Governance and Risk Management

Board Committee Reports

Board Integrated Risk Management Committee Report

Composition of the Committee

The Board Integrated Risk Management Committee (the BIRMC) consists of the following Board members, whose profiles are given in the section on Board of Directors and Profiles.

Board members

Mr M P Jayawardena*
Mr S Renganathan
(Managing Director/Chief Executive Officer)
Mr S Swarnajothi*
Mr K Dharmasiri*
Mr L D Niyangoda*
Mr T L B Hurulle*
Mr S K K Hettihamu
(Chief Risk Officer) (Non-Board Member)

Regular attendees by invitation

Mr S C U Manatunge
(Director/Chief Operating Officer)
Mr V S Rajasooriyar
(Assistant General Manager – Compliance)
Mr K S A Gamage
(Assistant General Manager – Information Technology)

Secretary to the Committee

Mr K D N Buddhipala (Chief Financial Officer)

*Independent Non-Executive Director

Attendance at Meetings

Name Eligible to attend/ Attended
Mr M P Jayawardena 05/05
Mr S Renganathan 05/05
Mr S Swarnajothi 05/05
Mr K Dharmasiri 05/05
Mr L D Niyangoda 04/05
Mr T L B Hurulle 05/05
Mr S C U Manatunge 05/05
The Committee regularly reviewed key risk indicators and assisted the Board in addressing deterioration in asset quality and improving Risk Management Framework.

Charter of the Committee

The BIRMC has been established by the Board of Directors, in compliance with the Section 3(6) of the Direction No. 11 of 2007, on “Corporate Governance for Licensed Commercial Banks in Sri Lanka”, issued by the Monetary Board of the CBSL under powers vested in the Monetary Board, in terms of the Banking Act No. 30 of 1988. The composition and the scope of work of the Committee are in line with the same, as set out in the BIRMC Charter which was reviewed during December 2019, and clearly sets out the membership, authority, duties and responsibilities of the BIRMC as described in the “Risk Governance and Management” Section of this report.

The BIRMC assists the Board of Directors in fulfilling its responsibilities for overseeing the Bank’s risk management framework and activities, including the review of major risk exposures and the steps taken to monitor and control those exposures pertaining to the myriad of risks faced by the Bank in its business operations. Duties of the BIRMC include determining the adequacy and effectiveness of such measures, and to ensure that the actual overall risk profile of the Bank conforms to the desirable risk profile of the Bank, as defined by the Board.

All key risks such as Credit, Operational, Market, Liquidity, Information Technology, Strategic, etc. are assessed by the BIRMC regularly through a set of defined risk indicators. The Committee works very closely with the Key Management Personnel and the Board in fulfilling its statutory, fiduciary and regulatory responsibilities for risk management. The risk profile of the Bank is communicated to the Board of Directors periodically through the Risk Assessment report submitted to the Board following each BIRMC meeting.

Activities in 2019

In discharging the above duties and responsibilities vested on the BIRMC, the Committee reviewed significant risks comprising of Strategic, Operational, Credit, Market, Cyber and other Emerging risk categories during the year. The activities carried out by the Committee include below;

  • Main focus area for the year 2019 was on the deterioration of credit quality level of the industry amidst deteriorating socio-economic factors of the country during 2019. Deliberations on factors that are within the control of the Bank given due cognisance with a view to improve credit quality of the portfolios through stringent measures and guidelines.
  • Approval of parameters and limits set by the Management against various categories of risk upon ascertaining that they are in accordance with the relevant laws and regulations as well as the desired policy levels stipulated by the Board of Directors.
  • Reviewed periodic reports from the Management on the metrics used to measure, monitor and manage risks, including acceptable and appropriate levels of risk exposures. The reviews covered movements from inherent to residual risk levels which indicate the progress in implementing controls and assessing the effectiveness of measures for addressing the sources of risk.
  • Improvements were recommended to the Bank’s Risk Management Framework and related policies and procedures as deemed suitable, in consideration of anticipated changes in the economic and business environment, including consideration for emerging risks, legislative or regulatory changes and other factors considered relevant to the Group’s risk profile.
  • Local and global macro-economic factors were discussed with a view to identify impact of such factor related changes on the Banking sector as a whole and the Bank, in order to initiate remedial action in a proactive manner.
  • The Key Risk Indicators (KRIs) designed to monitor the level of specific risks were reviewed regularly, with a view of determining the adequacy of such indicators to serve the intended risk management objectives and took proactive measures to control risk exposures. The actual results computed monthly were reviewed against each risk indicator and prompt corrective action was initiated to mitigate the effects of specific risks, in case such risks exceeded the prudent thresholds defined by the Board of Directors.
  • An exercise to validate internal ratings through external consultants initiated to support SLFRS 9 implementation and to support more robust Probability of Default (PD) evaluations.
  • Reviewed and revised the Terms of Reference of all Management Committees dealing with specific risks or some aspects of risk, such as the Executive Integrated Risk Management Committee, the Executive Committee on Monitoring NPLs, the Credit Policy Committee, Information Security Council, the Asset and Liability Committee, etc. Actions initiated by the Senior Management were monitored periodically to verify the effectiveness of the measures taken by these respective Committees.
  • The annual work plans, related strategies, policies and frameworks of the above Committees were reviewed, to ensure that these Committees have a good understanding of their mandates and adequate mechanisms to identify, measure, avoid, mitigate, transfer or manage the risks within the qualitative and quantitative parameters set by
    the BIRMC.
  • Reviewed and approved the Internal Capital Adequacy Assessment Process (ICAAP) results related to Commercial Bank Group entities to ensure that the Group maintains an appropriate level and quality of capital in line with the risks inherent in its activities and projected business performance.
  • Monitored the effectiveness and the independence of the risk management function within the Bank and ensured the adequacy of resources deployed for this purpose.
  • Reviewed the effectiveness of the compliance function, to assess the Bank’s compliance with laws, regulations, regulatory guidelines, internal controls, and approved policies in all areas of business operations.
  • Initiated appropriate action against failures of the Risk Owners through the Management, in order to improve the overall effectiveness of the Risk Management of the Bank.
  • The risk profiles of the Subsidiaries of the Bank were monitored through periodic review of KRIs and comprehensive annual risk reviews.
  • Conducted the annual review of the adequacy of the Business Continuity and Disaster Recovery plans of the Bank, in line with the statutory requirements.
  • Findings from the bi-annual Risk Control Self-Assessment (RCSA) exercise were reviewed.
  • The BIRMC members participated in knowledge enhancing session covering technology risk resilience cyber and information security, conducted by an industry expert.

The BIRMC held four (4) meetings on a quarterly basis and one additional meeting specifically to discuss and recommend ICAAP as at December 31, 2018, during the year under review. The proceedings of the Committee meetings were regularly reported to the Board of Directors.

During the year 2019, the BIRMC supported execution of the overall business strategy within a set of prudent risk parameters that are reinforced by an effective risk management framework.

M P Jayawardena

Board Integrated Risk Management Committee


February 20, 2020