to conduct filed work per functional area, duration of the examination, start and end dates and the team responsible for examination report consolidation.

74 APPENDIX 8: Definitions of CAMELS Composite Ratings CAMELS Composite rating Scale Composite Rating “1”, “Strong” … 1.41. Banking institutions in this group are sound in every respect and generally have components rated “1” or “2”. Any weaknesses are minor and can be handled in a routine manner by the board of directors and management. These banking institutions are the most capable of withstanding the vagaries of business conditions and are resistant to outside influences such as economic instability in their trade area. These banking institutions are in substantial compliance with laws and regulations. As a result, these financial institutions exhibit the strongest performance and risk management practices relative to the institution’s size, complexity, and risk profile, and give no cause for supervisory concern. Composite Rating “2”, “Satisfactory” … 1.42. Banking institutions in this group are fundamentally sound. For a banking institution to receive this rating, generally no component rating should be more than “3”. Only moderate weaknesses are present and are well within the board of directors’ and management’s capabilities and willingness to correct. These banking institutions are stable and are capable of withstanding business fluctuations. These banking institutions are in substantial compliance with laws and regulations. Overall risk management practices are satisfactory relative to the institution’s size, complexity, and risk profile. There are no material supervisory concerns and, as a result, the supervisory response is informal and limited. Composite Rating “3”, “Fair” … 1.43. Banking institutions in this group exhibit some degree of supervisory concern in one or more of the component areas. These banking institutions exhibit a combination of weaknesses that may range from moderate to severe; however, the magnitude of the deficiencies generally will not cause a component to be rated more severely than “4”. Management may lack the ability or willingness to

75 effectively address weaknesses within appropriate time frames. Banking institutions in this group generally are less capable of withstanding business fluctuations and are more vulnerable to outside influences than those institutions rated a composite “1” or “2”. Additionally, these banking institutions may be in significant non-compliance with laws and regulations. Risk management practices may be less than satisfactory relative to the institution’s size, complexity, and risk profile. These banking institutions require more than normal supervision, which may include formal or informal enforcement actions. Failure appears unlikely, given the overall strength and financial capacity of these institutions. Composite Rating “4”, “weak” … 1.44. Banking institutions in this group generally exhibit unsafe and unsound practices or conditions. There are serious financial or managerial deficiencies that result in unsatisfactory performance. The problems range from severe to critically deficient. The weaknesses and problems are not being satisfactorily addressed or resolved by the board of directors and management. Banking institutions in this group generally are not capable of withstanding business fluctuations. There may be significant non-compliance with laws and regulations. Risk management practices are generally unacceptable relative to the institution’s size, complexity, and risk profile. Close supervisory attention is required, which means, in most cases, formal enforcement action is necessary to address the problems. Institutions in this group pose a risk to the deposit insurance fund. Failure is a distinct possibility if the problems and weaknesses are not satisfactorily addressed and resolved. Composite Rating “5”, “Critical” … 1.45. Banking institutions in this group exhibit extremely unsafe and unsound practices or conditions; exhibit a critically deficient performance; often contain inadequate risk management practices relative to the institution’s size, complexity, and risk profile; and are of the greatest supervisory concern. The volume and severity of problems are beyond management’s ability or willingness to control or correct.

76 Immediate outside financial or other assistance is needed in order for the financial institution to be viable. Ongoing supervisory attention is necessary. Institutions in this group pose a significant risk to the deposit insurance fund and failure is highly probable. Component Ratings … 1.46. A list of the principal evaluation factors that are taken into account in respect of each component, is provided hereunder, in no particular order of importance. Definitions of each rating per component are provided below under the section dealing with the format of the examination report. Capital Adequacy … 1.47. The capital adequacy of an institution is rated based upon, but not limited to, an assessment of the following evaluation factors: a) the level and quality of capital and the overall financial condition of the institution; b) the ability of management to address emerging needs for additional capital; c) the nature, trend, and volume of problem assets, and the adequacy of allowances for loan and lease losses and other valuation reserves; d) balance sheet composition, including the nature and amount of intangible assets, market risk, concentration risk, and risks associated with non-traditional activities; e) risk exposure represented by off-balance sheet activities; f) the quality and strength of earnings, and the reasonableness of dividends; g) prospects and plans for growth, as well as past experience in managing growth; and h) access to capital markets and other sources of capital, including support provided by a parent holding company. Asset Quality … 1.48. The asset quality of a financial institution is rated based upon, but not limited to,

77 an assessment of the following evaluation factors: a) the adequacy of underwriting standards, soundness of credit administration practices, and appropriateness of risk identification practices; b) the level, distribution, severity, and trend of problem, classified, non-accrual, restructured, delinquent, and non-performing assets for both on- and off-balance sheet transactions; c) the adequacy of the allowance for loan and lease losses and other asset valuation reserves; d) the credit risk arising from or reduced by off-balance sheet transactions, such as unfunded commitments, credit derivatives, commercial and standby letters of credit, and lines of credit; e) the diversification and quality of the loan and investment portfolios; f) the extent of securities underwriting activities and exposure to counter-parties in trading activities; g) the existence of asset concentrations; h) the adequacy of loan and investment policies, procedures, and practices; i) the ability of management to properly administer its assets, including the timely identification and collection of problem assets; j) the adequacy of internal controls and MIS; and k) the volume and nature of credit documentation exceptions. Management … 1.49. The capability and performance of management and the board of directors is rated based upon, but not limited to, an assessment of the following evaluation factors: a) the level and quality of oversight and support of all institution activities by the board of directors and management; b) the ability of the board of directors and management, in their respective roles, to plan for, and respond to, risks that may arise from changing business conditions or the initiation of new activities or products; c) the adequacies of, and conformance with, appropriate internal policies and

78 controls addressing the operations and risks of significant activities; d) the accuracy, timeliness, and effectiveness of management information and risk monitoring systems appropriate for the institution’s size, complexity, and risk profile; e) the adequacy of audits and internal controls to: promote effective operations and reliable financial and regulatory reporting; safeguard assets; and ensure compliance with laws, regulations, and internal policies; compliance with laws and regulations; f) responsiveness to recommendations from auditors and supervisory authorities; g) management depth and succession; h) the extent that the board of directors and management is affected by, or susceptible to, dominant influence or concentration of authority; i) reasonableness of compensation policies and avoidance of self-dealing; j) demonstrated willingness to serve the legitimate banking needs of the community; and k) the overall performance of the institution and its risk profile. Earnings … 1.50. The rating of an institution’s earnings is based upon, but not limited to, an assessment of the following evaluation factors: a) the level of earnings, including trends and stability; b) the ability to provide for adequate capital through retained earnings; c) the quality and sources of earnings; d) the level of expenses in relation to operations; e) the adequacy of the budgeting systems, forecasting processes, and MIS in general; f) the adequacy of provisions to maintain the allowance for loan and lease losses and other valuation allowance accounts; and g) the earnings exposure to market risk such as interest rate, foreign exchange, and price risks.

79 Liquidity … 1.51. Liquidity is rated based upon, but not limited to, an assessment of the following evaluation factors: a) the adequacy of liquidity sources compared to present and future needs and the ability of the institution to meet liquidity needs without adversely affecting its operations or condition; b) the availability of assets readily convertible to cash without undue loss; c) access to money markets and other sources of funding; d) level of diversification of funding sources, both on- and off-balance sheet; e) the degree of reliance on short-term, volatile sources of funds, including borrowings and brokered deposits, and lender of last resort facilities to fund longer term assets; f) the trend and stability of deposits; g) the ability to securitize and sell certain pools of assets; and h) the capability of management to properly identify, measure, monitor, and control the institution’s liquidity position, including the effectiveness of funds management strategies, liquidity policies, management information systems, and contingency funding plans. Sensitivity to Market Risk … 1.52. Market risk is rated based upon, but not limited to, an assessment of the following evaluation factors: a) the sensitivity of the financial institution’s earnings or the economic value of capital to adverse changes in interest rates, foreign exchange rates, commodity prices, or equity prices; b) the ability of management to identify, measure, monitor, and control exposure to market risk given the institution’s size, complexity, and risk profile; c) the nature and complexity of interest rate risk exposure arising from non-trading positions; and d) where appropriate, the nature and complexity of market risk exposure arising from trading and foreign operations.

80 APPENDIX 9: Examination Report CENTRAL BANK OF LIBERIA BANK SUPERVISION THIS REPORT OF EXAMINATION IS STRICTLY CONFIDENTIAL This report is a final report of examination. The information contained in this preliminary report is based on the books and records of the examined bank, statements made to the examiners by management, officers, and employees of the bank, and information obtained from other sources believed to be reliable. In making this review, it should be remembered that while an examination includes some audit tests and procedures, it is not the same as an audit, and this report is not an audit report. Signing this report does not necessarily mean agreeing with the findings therein but that one has read and is aware of the findings. This report is the property of the Central Bank of Liberia and is furnished to the examined bank for its confidential use. Under no circumstances shall the bank or any of its directors, or employees disclose or make public in any manner the report or any portion thereof. If a subpoena or other legal process is received calling for production of this report, the Director of Regulation & Supervision of the Central Bank of Liberia must be notified immediately, and the person(s) who requested a copy of this report should be advised to contact the Director. MONROVIA BANKING CORPORATION LIMITED Name of Examined Institution ………………………… Date: ................................ Mrs. Z. Bedell Bank Examiner …………………………….. Date…………………………… Mr. I. King Senior Bank Examiner ………………………… Date………………………. Mr. P. Brown Director Bank Supervision

81 SECTION A: BACKGROUND

82 1 INSTITUTIONAL OVERVIEW 1.1 Monrovia Bank Limited (“Monrovia Bank”) is a wholly-owned subsidiary of Monrovia Holdings Limited (“Monrovia Holdings”). Monrovia Bank commenced commercial banking business in 2002, following approval of conversion of its license in 2000. 1.2 Monrovia currently operates 16 branches across Liberia. 1.3 The shareholding structure of Monrovia Holdings as at 30 September 2009 is as shown in the table below. Table 1: Shareholding Structure of Monrovia Holdings Limited NAME OF SHAREHOLDER % HOLDING MONROVIA FINANCE (PVT) LTD 71.30% RIVERGEE LIMITED (FOREIGN) – M. SCHUMACHER 9.73% VARIOUS EMPLOYEE OWNED COMPANIES 8.35% MONROVIA EMPLOYEE SHARE TRUST 3.60% VOINJAMA TRUST – J. KOLUBAH 3.26% NIMBA EMPIRE (FOREIGN) – S. DOLO 1.27% DEEPWATER INVESTMENTS (PVT) LTD (FOREIGN) – X. Y. ZUBAH 1.27% OCEAN INVESTMENTS (PVT) LTD – D. HARRIS 1.22% TOTAL 100% 1.4 It was noted that the Monrovia Employee Share Trust which holds a 3.60% stake in Monrovia Holdings, is not governed by a Trust Deed. 1.5 Monrovia Bank’s board of directors is appropriately constituted as shown overleaf.

83 Table 2: Monrovia Bank Limited Board Composition Name Designation Mr. O. M. Donzo Independent Non-Executive -Chairman Mr. D Johnson Independent Non-Executive Mr. V Williams Independent Non-Executive Mr. B Dahn Independent Non-Executive Mr. L Kiazulu Independent Non-Executive Mr. K. Yancy (Alternate D Tarpeh) Non-Executive Mr. D Allison Non-Executive Mr. D. T. Garjay Managing Director Mr. G. Galimah Executive Director-Corporate Banking Mrs. A. Mulbah Financial Director 1.6 As at 31 December 2009, the bank was of moderate systemic importance as reflected by the trend in the market shares in terms of total assets, total loans and total deposits as shown below: Table 3: Monrovia Bank – Comparative Trends in Market Share 2 SCOPE & OBJECTIVES OF EXAMINATION 2.1 A full scope on-site examination of Monrovia Bank was conducted from 6 to 31 31 December 2009 30 September 2009 31 December 2009 L$ Market Share Rank L$ Market Share Rank L$ Market Share Rank Total Assets L$3,862.79 4.27% 8 L$729.49b 1.53% 10 L$348.8b 0.82% 6 Total Loans L$1,205.71 5.30% 8 L$12.21b 0.71% 10 L$302.25b 0.02% 13 Total Deposits L$1,776.84 3.58% 9 L$562.50b 1.69% 8 L$202.7b 3.76% 5 No. of banks 14

84 October 2009, utilizing data as at 30 September 2009 and updated as at 31 December 2009. 2.2 The objective of the examination was to assess the condition and performance of the bank using the Risk Assessment System (RAS) and the CAMELS rating model. 2.3 The examination focused on the evaluation of the bank’s level of risk, and effectiveness of risk management and internal control systems in the following functional areas which were perceived to be of moderate or high risk to the institution: a) Treasury; b) Branch Operations; c) Centralized Operations; d) Corporate & Institutional Banking; e) Advisory Services; f) International Banking & Treasury Back Office; g) Legal and Compliance; h) Finance and Accounting; i) Information & Communication Technology; and j) Internal Audit.

85 SECTION B: SUMMARY OF FINDINGS & MATTERS REQUIRING ATTENTION

86 3 SUMMARY OF FINDINGS 3.1 The overall composite risk in Monrovia Bank was considered moderate and the direction increasing. The level of overall inherent risk was rated moderate and the quality of overall risk management systems was considered acceptable. 3.2 The composite CAMELS rating assigned to this institution is “2” i.e. “satisfactory” a downgrade from the previous rating of “1” i.e. “strong” assigned in the previous examination conducted in 2007. Risk Management Issues… 3.3 The institution has failed to achieve some of its strategic goals due to low capitalization and lack of shareholder support. 3.4 The bank is not conducting stress testing on its credit portfolio to assess the extent of risk to earnings and capital from deterioration in asset quality. 3.5 Credit risk analysis reports, liquidity gap and interest rate risk management processes are not automated heightening exposure to human error. 3.6 Liquidity stress testing methodology and assumptions have not been approved by the board, compromising board and senior management oversight. 3.7 The bank’s operational risk management system is deficient as assessment of key risk indicators was confined to two business units. 3.8 At the time of the examination, the bank had two pending lawsuits involving over L$ 70,000, which have a potential to erode the bank’s capital base. CAMELS Issues… 3.9 Capital was considered inadequate to fund planned capital expenditure such as upgrading of information systems and branch network expansion. 3.10 At the time of the examination, management had not addressed a number of issues raised by internal audit which are detailed in report. 3.11 The bank underestimated inherent credit risk in some exposures through assigning inappropriate loan grades. 3.12 The bank has not formalised liquidity contingency arrangements with Monrovia Holdings and ABC Insurance Limited.

87 4 MATTERS REQUIRING ATTENTION 4.1 The board and management of Monrovia Bank are required to address weaknesses outlined below. Ref Matters Requiring Attention Priority4 Timeframe 1.4 There is need to regularise the Monrovia Employee Share Trust to ensure that it is governed by a trust deed. Medium 31-Mar-2011 6.7 There is need for shareholder support to ensure adequate capitalisation so as to meet strategic imperatives. High Immediate 6.12 & 6.17 The bank should automate major risk management processes to ensure adequate estimation and monitoring of risks. High On-going 6.12& 6.17 The bank should conduct stress testing on its credit portfolio, and procedures for liquidity stress testing should be formally adopted by senior management and the board. High Immediate 7.3.7 & 7.3.8 The bank should regularise the composition of its Audit Committee and ensure timeous response to internal audit findings High 31-Jan-2011 7.2.4 The bank should ensure that correct grades are assigned to loans to avoid understating credit risk. High 31-Jan-2011 6.17 The bank should formalise the standby liquidity contingency arrangement with Monrovia Holdings and ABC Insurance Limited. Medium 31-Mar-2011 5 COMPLIANCE ISSUES 5.1 The Audit Committee is composed of two independent non-executive directors and one non-executive director in violation of Corporate Governance Regulation for Financial Institutions.

4 High Priority - Finding indicating significant control weakness (es) which should be addressed immediately, Medium Priority - Finding indicating significant control weakness (es) which should be addressed in the medium term, Low Priority - Finding indicating insignificant control weakness (es) which can be addressed in the normal course of business.

88 SECTION C: CORE ASSESSMENT

89 6 RISK MANAGEMENT REVIEW Overall Risk Rating… 6.1 The overall composite risk in Monrovia Bank was considered moderate and the direction increasing. The level of overall inherent risk was rated moderate and the quality of overall risk management systems was considered acceptable. 6.2 The bank’s risk profile is summarized in the matrix below. Type of Risk Level of Inherent Risk Adequacy of Risk Mgt. Systems Overall Composite Risk Direction of Overall Composite Risk Credit Risk Low Acceptable Low Stable Liquidity Low Acceptable Low Stable Interest Rate Moderate Acceptable Moderate Stable Foreign Exchange Low Strong Low Stable Strategic Risk Moderate Acceptable Moderate Increasing Operational Risk High Acceptable High Increasing Legal & Compliance Moderate Acceptable Moderate Increasing Reputation Moderate Acceptable Moderate Stable Overall Moderate Acceptable Moderate Increasing Risk Management review is an assessment of the financial institution’s risk profile, i.e.; the type and levels of its inherent risks, the quality of risk management over such risks and the resulting composite risk rating, which is achieved by balancing the overall level of inherent risk of the activity with the overall strength of the risk management systems for the activity. Basic elements of a sound risk management system as stated in the Central Bank Risk Management Guidelines are active board and senior management oversight, adequate policies, procedures and limits, adequate risk monitoring and management information systems and adequate internal controls. The direction of risk over the next 12 months is also looked at. In assessing the inherent/quantity of risk, examiners must concentrate on understanding and identifying the risk drivers for each risk category because this is useful in describing the inherent risk. Secondly, assessing the quality of risk management should be guided by the framework of the key components of board and management oversight, adequate policies, procedures and limits, internal control and MIS. The assessment of composite risk heavily depends on the quantity and adequacy of risk management. The direction of risk should guide the supervisory strategy, where more time and resources should be devoted to those areas where the direction is increasing.

90 Strategic Risk… 6.3 The overall composite strategic risk was considered moderate. The level of aggregate inherent strategic risk was rated moderate. 6.4 Monrovia Bank has failed to achieve its target to become one of the top three banks by the year 2009. The vision was underpinned by the planned opening of at least 11 branches and expanding the ATM network by end of 2009. However, only one branch was opened and the bank failed to expand its ATM network due to funding constraints. 6.5 The bank also failed to upgrade information technology systems which are also critical to the attainment of its vision. 6.6 The quality of aggregate strategic risk management systems is acceptable. 6.7 Although board and senior management oversight was considered acceptable, the examination noted that the bank does not have an internal capital management framework. 6.8 The direction of strategic risk is increasing due to low capitalization and lack of shareholder support which have militated against the implementation of the strategy and achievement of set targets. Credit Risk… 6.9 The overall composite credit risk was rated low. The level of aggregate inherent credit risk was considered low. 6.10 The bank’s loan book of L$23.35 billion constituted only 3.20% of the bank’s total assets of L$729.49 billion as at 30 September 2009. There was a low level of adversely classified loans of 1.28% of the total loan book. 6.11 The quality of aggregate credit risk management systems is acceptable. 6.12 Board and senior management oversight was considered acceptable. However, the examination noted that the bank has taken long to incorporate the group rating systems introduced in 2006 into its Credit Policy & Procedures Manual and failed

91 to document and validate the Credit Rating System and Loan Pricing Tool models. 6.13 Further, effective credit risk monitoring was compromised by the bank’s core banking system’s inability to produce adequate credit risk analysis reports and absence of stress testing on the bank’s credit portfolio to assess the extent of vulnerability to deterioration in asset quality. 6.14 The direction of credit risk is stable on account of the size of the loan book and the low level of non-performing loans. Liquidity Risk… 6.15 The overall composite liquidity risk was rated low. 6.16 The level of aggregate inherent liquidity risk was considered low on account of the following: i. An increasing and stable deposit base dominated by retail deposits constituting 99.97% of total deposits as at 31 December 2009. ii. Adequate stock of liquid assets available to cover the negative maturity gap of L$12.72 billion in the 0 to 30 day time band. iii. However, there was high concentration risk as reflected by the ratio of the top twenty depositors to total deposits of 86.81% as at the end of September 2009. 6.17 The quality of aggregate liquidity risk management systems was considered acceptable 6.18 The board and senior management review the bank’s exposure to liquidity risk in sufficient detail on a regular basis and the bank has adequate structures and processes to monitor and manage risk through committees, stress testing and gap analysis. 6.19 Although the bank conducts liquidity stress testing, the methodology and associated assumptions have not been formally adopted by senior management and the board. Further, the institution does not have an automated system to

92 produce liquidity risk management reports, resulting in the maturity gap analysis being prepared manually, compromising the integrity of reports produced. 6.20 The standby facilities with Monrovia Holdings and ABC Insurance Limited have not been formalized by a signed agreement. 6.21 The direction of liquidity risk is stable on account of the stable deposit base. Interest Rate Risk… 6.22 The overall composite interest rate risk was considered moderate. The level of aggregate inherent interest rate risk was rated moderate on the basis of a liability sensitive book of L$11.54 million in the 0-30 day time band which would potentially reduce earnings in the event of an increase in interest rates, in an environment of rising interest rates. 6.23 The quality of aggregate interest rate risk management was considered acceptable. 6.24 The bank’s policy governing interest rate risk management was considered satisfactory. However, the tools used by the bank to measure and monitor interest rate risk are not documented and incorporated into the policy. 6.25 The repricing gap analysis and stress testing processes are not automated thereby heightening exposure to human error and inaccurate determination of interest rate risk arising from the bank’s activities. 6.26 The direction of interest rate risk is stable due to the bank’s funding structure which is skewed towards cheap retail deposits which are less interest rate sensitive. Foreign Exchange Risk… 6.27 The overall composite foreign exchange risk was considered low. The level of aggregate inherent foreign exchange risk was rated low on account of low foreign exchange exposure. Foreign currency denominated loans amounted to USD60.49

93 million as at 30 September 2009, and constituted less than 3% of the bank’s total assets. 6.28 The loans which are used to finance international trade pose minimum funding risk as they are financed by revolving offshore credit lines acquired by Monrovia Bank from Globe Watch and Monrovia Group. 6.29 The quality of aggregate foreign exchange risk management was considered strong. 6.30 The bank’s foreign exchange risk policy was considered adequate. Tools employed by the bank to manage foreign exchange risk were considered appropriate and adequate. 6.31 The direction of foreign exchange rate risk is stable based on the low exposure to foreign exchange risk and the strong risk management systems in place. Operational Risk… 6.32 The overall composite operational risk was considered high. The level of inherent operational risk was considered high. 6.33 The bank is using an outdated version of Nexus which requires excessive human intervention, exposing the bank to the risk of human error and fraud. 6.34 The bank has vacancies in critical functional areas which compromise segregation of duties and service delivery in IT, Finance and internal Audit. As at the examination date, the bank had long outstanding items in its nostro and suspense accounts exposing the bank to the risk of fraud. 6.35 The quality of the group’s aggregate operational risk management systems was considered acceptable. 6.36 Board and senior management oversight was considered acceptable. 6.37 Monrovia Bank’s operational risk management system was found deficient as the business resumption plan has not been adopted by the board and the assessment of key risk indicators is confined to two business lines, Retail Operations and

94 Human Resources. Further, there are no methods for estimating losses arising from other lines of business. 6.38 The direction of operational risk is increasing due to the deficiencies noted in the bank’s management information system and the lack of capital to fund the necessary system upgrades. Legal and Compliance Risk… 6.39 The overall composite legal and compliance risk was considered moderate. 6.40 The level of aggregate inherent legal and compliance risk was considered moderate. 6.41 As at examination date, the bank had two pending litigation cases involving over L$70,000. The lawsuits have a potential to erode the bank’s capital base and increase reputation risk in the event of adverse judgments. 6.42 The composition of the Audit Committee is in violation of Corporate Governance Regulation for Financial Institutions which requires that all members of the Audit Committee be independent non-executive directors. 6.43 The quality of aggregate legal and compliance risk management systems were considered acceptable. 6.44 Board and senior management oversight of legal and compliance risk was considered acceptable. 6.45 Although the bank is guided by comprehensive group policies and procedures for legal and compliance risk management, there is no structured system for identifying potential compliance breaches. 6.46 The Legal and Compliance function failed to complete compliance audits scheduled for 2009 due to inadequate staffing levels. This compromised internal controls in the management of legal and compliance risk. 6.47 The direction is increasing due to the pending lawsuits faced by the institution and their potential impact on the institution’s capital base.

95 Reputation Risk… 6.48 Reputation risk was considered moderate. 6.49 The level of aggregate inherent reputational risk was considered moderate. 6.50 The bank received the 2009 Globe Watch Financial Institution’s Award for Innovation and was assigned an A rating by the Global Credit Rating Company in 2009. 6.51 However, numerous complaints and interest claims from customers in respect of delays in the processing of payment instructions may have a negative effect on the bank’s reputation. 6.52 The quality of aggregate reputational risk management systems was considered acceptable. 6.53 Board and senior management oversight of reputation risk was considered acceptable. 6.54 The bank’s reputation risk management policy was considered comprehensive. However, the bank does not have a documented Complaints Handling policy to guide staff on resolution of clients’ grievances. 6.55 The examination noted that the complaints registers were not being regularly checked by management, compromising the measurement, monitoring and control of exposure to reputation risk. 6.56 The direction of reputation risk is stable based on the positive impact of the Globe Watch award and the high credit rating by the Global Credit Rating Company.

96 7 CAMELS ASSESSMENT 7.1 CAPITAL ADEQUACY Capital adequacy is evaluated in relation to supervisory guidelines; overall financial condition; the nature, trend, and volume of marginal and sub-quality assets; intangibles; off-balance sheet activities, and earnings; balance sheet composition, interest rate risk, concentration risk, and nontraditional activity risk, growth trends and prospects; and the strength of management. Additional consideration is given to retention of earnings and overall interest-rate risk in light of capital needs; reasonableness of dividends; access to external sources of capital and other appropriate sources of financial assistance; and plans for maintaining adequate capital and for correcting deficiencies. 7.1.1 Capital adequacy was rated ‘3’ i.e. ‘fair’. 7.1.2 The bank’s net capital base of L$8.95 billion as at 31 December 2009 compared unfavorably with the industry average of L$95.63 billion. 7.1.3 Low capitalization has constrained business growth and capacity to generate earnings, which are critical for capital growth. 7.1.4 Capital constraints have been compounded by apparent lack of shareholder support and absence of an internal capital management framework. 7.1.5 Although the shareholders endorsed the proposed merger of Monrovia Bank and ABC Housing bank as a means to address the bank’s perennial low capitalization, no concrete steps had been taken towards implementation of the strategy as at examination date. 7.1.6 In view of the foregoing, the capacity of the bank to grow and strengthen its capital base is diminished. 7.1.7 The table below highlights trends in the capital adequacy indicators for Monrovia Bank Limited: Table 5: Capital Adequacy Indicators Capital Adequacy Indicators 31-Dec-09 30-Sep 10 31-Dec-10 Ind. Ave. Equity to assets (%) 18.29% 0.39% 25.65% 31-42.57% Dec-08 Tier 1 ratio (%) 11.39% 11.13% 73.28% 34.06% Capital adequacy ratio (%) 21.19% 11.61% 73.33% 43.05% Net Capital base L$62.29b L$2.94b L$8.95b L$95.63

97 7.2 ASSET QUALITY Asset quality is evaluated in relation to the level, distribution, trend and severity of asset classifications; the level, composition, and trend of past due, non-accrual, and non-performing loans; the adequacy of provisions for bad debts; and the demonstrated ability to administer and collect problem credits and the general economic environment. In addition, the quality of investments, the adequacy of investment policies, trading account activities, as well as the volumes associated with off-balance sheet items, are assessed. Also considered are any unusual concentrations of credits; investments and transfer, trend and volume assets listed for special mention; criticized or classified loans to insiders or their related interests; volume and quality of participation, and the effectiveness of lending policies and credit administration procedures. 7.2.1 Asset quality was rated “2” i.e. “satisfactory”. 7.2.2 There is minimal credit risk in the bank’s loan portfolio as reflected by non-performing loans totaling L$299.47 million which constituted 1.28% of the total loan book of L$23.35 billion. 7.2.3 The bank’s loan book was fairly distributed across economic sectors as depicted in the diagram below: Figure 1: Sectoral Exposures as at 30 September 2009 7.2.4 In general, the bank’s loan classification system has enabled proper and timely classification and loan loss provisioning. However, there were a few instances where the bank underestimated credit risk inherent in some exposures and consequently assigned inappropriate grades as detailed in Appendix (iii) in the supplementary section. This has the potential effect of the bank setting aside inadequate provisions for loan losses, thereby overstating earnings and capital. 7.2.5 The bank’s credit policies, structures and procedures provide adequate guidance to the lending function. However, the bank has not updated its Policy & Procedures Manual, as it refers to credit classifications that have been phased out by the bank. Agriculture (14%) Other Sectors (19%) Transport (6%) Manufacturing (20%) Mining (23%) Parastatals & Gvt. (10%) Tourism (8%)

98 7.3 MANAGEMENT 7.3.1 Management was rated “3” i.e. “fair”. 7.3.2 Management has been able to maintain the institution’s profitability and increase its deposit base despite the difficult operating environment. 7.3.3 However, the bank’s management has been unable to effectively address persistent low capitalization which is negatively affecting strategy implementation and competitiveness as noted in point 6.7. 7.3.4 Failure to upgrade the bank’s core banking system has heightened operational risk from human intervention in risk management processes for risks such as interest rate and liquidity risks. 7.3.5 The bank is failing to retain key skills. A key managerial position in Risk Management was vacant at the time of the examination, while the internal audit function failed to complete scheduled audits for 2009 due to inadequate human resources. 7.3.6 Management is not enforcing the requirement for staff in the Finance and Administration Departments to sign acknowledgement of having read and understood the Policies and Procedures Manual. There is risk that some staff members may not be aware of the bank’s stated policies, resulting in inconsistencies in the application of certain procedures. 7.3.7 The bank should ensure independence of the Audit Committee through regularization of the committee’s composition in line with the provisions of Corporate Governance for Financial Institutions. 7.3.8 Management’s responsiveness to audit findings was considered inadequate as reflected by failure to resolve the issues highlighted by internal audit in 2009 which included under-insurance of motor vehicles and ICT equipment and absence of a Marketing and Public Relations Procedures Manual, among others. Management is evaluated against all factors necessary to operate the bank in a safe, sound manner and in accordance with acceptable practices. Consideration is given to technical competence, leadership, and administrative ability; compliance with regulations and guidelines; ability to plan and respond to changing circumstances; effectiveness of management information systems; adequacy of and compliance with internal policies; responsiveness to recommendations from auditors and supervisory authorities; tendencies towards self-dealing; demonstrated willingness to serve the legitimate banking needs of the community; and management depth and succession. In addition, consideration is given to the extent that management is affected by or susceptible to dominant influences or concentrations of authority.

99 EARNINGS 7.3.9 Earnings were rated ‘3’ i.e. ‘fair’ 7.3.10 The bank reported a net profit of L$8.95 billion for the twelve months ended 31 December 2009. This, however, compares unfavorably with the peer average of L$72.83 billion as shown in Appendix (ii) of the supplementary section. 7.3.11 Foreign exchange income constituted the bulk (25%) of the bank’s earnings of due to the high proportion of foreign currency denominated loans and deposits. The institution’s performance indicators are highlighted in the table below: Table 7: Earnings Performance Indicators 7.3.12 The cost-to-income ratio improved from 25.47% as at 31 December 2009 to 0.87% as at 31 December 2009 mainly due to interest income earned on foreign exchange deals which matured at year end. 7.3.13 The proportion of interest earning assets was lower over the year to 31 December 2009, compared to previous periods as shown in Appendix (v) of the supplementary section. Consequently, the net interest margin deteriorated from 19.09% to 9.37% and was below the industry average of 33.46%. Earnings are evaluated in relation to the ability to support present and future operations, cover losses, and provide for adequate capital. The level and trend of profits/losses, the quality and composition of net income, the strength of net interest margin, the vulnerability to changes in economic conditions and rate scenarios are considered. Consideration is also given to the adequacy of provisions to loan losses, compliance with proper accounting procedures, and the extent to which extraordinary items, securities transactions, premises sale/leasebacks, tax effects and other nonrecurring transactions contribute to net income. KEY INDICATORS 30.09.07 31.12.07 30.09.08 31.12.08 Ind. Av. as at 31.12.08 Return on Assets 5.77% 8.60% 0.61% 40.01% 40.80% Return on Equity 98.22% 47.02% 47.70% 100.00% 74.23% Net Interest Margin 7.10% 19.09% 1.42% 9.37% 33.46% Cost/Income 18.56% 25.47% 63.82% 0.87% 11.66% Cost of funds 2.10% 5.71% 0.04% 3.08% 32.38% Net profit/loss L$50.44 L$331.74 L$2.83m L$8.95b L$72.83b

100 7.4 LIQUIDITY & FUNDS MANAGEMENT Liquidity and funds management are evaluated in relation to the overall effectiveness of asset and liability management, degree of deposit concentration, existence and adequacy of contingent funding plans, and general economic environment. Consideration is given to the composition and stability of deposits; the availability of funds and the degree and trend of reliance on short-term, volatile sources of funds, the nature, trend, and volume of off-balance sheet activities; and interest rate risk management. 7.4.1 Liquidity and funds management was rated “2” i.e. “satisfactory”. 7.4.2 The institution’s funding base of L$562.50 million as at 30 September 2009 and L$20.27 billion as at 31 December 2009, was largely dominated by stable retail deposits. The retail deposits constitute over 99% of the bank’s total deposit base. 7.4.3 Top twenty depositors constituted 86.81% of total deposits as at 30 September 2009 reflecting a high level of concentration in funding sources. 7.4.4 The bank’s maturity profile indicates a positive net funding gap of L$10.07 billion in the 0-30 day time band as at 31 December 2009. This was an improvement from a negative net funding position of L$12.72 million at the end of 30 September 2009. 7.4.5 The bank was a net lender on the inter-bank market from February to September 2009 and last accessed lender of last resort facilities in February 2009. 7.4.6 The bank’s liquidity risk management systems were considered acceptable given the size and complexity of the institution. 7.4.7 However, the examination noted some deficiencies which included the lack of an automated asset liability management system and the need for the formal adoption of the liquidity management tools as detailed in 6.19. 7.4.8 Stress test results produced by the bank over the review period revealed that the bank is generally resilient to liquidity shocks such as a loss of 60% of deposits.

101 7.5 SENSITIVITY TO MARKET RISK Sensitivity to market risk reflects the degree to which changes in interest rates, foreign exchange rates, commodity prices, or equity prices can adversely affect earnings or the economic value of capital; the ability of management to identify, measure, monitor, and control exposures to market risk given the bank’s size, complexity, and risk profile; the nature and complexity of interest rate risk exposure arising from non-trading positions; and, where appropriate, the nature and complexity of interest rate risk arising from trading and foreign operations. 7.5.1 Sensitivity to Market Risk was rated ’2’ i.e. “satisfactory”. 7.5.2 Board and senior management receive adequate information to facilitate effective oversight of interest rate risk management. The institution had a negative cumulative repricing gap of L$11.54 million in the 0-30 day time band as at 30 September 2009 which would negatively affect earnings in the event of an increase in interest rates. 7.5.3 The bank’s net interest margin has been highly volatile and below industry average. The volatility in the net interest margin has been attributed to unexpected changes in interest rates which significantly altered the bank’s profitability. Figure 4: Net Interest Margin vs Industry Average 7.5.4 Stress test results using the Central Bank of Liberia’s model indicate that as at 1 October 2009, the bank’s earnings are generally vulnerable to an increase in interest rates. However, this is mitigated by its funding structure which is skewed towards relatively cheap retail deposits which are less interest rate sensitive. 7.5.5 The bank’s total foreign currency denominated loans of US60.49 million posed minimum exposure to funding risk as they were financed by revolving offshore credit lines. -40.00% -20.00% 0.00% 20.00% 40.00% Net Interest Margin vs Industry Average Net Interest Margin Industry Average

102 SECTION D: COMPLIANCE ASSESSMENT

103 8 SMAART REVIEW Systems… 8.1 The group has a documented Compliance Policy, Compliance Manual, Enterprise Governance and Compliance Framework, and an Anti-Money Laundering Manual which have been adopted by the board. 8.2 The compliance function does not have a formalized complaints procedure and policy manual which clearly sets out how customer complaints are received, documented and resolved. Compliance function needs to put in place an automatic system which identifies potential compliance breaches in advance. Monitoring… 8.3 Compliance monitoring was considered inadequate as the institutions failed to adhere to the compliance program as well as conduct compliance audits, periodic checks and follow-ups to assess compliance risk within business units since January 2009. Further, there is need for the function to consider the use of key indicators such as escalation triggers, and breach and near miss logs to monitor compliance risk. Assessment… 8.4 The compliance function is not conducting compliance audits as per the compliance audit program. 8.5 Quarterly reports presented to the Risk and Compliance Committee were found to be detailed and adequate. Accountability… 8.6 The Legal and Compliance unit reports functionally to Risk and Compliance Committee and administratively to the bank’s Managing Director. 8.7 The Legal and Compliance executive also attend board audit committee meetings by invitation.

104 8.8 Board oversight on compliance issues was considered satisfactory. The board has overall accountability of compliance and legal issues in the bank. Response… 8.9 The board and senior management’s responsiveness to compliance risk management is lacking as evidenced by absence of compliance training of staff and an ineffective use of compliance monitoring tools. 8.10 Further, the bank is yet to address issues highlighted by Group Internal Audit which include implementing an effective monitoring program and compliance checklist. Training… 8.11 The compliance function has not conducted formal training to staff members on compliance issues, with the exception of a refresher course on Anonymous Tip-offs. Compliance with Previous Examination & Audit Recommendations… 8.12 Management’s responsiveness to audit findings was considered inadequate. At the time of the examination, the following internal audit findings remained unresolved: a) under-insurance of motor vehicles and ICT equipment (highlighted in the January 2009 audit); b) absence of a Marketing and Public Relations Procedures Manual (highlighted in the February 2009 audit); and c) failure to conduct follow-ups on duplicated RTGS transaction payments (highlighted in October 2009).

105 SECTION E: SUPPLEMENTARY SECTION

106 APPENDIX I: SUMMARY OF KEY RATIOS KEY RATIOS 30-Sep-07 31-Dec- 07 30-Sep 08 31-Dec-08 Ind. Ave. CAPITAL ADEQUACY INDICATORS Equity to assets 5.88% 18.29% 0.39% 25.65% 42.57% Tier 1 ratio 10% 11.39% 11.13% 73.28% 34.06% Capital adequacy ratio 12.03% 21.19% 11.61% 73.33% 43.05% Net Capital base L$55.9 L$612 L$2.94m L$8.95b L$95.63b Insider loans/Core capital 1.53% 1.47% 0.48% 0.00% 0.00% ASSET QUALITY INDICATORS Total Loans & advances L$269.05 L$0.00 L$12.21m L$302.25b L$86.86hb Adversely Classified Loans/Total Loans 0.35% 0.06% 2.44% 0.86% 16.28% Provisions for loan and lease losses/Total Loans 4.00% 4.00% 2.93% 1.95% 424.94% Large exposures/capital 320.66% 65.89% 156.97% 14.86% 16.11% Specific provisions/ACLs 2.47% 0.13% - 0.00% 12.96% EARNINGS INDICATORS Return on assets (ROA) 5.77% 8.60% 0.61% 40.01% 40.80% Return on equity (ROE) 98.22% 47.02% 100.00% 100.00% 74.23% Net Interest Margin 7.10% 19.09% 1.42% 9.37% -34.67% Cost/Income 18.56% 25.47% 63.82% 0.87% 11.66% Average Cost of funds 2% 2.81% 0.04% 3.08% 32.38% Average Yield on advances 84.66% 12.05% 12.25% Net profit/loss L$504.4 L$332 L$2.83b L$8.95b L$72.83 b MEASURES OF LIQUIDITY AND FUNDS MANAGEMENT Total deposits L$49.21 L$1,717 L$562.49b L$20.27b L$538.44b Central bank borrowings/total deposits 4% 20.02% 0.00% 0.00% 16.46% Inter-bank borrowings/total deposits 2% 10.69% 0.00% 0.00% 9.02% Prudential liquidity ratio 73.70% 29.41% 96.85% 550.69% 117.87% Total deposits/total assets 55.83% 46% 77.11% 58.11% 26.70% Total loans/total deposits 54.82% 67.86% 2.17% 1.49% 611.73% CUMULATIVE GAP 0-30 Days -L$38.54 L$131.3m -L$378 L$10.07b L$21.35b 0-90 Days -L$11.70 L$112.17m -L$442 L$5.44b L$340.93b 0-365 Days L$40.25 L$16.18m L$123 L$8.95b -L$1.59b INTEREST RATE SENSITIVITY RATIO 3 months 91.23% 95.54% 52.14% 141.76% 224.85% 6 months 96.90% 102.30% 53.06% 141.76% 217.64% 12 months 104.50% 102.31% 61.06% 159.06% 166.71%

107 APPENDIX II: SUMMARY OF ADVERSELY CLASSIFIED LOANS Listed below, is a selection of credit facilities to which adverse classifications have been assigned. The classifications assigned to these assets are as follows: Substandard, Doubtful and Loss. CLIENT EXPOSURE CLASSIFICATION WM Holdings P/L L$196.79 million Doubtful Worldmine Holdings (Pvt) Ltd (WM) is the holding company of Sinoe, Mineral Enterprise, Phosphat Miners, Field Agriculture and other subsidiaries. The company was placed under judicial management in 2008 and is currently undergoing re-construction. The Government of Liberia currently holds 100% shareholding in WM. WM was granted a USD4.4 million offshore loan facility on 2 June 2007, to finance Field Agriculture’s export orders. Following failure by the client to honor obligations, the facility which expired on 30 September 2009 was extended to 31 March 2009 and further re-negotiated to expire on 31 March 2009 on a reduction basis. As at 31 October 2009, the amount outstanding was USD1.48 million, instead of USD1.12 million in terms of the renegotiated loan terms. There was no timely repayment of both principal and interest for a period of more than 180 days. CLIENT EXPOSURE CLASSIFICATION Progress Timbers L$81.24 million Doubtful Progress Timber (PT) is 100% by the Government of Liberia and is into timber plantations and sawmilling. The company has been accessing offshore facilities from Monrovia since 2005. PT was granted a USD1.5 million offshore “confirmed order” facility on 23 July 2009, which expired on 31 October 2009. Due to poor repayment performance, the facility was then converted into a “debt-refinancing” loan which expired on 30 April 2009, without being fully repaid. As at 30 September 2009, the facility was in arrears by over 210 days.

108 The company’s board and management have not demonstrated capacity to efficiently manage PT’s finances. CLIENT EXPOSURE CLASSIFICATION Prgress Timbers Saligna (PTS) L$9.69 million Doubtful The company was established in 1965 as a family business until 1 July 2003, when it was acquired by Progress Timbers Liberia. The company is involved in timber growing and processing in Pleebo, Maryland County. The client was granted an off-shore facility for USD400,000 to finance importation of timber logging equipment, machinery spares and accessories. The facility expired on 31 October 2009, and to date the client is yet to fully expunge the debt. The holding company, PTG is also facing financial challenges. Security in the form of promissory notes issued by borrower for amounts equivalent to each advance drawn down and assignment of export contracts is considered weak. CLIENT EXPOSURE CLASSIFICATION Max West P/L L$6.40 million Sub-Standard Max West (Pvt) Ltd was established in 1962 and is involved in the manufacture of welded steel chains. The client was granted a 180 day pre-shipment off-shore finance facility for USD400 000.00 expiring on 31 January 2009. The facility was extended several times and has been operating in excess on several occasions. Proposed repayment plans have not been adhered to due to inconsistent export proceeds. Financials have not been submitted as per standard terms of loan facilities rendering analysis of financial performance difficult.

109 APPENDIX III: INCOME STATEMENTS INCOME STATEMENT FOR THE PERIOD ENDED: 30-Sep-07 31-Dec-07 30-Sep-08 30-Sep-08 L$ L$ L$ (000) L$ (000) Interest Income 590.75 4,756.89 10,339.04 3,643,041.77 RSD-Interest Income from Loans Advances and Leases 202.19 2,210.28 9,767.23 2,145,572.58 ZW-Interest Income on Balances with Banking Institutions 62.19 158.36 48.23 930,287.61 RSD-Interest Income On Investments & Securities 326.37 2,388.25 523.59 567,181.57 Interest Expense 108.61 1,014.20 200.54 623,652.65 RSD-Interest Expense On Deposit Accounts 67.96 498.50 132.72 28,888.78 RSD-Interest Expense On Central Bank Loans .00 4.61 .00 .00 RSD-Interest On Local banks Loans - Interbank Loans 30.48 .55 57.07 206.26 RSD-Other Interest Expenses 10.17 510.54 10.75 594,557.61 Net Interest Income 482.14 3,742.69 10,138.50 3,019,389.12 Total Provisions For Current Period 107.14 481.68 122.18 5,879.14 RSD-Specific Provisions .00 .00 .23 .00 RSD-General Provisions 107.14 481.68 121.95 5,879.14 Net Interest after Provisions 375.00 3,261.01 10,016.32 3,013,509.98 Non - Interest Income 621.46 3,848.31 2,421.68 11,064,914.91 RSD-Foreign Exchange 93.68 1,825.17 1,207.38 10,976,028.88 RSD-Fees and Commission 492.18 2,002.87 1,207.12 88,885.72 RSD-Other Non-Interest Income 35.60 20.27 7.17 0.31 Non - Interest Expenses 202.16 1,933.66 8,016.27 122,877.41 RSD-Salaries and Employee Benefits 107.01 667.78 1,196.03 .47 RSD-Occupancy - Net of Rental 3.63 17.93 238.26 9.24 RSD-Other Non-Interest Expenses 91.51 1,247.95 6,581.98 122,867.70 Net Non - Interest Income 419.30 1,914.65 -5,594.59 10,942,037.50 Income (Loss) before Taxation 794.30 5,175.66 4,421.73 13,955,547.48 RSD-Taxation 285.16 1,853.50 1,587.40 5,010,041.55 Net Income / (Loss) after Taxation 509.15 3,322.16 2,834.33 8,945,505.94 RSD-Extraordinary Items .00 Net Income / (Loss) 509.15 3,322.16 2,834.33 8,945,505.94 RSD-Provisions for Dividends 4.71 4.71 .00 .00 Retained Earnings 504.44 3,317.45 2,834.33 8,945,505.94

110 APPENDIX IV: BALANCE SHEETS BALANCE SHEETS AS AT: 30-Sep-07 31-Dec-07 30-Sep-08 31-Dec-08 L$ L$ L$ (M) L$(10’000) ASSETS DOMESTIC NOTES AND COINS 16.48 322.44 36.48 .04 BALANCES WITH CENTRAL BANK 514.31 5,454.47 658,497.65 27,602,580.32 BALANCES WITH DOMESTIC BANKING INSTITUTIONS 8.00 .00 23,421.47 93,878.72 ASSETS IN TRANSIT .67 10.93 .00 .00 BALANCES WITH FOREIGN INSTITUTIONS 3,334.26 4,680.90 12,715.87 .24 SECURITIES AND INVESTMENTS 535.72 4,195.22 7,948.72 3,506,658.94 LOANS & ADVANCES 571.04 4,054.79 7,216.78 302,254.12 FOREIGN CLAIMS (INCLUDING BILLS OF EXCHANGE) 2,155.37 8,018.52 4,981.48 .23 REPOSSESSED PROPERTIES / ASSETS .00 FIXED ASSETS 107.21 5,820.23 9,012.72 .00 RSD - BS OTHER ASSETS 449.27 4,311.09 5,576.81 3,375,186.32 TOTAL ON-BALANCE SHEET ASSETS 7,692.33 36,868.59 729,408.00 34,880,558.94 OFF-BALANCE SHEET ITEMS 1,127.21 1,759.33 80.13 .00 TOTAL ASSETS 8,819.54 38,627.92 729,488.13 34,880,558.94 EQUITY AND LIABILITIES TOTAL DEPOSITS 4,923.61 17,768.35 562,497.39 20,268,849.72 DEPOSITS WITH OTHER BANKS 219.00 1,900.00 DEMAND DEPOSITS 791.50 7,467.40 542,379.73 20,211,771.92 SAVINGS DEPOSITS 12.12 272.61 7,857.87 51,758.10 TIME DEPOSITS/FIXED DEPOSITS 392.67 3,369.24 3.01 5,319.43 FOREIGN CURRENCY DEPOSITS 3,508.32 4,759.10 12,256.77 .27 NEGOTIABLE CERTIFICATES OF DEPOSIT .00 AMOUNTS OWING TO CENTRAL BANK 89.30 3,554.69 .18 .00 LIABILITIES IN TRANSIT .32 19.42 2,127.33 43,979.61 FOREIGN LIABILITIES 1,774.80 1,414.19 8,262.35 .27 SECURITIES .00 CAPITAL AND RESERVES 518.39 7,065.26 2,834.33 8,945,505.94 OTHER LIABILITIES 385.91 7,046.68 153,686.42 5,622,223.40 TOTAL ON-BALANCE LIABILITIES 7,692.33 36,868.59 729,408.00 34,880,558.94 OFF-BALANCE SHEET ITEMS - LIABILITIES 1,127.21 1,759.33 80.13 .00 TOTAL EQUITY AND LIABILITIES 8,819.54 38,627.92 729,488.13 34,880,558.94

105 APPENDIX V: DETAILED RISK MATRIX INHERENT RISKS RISK MANAGEMENT SYSTEMS FUNCTIONAL ACTIVITIES Credit Market: a) Interest rate Market: b) Foreign Exchange Liquidity Operational Legal & Compliance Reputation Strategic Oversight Policies and Procedures Risk Measurement Internal Controls FUNCTIONAL COMPOSITE RISK Treasury Low Moderate Moderate Low Moderate Low Moderate Moderate Acceptable Moderate Corporate Banking Moderate Low Moderate Acceptable Moderate Branch Operations Moderate Low High Moderate Acceptable Moderate Centralised Operations Low High Moderate Acceptable Moderate Information Technology N/A High Moderate Weak Acceptable Moderate AGGREGATE INHERENT RISK Low Moderate Low Low High Moderate AGGEGATE RISK MANAGEMENT SYSTEMS Acceptable Acceptable Strong Acceptable Oversight Acceptable Policies and Procedures Acceptable Risk Measurement Acceptable Weak Acceptable Acceptable OVERALL INHERENT RISK Moderate Internal Controls Moderate Acceptable OVERALL RISK MANAGEMENT SYSTEMS Acceptable OVERALL COMPOSITE RISK Low Moderate Low Low High Moderate OVERALL COMPOSITE RISK Moderate DIRECTION OF OVERALL COMPOSITE RISK Stable Increasing Increasing Stable Increasing DIRECTION OF OVERALL COMPOSITE RISK Increasing

112 KEY: LEVEL OF INHERENT RISK Low – reflects a lower than average probability of an adverse impact on a banking institution’s capital and earnings. Losses in a functional area with low inherent risk would have little negative impact on the banking institution’s overall financial condition. Moderate – could reasonably be expected to result in a loss which could be absorbed by a banking institution in the normal course of business. High – reflects a higher than average probability of potential loss. High inherent risk could reasonably be expected to result in a significant and harmful loss to the banking institution. ADEQUACY OF RISK MANAGEMENT SYSTEMS Weak – risk management systems are inadequate or inappropriate given the size, complexity and risk profile of the banking institution. Institution’s risk management systems are lacking in important ways and therefore a cause of more than normal supervisory attention. The internal control systems will be lacking in important aspects particularly as indicated by continued control exceptions or by the failure to adhere to written policies and procedures. Acceptable – management of risk is largely effective but lacking to some modest degree. While the institution might be having some minor risk management weaknesses, these have been recognized and are being addressed. Management information systems are generally adequate. Strong – management effectively identifies and controls all types of risk posed by the relevant functional areas or per inherent risk. The board and senior management are active participants in managing risk and ensure appropriate polices and limits are put in place. The policies comprehensively define the bank’s risk tolerance, responsibilities and accountabilities are effectively communicated. OVERALL COMPOSITE RISK Low Risk – would be assigned to low inherent risk areas. Moderate risk areas may be assigned a low composite risk where internal controls and risk management systems are strong and effectively mitigate much of the risk. Moderate Risk – risk management systems appropriately mitigates inherent risk. For a given low risk area, significant weaknesses in the risk management systems may result in a moderate composite risk assessment. On the other hand, a strong risk management system may reduce the risk so that any potential financial loss from the activity would have only a moderate negative impact on the financial condition of the organization. High Risk – risk management systems do not significantly mitigate the high inherent risk. Thus the activity could potentially result in a financial loss that would have a significant impact on the bank’s overall condition, even in some cases where the systems are considered strong. DIRECTION OF OVERALL COMPOSITE Increasing - based on the current information, composite risk is expected to increase in the next twelve months. Decreasing – based on current information, composite risk is expected to decrease in the next twelve months. Stable - based on the current information, composite risk is expected twelve months COLOR CODING SYSTEM Inherent Risk Risk Management Systems Green low risk Strong Orange moderate risk Acceptable Red high risk Weak

113 SECTION F: SIGNATURES OF DIRECTORS

114 ACKNOWLEDGEMENT FORM To the Director of Banking Supervision Department Central Bank of Liberia We, the undersigned members of the Board of Directors of Monrovia Bank Limited, do hereby certify and acknowledge by affixing our signatures below that each of us has personally read, reviewed, and is familiar with the Report of Examination conducted from 6 to 31 October 2009. (Signing this form does not mean that you agree with information or conclusions embodied in the report, but only you have received, read, and are familiar with the contents of the report). ………………………………….. …………………………………. Name of Director Signature of Director ………………………………….. …………………………………. Name of Director Signature of Director ………………………………….. …………………………………. Name of Director Signature of Director ………………………………….. …………………………………. Name of Director Signature of Director ………………………………….. …………………………………. Name of Director Signature of Director ………………………………….. …………………………………. Name of Director Signature of Director

115 APPENDIX 10: Financial Soundness Indicators

116 APPENDIX 11: OFF-SITE REPORT CENTRAL BANK OF LIBERIA BANK SUPERVISION DEPARTMENT THIS REPORT IS STRICTLY CONFIDENTIAL QUARTERLY OFF-SITE ANALYSIS REPORT MONROVIA BANK LIMITED 31 DECEMBER 2011

117 MONROVIA BANK LIMITED- TABLE OF KEY INDICATORS – 31 December 2011 Key Ratios 31-Dec-2009 30-Jun-2011 30-Sept-2011 31-Dec-2011 Ind.Ave.as At 31-Dec-2011 MEASURES OF CAPITAL ADEQUACY Equity to Assets 9.97% 9.37% 10.10% 10.78% 8.82% Tier 1 Ratio 14.32% 15.12% 15.35% 14.78% 11.22% Capital Adequacy Ratio 15.32% 16.08% 16.31% 15.56% 12.61% Net Capital Base L$17.47m L$17.71m L$17.91m L$20.52m L$23.04m Measures of Asset Quality Total Loans & Advances L$86.62m L$62.06m L$65.70m L$82.43m L$127.48m Adversely Classified Loans/Total Loans 4.28% 2.98% 2.97% 1.56% 7.49% Provisions for Loan and Lease Losses/Total Loans 4.58% 2.93% 2.86% 1.55% 2.66% Largest Exposure/Capital 99.25% 68.32% 69.78% 68.23% 62.77% Large Exposures/Capital 440.82% 286.03% 293.49% 306.14% 281.66% Provisions for loan losses to Adversely Classified Loans 106.96% 98.15% 96.09% 96.09% 82.49% Measures of Earnings Return on Assets (ROA) 1.44% 0.35% 0.53% 2.16% (1.27%) Return on Equity (ROE) 11.32% 2.75% 3.84% 17.01% 10.20% Net Interest Margin(NIM) 2.36% 2.68% 4.75% 4.91% 6.91% Cost/Income 81.16% 92.20% 92.31% 80.11% 281.16% Cost of Deposits 3.63% 1.25% 2.65% 2.64% 5.99% Net Profit/Loss L$1.86 L$0.46m L$0.65m L$3.36m L$4.16m Liquidity and Funds Management Total Deposits L$72.42m L$88.86m L$67.96m L$104.69m L$145.45m Central Bank Borrowing/Total Deposits 0.00% 0.00% 0.00% 0.00% 0.00% Interbank Borrowings/Total Deposits 0.00% 0.00% 0.00% 2.76% 5.09% Prudential Liquidity Ratio 52.41% 59.64% 41.80% 56.40% 40.69% Total Deposits/Total Assets 44.21% 50.00% 40.72% 57.62% 58.69% Total Loans/Total Deposits 119.60% 69.84% 96.67% 78.77% 97.95% Cumulative Gap 0-30 Days L$1.38m L$7.02m L$3.72m L$15.68m ( L$30.60m) 0-90 Days L$34.75m L$14.79m L$9.38m L$20.72m (PL$13.37m) 0-360 Days L$30.83m L$19.81m L$16.05m L$24.07m ( L$6.84m) Interest Sensitivity Ratio 3 Months 96.13% 87.19% 75.99% 86.53% 87.12% 6 Months 100.95% 95.89% 87.58% 97.15% 95.59% 12 Months 103.16% 111.51% 89.11% 98.07% 94.15%

118

1. OVERALL CONDITION of Monrovia Bank was rated “2” i.e. satisfactory, the same rating assigned to the institution in the previous quarter ended 30 September 2011. The Holding company in Nigeria was awarded a long-term External Credit Rating of “A” for the period May 2009 to May 2011 by the Global Credit Rating Company.
2. MARKET SHARE, RANKING AND SIGNIFICANT DEVELOPMENTS: Out of eight (8) commercial banks, Monrovia Bank Limited was ranked sixth in terms of total assets with a market share of 4.43% and seventh in terms of both total deposits and total loans and advances with market shares of 2.69% and 3.02%, respectively, as at 31 December 2011.
3. SUPERVISORY ACTIONS IN PLACE OR PENDING: None.
4. CURRENT SUPERVISORY STRATEGY: Conduct prudential meetings with management semi-annually whilst on-site examination should be conducted within twelve (12) months, provided there are no significant developments that might materially affect the financial condition of the bank. The last on-site examination was finalized on 31 December 2009 and the bank was awarded a CAMELS Composite rating of “2” i.e. satisfactory.
5. ASSESSMENT OF CAMELS FACTORS & STRESS TESTING 5.1Capital Adequacy was rated “1” i.e. strong. The bank is adequately capitalized with core capital of L$16.80 million as at 31 December 2011, up from L$14.00 million as at 31 December 2009. The growth in capital was mainly due to profits of L$3.36 million retained during the year ended 31 December 2011. The bank reported Tier 1 and capital adequacy ratios of 14.78% and 15.56% as at 31 December 2011which were above the regulatory minima of 5% and 10%, respectively. Stress tests conducted using the Central Bank of Liberia methodology indicate that the bank is resilient to a combined shock of 5% point increase in interest rates and migration of 25% of performing loans to non-performing loans as the capital adequacy ratio will decrease to 12.28%, which will remain above the regulatory minimum 10%. 5.2Asset Quality was rated “2” i.e. satisfactory. Total loans and advances increased from L$65.70 million as at 30 September 2011 to L$82.43 million as at 31 December 2011 but were below the industry average of L$127.48 million. The ratio of adversely

119 classified loans to total was 1.76% as at 31 December 2011 reflecting low credit risk in the loan portfolio. Concentration risk is, however, considered high as the ten largest borrowers constituted 63.70% of total loans and advances. Stress tests conducted using the Central Bank of Liberia methodology indicate that the bank is resilient to credit shocks. If 25% of performing loans migrate to non – performing loans, the capital adequacy ratio will decline from 15.56% to 12.48%. 5.3Management and Corporate Governance was rated “1” i.e. strong. The bank is adequately capitalized, operating profitably and is in compliance with banking laws, rules, regulations and guidelines. 5.4Earnings were rated “2” i.e. satisfactory. The institution reported net profit after tax of L$3.36 million for the year ended 31 December 2011, improving from L$1.86 million recorded during the year ended 31 December 2009. The bank’s net profit compared unfavorably with industry average of L$4.16 million. The bank’s income comprised net interest income and non-interest income of L$8.15 million and L$10.67 million representing 42.15% and 57.85% of total income, respectively. Salaries & employment costs and occupancy costs were the major cost drivers, contributing 57.45% and 10.06% to operating expenses, respectively for the year ended 31 December 2011. Return on assets and return on equity improved from 1.44% and 11.32% to 2.16% and 17.01% over the year ended 31 December 2011, respectively indicating improving profitability. The bank’s cost to income ratio of 80.11% as at 31 December 2011 is, however, indicative of high proportion of operational costs vis-à-vis the level income generated. 5.5Liquidity and Funds Management was rated “2” i.e. satisfactory. The institution’s total deposits increased to L$104.69 million as at 31 December 2011 from L$67.96 million as at 30 September 2011 and were below industry average of L$145.45 million. The bank’s deposits mainly constituted demand deposits (71.09%), which is an unstable source of funding. The institution had positive liquidity gaps in the critical 0-30 and 0-60 day time bands indicating reduced exposure to liquidity risk. The bank’s prudential liquidity ratio of 56.40% as at 31 December 2011 was well above the regulatory minimum of 25%.

120 5.6Sensitivity to Market Risk was rated “1” i.e. strong. The bank had a liability sensitive book in all time bands with interest rate sensitivity ratios of 86.53%, 97.15% and 98.07% in the 3 months, 6 months and 12 months-time bands, respectively. The sensitivity ratios are close to 100% indicating a book that is nearly matched and, therefore, less sensitive to interest rate movements. Stress test results using the Central Bank of Liberia methodology indicate that a 5 percentage point increase in interest rates will result in a marginal decrease in the capital adequacy ratio from 15.56% to 15.37%. 6 COMPLIANCE TO SUPERVISORY ACTIONS: None. 7 MATTERS REQUIRING ATTENTION: None. 8 RECOMMENDATIONS FOR FOLLOW-UP: None. 9 MONROVIA BANK LIMITED BOARD AND SENIOR MANAGEMENT Monrovia Bank Limited Board Composition as at 31 December 2011 NAME DESIGNATION Mr. J. T. Johnson Independent Non-Executive-Chairman Mr. R. F. Donzo Independent Non-Executive Ms. J. Thomas Independent Non-Executive Mr. Q. Jackson Independent Non-Executive Dr. N. H. Sandra Independent Non-Executive Mr. R. B. Aquoi Independent Non-Executive Mrs. L. T. Euphemia Managing Director

121 Monrovia Bank Limited Senior Management as at 31 December 2011 NAME POSITION Mr. L. T. David Managing Director Mrs. K. Esther Chief Finance Officer Mr. J. Mathew Head Corporate Banking Mr. V. Luke Head of Treasury Mr. G. N. Nyumah Head of Retail Miss P. Toe Head of Risk Mr. M. W. Siaway Head of Human Resources Mr. A. S. Parker Company Secretary Mr. D. Z. Saye Chief Operating Officer Monrovia Bank Limited is 100% owned by Monrovia Holdings Shareholding structure of Monrovia Holdings Limited as at 31 December 2011 Name of Shareholder Shareholding (%) XYZ Insurance Company 60.00% ABCD Corporation Limited 40.00% Total 100.00%