CORPORATE GOVERNANCE FRAMEWORK - AFFINBANK

CORPORATE GOVERNANCE FRAMEWORK

Version 2.0

This Framework is applicable to Affin Bank Berhad and Affin Islamic Bank Berhad

COPYRIGHT NOTICE

Copyright ©

All rights reserved. These materials are confidential, and property of Affin Bank Berhad and Affin Islamic Bank Berhad and no part of these materials should be reproduced or published in any form, by any means, electronic or mechanical including photocopy or any information storage or retrieval system, nor should the materials be disclosed to third parties without the express written authorization of Affin Bank Berhad and Affin Islamic Bank Berhad.

For Internal Use Corporate Governance Framework (Combined comments from Boardroom & CLO)

Title

Corporate Governance Framework

Version No.

2.0

Applicability

Affin Bank Berhad (ABB) and Affin Islamic Bank Berhad (AiBB)

Note: The above entities are collectively known as “Affin Bank Group” or “the Bank” in this Framework.

Effective Date 1 July 2017

Owner(s)

Joint ownership by: 1. Group Internal Audit 2. Group Risk Management 3. Finance 4. Human Resource 5. Legal and Secretarial 6. Compliance 7. Shariah Supervisory, Affin Islamic Bank Berhad

Administrator Legal and Secretarial

Scope

This Corporate Governance Framework (“CG Framework” or “the Framework”) is applicable across all levels and all Business/Support Units in the Bank.

Approving Authority and Date

Board of Directors

Next Scheduled Review

Yearly or as and when required.

Regulatory Requirements/ Practices

1. Bank Negara Malaysia Policy Document on Corporate Governance - BNM/RH/PD 029-9, issued on 3 August 2016

2. Securities Commission of Malaysia: Malaysian Code of Corporate Governance issued on 26 April 2017

3. Bank Negara Malaysia Shariah Governance Framework - BNM/RH/GL001-1 updated on 26 October 2010.

Contact Information

(for further queries about the document)

Legal and Secretarial


DOCUMENT SIGN-OFF SHEET

REVIEWED BY: SIGNATURE REMARKS

Group Chief Internal Auditor

Group Chief Risk Officer

Chief Financial Officer

Chief Human Resource Officer

Chief Legal Officer and Company Secretary

Group Chief Compliance Officer

Head, Shariah Supervisory, Affin Islamic Bank Berhad


AMENDMENT RECORD/LOG

No. Document

No /Version Pages

Amended Remarks

For Internal Use

Corporate Governance Framework (as at 1 Nov 2018)

TABLE OF CONTENTS

1.0 OVERVIEW ……………………………………………………………………………… 1

1.1 Introduction ……………………………………………………………….…….. 1

1.2 Objectives…………………………………………………………………......... 1

1.3 Scope……………………………………………………………………………. 1

2.0 GOVERNANCE STRUCTURE ………………………………………..………………… 2

2.1 Responsibilities of Affin Bank Berhad as Apex entity…………………….. 3

2.2 Responsibilities of Affin Islamic Bank Berhad as a subsidiary……………. 4

3.0 BOARD STEWARDSHIP, GOVERNANCE AND OVERSIGHT FUNCTIONS…….. 5

3.1 Key Roles and Responsibilities………..…………………………………….. 6

3.2 Oversight Functions……………………………………………………………. 7

3.2.1 Overview…………………………………………………………………………. 7

3.2.2 Board Oversight of Strategies………………………………………………… 7

3.2.3 Board Oversight on Compliance and Risk…………………………………… 8

3.2.4 Board Oversight on Shariah Compliance and Risk………………………… 9

3.3 Board Criteria…………………………………………………………………… 9

3.3.1 Fit & Proper Criteria……………………………………………………………. 9

3.3.2 Board Membership Criteria……………………………………………………. 10

3.4 Independent Directors…………………………………………………………. 11

3.5 Board Size, Composition, Diversity and Tenure……………………………. 12

3.6 Board Meetings, Board Papers and Supply of Information to Board…….. 13

3.7 Access to Third Party Experts………………………………………………… 14

3.8 Appointments and Removals…………………………………………………. 14

3.8.1 New Appointment of Directors………………………………………….…….. 14

3.8.2 Re-Appointment of Directors………………………………………………….. 15

3.8.3 Removal of Directors…………………………………………………………… 15

3.9 Continuing Education and Development…………………………………….. 15

3.10 Board Remuneration……………………………………………………………. 16

3.11 Board Evaluation……………………………………………………………….. 17

3.12 GCEO/CEO‟s Evaluation……………………………………………………… 20

3.12.1 Purpose…………………………………………………………………………. 20

3.12.2 Principles………………………………………………………………………… 21

3.12.3 Procedures……………………………………………………………………… 21

3.12.4 Evaluation Tools…………………………………..…………………………… 22

3.13 Company Secretary …………………………………………………………… 22

For Internal Use


4.0 BOARD AND MANAGEMENT COMMITTEES………………………………………… 24

4.1 Group Board Audit Committee (“GBAC”)………………………………………. 26

4.2 Group Board Risk Management and Compliance Committee (“GBRCMC”). 27

4.3 Group Board Credit Review and Recovery Committee (“GBCRRC”)……… 28

4.4 Board Nomination and Remuneration Committee (“BNRC”)……………….. 28

4.5 Shariah Committee (“SC”)………………………………………………………. 31

4.6 Board Oversight Transformation Committee (“BOTC”)……………………… 31

4.7 Management Committee (“MCM”)………………………………………….…. 31

4.8 Group Management Credit Committee (“GMCC”)……………………………. 32

4.9 Credit Resolution Committee (“CRC”)…………………………………………. 32

4.10 Group Operational Risk Management Committee (“GORMC”)…………….. 33

4.11 Group Asset Liability Management Committee (“GALCO”)……………….… 33

4.12 Planning and Technology Steering Committee (“PTSC”)…………………… 33

4.13 Group Early Alert Committee (“GEAC”)………………………………….……. 34

4.14 Liquidity Management Committee (“LMC”)……………………………….…… 34

4.15 Tender Committee (“TC”)………………………………………………….……. 34

4.16 Pricing Committee (“PC”)…………………………………………………….…. 35

4.17 Disciplinary Committee (“DC”)…………………………………….……………. 35

4.18 Affinity Project Steering Committee (“Affinity PSC”)…………………………. 35

4.19 TRX Project Steering Committee (“TSC”)…………………………………….. 35

4.20 Group CEO Committee (“GCEO”)……………………………………………… 36

4.21 Delegated Approving Authorities ………………………………………………. 38

5.0 INTERNAL CONTROLS …………………………………………………………………. 40

5.0 Internal Controls …………………………………………………………. 41

5.1 Organisational Structure ………………………………………………… 41

5.2 Policies/Procedures including Empowerment & Approving Authority Policies. ………………………………………………………………………………

41

5.3 Escalation Process……………………………………………………….. 41

5.4 Financial Performance Review, Business and Capital Plan including Budget……………………………………………………………………...

42

5.5 Risk…………………………………………………………………………. 42

5.6 Compliance………………………………………………………………... 43

5.7 Human Resource (“HR”)…………………………………………………. 44

5.8 Group Internal Audit………………………………………………………. 44

5.9 Shariah Compliance and Research Functions…………………………. 44

For Internal Use


6.0 SENIOR MANAGEMENT………………………………………………………………... 46

6.1 Senior Management Category………………………………………………….. 47

6.2 Other Material Risk Takers (“OMRT”)………………………………………….. 47

6.3 Responsibilities of Senior Management………………………………………. 48

6.4 Senior Management Appointments and Removals…………………………… 49

6.5 Fit and Proper ……………………………………………………………………. 51

6.6 Succession Plan………………………………………………………………….. 52

7.0 REMUNERATION…………………………………………………………………………… 53

7.1 Remuneration Policy and System………………………………………. 54

7.2 Consequence Management……………………………………………… 57

7.3 Key Performance Indicators Framework...……………………………... 57

8.0 CULTURE, ETHICS AND CONDUCT…………………………………………………. 58

8.1 Code of Ethics…………………………………………………………….. 59

8.2 Code of Conduct………………………………………………………….. 59

8.3 Other Policies …………………………………………………………….. 59

9.0 INDEPENDENCE ………………………………………………………………………… 61

9.1 Conflict of Interest………………………………………………………………... 62

9.2 Related Party Transactions Policy……………………………………………… 63

9.3 Credit Transactions with Connected Parties Policy…………………………... 63

10.0 TRANSPARENCY AND DISCLOSURES……………………………………………… 64

10.1 Corporate Governance Disclosures………………….…………………. 65

10.2 Sustainability Governance……………………………………………….. 65

10.3 Whistle Blowing…………………………………………………………… 65

11.0 ADMINISTRATION OF THIS FRAMEWORK…………………………………………. 68

For Internal Use


1.0 OVERVIEW

1.1 Introduction (a) This document sets out the corporate governance standards and practices adopted by the Bank to ensure that the Bank‟s businesses are managed in a sound and prudent manner with due regard to the interests of all its key stakeholders, depositors and participants (as defined in the FSA/IFSA 2013) as well as ensuring the long term viability of the Bank.

(b) The Bank‟s corporate governance arrangements represent a fundamental component of the Regulator‟s supervisory assessments and a key factor in determining the process and structure used to direct and manage the business and affairs of the Bank towards enhancing its business and corporate accountability with the ultimate objective of realising long-term shareholders‟ value, whilst taking into account the interests of other stakeholders, depositors and participants (as defined in the FSA/IFSA 2013).

1.2 Objective To set out broad principles, minimum standards and requirements for sound corporate governance.

1.3 Scope This Corporate Governance Framework (“CG Framework” or “the Framework”) is applicable across all levels and all Business/Support Units in the Bank.

Page 1 of 68

For Internal Use


SECTION 2.0

GOVERNANCE STRUCTURE

Page 2 of 68

For Internal Use


2.0 GOVERNANCE STRUCTURE

Affin Bank Berhad (as an Apex entity) and Affin Islamic Bank Berhad had in year 2006 (superseded in 2018) entered into a Shared Service Agreement where Affin Bank has the right to charge Management Fee(s) should there be any sharing of service between Affin Bank and Affin Islamic Bank. In view of the sharing of service, some of the Board and Management committees meeting(s) are set-up on joint basis. For instance, Group Board Credit Review and Recovery Committee review/deliberate and decide on loans/financing proposals/application for both Affin Bank and Affin Islamic Bank as those matters may correlates with both entities. Representatives from both entities are members/in attendance for those meeting that are being established jointly.

2.1 Responsibilities of Affin Bank Berhad as apex entity

2.1.1 Affin Bank Berhad as the apex entity of the Affin Group of companies has to ensure that it discharges its responsibilities pursuant to part E of the Corporate Governance Policy Document by Bank Negara Malaysia (CG).

2.1.2 Among the standards and guidelines provided under the CG are as

follows:-

(i) a financial institution is responsible for exercising adequate oversight over its subsidiaries while respecting the independent legal and governance responsibilities that apply to them.

(ii) an apex entity has overall responsibility for ensuring the establishment and operation of a clear governance structure appropriate to the nature, size and complexity of the group and its entities. In promoting the adoption of the sound corporate governance principles set out in this policy document throughout the group, the board and senior management of an apex entity must:-

ensure that the group governance framework clearly defines

roles and responsibilities for the oversight and implementation of group-wide policies;

ensure that the differences in the operating environment, including the legal and regulatory regime for each jurisdiction in which the group has a presence, are properly understood and reflected in the group governance framework;

have in place reporting arrangements that promote the understanding and management of material risks and developments that may affect the apex entity and its subsidiaries;

assess whether the internal control framework of the group adequately addresses risks across the group, including those arising from intra-group transactions; and

ensure that there are adequate resources to effectively monitor compliance of the apex entity and its subsidiaries with all applicable legal and regulatory requirements.

Page 3 of 68

For Internal Use


(iii) Group structures can substantially increase the complexity of the

organisation of a financial group. Complex structures involving a large number of legal entities can exacerbate group-wide risks, including risks arising from operational interdependencies, intra-group exposures, trapped collateral, counterparty concentrations and reputational associations.

(iv) An apex entity must ensure that the group structure does not

undermine its ability to exercise effective oversight. The board and senior management must know and understand the group structure, including its changes over time, and assess the implications for the capacity to identify and manage all material risks across the group. This must be supported by a sound understanding of risks associated with the group structure and an evaluation of whether group controls and policies are adequate to address those risks.

(v) An apex entity must establish a clearly defined process for

approving the creation of new legal entities and other structures. This should serve to ensure that the proposed structure fulfils a legitimate business purpose and its associated risks are understood and managed.

2.1.3 Affin Bank Berhad as the Apex entity is responsible to exercise

adequate oversight of the Affin Bank Group such that material risk from activities undertaken by affiliates are effectively managed and controlled on a group-wide basis and do not undermine the safety and soundness of the Bank. The expanded function of the Board and Senior Management at the Apex entity includes business strategies, risk appetite, operational conditions and financial soundness of the subsidiary and associate companies.

2.2 Responsibilities of Affin Islamic Bank Berhad as a subsidiary

2.2.1 Affin Islamic Bank Berhad, being a subsidiary of Affin Bank Berhad must

discharge its own legal and governance responsibilities as a separate entity.

The board and senior management of Affin Islamic Bank Berhad must validate that the objectives, strategies, plans, governance framework and other policies set at the group level are fully consistent with the regulatory obligations and the prudential management of the financial institution and ensure that entity-specific risks are adequately addressed in the implementation of group-wide policies.

Page 4 of 68

For Internal Use


SECTION 3.0

BOARD STEWARDSHIP, GOVERNANCE AND OVERSIGHT FUNCTIONS

Page 5 of 68

For Internal Use


3.0 BOARD STEWARDSHIP, GOVERNANCE AND OVERSIGHT FUNCTIONS

3.1 Key Roles and Responsibilities

The key responsibilities of the Board are as follows:

(i) Approving the Bank‟s risk appetite, annual business plan and other initiatives which would have material impact on the Bank‟s risk profile. (ii) Overseeing the selection, performance, remuneration and succession plans of the CEO, control function heads and other members of the Senior Management, such that the Board is satisfied with the collective competence of Senior Management to effectively lead the operations of the Bank. (iii) Overseeing the implementation of the Bank‟s governance framework and internal control framework, and periodically ascertaining whether they remain appropriate in light of material changes to the size, nature and complexity of the Bank‟s operations. (iv) Ensuring regulatory compliance within the Bank. (v) Promoting, together with Senior Management, a sound corporate culture within the Bank which reinforces ethical, prudent and professional behaviour. (vi) Promoting sustainability through appropriate environmental, social and governance considerations in the Bank‟s business strategies. (vii) Overseeing and approving the recovery and resolution as well as business continuity plans of the Bank to restore its financial strength and maintain or preserve critical operations and critical services when it comes under stress. (viii) Promoting timely and effective communication between the Bank and BNM on matters affecting, or that may affect, the safety and soundness of the Bank. (ix) Undertaking various functions and responsibilities as specified in the policy documents and directives issued by BNM and other relevant laws from time to time. (x) Ensuring the establishment and implementation of group-wide policies and procedures to ensure Group‟s compliance with the regulatory requirements.

The Board, in carrying out its functions or duties shall have regard to the interests of depositors or policy owners of the Bank and Participants as defined in the Financial Services Act 2013.

Without limiting the generality of Section 56 (1) of FSA/Section 65 (1) of IFSA, the Board of Directors of the Bank shall:

(a) Set and oversee the implementation of business and risk objective and

strategies and in doing so shall have regard to the long term viability of the Bank and reasonable standards of fair dealing;

(b) Ensure and oversee the effective design and implementation of sound internal controls, compliance and risk management systems commensurate with the nature, scale and complexity of the business and structure of the Bank;

Page 6 of 68

For Internal Use


(c) Oversee the performance of the senior management in managing the

business and affairs of the Bank;

(d) Ensure that there is a reliable and transparent financial reporting process within the Bank;and

(e) Have due regard to any decision of the Shariah Committee on any Shariah issue relating to the carrying on of business affairs or activities of the Bank.

The Board reserves for its consideration significant matters such as the following:-

(i) Approval of financial results. (ii) Declaration of dividends. (iii) Risk appetite setting. (iv) Annual budget and business plan. (v) Appointment of key responsible persons. (vi) Mergers and Acquisitions. (vii) Policy Manual. (viii) Connected Parties Transactions. (ix) Strategic Directions.

3.2 Oversight Functions

3.2.1 Overview

The Board recognises and exercises overall responsibilities in promoting good corporate governance and ensuring sound framework of internal controls, risk management and compliance practices are maintained throughout the Bank. The Board ensures that the system of internal control is sound and sufficient to safeguard shareholders' investment, customers' interest and the Bank's assets. Notwithstanding this, there are ongoing reviews to ensure the effectiveness, adequacy and integrity of the systems.

The Board meets regularly to discuss matters related to the system of internal control which covers, inter alia, financial, liquidity, capital, operational, compliance, and risk management procedures (including Shariah risk).

3.2.2 Board Oversight of Strategies

The Board, together with the delegated authority to act on its behalf, ensure that the decisions of the Board on strategic matters, business plans, budgets, capital management plan, daily business and operational issues are carried out, implemented and/or monitored efficiently and effectively by the Management and that the requirements of good corporate governance practices are observed.

Page 7 of 68

For Internal Use


The Board reviews and provides input and guidance in the implementation and monitoring of business strategies, business plans, budgets, Shariah matters as well as ensuring that the Bank remains adequately capitalized to meet both regulatory and business requirements. The Board also monitors and evaluates economic and business conditions and developments in the financial markets on an on-going basis and discusses with the Management to ensure that any potential material impact is identified and managed accordingly on a timely basis.

The Board has responsibility for approving strategies and policies; understanding the risks run by the Bank, setting acceptable levels for these risks and ensuring that senior management takes the necessary steps to identify, monitor and control these risks; approving the organisational structure; and ensuring that senior management is monitoring the effectiveness of the internal control system.

Senior Management have responsibility for implementing strategies approved by the Board; setting appropriate internal control policies; and monitoring the effectiveness of the internal control system.

The Board and senior management are responsible for promoting high ethical and integrity standards, and for establishing a culture within the organisation that emphasises and demonstrates to all levels of personnel the importance of internal controls. All levels of personnel at a banking organisation need to understand their roles in the internal controls process and be fully engaged in the process.

3.2.3 Board Oversight on Compliance and Risk

The Board takes cognizance that independent compliance and risk management functions are key components to the Bank‟s governance, and these functions oversee the compliance and risk management governance framework, risk appetite, policies and processes adopted. This will involve the following:

(i) Ensure that the Bank‟s operations are conducted prudently in

accordance to the relevant laws and policies.

(ii) Ensure that the Bank establishes comprehensive risk management and compliance policies, processes and infrastructure to manage risks and compliance issues.

(iii) Approve the establishment of risk management and compliance

functions (including the appointment of Chief Compliance Officer and Chief Risk Officer) and engage with them on a regular basis.

(iv) Review the Bank‟s risk appetite, effectiveness of risk mitigation

strategies post implementation and evaluate the effectiveness of the Bank‟s management of compliance risks.

Page 8 of 68

For Internal Use


(v) Ensure that adequate internal controls and strong risk

management systems within the Bank are supplemented by an effective g roup internal audit function that provides an independent evaluation on the adequacy of, and compliance with the Bank‟s established policies and procedures.

(vi) Establish dedicated Board Committees to oversee critical or

major functional areas, which require detailed review or in-depth consideration for compliance and risk management.

3.2.4 Board Oversight on Shariah Compliance and Risk (only applicable to

Affin Islamic Bank)

The Board is responsible to promote Shariah compliance in accordance with expectations set out in the policy document on Shariah Governance Framework for Islamic Financial Institutions and ensure its integration with the Bank‟s business and risk strategies.

In this respect, the Board must clearly define its relationship with the Bank‟s Shariah Committee. While the Shariah Committee has distinct responsibilities in relation to Shariah matters, the Board remains responsible for the direction and control of the Bank‟s business and risk strategies

3.3 Board Criteria

3.3.1 Fit & Proper Criteria

Directors and CEO have to be persons of high caliber as they are entrusted by the shareholders and other stakeholders for managing the affairs and ensuring the sound operations of the Bank. They must possess the minimum qualifications, experience and qualities, which will enable them to effectively perform their duties.

The Board is responsible for developing formal policies defining „fit and proper‟ standards for directors and senior management of the Bank and monitoring compliance with these standards on continuing basis. These standards should address, at a minimum, the „fit and proper‟ criteria as set out in the Guidelines. In determining if an individual is „fit and proper‟ to hold the position of director or CEO, the following shall be taken into consideration:

(a) his probity, diligence, competence, capability and soundness of

judgement; (b) his reputation, character, integrity (including financial integrity) and

honesty; (c) his history of offence(s) involving fraud/dishonesty/violence; (d) whether he has been engaged in deceitful/oppressive/improper

business practices or any practices which would discredit him; (e) whether he has been engaged/associated/had conducted himself

in a manner which may cast doubt on his fitness, competence and soundness of judgement;

Page 9 of 68

For Internal Use


(f) whether he has contravened any provision made by or under any

written law appearing to BNM to be designed for protecting members of the public against financial loss due to dishonesty, incompetence or malpractice; and

(g) whether he has been declared a bankrupt.

3.3.2 Board Membership Criteria

(i) The Directors are required to have mix of skills and experience to discharge their duties. Selection of Directors from diverse backgrounds, with knowledge and experience in relevant disciplines such as finance, legal, accounting, marketing, information technology, business administration and investment management.

(ii) All Directors should also have some form of educational qualification and/or working experience at managerial level in financial-related disciplines, in addition to the qualifications and experiences in their respective disciplines.

(iii) All Directors should not have competing time commitments that would impair their respective abilities to discharge their duties effectively. Each Director should ensure that he does not hold more than 5 directorships in listed issuers, bearing in mind the responsibilities placed on him and the nature, scale and complexity of the Bank's operations.

(iv) The minimum criteria required from a Director are as follows:-

(a) not disqualified under Section 59 of the FSA/ Section 68 of the IFSA;

(b) willingness to make commitment of time;

(c) recognised achievement in his respective field; (d) strong character and an independent of mind;

(e) reputation for integrity and the highest personal and professional ethics;

(f) ability to contribute to some aspect of banking; and (g) is not an active politician.

(v) Where a firm has been appointed as the external auditor of the

Bank, any of the officers directly involved in the engagement and any partner of that firm, may not be appointed as a director of the Bank until at least two years after: (a) he ceases to be an officer or partner of that firm; or

(b) the firm last served as an auditor of the Bank.

(vi) The table below illustrates the recommended personal qualities and competencies required from a Director:-

Page 10 of 68

For Internal Use


Personal qualities Competencies

Leadership - Directors who understand and have the ability to inspire high performing talent.

Industry knowledge - Directors with appropriate and relevant industry-specific knowledge and experience.

Strategic - Directors who provide strategic insight and direction by promoting innovation, conceptualising key trends, evaluating strategic decisions and continually challenging the organisation to sharpen its vision.

Business Judgement - Directors who make well -reasoned decisions during crises.

Work Ethics - Directors who act independently and are pro-active in contributing to the Board.

Expertise - Directors with professional expertise and who keep abreast of the changes in the rapidly evolving business environments.

Professionalism - Directors with a professional approach to duties.

Special Skills - Directors who have expertise in financial accounting and corporate finance, risk management and internal control and strategic management.

(vii) A director is required to immediately disclose to the Board any circumstance that may affect his ability to meet the minimum requirements in sub-paragraphs (iii), (iv)(a), (iv)(g), and (v) above.

3.4 Independent Directors

3.4.1. The Board shall determine whether an individual to be appointed as an Independent Director is independent in character and judgement, and free from associations or circumstances that may impair the exercise of his independent judgement.

An individual must not be considered to be an Independent Director if he or any person linked to him:

(a) has been an executive in the last two years;

(b) is a substantial shareholder of the Bank or any of its affiliates; or

(c) has had a significant business or other contractual relationship with the Bank or any of its affiliates within the last two years.

Page 11 of 68

For Internal Use


3.4.2 For the purpose of paragraph 3.4.1 above, the Board has defined “significant business or other contractual relationship” to include:

(a) contracts with a value of more than RM500,000;

(b) transactions that fall within the ambit of a related party transaction in accordance with Chapter 10 of the Bursa Malaysia Main Market Listing Requirements.

3.4.3 An Independent Director shall immediately disclose to the Board any change his circumstances that may affect his status as an Independent Director. In such a case, the Board shall review his designation as an Independent Director and notify the BNM in writing of its decision to affirm or change his designation

3.5 Board Size, Composition, Diversity and Tenure

3.5.1 Pursuant to ABB‟s Constitution, until and otherwise determined by a general meeting, the number of Directors shall not be less than five (5) or more than twelve (12).

For AiBB, until and otherwise determined by a general meeting, the

number of Directors shall not be less than five (5) or more than twelve (12).

3.5.2 The size and composition of the Board are reviewed from time to time in

order to ensure that the Board comprises of strong and dynamic individuals with relevant skills and competencies necessary to drive the Bank towards achieving sustainability and viability. Further, the size and composition of the Board and Board Committees should promote effective deliberation, encourages the active participation of all Directors and allows the work of the various Board Committees to be discharged without giving rise to an over-extension of Directors that are required to serve on multiple Board Committees.

3.5.3 Diversity involves recognising and valuing the unique contribution people

can make because of their individual background and different skills, experiences and perspectives. Diversity may result from a range of factors including age, gender, ethnicity, cultural background or other personal factors.

3.5.4 To ensure the independence of the Board as well as to encourage

fresh views and ideas at the Board level, the maximum tenure of an Independent Director shall not exceed nine (9) years of service as Independent Director in the Affin Group.

The Independent Director shall, upon reaching the maximum tenure and

subject to the approval of BNM for his/her re-appointment as Director, remain as a Director but shall be re-designated as Non-Independent Non-Executive Director.

Page 12 of 68

For Internal Use


3.5.5 The written approval of the BNM must be obtained before:

(a) the Bank removes an Independent Director; and (b) an Independent Director resigns from his position.

3.6 Board Meetings, Board Papers and Supply of Information to Board

3.6.1 The Board has full and timely access to information on Board matters via materials distributed in advance of meetings to enable the Directors to obtain further explanation, where necessary, in order to be properly briefed prior to the meetings. All Board members are required to devote sufficient time to prepare for and attend Board meetings

3.6.2 Notice of meetings shall be circulated at least seven (7) days and the agenda for each meeting shall be circulated at least five (5) days before each meeting to the Directors and all those who are required to attend the meeting. Written materials including information requested by the Board from Management and/ or external consultants shall be received together with the agenda for the meetings.

The Chairman is at liberty to waive any short notice or late submission of documents/information by conduct i.e. proceeding with the deliberation of the matter notwithstanding the late submission or short notice.

3.6.3 The Board papers include the minutes of the previous Board meeting, minutes of the Board Committees and reports on related banking aspects such as financials, investment, operational Information Technology, Human Resource, Risk Management and Audit matters as well as regulatory compliance matters.

3.6.4 The minutes of Board meetings will include a record of the decisions of the Board, including key deliberations, rationale for each decision made and any significant concerns or dissenting views. The minutes will also indicate whether any director abstained from voting or excused himself from deliberating on a particular matter. 3.6.5 All Board members have unrestricted access to timely and accurate

information and access to the advice and services of the Company Secretary which is responsible for ensuring that the Board meetings‟ procedures are followed and that all applicable rules and regulations are

complied with. Procedures are in place for Directors to seek professional advice at the Bank‟s expense.

3.6.6 As per BNM Policy Document on Corporate Governance, financial

institution must ensure that attendance at a board meeting, by way other than physical presence, remains the exception rather than the norm, and is subject to appropriate safeguards to preserve the confidentiality of deliberations. Circular Resolution cannot be a perfect substitute for board meetings since it does not offer the opportunity for board members to actively debate the issues circulated and to raise immediate questions or resolutions, which may lead to inappropriate decisions being made.

Page 13 of 68

For Internal Use


3.7 Access to Third Party Experts 3.7.1 In discharging Directors‟ duties, each Director is entitled to obtain independent professional advice from third party experts at the cost of the Bank.

3.7.2 If a Director considers such advice is necessary, the Director should provide proper notice to the Company Secretary of the intention to seek independent advice and shall provide the name(s) of the professional advisors that he/she intends to contact, together with a brief summary of the subject matter for which professional advice is sought. The Company Secretary shall provide written acknowledgement of acceptance of notification.

3.7.3 The Director shall then discuss it with the Chairman /Independent Director and, having done so, the Director shall bring this matter up with the Board. The reason(s) for seeking independent professional advice and the proposed cost involved should be presented to the Board for approval. In the event that one or more Directors seek to appoint one or more advisors, the Chairman / Independent Director should take steps to facilitate discussions to arrive at a consensus. Once Board‟s approval is obtained, the Director shall provide written instructions to the Company Secretary or Management to appoint the independent advisor(s). Fees for the independent professional advice will be payable by the Bank but approval of the Board will be required.

3.7.4 The above restriction shall not apply to GCEO/CEO acting in furtherance of their executive responsibilities and within their delegated powers.

3.7.5 For the purposes of this section, independent professional advice shall include legal, accounting or other professional financial advice. Independent professional advice shall exclude any advice concerning the personal interests of the Directors (such as with respect to their contracts or disputes with the Bank), unless these are matters affecting the Board as a whole and have the unanimous agreement of the Board.

3.8 Appointments and Removals

3.8.1 New Appointment of Directors

All appointments of Directors are subject to the approval of BNM and the BNM approval will be for a specific term. The Board Nomination and Remuneration Committee (BNRC) is responsible for assessing the candidate(s)‟ qualifications and experiences and whether he/she fulfills the minimum requirements as set out in the BNM Policy Document on Corporate Governance, BNM Fit & Proper Criteria and any other relevant laws. The BNRC thereafter submits its recommendation to the Board for decision on submission of application to BNM for the proposed new appointment as Director.

Page 14 of 68

For Internal Use


The Bank shall not make an application to BNM to appoint a Director unless the Board is wholly satisfied, based on its objective assessment, that the candidate meets the minimum requirements set out herein, understands the expectation of the role and is able to meaningfully contribute to the Board.

In identifying candidates for appointment of Directors, the BNRC does not solely rely on recommendations from existing Board members, management or major shareholders. The BNRC have the right to utilize independent sources at the cost of the Company to identify suitably qualified candidates.

Besides the above, BNRC may also consider utilising the following sources:

Director‟s registry (e.g. Institute of Corporate Directors Malaysia and NAM Institute for the Empowerment of Women);

Industry and professional associations;

Open advertisements

Independent search firm

3.8.2 Re-Appointment of Directors

The proposed re-appointment of a Director, upon expiry of his/her current term of appointment as approved by BNM, is subject to the approval of BNM. The BNRC is responsible for assessing the performance of Directors whose current term of appointment as approved by BNM are due to expire, and submitting its recommendation to the Board for decision on the submission of application to BNM for the proposed re-appointment of the Directors concerned.

3.8.3 Removal of Directors The BNRC will conduct an annual review to assess the Fit & Proper Criteria, performance and effectiveness of each Director. Corrective measures will be taken by BNRC if the Director is no longer Fit & Proper or non-performing as and when BNRC becomes aware of such circumstances.

3.8.4 The Bank shall comply with the application procedures set out in Appendix 3 of the BNM CG in respect of the appointment of the CEO.

3.9 Continuing Education and Development

3.9.1 The BNRC oversees the training needs of the Directors. The BNRC shall ensure that the Directors spend sufficient time to update their knowledge and enhance their skills through appropriate continuing education programmes and life-long learning in order to keep the Directors abreast with the dynamic and complex business environment as well as new statutory and regulatory requirements.

Page 15 of 68

For Internal Use


3.9.2 All new Directors are required to attend the Directors Orientation Programme to familiarise themselves with the Group‟s organisation structure, business and the financial industry. A formalised orientation programme has been developed and the relevant Heads of Departments/Divisions will brief the new members of the Board on the functions and areas of responsibility of their respective department/divisions.

This serves to provide them with a platform in establishing effective channel of communication and interaction with Senior Management as well as to ensure that the Director understand:-

(i) their roles and responsibilities; (ii) the nature of the Group‟s business; (iii) overview of risks on the Group‟s business and the risk

management strategy; (iv) legal requirements and compliance controls.

3.9.3 All Directors appointed to the Board are required to complete the Financial Institutions Directors‟ Education programme (FIDE) organized by BNM within one year from the date of appointment and Bursa Training MAP for ABB.

3.10 Board Remuneration

3.10.1 The BNRC recommends specific remuneration packages for executive and non-executive Directors, and is structured such that it is competitive and consistent with the Bank‟s culture, objectives and strategies as well as ensuring that it commensurates with the level of responsibilities undertaken and contributions made by the Directors to the effective functioning of the Board and drive the Bank‟s long-term objectives.

Non-Executive Directors

3.10.2 The remuneration package for the Non-Executive Directors (“NED”) of

the Group will comprise the following:-

Directors’ Fees

The NEDs are entitled to annual Directors‟ fees. The annual Directors‟ fees are subject to shareholders‟ approval at the AGM.

Board Committee Allowances

NEDs who sit on Board Committees are entitled to receive Board Committee allowances.

Meeting Allowances

NEDs are also entitled to Meeting allowances when they attend any Board/Board Committee meetings.

Page 16 of 68

For Internal Use


The detailed breakdown of individual Directors‟ remuneration will be disclosed to stakeholders as part of the Bank‟s effort to set the tone of the top.

3.10.3 In determining the level of remuneration for NEDs, the Board may

commission a survey of the remuneration levels of NEDs, to be carried out either by external consultants or senior management. The survey should cover the remuneration levels of NEDs of an organisation in a similar industry, size and location. This report shall be tabled and a presentation shall be made to the Board for deliberation. The considerations that the Board could take into account include:

- Membership of NEDs in committees; - Whether the Director is an ordinary member or chairman of the

committee; and - Any special responsibilities that the Board has assigned to the

Director. 3.10.4 A review of the remuneration of NEDs will be undertaken annually.

Group CEO/CEO* 3.10.5 The remuneration package for GCEO/CEOs shall be reviewed by the

BNRC. 3.10.6 In determining the remuneration of GCEO/CEOs, the BNRC should

consider the contributions made by the GCEO/CEOs, and the effectiveness of the GCEO/CEOs in meeting established objectives and goals. The BNRC should then recommend the remuneration package of the GCEO/CEOs to the Board for approval.

3.10.7 During deliberations pertaining to both the individual GCEO/CEO‟s and

NED‟s remuneration, the interested parties should excuse themselves from both the deliberations and voting.

3.10.8 The Board may from time to time or at least once annually review the Remuneration Policy to ensure it continues to support the strategies and long-term vision of the Bank and yet at the same time, is able to attract talent, nurture and retain high caliber directors and senior management, whilst taking into account the interest of other stakeholders, including shareholders and employees. * Reference to CEO wherever appearing shall refer to the Group Chief Executive Officer and/or the Chief Executive Officer of Affin Islamic Bank.

3.11 Board Evaluation

3.11.1 The Board conducts annual Board‟s evaluation to objectively assess the performance and effectiveness of each Director and the Board as a whole, as well as its Board Committees.

Page 17 of 68

For Internal Use


3.11.2 BNRC is required to develop, maintain and review the criteria to be used in the evaluation process and the results will assist the BNRC to assess the required mix of skills and experience and other qualities, including core competencies which Directors should bring to the Board.

3.11.3 The results of the evaluation of individual Directors will be taken into account by the Board in determining its assessment of the Directors to stand for re-election at the next Annual General Meeting.

3.11.4 Principles

Directors have the difficult task of candidly and constructively critiquing their own and each other‟s performance as individual Directors and their collective performance as a team. The success of any Board, Committee and Director assessment practice is dependent on the Board‟s adoption and incorporation of the following:

Ensuring Candor, Confidentiality and Trust

The implementation of a successful and constructive evaluation process requires a culture of frankness that encourages ongoing relationships of reciprocity and mutual trust. However, in all Board discussions, the following should be considered:

Boards should keep in mind that the very qualities of collegiality and

co-operation that enhances the constructiveness of Board debate can also inhibit the frankness essential for self-evaluation;

Boards should encourage candor, openness, fairness and discretion in the evaluation process; and

Boards should ensure that their evaluation process maintains strict confidentiality with respect to each Director‟s input and feedback.

Regularly Reviewing the Evaluation Process

Assessment processes are shaped by many forces, including corporate circumstances and performance and relationships between and among individual Directors. The Board should therefore periodically review assessment practices and criteria to ensure their effectiveness and responsiveness against changing needs, and to ensure their continued applicability and appropriateness.

3.11.5 Process

ASSESSING BOARD EFFECTIVENESS The purpose of the Board Evaluation is to assess the processes by which the Board fulfils its responsibilities, including those provided by the MCCG and outlined by the CG Framework. Regardless of whether all or some of these responsibilities have been delegated to Board committees, the responsibilities would form part of the Board Evaluation as the Board is ultimately accountable.

Page 18 of 68

For Internal Use


The aim of the assessment process is for the Board to benchmark its own success against the expectations set at the beginning of the year or at the last evaluation, and to identify areas for improvement.

ASSESSING COMMITTEE EFFECTIVENESS

In line with the assessment of Board effectiveness, an assessment of the Board Committees as a function of the Board should also be carried out to evaluate the effectiveness of the Committees in meeting the objectives for which they were established. Committee members will assess their role in assisting the Board to fulfill its responsibilities as delegated to the Committee by its Terms of Reference.

The aim of the assessment is for the Committee to benchmark its own performance against the expectations set at the beginning of the year or at the last evaluation, and to identify areas for improvement.

ASSESSING INDIVIDUAL DIRECTOR‟S CONTRIBUTIONS

The evaluation of individual Directors assist the Directors in maximising their contribution to the governance of the Company through focused discussion, effective planning and achievement of professional performance and development objectives. In considering a Director‟s contributions to the Board, the Directors and the NC should consider the following key elements:

Integrity, Commitment and Ethic

Governance

Strategic Perspective

Business Acumen

Judgment and Decision Making

Teamwork

Communication

Leadership

In addition, Directors may play different roles on the Board and/or Committees, for example as Committee or Board Chairman. Different expectations are associated with different roles. The Director‟s evaluation should take specific Board and Committee roles into account. A separate evaluation process exists for the Board Chairman.

3.11.6 Reporting to the Board The results of the evaluation processes (Board, Committees and Director) are to be presented by the Chairman of the BNRC or a nominated member of the Committee to the full Board, together with the report on the required mix of skills and experience and other qualities including core competencies which Directors should bring to the Board.

Page 19 of 68

For Internal Use


3.11.7 Ending Board Service

One of the most sensitive challenges the BNRC faces is deciding whether or not to seek a Director‟s resignation. Because decisions not to re-nominate, to accept a resignation or to ask for a Director‟s resignation are difficult, clarity as to expectations about Board service should be made clear at appointment.

The Banks‟ circumstances change and Boards should anticipate and respond to the Group‟s changes by assembling the best mix of people to serve the Group at any given time. Directors‟ lives are equally dynamic and the ability of a Director to serve effectively may vary with changes in the Director‟s work and personal life. Therefore, when re-nominating Directors, the BNRC should consider circumstances as well as qualifications.

The BNRC should make clear, when a Director is invited to join the Board, that re-nomination is not automatic, and that all Directors are regularly evaluated.

The Board should require that Directors submit for consideration, a resignation as a matter of course if the evaluation indicates that they are not meeting the standards established by the Board, if their actions reflect poorly upon the Board and the Group (e.g. scandal, indictment, etc.) or if poor health or new and pressing commitments prevent effective functioning.

Where the evaluation of a Director or other events indicate that an individual is not meeting the standards established by the Board (including ethical standards), where appropriate, the BNRC should provide the Director with feedback, additional education and/or other reasonable means of guidance. If such attempts are either inappropriate or unsuccessful, the Director‟s resignation should be accepted.

3.12 GCEO/CEO’s evaluation (“CEO”)

3.12.1 Purpose

Under the MCCG, one of the principal responsibilities of the Board is succession planning. The Board is to ensure that CEO and the senior management of sufficient calibre. The Board is to assess the CEO‟s performance against the objectives established by the Board in co- operation with the CEO and will assess his or her contribution to corporate strategy.

Page 20 of 68

For Internal Use


3.12.2 Principles

An effective assessment process, acceptable to the BNRC and the CEO should be based on the following principles:

Ensuring Collaboration

Collaboration between the BNRC and the CEO in the evaluation process is of key importance. Both the Committee and the CEO must contribute and develop on all aspects of the evaluation process. When a new CEO is appointed, the evaluation process should be explained during the process of appointment.

Ensuring Candor, Confidentiality and Trust The implementation of a successful and constructive evaluation process requires a culture of frankness that encourages ongoing relationships of reciprocity and mutual trust. In carrying out the evaluation process, the following should be considered:

The BNRC should encourage candor, openness, fairness and discretion in the evaluation process; and

The BNRC should ensure that the evaluation process maintains strict confidentiality with respect to each Director‟s and other Directors‟ input and feedback. This includes the provision for confidentiality of documents, their storage and access.

Objectivity

The goals and objectives setting exercise should include adequate discussion of the measures which will indicate that these goals and objectives are being met as well as standards of performance. A combination of evaluation tools will be used together with the objectives and set goals to ensure objectivity.

Regularly Reviewing the Evaluation Process

The BNRC should periodically review the CEO‟s assessment process and criteria to ensure their effectiveness and responsiveness against changing needs, and to ensure their continued appropriateness.

3.12.3 Procedures

The objectives of the evaluation process for the CEO is to improve performance, sustain excellence and further clarify the respective roles of the CEO and the Board. It is used to establish measurable results over a defined period of time, review achievement, provide guidance or coaching opportunities, identify education or resource requirements and set compensation levels.

Page 21 of 68

For Internal Use


The performance of the CEO will be benchmarked against the set of goals and targets set at the beginning of each year. These goals and targets may be translated from the annual business plan and should include financial and budget targets as well as strategic and personal development goals. These goals and targets should be presented by the CEO to the BNRC who will provide feedback and suggest modifications. Towards the end of the fiscal year, the CEO‟s actual performance is measured against the targets and compensation is determined. This step begins with the CEO completing a self-assessment form of his or her performance as the CEO which is forwarded to the Chairman of the BNRC. Feedback will be provided to the CEO when the evaluation is discussed with the BNRC. The final evaluation will be agreed and signed off by the CEO and the Chairman of the BNRC. The results of the evaluation including recommended compensation shall be presented to the Board of Directors. Where appropriate, the BNRC may conduct a mid-year review with the CEO to assess how well he or she is performing against set goals and objectives.

3.12.4 Evaluation Tools

Position Description of the CEO The position description of the CEO provides the basic framework of

duties and responsibilities. The Position Description of the CEO is provided in the CG Framework.

3.13 Company Secretary

3.13.1 The company secretary is responsible for supporting the effective functioning of the Board. In discharging this role, the company secretary provides counsel to the Board on governance matters and facilitates effective information flows between the Board, the Board committees and senior management.

3.13.2 The company secretary is expected to provide sound governance advice, ensure adherence to rules and procedures and advocate adoption of corporate governance best practices.

3.13.3 The appointment and removal of the company secretary must be

approved by the Board. 3.13.4 The company secretary shall keep confidential the affairs of the Bank and

its officers at all times. Accordingly, where the company secretary also serves as company secretary for the Bank‟s affiliates, he shall not disclose the affairs of the Bank or its officers to the affiliates except with the knowledge and consent of the Bank.

Page 22 of 68

For Internal Use


3.13.5 The company secretary must not have competing time commitments that

may impair his ability to discharge his duties effectively. Unless the BNM approves otherwise in writing, the company secretary of the Bank must devote the whole of his professional time to the affairs of the Bank and its affiliates.

Page 23 of 68

For Internal Use


SECTION 4.0

BOARD AND MANAGEMENT COMMITTEES

Page 24 of 68

For Internal Use


4.0 BOARD AND MANAGEMENT COMMITTEES (a) The Board has established six (6) committees to assist the Board, namely:

(i) Group Board Audit Committee (“GBAC”) (ii) Group Board Risk Management and Compliance Committee (“GBRCM”) (iii) Group Board Credit Review and Recovery Committee (“GBCRRC”) (iv) Board Nomination and Remuneration Committee (“BNRC”) (v) Shariah Committee (“SC”) (for Affin Islamic Bank Berhad only) (vi) Board Oversight Transformation Committee (“BOTC”)

(b) The Management Committees consist of the following:-

(i) Management Committee (“MCM”) (ii) Group Management Credit Committee (“GMCC”) (iii) Credit Resolution Committee (“CRC”) (iv) Group Operational Risk Management Committee (“GORMC”) (v) Group Asset Liability Management Committee (“GALCO”) (vi) Planning and Technology Steering Committee (“PTSC”) (vii) Group Early Alert Committee (“GEAC”) (viii) Liquidity Management Committee (“LMC”) (ix) Tender Committee (“TC”) (x) Pricing Committee (“PC”) (xi) Disciplinary Committee (“DC”) (xii) Affinity Project Steering Committee (“Affinity PSC”) (xiii) TRX Steering Committee (“TSC”) (xiv) Group Chief Executive Officer Committee (“GCEO”)

Note: The above may be subject to changes from time to time

(c) Each committee has its specific roles and responsibilities as stipulated in their respective Terms of Reference (“TOR”).

(d) Composition and Requirement of Board Committees

i. Each Board Committee shall:

(a) have at least 3 Directors; (b) have a majority of Independent Directors; (c) be chaired by an Independent Director; and (d) comprise Directors who have the skills, knowledge and experience

relevant to the responsibilities of the Board Committee.

ii. The Chairman of the Board shall not chair any of the Board Committee in order to promote robust and open deliberations by the Board on matters referred by the Board Committees.

iii. With the exception of the Board Nomination and Remuneration Committee, Board Committees shall not have any Executive Director in its membership. “Executive Director” refers to a Director who has management responsibilities in the Bank or any of its affiliates.

Page 25 of 68

For Internal Use


iv. The Board shall remain fully accountable for any authority delegated to

the Board Committees.

v. The Bank shall provide the Board Committees with sufficient support and resources required to investigate any matter within their mandate.

4.1 Group Board Audit Committee (“GBAC”)

4.1.1 The Group Board Audit Committee is responsible to establish the framework to oversee all audit functions of the Bank. GBAC is also responsible for the preparation and presentation of the financial statements and for maintaining the appropriate accounting policies, internal controls, procedures and processes to ensure compliance with the accounting standards and its applicable laws and regulations.

4.1.2 The GBAC is also responsible to review with External Auditors and Group

Internal Auditors, the scope and approve their audit plan, the system of internal accounting controls, the audit reports, the assistance given by the management and its staff to the auditors and any findings and action to be taken by Management.

4.1.3 The GBAC carries out its roles and responsibilities as stipulated in the

GBAC TOR accordingly. Generally, the GBAC assists the Board in its oversight of the:-

(i) Integrity of the Bank‟s financial statements including corporate

governance disclosures and that the financial statements taken as a whole provide a true and fair view of the Bank‟s financial position and performance;

(ii) External auditors‟ qualifications, independence and performance; (iii) Effectiveness and independence of the Bank‟s internal audit

functions; (iv) Adequacy and effectiveness of internal audit functions, internal

controls and risk management processes; (v) Review the provision of non-audit services by External Auditors or

other appointed vendors to ensure they do not impinge on auditor‟s independence in undertaking the statutory audit;

(vi) Review the appointment and removal of Group Chief Internal Auditor (GCIA) and Internal Auditors together with reviewing and approving the Key Performance Indicators and performance of GCIA and Internal Auditors.

4.1.4 The GBAC carries out its roles and responsibilities as stipulated in the

GBAC TOR accordingly. Generally, the GBAC assists the Board in its oversight of the:-

(i) Integrity of the Bank‟s financial statements including corporate governance disclosures; (ii) External auditors‟ qualifications, independence and performance; (iii) Effectiveness and independence of the Bank‟s internal audit functions;

Page 26 of 68

For Internal Use


(iv) Adequacy and effectiveness of internal audit functions, internal controls and risk management processes; (v) Review the provision of non-audit services by External Auditors or other appointed vendors to ensure they do not impinge on auditor‟s independence in undertaking the statutory audit; (vi) Review the appointment and removal of Group Chief Internal Auditor (GCIA) and Internal Auditors together with reviewing and approving the Key Performance Indicators and performance of GCIA and Internal Auditors. 4.1.4 The GBAC shall exercise oversight over the external auditor in

accordance with the expectations set out in the policy document on External Auditor as issued by the BNM. At minimum, this must include:

(a) making recommendations to the Board on the appointment,

removal and remuneration of the external auditor; (b) monitoring and assessing the independence of the external

auditor including by approving the provision of non-audit services by the external auditor;

(c) monitoring and assessing the effectiveness of the external audit, including by meeting with the external auditor without the presence of senior management at least annually;

(d) maintaining regular, timely, open and honest communication with the external auditor, and requiring the external auditor to report to the BAC on significant matters; and

(e) ensuring that senior management is taking necessary corrective actions in a timely manner to address external audit findings and recommendations.

4.2 Group Board Risk Management and Compliance Committee (“BRMCC”)

4.2.1 The Group Board Risk Management and Compliance Committee (“GBRMCC") represents a Board committee of Affin Bank Group to assess and examine the adequacy of group risk management and compliance frameworks including the policies, procedures and processes for Group.

4.2.2 The GBRMCC is established to support the Board of Directors (“Board”) to fulfill its responsibilities in:

(a) ensuring that the Group wide enterprise risk management framework, policies and guidelines adequately protect the Group against all relevant risks, comprising but not limited to, credit risk, market and liquidity and interest rate risks, operational risks including legal risk, regulatory risks, reputational risk , information technology (“IT”) and cyber risks.

(b) overseeing the management of the Group‟s compliance risk by ensuring compliance process is in place and functioning in line with the expectations of Bank Negara Malaysia (“BNM”), Securities Commission (“SC”) and Bursa Malaysia (“Bursa”);

Page 27 of 68

For Internal Use


(c) over seeing the management of IT and cyber risks including ex-ante1 risk assessments on e-banking services at ABB; and

(d) implementing a sound remuneration system by examining whether incentives provided take into consideration risks,

capital,liquidity and the likelihood and timing of earnings, without prejudice to the tasks of the Board Nomination & Remuneration Committee.

4.2.3 The GBRMCC is supported by the Group Board Risk and Compliance

Management Committee (“GBRMCC”) at subsidiaries such as Affin Hwang Investment Bank (“AHIB”) and AXA Affin Life Insurance Berhad (“AALI”).

1 ex-ante means based on forecasts rather than actual results

4.3 Group Board Credit Review and Recovery Committee (“GBCRRC”)

4.3.1 GBCRRC was established to assist the functions of the Board in respect

of its inherent authority over approval on financing application/proposals which are considered by the Group Management Credit Committee ("GMCC").

4.3.2 The GBCRRC shall operate in accordance with the powers and authorities

delegated under the TOR. Generally, the GBCRRC provides assistance to the Board as follows: (i) To critically review loans and other credit facilities upon

recommendation by the Group Credit Management Division; (ii) To provide an independent oversight of credits by ensuring that

there are adequate lending policies, procedures and operating strategies are adhered to;

(iii) Generally to ensure that the GMCC has discharged its responsibilities in a proper manner; and

(iv) To monitor the progress of recovery efforts.

4.4 Board Nomination and Remuneration Committee (“BNRC”)

4.4.1 BNRC shall have at least three (3) members of whom all must be Non-Executive Directors with a majority of them being Independent Directors.

4.4.2 The Chairman of the Committee shall be an Independent, Non- Executive Director.

Page 28 of 68

For Internal Use


4.4.3 Remuneration of Directors and Senior Management

(a) Review and recommend remuneration, compensation and benefits

framework, policies/plans and procedures for Directors, Chief Executive Officer and Senior Management officers for the Board‟s approval.

(b) Ensure the remuneration, compensation and benefits framework,

policies/plans and procedures support the Bank‟s culture, objectives and strategy at the same time reflect the responsibility and commitment.

(c) Ensure balance in the remuneration package, which should be sufficient to attract and retain Directors of calibre, and yet not excessive, to the extent the licensed institution‟s funds are used to subsidise the excessive remuneration including directors‟ fees, salaries, allowances, bonuses, options and benefit-in-kind;

(d) For remuneration packages for Executive Directors and the Chief Executive Officer, the remuneration package should be structured such that it is competitive and consistent with the Bank‟s culture, objectives and strategy. Salary scales drawn up should be within the scope of the general business policy and not be dependent on short-term performance to avoid incentives for excessive risk-taking;

(e) As for Non-Executive Directors and Independent Directors, the level of remuneration should be linked to their level of responsibilities undertaken and contribution to the effective functioning of the Board;

4.4.5 Appointment/Re-appointment of Directors and Senior Management

(a) Establishing minimum requirements for Directors and the Chief

Executive Officer. The requirements and criteria should be approved by the Board;

(b) Recommending and assessing the nominees for directorship, Board committee members as well as nominees for the Chief Executive Officer. This includes assessing Directors for reappointment, before an application is submitted to Bank Negara Malaysia for approval. The actual decision as to who shall be nominated should be the responsibility of the full Board;

(c) Overseeing the overall composition of the Board, in terms of the

appropriate size and skills, and the balance between Executive Directors, Non-Executive Directors and Independent Directors through review;

Page 29 of 68

For Internal Use


(d) Recommending to the Board the removal of a Director/Chief

Executive Officer from the Board/Management if the Director/Chief Executive Officer is ineffective, errant and negligent in discharging his responsibilities;

(e) Establishing a mechanism for the formal assessment on the effectiveness of the Board, the contribution of each Director to the effectiveness of the Board, the contribution of the Board‟s various committees and the performance of the Chief Executive Officer and other key Senior Management officers. Annual assessment should be conducted based on an objective performance criteria. Such performance criteria should be approved by the full Board;

(f) Overseeing the appointment, management succession planning and performance evaluation of key Senior Management officers;

(g) Recommending to the Board the removal of key Senior Management officers if they are ineffective, errant and negligent in discharging their responsibilities;

(h) Assessing, on an annual basis, that the Directors and key Senior Management officers are not disqualified under Section 59 of the Financial Services Act 2013;

4.4.6 Performance/Fit and Proper Assessment of Directors, CEO and Senior Management

(a) Assess the performance and effectiveness of individuals and

collective members of the Board, Board Committees and Senior Management.

(b) Assess the fitness and propriety of Directors, CEO and Senior Management in accordance with BNM Policy on Fit and Proper and the Bank‟s Fit and Proper Policy to ensure that they are not disqualified and comply with the fit and proper requirements as may be specified under the Financial Services Act 2013.

(c) Recommend the termination or removal of Director or Senior Management if the Director, CEO or Senior Management concerned is ineffective, errant and negligent in discharging his duties and if he becomes disqualified and no longer complies with any of the fit and proper requirements as may be specified by BNM under the Financial Services Act 2013.

(d) Consider and recommend to the Board on any other measures to

upgrade the effectiveness of the Board and Management.

(e) Ensure that all Directors of the Bank receive appropriate and continuous training to keep abreast of the latest development in the industry.

Page 30 of 68

For Internal Use


4.5 Shariah Committee (“SC”) (only applicable to Affin Islamic Bank)

4.5.1 For Affin Islamic, the SC shall be responsible and accountable for all its decisions, views and opinions related to Shariah matters. While the board bears the ultimate responsibility and accountability on the overall governance of the Bank, the board shall rely on the SC on all Shariah decisions, views and opinions relating to the business of the Bank. As the Shariah decisions, views and opinions bind the operations of the Bank, the SC shall deliberate rigorously the issues at hand before arriving at any decisions.

4.5.2 The SC shall perform an oversight role on Shariah matters related to the

institution‟s business operations and activities. This is achieved through the Shariah review and the Shariah audit functions. Regular Shariah review reports and the Shariah audit observations should enable the SC to identify issues that require its attention and where appropriate, to propose corrective measures. In discharging its duties, the SC shall disclose sufficient information in the Bank‟s annual financial report on the state of compliance of the Bank.

4.6 Board Oversight Transformation Committee (“BOTC”)

4.6.1 BOTC Committee was established in view of the Transformation Blueprint and Implementation Masterplan - Affinity Program.

4.6.2 Its main purpose is to oversee the transformation plan (Affinity Program),

secure the consistency of strategic decision and ensure that the transformation plan is implemented effectively in a timely manner.

The delegation of authority to the BOTC is intended to be sufficiently broad so that the issues which remain with the Board or which would be referred by Management Committee to the Board would generally be as follows:-

(i) High level strategic, budgetary and stewardship policy issues or

matters of significant risk to Affin Bank Group; (ii) Any matter involving alteration(s) to the mandate, TOR,

membership or structure of the BOTC; (iii) Matters which the BOTC considers to be of major strategic

significance with long term impact on Affin Bank Group; (iv) Matters which, in the opinion of the Chairman of BOTC, have seen

a strong division of opinion within the BOTC; and (v) Issues in which there is lack of clarity as to the responsibility and

authority of the BOTC. 4.7 Management Committee (“MCM”)

4.7.1 MCM consists of the Senior Management who are responsible to monitor Affin Bank Group‟s overall performance, strategic and business plans, formulate tactical action and make recommendation to Board accordingly.

Page 31 of 68

For Internal Use


4.7.2 Further, the members of MCM is responsible to ensure daily operations of

the Bank are conducted in accordance with the Bank‟s corporate objectives, strategies, approved Annual Budget, applicable laws and regulations as well as Affin Bank Group‟s internal policies and procedures.

4.7.3 Certain powers are exclusive to MCM vis-à-vis any other internal

structure of Affin Bank Group and may not be delegated by MCM. Such powers include:-

(i) the delegation of powers to committee established by MCM, to

one or more persons or to groups of persons, save for the powers to sub-delegate described above;

(ii) decisions on the reporting process to MCM (content and frequency of reporting obligations);

(iii) strategic recommendations to the Board; (iv) decision effecting a material change to the internal structure of

Affin Bank Group; and (v) decision that involve a material reputational, material financial or

material legal risk to Affin Bank Group.

Any approval above the limit by MCM will be escalated to the Board. 4.8 Group Management Credit Committee (“GMCC”)

4.8.1 GMCC is a Committee established with the objective to consider and if

thought fit approve applications across AFFIN Banking Group (including Affin Hwang Investment Bank Berhad) which exceeds the delegated credit authority of Group Chief Credit Officer (GCCO). Further, it possesses delegated authority to approve workout proposals and granting of additional credit facilities to impaired accounts.

4.8.2 GMCC is to report to the BCRRC for notation, review, and where deemed

necessary, to veto loans/financing application which had been approved by GMLC. For any related party transaction, the paper will be tabled to the Board of Directors for approval or notification.

4.9 Credit Resolution Committee (“CRC”)

CRC‟s main objectives are:-

(i) to consider and approve all workout proposals to impaired loans/financing accounts graded 15 to 17 (business loans/financing) and retail loans/financing which exceed the delegated credit authority of Division Head/Chief Financial Officer or equivalent and Head, Recovery or equivalent.

(ii) to approve proposals on granting of additional credit facilities to impaired loans/financing or accounts.

(iii) to approve all outgoings (e.g. legal fees, miscellaneous charges etc.) which exceed the delegated operational authority of Division Head Chief Financial Officer or equivalent and Head, Recovery or equivalent.

Page 32 of 68

For Internal Use


(iv) to ratify credit approval granted with proper justification by Division Head/

Chief Financial Officer or equivalent and Head, Recovery or equivalent, on exceptional basis.

(v) to review any other relevant matters pertaining to reports for notation/ information.

4.10 Group Operational Risk Management Committee (“GORMC”)

GORMC was established to oversee the operational risk authorisation and ownership of operational risk of the the Bank and make the appropriate recommendations to the Board Risk Management Committee. Further, it is responsible to review and ensure that the appropriate operational risk programme, process and framework are implemented in the Bank so as to reduce the original capital charge under Basel II and manage loss incidence to an acceptable level.

4.11 Group Asset Liability Management Committee (“GALCO”)

4.11.1 GALCO is responsible for identifying, managing and controlling balance sheet risks and capital management in the execution of the business strategy of Affin Bank and Affin Islamic Bank. Balance sheet risks are managed by setting limits, monitoring exposures and implementing controls across the dimensions of capital, funding and liquidity as well as non-traded interest/profit rate risk.

4.11.2 Further, it is responsible for the implementation of GALCO strategy and

policy for the balance sheets of Affin Bank and Affin Islamic Bank.

4.12 Planning and Technology Steering Committee (“PTSC”)

4.12.1 PTSC is responsible for overall IT strategic planning and prioritisation of IT resources and projects to be in line with the Bank's overall business strategy, review and provide concurrence to IT budget and projects for approval by relevant approving authority, renewal of IT support maintenance contracts and monitoring the progress of projects to ensure completion within agreed project timeline.

4.12.2 Amongst the other roles and responsibilities of PTSC are:-

(i) To set overall direction of IT road map by reviewing and recommending IT Long Term Plan/policies/manuals to the CEO and Board. Thereafter to monitor effectiveness upon implementation (effectiveness of projects and post implementation review).

(ii) Review and recommend IT Annual Budget before submission to the CEO and then to the Board.

(iii) To establish and review various performance indicators to measure the performance of the Bank‟s IT services and the establishment of service level agreements between IT department and users of other departments or external parties, and thereafter to monitor overall

Page 33 of 68

For Internal Use


(iv) efficiency, performance and effectiveness of IT services, utilisation

and obsolescence level. (v) To ensure that appropriate actions are taken to correct weaknesses

noted in the internal and external IT audit reports or Bank Negara‟s examination reports and update new regulatory requirement.

(vi) PTSC mandated the Chief Operating Officer (COO) to approve renewal of standard IT contracts within PTSC approving limit.

(vi) Review current IT Outsourcing arrangement in terms of efficiency, performance, effectiveness and service level.

4.12.3 Any new initiatives submitted to PTSC must have prior MCM

endorsement for the concept/business case. 4.13 Group Early Alert Committee (“GEAC”)

4.13.1 The GEAC is responsible to monitor credit quality through monthly review

of reports submitted on Early Alert, Watchlist and Exit Accounts and to review the actions being taken to address the warning characteristics in above reports.

4.13.2 The Scope under review by GEAC includes Early Alert Accounts and

account under Watchlist and Exit.

4.14 Liquidity Management Committee (“LMC”)

4.14.1 The LMC was established with the objective to assist GALCO to oversee and manage the Group‟s liquidity position to maintain an optimum level of liquidity to support the Group‟s current and future operating needs within the confines of regulatory requirements.

4.14.1 Further, it is responsible to manage other issues relating to the

management of liquidity risk, as the Chair and members identify from time to time; promote and ensure a culture of good corporate governance. Any liquidity risk issues is to be escalated to GALCO, where necessary.

4.15 Tender Committee (“TC”)

The Tender Committee is responsible to exercise the following functions and responsibilities:-

(i) The Tender Committee is responsible for supervising the overall tender

processes, reviewing submitted tenders, request for proposals (RFPs) and expression of interest of the bank in excess of RM50,000 up the

amount specified in the ABB‟s Limit & Authority for Expenditure.

(ii) The Tender Committee is also responsible for reviewing the disposal of fixed asset of the bank.

(iii) In discharging its function, the Tender Committee shall at all time be mindful of all the applicable laws, regulations, guidelines and provisions of the company and the authorities.

Page 34 of 68

For Internal Use


4.16 Pricing Committee (“PC”) The PC is responsible to oversee the pricing policies and practices of

retail/financing products. The other functions of PC are as stipulated in the Risk-Informed Pricing Bank Manual.

4.17 Disciplinary Committee (“DC”)

The DC is responsible for reviewing breaches to Bank‟s guidelines, manuals and policy & procedures, statutory and regulatory requirements, and deliberating and deciding on the appropriate punishment in line with the Bank‟s Consequence Management policy and guidelines. The Disciplinary Committee:-

(i) Reviews and deliberates on Operational Risk Reports, Fraud &

Operational Lapses Reports (FOLR), Audit Reports, Whistleblowing Reports, HR Investigation Reports and related documents as well as findings of Domestic Inquiry Panel before decide on appropriate disciplinary punishment;

(ii) Makes recommendations for improvement of existing policies, guidelines, processes and procedures, arising from deliberations of the findings in these reports;

(iii) Considers mitigating factors before deciding on appropriate punishments; (iv) Appeals made to the punishments imposed by the DC are reviewed and

considered by the GCEO/CEO.

4.18 Affinity Project Steering Committee (“Affinity PSC”) 4.18.1 In view of the Transformation Blueprint and Implementation Masterplan -

Affinity Program, Affinity PSC was established at the management working level to monitor the progress and status of the overall Program against schedule, budget, business case and planned business outcomes.

4.18.2 Affinity PSC is mandated to make decisions on Transformation Program

priorities, budget drawdown and resource allocation. However, in the event of dispute or uncertainty, matters are to be escalated to the BOTC for review/decision. The committee is responsible to ensure that the Transformation Program adopt necessary risk mitigation actions against business and operations disruptions.

4.19 TRX Project Steering Committee (“TSC”)

4.19.1 TSC was established for the purposes of overseeing the development of

the new Menara Affin Corporate Headquarters at Tun Razak Exchange (TRX). The main function of TSC is to ensure smooth and efficient tender evaluation, review and award procedure in a timely manner to meet the project critical milestones. TSC is also responsible for approving budgetary strategy, defining and realizing benefits, and monitoring risks, quality and timeliness.

Page 35 of 68

For Internal Use


4.19.2 Among the key responsibilities of TSC are as follows:

(i) Approve the nominated persons forming the Tender Evaluation Team;

(ii) Tender Pre-qualifications, Tender Lists, Tender Performa‟s and other tender related matters;

(iii) Review and approve the tender evaluation criteria and reports; (iv) Agree and endorse the award recommendations of Tender Report

/ Recommendation to Appoint (RTA); (v) Approval of procurement expenditure within the overall approved

budget; (vi) Approval of variations and contingency expenditure; provided it is

within the approved budget; (vii) To be part of the Project Control Group (PCG) where the Project

Manager (Lendlease Projects) will update the project status.

4.20 Group CEO Committee

4.20.1 The Group CEO Committee is a committee of Chief Executive Officers (“CEOs”) or Managing Directors (“MDs”) of relevant business entities within the AFFIN Bank Group (“Group”). The Committee serves as a link amongst the CEOs/MDs within the Group and the Chairman of the Committee with the Chairman reporting to AFFIN Bank Berhad‟s (“Bank”) Board of Directors (“Board”). The Committee is established to take necessary decisions regarding matters under its authority and raises recommendations to the Board for approval in accordance with the policies, terms of reference and authority set by the Board.

4.20.2 The duties and responsibilities of the Committee include but are not limited to the following: (a) Board

(i) To identify matters that are required or appropriate for escalation to the Board to review, deliberate and form recommendations thereof;

(ii) To have collective responsibility for managing the Group‟s business, ensuring that the activities of the respective business entities are in line with the objectives and strategies of the Group as determined by the Board;

(iii) To be responsible for proper performance and/or

delegation of each member and have clear allocation of accountabilities and responsibilities within the area of its own functional responsibility in accordance with their respective business entities; and

(iv) To execute such authorities and deliberate on matters as delegated by the Board to the Committee.

Page 36 of 68

For Internal Use


(b) Group strategy and alignment (i) To deliberate and develop the budgets, business plans and strategies of the Group, based on an in-depth understanding of each part of the Group‟s businesses; (ii) To align the budgets, business plans and strategies of the respective company within the Group to align with the budgets, business plans and strategies of the Group; (iii) To deliver the Group‟s approved strategy and its annual business plans and budgets; (iv) To review the performance of the Group in the light of its strategies, objectives, plans and ensure that any necessary corrective action is taken; (v) To consider strategic initiatives, including alliances, acquisitions and disposals, joint ventures and investments and recommend them to the Board; and (vi) To develop active liason and coordination between the Group‟s business entities to promote collaboration and synergy of business within the Group. (c) Financial performance and evaluation (i) To review and evaluate the Group‟s business performance delivery against business plans and budgets as well as other new business opportunities, alliances and acquisitions; (ii) To monitor, review and evaluate the Group‟s annual capital and revenue budgets and make reasonable recommendations and appropriate adjustments according to the business and market conditions as well as the Group‟s requirements;

(iii) To monitor and review Group‟s financial performance against key financial objectives including oversight of delivery of these objective by individual companies within the Group; and (iv) To review and discuss business and financial reports.

(d) Others (i) To consider and manage emerging issues that might be material to the Group; and

Page 37 of 68

For Internal Use


(ii) To consider and manage any other matters that may be pertinent or material to the Group-wide operations, businesses and governance functions.

4.20.3. Reporting Responsibilities to the Board (a) The Committee should report to the Board on a regular basis at the next appropriate meeting of the Board. (b) The Chairman of the Committee shall report to the Board on the following: (i) The financial performance of the Group; (ii) Status and achievements of the operational and business performance of the Group against the annual business plans and budgets approved by the Board; (iii) The strategies, business plans and budgets of the Group; (iv) Deliberations and recommendations of the Committee; and (v) Any other issues. (c) Members of the Committee shall report to the Board on the following, if required: (i) The financial performance of its respective company within the Group;

(ii) Status and achievements of the operational and business performance of the respective company within the Group against its annual business plans and budgets as approved;

(iii) Yearly business plans, budgets and strategies of the respective company as approved; (iv) Any issues that are specific to the entity but have Group-wide implications; and (v) Any other matters as consented by the Chairman.

4.21 Delegated Approving Authorities

Limits of Approving Authority for key aspects of the businesses provide a sound framework of authority and accountability within the Bank and facilitate proper corporate decision making at the appropriate level in the Bank‟s hierarchy. The delegation of limits is subject to periodic review as to its implementation and continuing suitability in meeting the business objectives and operational needs.

Page 38 of 68

For Internal Use


The authority specified in the Authority Limit Policy are vested in the Board, relevant Board Committees, Group Risk Management and Compliance Committee, Management Committee, Group Chief Executive Officer, Chief Executive Director and Group Credit Risk Officer. Credit approving authorities are further vested to GBCRRC and the Group Chief Credit Officer.

The authorities specified may be delegated to such other person(s) deemed fit, appropriate or necessary by the Authority Group and/or by the GCEO/CEO, to facilitate the day-to-day operations of the Bank.

Page 39 of 68

For Internal Use


SECTION 5.0

INTERNAL CONTROLS

Page 40 of 68

For Internal Use


5.0 INTERNAL CONTROLS

The Board recognizes the importance of maintaining a sound system of internal controls and risk management practices as well as good corporate governance. The Board affirms its overall responsibility for the Bank‟s system of internal controls, which includes the establishment of appropriate control environment and risk management framework as well as review of its adequacy and integrity. The Bank‟s system of internal controls involves all management and personnel from each business and support units. The Board is responsible for determining key strategies and policies for significant risks and control issues, whilst functional managers of the Bank are responsible for the effective implementation of the Board‟s policies by designing, operating, monitoring and managing risks and control processes. Key Internal Control Processes of the Bank encompasses the following:-

5.1 Organisational Structure

Organisational structure with clearly defined lines of job responsibilities and delegation of authority. This ensures effective communication of risk control objectives as well as establishment of authority and accountability in accordance with Management criteria.

5.2 Policies/Procedures including Empowerment & Approving Authority Policies

5.2.1 Documented internal policies and procedure manuals of business and

support units are established and they serve as a guidance to ensure compliance with internal controls and applicable laws and regulations as stated in the operations manuals, guidelines, workflows and directives issued by the Management.

5.2.2 Documented Limits of Approving Authority for key aspects of the

businesses are approved by the Board. This provides a sound framework of authority and accountability within the organisation and facilitates proper corporate decision making at the appropriate level in the organisation‟s hierarchy. The delegation of limits is subject to periodic reviews as to its implementation and continuing suitability in meeting the Bank‟s business objectives and operational needs.

5.3 Escalation Process

5.3.1 The channels of communication and procedures are established for

reporting immediately to the Board and appropriate levels of management on any significant internal control failures or weaknesses that are identified together with details of corrective actions being undertaken.

5.3.2 Corrective Action Tracking on resolution of issues/findings highlighted by

external audit, internal audit, regulators, if any, are regularly escalated to the relevant Management Committees, Group Board Audit Committee (GBAC) and Board.

Page 41 of 68

For Internal Use


5.4 Financial Performance Review, Business and Capital Plan including Budget

5.4.1 The Finance Division (FD) regularly provides comprehensive information to the Board and the GBAC on the key financial reports, key variances and analysis of financial data of the Bank. FD also ensure maintenance of proper accounting records and the reliability of the financial information is in accordance with the approved accounting standards and in compliance with the regulatory and statutory requirements.

5.4.2 The annual business plan and financial budget of the Bank is tabled and

approved by the Board. The variances between the actual and targeted results are presented to the Board on a periodic basis to allow for timely responses and corrective actions to be taken to mitigate risks.

5.4.3 There is a structured framework and process in place with regard to

capital expenditure and revenue and this is reviewed annually. The internal capital target is set on a yearly basis.

5.5 Risk

5.5.1 Risk management function, operating in an independent capacity, is

part of the Bank‟s senior management structure which works closely as a team in managing risks to enhance shareholders‟ value.

5.5.2 The Bank has an established comprehensive and robust risk

management framework and internal control system in tandem with the complexity and diversity of the Bank businesses. On-going initiatives and periodic reviews are undertaken by Group Risk Management Division (“GRMD”) to enhance the risk management policies, infrastructure and framework to ensure that risks associated with the Bank‟s business activities are adequately identified and mitigated.

5.5.3 GRMD is functionally independent of the business divisions and is

primarily responsible in identifying, measuring, monitoring, evaluating and controlling credit, market and operational risks of the Bank.

5.5.4 The Bank‟s comprehensive risk management framework and internal control

system are pivotal and instrumental towards achieving the corporate objective of maximizing profitability and returns to shareholders whilst ensuring prudential management of the associated risks.

5.5.5 The risk management process is reviewed regularly by Board Risk

Management and Compliance Committee (“GBRMCC”) to ensure the risk management policies and framework are adequate to protect the Bank against all relevant risks comprising credit risk, market risk, liquidity risk and operational risk.

Page 42 of 68

For Internal Use


5.6 Compliance

5.6.1 The Bank has put in place an independent compliance function which

facilitates, advises, monitors and educates the business and support units in respect of laws, regulations and guidelines including areas

Related to Anti Money Laundering / Counter Financing of Terrorism (AML/CFT) and Shariah compliance affecting the Bank's business and assist in the management of compliance risks within the Bank. Group Compliance Division (“GCD”) submits independent reports to the Board.

5.6.2 The GCD departmental policy and operational manual sets out guiding

principles for the sound management of compliance risks within the Bank. It also sets out, amongst others, the roles and responsibilities of the Board and Senior Management and establishment of an independent compliance function.

5.6.3 Policies and procedures are reviewed periodically or as and when required

to reflect current practices and the applicable legal/regulatory requirements. An Annual Compliance Programme is drawn up, tabled and approved by GBRMCC.

5.6.4 Compliance reviews are performed regularly by the GCD to assess adherence to the existing and new regulatory requirements as well as internal policies and procedures. Any deviations or breaches are reported to BRMCC for deliberation. Relevant trainings on identified focus areas are regularly provided by GCD to create awareness amongst the staff and to assist the business and support units to better understand the effects and applications of the regulatory as well as internal requirements.

5.7 Human Resource (“HR”)

5.7.1 The Bank acknowledges that people development is critical in ensuring

that employees have the right competencies, skills and knowledge to conduct the tasks they are entrusted with, and must able to exercise sound judgment when fulfilling those responsibilities. This is line with the objective set under the Bank‟s COE and COC.

5.7.2 The HR Policies and Procedures are in place and provide clarity in all

aspects of human resource management in the Bank. Periodically, the policies and procedures are reviewed to ensure they remain relevant and appropriate controls are in place to manage operational risks. Changes, if any, are communicated to all employees via HR Homepage in the Bank‟s intranet.

5.7.3 Human Resource has in place various initiatives and training programs to

address the human capital requirements, including knowledge management, and mandatory programmes. The Bank has in place a well-established performance management framework and system to evaluate performance, and to compensate/reward its employees accordingly. Staff performance assessment is conducted twice annually - mid-year review in July and annual appraisal in December.

Page 43 of 68

For Internal Use


5.7.4 The recruitment process includes a comprehensive pre-employment

screening and selection process, which includes the fit and proper assessments.

5.7.5 Various learning and development methodologies which include

classroom training, experiential learning, among others are already established in the Bank. E-learning facilities provide staff the freedom of time and space to learn and update their knowledge at their convenience while meeting the Bank‟s needs for its employees, who are spread across geographical areas, to be competent in key areas.

5.8 Group Internal Audit

5.8.1 Continuous reviews of the effectiveness of the system of internal control,

risk management and governance processes are carried out by the Group Internal Audit Division in accordance to the audit plan approved by the BAC. The results of audit reviews are reported periodically to the BAC for deliberation and subsequently to the Board.

5.8.2 Group Internal Audit tables the Corrective Action Tracking on the

resolution for issues raised by regulators, external and internal audit to the BAC. All issues are tracked until their resolution. This is to ensure timeliness and effectiveness of actions taken by Management.

5.8.3 The BAC conducts reviews on the adequacy of internal audit function,

audit plan, scope of work, resources, budget on annual basis including their performance.

5.8.4 The Group Chief Internal Audit reports directly to the GBAC to ensure

the internal audit function is able to function independently.

5.9 Shariah Compliance and Research Functions

For Affin Islamic and Islamic banking business of Affin Bank, the Bank has established Shariah compliance functions to be carried out through the review and audit functions, and supported by the risk management control function and internal research capabilities.

(i) Shariah Review

The Shariah review function refers to regular assessment on Shariah compliance in the activities and operations of the Bank by qualified Shariah officers, with the objective of ensuring that the activities and operations carried out by the Bank do not contravene with the Shariah. The function involves the examination and evaluation of the Bank‟s level of compliance to the Shariah, remedial rectification measures to resolve non compliances and control mechanism to avoid recurrences.

Page 44 of 68

For Internal Use


(ii) Shariah Audit

Shariah audit refers to the periodical assessment conducted from time to time, to provide an independent assessment and objective assurance designed to add value and improve the degree of compliance in relation to the Bank‟s business operations, with the main objective of ensuring a sound and effective internal control system for Shariah compliance. The function is performed by group internal auditors, who have acquired adequate Shariah-related knowledge and training.

(iii) Shariah Risk Management

The systematic approach of managing Shariah non-compliance risks will enable the Bank to continue its operations and activities effectively without exposing the Bank to unacceptable levels of risk. Shariah risk management is a function to systematically identify, measure, monitor and control of Shariah non-compliance risks to mitigate any possible of non-compliance events. This function forms as part of the Bank‟s integrated risk management framework.

(iv) Shariah Research This function refers to the conduct of performing in-depth research and studies on Shariah issues, including providing day-to-day Shariah advice and consultancy to relevant parties, including those involved in the product development processes. The function is performed by qualified Shariah officers and the scope of work predominantly covers aspects of the Shariah. There will be an involvement from experts on legal, operational, and other related aspects or issues to form part of the presentation to the Shariah Committee.

(v) Shariah Secretariat

The role of the secretariat includes coordinating meetings, compiling proposal papers, disseminating Shariah decisions to relevant stakeholders and engaging with relevant parties who wish to seek further deliberations of issues from the Shariah Committee.

Page 45 of 68

For Internal Use


SECTION 6.0

SENIOR MANAGEMENT

Page 46 of 68

For Internal Use


6.0 SENIOR MANAGEMENT

6.1 Senior Management Category

As stipulated under the BNM CG, Senior Management refers to Chief Executive Officer and Senior Officers. Whilst Senior Officers is as per the definitions stipulated under Financial Services Act (FSA) S.2 (22 March 2013) / Islamic Financial Services Act (IFSA) (22 March 2013) and BNM Fit and Proper Criteria (28 June 2013).

Based on the definitions, the positions that fall under the Senior Management category are as below:-

No Positions

1 Group CEO

2 Chief Executive Officer, Affin Islamic Bank Berhad (AiBB)

3 Director, Consumer Banking

4 Director, Treasury

5 Director, Corporate & Public Sector Business

6 Director, SME & Commercial Business

7 Group Chief Internal Auditor

8 Group Chief Risk Officer

9 Group Chief Credit Officer

10 Group Chief Compliance Officer

11 Chief Operating Officer

12 Chief Financial Officer

13 Chief Human Resource Officer

14 Chief Legal Officer and Company Secretary

15 Chief Corporate Services Officer

16 Deputy CEO, AiBB

6.2 Other Material Risk Takers (“OMRT”)

6.2.1 As stipulated under the BNM CG, OMRT refers to an officer who is not a

member of senior management of a financial institution and who:-

(i) can materially commit or control significant amounts of the financial institution‟s resources or whose actions are likely to have a significant impact on its risk profile; or

(ii) is among the most highly remunerated officers in the financial institution;

Page 47 of 68

For Internal Use


The identified staff that falls under the OMRT are as follows:-

Qualifying Criteria Review Identified Staff

Members of Committees whose decisions have a significant material impact on the Bank‟s Business

Annually reviewed by the BNRC and subsequently by the Board of Directors for approval

Officers who are members of: Management Committee of Affin

Bank Berhad and Affin Islamic Bank Berhad

Group Management Loan Committee

Planning & Technology Steering Committee

Assets And Liability Committee

Staff who are involved in business lines or other activities which have a material risk impact on the Bank.

Annually reviewed by GCEO/CEO. The list of identified Other Material Risk Takers are then tabled to the BNRC for review, and subsequently for Board of Directors approval

All Direct Reports of Division Heads

All Treasury Dealers All Credit Appraisers

Remuneration structure which creates incentives for material impact

Those who earn high incentives Those with a high fixed-to-

variable remuneration ratio.

6.2.2 The listing of the positions for the Senior Management and OMRT

shall be reviewed annually to be in accordance with the BNM CG requirement.

6.3 Responsibilities of Senior Management 6.3.1 The responsibilities of senior management include:

(a) implementing the business and risk strategies, remuneration and other policies in accordance with the direction given by the Board;

(b) establishing a management structure that promotes accountability and transparency throughout the Bank‟s operations and preserves the effectiveness and independence of control functions;

(c) promoting, together with the Board, a sound corporate culture

within the Bank which reinforces ethical, prudent and professional behaviour;

(d) addressing actual or suspected breaches of regulatory

requirements or internal policies in a timely and appropriate manner; and

(e) regularly updating the Board with the material information the

Board needs to carry out its oversight responsibilities, particularly on matters relating to:

Page 48 of 68

For Internal Use


(i) the performance, financial condition and operating environment of the Bank;

(ii) internal control failures, including breaches of risk limits; and

(iii) legal and regulatory obligations, including supervisory concerns and the remedial actions taken to address them.

6.3.2 The GCEO/CEO, in leading senior management, bears primary responsibility over the day-to-day management of the Bank.

6.4 Senior Management Appointments and Removals

6.4.1 Senior Management is responsible and accountable for the sound and

prudent day-to-day management of the Bank, in accordance with the direction of the Board. They are appointed to key positions of the Bank to provide strategic leadership which influences the financial position and future direction of the Bank.

6.4.2 Persons in these key positions must have the necessary qualities,

competencies and experience that will allow them to perform their duties and carry out the responsibilities required of their position in the most effective manner.

6.4.3 The Bank shall submit to the Board for the new appointment, re-

appointment and removal of GCEO/CEO and Senior Management. 6.4.4 Senior Management appointments and removal are governed by the

standards as stipulated in BNM‟s policy document on Corporate Governance, Part C, item no. 17 (page 16) which stipulates that member of senior management must fulfil the minimum requirements at the time of appointment and on a continuing basis.

6.4.5 The new appointment and re-appointment of GCEO/CEO and Senior Management must fulfill the minimum requirements as follows:-

(i) Must not be disqualified under Section 59 (1) of the FSA 2013

or section 68 (1) of the IFSA of which:

He is not a bankrupt. He has not suspended any payments, or compounded with his creditors within or outside Malaysia;

He has not been charged for any criminal offence relating to dishonesty or fraud under any written law or the law of any country, territory or place outside Malaysia;

He has not been imposed any order of detention, supervision or deportation, or any form restriction or supervision by bond or otherwise, under any law relating to prevention of crime drug trafficking or immigration. Page 49 of 68

For Internal Use


A substantial shareholder must not hold a senior management position. This serves to preserve an appropriate separation between ownership and management of financial institutions in line with the broader responsibilities of a financial institution towards its depositors, investment account holders, policy holders and participants.

A CEO must devote the whole of his professional time to the service of the financial institution unless the Bank approves otherwise in writing.

(ii) Each member of Senior Management will be assessed against the relevant minimum requirements set out in 6.3.5 annually of the individual‟s fitness and propriety.

(iii) It is the responsibility of each member of the senior management to immediately disclose to the Board any circumstances that may affect his ability to meet minimum requirements.

6.4.6 Where the GCEO/CEO and Senior Management of the Bank becomes:-

(i) disqualified under Section 59(1) of the FSA 2013 or Section 68 of the IFSA 2013, or

(ii) no longer complies with any of the fit or proper requirements of the

Bank, they shall immediately cease to hold office and act in such capacity.

The Bank shall immediately terminate the appointment or remove them from such office.

6.4.7 The Bank shall notify BNM in writing within 7 days from date of cessation of the GCEO/CEO and senior management, together with the reasons for the cessation.

6.4.8 Unless the written approval of the BNM has been obtained:

(a) the Bank must not publicly announce the proposed appointment of the GCEO/CEO; and

(b) a GCEO/CEO whose tenure has expired and is being proposed for reappointment must immediately cease to hold office and act in such a capacity, including by holding himself out as the GCEO/CEO.

Page 50 of 68

For Internal Use


6.5 Fit & Proper

Fit & Proper guidelines are observed to ensure that persons who are to be appointed or have been appointed to key positions are fit and proper to direct and manage the Bank‟s key business activities and functions. This Policy is also aimed at ensuring the Bank is led by persons of integrity, credibility, and competency. The Bank‟s Fit & Proper Policy is designed and observed as per Bank Negara Malaysia‟s policy document on Fit and Proper Criteria for assessment of key responsible persons, issued on 30 June 2013. 6.5.1 In determining whether a person is fit and proper, the Bank shall consider

the following:-

(i) Probity, personal integrity and reputation The person must have the personal qualities such as honesty,

integrity, diligence, independence of mind and fairness. (ii) Competence and capability The person must have the necessary skills, experience, ability and

commitment to carry out the role. (iii) Financial Integrity The person must manage his debts or financial affairs prudently. (iv) Health Assessment The person must be medically fit for employment.

6.5.2 Assessment criteria used by the BNRC:-

(i) For appointment of key responsible persons:-

Professional and Tertiary Qualifications

Prior work experiences

References and testimonials

Contributions and achievements throughout their career

(ii) For contract renewals:-

Achievement of Key Performance Indicators during the current contract

Aspirations and plans for the new contract period

Development activities and training courses attended

Identification and readiness of successor

Participation and contribution in management committees

Participation and contribution in professional/ networking committee

Page 51 of 68

For Internal Use


(iii) For annual reviews of Fit and Proper, the BNRC assessed

compliance to the following in addition to the above criteria:-

Achievement of KPIs

Financial integrity checks

Medical fitness for employment.

Criminal Vetting

Dow Jones Checks 6.5.3 Key Responsible Persons will be assessed annually by the BNRC and

Board as per the criteria stipulated in the Bank‟s Policy on Fit & Proper Assessment. If any members of Senior Management fail to fulfill the requirements set in the policy, he/she shall be removed from the position.

6.5.3.1 Disqualification Members of Senior Management shall be removed from the

position if they are disqualified under Section 59(1) of FSA 2013.

6.6 Succession Plan

6.6.1 The Bank‟s Succession Planning Policy and Framework was developed and endorsed by the Board in 2008. The Succession Planning Framework identifies the competency requirements of critical positions, assesses potential candidates and develops required competencies through planned learning and development initiatives.

6.6.2 The Bank‟s Succession Planning Framework is based on the following

guiding principles:-

(i) Compliance: A robust succession plan for key positions (Senior Management) as stipulated in the BNM‟s policy document on Corporate Governance (Part C, Item 17.5)

(ii) Proactive Planning: A pre-emptive and on-going process of identifying critical key positions that could put the organisation at risk if left unfulfilled.

(iii) People Development : Identification and planning for critical positions, by developing a pool of potential successors and encouraging a culture that supports knowledge transfer and employee development

6.6.3 The Board has the overall responsibility of overseeing the succession plan for MD/CEO and other members of senior management, and must be satisfied with the collective competence of senior management to effectively lead the operation of the Bank. Regular updates on the Bank‟s list of successors and the respective plans are presented to the Board for its notification.

Page 52 of 68

For Internal Use


SECTION 7.0

REMUNERATION

Page 53 of 68

For Internal Use


7.0 REMUNERATION

7.1 Remuneration Policy and System

7.1.1 The mission of the Bank is to provide innovative financial solutions and services to target customers in order to generate profits and create value for our shareholders and other stakeholders. In so doing, we provide opportunities for employees to contribute and excel; and be competitive in providing our solutions and services to our valued customers.

7.1.2 It is the Bank‟s basic compensation philosophy to provide a competitive

level of total compensation to attract and retain qualified and competent staff. The Bank‟s variable remuneration policy will be driven primarily by a performance-based culture that aligns staff interests with those of the shareholders of the Bank.

7.1.3 The Bank‟s remuneration policy considers the role of each staff, and has

set guidance on whether they are under Senior Management Category and ORMT and other Employees.

7.1.4 The objectives of this Remuneration Policy is to ensure that the

remuneration system in the Bank:-

(i) Rewards individuals for the achievement of the Bank‟s objectives and motivates high levels of performance;

(ii) Rewards exceptional performance by individual through the Performance Management System;

(iii) Allow the Bank to compete effectively in the labour market and to recruit and retain high calibre staff;

(iv) Achieves fairness and equity in remuneration and reward.

7.1.5 The Bank‟s remuneration policy is developed based on the following guiding principles:-

(i) Support for Strategic Objectives: Remuneration and reward

frameworks and decisions shall be developed in a manner that is consistent with, supports and reinforces the achievement of the Bank vision and strategy.

(ii) Transparency: The process of remuneration management shall be transparent, conducted in good faith and in accordance with appropriate levels of confidentiality.

(iii) Internal Equity: The Bank shall remunerate all staff fairly in terms of their roles within the organisation.

(iv) Market-Related Remuneration: The Bank shall measure its remuneration practices against both the local and national market through the use of remuneration surveys and through benchmarking with other similar institutions.

Page 54 of 68

For Internal Use


(v) Flexibility: Remuneration and reward offerings shall be sufficiently

flexible to meet both the needs of individuals and those of the institution whilst complying with relevant tax and other legislation.

(vi) Performance-Driven Remuneration: The Bank shall entrench a culture of performance driven remuneration through the implementation of the Performance Management System.

(vii) Affordability and Sustainability: The Bank shall ensure that remuneration is affordable on a sustainable basis.

7.1.6 The Remuneration policy and practices will evolve over time, reflecting

Bank‟s priorities but will always adhere to the BNM CG and at the same time promoting sound and effective risk management.

7.1.7 The Bank will ensure that overall remuneration system for the Bank (as per the BNM CG guidelines) shall:-

(i) be subject to Board‟s active oversight to ensure that the system

operates as intended; (ii) be in line with the business and risk strategies, corporate values

and long-term interests of the Bank; (iii) promote prudent risk-taking behavior and encourage individuals

to act in the interests of the Bank as a whole, taking into account the interests of its customers; and be designed and implemented with input from the control functions and the GBRMCC to ensure that risk exposures and risk outcomes are adequately considered.

7.1.8 The remuneration of Senior Management and OMRT must be approved by the Board and the Bank will maintain and regularly review the list of officers who fall within the definition of Senior Management and OMRT.

7.1.9 The Bank will ensure transparency in accordance with the BNM CG, by

the disclosure of remuneration policies and information on paid remuneration to regulators, through the Annual Financial Statements.

7.1.10 The Bank‟s remuneration is made up to two main components namely:-

(i) Fixed pay and variable pay. Fixed pay consists of base salary and

fixed allowances that are pegged to the market value of the job. (ii) Variable pay rewards employees based on the performance of the

Division, Department & Bank, and the employee‟s individual performance.

7.1.11 Remuneration for individuals shall be aligned with prudent risk-taking.

Hence, remuneration outcomes shall be symmetric with risk outcomes. This includes ensuring that:-

(i) The award of performance bonus is a key component of the

Bank‟s reward strategy to recognize employee‟s contribution to the Bank‟s performance;

Page 55 of 68

For Internal Use


(ii) remuneration is adjusted to account for all types of risk, and

determined by both quantitative measures and qualitative judgements;

(iii) the size of the bonus pool is linked or aligned with the Bank‟s business strategy and overall corporate performance, against targeted Key Performance Indicators, approved by the Board of Directors;

(iv) Rewards are differentiated to promote a performance-driven culture within the Bank;

(v) The performance bonus awarded to employees is dependent on the performance and contribution of the employee, department/branch, and division towards the overall performance of the Bank;

(vi) Bonuses are not guaranteed; and (vii) Variable remuneration includes options for deferrals and claw-

backs.

7.1.12 The Bank implemented the Deferred Discretionary Performance Bonus for the CEO, members of the Management Committee and Senior Management. The objective of the deferred bonus is to align short-term compensation payment with the time-based risk, and to encourage employees to deliver sustainable long-term performance.

7.1.13 The Deferred Discretionary Performance Bonus will be subject to claw

back. Any unvested element under the deferred plan can be forfeited /adjusted or the delivered variable remuneration payout be recovered in situations such as:

(i) Misbehavior or material error by the staff causing harm to the

Bank‟s reputation, or in cases of misconduct, incompetence or negligence

(ii) The staff‟s business unit suffers a material downturn in its financial performance or a material restatement of financial statements of the Bank

(iii) The staff‟s business unit suffers a material risk management failure

(iv) Staff deliberately misleads the market and/or shareholders in relation to the financial performance of the Bank

(v) A significant deterioration in the financial health of the Bank, and (vi) If the Bank and/or relevant line of business incur losses in any

year during the vesting period, the unvested portions will be subject to malus.

7.1.14 To promote behaviours that are aligned to the intended effects of incentive structures, the Bank shall ensure that:

(a) variables used to measure risk and performance outcomes of an

individual relate closely to the level of accountability of that individual;

Page 56 of 68

For Internal Use


(b) the determination of performance measures and variable

remuneration considers that certain indicators (such as share prices) may be influenced in the short term by factors like market sentiment or general economic conditions which are not specifically related to the Bank‟s performance or an individual‟s actions, and the use of such indicators does not create incentives for individuals to take on excessive risk in the short term; and

(c) members of senior management and OMRT commit not to

undertake activities (such as personal hedging strategies and liability-related insurance) that will undermine the risk alignment effects embedded in their remuneration.

Any decision to take back an individual‟s deferred Discretionary Performance Bonus can only be made by the CEO.

7.2 Consequence Management

All employees shall carry themselves in a manner that reflects high ethical standards and compliance with the legal, regulatory and the Bank‟s internal policies and requirements. Any employee, who fails to comply shall be subject to the relevant consequence management process and where relevant be subject to the appropriate disciplinary action.

7.3 KPI Framework

7.3.1 The Bank sets out KPI policy to the staff for them to understand the importance of KPIs and the framework.

7.3.2 The guiding principles in formulating the KPIs are as follows:

(i) KPIs must be reviewed and formulated annually. (ii) KPIs formulated takes into consideration the Bank‟s past

performance and strive to improve on past performance. (iii) KPIs formulated should leads towards achieving both Short-term

strategy and Long-term strategy. (iv) KPIs must be measurable and observable - can be quantified/

measured and may be either quantitative or qualitative. (v) Timely - achievable within the given timeframe. (vi) Rewards for achievement of KPIs should drive employees to

perform, as well as retain talent in the Bank.

7.3.3 To ensure a well balanced approach to managing the performance of the Bank, the KPIs fall within the 4 quadrants of the Balanced Scorecard:-

(i) Financials (ii) Process Improvements (iii) Customer Service & Quality (iv) Human Capital

7.3.4 The weightage for each quadrant will vary according to the role of the

incumbent and their priorities for the year in review.

Page 57 of 68

For Internal Use


SECTION 8.0

CULTURE, ETHICS AND CONDUCT

Page 58 of 68

For Internal Use


8.0 CULTURE, ETHICS AND CONDUCT

8.1 Code of Ethics

8.1.1 Staff must consistently adhere to a high standard of professionalism and

ethics in the conduct of business and professional activities to serve the legitimate interest of Bank‟s customers and clients with the highest standards of professional and ethical behavior.

8.1.2 Principles of ethical that are vital to the achievement of a high standard

of professionalism and ethics as set out by the Bank are as follows:-

Principle 1: Competence

Principle 2: Integrity

Principle 3: Fairness

Principle 4: Confidentiality

Principle 5: Objectivity

8.2 Code of Conduct

8.2.1 Staff needs to observe at all times the standard of conduct set out by the Bank, expected of them in the performance of their duties.

8.2.2 Staff must be fully committed to uphold, maintain and demonstrate a

high level of integrity and professionalism at all times so as not to bring the Bank into disrepute.

8.2.3 The Bank prescribes certain values and principles which staff is expected

to uphold and abide. This Code of Conduct specifies the minimum standards of conduct expected of staff of the Bank.

8.2.4 Staff should seek guidance when they are in doubt about the proper

course of action in a given situation, as it is the ultimate responsibility of each staff to “do the right thing”, a responsibility that cannot be delegated.

8.2.5 The six (6) principle guidelines of the Code of Conduct are:-

(i) Conflict of Interest (ii) Misuse of Position (iii) Misuse of Information (iv) Integrity of Records and Transactions (v) Confidentiality (vi) Fair and Equitable

8.3 Other Policies

The Bank‟s code of ethics also addresses issues of confidentiality, conflicts of interest, integrity in reporting and the fair treatment of customers. Staff is encouraged to report any violation according to its respective policies and procedures. These issues are covered under separate documents as follows:

Page 59 of 68

For Internal Use


Area Policies and Procedures

Conflict of Interest Policy on Credit Transactions & Exposure with Connected Parties

Integrity of Records and Transactions

Data Governance Framework

Confidentiality Disclosure Policy

Corruption & Abuse of power Code of Ethics

Insider trading Chinese Wall

Money laundering AMLA Policy

Page 60 of 68

For Internal Use


SECTION 9.0

INDEPENDENCE

Page 61 of 68

For Internal Use


9.0 INDEPENDENCE

9.1 Conflict of Interest

9.1.1 The Board has established a written policy on management of conflict of interest, which applies to all Directors and employees of the Bank and commissioned Dealer‟s Representatives engaged by the Bank. This written policy has been designed or tailored according to the nature, scale and complexity of the Bank‟s business and seeks the following primary outcomes in line with the promotion of a fair and orderly market:

(i) disclosures to clients and informed decision making by the clients

of the Bank; (ii) fairness and independence, honesty and professionalism in all

dealings with clients and in the provision of financial and advisory services to clients; and

(iii) transparency in services and products offered to the clients.

9.1.2 In addition to the above, the Bank has also established policies covering Directors‟ conflict of interests as well as HR policy covering conflict of interest involving senior management, OMRT and staff.

9.1.3 Pursuant to Section 58 of the FSA and Section 67 of the IFSA, the Bank has adopted the policy that a Director is required to disclose to the Board the nature and extent of his interest in a material transaction or material arrangement, and for that Director to be absent during the deliberations of such material transaction or material arrangement at a Board meeting.

9.1.4 For the purpose of Paragraph 9.1.3 above:

(a) an existing or proposed transaction or arrangement will be considered “material” if it is one which a Director is required to declare under Section 221 of the Companies Act 2016, unless the director or any person linked to him cannot reasonably be expected to derive a benefit or suffer a detriment from the transaction or arrangement in a way that will place the Director in a position of conflict; and

(b) an interested Director must make the disclosure by way of a written notice to all members of the Board and the company secretary:

(i) as soon as practicable after being aware of his interest in

the material transaction or arrangement; and

(ii) if the material transaction or arrangement is being deliberated at a Board meeting, before the commencement of that deliberation.

Page 62 of 68

For Internal Use


9.2 Related Party Transactions Policy

9.2.1 The related party transaction policy sets out the guiding principle on

related party transactions (“RPTs”) undertaken by the Bank. 9.2.3 RPTs are reviewed by respective division/department that originates the

transaction, to avoid potential or actual conflict of interest, and to ensure that decisions for such transactions are conducted at an arm‟s length basis and in the best interest of the Bank and its shareholders. The terms and conditions of the transaction with related parties should be no more favourable than those granted to other counterparties of similar background and/or credit standing.

The need to prevent conflict of interest are embodied in the Bank‟s internal

rules and policies. 9.2.4 Information about transactions with related parties are disclosed in the

financial statements annually, and are periodically tabled and reported to the Management Committee and the BAC, and thereon to the Board, where applicable.

9.3 Credit Transactions with Connected Parties Policy

9.3.1 The minimum standards and process required in managing lending and investments to/into connected parties to ensure that all credit transactions are being carried out on an arm‟s length basis have been outlined in Policy on Credit Transaction & Exposure with Connected Parties. The Bank also establishes an internal limit for total outstanding credit exposure to all connected parties to prevent the Bank from overly concentrating on a particular group of borrower.

9.3.2 Given its ultimate responsibility to ensure that risks associated with

connected party exposures are effectively managed, the Board is currently responsible for approving all credit transactions with connected parties and such transactions must be regularly reviewed and monitored by the Board.

Page 63 of 68

For Internal Use


SECTION 10.0

TRANSPARENCY AND DISCLOSURES

Page 64 of 68

For Internal Use


10.0 TRANSPARENCY AND DISCLOSURES

10.1 Corporate Governance Disclosures

10.1.1 The Board recognizes that strong disclosures promotes transparency in addition to being an important aspect of good governance, and this include timely, comprehensive and accurate disclosures regarding all material matters concerning the Bank, covering financial situation, results, regulatory and corporate governance disclosures.

10.1.2 The Board undertakes to provide clear, timely and reliable

information that is adequately prepared and disclosed in an easily understood and accessible manner to all stakeholders.

10.1.3 Disclosures on corporate governance matters are made in the

Directors‟ report covering Board‟s responsibilities and oversight, internal controls and remuneration system, all of which are guided by the respective terms of reference and relevant frameworks established by the Bank.

10.1.4 The Board must maintain an effective communication policy that enables

both the Board and Management to communicate effectively with its Shareholders and the public through disclosure, dialogues during and post AGM, interview with media, analyst briefing, the Company‟s website and its press releases.

10.2 Sustainability Governance

10.2.1 The Bank has in place the best practices in all the business dealing with

customers, vendors, stakeholders, depositors and participants (as defined in FSA/IFSA 2013) to ensure long term sustainability of the Bank.

10.2.2 The Bank has to ensure that business is conducted in a socially

responsible and ethical manner with a view towards long term environmental sustainability in preserving the eco-system/environment. The Board and Management are responsible in observing the relevant laws and regulations and ensure that it is reflected in the business policies/procedures to effectively manage possible environmental impact in making business decision.

10.3 Whistle Blowing

10.3.1 Whistleblowing Policy is developed to promote whistleblowing in a positive manner that provides an avenue to escalate concerns on improper conduct and to handle such concerns appropriately, in line with the fundamental objectives of Whistleblower Protection Act 2010. These include the following:

(i) Safeguard the Bank‟s reputation by minimising the unfavorable

surprise events.

Page 65 of 68

For Internal Use


(ii) Encourage Whistleblower to divulge pertinent and unknown

information on improper activity occurring within the Bank and subsequently to curtail the possible detrimental impact.

(iii) Exhibit better corporate governance on managing whistleblowing issue, which is to be managed in a transparent manner by creating awareness on the protection, confidentiality and enforceability.

10.3.2 “an independence non - executive director” has been appointed to take charge of Whistleblowing.

Page 66 of 68

For Internal Use


SECTION 11.0

ADMINISTRATION OF THIS FRAMEWORK

Page 67 of 68

For Internal Use


11.0 ADMINISTRATION OF THIS FRAMEWORK

Revision or any changes made to this Framework shall be subject to approval by the Board of ABB and AiBB.

Page 68 of 68

Documents

CORPORATE GOVERNANCE FRAMEWORK - AFFINBANK