- The National Bank is committed to the highest standards of good governance, and work is carried out in accordance with the PMA’s Governance Guide and instructions No. 10.
- The relationship between the bank’s management, represented by its Board and executive management, and the shareholders is based on a framework that ensures the implementation of sound management and governance in achieving its objectives and realizing various benefits for stakeholders, including minority shareholders. The governance system provides detailed, accurate and timely information about TNB and the responsibilities of the Board and its different committees towards the bank and shareholders.
- The National Bank is committed to sound governance practices and the highest standards of efficiency and accuracy in its activities in line with PMA instructions which are in line with the latest international best practices and the Basel Committee recommendations on governance.
- The bank is committed to meeting the needs of the Palestinian community by providing banking services using the most modern and sound methods and ensuring services are provided in a proper manner to different stakeholders. Additionally, the bank supports the community by sponsoring different social activities. This promotes its national affiliation and identity and is a part of its social responsibility.
The bank continuously seeks to maintain the highest levels of transparency towards its shareholders, clients and the market by disclosing accurate and timely information in accordance with international financial reporting standards, PMA regulations and related laws.
The bank keeps up with the changes in international practices of transparency and financial disclosures. It is committed to the following:
- Ensuring disclosure procedures are clear, continuous, and accessible to all market players forcomparison, and ensuring information is disclosed through various easily accessible and low-cost methods.
- Disclosing all information of relative importance in a timely manner, ensuring they reach all parties concerned.
- Disclosing important information on its activities to the PMA, shareholders, clients, other banks, and the public, with a special focus on issues that may raise concern for shareholders. The bank discloses this information periodically through easily accessible portals.
- Ensuring annual reports include adequate and useful information that keep investors, depositorsand other stakeholders abreast of the bank’s status.
- Maintaining lines of communication with regulatory authorities, shareholders, depositors, other banks, and the public.
The Credit Committee consists of three members of the Board and has specific Board-approved written duties and authorization.
Roles and Responsibilities:
- Develop credit strategies that clearly define the targeted quality of credit, return and growth, accepted risks and their impact on the target return, and the burden on capital. In the long term, strategies should take into consideration the different economic cycles, and should be evaluated annually based on the business results and in line with the PMA instruction. Strategies should be approved by the Board of Directors.
- Establish a credit risk management framework, that determines risk appetite, accepted risk, and risk tolerance, and define acceptable credit concentrations in line with the PMA instruction. The framework should be approved by the Board of Directors.
- Set specific standards to ensure the executive management is able to implement credit policies and strategies approved by the Board of Directors and manage the risks of credit activities.
- Regularly inform the Board of Directors of the status of the operating and non operating credit portfolio at the bank and the percentage of credit concentration and recommend measures that limit risks exceeding TNB’s accepted risks. Recommend, to the Board of Directors, the limits for granting credit access.
- Review the credit policy, credit strategies and the general credit risk management framework periodically or whenever needed and re-evaluate them independently of the executive management. Work on ensuring they are adopted by the Board of Directors.
- Approve or recommend for approval funding requests submitted to the committee, while ensuring there is no conflict of interest between the members of the committee and the party submitting the funding request.
- Review all supervisory reports related to the various credit operations and approve them or recommend them for approval by the Board.
- Coordinate with all Board committees and work with them on all matters related to credit operations, whether the Audit Committee, the Risk Committee, the Asset and Liability Committee (ALCO) and other relevant committees.
- Ensure the Executive Management establishes and adequately adheres to the Bank›s internal control and oversight systems in its policies, procedures, and credit operations or in related activity approved by the Board.
The Committee holds at least six meetings per year.
The Investment Committee consists of four members of the Board of Directors. The Chairman shall be chosen by the members of the Committee and shall be an executive member.
Roles and Responsibilities:
- Review the bank’s investment strategy before it is approved by the Board, at least once a year, or more often when needed.
- Assess the performance of the current investment portfolio in terms of risk and return.
- Monitor the movement of Arab, regional and international capital market indices to benefit from their indicators.
- Divide the investment portfolio into equity and debt instruments, including treasury transfers and government bonds, and include foreign instruments.
- Respect the investment restrictions set out in the Banking Law and PMA instructions.
- Always compare the investments’ market value to the book value.
- Suggest purchases and sales, maintain the investment portfolio, carry out operations in line with its mandate, and maximize returns on investments while ensuring a balance between risks and returns.
- Review and approve the credit limits related to correspondent banks.
- Follow up on the reports of the Assets and Liabilities Committee, review its performance, and take appropriate decisions.
- Provide the Board of Directors with periodic reports on the bank’s investment position and provide information about any material changes that may occur without delay.
The Committee holds at least four meetings (once every three months) per year.
Digital Transformation Committee
The committee consists of three members and may be reinforced by members from the executive management and relevant departments, provided that the majority of its members are Board members. The Chairman shall be chosen by the members of the Committee.
Roles and Responsibilities:
- Oversee IT strategies:
- The committee reviews all matters that would define the IT strategic directions of the bank with the aim of positioning the bank alongside international technologically advanced banks in line with best practices and the technologies.
- Supervise the progress of digital transformation and manage information technology processes to ensure their efficiency and effective contribution to the bank’s goals, and to submit recommendations to the Board of Directors on important IT investments.
- Keep the Board or the relevant body abreast of any development that might negatively affect the project’s progress, by submitting performance and compliance reports on the project implementation plan.
- Assess the performance of the IT Department Director and the performance of the department as a whole on an annual basis.
- Assess current and future IT and digital transformation trends.
- Oversee IT related risks:
- Review IT risks, including information security and cyber security risks, as well as the controls adopted by the management to mitigate them.
- Develop policies and procedures to support such controls in line with the Bank's risk appetite.
- Ensure that all internal and external control requirements are implemented by reviewing all control reports of the IT Department and taking the necessary corrective measures.
- Review the internal audit report of the IT Department and follow up on the implementation of recommendations.
- Recommend the approval of changes and amendments to IT policies and procedures.
The Committee holds at least four meetings (once every three months) per year.
Internal Audit Committee
The Internal Audit Committee consists of three members of the Board. The Chairman shall be an independent member chosen by the Board members.
Roles and responsibilities:
- Provide recommendations on nominating, agreeing on the fees, and ensuring the independence of an external auditor. The nomination must be approved by the Board and the General Assembly.
- Assess the independence of the external auditor at least once a year through the following:
- Assess the extent to which they are providing services that fall outside the scope of the audit and affect its independence.
- Obtain a report from the external auditor explaining any relationship between them and the bank or any other person or institution that might affect their independence.
- Review the bank’s accounting and financial practices.
- Review the financial statements and identify any accounting issues which have a material impact on the annual and semi-annual statements, preliminary statements, and any statement and clarification related to the bank's financial performance. This includes reviewing and confirming the following:
- Any material changes to the accounting policies.
- Mechanisms to record essential or unusual events, especially when there is more than one way to record them.
- Ensuring the bank complies with the applicable international accounting standards and that management provides appropriate estimates and judgments, taking into account the external auditor's assessment of the financial statements.
- The clarity and completeness of disclosures in the bank’s annual report and the way they are presented.
- Ensuring that all material data is reported in the annual report and other financial statements.
- Reviewing the Bank's controls and internal and financial regulations systems on an annual basis, in cooperation with the Risk and Compliance Committee.
- The Committee shall submit a report on its views to the Board of Directors if it is not satisfied with any aspect of the draft financial report, taking into account the issues reported by the external auditor.
- Coordination between the internal and external auditors.
- Review the scope and results of the audit and discuss them with the external auditor.
- Ensure there is a clear and transparent mechanism that allows all bank employees to report any irregular or illegal behavior or practice and ensures a professional and objective follow-up.
- Supervise the bank's compliance with legal and regulatory requirements.
- Review the reports prepared by the Internal Audit Department and follow up on the amendment of violations.
- Adopt the annual audit plan and the internal audit charter and monitor their implementation to ensure a comprehensive audit of all banking and administrative activities, including those assigned to external parties.
- Ensure the independence of the Internal Audit Department, so that the internal audit is carried out directly by the Committee. In other terms, ensure the committee submits reports, appoints the director and employees of the Internal Audit Department, and determines their salaries, bonuses and annual raises.
The Committee holds at least four meetings (once every three months) per year
Risk and Compliance Committee
Roles and Responsibilities:
- Nominate the Director of the Risk Department, the Director of the Compliance Department and the Director of the AML Department, determine their fees and ensure they have the appropriate expertise and academic qualifications.
- Review and discuss the risk, compliance and AML policy and recommend it to the Board of Directors for approval.
- Ensure the Risk Department conducts stress tests periodically to make sure it is capable of withstanding shocks and facing high risks.
- Compare the actual risks of the bank with the accepted risk document and address any inconsistency on a periodic and continuous basis.
- Review the strategy of the Bank's Risk Department and the annual plan of the Risk Management Department before their submission to the Board for approval.
- Follow-up on the implementation of the Business Continuity Plan “BCP” and the Disaster Recovery Plan “DRP”.
- Monitor the capital adequacy ratio, and ensure it is consistent with PMA instructions and decisions of the Basel Committee on Banking Supervision, in terms of the minimum limits, and ensure the estimated budgets and strategies of the bank are on the right track.
- Review the risks related to issuing banking products or outsourcing services.
- Provide advice and submit the necessary reports to the Board of Directors on the current and future status of the bank’s risk appetite and risk culture. Supervise capital strategies and the management of liquidity and any risks related to the bank’s activities and business to ensure they are in line with the approved risk appetite. Supervise the implementation by the senior management of a risk appetite framework.
- Formal and informal exchange between the Committee, the Risk Department and the Department Manager to obtain the necessary reports on the bank’s risk profile, risk culture, permissible limits and any violations thereof, in addition to risk mitigation plans.
- Determine the risks associated with the bank’s business, develop a comprehensive current and future strategy on risk tolerance and mitigation, and supervise the implementation of that strategy by the senior executive management.
- Submit periodic reports to the Board of Directors on the risks that the bank faces or may be exposed to, and inform the Board of any material changes that occur in the bank’s situation without delay.
- Ensure there is an appropriate risk management environment in the bank, including studying the suitability of the bank’s organizational structure and ensuring there are qualified employees working independently to manage the basic risks facing the bank, in line with a clear risk management system.
- Review reports issued by the Risk, Compliance and AML departments and submit them to the Board.
- Approve the annual plan of the Compliance Department and the Anti-Money Laundering Unit.
- Determine the principles of compliance that the bank must respect in line with the laws and instructions in force and take the necessary measures to promote of integrity and sound professional practices in the Bank.
- Supervise and control the work of the Compliance Department and evaluate the efficiency of implementing the compliance policy annually in the report submitted by the executive management to ensure the bank is compliant. The Board of Directors may delegate this responsibility to a separate committee it appoints or to the Audit Committee.
- Ensure the compliance monitoring function is independent of the bank’s activities and business.
- Follow-up and supervise the systems and policies adopted by the Bank to avoid cases of fraud, bribery and corruption, and to obtain reports showing cases of non-compliance.
- Follow-up and ensure there are systems and procedures that allow employees, contractors or any external party to report any reservations or errors in the financial reports or any other matters.
- Establish an AML/CFT function to follow up on the compliance with the AML/CFT Law, provided this job is assigned to an independent employee at the level of Director called AML/CFT Officer.
- Supervise the AML/CFT function in the bank and approve the charter or any other official document under which this function is established.
- Adopt a manual of policies and procedures for the AML/CFT Department based on risks (RBA), the FATF recommendations, international best practices, and the basic principles and guidelines issued by the Basel Committee on Effective Banking Supervision. This manual should clearly define the priorities and responsibilities of the position, working methods, reporting mechanisms and the presentation of results. It should include a mechanism for taking corrective measures in the event of any violations. The Manual should be submitted to the Board of Directors for final approval.
The Committee holds at least four meetings (once every three months) per year
Nomination, Remuneration and Corporate Governance Committee
The Nomination, Remuneration and Governance Committee consists of five members of the Board of Directors. It shall have specific written tasks and powers approved by the Board of Directors.
Roles and Responsibilities:
Roles and responsibilities related to corporate governance:
- Supervise the implementation of the governance policy framework in the bank.
- Submit reports and recommendations to the Board on the results achieved, including evaluating the compliance with the Bank's Governance Manual and submitting proposals to amend the Manual to ensure consistency with best practices.
Role and responsibilities related to remunerations and incentives:
- Oversee the design of the rewards and incentives system and ensure it is compatible with the bank's culture and long-term business continuity.
- Oversee the implementation of the rewards and incentives policy/methodology.
- Supervise strategic projects on the bank's human capital.
- Conduct a periodic review of the policy/methodology for granting rewards, incentives, and benefits, or upon the Board’s recommendation, and submitting recommendations to the Board to amend or update this policy.
- Conduct a periodic assessment of the adequacy and effectiveness of the rewards policy to ensure it achieves its objectives.
- Submit recommendations to the Board on the remunerations and allowances of the Chairman, Board members and main officials in the Bank.
- Ensure that the policy/methodology for rewards, incentives and benefits takes into consideration all types of risks to which the bank is exposed when determining rewards to ensure a balance between profits and risks.
- Ensure that the rewards and incentives policy is consistent with PMA instructions and the bank's internal system.
- Submit periodic reports on the Committee’s work and achievements.
Role and responsibilities related to nominations:
- Prepare standards to be approved by the Board for the conditions and qualifications that must be met by members and senior management in terms of skills, experience and any other factors it deems appropriate.
- Submit recommendations to the Board on changes it believes are required in the number of members of the Board or a committee.
- Submit nominations to the Board in the event of a vacancy (including a vacant seat resulting from the increase in the number of Board members).
- Review the eligibility of all candidates and any candidate proposed by the management.
- Determine the members qualified to fill the vacancy in any committee and submit a recommendation to the Board.
- Assess the performance of the Board, committees and members at least once a year.
- Oversee the human resources policies in general.
- Submit recommendations to the Board from time to time about any changes the Committee believes are necessary in the management structure or job descriptions of main officials.
- Develop an appropriate plan to ensure the replacement of the Chairman and members of the Board of Directors and key officials in cases of emergency or when vacancies arise due to unforeseen circumstances.
- Supervise the training of board members on banking governance.
The Committee holds at least two meetings per year for each of its responsibilities.
The National Bank envisions becoming one of the leading financial institutions in Palestine and recognizes that compliance is key in this regard. In order to reaffirm and enhance this commitment, TNB has put in place the following principles for good compliance.
- Every bank employee is responsible for compliance.
- No fear of reporting violations.
- Refraining from targeting profits at the expense of compliance.
- Our reputation matters.
TNB is committed to complying with all laws issued by legislative authorities, instructions issued by the PMA and Palestinian laws. The bank continuously works on updating its internal policies and procedures to remain compliant with new publications of supervisory authorities and follow-up on their implementation. The bank also follows up on and examines international best practices to maintain its good reputation among local and international banks.
Compliance will allow the bank to become a leading institution in the local financial sector by following international best practices in line with the bank’s own values. The Compliance Department is responsible for examining and evaluating the internal policies and procedures approved by the Board of Directors in line with the laws and regulations of the supervisory authority. The Department is also in charge of assessing risks related to violating compliance regulations and the impact of such violation by carrying out regular and comprehensive assessments and examinations of compliance-related risks. Should any deficiencies be identified, they should be followed up and necessary corrective measures must be taken.
The Compliance Department also issues policies and procedures requiring detailed information from customers and continuous updates of customer information at TNB branches on an ongoing basis. These updates and information are required to protect the bank’s interests, shareholders, and customers particularly from any legal repercussions that may result in the classification of customers or the bank on lists of non-compliant entities.
TNB, from its Board to its specialized departments, strives to implement rules and practices in line with instructions in the PMA’s Guide for Rules and Best Practices for Corporate Governance for Banks in Palestine.
The Compliance Department is also responsible for receiving customers’ complaints and suggestions in order to achieve the highest level of customer satisfaction with the provided banking services. The Compliance Department receives complaints and works on resolving any issues in line with the regulations and interests of the customer.
Foreign Account Tax Compliance Act (FATCA)
TNB is committed to the gradual implementation of FATCA within a specified timeframe. FATCA is a US law aimed at preventing tax evasion by US taxpayers through non-US financial institutions and foreign investment instruments.
As for FATCA, TNB is officially registered to comply with the US Tax Compliance Law. The bank prepared a brief and a workplan to amend all of its systems to be compliant with the law. The forms for opening accounts and updating customer data were amended to be in line with the law that requires all new and current customers of the bank to fill the approved “citizenship forms”, signing them and presenting them with the remaining documents required to open an account.
Anti-Money Laundering and Combating Terrorism Financing (AML/CFT)
The National Bank is committed to working within the legal frameworks related to AML/CFT efforts based on Palestinian Law No 20 updated in 2015. The bank also implements AML/CFT instructions and regulations issued by the Financial Follow-up Unit (FFU), the PMA and the FATF according to banking best practices. The bank approved a policy dedicated to combatting this crime and preventing any possible transaction through the bank. This policy is continuously reviewed
and updated in cooperation with the skilled experts in the field. A contract was signed with PWC to update the latest policy, particularly in light of the increasing risks of money laundering transactions and the diverse ML methods used given the latest technological advancements in the financial and banking sectors, and to maintain the reputation of the bank in the local and international banking community. The AML/CFT Unit carries out its work independently in accordance with the PMA instructions. The PMA is responsible for preparing periodic reports on measures taken by the bank to prevent this phenomenon. The AML/CFT Unit at the bank also follows up on financial and banking transactions to verify the compliance of branches with its considerations, by reviewing procedures carried out by each branch to verify its compliance with the relevant AML instructions. Furthermore, any suspected transaction shall be reported to the competent authority according to the Palestinian law, which is the FFU.
The bank also examines the AML/CFT monitoring environment by using best methods and practices to maintain a low-risk investment environment.
Know Your Customer (KYC)
As part of the efforts to complement the AML policy, in accordance with the instructions of the PMA and the provisions of the AML/CFT Decree Law No 20 of 2015, and to ensure the full implementation of local and international best practices in this regard, the Compliance Department and AML/CFT Unit at the bank monitor compliance with the procedures related to customer information before and after opening an account, the method for documenting these accounts, the purpose of opening such accounts, and classifying them based on the estimated level of risk. This would allow to draw a clear picture on the nature of customer activities, and would reinforce the effectiveness of control procedures, in addition to enhancing the ability to make the right decision on the way to deal with customers in different sectors.
Customer data is continuously updated, and the accuracy and effectiveness of this process is monitored to ensure the presence of customers and enhance ways of communicating with them.
Banking Secrecy Provisions
TNB remains committed to the provisions of banking secrecy through the approved policies that have been circulated to all employees, regardless of their position. It is prohibited to share any data, information or statements about customer accounts and personal data available in bank records, whether directly or indirectly, unless there is a prior written approval from the account holder or by virtue of a decision from a competent judicial authority according to Palestinian law, or regulatory authorities accredited by the PMA. No confidential information received during the performance of the employee’s roles and responsibilities can be used to achieve any personal gains or in any way that violates the law or adversely affects the interest of the institution.
The bank recognizes the importance of an effective Internal Audit Department to reinforce internal control systems and support comprehensive banking controls.
The department will play a role in achieving the bank’s objectives through a structured systematic approach to evaluate and improve the effectiveness of risk management, monitoring, and reinforcing governance. The Internal Audit Department has a sufficient number of qualified trained personnel that are adequately remunerated. It is authorized to access any information or contact any employee. It has all the necessary authorizations to perform its duties as required. The functions and duties of the Department are as follows:
- Develop an annual risk-based audit plan and present it to senior management and the Audit Committee for review and approval. Report to the senior management and the Audit Committee on restrictions that limit the resources available for the internal audit plan.
- Ensure that each audit task in the internal plan is implemented including identifying the objectives and scope, allocating and overseeing sufficient resources, documenting work programs and test results, and reporting results with conclusions and recommendations which can be implemented by the relevant parties.
- Submit a detailed report and summary of the results of all audit visits, recommendations, and follow-up procedures to the Audit Committee. Follow-up on the audit results and any measure that needs to be taken and inform the senior management and the Audit Committee on a periodic basis of any measures which have not been effectively implemented.
- Maintain a professional team of auditors with the knowledge, skills, experience, and professional degrees to carry out an internal audit. Develop an integrated training plan for the internal audit staff, to encourage them to stay abreast of the profession’s developments, ensure their commitment to the principles of honesty and objectivity and maintain confidentiality and efficiency.
- Take measures to ensure that the Internal Audit Department’s work is implemented in accordance with the international framework of professional auditing practices, the requirements of control authorities and the business’ policies and procedures.
- Grant auditors complete, direct and unhindered access to all functions, and allow them to examine all records, access all material assets, and contact staff in order to carry out any auditing task. The auditor will be held accountable for protecting the confidentiality of records and information.
- The Internal Audit Executive Manager shall ensure the organizational independence of the Audit Committee’s internal audit activity at least once a year. They shall disclose any interference in the definition of the auditing scope and its completion and report its results. Any repercussions attributed to this interference shall be reported.
- Maintain a quality assurance and improvement program that covers all internal auditing aspects. The program includes an assessment of the extent to which the internal audit is in line with standards, an assessment of its efficiency and effectiveness, and an identification of opportunities for improvement.
The bank is responsible for the regular rotation of the external auditor, while ensuring during the selection process that the external auditor is (1) accredited by the Palestinian Monetary Authority with the necessary professional license from relevant official and professional entities, (2) does not have any suspected conflict of interest, (3) has not received any direct or indirect credit facilities from the bank in their personal capacity or on behalf of their spouse or children, or on behalf of any entity that they are partners in, separately or collectively, by a percentage equal to 5% or more of its shares, or are members of its board of directors. The external auditor must have no direct or indirect benefit related to the bank, or with companies affiliated with the bank. They must not be a manager or employee of the bank or any of the companies affiliated with the bank. They must carry out their duties in compliance with international auditing standards and instructions from the PMA, as follows:
- Performing their duties according to the terms and conditions that regulate the auditing profession and complying with international auditing standards and the Code of Professional Conduct in Auditing.
- Auditing the financial statements and accounting records of the bank in line with IFRS and IAS standards.
- Complying with the minimal disclosure requirements for the financial statements as issued by the PMA.
- Respecting full confidentiality under professional rules of conduct, and not disclosing any information they acquired by virtue of their work, even upon completion of their task at the bank.
- Providing the Audit Committee with a copy of their financial and administrative reports and holding a meeting with the Audit Committee at least once a year.
- Submitting an annual report to the bank’s general assembly, stating that the reviewing and auditing activities of the bank and its accounts were conducted in compliance with the IAS, and expressing their opinion regarding the fairness of the financial statements for the period audited, and that they were prepared in accordance with the IFRS and IAS standards.
- Attending the general assembly meetings and answering any questions from the shareholders.
- Presenting a report to the PMA and a copy to the Board within two months from the end of the fiscal year. The report shall include the following:
- Any violations of the provisions of the Law on banks, the PMA Law and any other applicable legislations committed by the bank during the fiscal year under audit.
- The opinion of the external auditor on the adequacy of the bank’s internal control systems.
- The opinion of the external auditor on the adequacy of the provisions to mitigate potential risks affiliated with the bank’s assets and liabilities.
- Verifying the accuracy of the data received during the audit.
Risk Policy and Methodology
The National Bank manages risks on a permanent and continuous basis by identifying and measuring all types of risks that the bank faces. The bank’s risk management methodology is based on a holistic approach of practices and norms. The Risk Department is separate from business and operational processes departments. Business centers are the first line of defense, and there is an independent department, the Risk Department, that manages, measures and monitors risks related to the bank’s various activities on an ongoing basis. The Risk Department is affiliated to the Board of Directors’ Risk Committee. It acts as a second line of defense, and the risks are monitored and controlled through specific thresholds and ratios approved either by the Board of Directors or the PMA.
The effectiveness of internal controls and safety and security measures that minimize the impact on the Bank’s activities are ensured as a third line of defense.
Additionally, the management and the Risk Department analyze the bank’s financial statements through the Assets and Liabilities Committee. They assess various risks and take the necessary decisions to manage them in line with the management’s expectations of adequate profits while maintaining reasonable and controlled levels of risk.
TNB is considered a bank of systemic importance locally. This classification is based on special indicators and determinants, including the size of the bank, the volume of its business and other indicators. This classification gives TNB a special importance locally to the banking sector and the local economy of Palestine. It also means any crisis it may be exposed to may have an impact on the economy. For this reason, the Bank developed and adopted additional control measures to monitor and predict risks. It adopted an early warning document to periodically and continuously monitor indicators related to the business and activity risks to which the bank may be exposed. In the event of any crisis, the necessary plans were put in place to address and manage risks. TNB has a crisis management policy, and has developed recovery plans and necessary solutions to ensure a return to normal as soon as possible and with minimal losses.
PMA instructions are implemented to ensure the bank’s ability to handle risks by carrying out stress testing to measure risks. Scenarios and hypotheses of varying severity are developed and the bank measures the reaction to them as well as their impact on the adequacy and continuity of its capital.
TNB follows a preventive risk management methodology based on reducing risks before they occur, i.e., a preventive action approach instead of a corrective action. The implementation of the new accounting standard (IFRS9) is an important principle that will enhance this methodology, especially since it is based on measuring and hedging risks from the outset.
To ensure the proper implementation of this methodology, internal controls are monitored and reviewed, and periodic reports are submitted by the Risk Department to the senior executive management and the Board’s Risk Committee. The reports address all types of risks facing the bank and give an overview of the situation.
Risks to which the bank is exposed are as follows:
Operational risks are the risks of loss attributed to the failure or inadequacy of internal procedures, the human element, systems, and external events. This definition includes legal risks, reputational risks and organizational risks as adopted by the National Bank.
The identification, evaluation and management of operational risks are one of the main factors of success and prosperity and help the bank to achieve its desired goals. Operational risks arising from internal or external events may have a material impact on the bank’s business and may lead to losses or failure to achieve strategic objectives. They may negatively affect the bank’s reputation.
For this reason, the National Bank seeks to provide comprehensive approaches, policies and procedures and equip itself with the tools necessary to manage operational risks, strategic risks, reputational risks, outsourcing risks and fraud risks in line with best practices.
Market risks are current or future risks that could affect the bank's revenues and capital due to fluctuations in interest rates, exchange rates, stock prices and commodity prices.
The bank manages its market risks by adhering to the general framework set by PMA instructions. It adopts and implements various policies to regulate investments and manage assets and liabilities. The bank also has a set of procedures for these matters.
Interest Rate Risks
Interest rate risks are risks attributed to fluctuations in interest rates, which may have a negative impact on the bank's revenues and capital.
Interest rate changes can affect many investments, but they directly affect the value of bonds and other fixe income securities. Therefore, bonds and their interest rates are carefully monitored so that the appropriate investment decision is taken. In addition, there are multiple aspects of interest rate risks, mainly the difference in maturity dates against the fixed interest rate between the bank's assets, liabilities and off-balance sheet financial positions. Fluctuations in the interest rate are natural and can have a clear impact on the bank's revenues, both positively and negatively.
To ward off any risks that may arise as a result of fluctuations in interest rates, the National Bank monitors these fluctuations periodically through the Assets and Liabilities Committee and takes the necessary decisions to prevent them.
Exchange Rate Risks
They represent the losses that the bank can incur as a result of an adverse change in currency rates after maintaining long or short open positions. They can be defined as the risks that the bank faces while revaluing currencies based on floating exchange rates. This can affect the value of assets and liabilities and the bank's financial position, which may lead to significant losses.
The National Bank follows various strategies to hedge these risks, as foreign exchange positions are monitored on a daily basis to ensure they are maintained within the limits approved by the Board of Directors and compatible with PMA instructions. Any change in exchange rates for financial centers is studied and appropriate action is taken to address any potential risks.
Liquidity risks are the risks that may lead to losses as a result of the bank's inability to meet its obligations on due dates. This is attributed to the bank's inability to provide the necessary financing or insufficient liquid assets to meet these obligations.
Liquidity crises are usually associated with the scarcity or absence of funding sources in the market as a result of a defect in the banking system, a decrease in the volume of liquidity between banks, or the occurrence of large withdrawals from the bank or the banking sector in general. Liquidity risks may also appear when cash inflows in the bank are lower than the corresponding cash outflows.
The National Bank effectively manages the liquidity gap between its assets and liabilities for the short and long term according to the principles set out in its approved policies and procedures. Management determines the appropriate mechanisms for liquidity management and the provision of appropriate liquidity sources in each period based on the circumstances at the time.
Credit risk arises from a possible inability and/or unwillingness of the borrower or the third party to fulfil its obligations to the Bank in the specified times, which leads to losses.
In this context, TNB is strengthening its institutional frameworks for credit management through organizational structures that separate credit granting from follow-up and by setting ceilings and powers for the terms and amounts of direct credit facilities (retail/ corporate). It also set out general ceilings on credit rates approved by the Board of Directors or specified in the instructions of the supervisory authority. These ceilings reduce and limit credit risks. The bank also monitors
credit risks and works continuously to assess the credit status of customers and ensure it obtains appropriate guarantees from them. The bank follows the following principles to reduce credit risks:
- Determining accepted risk levels and risk limits for the credit portfolio.
- Follow-up on the status of credit concentrations with the bank to verify there is no abuse.
- Studying the risks of any proposed new product and submitting recommendations.
Technology and Information Security Risks:
According to best practice, IT security risks are defined as risks attributed to the exploitation by a (internal or external) factor, cause or threat of weaknesses and gaps in the existing IT security environment, to negatively affect the confidentiality, integrity and availability of information and supporting technological assets, (such as information systems, databases, network systems... etc) and inflicting losses that may affect the bank's business and commercial objectives.
The National Bank manaes IT security risks through a set of vital and important operations that aim to identify the true level of business risks and challenges TNB faces while using technology to achieve its objectives and carry out its commercial operations and activities. This is to ensure that decision-making processes are based on an awareness of the real levels of risks facing the bank, and to enhance the ability of the decisionmaker to take rational and relevant decisions in a timely manner. This is also to ensure a clear vision and constructive future plans that define the courses and strategies to be followed in order to respond to the existing technological risks and mitigate their effects.