LogoRegulatory Alerts
2011-07-15

Minimum Standards on Corporate Governance for Insurance Companies Directive, 2011

The Registrar of Financial Institutions in Malawi issued the directive to establish binding corporate governance standards for all licensed insurers. The framework mandates robust board structures, requiring a minimum of five directors with a majority independent, alongside mandatory Audit, Asset-Liability Management, and Risk Management committees. It enforces strict auditor independence, transparent remuneration policies, comprehensive financial reporting, and codified ethical conduct to ensure prudent management and policyholder protection.

Reserve Bank of Malawi logo

Malawi

Reserve Bank of Malawi

Click to view thumbnail

44 4th March, 2011

Made this 2nd day of February, 2011.

(FILE NO. MF/2/10)

DR. PERKS M. LIGOYA Registrar

GOVERNMENT NOTICE NO. 7

INSURANCE ACT (ACT NO. 9 OF 2010)

INSURANCE (MINIMUM STANDARDS ON CORPORATE GOVERNANCE FOR INSURANCE COMPANIES) DIRECTIVE, 2011

ARRANGEMENT OF PARAGRAPHS

PARAGRAPH

PART I — PRELIMINARY

  1. Citation
  2. Application
  3. Interpretation

PART II — OBJECTIVES AND RATIONALE

  1. Objectives
  2. Rationale

PART III — CORPORATE GOVERNANCE REQUIREMENTS

  1. Rights and responsibilities of shareholders
  2. The Board and senior management
  3. Independent and non-executive directors
  4. Board composition
  5. Board and Management Committees
  6. Remuneration
  7. Internal audit
  8. External audit
  9. Financial reporting
  10. The Company Secretary
  11. Ethics
  12. Other matters

PART IV — ADMINISTRATIVE PENALTIES AND ADMINISTRATIVE SANCTIONS

  1. Administrative penalties
  2. Administrative sanctions

IN EXERCISE of the powers conferred by sections 79 (3) (s) and (t) of the Insurance Act, 2010, the Registrar has issued the following Directive—

4th March, 2011 45

PART I — PRELIMINARY

  1. This Directive may be cited as the Insurance (Minimum Standards on Citation Corporate Governance for Insurance Companies) Directive, 2011.

  2. (1) This Directive shall— Application (a) apply to insurers licensed under the Insurance Act; and Act No. 9 of (b) be read and applied together with the Code of Best Practice for 2010 Corporate Governance in Malawi (the Malawi, Code II), published by the institute of Directors, in June, 2010.

(2) Where this Directive is inconsistent with the Malawi Code II, the Directive shall prevail.

  1. In this Directive, unless the context otherwise requires— Interpretation

"independent director" means a non-executive director who is free from a business or other association with the insurer that could interfere with the exercise of independent judgement through— (a) having substantial shareholding; (b) involvement in past management; or (c) being a supplier, customer or adviser; "insurer" means an insurer as defined in the Act. "non-executive director" means a director who is not a member of management; "owner" means a person who directly or indirectly owns or controls at least ten per cent (10%) of the capital of the insurer; and "Registrar" means Registrar of Financial Institutions appointed under section 8 of the Financial Services Act, 2010. Act No. 26 of 2010

PART II — OBJECTIVES AND RATIONALE

  1. (1) The objectives of this Directive include— Objectives (a) setting of minimum standards of good governance for insurers; (b) promoting corporate self-discipline in the management of insurers; (c) ensuring that insurers are managed by a competent board of directors, hereafter referred to as the Board, in a sound and prudent manner; (d) ensuring that the Board makes reasonable and impartial business judgements in the best interests of the insurer taking into consideration the impact on policyholders.

  2. This Directive is issued on the basis that— Rationale (a) through the Board, insurers adhere to corporate governance principles in managing their business; and (b) a key aspect in the supervision of insurers shall involve an evaluation of the corporate governance framework.

46 4th March, 2011

PART III — CORPORATE GOVERNANCE REQUIREMENTS

Rights and 6. (1) A shareholder may— responsibilities (a) participate in decisions concerning fundamental corporate of shareholders changes including— (i) amendments to articles and memorandum of association or similar governing documents of the insurer; and (ii) authorization of additional shares and extraordinary transactions, leading to the sale of an insurer; (b) vote in a general meeting; (c) access information concerning rules and voting procedures governing a general meeting including sufficient and timely information concerning the date, location and agenda; (d) ask the Board any question and enquire about the annual external audit; (e) place an item on the agenda of a general meeting; (f) propose a resolution, subject to reasonable limitations; and (g) vote in person or by proxy.

(2) A shareholder shall— (a) jointly and severally protect, preserve and actively exercise authority in an annual general meeting; (b) foster constructive relationships with the Board to facilitate sustainability of an insurer; (c) ensure that only competent persons are appointed to the Board; (d) ensure that the Board is constantly held accountable and responsible for the efficient and effective governance of an insurer; (e) change the chairperson or the composition of the Board, where the Board is incompetent; (f) fix remuneration of directors; (g) maintain competitive remuneration packages that attract and retain competent Board members and management; (h) respect fiduciary duties of Board members; (i) ensure that procedures for general meetings allow equitable treatment of shareholders; (j) ensure protection of minority shareholders from abusive actions of controlling shareholders; (k) ensure sustainable operation of an insurer, taking into consideration interests of stakeholders; and (l) comply with all relevant laws, regulations and directives.

The Board 7. (1) The Board shall— and senior (a) be responsible for the sound and prudent management of an management insurer; (b) provide an independent cross-check on management; and (c) have a formal and well-defined charter setting out roles and responsibilities of the Board.

4th March, 2011 47

(2) Every member of the Board shall be accountable to the Registrar for the sound and prudent management of an insurer.

(3) The Board may delegate authority to management to act on behalf of the Board with respect to certain matters, as determined by the Board.

(4) The Board shall document any authority that it delegates to management.

(5) The Board shall have mechanisms for monitoring delegated authority.

(6) The Board shall not abrogate responsibility for delegated functions.

(7) The Board shall ensure that— (a) every director and senior manager has competent skills for the effective and prudent operation of an insurer; (b) every director has competent skills to contribute to Board deliberations and processes; (c) every director has competent skills, knowledge and experience to understand risks of an insurer including— (i) legal obligations of the insurer, and (ii) appropriate management of an insurer taking into account risks of the insurer; (d) the Board may supplement its skills and knowledge through the use of external consultants and experts; (e) the Board shall allow an appointed auditor and an actuary to raise matters directly with the Board; (f) where the Registrar requests to meet the chairperson of the Board or senior management, they shall be available to meet the Registrar; (g) a member of senior management shall ordinarily reside in Malawi; and (h) a senior management of a subsidiary of a foreign controlled insurer shall report to a local Board established in Malawi.

  1. (1) A director shall not be independent if the director— Independent (a) is a substantial shareholder of an insurer or an officer who is and Non- directly associated with a substantial shareholder of an insurer; Executive (b) is employed, or has been employed in an executive capacity by Directors an insurer or group member and there is a period of less than two years since being employed by the insurer and serving on the Board; (c) in the past two years, has been a principal of a material professional adviser, a material consultant to the insurer, another group member, or an employee materially associated with the service provided; (d) is a material supplier or customer of the insurer or other group member or an officer of a material supplier or customer; or (e) has a material contractual relationship with the insurer or another group member other than as a director.

48 4th March, 2011

(2) Where the Registrar is in doubt regarding independence of the director, an insurer shall provide the evidence which the insurer used to determine the independence of the director.

Board 9. (1) The Board of an insurer shall have a minimum of five directors. composition (2) A majority of directors shall be independent directors.

(3) The chairperson of the Board shall be a non-executive director.

(4) The chairperson of the Board shall not be a person who has served in the position of a chief executive officer of the insurer two years before the appointment as chairperson of the Board.

(5) Where the Registrar requests to meet the chairperson of the Board, the chairperson shall be available to meet the Registrar.

(6) The Board shall consist of persons with— (a) skills and experience to provide strategic direction to an insurer; and (b) skills in finance, economics, accounting, insurance and human resource management.

(7) A majority of directors and the chairperson of the Board shall ordinarily reside in Malawi.

Board and 10. (1) Every insurer shall have Board and Management Committees Management which shall include— Committees (a) the Audit Committee; (b) the Asset Liability Management Committee; and (c) the Risk Management Committee.

(2) The Audit Committee shall assist the Board by providing an objective non-executive review of the effectiveness of the financial reporting and Risk Management Framework of the insurer unless, there is another Board committee carrying out this function with respect to risk management.

(3) The Audit Committee shall also have a charter stipulating that the oversight responsibilities of the Audit Committee shall include— (a) the statutory reporting requirements of the Registrar; (b) financial reporting requirements; (c) professional accounting requirements; (d) internal and external audit; (e) the appointment and dismissal of the internal auditor; (f) the remuneration and performance assessment of the internal auditor; (g) for life insurance, the appointment of an actuary of the insurer; (h) the appointment of the external auditor of the insurer; (i) the Risk Management Framework of the insurer as outlined in the Risk Management Directive; and

4th March, 2011 49

(j) the remuneration of the Chief Executive Officer and senior management directly reporting to the Chief Executive Officer.

(4) The Audit Committee shall perform further oversight responsibilities as set out in the Schedule hereto.

(5) The Audit Committee shall— (a) submit the charter with the Registrar for the written approval of the Registrar; (b) have sufficient powers to enable it to obtain information necessary for the performance of its functions; (c) (i) have a minimum of three members; and (ii) every member including the chairperson shall be an independent director. (d) ensure the adequacy and independence of the internal and external audit functions; (e) regularly review— (i) the internal and external audit plans, and the Risk Management Framework, ensuring that they cover all material risks and financial reporting requirements of an insurer; and (ii) findings of audits, and ensure that issues are managed and rectified appropriately and promptly. (f) establish and maintain policies and procedures of employees of an insurer, submit, confidential information about accounting, internal control, compliance, audit and other matters on which an employee has concerns; (g) have a process for ensuring that employees are aware of the established policies and procedures; (h) have a process for dealing with matters raised by employees under policies; and (i) invite the appointed auditor of the insurer and appointed actuary to all meetings of the Audit Committee.

(4) The Chairperson of the Board and the Chief Executive Officer shall not be members of the Audit Committee.

(5) The minutes of the Audit Committee shall be distributed to auditors of the insurer and to the actuary where applicable, whether or not they attended the meeting.

(6) Every insurer shall have an Asset Liability Management Committee comprising a minimum of three members of management including the Head of Finance;

(7) The main role of the Asset Liability Management Committee shall be to manage the assets and liabilities of the insurer in a manner that will ensure that the investment activities of the insurer and asset position are appropriate to the liabilities and risk profile of the insurer.

(8) The Asset Liability Management Committee shall have a written charter which shall be submitted to the Board for approval.

50 4th March, 2011

(9) The Asset Liability Management Committee shall be responsible for the following— (a) assessing the risk or reward objectives of an insurer; (b) designing and implementing asset liability management strategies to modify risk; (c) quantifying levels of risk exposure; (d) monitoring risk exposure and revising asset liability management strategies as appropriate; and (e) setting risk tolerance limits.

(10) The Asset Liability Management Committee shall furnish a report to the Board on the asset liability management performance of an insurer on a quarterly basis.

(11) In addition to the Audit Committee and the Asset Liability Management Committee, an insurer may set up other Board committees such as, the Remuneration and Appointment Committee and Risk Management Committee.

(12) The Board shall approve the Charter of the Risk Management Committee.

(13) The Charter of the Risk Management Committee shall state that the Risk Management Committee shall have oversight of the Risk Management Framework of the insurer as outlined in the Risk Management Directive.

(14) A member of the Risk Management Committee shall be an independent director.

Remuneration 11. (1) The Board shall have a clear policy for setting remuneration packages for executive and non-executive director at levels that are fair and reasonable in a competitive market for the skills, knowledge, experience, nature and size of the insurer.

(2) A director shall not take part in deciding the remuneration package for the position of Director.

(3) The performance related elements of the remuneration of executive directors shall be stretching and designed to promote the long-term success of the insurer.

(4) Levels of remuneration for non-executive directors shall reflect the time commitment and responsibilities of the role.

(5) The Remuneration Committee shall have terms of reference, explaining its role and the authority which the Board shall delegate to it.

(6) Where remuneration consultants are appointed, the insurer shall make a statement on whether the consultants have a connection with the insurer.

(7) The Remuneration Committee shall— (a) consult the chairman or the chief executive officer about their proposals relating to the remuneration of other executive directors; (b) appoint consultants to set the remuneration of executive directors;

4th March, 2011 51

(c) delegate responsibility for setting remuneration packages for executive directors and the chairperson, including pension rights and compensation payments; and (d) recommend and monitor the level and structure of remuneration for senior management.

(8) Where required by the Articles of Association, a shareholder or the Board shall determine the remuneration of non-executive directors within the limits set in the Articles of Association.

(9) The Board may delegate the determination of the remuneration of non-executive directors to a committee which may include the Chief Executive Officer.

(10) Every insurer shall disclose in the annual report— (a) information about the remuneration of individual directors and shall include details of earning, business, share options, restraint payments and any other benefits. (b) In its annual report, an insurer shall disclose remuneration, bonuses and other benefits received by senior management on an aggregate basis.

  1. (1) An insurer shall have an independent and adequately resourced Internal Audit internal audit function.

(2) If an insurer does not believe it is necessary to have a dedicated internal audit function— (a) it shall apply to the Registrar in writing for an exemption, stating why it should be exempt; (b) the Registrar may approve alternative arrangements for an insurer where the Registrar is satisfied that the insurer will achieve the same objectives.

(3) The objectives of the internal audit function shall include an evaluation of the adequacy and effectiveness of the Financial and Risk Management Framework of the insurer.

(4) To fulfill its functions, the internal auditor shall have unfettered access to the business lines and support functions of the insurer.

(5) The internal auditor shall not have operational duties.

(6) The internal auditor shall report to, and have unfettered access to the Audit and Risk Management Committee.

  1. (1) (a) The Board of an insurer shall ensure that an auditor of an External insurer; Auditor (b) is independent of the insurer; and (c) there is no conflict of interest that could compromise the independence of the auditor.

(2) As part of the process of ascertaining the independence of the auditor, an insurer shall obtain a declaration from the auditor to the effect that— (a) the auditor is independent, in appearance and fact;

52 4th March, 2011

(b) the auditor has no conflict of interest; and (c) in the knowledge of the auditor, there is nothing either in relation to the individual auditor or an audit firm or audit company of which the auditor is a member or director, that could compromise the independence of the auditor.

(3) A member of an audit firm or a director of an audit company, who has been a lead auditor in the audit of an insurer, shall not be appointed to the role of a director or senior manager of that insurer until two years have passed since the person acted as a lead auditor.

(4) For the purpose of maintaining independence and objectivity, an external auditor or appointed actuary of an insurer shall not be an employee of the same firm or related firm.

Financial 14. (1) An insurer shall prepare financial statements in accordance with Reporting international financial reporting standards on an individual insurer and on a group basis.

(2) Every insurer shall publish summaries of statements of its financial position and of income and expenditure in a national newspaper, not later than 31 March of the following year.

(3) Every insurer shall publish annual reports on its official website.

(4) The annual report shall include— (a) full financial statements, comprehensive notes, and an opinion of the auditor; (b) meaningful statements by the Board and Management on the performance of their responsibilities; and (c) a statement describing major risks of an insurer and how they are managed. (d) additional corporate governance disclosures including— (i) a list of names and roles of Board members and key senior managers and their major affiliations; (ii) remuneration packages of Board members and senior managers; (iii) authorities and responsibilities of governing bodies, including subcommittees; and (iv) identities of significant direct and indirect beneficial owners of the insurer.

(6) The chairman of the Board Audit Committee and a responsible person of the management team shall sign the disclosure statements attesting their accuracy and completeness.

The Company 15. (1) A company secretary of an insurer shall be— Secretary (a) a chartered company secretary; (b) a lawyer; (c) an accountant; or (d) a firm which is provider of company secretarial services.

4th March, 2011 53

(2) A company secretary shall be subject to a fit and proper test by the Registrar.

(3) The roles of a company secretary and a chief executive officer shall be separate.

(4) In addition to extensive statutory duties under the Companies Act, the Cap. 46:03 company secretary shall provide the Board and every director with detailed guidance on how to discharge their responsibilities in the best interest of the insurer and in compliance with laws, internal rules, the Malawi Code II on corporate governance and this Directive.

(5) The company secretary shall provide a central source of guidance and advice to the Board and within the company on matters of ethics and good governance.

  1. Every insurer shall— Ethics (a) conduct business on the principle of utmost good faith and sound insurance principles; (b) promote and observe the customary practice relating to insurance; (c) engage stakeholders in determining standards of ethical behaviour of the insurer; (d) demonstrate commitment to organizational integrity by codifying and publishing standards of ethical behaviour in a code of ethics; (e) on the request of the Registrar, avail a copy of the code of ethics to the Registrar; (f) articulate acceptable behaviour in the code of ethics of the insurer; (g) disallow unacceptable behaviour that could result in the insurer engaging in illegal activity such as money laundering, fraud, bribery or corruption. (h) the Code of Ethics shall— (i) bind all directors, senior management, employees, officers and agents of the insurer; (ii) ensure that an insurer complies with relevant laws, regulations and directives of the Registrar; (iii) create systems and procedures to introduce, monitor and enforce the Code of Ethics; (iv) assign high level individuals to oversee compliance to the Code of Ethics; (v) assess the integrity of new appointees in selection and promotion procedures; (vi) exercise due care in delegating discretionary authority; (vii) communicate with and train all employees regarding enterprise values, standards and compliance procedures;

54 4th March, 2011

(viii) provide, monitor and audit safe systems for reporting of unethical or risky behaviour; (ix) enforce appropriate discipline with consistency; (x) respond to offences and prevent re-occurrence; and (xi) ensure that claims are paid within the time limits set by the Act and the Registrar's Directives. (i) an insurer shall disclose adherence to the code of ethics against the criteria in paragraph (16) (h) in the annual report. (j) the Board shall ensure that senior management implements policies that prohibit or appropriately limit activities and relationships that diminish the quality of corporate governance, including— (i) lending to directors and employees, or officers from affiliated companies at non-arms length basis; (ii) providing preferential treatment to insiders; (iii) improper use of property or information; (iv) unfair dealing with clients, employees, suppliers, competitors and other stakeholders; (v) allowing delinquency of loans to Board members; (vi) permitting directors with an interest in a transaction to which the insurer is an actual or potential party to vote on those transactions.

Other matters 17. (1) The Board shall have procedures for assessing at least annually the performance of the Board, Board committees and individual directors.

(2) An insurer shall induct and train directors on various aspects of insurance business and critical processes particular to the insurer.

(3) The Board shall have a formal policy on Board renewal which shall include— (a) details of how the Board intends to renew itself in order to remain open to new ideas and independent thinking, while retaining adequate expertise; (b) consideration of whether directors have served on the Board for a period which could materially interfere with their ability to act in the best interests of the insurer.

(4) Independent directors shall be appointed for a fixed term of three years and may be re-elected for one further term.

(5) An independent director shall not be dismissed during a term of office, except where— (a) the insurer requests the dismissal in writing; and (b) the Registrar approves the dismissal in writing.

(6) The maximum amount of time an independent director may serve on a Board shall be six years.

(7) Key role players in insurance from a corporate governance point of view shall include—

4th March, 2011 55

(a) an owner, defined as a person who directly or indirectly owns or controls at least ten per cent (10%) of the capital of the insurer; (b) a director of the insurer; and (c) the chief executive officer.

(8) A person may hold a maximum of two key roles.

(9) An independent director shall hold a maximum of six other Board appointments with the following restrictions— (a) not to hold concurrently a Board appointment and an appointment as an insurance intermediary, such as an insurance broker; and (b) hold a maximum of two Board appointments within the insurance industry, provided that one such appointment relates to a life insurance company and the other appointment relates to a general insurance company.

(10) The Board shall meet a minimum of four times a year and shall keep minutes of all proceedings.

(11) Directors shall attend seventy-five per cent (75%) of all Board meetings; and where a director has attended less than seventy-five per cent (75%) of Board meetings in a year, the insurer shall inform the Registrar not later than January 31, providing reasons for the lack of attendance, and showing reasons why the director should be permitted to continue in his office.

(12) The Audit Committee, and any other committee established by the Board, shall— (a) meet a minimum of four times a year; and (b) keep minutes of proceedings.

(13) An insurer shall provide a succession plan for its Chief Executive Officer.

(14) The succession plan of the insurer shall— (a) identify a deputy to perform the role of chief executive officer should the chief executive officer be absent; and (b) inform the Registrar of the identity of the chief executive officer in writing.

(15) The Corporate Governance framework of the insurer shall have— (a) adequate provisions to allow whistle blowing if a person believes that untoward activity is taking place within the insurer; and (b) a policy providing that a person, acting in good faith, cannot be discriminated against by disclosing information to the Board, the Committee, or to the Registrar.

(16) A prospective, current, or former employee or contractor of an insurer shall not be constrained by confidentiality clauses or otherwise from— (a) disclosing information to the Registrar; (b) discussing issues of relevance to management and supervision of the insurer with the Registrar;

56 4th March, 2011

(c) providing documents under the control of the employee to the Registrar; and (d) providing information to auditors, the appointed actuary and other persons who have statutory responsibilities in relation to the insurer.

(17) An insurer shall ensure that the internal policy and contractual arrangements of the insurer do not explicitly or implicitly restrict or discourage auditors or other parties from communicating with the Registrar.

PART IV — ADMINISTRATIVE PENALTIES AND ADMINISTRATIVE SANCTIONS

Administrative 18. (1) When the Registrar determines that an insurer or insurance penalties intermediary has not met the requirements of this directive, the Registrar shall Act No. 26 of impose administrative penalties in accordance with the provisions of the 2010 Financial Services Act, 2010, to correct the situation, including but not limited to— (a) a monetary penalty of five hundred thousand Kwacha (K500,000); (b) a written warning; or (c) direction to the insurer or an insurance intermediary to compensate persons who have suffered loss because of the contravention.

Administrative 19. (1) In addition to the penalties prescribed in paragraph 18 (1), the sanctions Registrar may take any or all of the following actions against an insurer or insurance intermediary— Act No. 26 of (a) imposition of directions as stipulated under section 39 of the 2010 Financial Services Act 2010; (b) prohibition from declaring or paying dividends; (c) prohibition from declaring or paying bonuses, salary incentives or other discretionary compensation to directors or managing officers; (d) suspension of the establishment of new branches or expansion into new insurance or financial activities; (e) suspension of acceptance of new risks and certain classes of insurance business; (f) suspension of acquisition of fixed assets; or (g) closure of an insurer to accept new business, and suspension or cancellation of licence where the insurer persistently fails to comply with the Directive.

SCHEDULE (para. 10)

BLUEPRINT CORPORATE GOVERNANCE CHARTER DOCUMENT: AUDIT, RISK MANAGEMENT AND COMPLIANCE COMMITTEE FOR INSURANCE COMPANIES IN MALAWI

Committee 1. The Audit, Risk Management and Compliance Committee (hereafter purpose referred to as the "Committee") is a committee of the Board of Directors. Its functions are to assist the Board to discharge its corporate governance duties including—

4th March, 2011 57

(a) the business relationship with the external auditors; (b) the reliability and correctness of the financial statements; (c) the maintenance of an effective framework of business risk management; and (d) the maintenance of an effective framework of business compliance and internal controls.

  1. (1) The Board shall appoint the Committee from among its Committee independent directors. Membership and Quorum (2) The Committee shall consist of not less than three members, at least one of whom shall have financial qualifications, with recent and relevant financial experience.

(3) The Chairman of the insurer shall not be the Chairman of the Committee.

(4) The Executive Directors, such as the General Director and the Deputy General Director, shall not be members of the Committee.

(5) The Board shall review the composition of the Committee annually, and revise the membership as necessary, taking into account the need for an adequate combination of financial and business skills and knowledge.

(6) Appointments to the Committee shall be for a term of three years, extendable by no more than one additional three year-term, as long as members continue to be independent.

(7) A quorum shall be three members.

(8) All of the Committee members shall be independent.

  1. (1) Meetings shall be held not less than four times a year. Committee procedures (2) The external auditors and the head of Internal Audit may request additional meetings if they consider that such meetings are necessary.

(3) The Committee may invite members of management or others to attend meetings from time to time. The Group Finance Director, head of Internal Audit, Actuary and a representative of the external auditors shall be invited to Committee meetings.

(4) The head of Internal Audit, the Appointed Auditor and the Appointed Actuary shall have the right to attend each meeting of the Committee.

(5) (a) The Committee shall keep minutes of all meetings; (b) provide a copy of the minutes to the Board, internal auditors, external auditors and corporate actuary, whether or not they attend the meeting.

(6) The Group Finance Director shall provide executive support and secretarial support to the Committee.

58 4th March, 2011

Committee 4. (1) The Board shall authorize the Committee to investigate any authority activity within its terms of reference including seeking any information it requires from any employee within the company.

(2) Every employee shall cooperate with any request made by the Committee.

(3) Every request of the Committee shall be channelled through the Chief Executive Officer.

(4) The Board shall authorize the Committee to obtain any outside legal, accounting, or other independent professional advice and to secure the attendance of outsiders with relevant experience and expertise if it considers this necessary.

Committee 5. (1) In respect of external auditors, the Committee shall— duties and (a) appoint the external auditors; responsibilities (b) review and assess the performance of the auditors; (c) review and confirm the professional independence of the auditors; (d) review and make recommendations to the Board in respect of fees of auditors; (e) review and approve audit plans; (f) review audit reports; and (g) review management responses to audit reports.

(2) In respect of internal auditors, the Committee shall— (a) appoint the internal auditors; (b) review and assess the performance of internal auditors; (c) set the remuneration of the internal auditors; (d) review and approve internal audit schedules; (e) review internal audit reports; (f) where necessary, instruct management to take action as a result of findings in the internal audit reports; and (g) if necessary, terminate the employment of internal auditors.

(3) In respect of financial statements, the Committee shall— (a) approve the accounting, tax and actuarial policies and principles, applied by the insurer and be satisfied with their appropriate- ness; (b) need to be satisfied that management, jointly with the external auditors, have adequately reviewed the claims, litigation and other contingency, write-offs, provisions and changes in accounting policy which could have a material impact of the financial results of the insurer;

4th March, 2011 59

(c) review quarterly and annual financial statements of the insurer released to the Registrar; and (d) recommend the adoption by the Board of the financial reports and statements.

(4) In respect of risk management, the Committee shall— (a) be satisfied that there is an effective Business Risk Management Framework in place across the insurer, including, but not limited to the identification and risk mitigation strategies in respect of— (i) risks affecting the insurer generally; (ii) Operational Insurance Risks; (iii) Investment Risks; (iv) Concentration Risks; and (v) other matters as the Committee deems appropriate in relation to risk management. (b) be satisfied that management keeps abreast of new risks as they arise, and devises a strategic response to each risk as it is identified; and (c) review and make recommendations to the Board of Directors in respect of policy relating to Risk Management.

(5) In respect of compliance, the Committee shall— (a) satisfy itself that the insurer has an effective Corporate Governance and Compliance Programme covering that— (i) the roles and responsibilities of the Board and Management are published and understood; (ii) the internal controls of the insurer are adequate; (iii) a corporate governance manual which sets out all key corporate policies, procedures and practices and codes of conduct to be followed by employees of the insurer is published and updated; (iv) effective review of corporate internal controls and procedures takes place by a professional internal audit department, which has direct access to the Committee; and (v) there are satisfactory arrangements by which employees can raise concerns about possible breaches and improprieties in confidence.

Made this 2nd day of February, 2011.

(FILE NO. ST/2/120)

DR. PERKS M. LIGOYA Registrar

Share