Basel Principles For Enhancing Corporate Governance In The Global Banking Sector: Do UAE Banks Comply?

Banking Sector Corporate Governance

Following the recent financial crisis, regulators are increasingly looking to implement initiatives across a range of industry sectors to enhance corporate governance standards. One key sector that has not been immune to these initiatives has been the banking sector. 

The Basel Committee on Banking Supervision (the Committee) recently issued an updated set of Principles for Enhancing Corporate Governance[1] (the Principles) in the banking sector. The purpose of the Principles is to assist banking organisations[2] in enhancing their corporate governance guidelines and banking supervisors in assessing the quality of those guidelines. The Committee has indicated that there have been a number of corporate governance failures and lapses, many of which came to light during the recent financial crisis, including the following examples: 

• insufficient Board oversight of Senior Management;
• inadequate risk management; and
• unduly complex or opaque Bank organisational structures and activities.

Currently there are 51 banks and a number of other regional financial institutions[3] operating in the United Arab Emirates (UAE). Consistent with the Committee's 2006 corporate governance guidelines, the Corporate Governance Guidelines for UAE Bank Directors issued for banks' consideration in June 2009 by the UAE Central Bank (the UAE Guidelines) highlight that UAE banks should be governed in a transparent manner and that public disclosure is desirable in: 

• Board structure;
• Senior Management structure;
• basic organisational structure;
• incentive structure such as remuneration policies, executive compensation, bonuses and options; and
• transactions with affiliates and related parties. 

The UAE Guidelines further set out that the Board of Directors should ensure that compensation policies and practices are consistent with the Bank's corporate culture, long-term objectives and strategy and control environment.

Although the UAE Guidelines are a step in the right direction, the key areas where the Committee believes the greatest focus is now necessary in the banking sector are highlighted below.

Board Practices

The Principles with respect to Board management highlight that the Board has final responsibility for the Bank, including approving and overseeing the implementation of the Bank's strategic objectives, risk strategy, corporate governance and corporate values. In addition, the Board is responsible for providing oversight of Senior Management.  Accordingly, the Board should approve and monitor the overall business strategy of the Bank, taking into account the Bank's long-term financial interests, its exposure to risk and its ability to manage risk effectively.

Moreover, according to the Committee, the Board should approve and oversee the implementation of the Bank's:

• overall risk strategy, including its risk tolerance/appetite;
• policies for risk, risk management and compliance;
• internal control systems;
• corporate governance framework, principles and corporate values, including a code of conduct (or comparable document); and
• compensation system.

In discharging the above-mentioned responsibilities, the Board should:

• exercise sound objective judgment and have and maintain appropriate qualifications and competence, individually and collectively;
• follow good governance practices for its own work as a Board; and
• be supported by competent, robust and independent risk and control functions that are subject to the Board's provision of effective oversight.

Senior Management Responsibilities

Under the direction of the Board, Senior Management should ensure that the Bank's activities are consistent with the business strategy, risk tolerance/appetite and policies approved by the Board. Moreover, Senior Management is responsible for:

• delegating duties to staff; and
• establishing a management structure that promotes accountability and transparency. 

In this regard, Senior Management should implement appropriate systems for managing the risks—both financial and non-financial—to which the Bank is exposed.  This includes: 

• a comprehensive and independent risk management function; and
• an effective system of internal controls (discussed below).

Risk Management and Internal Controls

The Banks are advised by the Committee to establish an effective internal controls system and a risk management function (including a Chief Risk Officer or equivalent for large banks and internationally active banks) with sufficient authority, stature, independence, resources and access to the Board.

Risks should be acknowledged and checked regularly on an ongoing, firm-wide and individual entity basis. The Bank's risk management, compliance and internal control infrastructures should be adjusted promptly to reflect any changes in the Bank's risk profile (including its growth) and the external risk landscape.

Moreover:

• the Bank's risk exposure and strategy should be communicated regularly throughout the Bank, both across the organisation and through reporting to the Board and Senior Management; and
• the Bank's Board and Senior Management should effectively utilise the work conducted by internal audit functions, external auditors and internal control functions, as such work is vital to the corporate governance process in order to achieve a number of important objectives.

Compensation

The Committee suggests that in relation to compensation, the Banks should fully implement the Financial Stability Board (FSB) Principles for Sound Compensation Practices (FSB Principles) and the accompanying Implementation Standards (FSB Standards), or the applicable national provisions that are consistent with FSB Principles and FSB Standards.  The UAE Guidelines indicate that compensation policies and practices should be consistent with the Bank's corporate culture, long-term objectives and strategy and control environment.  Even though the FSB Principles and FSB Standards are intended to apply to significant financial institutions, national jurisdictions may also apply them to smaller, less complex institutions.

The Principles further state that the Board should actively oversee the compensation system's design and operation and should monitor and review the compensation system to ensure that it operates as intended. Moreover, the compensation should be: 

• effectively aligned with prudent risk-taking;
• adjusted for all types of risk;
• symmetric with risk outcomes; and
• sensitive to time horizon of risks.

In addition, the mix of cash, equity and other forms of compensation (e.g., options) should be consistent with risk alignment and will likely vary across employees, depending on their position and role in the Bank.

Complex or Opaque Corporate Structures

The Committee suggests that the Board and Senior Management should know the Bank's operational structure and the risks that it poses (i.e., "know-your-structure"). The Board should set policies for establishing new entities or structures based on established criteria (e.g., regulatory, tax, financial reporting, governance) and avoid setting up unnecessarily complicated structures. This includes understanding the legal and operational risks and constraints of the various types of intragroup exposure and transactions, as well as their effect on the group's funding, capital and risk profile. 

Where a Bank:

• operates non-transparent structures or in jurisdictions not meeting international banking standards, its Board and Senior Management should understand and mitigate their risks (i.e., "understand-your-structure"); and 
• operates through special-purpose or related structures or in jurisdictions that impede transparency or do not meet international banking standards, its Board and Senior Management should understand the purpose, structure and unique risks of these operations and should also seek to mitigate any risks identified (i.e., "understand-your-structure").

Disclosure and Transparency

The Committee suggests that governance of Banks should be adequately transparent to their:

• shareholders;
• depositors;
• other relevant stakeholders; and
• market participants.

The Committee also suggests that the Banks should disclose relevant and useful information that supports the key areas of corporate governance identified by the Committee and that such disclosure should be proportionate to the size, complexity, structure, economic significance and risk profile of the Bank. 

In general, Banks should follow the guidelines set forth in the disclosure and transparency section of the relevant Organisation for Economic Co-operation and Development (OECD) Principles of Corporate Governance.[iv] Accordingly, disclosure should include, but is not limited to:

• material information on the Bank's objectives;
• organisational and governance structures and policies (in particular, the content of any corporate governance code or policy and the process by which it is implemented);
• major share ownership and voting rights; and
• related party transactions. 

Banks should also disclose their incentive and compensation policies following the FSB Principles and FSB Standards related to compensation. Any disclosures should be accurate, clear and presented in an understandable manner and in such a way that shareholders, depositors, other relevant stakeholders and market participants can consult them easily.

Conclusion

The Committee has stressed that the Principles discussed in this Jones Day Commentary are intended to assist banking organisations in enhancing their corporate governance frameworks and to assist supervisors in assessing the quality of those Principles. They are not, however, intended to establish a new regulatory framework layered on top of existing national legislation, regulation or codes.

Instead, the application of corporate governance standards in any jurisdiction is expected to be pursued in a manner consistent with applicable national laws, regulations and codes. Supervisors and Banks are encouraged to periodically check their frameworks and standards for consistency with relevant Committee guidance.

Although national regulators and legislative bodies are tasked with converting Basel-based Principles into rules and regulations, it is clear that a framework has now been established that could be implemented by Banks and financial institutions in the UAE wishing to operate at the highest standards of corporate governance.

LAWYER CONTACTS

For further information, please contact your principal Firm representative or one of the lawyers listed below. General email messages may be sent using our "Contact Us" form, which can be found at www.jonesday.com.

Eric Milne, Partner
Dubai
+971.4.709.8484
emilne@jonesday.com

Ali Awais, Associate
Dubai
+971.4.709.8404
aawais@jonesday.com