Chairman’s Message

In navigating the complexities of rapidly evolving global landscape, characterised by both virtual and physical transformations, the imperative to remain competitive while upholding ethical standards has never been more pronounced. The banking industry, amidst heightened competition, technological advancements, demographic shifts, and regulatory requirements, is confronted with unprecedented challenges in scaling up operations. As demands from regulators, investors, and the wider community continue to rise, we are resolute in upholding the highest standards of corporate integrity and responsible governance.

As the Chairman of the Bank, I am pleased to convey our steadfast dedication to corporate governance principles and practices in our operations. Transparency, accountability, and good governance are no longer mere compliance requirements, but essential pillars of our Bank’s success and sustainability.

Throughout the year, the Board has been actively engaged in overseeing our strategic direction, addressing evolving challenges, and strengthening our governance structure. We maintain a strong focus on shareholder engagement, while ensuring a robust and transparent process for Director appointments and re-elections.

At Commercial Bank, we operate within a framework of transparency, accountability, and adherence to ethical codes, recognising them as fundamental to sustainable growth. Transparency serves as a cornerstone of our governance framework, fostering accountability, good governance, and sound financial and risk management practices, which are essential to empower stakeholders and maintain trust, given our role as a financial intermediary.

Our Board guides value creation over the short, medium, and long term, taking responsibility for the Bank's actions and performance. Timely disclosures, including those in this Integrated Report and Financial Statements, are instrumental in maintaining transparency across functional areas. Committees at both Board and Executive levels follow stringent guidelines enumerated in their respective charters and terms of reference, fostering accountability through oversight on reporting, disclosures, performance evaluation, and reward structures.

In the year 2022, we introduced the Conduct Risk Management Policy and the Anti-Bribery and Anti-Corruption Policy (https://www.combank.lk/info/file/91/anti-bribery-andanti-corruption-policy) to underscore our commitment to ethical conduct. Timely disclosures, accessible through our intranet and the website, ensures transparency while upholding confidentiality. Our Integrated Report and Financial Statements go well beyond compliance requirements, demonstrating our accountability to stakeholders showcasing our focus on environmental, social, governance and wider sustainability aspects.

Operational sustainability, guided by exemplary governance practices, ensures our ability to thrive in the future. Upholding legal and ethical principles, we strike a balance between financial aspirations and community welfare. Our commitment to societal and environmental welfare underscores our role as a consolidator of stakeholders' aspirations and a benefactor of grassroots communities.

The Conduct Risk Management Policy and the Anti-Bribery and Anti-Corruption Policy which together with the Code of Ethics and the Whistleblowers’ Charter encourage all staff members at all levels to be ethical and accountable in their dealings.

I am happy to state that the Bank has adhered to all the applicable requirements of the Banking Act Direction No. 11 of 2007 on Corporate Governance of the CBSL. Additionally, the Bank is in compliance with the majority of the requirements of the recently revised Section 9 of the Listing Rules on Corporate Governance issued by the CSE, with efforts underway to fulfill the remaining requirements within the specified timelines. Furthermore, the Bank has largely complied with the requirements set out in the Code of Best Practice on Corporate Governance 2023 issued by CA Sri Lanka, with measures underway to comply with the remaining requirements.

This Integrated Annual Report, featuring comprehensive voluntary disclosures surpassing compliance requirements, is a clear demonstration of our accountability to the stakeholders. Guided by our Sustainability Framework (page 54), we have been steadily broadening our focus and disclosures on environmental, social and governance-related aspects, to showcase in particular that the CSR Trust of the Bank envisages the social and environmental conscience as a pillar by itself, crucial not only for overall sustainability but also as a manifestation of corporate empathy.

Looking ahead, we remain committed to delivering even greater value to our shareholders, providing exemplary services to our customers, and adapting to the changing dynamics of the financial industry. Together, with the dedication of our Board, Management team, employees, shareholders, and stakeholders, we will navigate challenges and seize opportunities, building an even-more-stronger and even-more-resilient Commercial Bank of Ceylon PLC.

I extend my heartfelt gratitude to our Board, Management team, employees, shareholders, customers and all other stakeholders for their unwavering support and commitment to our governance principles. Together, we will continue to uphold the highest standards of corporate governance, ensuring sustainable success of our organisation.

Prof A K W Jayawardane
Chairman

February 21, 2024
Colombo

 

How we govern (Principles D.6 and D.7)1

As per the disclosure requirements of the Banking Act Direction No. 11 of 2007 on Corporate Governance (the Direction) and the Section 9 of the Listing Rules on Corporate Governance issued by the CSE, pages 439 to 445 of this Report elaborate the structure, overarching principles, and elements of the Bank’s corporate governance framework. In addition, the Bank has complied with the principles enumerated in the Code of Best Practice on Corporate Governance – 2023 (the Code) issued by CA Sri Lanka.

The External Auditors of the Bank, Messrs Ernst & Young have submitted their Assurance Statement to the Central Bank of Sri Lanka (CBSL), following their review of the Bank’s compliance in line with the Direction.

The extent of compliance in line with the Direction is disclosed in Annex 1.1 on pages 422 to 433, while compliance with the Code is presented in Annex 1.2 on pages 434 to 438 and the compliance with the Section 9 of the Listing Rules is given in Annex 1.3 on pages 439 to 445. Furthermore, the Bank has complied with all the disclosure requirements under the prescribed format issued by the CBSL for the publication of Annual Financial Statements, and a comprehensive disclosure statement thereon is given in Annex 1.4 on pages 446 to 450.

Bank’s approach to governance

As the Bank holds the fiduciary responsibility of accepting and deploying vast sums of uncollateralised public funds, the importance of maintaining public trust and confidence for its long-term success and sustainability cannot be overemphasised. To this end, the Bank considers exemplary conduct on the part of all its employees as essential to good governance, be it from the Board of Directors at the highest governing body and the members of Corporate Management, to the Senior Management and the staff at the most junior level. Accordingly, the Bank has put in place a system of good corporate governance – the system of rules, practices, and processes that guides corporate behaviour ensuring a disciplined approach to decision-making and execution with the interests of all stakeholders at heart. This system has been the bedrock of the Bank of its existence for over 100 years and sustainable value creation.

At Commercial Bank, good corporate governance is not limited to legal and regulatory requirements alone but is viewed as a collective responsibility that serves as the foundation for financial integrity, sustainable value creation, and investor confidence. While it is a strong and highly effective risk management tool, it simultaneously paves the way for the Bank to exploit opportunities. Given this huge responsibility, the Bank has an unwavering commitment to good corporate governance and conducts its affairs with utmost intellectual honesty, integrity, and diligence whilst being mindful of its obligations to society and the environment. This tone is set at the topmost echelons of the Bank’s Corporate governance structure and echoes through the entire work culture at the Bank.

While the commitment to good corporate governance has been in place for over a century, the underlying framework is regularly reviewed and updated to be in line with the evolving regulations and best practices. The framework has consistently and successfully guided the Board, Board Committees, Management, Management Committees, and staff in performing their stewardship roles. This framework is underpinned by the governance principles of leadership, integrity, effectiveness, accountability, transparency, sustainability, and shareholder engagement. These principles guide the Bank's Management in all its decisions relating to Board oversight, delegation of authority, division of responsibilities, resource allocation, risk management, internal controls, compliance, performance appraisal and compensation, related party transactions, and financial reporting. The fact that the Bank is the most awarded bank in Sri Lanka bears testimony to its commitment to good corporate governance (Refer Awards and accolades for the details of awards and accolades won by the Bank in 2023). During the year under review, the Bank carried out a comprehensive study to ensure that the Bank complies with the guidelines stemming from the revised Code and the Section 9 of the amended Listing Rules of the CSE.

Objectives of the Bank’s Corporate Governance Framework

As the largest private sector bank and the third largest bank in Sri Lanka, Commercial Bank touches the lives of millions of people in various capacities, and these stakeholders in turn have high expectations of their interactions with the Bank. Given that this trust and confidence are imperative for the long-term success of the Bank, the Corporate Governance framework in place at the Bank has been designed to ensure the following as envisaged in its Business Model:

• Guiding the Bank on ESG and broader sustainability matters (risks and opportunities) to ensure the long term success of the Bank.
• Facilitating adequate oversight on Management to ensure due diligence on key decisions and implementation of strategies as intended
• Establishing clear ownership and accountability on key and emerging risks
• Maintaining systems and processes efficiently to speedily identify, assess, and escalate issues, incidents, and risks
• Facilitating efficient decision-making for timely and effective outcomes to achieve expected results
• Ensuring business and support service functions are sufficiently resourced with the required competencies and maturity
• Ensuring the remuneration framework is properly aligned with the long-term success of the Bank
• Ensuring that the Bank’s operations comply with policies, laws, regulations, and ethical standards both to the letter and spirit
• Ensuring assets are safeguarded by having proper controls in place
• Guiding the Bank and its Group companies to be more stable, resilient, and future-ready
• Creating value sustainably for all stakeholders over the short, medium, and long-term

To achieve the objectives stated above, the Board has ensured the following:

• Clearly demarcating and distributing the roles and responsibilities among the Board, Board Committees, Management, and Management Committees, with the approved charters/mandates and Terms of Reference which are reviewed annually
• Establishing clear reporting lines and frequency of reporting
• Taking into consideration the legitimate needs, interests, and expectations of all the stakeholders
• Upholding the highest degree of fairness, transparency, and accountability
• Adopting an Anti-Bribery and Anti-Corruption Policy which sets out principles for countering bribery and corruption and the management of bribery and corruption risk and communicating same to all staff clearly indicating the Bank’s stance on zero tolerance for non-compliance
• Adopting a Group Conduct Risk Management Policy Framework
• Adopting a Whistleblowers’ Charter and communicating same to all staff clearly instructing that the staff are expected to be familiar with the contents of same and that the staff are always expected to act in conformity with the Charter
• Aligning remuneration to performance, based on accurate job descriptions, pre-agreed KPIs and clear communication of expectations from the employees
• Minimising negative externalities to society and the environment
• Living by the claims made and values associated with the Bank’s brand reputation
• Ensuring that the Sustainability Framework of the Bank operationalise sustainable banking, responsible organisation, and community impact

The key regulatory requirements and voluntary codes relevant to the Bank and elements of its Corporate Governance Framework are depicted in Figure 39 below.

Governance structure

The foundation of the governance structure of the Bank is built on well-defined roles and responsibilities, greater accountability, and clear reporting lines of the Board, Board Committees, Corporate Management, and Executive Management Committees. The Board and Board Committees assisted by consultants where necessary are responsible for setting the strategy, defining the risk appetite, and exercising oversight while Corporate Management and Executive Management Committees are responsible for executing the strategy and driving performance. Responsibility and accountability for conducting operations and assuming risk under the purview of the Corporate Management lie with the those heading the strategic business units and support functions. The governance structure of the Bank is given in Figure 40.

The Bank has a Board approved organisation structure, which clearly depicts the work responsibilities and reporting relationships (Refer Annex 7 for an abridged organisation chart).

Board of Directors (Principles A.1, A.1.5, A.4, and A.10)

The Board of Directors plays a pivotal role in demonstrating good corporate citizenship, ethical behaviour, transparency, and accountability whilst also warding off all forms of corporate malfeasance. The Board of Directors - the highest decision-making authority - with responsibility for the sustainability of the Bank provides leadership by setting strategic direction, defining risk appetite, monitoring and evaluation of performance, resource allocation, compliance, business conduct, approving remuneration policies, and making appointments to the Board, Board Committees, and the Corporate Management. Under the due diligence and oversight of the Board, Corporate Management is responsible for the execution of the strategy, day-to-day operations, and implementing an effective system of internal control and risk management. The Board and Corporate Management have a clear mutual understanding of their respective roles, delegated authority, and boundaries. Based on trust and respect, the Board and the Corporate Management work within a productive and harmonious relationship which is a pre-requisite for good corporate governance and organisational effectiveness. This has proved to be one of the key reasons for the many achievements of the Bank and its positioning as the benchmark private sector bank in the country over the years. Furthermore, the Bank is one of the two higher tier Domestic Systemically Important Banks (D-SIBs) in Sri Lanka.

The Board comprised twelve Directors at end of 2023 (eleven as of the end of 2022). Each Director is an eminent professional in his or her respective field and holds the skills and expertise necessary to constructively challenge the Corporate Management and enrich deliberations on matters set before the Board. They fully understand and appreciate the dynamism and complexity of the operations of the Bank, its subsidiaries, and its associate, particularly in the wake of emerging global developments threatening to challenge conventional business models. Ten of the Directors (nine as of the end of 2022) are Independent Non-Executive Directors (INEDs), ensuring a higher degree
of autonomy. Directors act in the best interest of the shareholders, avoiding any conflicts of interest.

Diversity and inclusion (Principle A.10.1)

The Board of Directors mirrors this diversity and inclusion with expertise in accounting, banking and finance, economics, law, agriculture and chemical industry, engineering, information technology, risk management, manufacturing, healthcare, insurance, logistics, plantations, renewable power, and international capital markets. Having risen to the highest echelons of Government institutions or private sector organisations, they bring their independent judgement to bear on matters reserved for the Board. Bringing together banking, entrepreneurial, investor, and regulatory perspectives, the Board is able to explore matters from diverse points of view to facilitate long-term value creation. The Company Secretary assists the Board in discharging its responsibilities.

The diversity in the Board's composition has enabled it to bring a unique perspective to the Boardroom, enhancing dynamics and effectiveness while promoting a healthy and constructive exchange of views, leaving no room for groupthink. Refer composition of the Board

The profiles of the Board members which include the qualifications, memberships in Board Committees, and both current and previous significant appointments as well as the profile of the Company Secretary are given on Board of Directors and profiles.

Board process (Principles A.1.3, A1.4, A.1.6, A.1.7, A.3.1 and A.6)

Minutes of deliberations and decisions made at Board and Board Committee meetings are maintained in sufficient detail. If the need arises, members of Corporate Management are invited to make presentations to the Board on the performance of areas coming under their purview. Members of the Board are also allowed to seek independent professional advice, if necessary, at the Bank’s expense. The Bank has also obtained a Directors’ and Officers’ Liability Insurance Policy, affording them protection against any allegations in the conduct of their duties.

Conflicts of interest (Principles A.5.5 and A.10.1)

The Bank has a meticulous system in place to avoid conflict of interest. At an individual level, members of the Board declare a situation of conflicts of interest and withdraw from participating in deliberations on/exercising influence over matters where conflict or the appearance of conflict of interest arises. The actions are appropriately minuted for future reference. In addition, the affiliations and transactions of Directors are regularly reviewed to ensure that there are no conflicts or relationships that might impair Directors’ independence. The Board-approved Related Party Transactions Policy of the Bank sets out the procedure to be adopted in granting accommodation to the Directors, their close family members, and entities in which the Directors hold directorships, as permitted by the rules and regulations of the CBSL and within the terms and conditions such facilities are provided to other customers of the Bank. Such facilities, if any, are reviewed and recommended by the Board Credit Committee (BCC) and are submitted to the Board for approval. Once approved, details of such facilities are tabled at the next scheduled meetings of the Related Party Transactions Review Committee (BRPTRC) for information. The section on ‘Directors’ Interest in Contracts with the Bank’ on page 230 discloses the details of transactions carried out in the ordinary course of business on an arm’s length basis with entities where the Bank’s Chairman or Directors serve as the Chairman or as a Director in another entity, while Note 62 to the Financial Statements on pages 384 to 388 includes information on “Related Party Disclosures”. At the point of joining and quarterly thereafter, the Directors declare their interests, and the necessary procedures in place to ensure that there are no conflicts of interest that will compromise the independence of members. A register of such declared interests is maintained by the Company Secretary and is available for inspection by shareholders or their authorised representatives as required by Section 119 (1) (d) of the Companies Act No. 07 of 2007 and amendments thereto.

Board meetings (Principles A.1.1 and A.10.1)

In the year 2023, the Board held fourteen (14) scheduled meetings (fifteen in 2022) of which one meeting (one meeting in 2022) was allocated exclusively to deliberations on Corporate Plan 2024 – 2028 and Budget 2024, with the members of the Corporate Management being present. Twelve (12) meetings (thirteen meetings in 2022) were devoted to review and deliberate on matters including the following;

• Financial and operating results against the budgeted KPIs and previous periods
• Risk factors affecting financial and operating results and the risk mitigants
• Extent of compliance with the mandatory and voluntary requirements and corrective measures for any instances of non-compliance, if any
• The revised budget for 2023
• Lapses in internal controls and corrective measures taken
• Frauds reported, investigation outcomes and follow up on actions taken
• Minutes of Board committees
• Share transactions by staff members in Assistant Manager and above grades
• ESG and wider sustainability related risks and opportunities
• Cyber security related risks, risk mitigants, compliance reports from independent third parties etc., for priority 1 systems in particular
• Scope of the Recovery Plan (RCP) and recovery options identified to restore normalcy in a crisis or high stress situation
• Stage movements of Non-Performing Credit Facilities and recovery actions taken
• Updates on strategy implementation
• Investment strategies

Subsequent to the election/re-election of Directors at the Fifty-fourth Annual General Meeting (AGM) held on March 30, 2023, in place of those who retired by rotation, a Board Meeting was held on March 30, 2023 to review and revise the composition of the Board Committees.

Figure 41 on page 183 provides details of attendance at Board meetings including membership status, mode of attendance, positions held by the Board members in Board committees, and the tenure on the Board.

Such meetings are seen to provide an effective forum for discharging the oversight responsibility of the Board. With the Covid-19 pandemic no longer classified as a public health emergency, the Board meetings transitioned back to physical format during the year. However, in adherence to safety protocols and to accommodate members residing or traveling overseas, as well as those facing unavoidable circumstances, virtual attendance options were made available. This hybrid approach ensured that all Board members could actively participate in the meetings, whether in person or remotely, facilitating continued collaboration and decision-making in a safe and inclusive manner.

The Board continued to play an active role in strategy formulation, providing directions to the Corporate Management for the preparation of the Bank’s five-year strategic plan spanning 2024-2028. This plan was then reviewed and approved at a meeting specifically convened for this purpose, in December 2023. The meeting saw members of the Corporate Management present plans on areas coming under their purview, and extensive deliberations were made on said presentations, with the Board exploring and evaluating alternative strategies prior to the approval and allocation of resources for execution of the same.

The Board continued to give prominence to liquidity and capital management, higher credit losses necessitated for foreign currency-denominated Government securities consequent to the downgrade of the country’s sovereign rating in April 2022, and the subsequent announcement made by the Government to restructure foreign currency debt, deteriorating credit quality, and increasing tax burden, all in a bid to support growth and ensure sustainable value creation. One of the regular items on the agenda at the monthly Board meetings is to review performance against the strategic plans, allocating sufficient attention and time to review the progress and to identify areas of concern requiring further attention by the Board. In addition, the Board heightened its attention on credit quality, closely monitored exposures to risk-elevated industries, reviewed the appropriateness of the impairment methodology, monitored movements in staging of exposures, and sought to resolve distressed credit facilities. Further, the Board diligently addressed ESG and wider sustainability-related risks and opportunities, as well as cybersecurity risks and mitigation measures, alongside reports of security breaches, demonstrating their commitment to comprehensive risk management.

Furthermore, through periodic presentations made by the respective Chief Executive Officers and/or Managing Directors, the Board also reviewed the performance and future plans of the subsidiaries of the Bank. The Board reviewed and approved the updated policies and procedures in response to various new directions from the CBSL, including Directions No. 13 of 2021 concerning the classification, recognition, and measurement of credit facilities and Directions No. 14 of 2021 regarding the classification, recognition, and measurement of financial assets other than credit facilities in licensed banks. These directives, effective from January 1, 2022, prompted necessary revisions to ensure compliance and adherence to regulatory standards.

Board Committees (Principles A.7.1 to A.7.3, A.7.5 & A.7.6, B.2, D.3 to D.5)

Board Committees are appointed both in terms of compulsory requirements and voluntarily. Out of the Ten Board Committees that have been appointed with delegated authority to strengthen governance and to deal with/decide on certain subject-specific and specialised matters, six are mandatory whilst the remaining four are voluntary. Four out of six mandatory Committees have been formed as required by the Direction. The Board Capital Expenditure Review Committee (BCERC) was formed during the year as required by the Banking Act Direction No. 01 of 2023 on “Restrictions on Discretionary Payments of Licensed Banks” while, demonstrating commitment to good governance, the BRPTRC was formed in 2014 by early adoption of the Code of Best Practice on Related Party Transactions as issued by the Securities and Exchange Commission (SEC) of Sri Lanka which became mandatory for all listed entities from January 01, 2016 under Rule 7.6 (xvi) of the CSE Listing Rules.

The four voluntary Board Committees have been established considering the business, operational, information technology, and strategy development needs of the Bank as permitted by the Bank’s Articles of Association. These Committees hold regular meetings – once a quarter at a minimum. The Board Committees have sought guidance and advice from external consultants on several occasions. Furthermore, each of the Directors served in a minimum of three Committees during the year. The Board of Directors, however, retains responsibility for all Board Committee decisions, thereby ensuring the continuance of good corporate governance.

Important matters arising from the Board Committee meetings ware deliberated regularly at the Board meetings for information/approval of the members, and any concerns identified in relation to specialised areas were also referred to them for oversight. The minutes of these meetings, carefully ascertain and record the views and deliberations of the Directors on issues under consideration.

The composition, areas of oversight responsibility under respective mandates, key activities in 2023, and attendance of members at the Board Committee meetings are given in the respective Board Committee reports.

Executive Management Committee

The Executive Management Committee (EMC) comprises all members of the Corporate Management including the Managing Director/Chief Executive Officer (MD/CEO) and the Chief Operating Officer (COO), who are also the two EDs of the Bank. The primary responsibility of the EMC is to implement strategy – as approved by the Board under the leadership of the MD/CEO – and deliver on the performance objectives while ensuring that the risks undertaken by the Bank are within the risk profile approved by the Board. The EMC has several responsibilities such as laying down policies, making operational decisions, monitoring financial performance against budgets, reviewing the achievement of strategic goals set for business divisions, allocating capital diligently, monitoring the progress of implementing the Digital Road Map, managing risk, deliberating on human resource development including health and safety, fortifying the compliance function, implementing the Sustainability Framework, solving operational and customer issues and ensuring compliance with all applicable regulatory requirements. Beyond the above functions, the EMC also reviews and deliberates information prior to Board review, thereby ensuring that the Board is provided with all material information in a timely and detailed manner, thus aiding the Board to effectively fulfil their oversight responsibilities as Directors. The EMC meetings are conducted to provide all members with the opportunity to gain a 360o view of the Group’s operations. Detailed minutes are recorded by the Secretary of the EMC, which are then submitted to the approval by the MD/CEO for follow up action.

Members of the Corporate Management including the MD/CEO review the operations of the subsidiaries and the associate of the Bank while several members of the Corporate Management have been appointed as Directors of subsidiaries of the Bank to oversee the operations and to safeguard the Bank’s interest and ensure a reasonable return thereon. An overview of performance of the subsidiaries and the associate is given on pages 129 to 131 in the Section on “Financial Review” while the Section on “Group Structure” carries a snapshot of all subsidiaries and the associate of the Bank on pages 142 and 143 together with details of Board of Directors of each Company.

The profiles of the members of the Corporate Management with their names, designations, qualifications, and experience are given on pages 170 and 171, while the names of members of the Senior Management related to the Bank’s operations in Sri Lanka, Bangladesh, the Maldives, Myanmar, and the subsidiaries in Sri Lanka are given on Senior Management.

Management Committees

In addition to the Board, the Board Committees, and the EMC, several other Management Committees have been established for good governance along subject-specific lines to facilitate decision-making and executing Board-approved strategies. These Management Committees operate under delegated authority from the MD/CEO.

Based on approved Terms of Reference, the Management Committees which are chaired by either the MD/CEO or the COO operate under a structure and a process similar to that of the Board Committees. Detailed minutes are recorded by the Secretary of the respective Committee, which are then submitted to the relevant Board Committees after approval by the MD/CEO. These Committees undertake extensive deliberations, cooperate across departments, and debate on matters considered critical for the Bank’s operations as described in the Figure 43.

Roles, responsibilities, and powers of the Board (Principles A.1.2 to 1.7)

The role of the Board of Directors and their responsibilities are set out in the Board Charter, which includes a schedule of powers reserved for the Board as detailed below:

Role of the Board

• To represent and serve the interests of shareholders by overseeing and appraising the Bank’s strategies, policies, and performance
• To provide leadership and guidance to the Management for the execution of strategies
• To optimise performance and build sustainable value for the shareholders and other stakeholders in accordance with the regulatory framework and internal policies
• To ensure that an appropriate governance framework is in place
• To ensure regulators are apprised of the Bank’s performance and any major developments
• To review the performance of the key business units against the goals and objectives at regular intervals

Key responsibilities

• Setting strategic direction and monitoring its effective implementation
• Ensuring effective systems are in place to secure integrity of information, risk management, internal control, cyber security, business continuity and compliance
• Ensuring the integrity of the financial reporting process
• Ensuring that appropriate corporate governance structure, policies, and framework are in place for compliance with laws, regulations and ethical standards
• Strengthening the safety and soundness of the Bank
• Reviewing the performance of the Bank and the Group companies
• Selecting, appointing, and evaluating the performance of the MD/CEO
• Appointing the Chair, members to the Board of Directors to fill casual vacancies
• Appointing members of the Corporate Management of the Bank who possess required skills and experience and knowledge to implement the strategy while ensuring succession plan
• Understanding the criticality of cyber risks and taking steps to mitigate them
• Ensuring the availability of an ICT Road map and monitoring diligent execution of same
• Recognising importance of ESG and wider sustainability concerns and aligning the Bank’s strategy therewith to ensure long term value creation
• Appointing and overseeing the External Auditors’ Responsibilities
• Approving Interim and Annual Financial Statements for publication

Powers reserved for the Board

• Approving Corporate Plan and Budgets which include major capital expenditure, acquisitions, and divestitures, and monitoring capital management
• Appointing the Board Secretary in accordance with Section 43 of the Banking Act No. 30 of 1988
• Establishing and appointing members to Board Committees and evaluation of the performance of Board Committees
• Seeking professional advice in appropriate circumstances at the Bank’s expense
• Reviewing, amending, and approving governance structures and policies

Board’s role in risk management (Principle D.2 and D.4)

Risk management is key to the long-term sustainability of the Bank. The Board, as the highest decision-making authority in the Bank, is responsible for implementing an effective risk management mechanism across the Group. With the support of the BIRMC, the Board has devised an effective risk management framework that sets the risk appetite and tolerance limits, facilitating monitoring of the risk profile on a regular basis through risk reports submitted to the Board. Risk management has continued to be one of the key and regular items on the agenda of Board and relevant Board Committees meetings. Clarifications were sought from the respective members of the Management for any deviations from the agreed risk profile and necessary guidance was given for taking mitigatory action. Further, risks related to the business strategies were carefully reviewed at a special Board meeting held to review the Budget for the year 2024 and deliberate on the strategic plan 2024-2028 (Refer Risk Governance and Management for further details).

Segregation of roles of Chairman and Chief Executive Officer (Principles A.2 and A.3)

The positions of the Chairman and the Chief Executive Officer (CEO) who is also the Managing Director are separated, to facilitate the balance of power and authority, and to adhere to the CSE Listing Rules on Corporate Governance. The Chairman is a NEID while the CEO is an ED appointed by the Board. Their respective roles are clearly set out in an approved Board paper and the Board Charter of the Bank.

Accordingly, as set out in the said Board paper and the Board Charter, a clear and effective separation of accountability and responsibility has made the role of the Chairman distinctive. By providing leadership to the Board, preserving order, and facilitating the effective discharge of its duties, the Chairman promotes good corporate governance and the highest standards of integrity, and probity throughout the Group. He ensures that the Board receives all information necessary for making informed decisions in discharging its responsibilities. The Chairman also ensures that a balance of power is maintained between executive and non-executive Directors and the Board is in full control of the Bank’s affairs and is alert to its obligations to all stakeholders. Furthermore, he also ensures the effective participation of all Directors in Board deliberations by both EDs and NEDs and maintains open lines of communication with members of the Corporate Management, providing an effective platform for deliberating strategic and operational matters.

On the other hand, the role of the MD/CEO, as set out in the Board Charter, is to conduct the management functions as directed by the Board. The corporate objectives and the boundaries of his authority as the MD/CEO are set by the Board, while his duties and responsibilities are jointly developed.

The MD/CEO leads the Management team in the day-to-day operations and ensures the implementation of strategies, plans, and budgets approved by the Board. He also conducts the affairs of the Group, upholding good corporate governance, and the highest standards of integrity and probity as established by the Board.

While they have separate functions, the Chairman and the MD/CEO meet regularly to set the Board agenda, deliberate on current and future developments, and discuss any material issues impacting the Bank, thereby working together toward the Bank’s overall progress.

Role of Independent Non-Executive Directors (Principles A.3.1, A.5, and A.5.1)

The Bank has a strong element of independence on the Board, with ten out of the twelve Directors as at December 31, 2023 being independent NEDs. The only connection of the independent Directors with the Bank and with other Companies in the Group is their directorships, thereby ensuring that their judgement is unlikely to be influenced by external considerations. The presence of independent NEDs is expected to complement the skills and experience of the other Board members through the independent NEDs conveying an objective and independent view on matters, using their expertise to challenge the Board and the Management constructively, and by assisting in guiding the strategy.

Role of the Company Secretary (Principle A.1.4)

The Company Secretary plays a vital role in facilitating good Corporate Governance. His responsibilities encompass activities relating to Board meetings, general meetings, Articles of Association, reports, accounts and documentation, Corporate Governance, and Stock Exchange requirements. Primary responsibilities include:

• Assisting the Chairman in conducting the Board Meetings, AGMs, and EGMs in accordance with the Articles of Association, the Board Charter, and relevant legislation
• Maintaining minutes of meetings and statutory registers, and filing statutory returns on time
• Monitoring all Board Committees to ensure they are properly constituted and have clearly defined Terms of Reference
• Facilitating best practices of Corporate Governance including assisting the Directors with their duties and responsibilities
• Facilitating access to legal and independent professional advice in consultation with the Board, where necessary
• Ensuring the Bank complies with its Articles of Association incorporating the required amendments, following proper procedure
• Coordinating the publication and distribution of the Bank’s Annual Reports and Accounts and interim financial statements, and preparing the Directors’ Report
• Monitoring and ensuring compliance with Listing Rules including required disclosure on related parties and related party transactions, and maintaining cordial relationships with the CSE, share, and debenture holders
• Communicating promptly with the regulators

The appointment and removal of the Company Secretary are done by the Board.

Appointments and retirements/resignations of Directors (Principle A.7)

The appointment of new Directors is based on an annual assessment of the combined knowledge, experience, and diversity of the Board including gender, age and any other factors relevant to the industry, with new Directors chosen on their ability to bring added perspective and ensure the continued effectiveness of the Bank’s strategic plans. Accordingly, the nomination of candidates for appointment as Directors takes place under a formal and transparent procedure formulated by the BNGC. The resumés of potential candidates are carefully evaluated by the BNGC prior to them being recommended to the Board for their consideration as NEDs. Such nominations may also include an interview with the candidate. Members of the BNGC do not participate in decision making relating to their own appointment/reappointment and the Chairman of the Board should not chair the Committee when it is dealing with the appointment of his/her successor.

A similar process is followed when appointing EDs, with the exception of when candidates are selected from the Corporate Management of the Bank. The committee should ensure that there is a succession plan for the CEO and for all KMPs and determine the training and development requirements for those identified for succession.

As required by the Listing Rules, appointments of new Directors to the Board are promptly communicated to the CSE through announcements, subsequent to obtaining approval from the CBSL for their fitness and propriety. The announcements typically include a brief resumé of new Directors, relevant expertise, key appointments, shareholdings, the names of companies in which the new director holds directorships or memberships in board committees and status of independence. In addition, all the staff members of the Bank are informed of any new appointments to/resignations and retirements from the Board as well as the appointment of Directors to the positions of the Chairman and the Deputy Chairman via internal circulars.

During the year under review, there were two new additions to the Board of Directors and one retirement from the Board, the details of which are given in Figure 41 titled Composition of the Board and Attendance on page 183. There were no resignations of Directors during the year ended December 31, 2023.

The required details on retirements of Directors were promptly communicated to the CSE as required by the Listing Rules.

Re-election/election of Directors (Principle A.8 and A.9.3)

The Articles of Association of the Bank state that the two longest-serving NEDs must offer themselves for re-election at each AGM in rotation, with the period of service being considered from the last date of re-election or appointment. If two or more Directors qualify for re-election in a particular year, the Directors may decide amongst themselves, either by considering the affidavits and declarations submitted by them and all other relevant issues or by drawing lots to determine which Directors will offer themselves for re-election. Accordingly, Mr S Muhseen and Mr R Senanayake, the two longest-serving Directors since their last re-election will be seeking re-election at the forthcoming AGM to be held on March 28, 2024. Having reviewed the participation, contribution and engagement of Mr S Muhseen and Mr R Senanayake and the recommendation made by the Board Nominations and Governance Committee, the Board approved them to seek re-election. In addition to the above, if a Director has been appointed as a result of a casual vacancy that has arisen since the previous AGM, that Director will also offer himself/herself for election at the immediately succeeding AGM. Accordingly, Mr P M Kumarasinghe who was appointed to the Board in April 2023 to fill a casual vacancy will offer himself for re-election at the forthcoming AGM.

Induction and training of Directors (Principle A.1.8)

On appointment, Directors are provided with an induction pack that outlines the main areas that require familiarisation. The induction pack includes the Articles of Association, the Banking Act Directions, the Corporate Directors’ Handbook published by the Sri Lanka Institute of Directors, the Code of Best Practice on Corporate Governance 2023 issued by CA Sri Lanka, the Bank’s organisational structure, copies of the approved Board Charter and the Board Related Party Transactions Policy, and a copy of the most recent Annual Report of the Bank. They are also given access to the electronic support system which has archived minutes of meetings held over the past eleven years. All Directors are encouraged to obtain membership in the Sri Lanka Institute of Directors which conducts useful programmes to support Directors. Furthermore, it is mandatory for Directors to attend Director Forums organised by the CBSL. As additional support, members of the Corporate Management and external experts make regular presentations on the business environment in relation to the operations of the Bank, which enables newly appointed Directors to get familiarise themselves with the banking operations.

In addition, the Management makes presentations to the Board on Sustainability related initiatives and developments of the Bank, particularly at the Annual Corporate Plan meeting.

Directors’ and Executive remuneration (Principles A.10, B.1 and B.3)

The Bank has a number of processes in place to ensure that no individual Director is involved in determining his or her remuneration but is instead part of a larger deciding process that makes final decisions. Primarily, the BHRRC - which consists entirely of NEDs who also meet the criteria for independence as set out in the relevant regulations on corporate governance is responsible for making recommendations to the Board regarding the remuneration of the Directors and executives. The BHRRC in consultation with the MD/CEO and after obtaining professional advice, where necessary, makes such recommendations.

Remuneration for Directors and executives is further set out with reference to the Remuneration and Benefit Policy of the Bank. The remuneration for NEDs is set by the Board as a whole. In order to provide fair judgements when discharging their duties on remuneration, the Board and the BHRRC engage the services of HR professionals on a regular basis as well.

The aggregate remuneration paid to EDs and NEDs is given on Note 62.2.1 to the Financial Statements on page 384 and the number and aggregate remuneration of the senior management personnel reporting directly to the MD/CEO including that of the MD/CEO (‘the Corporate Management’) is given under item B.3.2 in Annex 1.2 on Compliance with Code of Best Practice on Corporate Governance on pages 434 and 438.

Remuneration Committee (Principle B.2)

It is the responsibility of the BHRRC to ensure that the remuneration of both EDs and NEDs is sufficient to attract eminent professionals to the Board and retain them to drive the performance of the Bank. The Bank has remuneration policies that are attractive, motivating, and capable of retaining high-performing, qualified, and experienced employees.

With the assistance of professionals, the BHRRC structures the remuneration packages and benchmarks them with the market on a regular basis to ensure that total remuneration levels remain competitive to attract and retain key talent whilst balancing the interests of the shareholders. The total remuneration of EDs and other members of the Corporate Management includes three components –guaranteed remuneration (the fixed component), annual performance bonus (a variable component), and the ESOP (a variable component). Special emphasis is paid to making the basis of granting ESOPs and their features transparent, prior to seeking approval from the shareholders.

As elaborated under Principles A.9 and A.11 below, the Committee reviews annually the performance of the CEO and EDs against the set targets and goals, which have been approved by the Board, and recommend the basis for revising the remuneration, benefits and other payments of performance based incentives.

Guaranteed remuneration comprises the monthly salary and allowances determined with due reference to the qualifications, experience, levels of competencies, skills, roles, and responsibilities of each employee. These are reviewed annually and adjusted for factors such as promotions, performance, and inflation. The annual performance bonus is based on the degree of achievement on a multi-layered performance criteria matrix which is clearly communicated to the relevant category of employees at the beginning of each year. The Bank maintains a regular dialogue and consults when necessary its two employee associations – the Association of Commercial Bank Executives and the Ceylon Bank Employees’ Union (CBEU). In early January 2024, the Bank signed the Collective Agreement with the CBEU covering a three-year period from 2024–2026, after extensive but very cordial deliberations.

With a view to motivate employees to commit to long-term value creation, improve overall performance, and increase staff retention while raising equity funding, the Bank has structured many Employee Share Option Plans (ESOPs) since 1997. This entitles the eligible employees to buy a fixed number of shares at a price to be determined based on the pre-agreed formula over the vesting period. The Bank has duly obtained the approval of shareholders for all these ESOPs at Extraordinary General Meetings. The EDs, being employees of the Bank, are also eligible for these ESOPs. Approval for the ESOP vested during the year was obtained from the Board after obtaining a recommendation for the same from the BAC.

Details of the ESOPs and the eligibility criteria are given in Note 52 to the Financial Statements on “Share-based Payment”.

While employment contracts do not contain any commitments for compensation or early terminations, there were no instances of early termination during the year that required compensation.

Board and Board Committee evaluations (Principle A.9)

As set out in the Direction, the Code, and the other applicable regulations, the Board and the Board Committees annually appraise their own performance as well as the Board and the Committees as a whole to ensure that they are discharging their responsibilities satisfactorily in accordance with the Board Charter. This process requires each Director to fill out Board / Board Committee Performance Evaluation Forms incorporating relevant criteria specified in the Board Performance Evaluation Checklist of the Code. The responses are then collated by the Company Secretary and submitted to the BNGC for consideration. These are subsequently discussed at a Board meeting. Further, NEDs evaluate and approve the performance of EDs as recommended by the BHRRC. Board evaluations for 2022 and 2023 were taken up at the Board Meetings held in February 2023 and February 2024, respectively.

Evaluation of the NEDs to be carried out individually by the EDs and the Chairman and evaluation of EDs should be carried out individually by the Chairman and NEDs will be formalised in 2024.

The BHRRC carries out a 3600 appraisal of the EDs and other Key Management Personnel annually. The collective outcome is compiled and made available to the Board, which considers the results of the evaluation and makes recommendation on initiatives and actions required to improve the balance of skills, experience, independence, industry and company knowledge, training of Directors, governance processes, strategy review and other factors relevant to its effectiveness.

Appraisal of the Chief Executive Officer (Principle A.11)

With the assistance of the BHRRC, the Board assesses the performance of the Chief Executive Officer annually. This assessment is based on criteria agreed upon at the beginning of each year and consists of short, medium, and long-term objectives with financial and non-financial targets whilst also considering the changes in the operating environment. The Chairman discusses the evaluation with the Chief Executive Officer and provides him with formal feedback. The Chief Executive Officer’s responses to the appraisal are given due consideration prior to it being approved. This exercise is finalised within three months from the financial year end.

Shareholder engagement and voting (Principles C.1, C.2, E, and F)

The Bank actively engages with shareholders and potential investors as an aspect of good corporate governance and has established a structured process to facilitate the same. The Board-approved Shareholder Communication Policy is in place to ensure effective and timely communication of material matters to shareholders. The Bank maintains several communication channels with the shareholders which include the Annual Report, AGMs and EGMs, Interim Financial Statements, announcements to the CSE, press releases, the Bank’s website, shareholder surveys on a need basis, and the investor feedback form given in the Annual Report (Refer Table 03 on “How we connect with our stakeholders” for more details in this regard).

During the year, shareholders were notified – either through announcements made to the CSE or via media – about the following;

• Dividend declaration for 2022
• Annual financial statements for 2022
• Interim financial statements for 2023
• Disclosure on Fitch Ratings Preview
• Appointments and retirements of Directors
• The listing of shares issued as a part of the final dividend for 2022
• Date of the Annual General Meeting 2024
• Dealings in shares of the Bank by Directors and related entities
• Basel III compliant convertible debenture issue
• The Extraordinary General Meeting for the Basel III compliant convertible debenture issue and the ESOP 2023
• The Corporate Disclosure made on the mutually beneficial referral partnership entered into with AIA Insurance Lanka Limited.

The Bank’s website was updated with new value-added features during the year and has a dedicated page for investors, ‘Investor Relations’ for investors which include interim financial statements and annual reports. The Bank’s Annual Report is offered in both PDF and interactive formats, providing readers with a choice for viewing. The interactive report also features a tab for investor feedback. The Board is fully committed to treating all shareholders equitably while recognising, protecting, and facilitating their rights through open communication. The Bank arranged to publish the interim and annual financial statements in the newspapers in all three mediums within statutory deadlines as per the Directions issued by the CBSL, and also submitted interim and annual financial statements to the CSE within the stipulated timeframes in terms of the Listing Rule No. 7.4 of the CSE. In addition, the Bank issues commentaries on the interim financial statements in the form of press releases to the media.

The Bank always encourages shareholders to participate in the AGMs and the EGMs and exercise their votes. To this end, the Bank circulates clear instructions on procedures governing voting along with every notice of AGMs/EGMs. Shareholders play a key role in the re-election of Directors and the External Auditor, and vote on all matters for which notice is given including the adoption of the annual report and accounts. A total of 177 Voting and 79 Non-Voting shareholders participated in the Fifty-fourth AGM held on March 30, 2023, while further 124 Voting shareholders and 33 Non-Voting shareholders exercised their right to vote through proxy.

Shareholder approval was received at an EGM held on October 06, 2023, conducted with the physical attendance of shareholders for issuing Basel III compliant convertible debentures for augmenting Tier II capital and to support future lending growth of the Bank, raising Rs. 12.000 Bn. in Tier II capital and ESOP 2023. A total of 200 Voting and 74 Non-Voting shareholders (including proxies) representing 80% of the Voting-Shares and 7.14% of the Non-Voting Shares participated in the above EGM.

A tabulation of the details of shareholder attendance at AGMs during the past five years is given below:

Attendance at AGMs – 2019 to 2023

Table – 44

	Voting shareholders			Non-voting shareholders
Year of the AGM	Number of Attendees	Shareholding	% of total shareholding	Number of Attendees	Shareholding	% of total shareholding
2023	301	943,963,856	80.87	112	10,962,985	15.11
2022	183	795,203,283	72.33	9	4,197,212	6.17
2021	169	795,052,531	72.32	19	4,326,942	6.36
2020	119	672,118,061	69.92	19	3,132,256	4.72
2019	346	703,703,954	73.21	145	12,048,304	18.18

Code of Business Conduct and Ethics (Principle D.6)

The Bank has a Code of Ethics for all employees including the KMPs. The Code of Ethics together with several other Board approved policies address the topics referred to under Principles D.6.1 to D.6.6 as summarised below. The Bank will expand the application of Code of Ethics to include the Board of Directors in 2024.

Principle D.6.1
Topic		Key policies, documents and guidelines
Conflict of interest		Code of Ethics Related Party Transactions Policy
Bribery and corruption		Anti-Bribery and Anti-Corruption Policy AML/CFT Policy
Entertainment and gifts		Gift Policy Code of Ethics
Accurate accounting and record-keeping		Financial Statement closure process Operational Procedure Manual for the Finance Division Accounts Reconciliation Process and Monitoring of Suspense Accounts of the Bank Financial and Risk Management Disclosure Policy
Fair and transparent procurement policies		Procurement policy Expenditure approval guidelines Sponsorship Guidelines
Corporate opportunities		Code of Ethics HR Policies
Confidentiality		Information Classification Policy Data Governance Policy
Fair dealing		Group Conduct Risk Management Policy
Protection and proper use of company assets including information assets		Information Security Policy Risk Management Policies
Sexual harassment, discrimination and abuse		Code of Ethics HR Policies
Compliance with laws, rules and regulations (including insider trading laws)		Group Compliance Policy
Encouraging the reporting of any illegal, fraudulent or unethical behaviour		Whistleblowers’ Charter

Anti-Bribery and Anti–Corruption (Principle D.6.1)

The Bank reviewed and updated the Board-approved Anti-Bribery and Anti-Corruption Policy during the year, which sets out principles for countering bribery and corruption in the Bank. The principles also set out the management of bribery and corruption risk by requiring the Bank, Bank personnel, and defined third parties to commit to countering bribery and corruption in all forms in relation to transactions routed through or involving the Bank.

The Bank has zero tolerance for any form of bribery and corruption and will treat potential instances of bribery or corrupt behaviour as a threat to its integrity and reputation as a business. The Bank developed the Policy in accordance with these commitments as well as in adherence to the applicable laws and regulations to promote a culture of compliance. As set out in this Policy, all employees are responsible for the prevention and mitigation of bribery and corruption within their own roles and responsibilities.

In addition, every single employee of the Bank has been issued with a Code of Ethics containing guidelines that encompass a wide range of aspects, which, inter-alia, include the prevention of insider dealing in securities, outlines the internal rules on the purchase/sale of the Bank’s shares, notes down the Gift Policy, highlights how to manage conflicts of interest, provides information on combating financial crimes, and discusses the importance of respecting communities and the environment etc.

The Bank's Anti-bribery and Anti-corruption Policy was reviewed and updated during the year under review to include the fact that “The Bank categorically prohibits the use of Bank funds for the purpose of making or facilitating any political contribution”. Accordingly, the Bank explicitly prohibits any form of political contributions.

A detailed discussion is given in the Section on “Sustainable Banking”.

Group Conduct Risk Management Policy Framework (Principle D.6.1)

The Group Conduct Risk Management Policy Framework which was adopted in 2022 was reviewed and updated with a view to further strengthen risk management and corporate governance by ensuring that the Bank does not engage in any action that harms customers, negatively impacts market stability, and prevents effective competition. It is expected to establish a risk culture that not only addresses the risk of misconduct but also highlights clear accountability of actions through a preventive approach, by ensuring proper customer onboarding practices and transparency in fees and charges, and avoiding fraudulent activities, insider trading, improper financial advice to customers, mis-selling of financial products, tax avoidance, collusion with financial markets, and inaccurate financial and regulatory disclosures.

Whistleblowing (Principle D.6.4)

The Bank has adopted a Whistleblowers’ Charter to deter, detect, and address any genuine concerns of malpractices and unethical behaviour, with the Compliance Officer being appointed to manage the Bank’s whistleblowing processes.

In addition, measures have been put in place to protect whistleblowers who act in good faith in the interest of the Bank. The Bank undertakes to maintain the utmost confidentiality of the staff who raise concerns or make serious specific allegations of malpractice or unethical behaviour. In this way, the Bank aims to promote a healthy workplace that practices good governance from the lowest to the highest tiers.

Internet of things and cyber security (Principle G)

The Bank holds certifications in Information Security Management Systems (ISMS) and Payment Card Industry Data Security Standard (PCI DSS), ensuring the confidentiality, integrity, and availability of data. Led by a Chief Information Security Officer (CISO), the Information Security Council oversees security measures, reporting to the BIRMC.

An Information Security Policy (ISP) aligned with ISO/IEC 27001 sets security standards for employees, partners, and external parties, covering various domains. Multiple layers of security controls are implemented, including Security Information and Event Management (SIEM) systems to detect cyber threats.

The Bank conducts an information security awareness program for all staff, utilising classroom sessions, digital platforms, and simulations. Information Security Risk Assessments and technical security assessments are carried out periodically to mitigate cyber risks.

Internal audits, along with external validations by ISO 27001 auditors and Qualified Security Assessors, ensure compliance with security standards. The Information Security Council and Risk Management Committee receive regular updates on the performance of the ISMS, incidents, audits, and cybersecurity projects. Further discussions on cyber risk management occur during Board meetings.

Refer reports of the BIRMC, BTC and BAC for further information.

Data Security and Privacy

With the enactment of the Personal Data Protection Act No. 09 of 2022, the regulatory landscape concerning data protection formally came into operation, necessitating strict adherence to new reporting requirements. Under this legislation, any data breaches must be promptly reported to the Data Protection Authority, with guidelines for such reporting expected to be issued by the authority. Despite these regulatory shifts, it is noteworthy that during the period under review, no data breaches were reported relating to account holders, reflecting the Bank's robust data security measures and proactive approach to safeguarding customer information.

In response to the evolving regulatory environment and the heightened importance of data governance, the Board of Directors approved a comprehensive Data Governance Policy in March 2023. This Policy outlines the Bank's commitment to ensuring the responsible and ethical handling of data across all operations. Additionally, during the same period, the Bank issued a Data Processing Procedure, further strengthening its data management framework. These policies and procedures serve as guiding principles for all staff members involved in data processing activities, outlining clear protocols and standards to uphold. Notably, any data processing requests are subject to rigorous review and approval by the designated Data Protection Officer, ensuring adherence to regulatory requirements and best practices in data management.

Sustainability: ESG Risks and Opportunities (Principle H)

The Bank acknowledges that integrating ESG considerations into its strategy and operations not only aligns the Bank with global sustainability goals but also presents opportunities for innovation, risk mitigation, and long-term value creation. Accordingly, by integrating ESG principles into its decision-making processes, the Bank aims to both mitigate risks and capitalise on opportunities stemming from environmental, social, and governance factors while ensuring compliance with relevant regulations and adapting to evolving stakeholder needs. Utilising internationally recognised frameworks like the Global Reporting Initiative (GRI) standards and International <IR> Framework, the Bank measures and discloses its sustainability performance, fostering transparency and accountability in its pursuit of long-term stakeholder value.

Overall, the Bank's approach to managing ESG risks involves proactive risk management, due diligence, and adherence to responsible lending practices, as well as efforts to minimise its own environmental impact.

Some of the specific initiatives include;

• Adoption of a Sustainability Framework and the establishment of an Executive Sustainability Committee, along with regular risk assessments, to identify and address ESG-related risks
• Implementation of a Social and Environmental Management System (SEMS) based on the International Finance Corporation (IFC) Performance Standards, which includes policies, procedures, and assessment tools for managing and appraising social and environmental risks.
• Conducting social and environmental due diligence exercises as required and proposes corrective actions for identified significant social and environmental risks. It assesses the social and environmental impacts of its lending activities, including factors such as environmental pollution, hazards to human health and safety, impacts on communities, and threats to biodiversity and cultural heritage.
• Reviewing the social and environmental impacts of its supply chains through supplier selection and evaluation processes. It also assesses the materiality of economic, environmental, social, human rights and product responsibility aspects to its operations and relevant stakeholders.
• Presence of a credit policy and lending guidelines that articulate the Bank’s commitment to being a responsible lender by minimising transactions and activities that negatively impact the environment.
• Striving to minimise its own environmental footprint by adopting green processes, moving to green buildings and generating solar energy for its operations.

At the same time, the Bank leverages ESG opportunities by actively incorporating environmental, social, and governance factors into its business strategies and operations. This includes:

• Green Financing: The Bank promotes and provides financial support for sustainable projects and initiatives, such as renewable energy projects, energy-efficient buildings, and environmentally-friendly technologies. By offering green loans and leases, the Bank encourages clients to adopt sustainable practices.
• Supplier Evaluation: The Bank reviews the social and environmental impacts of its supply chains through supplier selection and evaluation processes. By working with responsible suppliers, the Bank aims to reduce its indirect environmental and social footprint.
• Staff Training and Engagement: The Bank provides training and awareness programs for its staff to enhance their understanding of sustainable finance and ESG principles. This helps to foster a culture of sustainability within the organisation and ensures that employees are equipped to identify and seize ESG opportunities.
• Collaboration and Partnerships: The Bank actively participates in international collaborations, platforms, and partnerships to learn from global best practices and share knowledge on sustainable finance. This enables the Bank to leverage international resources and funding for ESG initiatives.

1 Principles referred to in this section are the principles in the Code of Best Practice on Corporate Governance Framework