Financial Institutions (Corporate Governance) Regulations 2005

STATUTORY INSTRUMENTS SUPPLEMENT No. 18 27th May, 2005 STATUTORY INSTRUMENTS SUPPLEMENT to The Uganda Gazette No. 28 Volume XCVIII dated 27th May, 2005 Printed by UPPC, Entebbe, by Order of the Government. STATUTORY INSTRUMENTS 2005 No. 47. THE FINANCIAL INSTITUTIONS (CORPORATE GOVERNANCE) REGULATIONS, 2005

---

ARRANGEMENT OF REGULATIONS PART I—PRELIMINARY Regulation

1. Title
2. Application
3. Interpretation
4. Objectives
5. Rationale PART II—REGULATORY REQUIREMENTS
6. Duties of directors
7. Committees
8. Audit Committee
9. Asset Liability Management Committee
10. Risk Management Committee
11. Compensation Committee
12. Auditors PART III—REMEDIAL MEASURES AND ADMINISTRATIVE SANCTIONS
13. Remedial measures
14. Administrative sanctions SCHEDULE DUTIES AND RESPONSIBILITIES OF DIRECTORS STATUTORY INSTRUMENTS

2005 No. 47. The Financial Institutions (Corporate Governance) Regulations, 2005. (Under section 131(1)(k) of the Financial Institutions Act, 2004, Act No. 2 of 2004) IN EXERCISE of the powers conferred on the Central Bank under section 131(1)(k) of the Financial Institutions Act, 2004, these Regulations are made this 16th day of February, 2005. PART I—PRELIMINARY

1. These Regulations may be cited as the Financial Institutions (Corporate Governance) Regulations, 2005.
2. These Regulations apply to all financial institutions in Uganda.
3. In these Regulations, unless the context otherwise requires— “Act” means the Financial Institutions Act, 2004; “Board” or “Board of Directors” means the Board of Directors of a financial institution; “Chief Executive Officer” or “CEO” means the Chief Executive Officer of a financial institution; “corporate governance” means the process and structure used to direct and manage the business and affairs of a financial institution with the objective of ensuring its safety and soundness and enhancing shareholder value and shall cover the overall environment in which the financial institution operates comprising a system of

checks and balances which promotes a healthy balancing of risk and return; “Director” means a director of a financial institution; “independent director” means a director who has no relationship or interest in the financial institution or any of its subsidiaries or affiliates or their related interests; “inside director” means a director who is an officer or employee of the financial institution or any of its subsidiaries or affiliates or a director who has a relationship or interest in the financial institution or any of its subsidiaries, affiliates or their related interests. 4. The objectives of these Regulations are— (a) to provide guidance to financial institutions on corporate governance issues; and (b) promote public confidence in financial institutions in Uganda by requiring financial institutions to have in place proper corporate governance processes and structures. 5. The rationale for these Regulations is that— (a) financial institutions play the important role of providing finance for commercial enterprises, basic financial services to a broad segment of the population and access to the payment systems and as such, their corporate governance is of paramount importance; (b) given the special position of trust held by financial institutions in the Ugandan economy and their access to government safety nets, it becomes all the more important that financial institutions have strong corporate governance;

(c) increasing globalisation of financial markets, emergence of conglomerate structures, technological advances and innovations in financial products require that the quality of corporate governance in financial institutions should be reasonably high; and (d) weak corporate governance is a basic cause of bank failures in Uganda and this needs to be strengthened. PART II—REGULATORY REQUIREMENTS 6. (1) The Board of Directors shall establish strategic objectives and a set of corporate values that are communicated throughout the financial institution’s organisation. (2) The strategies established under subregulation (1) shall direct the ongoing activities of the institution and lead in establishing the tone at the top and approving corporate values for itself, senior management and other employees. (3) The values of the Board of Directors shall recognise the critical importance of having timely and frank discussion of problems and prohibit corruption and bribery in corporate activities, both in internal dealings and external transactions. (4) The Board of Directors shall ensure that the senior management of the financial institution implements policies that prohibit or strictly limit activities and relationships that diminish the quality of corporate governance, such as conflicts of interest and other forms of self-dealing with substantial shareholders, directors, officers and employees and related parties.

(5) The Board of Directors shall set and enforce clear lines of responsibility and accountability throughout the organisation in the following manner— (a) there shall be a clear demarcation of responsibilities of the Board and management in the interest of an effective accountability regime; (b) it is the responsibility of the Board to establish the approval authority of different levels of senior management; (c) the board, together with the Chief Executive Officer (CEO), shall develop a position description for the CEO, defining the limits to management’s responsibility; (d) the Board shall approve the corporate objectives which are entrusted to the CEO to achieve and set out the basis for measuring the CEO’s effectiveness in achieving corporate objectives; (e) the Board shall perform an annual evaluation of the performance of the CEO; (f) the Board shall always remain responsible for the overall stewardship of the financial institution and must be ready to question, scrutinize and monitor, in a pro-active manner, management’s performance; (g) management shall be responsible for creating an accountability framework for its staff and is ultimately responsible to the Board for the performance of the financial institution. (6) The Board of Directors shall ensure that directors are qualified for their positions, have a clear understanding of

their role in corporate governance and are not subject to undue influence from management or outside concerns. (7) The Board of Directors shall observe the following principles— (a) a financial institution shall have not less than five directors who are fit and proper persons and who satisfy the qualifications of directors stipulated under the Companies Act, and section 53(1) of the Act; (b) the Chairperson of the Board must be an independent director; (c) the Chief Executive Officer shall not be appointed chairperson of the Board; (d) at least two executive directors, resident in Uganda, reporting directly to the Board and who are knowledgeable in the financial institution’s long-term strategy and have the ability to influence the institution’s policy, shall direct the business of the institution (“four eyes principle”); (e) at least five of the directors shall possess demonstrated expertise and experience relevant to the functions of the financial institution and the principal issues that face the institution such as financial controls, capital management, banking risks and corporate planning; (f) in order to enhance independence and objectivity, not more than 50% of the directors shall be employees of the institution or any of its subsidiaries or affiliates, except in cases of subsidiaries of foreign-owned banks where the

Central Bank is satisfied that the employees are deemed fit and proper persons by the home country regulator of the financial institution; (g) the board shall receive, on a timely basis, sufficient information to judge the performance of management and assess the quantitative performance of the institution, the observance of prudential norms, customer satisfaction, service quality, market share and market reaction; (h) Board meetings shall be held not less than once in every quarter of the financial year of the financial institution; (i) the Chairperson of the Board shall ensure that clear and complete minutes of the Board meetings are circulated to members; (j) the directors shall observe the duties and responsibilities set out in the Schedule; (k) each financial institution shall establish an orientation program for new directors as well as refresher programs for the existing directors that shall include a discussion of the responsibilities and legal obligations of a director and the Board as a whole, the nature of business of the institution, conditions in the industry, corporate strategy and expectations from directors; and (l) no director shall simultaneously serve as a board member of any other financial institution or in any executive capacity with any other financial institution or a subsidiary or affiliate of the financial institution in Uganda.

(8) The Board of Directors shall ensure that there is appropriate oversight by senior management by observing the following— (a) ensuring that senior management at all times, consists of a core group of officers responsible for the financial institution, including the chief financial officer, business line heads and the chief internal auditor who have the necessary skills to manage the business under their supervision as well as appropriate control over the key individuals in these areas; (b) ensuring that management avoids situations where— (i) senior managers are overly involved in business line decision making; (ii) senior managers are assigned an area to manage without the necessary pre￾requisite skills or knowledge; and (iii) senior managers are unwilling to exercise control over successful, key employees (such as traders) for fear of losing them. (9) The Board of Directors shall actively get involved in the financial institution’s financial affairs and risk management process and in particular— (a) formulate a clear philosophy for each risk management area; (b) design or approve structures that include clear delegation of authority and responsibility at each level; (c) review and approve policies that clearly quantify acceptable risk, and that specify the quantity

and quality of capital required for the safe operation of the financial institution; (d) periodically review controls to ensure that they remain appropriate, and make periodic assessment of the long-term capital maintenance program; (e) obtain explanations where positions exceed limits, including reviews of credit granted to substantial shareholders, directors and other related parties, significant credit exposures, and adequacy of provisions made; (f) ensure that the internal audit function includes a review of adherence to policies and procedures; (g) formally delegate to management, the authority to formulate and implement strategies; and (i) specify content and frequency of reports. (10) The Board of Directors shall effectively utilize the work conducted by internal and external auditors in recognition of the important control function they provide (11) In accordance with the requirements of sections 61- 76 of the Act, the Board and senior management shall— (a) recognise the importance of the audit process and shall communicate its importance throughout the institution; (b) take measures that enhance the independence and stature of internal auditors; (c) utilize, in a timely and effective manner, the findings of internal and external auditors; (d) ensure the independence of the internal auditor through his or her direct access and reporting

responsibility to the Board or the Board’s audit committee; (e) engage external auditors to judge the effectiveness of internal controls; and (f) require timely correction by management of problems identified by auditors. (12) The Board members shall recognise and acknowledge that the internal and external auditors are their critically important agents and shall utilise their work as an independent check on the information received from management on the operations and performance of the financial institution. (13) In ensuring that compensation levels are consistent with the financial institution’s ethical values, objectives, strategy and business environment— (a) the Board of Directors shall approve the compensation of senior management and other key personnel; (b) the salary scales shall be set within the general business policy, in such a way that they do not overly depend on short-term performance. (14) In conducting corporate governance in a transparent manner— (a) the Board shall satisfy itself that procedures are in place to ensure that the financial institution is satisfying its disclosure obligations and that the information being disseminated is true and accurate; (b) the Board shall, through transparency, reinforce sound corporate governance which shall cover the following—

(i) Board structure, including size, membership, qualification and committee; (ii) senior management structure, including responsibilities, reporting lines, qualifications and experience; (iii) basic organisational structure, including line of business structure, legal entity structure; (iv) information about the incentive structure of the financial institution, including remuneration policies, executive compensation, bonuses and stock options; (v) nature and extent of transactions with affiliates and related parties; (vi) mandate of the Board, its duties and objectives; (vii) composition of the Board, identifying ‘inside directors’ and ‘independent directors’; and (viii) the Board’s expectations of management and its performance in meeting them; and (c) feedback received from stakeholders of the financial institution shall be properly documented and procedures established to deal with its concerns. 7. (1) The Board shall establish specialised committees of directors for better utilisation of its scarce resources and attaining more in-depth review of issues or areas pertaining to the operations of the financial institution. (2) The specialised committees shall include—

(a) the Audit Committee; (b) the Asset Liability Management Committee (ALCO); (c) the Risk Management Committee; and (d) the Compensation Committee. 8. The Board of Directors shall constitute, from among its members, a committee on audit in accordance with section 59 of the Act consisting of not less than two persons who are not employed by the financial institution in any capacity, to perform such functions as the Board of Directors shall specify, including— (a) reviewing the internal audit report and programs of the financial institution; (b) reviewing the internal controls, operating procedures and systems, and management information systems of the financial institution; (c) ensuring that the audit function of the financial institution is adequately staffed; (d) ascertaining the nature of the external audit, co￾ordinating the internal and external audits and considering rectification and implementation of issues raised by the external auditor; (e) reviewing the financial statements of the financial institution and making recommendations on them; (f) reviewing such investments and transactions that could affect the well being of the financial institution as the auditor or auditors or any officer of the financial institution may bring to the attention of the committee;

(g) reviewing the practices of the financial institution to ensure that any insider transactions of the institution that have a material effect on the stability or solvency of the institution are identified and dealt with; (h) providing oversight of the financial institution’s internal and external auditors; (i) reviewing and approving audit scope and frequency; and (j) generally, ensuring that management is taking appropriate corrective actions in a timely manner to address control weaknesses, non￾compliance with policies, laws and regulations and other problems identified by internal and external auditors. 9. The Board of Directors shall constitute an Asset Liability Management Committee (ALCO) in accordance with section 60 of the Act, consisting of not less than two persons to perform such functions as the Board of Directors shall specify in relation to establishing guidelines on the financial institution’s tolerance for risk and expectations from investment that shall include but not be limited to the following areas— (a) limits on loan to deposit ratio; (b) limits on loan to capital ratio; (c) limits on exposure to single or related customers; (d) flexible limits on the percentage reliance on a particular deposit category; (e) maximum dependence on inter-bank and other volatile funding instruments;

(f) limits on maximum and minimum maturities for newly acquired categories of assets and liabilities; (g) limits on maximum and minimum maturities for existing categories of assets and liabilities; (h) limits on the sensitivity of the net interest margin on changes in market interest rates; (i) maximum percentage imbalance between rates and sensitive assets and liabilities; (j) limits on minimum spread acceptable between costs and yields of liabilities and assets; (k) limits on minimum liquidity provision to be maintained to sustain operations while longer term adjustments are made; (l) quantification of primary sources of funds; (m) monitoring of the financial institution’s policies, procedures and holding portfolio to ensure that goals for diversification, credit, quality, profitability, liquidity, community investment, pledging requirements and regulatory compliance are met; and (n) generally implementing the asset/liability (funds) management policy of the financial institution. 10. The Risk Management Committee shall provide oversight of the senior management’s activities in managing credit, market, liquidity, operational, legal and other risks of the institution. 11. The Compensation Committee shall provide oversight on the remuneration of senior management and other key personnel and ensure that compensation is consistent with the

institutions culture, objectives, strategy and control environment. 12. All financial institutions shall appoint internal and external auditors in accordance with sections 61 and 62 of the Act to perform the functions stipulated in the Act. PART III—REMEDIAL MEASURES AND ADMINISTRATIVE SANCTIONS 13. (1) Where the Central Bank determines, through an inspection, that a financial institution is not in compliance with these Regulations, it may impose any or all of the corrective actions under Part IX of the Act. (2) Where the Central Bank determines, in applying the Act and criteria given in these Regulations, that a financial institution’s condition is so serious that it falls under one or more of the paragraphs of section 87(1) of the Act, it may take the appropriate action as called for under section 87(2) and 88 of the Act. (3) The Central Bank may, in accordance with section 77 of the Act, by order in writing, remove from office a chairperson, director or the chief executive officer of a financial institution if it deems it necessary, in the public or the institution’s interests, to do so. 14. In addition to the remedial measures available under regulation 13, the Central Bank may impose any or all of the following administrative sanctions with regard to a financial institution that is not in compliance with these Regulations or whose compliance with these Regulations indicates that the financial institution is in unsound condition— (a) prohibition from declaring or paying dividends;

(b) suspension of the establishment of new branches or expansion into new banking or financial activities; (c) suspension of access to credit facilities of the Central Bank; (d) suspension of the opening of letters of credit; (e) suspension of the acceptance of new deposits; and (f) suspension of the acquisition of fixed assets.

SCHEDULE REGULATION 6 (7) (J) DUTIES AND RESPONSIBILITIES OF DIRECTORS The Board of Directors shall, in general observe and perform the responsibilities and duties stipulated in sections 55, 56(1) and (2) of the Act and in particular, shall— (a) understand their oversight role and their “duty of loyalty” to the financial institution and its shareholders; (b) serve as a “checks and balances” function vis-à-vis the day￾to-day management of the financial institution; (c) feel empowered to question management and be comfortable on insisting upon straightforward explanations from management; (d) recommend sound practices gleaned from other organisations; (e) meet regularly with senior management and internal audit to establish and approve policies, establish communication lines and monitor progress towards corporate objectives; (f) absent themselves from decisions where they are incapable of providing objective advice or, as stipulated in section 54 of the Act, where they may be involved in a conflict of interest situation; (g) not participate in the day-to-day management of the financial institution; (h) assume the responsibility of appointing and monitoring management and also put in place an appropriate structure and procedures to achieve and project its independence; (i) take a lead in establishing and approving corporate values for itself, management and other employees, particularly emphasising a timely and frank discussion of problem areas and covering aspects as corruption, management

of conflict of interest, self-dealing prohibition of unduly favorable treatment of related parties and always acting in the best interest of the financial institution; (j) ensure that the institution’s policies and systems are effective enough to achieve a prudential balance between risks and potential returns to the shareholders; (k) possess a reasonable (significantly more than peripheral) knowledge of the risks specific to the entire spectrum of the institution’s activities; (l) carefully review the adequacy of the risk management policies, systems and procedures proposed by management and, if satisfactory, give its approval in addition; (m) ensure the adequate functioning of well designed internal control and management information systems and require information on a variety of issues in order to specify criteria for assessing management’s performance in respect of various strategies and also ensure the integrity of the data and information produced; (n) ensure that the financial institution puts in place a code of conduct for its employees, setting out the institution’s ethical values and high standards expected of them; and (o) periodically review management’s performance in controlling the risks in the light of the established policies. E. TUMUSIIME-MUTEBILE, Governor, Bank of Uganda.