Charter of the Committee

The Board approved Charter of the BAC (the Committee) clearly defines the Terms of Reference of the Committee. It is annually reviewed to ensure that new developments relating to the Committee’s functions are addressed. The revised CSE rules on Corporate Governance that became effective from October 01, 2023, except to the extent stipulated, were taken into consideration when the Charter of the Committee was last reviewed and approval of the Board was obtained in November 2023.

The Committee assists the Board in discharging its responsibilities and exercises oversight over financial reporting, internal controls and internal/external audits.

The Committee has full access to information, cooperation from Management and discretion to invite any Director or Executive Officer to attend its meetings.

The Banking Act Direction No. 11 of 2007 on “Corporate Governance for Licensed Commercial Banks in Sri Lanka” and its subsequent amendments (hereinafter referred to as the Direction), the Companies Act, the Securities and Exchange Commission Act (SEC), the Listing Rules of the Colombo Stock Exchange and the “Code of Best Practice on Corporate Governance”, issued by The Institute of Chartered Accountants of Sri Lanka (ICASL) further regulate the composition, role and functions of the Committee.

The Committee is empowered by the Board to:

• Ensure that financial reporting systems in place are effective and well managed in order to provide accurate, appropriate and timely information to the Board, Regulatory Authorities, the Management and other stakeholders.
• Review the appropriateness of accounting policies and ensure adherence to statutory and regulatory compliance requirements and applicable accounting standards.
• Ensure that the Bank adopts and adheres to high standards of corporate governance practices, conforming to the highest ethical standards and good industry practices in the best interest of all stakeholders.
• Evaluate the adequacy, efficiency, and effectiveness of risk management measures, internal controls including information systems controls and governance processes in place to avoid, mitigate, or transfer current and evolving risks.
• Monitor all aspects of Inspections, Information Systems Audit and external audit programme of the Bank and review internal and external audit reports for follow up with the Management on responses to their findings and recommendations.
• Review the Interim and Annual Financial Statements of the Bank in order to monitor the integrity of such Statements prepared for disclosure, prior to submission to the Board.

Activities in 2023

The Committee held nine (09) meetings during the financial year ended December 31, 2023. Proceedings of these meetings with adequate details of matters discussed were regularly reported to the Board.

Representatives of the Bank’s External Auditors, Messrs Ernst & Young too participated in all nine (09) meetings during the year. The Committee also invited members of the Senior Management of the Bank to participate in the meetings from time to time on a needs basis.

Reporting of financial position and performance:

The Committee;

– Assisted the Board in its oversight on the preparation of Financial Statements to evidence a true and fair view on financial position and performance. This process is based on the Bank’s accounting records and in accordance with the stipulated requirements of the Sri Lanka Accounting Standards. In fulfilling its oversight responsibilities, the Committee reviewed and deliberated on the Interim and Annual Financial Statements of the Bank and the Group, including the acceptability of the accounting principles and the reasonableness of significant estimates and judgement.

• Reviewed the accounting treatment, adequacy of the impairment provision and subsequent measurement of the Sri Lanka Treasury Bonds received in lieu of SLDBs under the Domestic Debt Optimisation programme announced by the Government of Sri Lanka during the year. The Committee also paid close attention to the adequacy of impairment provisioning for SLSBs and Loans and Advances.
• Reviewed and assessed the Bank’s ability to continue as a Going Concern and the adequacy of its resources to be in business for the foreseeable future.
• Reviewed competitor analysis of Financial Statements of peer banks on a quarterly basis to draw insights on their performance viz a viz the Bank to recommend any improvements that can be institutionalised.
• Engaged the services of a Consultant to assist it in carrying out its oversight activities and evaluated his performance annually.
• Reviewed the Tax Assessments outstanding and action initiated for follow up for resolution through regular reports submitted by the Chief Financial Officer.
• Assessed the prevailing internal controls including information systems controls, procedures and expressed the view that adequate controls and procedures were in place to provide reasonable assurance to the effect that the Bank’s assets including the information assets are safeguarded and the financial position of the Bank is well monitored and accurately reported.

Internal Capital Adequacy Assessment Process (ICAAP):

The Committee reviewed the effectiveness of the internal control mechanism in place to meet the regulatory requirements on ICAAP and the mechanism in place to ensure integrity, accuracy, and reasonableness in capital assessment process of the Bank for the year 2023, as per the Section 10 (in Pillar II – Supervisory Review Process) of the Banking Act Direction No. 01 of 2016 on “Regulatory Framework on Supervisory Review Process”.

Oversight on regulatory compliance:

The Committee also ensured that the Bank complies with all regulatory and legal requirements. Closely scrutinised compliance with mandatory banking including other statutory requirements and the systems and procedures that are in place. The quarterly reports submitted by the Assistant General Manager - Compliance were used by the Committee to monitor compliance with all such legal and statutory requirements. The Bank’s Inspection Department has been mandated to conduct independent test checks covering all regulatory compliance requirements, as a further monitoring measure.

The Committee monitored the progress on implementation of the recommendations made in the Statutory Examination Reports of the Central Bank of Sri Lanka (CBSL) through regular follow-up reports tabled during the year 2023.

Identification of risks and control measures:

The Bank has adopted a risk-based audit approach towards assessing the effectiveness of the internal control procedures in place to identify and manage all significant risks and that these are being reviewed by the Committee.

The Committee sought and obtained the required assurances from Business Units on the remedial action in respect of the identified risks to maintain the effectiveness of internal control procedures.

The Committee has approved the quarterly reports on Independent Verification of Compliance with the CBSL Direction on “Repurchase and Reverse Repurchase Transactions of DDPs in Scripless Treasury Bonds and Bills”.

The Committee reviewed the following operational procedure of the Finance Department and related internal controls:

• Operational procedure manual for the overall process carried out by the Finance Department and related controls, as per the recommendation in the statutory examination report 2022 of the Central Bank of Sri Lanka (CBSL).
• Procedure manual for the Finance Department to ensure the strength and adequacy of the account reconciliation process and monitoring of the Suspense Accounts of the Bank, as per the recommendation in the statutory examination report 2022 of the CBSL.

Revised Whistleblowers’ Charter – 2023

As per the recommendation of the CBSL, the Board Audit Committee (BAC) recommended the revised Whistleblowers’ Charter for Board approval. BAC ensured that proper arrangements are in place within the whistleblowing process for fair and independent investigations and for appropriate follow-up actions.

Policy on non-audit services provided by the External Auditors of the Bank

The Committee reviewed the Policy on Non-Audit Services provided by the External Auditors of the Bank which was formulated as per the recommendations in the Statutory Examination Report of the CBSL.

Internal audit and inspection:

The Committee;

• Ensured that the internal audit function is independent of the activities it audited and that it was performed with impartiality, proficiency, and due professional care.
• Approved the Inspection/IS Audit Programme for the year 2023 formulated by the Inspection Department and the Information Systems Audit Unit (ISAU). The type and frequency of audits of Business Units are determined based on a risk assessment that provides a systematic approach to prioritise them. The progress and scope of Inspections/IS Audits were dynamically reviewed to ensure that appropriate corrective actions have been taken to manage risks.

Bank’s Inspection Department carried out onsite and online inspection of Business Units including four (4) subsidiaries in Sri Lanka and operations in Bangladesh. Overseas subsidiaries namely Commercial Bank of Maldives Private Limited and CBC Myanmar Microfinance Co. Ltd. were monitored through an on-site/off-site surveillance. With the concurrence of the Board, the Bank continued to engage the services of four (4) firms of Chartered Accountants approved by the CBSL in order to supplement the Bank’s Inspection Department in carrying out inspection assignments.

A total of 925 inspection reports of Business Units including the integrated reports of subsidiaries and overseas operations received the attention of the Committee which highlighted the operational deficiencies, risks and recommendations. The Committee evaluated the Bank’s system of internal controls and duly reported its findings to the Board.

Major findings of internal investigations with recommendations of the Management were considered and appropriate instructions issued.

• Invited representatives from the audit firms assisting in inspections to make presentations to the Committee on their observations and findings.
• Reviewed findings and recommendations of the ISAU following the conduct of on-site/ off-site audits covering local operations, overseas operations and subsidiaries (Bank and Group), reviews of systems change management activities under the agile approach and verification of compliance with industry standards such as ISO 27001:2013, PCI-DSS, Baseline Security Standards (BSS), SWIFT CSP to ensure safeguarding of IT assets of the Bank and Group. The Committee ensured that ISAU makes optimal use of Computer Aided Audit Tools and Techniques (CAATTs) and Data Analytic Tools in conducting above assignments. Attention of the Committee was also drawn to contributions made by the ISAU on special assignments such as Bank wide major Hardware/Software upgrades, implementation of ISO 27001:2013 standard for information security, etc.
• Paid attention to significant findings and recommendations relating to key IT Projects including the version upgrade of Core Banking System, Oracle Asset Management System, Server migration of EPT system etc., and also on capitalising of costs associated with internally developed IT applications, establishment of Escrow Arrangements on the critical software used in the Bank.
• Deliberated on ISAU reports relating to monitoring over critical systems/ applications, IT Governance, Cyber Security, Cloud Security, Remote Access Controls, Network Security, API Security, Physical and Logical Access Management, Data Loss Prevention Controls, Endpoint Security, Privileged Access Management, Third Party Service Management, Robotic Process Automation, outdated operating systems and Vulnerability Assessment and Penetration Testing (VA/PT) Process aligning with the Audit Plan.
• Also emphasised on adoption of CBSL Regulatory Framework on Technological Risk Management and Resilience and Data Protection Law by the Bank and observed action being initiated for further strengthening of Information Security.
• Reviewed the controls implemented in OneSumX software solution that was used for Expected Credit Loss (ECL) computation, a transition from the manual to automated computation. Also, provided direction to ensure having a systematic approach to transmit data between core banking and auxiliary systems followed by audit trails and reconciliation processes.
• Reviewed the reports on findings relating to Business Continuity Planning and Disaster Recovery arrangement during the year 2023 including the Role Swap Exercise carried out.
• Reviewed the Internal Audit report on the independent assessment of the degree of compliance with the Banking Act Direction No. 11 of 2007 issued by the CBSL on Corporate Governance and the Code of Best Practice on Corporate Governance issued by the ICASL.
• Reviewed the adequacy and integrity of the Bank’s Management Information System (MIS) through internal audit reports to ascertain whether information presented to the Board is “fit for purpose”.
• Discussed and noted the contents stated in the Positive Assurance Statement of Risk Management measures tabled by the Chief Risk Officer (CRO).

The Committee members visited eight branches of the Bank during the year and provided their observations and recommendations to the Board and the Management.

External audit:

The role of the Committee with regard to the external audit function of the Bank included:

• Assisting the Board in engaging External Auditors for audit services, in compliance with the provisions of the Direction and agreeing on their remuneration with the approval of the shareholders.
• Monitoring and evaluating the independence, objectivity, and effectiveness of the External Auditor.
• Reviewing non-audit services provided by the Auditors, with a view to ensuring that such functions do not fall within the restricted services and provision of such services will not impair the External Auditor’s independence and objectivity.
• Discussing the audit plan, scope and the methodology proposed to be adopted in conducting the audit with the Auditors, prior to commencement of the annual audit.
• Discussing all relevant matters arising from the interim and final audits, and any matters the Auditor may wish to discuss, including matters that may need to be discussed in the absence of Key Management Personnel.
• Reviewing the External Auditor’s Management Letter and the periodic progress reports with the Management responses thereto.

The Auditors were provided with the opportunity of meeting Non-Executive Directors of the Committee separately, without any Executive Directors being present, to ensure that the Auditors had the opportunity to discuss and express their opinions openly on any matter. It provided the assurance to the Committee that the Management has provided all information and explanations requested by the Auditors, that the Management has not imposed any restrictions on their scope of work and that there had not been any disagreements between the Auditor and the Management.

The Committee reviewed the Auditors’ Declaration with regard to their relationships with or interest in the Bank or its subsidiaries, which may reasonably be expected to have a bearing on their independence within the meaning of the Code of Conduct and Ethics of the Institute of Chartered Accountants of Sri Lanka as applicable. The Committee also reviewed the audit fees and expenses for other services paid and payable to them.

At the conclusion of the audit for the year ended December 31, 2022, the Committee met the Auditors to review their Management Letter before it was submitted to the Board and the CBSL.

The Committee discussed the Audit Plan and the scope of the work proposed to be carried out in connection with the audit for the year ended December 31, 2023 to ensure that audit plan is aligned with the expectations of the Bank prior to commencement of the audit.

The members of the Committee evaluated the Bank’s External Auditor, Messrs Ernst & Young covering key areas such as scope and delivery of audit, resources and quality assurance initiatives, during the year 2023.

Mechanism of internal controls:

Sections 3 (8) (ii) (b) and (c) of the Banking Act Direction No. 11 of 2007 stipulate the requirements to be complied with by the Bank to ensure reliability of the financial reporting system in place at the Bank.

The Committee is assisted by the External Auditor and the Inspection Department to closely monitor the procedures designed to maintain an effective internal control mechanism to provide reasonable assurance that this requirement is being complied with.

In addition, the Committee regularly monitored all exceptional items charged to the Income Statement, long outstanding items/balances in the Bank’s chart of accounts, credit quality, risk management procedures and adherence to classification of non-performing loans and provisioning requirements specified by the CBSL. The Committee also reviewed the credit monitoring and follow-up procedures and the internal control procedures in place to ensure that necessary controls and mitigating measures are available in respect of newly identified risks.

The Committee reviewed and approved the Directors’ Statement on Internal Controls over Financial Reporting for disclosure in the Annual Report.

Governance, Conduct and Ethics:

Through a review of regulatory, external audit, compliance, risk and internal audit reports, the Committee ensured that Management’s role over the first and second lines of defence is clearly defined and segregated to fortify good governance. The Committee strongly advocated and strengthened the Internal audit and the Chief Internal Auditor is independent from the management in their reporting lines, also has no management operational decision-making responsibilities, which provides an additional degree of independence and governance.

The Committee continuously emphasised on upholding ethical values of the staff members. In this regard, the Bank has a Code of Ethics, a Whistleblowers’ Charter and an Anti-Bribery and Anti-Corruption Policy in place, which ensure and encourage all staff members to be ethical, transparent and accountable and resort to whistleblowing if they suspect any wrongdoings or other improprieties.

Highest standards of corporate governance and adherence to the Bank’s Code of Ethics were ensured. All appropriate procedures were in place to conduct independent investigations into incidents reported through whistleblowing or identified through other means.

Evaluation of the Committee:

An independent evaluation of the effectiveness of the Committee was carried out by the other members of the Board during the year. Considering the overall conduct of the Committee and its contribution to the overall performance of the Bank, the Committee has been rated as highly effective.

R Senanayake
Chairman
Board Audit Committee

February 21, 2024

Charter of the Committee

The BIRMC has been established by the Board of Directors, in compliance with the Section 3(6) of the Direction No. 11 of 2007, on “Corporate Governance for Licensed Commercial Banks in Sri Lanka”, issued by the Monetary Board of the CBSL under powers vested in the Monetary Board, in terms of the Banking Act No. 30 of 1988. The composition and the scope of work of the Committee are in line with the same, as set out in the BIRMC Charter which was reviewed during December 2022, clearly setting out; the membership, authority, duties and responsibilities of the BIRMC as described in the “Risk Governance and Management” Section of this Annual Report on pages 232 to 258.

The BIRMC assists the Board of Directors in fulfilling its responsibilities for overseeing the Bank’s risk management framework and activities including; the review of major risk exposures and the steps taken to monitor and control those exposures pertaining to the myriad of risks faced by the Bank in its business operations. Duties of the BIRMC include; determining the adequacy and effectiveness of such measures, and ensuring that the actual overall risk profile of the Bank conforms to the desirable risk profile of the Bank, as defined by the Board. Material risk types within specific risks that the Bank may face due to existing risks or forward looking emerging risks that require action to minimise their impacts in future are given special attention.

All key risks such as; Credit, Operational, Market, Liquidity, Information Technology, Strategic, etc. are assessed by the BIRMC regularly through a set of defined risk indicators. The Committee works very closely with the Key Management Personnel and the Board in fulfilling its statutory, fiduciary and regulatory responsibilities for risk management. The risk profile of the Bank is communicated to the Board of Directors periodically through the Risk Assessment report following each BIRMC meeting.

Activities in 2023

In discharging the above duties and responsibilities vested on the BIRMC, the Committee reviewed significant risks comprising of Credit, Operational, Market, Liquidity, Information Technology, Strategic, and other Emerging risk categories during the year. The activities carried out by the Committee are appended below;

• As was in the year 2022, the main focus area for the year 2023 was on the deteriorated credit quality level of many industries stemming from a weakened operating climate. Affected sectors and the factors that are within the control of the Bank were carefully evaluated in view of keeping credit quality challenges at bay.
• The business strategy of the Bank was reviewed by the Committee with consideration of the changes in the external economic factors of the country. Amid the decline in interest rates, the Committee steered primacies of the business strategy to optimise growth, profitability and asset quality. Moreover, amidst the slow growth of the loan book during the year 2023, strategic level decisions were taken to improve the net interest income despite the formidable challenges that prevailed on the liquidity front.
• Approval of parameters and limits set by the Management against various categories of risk (upon ascertaining that they are in accordance with the relevant laws and regulations as well as the desired policy levels stipulated by the Board of Directors) were given attention in light of the multiple stressors driving economic uncertainty.
• The Data Governance Policy Framework was implemented to protect the Bank’s data assets, ensuring confidentiality, integrity, and availability in accordance with the Personal Data Protection Act 09 of 2022
• Periodic reports from the Management were reviewed on the metrics used to measure, monitor and manage risks, including acceptable and appropriate levels of risk exposures. The reviews covered movements from inherent to residual risk levels which indicate the progress in implementing controls and assessing the effectiveness of measures in addressing the sources of risk.
• Improvements were recommended to the Bank’s Risk Management Framework and related policies and procedures as deemed suitable, in consideration of anticipated changes in the economic and business environment, including consideration for emerging risks, legislative or regulatory changes and other factors relevant to the Group’s risk profile.
• The Key Risk Indicators (KRIs) designed to monitor the level of specific risks were reviewed regularly, with a view of determining the adequacy of such indicators to serve the intended risk management objectives. Moreover, proactive measures were taken to control risk exposures. The actual results computed monthly were reviewed against each risk indicator and prompt corrective actions were recommended to mitigate the effects of specific risks, in case such risks exceeded the prudent thresholds defined by the Board of Directors.
• Reviewed and revised the Terms of Reference of all Management Committees dealing with specific risks or some aspects of risk such as; the Executive Integrated Risk Management Committee, Executive Committee on Monitoring NPLs, Credit Policy Committee, Information Security Council, Asset and Liability Committee, etc. for enhanced effectiveness. Actions initiated by the Senior Management were monitored periodically to verify the effectiveness of the measures takenby these respective Committees.
• Operational efficiency, disruptions to services that lead to customer inconvenience, extended outage of the Bank’s payment platforms and controls available when there is increased uptake in digital solutions were deliberated under the new normal business environment that the Bank is facing in the aftermath of the Global Pandemic and other external stress drivers.
• The annual work plans, related strategies, policies and frameworks of the above Committees were reviewed to ensure that these Committees have a sound understanding of their mandates and mechanisms to identify, measure, avoid, mitigate, transfer or manage the risks within the qualitative and quantitative parameters set by the BIRMC.
• Reviewed and approved the Internal Capital Adequacy Assessment Process (ICAAP) results related to Commercial Bank Group entities to ensure that the Group maintains an appropriate level and quality of capital in line with the risks inherent in its activities and projected business performance.
• Reviewed, approved and oversaw the Bank’s Recovery Plan (RCP) framework whilst ensuring that RCP is subject to comprehensive internal audit. Moreover, the Early Warning Indicators/ Trigger events defined in the RCP paper were periodically monitored in order to assess compliance with; regulatory guidelines and Board approved RCP policy parameters.
• Unusual and unprecedented changes experienced by the Bank arising out of socio-economic and geo-political factors that had given rise to extreme market movements, and their impact on the capital and the Bank’s performance were reviewed closely by the BIRMC. Mitigatory measures were deliberated accordingly to reduce the impact.
• Monitored the effectiveness and the independence of the risk management function within the Bank and ensured the adequacy of resources deployed for this purpose.
• Reviewed the effectiveness of the compliance function in order to assess the Bank’s compliance with laws, regulations, regulatory guidelines, internal controls and approved policies in all areas of business operation. Increasing regulatory expectations, challenging working conditions and heightened levels of misbehaviour of certain customer segments posed further challenges during the period under review in this front.
• Initiated appropriate action through the Management against failures of the Risk Owners in order to improve the overall effectiveness of the Risk Management of the Bank.
• The risk profiles of the Subsidiaries of the Bank were monitored through periodic review of KRIs and comprehensive annual risk reviews.
• Continually overseeing the Sustainable Banking Initiatives performed by the Bank (through Executive Sustainable Banking Committee) whilst consistently directing the Data Governance Framework of the Bank and periodically evaluating the adequacy of controls deployed with regard to confidentiality, integrity and availability of Data Assets.
• Reviewed the adequacy of the Business Continuity and Disaster Recovery plans of the Bank, in line with the statutory requirements.
• Findings from the bi-annual Risk Control Self-Assessment (RCSA) exercise were reviewed.

During the year under review, the BIRMC held four (04) meetings on quarterly basis and one (01) additional meeting specifically to discuss the Internal Capital Adequacy Assessment process of the Bank.

Proceedings of the Committee meetings which also included activities under its Charter were regularly reported to the Board of Directors.

Ms J Lee
Chairperson
Board Integrated Risk Management Committee

February 21, 2024

Terms of reference of the Committee

To ensure compliance with Rule 9.11 of the recently revised Listing Rules of the Colombo Stock Exchange (CSE) the Bank proceeded to rename the existing Board Nomination Committee as the “Board Nominations and Governance Committee” with effect from December 20, 2023. The Committee was established to ensure Board’s oversight and control over selection of Directors, Chief Executive Officer and Key Management Personnel. The Composition and the scope of work of the Committee are in line with the Terms of Reference of the Committee. The Committee has overall responsibility for making recommendations to the Board on all new appointments and for ensuring that the Board and its Committees have the appropriate balance of skills, experience, independence, diversity and knowledge to enable them to discharge their respective duties and responsibilities effectively. Refer “Diversity and inclusion (Principle A.10.1)” in Annual Corporate Governance Report on details on diversity of the Board of Directors of the Bank.

The Committee has an overall responsibility to review and recommend the Corporate Governance Framework of the Bank. Refer Annual Corporate Governance Report for details on extent of compliance with corporate governance requirements stipulated under the applicable laws and regulations.

Charter of the Committee

The Committee shall;

• review the composition of the Board and its Board Committees and make recommendations for approval by the Board of the membership of Board and Board Committees.
• review the leadership needs of the organisation, both executive and non-executive with a view to ensuring long term sustainability of the organisation to compete effectively in the market place.
• implement a procedure for the appointment and re-appointment of Directors to the Board taking into account factors such as fitness, propriety including qualifications, competencies, independence and relevant statutory provisions and regulations.
• oversee appointment and composition of the Sharia Supervisory Board (SSB or Sharia Board) of the Islamic Banking Unit (IBU).
• implement a procedure for the selection/ appointment of Managing Director/Chief Executive Officer, Chief Operating Officer and other Key Management Personnel.
• set the criteria such as qualifications, competencies, experience, independence, conflict of interest and other key attributes required for the eligibility to be considered for the appointment or promotion to the position of Managing Director/Chief Executive Officer, Chief Operating Officer and Key Management Personnel.
• prior to any appointment being made to the Board, evaluate the balance of skills, knowledge, experience and diversity on the Board and in the light of this evaluation, prepare a description of the role and capabilities required for a particular appointment.
• consider in respect of the Executive Directors and Key Management Personnel proposals for their appointment or promotion and any proposal for their dismissal or any substantial change in their duties or responsibilities or the terms of their appointment.
• prior to the appointment of a Director ensure that the proposed appointee would disclose any other business interests that may result in a conflict of interest and report any future business interests that could result in a conflict of interest.
• consider and recommend from time to time, the requirements of additional/new expertise for Directors and other Key Management Personnel.
• propose the maximum number of listed Company Board representations which any Director may hold in accordance with relevant statutory provisions and regulations.
• peruse duly completed Affidavits and Declarations of all Directors and Key Management Personnel and recommend same for approval of the Board.
• formulates and regularly review plans for succession for Key Management Personnel, Executive and Non-Executive Directors in the Board and in particular the key roles of Chairman, Chief Executive Officer and Chief Operating Officer, taking into account challenges and opportunities facing the Company and skills needed in the future.
• make recommendations to the Board concerning, suitable candidates for the role of Senior Independent Director in instances where Chairman is not an Independent Director, membership of other Board Committees as appropriate in consultation with the Chairpersons of those Committees and the re-election of Directors at the Annual General Meeting by the Shareholders or the retirement by rotation according to the provisions of the Articles of Association of the Bank.
• review and recommend the overall Corporate Governance framework of the Bank taking into account the Listing Rules of the CSE, other applicable regulatory requirements and industry/international best practices.
• monitor the progress of any relevant Corporate Governance or Regulatory Developments and recommend any actions or changes it considers necessary for Board approval and ensure compliance with existing laws and regulations.
• be authorised to express their independent views when making decisions.
• be authorised by the Board to obtain, at the Bank’s expense, outside legal or other professional advice on any matters within its Terms of Reference.
• make recommendations to the Board concerning an indemnity and insurance cover to be taken in respect of all Directors and Key Management Personnel in accordance with the Articles of Association, relevant statutory provisions and regulations.
• invite any member of the Corporate Management, any member of the Bank staff or any external advisers to attend meetings as and when appropriate and necessary.

Activities in 2023

Four (04) Committee meetings were held during the year under review.

The Committee obtained declarations from all Directors through a prescribed format confirming their status of independence. Affidavits signed by each of the Directors through a prescribed format were obtained with the assistance of the Company Secretary to satisfy an annual requirement imposed under a Direction issued by the Central Bank of Sri Lanka (CBSL) and the originals of same were furnished to the Director of Bank Supervision of CBSL to enable the CBSL to re-assess their fitness and propriety.

As provided for in the Articles of Association of the Bank, the Committee recommended retirement by rotation of two Directors and recommended the election of three Directors who were appointed to fill casual vacancies on the Board during the year 2023.

The Committee identified suitable persons to fill vacancies created in the Board upon the retirement of a Director
and after carefully evaluating several candidates, recommended the appointment of Mr D N L Fernando and Mr P M Kumarasinghe, PC as new Non- Executive/ Independent Directors to the Board in February and April 2023, respectively. Based on recommendations made by the Committee, the Board approved the appointment of the Assistant General Manager – Treasury. In addition, based on the recommendations of the Committee, the Board also approved the promotion of the Assistant General Manager – Finance to the grade of Deputy General Manager.

The Board approved the Succession Plan in January 2023, as recommended by the Committee.

The Committee continued to work closely with the Board of Directors on matters assigned to it and duties and responsibilities delegated to it in terms of the Committee Terms of Reference and reported back to the Board of Directors with its recommendations.

Prof A K W Jayawardane
Chairman
Board Nominations and Governance Committee

February 21, 2024

Charter of the Committee

The Committee is vested with power to evaluate, assess, decide and recommend to the Board of Directors on any matter that may affect the Human Resources Management of the Bank and shall specifically include:

• Determining the compensation of the Chairman, Deputy Chairman, Managing Director and other members of the Board of Directors of the Bank.
• Determining the compensation and benefits of the key management personnel and establishing performance parameters in setting their individual targets.
• Lay down guidelines, policies and parameters for the compensation structures for all executive staff of the Bank and oversee the implementation thereof.
• Review information related to executive pay from time to time to ensure same is in par with the market/industry rates as per the strategy of the Bank.
• Setting goals and targets for the Directors, Managing Director and Key Management Personnel.
• Evaluate the performance of the Managing Director and Key Management Personnel against the pre agreed targets and goals.
• Make recommendations to the Board of Directors from time to time of the additional/new expertise required at the Bank.
• Assess and recommend to the Board of Directors, succession management and issues connected to the Organisational Structure.
• Evaluate and assess and make recommendations and directions pertaining to the Board of Trustees and the management of the private provident fund of the Bank.
• Make recommendations/decisions/directions pertaining to the statutory payments made by the Bank on behalf of its employees, ensuring the effective fulfillment of all commitments arising as a result of the employer–employee relationship.
• Recommend/decide/direct on disciplinary matters resulting in a significant financial loss to the Bank caused by key management personnel of the Bank.
• Review of the effectiveness of Terms of Reference of the Executive Human Resources Steering Management Committee.

The Chairman of the Committee can convene a special meeting in the event a requirement arises provided all members are given sufficient notice of such special meeting. The quorum for a meeting is three (3) members. Members of the Corporate Management may be invited to participate at the sittings of the Committee meetings as and when required by the Chairman, considering the topics for deliberation at such meeting. The proceedings of the Committee meetings are regularly reported to the Board of Directors.

Guiding Principles

The overall focus of the Committee:

• Setting guidelines and policies to formulate compensation packages, which are attractive, motivating and capable of retaining qualified and experienced employees in the Bank. In this regard, the Committee sets the criteria such as qualifications, experience and the skills and competencies required, to be considered for appointment or promotion to the post of Managing Director and to Key Management Positions.
• Setting guidelines and policies to ensure that the Bank upholds and adheres to the provisions of the Laws of the Lands particularly those provisions of the Banking Act No. 30 of 1988, including the Directions issued by the Monetary Board/Director of Bank Supervision in accordance with the provisions of such Act.
• Providing guidance and policy direction for relevant matters connected to general areas of Human Resources Management of the Bank.
• Ensuring that the performance related element of remuneration is designed and tailored to align employee interests with those of the Bank and its main stakeholders and support sustainable growth.
• Structuring remuneration packages to ensure that a significant portion of the remuneration is linked to performance, to promote a pay for performance culture.
• Promoting a culture of regular performance reviews to enable staff to obtain feedback from their superiors in furtherance of achieving their objectives and development goals.
• Developing a robust pipeline of talent capable and available to fill key positions in the Bank.

Methodology adopted by the Committee

The Committee recognises rewards as one of the key drivers influencing employee behaviour, thereby impacting business results. Therefore, the reward programmes are designed to attract, retain and motivate employees to perform by linking performance to demonstrable performance-based criteria. In this regard, the Committee evaluates the performance of the Managing Director and Key Management Personnel against the pre-agreed targets and goals that balance short-term and long-term financial and strategic objectives of the Bank.

The Bank’s variable (bonus) pay plan is determined according to the overall achievements of the Bank and pre-agreed individual targets, which are based on various performance parameters. The level of variable pay is set to ensure that individual rewards reflect the performance of the Bank overall, the particular business unit and individual performance. The Committee makes appropriate adjustments to the bonus pool in the event of over or under achievement against predetermined targets. In this regard, the Committee can seek external independent professional advice on matters falling within its purview.

Further, the Committee may seek external agencies to carry out salary surveys to determine the salaries paid to staff vis-à-vis the market position, enabling the Committee to make informed decisions regarding the salaries and perquisites in the Bank.

Activities in 2023

The Committee held six (06) meetings during the year under review and the proceedings of the Committee meetings, which also included activities under its Terms of Reference, were regularly reported to the Board of Directors with its comments and observations.

The Committee determined the bonus payable for 2022 performance according to the Variable Pay Plan (VPP) for Executive staff and the grant of annual increments to the Executive staff who are not covered by the Collective Agreement. Performance of the members of the Corporate Management during the financial year 2022, including that of the Managing Director/Chief Executive Officer, and the Chief Operating Officer were reviewed. At the conclusion of the review process for 2022, the Key Performance Areas and the respective KPIs of the Corporate Management members set for 2023 were carefully perused by the Committee and agreed on, subject to changes.

Requests by the Pensioners for a revision of pension was considered and the revisions were recommended for the approval of the Board. Proposal on revising allowances for the staff of Dealing Room of the Treasury Division was submitted to the Committee for consideration. The Committee reviewed the proposal and recommended same for approval of the Board. The Committee considered the recommendation made by the Management to grant a special economic relief allowance for permanent staff members up to the Executive Officer Grade taking into account the prevailing economic situation in the country and recommended same for the approval of the Board. The Proposal on entering into a Collective Agreement with Ceylon Bank Employees’ Union (CBEU) for the year 2024 -2026 was submitted to the Committee with proposed salary increments and Committee reviewed the proposal and recommended same for the approval of the Board.

The Board has approved the same and Collective Agreement was signed with Ceylon Bank Employees’ Union (CBEU) on January 01, 2024. Renewal of Board Human Resources & Remuneration Charter (BHRRC) was submitted for the review of the Committee and with the recommendation of the Committee, Board approval was obtained.

A proposal for a special relief allowance for the staff in executive grades due to increase in personal income taxes was submitted to the Committee. With the recommendation of the Committee, Board approval was obtained to grant the relief allowance.

The Committee reviewed and recommended amendments to the Banking Trainee Scheme which were subsequently approved by the Board.

A paper was submitted to the Committee to consider the Treasury Division as a Specialised Unit in the HR Policy. On the recommendation of the Committee it was submitted to the approval of the Board of Directors.

A paper was submitted for renaming of Employees Grades. The Committee recommended the paper for the approval of the Board of Directors.

The Committee approved and recommended for Board approval, changes to the Organisational Structure to bring Digital Banking Unit under the purview of Chief Information officer.

Prof A K W Jayawardane
Chairman

Board Human Resources and Remuneration Committee

February 21, 2024

Charter of the Committee

Demonstrating its commitment to good governance, the Board of Directors of the Bank (being one of the few listed entities to do so) formed the BRPTRC in 2014 by early adoption of the Code of Best Practice on Related Party Transactions as issued by the Securities and Exchange Commission (SEC) of Sri Lanka which became mandatory for all listed entities from January 01, 2016.

The Committee assists the Board in reviewing all Related Party Transactions (RPT) carried out by the Bank, all its subsidiaries and the associate in the Group to ensure that the interests of shareholders as a whole are taken into account by the Bank when entering into RPT and also to ensure that Directors, Key Management Personnel (KMP) and shareholders with substantial shareholding of the Bank do not secure any undue advantage due to their positions, thereby avoiding any conflicts of interest. The Committee also assists the Board in maintaining transparency in relation to RPT with the required disclosures.

The mandate of the Committee includes inter-alia, the following:

• Developing, updating and recommending a RPT Policy consistent with that proposed by the Section 9 of the Listing Rules on Corporate Governance issued by the Colombo Stock Exchange (CSE), for adoption by the Board of Directors of the Bank and its listed subsidiaries.
• Updating the Board of Directors on the RPT of each of the listed companies of the Group on a quarterly basis.
• Advising the Board in making immediate market disclosures on applicable RPT as required by Section 9.14.7 of the Listing Rules of the CSE.
• Advising the Board in making appropriate disclosures on RPT in the Annual Report as required by Section 9.14.8 of the Listing Rules of the CSE.
• Reviewing and recommending RPTs as per the RPT Policy for the approval of the Board of Directors.

Methodology Adopted by the Committee

• Reviewing the mechanisms in place to obtain declarations from all Directors (at the time of joining the Board and quarterly thereafter) informing the Company Secretary, the primary contact point for Directors, of any existing or potential RPT carried out by them or their Close Family Members (CFM) and obtaining further declarations in the event of any change during the quarter to the positions previously disclosed.
• Reviewing the mechanisms in place to obtain confirmations on any new appointments accepted by Directors of the Bank in other entities as KMP, informing the Company Secretary to identify and capture transactions carried out by the Bank with such entities, if any, which need to be disclosed under ‘Directors’ Interest in Contracts with the Bank’ as disclosed on page 230 of this Annual Report.
• Reviewing the mechanisms in place to capture and feed relevant information on RPT which also includes information on KMP, CFM and the Bank’s subsidiaries and associate into the data collection system and the accuracy of such information.
• Ensuring that a Director who has a material personal interest in matters considered at meetings are abstain while the matter is being discussed at meetings and do not take part in recommending such RPT to the Board of Directors.
• Obtaining an annual declaration from each Director, as required by the CBSL designed to elicit information about any existing or potential RPT.
• Ensuring that annual declarations are submitted by Directors directly to the Bank’s External Auditors immediately after the closure of the Financial Year for external audit purposes.
• Obtaining independent validation from the Bank’s Internal Audit division for information submitted to the Committee for its review.

Following types of RPT are brought to the attention of the BRPTRC as required by the Sections 3(7)(iv) and (v) of the Banking Act Direction No. 11 of 2007 on Corporate Governance for Licensed Commercial Banks in Sri Lanka issued by the Central Bank of Sri Lanka.

• Any credit facility or any other form of accommodation for Directors or their CFMs as approved by the Board. In the case of facilities granted to the children of Directors, such transactions require approval of the Board only if the children are financially dependent in terms of the Definition given on “Close relation” in Section 86 of the Banking Act No. 30 of 1988.
• Any credit facility or any other form of accommodation for entities in which a Director of the Bank or their CFM holding more than 10% of its paid-up capital as approved by the Board.

Activities in 2023

During the year, as a part of Bank’s practice of review of policies, the RPT Policy was reviewed and updated in December 2023 line with the revised Corporate Governance Requirements including the Rules governing the Related Party Transactions as set out in Section 9 of the Listing Rules issued by the CSE. The amended RPT Policy was approved by the Board of Directors in December 2023 and implemented. Arrangements were also made to disseminate the amended RPT Policy among all relevant stakeholders and obtained their acknowledgements to ensure that they have read and understood the applicable regulatory requirements relating to identifying, capturing and reporting of RPT. In addition, the Terms of Reference of the Committee was also reviewed and revised in December 2023 to capture new developments and was approved by the Board of Directors in December 2023. Further, the Committee deliberated and took several steps to improve the accuracy of the processes involved in submitting the information on RPT which include process of updating the Related Parties in the Core Banking System of the Bank.

The Committee held four (4) meetings during the year under review as required by Section 9.14.4 (1) of the revised Listing Rules. The Committee reviewed all RPT carried out during the year at its quarterly meetings and the proceedings of the Committee meetings, which also included activities under its Terms of Reference, were regularly reported to the Board of Directors with its comments and observations.

Prof A K W Jayawardane
Chairman
Board Related Party Transactions Review Committee

February 21, 2024

Charter of the Committee

The Committee shall assist the Board in effectively fulfilling its responsibilities relating to Credit Direction, Credit Policy and Lending Guidelines of the Bank in order to inculcate healthy lending culture, meeting standards and best practices and ensure relevant rules, regulations and directions issued by the appropriate authorities are complied with.

The Committee is empowered to:

• Review and consider changes proposed by the Management from time to time to the Credit Policy and the Lending Guidelines of the Bank.
• Review the credit risk controls in lending, ensure alignment with the market context and the internal policy of the Bank and the prevailing regulatory framework in order to ensure continuous maintenance and enhancement of the overall quality of the Bank’s loan book.
• Evaluate, assess and approve credit proposals which fall within the delegated authority level of the Committee as prescribed by the Board from time to time.
• Evaluate, assess and approve concessions on interest and writing off of bad debts within the delegated authority level of the Committee as prescribed by the Board from time to time.
• Review and recommend credit proposals which fall within the purview of the Board.
• Evaluate and recommend counter party exposures over Rs. 1,000 Mn. sector exposures and cross border exposures to the Board as per the frequencies identified in Risk Management Policy of the Bank.
• Monitor and evaluate special reports called for by the Board.
• Set lending directions based on the current economic climate and risk appetite of the Bank.
• Proactively review, discuss and remedy significantly large lending exposures with increased vulnerabilities.

Activities in 2023

The Committee held Twelve (12) meetings during the year under review. The proceedings of the Committee meetings were regularly reported to the Board of Directors.

In the face of a challenging environment characterised by the effects of unprecedented macroeconomic challenges within the country and global externalities such as war, political conflict, and the ongoing increase in the cost of living, the Committee strategically sets the Bank’s lending directions. It seeks to ensure prudent management of the Bank’s credit growth while aiming to maintain and improve credit quality, with a commitment to incorporating sustainable practices that align with environmental and social responsibility.

The Committee approved credit proposals above a predetermined limit, recommended credit proposals and other credit reports intended for approval/perusal by the Board of Directors after careful scrutiny.

These tasks were carried out by the Committee in line with the Bank’s lending policies and credit risk appetite to ensure that the lending portfolios were managed in line with the stipulated credit risk parameters set by the Board of Directors while achieving the Bank’s lending targets.

Prof A K W Jayawardane
Chairman
Board Credit Committee

February 21, 2024

Charter of the Committee

BIC is mandated to achieve the Bank’s financial goals, whilst maintaining market risk and liquidity risk at desired levels and maintaining a healthy capital buffer at all times. Main focus of the BIC encompasses management of market, liquidity and interest rate risks in the balance sheet whilst focusing on the concentration and reinvestment risks of investment assets and management of the Bank’s capital.

The BIC reviews and approves the policies and operating parameters for investment activities, initiates discussions on capital management of the Bank, reviews and recommends significant investment decisions and reviews the performance of investment portfolios.

In addition, the Committee also evaluates the Bank’s overall liquidity management operations, treasury investments and borrowing activities, and capital adequacy. The Bank’s borrowing proposals are evaluated by the Committee together with the liquidity requirement and deployment, and suitable recommendations are provided.

The Committee also evaluates the impact of possible macroeconomic developments and trends to the profitability, liquidity, balance sheet, and capital through sensitivity and scenario analysis. As part of macroeconomic analysis process the Committee also recommends and sanctions undertaking of relevant research, investment in enhancing and developing research and analytical capabilities and acquisition of required technical and human resources.

The Committee continuously benchmarks the performance of the Bank’s investment portfolios, returns of the banking book, profitability of its business activities and implied risks factors associated with investment decisions.

Methodology adopted by the Committee

The Committee meets monthly to discuss, review and action on following key responsibilities.

• Defining the investment objectives and guidelines of the Bank in alignment with the Bank’s strategic goals and risk tolerance, taking into consideration the market conditions, regulatory changes and economic trends.
• Overseeing the implementation of the investment objectives in line with the investment related policies of the Bank by defining the asset allocations, investment horizons and potential returns.
• Approving the investment limits to be set for the Executive Investment Committee by setting the performance benchmarks and measurement criteria for different portfolios, liquidity credit and market risk parameters and reporting requirements.
• Making decisions on investments which fall beyond the limits of the Executive Investment Committee by evaluating the potential investment opportunities, risk return profiles of investments with due consideration for profitability and sustainability.
• Providing guidance on the investment activities of the Bank through oversight of the Due Diligence process, documentation, financial modeling and feasibility analysis and legal agreements. The Committee will ensure that the Bank adhere to the market best practices at all times in its investment activities.
• Provide regular updates and recommendations to the Board of Directors of the Bank on the investment opportunities and decisions approved by the Committee, performance review of portfolios, risk management measures and ensure that all Board members are well informed of the Bank’s investment activities.

Activities in 2023

The continuously evolving banking landscape required the Committee to regularly review the Bank’s investment activities and financial position. The Committee evaluated and recommended the actions proposed by the Management in areas of investment, risk management and capital mobilisation during the year for the approval of the Board of Directors of the Bank.

Following key areas where the Committee was required to recommend and make decisions can be highlighted.

• Review and recommend strategies to meet the implications of a possible Domestic Debt Optimisation (DDO) plan by the Government of Sri Lanka and align the Bank’s investment portfolios to meet possible adverse outcomes.
• Review of the investment and trading portfolio limits for LKR securities to allow better assets and liabilities management by the Bank’s treasury. In the absence of growth in corporate and consumer credit the investment requirements in government debt needed to be managed within strict parameters considering the possible impact of DDO and the allocation of funding into debt.
• Continuous review of the Bank’s FX Management Policy to optimise the impact high volatility of LKR and BDT on the Bank’s balance sheet. This encompasses the revaluation impact of LKR appreciation on the reserves and risk weighted FCY assets of the Sri Lanka operations, impact of the BDT currency depreciation in Bangladesh operations, NOP impact arising from the impairment of the ISB portfolio in line with the External Auditors’ recommendations and the absorption of FCY bond settlement in LKR as part of the DDO programme.
• Approval of investment in US Government treasury instruments to manage the excess FCY liquidity arising from impairment provisions and accepting LKR settlement for maturing SLDB investments.
• Recommendation of the Bank’s Capital Augmentation Plan and Tier II debt issuance of the Bank to strengthen the capital base.
• Continuous review of the Bank’s Liquidity Contingency Plan and Stressed Liquidity Contingency Plan to support the Asset & Liability Management.
• Adoption of the Terms of Reference for the Committee, review and recommendation of the Bank’s ALM, Treasury and Investment policies for approval by the Board of Directors of the Bank.
• Reconstitution of the Bank’s investment and trading activities in the fixed income securities to optimise the investment returns and segregation of trading and liquidity management activities from statutory investment requirements.
• Sanctioning of setting up dedicated Market and Macroeconomic Research Division.

S Muhseen
Chairman
Board Investment Committee

February 21, 2024

Charter of the Committee

The Board Technology Committee’s primary objective is to ensure that the organisation’s technology aligns with its overall strategy and goals and that the technology systems are secure, reliable, and compliant with relevant regulations and standards.

This Charter intends to set forth the framework, duties, powers, and responsibilities of the Board Technology Committee, focus areas of which include but are not limited to:

• Technology Strategy:
• Technology Roadmaps:
• Digital Transformation:
• Emerging Technology:
• IT Infrastructure:
• Technology Investment:
• Progress Review of key IT initiatives:

Activities in 2023

The Committee held ten (10) meetings during 2023, and the proceedings of the Committee meetings were regularly reported to the Board of Directors with its comments and observations. The Committee focused on improving the following areas, which are the key drivers of the Bank towards a digital era while ensuring the robustness of the IT infrastructure of the Bank. Committee focused on Building a Digital Roadmap, AI & Data Science Roadmap, Technology Roadmap, Information Security Roadmaps, overseeing the organisation’s digital transformation initiatives, oversees the organisation’s IT infrastructure, technology-related investments providing recommendations to the Board, overseeing the organisation’s major IT projects’ progress against its goals, objectives, timelines ensuring that it aligns with the organisation’s overall business strategy and objectives.

Key IT initiatives

• Core Banking upgrade in Sri Lanka, Bangladesh and Maldives Operations and Branch Teller application upgrade for Maldives and Bangladesh branch network

The Core Banking Upgrade initiative across Sri Lanka, Bangladesh, and Maldives Operations marks a pivotal milestone in our pursuit of technological excellence and operational efficiency. This strategic endeavour reflects our commitment to staying at the forefront of financial technology, ensuring that our banking systems are not only robust but also equipped to meet the evolving needs of our customers in these diverse markets.

• Automation of Service Counter Operations of Branches

The Automation of Service Counter Operations across our branches stands as
a transformative initiative at the forefront of our commitment to operational excellence and customer service enhancement. By introducing automation to service counter operations, we aim to reduce transaction times, minimise errors, and enhance the overall customer experience. This initiative aligns with our broader vision of staying ahead in the rapidly evolving technological landscape of the financial industry.

• AI and Data Science (SME/Data Visualisation) phase 1 for SME operations which enables the teams with data–driven decision-making

The Phase of Artificial Intelligence (AI) and Data Science strategies custom-made specifically for Small and Medium Enterprises (SMEs), with a primary focus on Data Visualisation. This milestone marks a pivotal step in empowering SME teams with the tools and insights necessary for data-driven decision-making.

• Early warning signals for lending portfolio

This strategic initiative aims to fortify risk management practices and bolster the financial stability of our organisation. By deploying sophisticated algorithms and data analytics, the system has demonstrated its proficiency in identifying potential risks and signaling early indicators of distress within the lending portfolio. The EWS framework enables proactive decision-making by providing timely alerts on emerging threats, allowing for swift and effective risk mitigation strategies.

• Cloud-based email subscription solution with novel features
• Virtualised server platform for Bangladesh operations
• Loan Origination System version upgrade

Furthermore, the agile way of working at IT R&D has supported to cater to the business units with the targeted priorities and full transparency. The productivity and quality of deliveries have been greatly improved compared to the previous year.

Digital Infrastructure plays a vital role in providing an uninterrupted service and serves the ever-increasing customer expectations. Cognisant of the importance of the infrastructure, the Information Technology Department has identified and implemented the following key initiatives to enhance the internal system capabilities and streamline the hardware usage;

• 900+ Touchpoints (ATM/CRM) – The Bank has further expanded its ATM/CRM facility while reaching 900+ touchpoints landmark at the end of the Year 2023 while being
  Sri Lanka’s largest single ATM/CRM network owned by a private sector bank with 24 x 7 customer convenience and enhanced features.
• High availability framework – The availability of IT systems for customers is of paramount importance in today’s competitive banking industry, especially in digital platforms. When maintaining availability, ‘High Availability’ is important for IT systems to continue the business even with unpredictable failures of IT systems. The Bank has enhanced the ‘High Availability’ of its mission-critical systems.
• Server Virtualisation and Private Cloud – Centralised Virtual Server Infrastructure at data centers facilitates the Bank’s systems and applications covers 93% of the servers and provides many technical advantages while saving OPEX. The strategic decision has been taken to further enhance the server virtualisation platform while enabling a private cloud-ready platform.

Enterprise architecture focus has been set to align all the banking systems and infrastructure to the industry standards. The Business, Data, Application, and Infrastructure architectures have been considered as the key focus verticals incorporating IT standards with security compliance.

• Compliance and Certifications of ISO 20000/ISO 27001/PCI-DSS – The Bank was recertified for ISO 20000, ISO 27001, and PCI-DSS, standards in 2023. These are the de facto standards on, IT Service Management, Information Security, and Card Industry, and it will demonstrate that IT systems and processes are maintained with these world-renowned certifications. All these compliances build customer confidence and information security practices.

Projects in progress

The Bank has initiated several key IT projects during the year, including New Treasury System Implementation, Open banking for Maldives, Improvement of Digital Banking platform, Revamp Flash application and implementing, new Micro Services architecture, AI and Data Science use cases, Robotic process automation for internal operations, Fraud monitoring system implementation, Employee self-service mobile app, ATM Channel manager, ITM Version upgrade, Q + Feature addition and Compliance related projects (GoAML, ITRS, RTGS), Implementation of new HR system.

Following key projects were initiated in 2023

The Committee has given its recommendations for following major initiatives of the Bank

• Consultancy on Data Analytics Strategies Developing Roadmaps and Use Cases
• Implementation of Customer Identity and Access Management (CIAM Solution)
• E-Statement Solution for Customer Statements and Advises
• Implementation of Modern Micro Services Platform (API Management, Governance and Observability)
• Implementation of Business Process Management Suite (Low code/No code platform)
• Implementation of New Corporate Digital Banking Platform
• Video KYC(VKYC)/Digital KYC(DKYC)
• CX Management Platform
• Trade Finance System Upgrade Automatic Credit Underwriting Journeys
• Top-tier Human Resource Management System
• Assets and Liabilities Management and Funds Transfer Pricing
• State-of-the-art ATM Switch
• Interbank Cheque Clearing & Fund Transfer Solution for Bangladesh Operations

S Muhseen
Chairman
Board Technology Committee

February 21, 2024

Charter of the Committee

The Committee was established to have an overall Bank-wide strategic management oversight.

The Committee is empowered:

• To assist the Board in performing its core responsibilities relating to the Bank’s strategy.
• To advise and monitor the Management on:
• Identification of business strategies geared for the sustainable development of the Bank; and
• Establishment of processes for planning, implementing, assessing and adjusting of the business strategies.
• To oversee the Management’s engagement on the strategic perspective, direction and development of the strategy for the Bank and its business units.
• To oversee the Management’s implementation of the approved strategic plan and the progress against strategic milestones and goals.
• To oversee the Management’s implementation of major business transformation projects and their execution.
• To engage in detail discussion and provide guidance to the Management on:
• Whether the governance, risk appetite, financial and capital planning, liquidity and funding management, control environment and resources can support the Bank’s strategic objectives.
• Divestitures, Mergers and Acquisition (M&A) strategies including post transaction performance tracking.
• The impact of changes in the competitive environment.
• To foster a cooperative, interactive strategic planning process between the Board and the Management.
• To provide recommendations for strategic direction of the Bank’s subsidiaries whenever appropriate.

Activities in 2023

The BSDC met more frequently during the year (six meetings) compared to the minimum requirement of four meetings as per the Terms of Reference to offer guidance in the strategic decision-making process of the Bank in a challenging socio economic environment which prevailed during 2023.

The BSDC assisted the Board by evaluating the business strategies and making recommendations to strengthen core competencies of the Bank.

The Committee carried out the following activities during the year 2023:

• Emphasised on the importance of augmenting customer experience and deliberated on the training requirements for the staff and tools available in this regard.
• Deliberated on the actions to be taken to increase the contribution of the subsidiaries to the Group performance.
• Considered the Government budget proposals and their impact on the Bank and the Banking Industry.
• Deliberated on the potential stress on the capital adequacy arising due to many external factors and measures that need to be taken to augment capital adequacy.
• Received frequent updates on major challenges in 2023 such as foreign exchange crisis, high interest rates, soaring inflation and stressed on capital adequacy to support its decision making.
• Received frequent updates on the progress on the initiatives taken in relation to the Government debt restructuring programme, and deliberated on their impact.
• Reviewed the impact of movements in market variables on capital adequacy.
• Reviewed and discussed matters of importance arising from the Minutes of the Executive Strategy Development Committee Meetings.
• Considered the market share analysis and the market share dashboard and discussed matters relating to same.
• Given the challenging operating environment and the consequent stresses on the Bank, the Committee recommended appropriate revisions to its expansion plans.
• Discussed matters relating to the 2024 Budget of the Bank.
• Deliberated and assessed various aspects concerning the digital banking platform of the Bank, exploring strategic insights, potential enhancements, and key considerations to propel its effectiveness.
• Conducted discussions regarding the initiation of operations at the Colombo Port City, exploring feasibility, strategic implications, and operational considerations to make informed decisions moving forward.
• Deliberated on the importance of standardising service levels across all customer touch points and the establishment of a Customer Experience Unit to enhance and streamline customer interactions across the Board.
• Deliberated on the importance of differentiating the Bank's service standards to gain a competitive advantage in the financial industry.
• Discussed issues pertaining to brain drain in the country and its potential impact on the Bank in depth with the central focus on formulating effective strategies to retain top performing staff members.
• Reviewed the Shareholder Communications Policy.
• Reviewed the Sri Lankan operations of the Bank and directed the main business units to present their plans for enhancing the Bank's market share.
• Reviewed the proposal for a strategic partnership with AIA Insurance Lanka Limited and monitored the progress leading up to the signing of the agreement on November 28, 2023.

Important decisions taken at the Committee meetings and deliberations on activities under the Terms of Reference were regularly reported to the Board of Directors for information/approval.

Prof A K W Jayawardane
Chairman
Board Strategy Development Committee

February 21, 2024

Terms of Reference of the Committee

Item 3.5 of the Banking Act Direction No. 01 of 2023 dated February 02, 2023 requires the Licensed Commercial Banks to form a Board Level Sub Committee to operate during the years 2023 and 2024, which is entrusted with the responsibility of evaluating, approving and recommending to the Board for approval all expenses including non-essential and/or non-urgent expenditure and/or capital expenditure to be incurred by the Bank, if any.

Accordingly, with a view to ensure compliance with the above Direction, the Bank formed the Board Capital Expenditure Review Committee (BCERC).

Upon receipt of approval by the Executive Procurement Committee, the BCERC is empowered;

• to review and approve all capital expenditure projects, [except for IT related Capital Expenditure which will be recommended by the Board Technology Committee (BTC) for approval of the Board in terms of the Terms of Reference of BTC] in excess of Rs. 25 Mn. up to Rs. 50 Mn.; and
• to review and recommend for approval of the Board, all capital expenditure projects, (except for IT related Capital Expenditure which will be recommended by BTC in terms of the Terms of Reference of BTC) in excess of Rs. 50 Mn.

Charter of the Committee

The Committee shall;

• Evaluate any expense related to proposals received by the Committee to ascertain whether such expenditure can be considered as non-essential or non-urgent.
• Discuss the Company’s capital expenditure, objectives and plans with the Management.
• Periodically review the performance of major capital expenditure projects which fall under the purview of the Committee, against original projections.
• Execution of any other duties or responsibilities expressly delegated to the Committee by the Board from time to time relating to the Company’s non-essential or non-urgent expenditure and/or capital expenditure.
• Monitor, evaluate and compile special reports called for by the Board.

Activities in 2023

One (01) Committee meeting was held during the year under review and the BCERC reviewed the terms of reference pertaining to the same.

Important decisions taken at the Committee meetings and deliberations on activities under the Terms of Reference were regularly reported to the Board of Directors for information/approval.

S Muhseen
Chairman
Board Capital Expenditure Review Committee

February 21, 2024