Risk Oversight Committee
The Board of Directors, as one of their specific duties and responsibilities, must constitute several committees, one of which is a Risk Oversight Committee. The Board must also draw up a written charter that defines the duties and responsibilities of its committee members.
The Risk Oversight Committee shall be responsible for the development and oversight of the risk management program for the bank and its trust unit. The committee shall be composed of at least three (3) members of the Board of Directors including at least one (1) independent director, and a chairperson who is a non-executive member. The members of the risk oversight committee shall possess a range of expertise as well as adequate knowledge of the institution's risk exposures to be able to develop appropriate strategies for preventing losses and minimizing the impact of losses when they occur. It shall oversee the system of limits to discretionary authority that the board delegates to management, ensure that the system remains effective, that the limits are observed and that immediate corrective actions are taken whenever limits are breached. The bank's risk management unit and the chief risk officer shall communicate formally and informally to the risk oversight committee any material information relative to the discharge of its function. The risk oversight committee, shall, where appropriate, have access to external expert advice, particularly in relation to proposed strategic transactions, such as mergers and acquisitions.
The Board of Directors shall review and assess the adequacy of this charter at least once every year.
The Committee shall have adequate resources to enable it to effectively discharge its functions.
- Identify and evaluate exposures. The committee shall assess the probability of each risk becoming reality and shall estimate its possible effect and cost. Priority areas of concern are those risks that are the most likely to occur and are costly when they happen.
- Develop risk management strategies. The risk oversight committee shall develop a written plan defining the strategies for managing and controlling the major risks. It shall identify practical strategies to reduce the chance of harm and failure or minimize losses if the risk becomes real.
- Oversee the implementation of the risk management plan. The risk oversight committee shall conduct regular discussions on the institution's current risk exposure based on regular management reports and assess how the concerned units or offices reduced these risks.
- Review and revise the plan as needed. The committee shall evaluate the risk management plan to ensure its continued relevance, comprehensiveness and effectiveness. It shall revisit strategies, look for emerging or changing exposures, and stay abreast of developments that affect the likelihood of harm or loss. The committee shall report regularly to the board of directors the entity's overall risk exposure, actions taken to reduce the risks, and recommend further action or plans as necessary.
- The Committee shall meet on the 2nd Wednesday of every month;
- Meet periodically with risk management personnel, internal auditors, compliance personnel, and bank staff, together or separately as the Risk Management Committee may see fit.
Approvals by the Committee may be made at or during its meetings or through circulation to all members of the Committee.
The Board on its own or the Committee shall review, assess and/or update this Charter at least annually and make appropriate recommendation to the Board for approval.