Circular 117-1 on Governance Practices

CIRCULAR No 117-1

TO FINANCIAL INSTITUTIONS

In compliance with Articles 23, 27, 28, 33 to 41, 83, and 161 of the Law of May 14, 2012, concerning banks and other financial institutions, Articles 20 to 31, 34, and 37 of the Decree of June 5, 2020, governing the organization and operation of Microfinance Institutions (MFIs), and Articles 18 to 21 and 42 of the Decree of November 25, 2020, concerning exchange intermediaries, financial institutions are required to respect the following provisions regarding governance practices.

1. Definitions

The following definitions apply to this Circular:

a) Administrator: any natural person or representative of a legal entity appointed to the board of directors of a financial institution.

b) Board of Directors: the deliberative body invested with all powers to act in all circumstances on behalf of the company, within the limits of the corporate purpose and the powers reserved for the general meeting of shareholders.

c) General Manager: a natural person appointed by the board of directors to manage the financial institution, representing it in its relations with third parties. He/She is invested with the broadest powers, which he/she exercises within the limits of the bylaws and subject to those specifically reserved for the board of directors by legal or statutory provisions.

d) Executive: any natural person appointed as general manager or deputy general manager, or by any equivalent title, by the board of directors, or the body acting in its place, or, if not appointed, who fulfills a general management function as an employee or service provider.

e) Governance: the set of systems, rules, mechanisms, and procedures for direction, organization, and control governing the management of a company's operations, aiming to ensure effective and prudent management.

f) Governance Body: the structure responsible for making decisions within a company (general meeting, board of directors, audit committee, and other committees created by the board, general management, other management bodies).

---

2. Establishment of a Governance System

Financial institutions must implement a governance system consistent with best practices and adapted to their size, structure, the nature and complexity of their activities, as well as their risk profile. This governance system must be approved by the board of directors and subject to annual information provided to shareholders.

The governance system must in particular:

a) be developed and implemented taking into account, among other things, the security of information systems, the coverage of all risks incurred by the institution, and potential conflicts of interest;

b) establish and formalize the strategies, policies, and procedures to be implemented to define and organize the different means necessary to achieve good governance;

c) define the roles, responsibilities, powers, and obligations of the various stakeholders;

d) meet the needs of the institution as a whole and of each of its organizational and operational units;

e) integrate mechanisms aimed at maintaining and/or restoring its operations in the event of discontinuity;

f) integrate changes over time in the characteristics of the institution and its external environment, as well as developments regarding best practices in governance;

g) provide mechanisms to ensure the integrity and engagement of participants, who must be numerous enough, competent, and have a good knowledge of the institution's activities, risks, and legal obligations.

Any financial institution is required to define governance procedures ensuring a clear separation between the functions of the administrative bodies and the functions of the bodies responsible for the management of the institution, and defining their responsibilities in accordance with the missions assigned to these bodies.

3. Role of Administrators and Executives

The administrators and executives of a financial institution play a decisive role in the administration of the company by guiding its activities and ensuring that they are conducted in the best interests of the institution. In this regard, they have a quadruple duty of loyalty, diligence, vigilance and compliance, prudence, and independence.

The duty of loyalty, based on a relationship of trust, obliges the administrator or executive to protect the interests of the financial institution by acting in good faith towards the institution and its clients, demonstrating competence and honesty in the exercise of their functions, avoiding any conflict of interest, and strictly preserving the confidentiality of matters concerning the institution.

The duty of diligence obliges the administrator or executive to demonstrate discernment and a strong sense of responsibility in the direction and supervision of management activities. This duty requires them to respect the rule of reasonable prudence, according to which they must act with the diligence, application, competence, and prudence that a reasonable person would exercise in the same circumstances.

The duty of vigilance and compliance constrains administrators and executives to take all measures to prevent the financial institution from being used for money laundering and terrorist financing purposes. Consequently:

• Administrators and executives must ensure the implementation of effective policies, procedures, and methods for combating money laundering and terrorist financing.
• Administrators are required to appoint a compliance officer responsible for the compliance function and to ensure that the officer's recommendations are followed.
• Administrators must remain faithful to the institution's mission and promote its values. They must ensure that the institution's practices are consistent with its social and financial objectives and that they do not in any way harm its employees, clients, or environment.

The duty of prudence and independence constrains administrators to demonstrate reserve, discernment, prudence, rigor, and independence in the exercise of their mandate.

4. The Board of Directors

4.1. Powers of the Board of Directors

The board of directors is responsible for the proper management of the financial institution. To this end, it is required, among other things, to:

a) actively engage in the institution's activities, stay informed of significant new developments occurring in the institution's operational environment and economically, and act promptly to protect the institution's long-term interests;

b) ensure the definition of the institution's strategic objectives, including the general risk policy and risk management procedures, approve them, and ensure their execution;

c) conduct periodic and in-depth reviews and evaluations of the institution's operational objectives and strategies, as well as situations and operations that could pose significant risks to the institution;

d) monitor the implementation of the governance framework and regularly verify its relevance in light of significant changes in the size, complexity, geographic footprint, operational strategy, and regulatory requirements of the financial institution;

e) establish risk appetite, taking into account the competitive and regulatory environment, as well as the institution's long-term interests, risk exposure, and capacity to manage risks effectively;

f) monitor compliance with the risk appetite statement, the risk policy, and risk limits;

g) appoint the general manager and, where applicable, any deputy general manager, monitor their performance as well as that of other executives and heads of internal control and compliance functions;

h) ensure that executives are qualified and competent;

i) approve the organizational chart and administrative organization of the institution;

j) approve operational policies and procedures;

k) define the control policy and exercise permanent supervision of management;

l) deliberate on the establishment of specialized committees by defining their objectives, composition, and operating procedures;

m) promote and establish a sound corporate culture by valuing responsible and ethical behavior;

n) adopt a code of ethics applicable to administrators, executives, and employees, and ensure its update;

o) ensure the presence of a strong finance function responsible for accounting and financial data;

p) approve annual financial statements;

q) report to shareholders and ensure their regular information regarding the management of the institution;

r) monitor the institution's remuneration policy, particularly the remuneration of executives and heads of major functions, to verify its conformity with the institution's risk culture;

s) ensure the implementation of an adequate external communication policy, particularly with the Central Bank of Haiti (BRH).

4.2. Governance Characteristics and Responsibilities of the Board of Directors

4.2.1 Composition and Qualification of the Board of Directors

The board of directors must consist of members capable of forming an independent judgment on the activities of the financial institution. Furthermore, board members must possess sufficient knowledge in banking or finance and demonstrate experience in corporate administration.

Each administrator must possess the minimum competence required to understand the functioning of the financial institution and demonstrate integrity in the exercise of their mission.

Each administrator must be mindful of the interests of all shareholders, engage sufficiently in strategy definition and deliberations to effectively participate in the board's decisions.

The composition of the board of directors and the organization of its work must be appropriate to the shareholding structure, the size and nature of the activity of each financial institution, and the particular circumstances it may face.

Any financial institution is required to provide the Central Bank of Haiti (BRH) with the following information for any new administrator, in the event of a vacancy or change within the board of directors and/or committees:

a) first name(s) and last name, profession, domicile, and nationality;

b) the number of shares subscribed and paid up;

c) a criminal record check and a police certificate;

d) a curriculum vitae including personal data, education and professional training, various mandates, a chronological list, and a description of previous and current professional activities.

The financial institution must transmit this information to the BRH prior to the appointment of any administrator. The BRH reserves the right to request any necessary information to ensure the quality of administrators. Any rejection of a candidacy is motivated in writing by the BRH. The BRH rules on any submitted file within a period not exceeding twenty (20) working days.

Furthermore, no natural person may be a member of the administrative body of two (2) financial institutions of the same category (e.g., two banks, two MFIs, etc.).

4.2.2. Governance Responsibilities of the Board of Directors

The board of directors may create specialized committees within its midst. The number, nature, and composition of these committees depend in particular on the size of the financial institution, the nature of its activities, and its risk profile. Committees must keep a register of their deliberations and decisions (meeting agendas, minutes, reports, recommendations made, decisions taken, and divergent opinions expressed). For the establishment of specialized committees, the board of directors may associate one or more external persons to the financial institution, who are unrelated, qualified, and competent.

Regarding banks, the board of directors of any banking institution having 10% or more of the total deposits market share must mandatorily have within it an audit committee, a risk management committee, a nominations committee, and a remuneration committee, in accordance with the rules established in the Circular on minimum internal control standards.

The board of directors must pay particular attention to preventing potential conflicts of interest, ensuring the transparency of information provided, and fairly considering all interests present. To this end, it must ensure the development and implementation of a policy and procedures for the prevention and handling of actual or potential conflicts of interest.

Regarding groups, the board of directors of the parent company must assume general responsibility for the group's activities. It must approve risk strategies and policies at the group level. It must implement an integrated and harmonized steering mechanism within the group ensuring effective supervision by the parent company of its subsidiaries. It is required to define and implement a governance mechanism clear and adapted to the structure, activity, and risks of the group and its entities. The board of directors of any parent company must determine the structure of the boards of directors of subsidiaries and exercise adequate supervision of subsidiary activities. It must ensure that each subsidiary has the necessary resources to meet group standards.

The board of directors must ensure that transactions with related parties to the financial institution are subject to appropriate risk assessments and restrictions, and that the financial institution's resources are not diverted or misused.

The board of directors must ensure compliance with all legal, regulatory, statutory, and professional provisions, particularly regarding the right to information of shareholders on their own activities as well as those of the institution.

The functions of Chairman of the Board of Directors and General Manager of a financial institution must not be exercised by the same person. The board of directors and its Chairman must preserve their independence vis-à-vis general management.

4.3. Participation in Board of Directors Meetings

An administrator must actively and effectively participate in the discussions and deliberations of the board of directors.

Participation in board of directors meetings includes physical presence, video conferencing, or any other method recorded in the bylaws.

The Chairman of the Board of Directors reports to the General Meeting on the regularity of administrators' participation in board meetings.

The bylaws of each institution must specify that an administrator who has not participated annually in at least fifty percent (50%) of the board of directors meetings must be replaced by the General Meeting.

5. General Management and Executives

5.1. Governance Responsibilities of General Management

General management is responsible for implementing the board of directors' decisions, orienting, and supervising the financial institution. To this end, it must in particular:

a) ensure the development of operational objectives, strategies, organizational structure, and control measures, as well as policies and budgets to be approved by the board of directors;

b) execute and monitor operational objectives, strategies, and plans approved by the board of directors, and ensure the effectiveness of the organizational structure and control measures;

c) define the general risk policy and risk management procedures;

d) design and implement permanent control, compliance, management, and risk control mechanisms;

e) communicate and present frequent and regular reports to the Board of Directors on the institution's situation, its performance, risk, and financial strength indicators, and any information that could threaten its sustainability;

f) ensure the prevention, detection, and management of any potential conflicts of interest, particularly in the context of granting loans to shareholders, administrators, and executives.

5.2. Appointment of Executives

Financial institutions licensed as banks are required to appoint at least two (2) executives responsible for jointly ensuring the effective management of the institution's activities. The distribution of functions among the persons so designated must be determined by a decision of the board of directors, defining their respective attributions while ensuring the participation of each in all general management responsibilities of the institution. The BRH may subject other financial institutions to this obligation if the risks associated with their activity justify it.

5.3. Qualification of Executives

Executives must possess the experience, skills, and integrity necessary for the management of the financial institution's activities and the personnel under their orders. They must receive regular training to maintain and deepen their skills and keep their knowledge up to date in their areas of responsibility.

Any financial institution is required to provide the BRH with the following information for any new executive, in the event of a change within general management and/or committees:

a) first name(s) and last name, profession, domicile, and nationality;

b) a criminal record check and a police certificate;

c) a curriculum vitae including personal data, education and professional training, various mandates, a chronological list, and a description of previous professional activities with indications on the hierarchical superior(s), the number of subordinates at the last employer, and the reasons for the change of employment, if applicable;

d) where applicable, the decision or draft decision of the board of directors defining the respective attributions of the different executives designated to ensure the general management of the institution's activities.

The financial institution must transmit this information to the BRH prior to the appointment of any executive. The BRH reserves the right to request any necessary information to ensure the quality of executives. Any rejection of a candidacy is motivated in writing by the BRH. The BRH rules on any submitted file within a period not exceeding twenty (20) working days.

6. Management and Control of the Organizational Framework

Financial institutions must adopt an adequate organizational framework to ensure effective and prudent management of their institution, taking into account the nature, scale, and complexity of the risks they face and their activities.

Financial institutions must regularly evaluate the functioning of the management system as well as the administrative and management bodies, particularly their size, composition, and competencies.

6.1. Management Tools for the Organizational Framework

Financial institutions must have the following organizational framework management tools:

a) a forward-looking business plan for at least three years, broken down by year and updated at least once a year to take into account the evolution of the environment, actual results obtained, and the re-evaluation of the main assumptions retained;

b) a budget monitoring system;

c) a detailed organizational chart and functional administrative organization, adopted by the board of directors. The administrative organization must include a precise definition of functions and positions;

d) risk management procedures and techniques including in particular:

i) a system for the distribution of powers in credit, interbank operations, and investments, clearly indicating the authorized bodies and persons as well as the limits for which they have received delegation;

ii) risk assessment or rating procedures resulting in a map of main risks;

iii) mechanisms for the consolidation and monitoring of major risks, and the measurement of sectoral and geographic risk concentration;

iv) a continuous process for evaluating the adequacy of their capital and liquidity to the evolution of their activity and risks;

v) mechanisms for monitoring risks taken on major shareholders, administrators, executives, and other related parties to the financial institution.

6.2. Control Tools for the Management of the Organizational Framework

Financial institutions must equip themselves with a control system for the management of the organizational framework capable of measuring and improving performance at all levels. In this regard, they must implement:

a) an effective internal control and risk management system;

b) a system for combating money laundering and terrorist financing in compliance with legal and regulatory provisions, allowing for customer identification, enhanced monitoring of certain operations, and continuous training of personnel assigned to this function;

c) a code of ethics applicable to administrators, executives, and employees.

7. Management of Risks Related to Governance Failures

Financial institutions are required to implement systems for managing risks related to governance failures.

These systems must cover the following risks:

a) strategic risks: encompassing risks of poor growth management and poor decisions, namely: routine risk, risk of failure to master growth strategy, risk of decision-making errors related to shortcomings in business plan design, and risk of deviation from objectives.

b) risks of dysfunction of governance bodies, namely:

• risk of non-compliance of the organization with legal and regulatory obligations;
• risk of non-compliance of the functioning of governance bodies with obliga