A. Purpose and scope of the guidelines:
The purpose of the guideline is to communicate Office of the Superintendent of Financial Institutions (OSFI’s) – ‘Canada’ expectations with respect to corporate governance of federally-regulated financial institutions (FRFIs). It applies to all FRFIs other than the branch operations of foreign banks and foreign insurance companies.
The guideline covers:
- Relevant provisions of the Bank Act, the Insurance Companies Act, the Trust and Loan Companies Act, the Cooperative Credit Associations Act and associated regulations.
- OSFI’s Supervisory Framework and Assessment Criteria.
- The role of the Board of Directors.
- Risk Governance.
- The role of the Audit Committee.
B. Corporate Governance for FRFIs:
Effective corporate governance is not only the result of “hard” structural elements, but also “soft” behavioral factors driven by dedicated directors and management performing faithfully their duty of care to the institution. What makes organizational structures and policies effective, in practice, are knowledgeable and competent individuals with a clear understanding of their role and a strong commitment to carrying out their respective responsibilities.
C. The Board, Senior Management and the Oversight Functions:
The Board is responsible for providing stewardship, including direction-setting and general oversight of the management and operations of the entire FRFI. Senior Management is accountable for implementing the Board’s decisions, and is responsible for directing and overseeing the operations of the FRFI. This distinction in the responsibilities between the Board and Senior Management is critical.
In carrying out its responsibilities, Senior Management may delegate some of its responsibilities to the FRFI’s oversight functions. The oversight functions are responsible for providing enterprise-wide oversight of operational management.
The composition of the Senior Management of a FRFI will vary from institution to institution. Senior Management is composed of:
- Chief Executive Officer (CEO) and individuals who are directly accountable to the CEO.
- Heads of major business platforms or units.
- It may also include the executives responsible for the oversight functions, such as the Chief Financial Officer (CFO), Chief Risk Officer (CRO), Chief Compliance Officer (CCO), Chief Internal Auditor, and Chief Actuary (CA).
D. The Role of the Board of Directors:
Responsibilities of the Board:
- Approving the FRFI’s business objectives, strategy and plans, including the Risk Appetite Framework etc.
- Approving the appointment, performance review and compensation of the senior management.
- Approving the budget & audit plans of the FRFI’s.
- Review and discuss the FRFI’s operational and business policies including financial performance.
Note: However, the Board is not responsible for the on-going and detailed operationalization of its decisions and strategy. These should be matters for Senior Management to consider.
Board Effectiveness: The hallmarks of an effective Board, and its directors, include demonstrated sound judgment, initiative, responsiveness and operational excellence.
Board Independence: The Board should be independent from Senior Management. The Board’s ability to act independently from Senior Management can be demonstrated through practices such as having regularly scheduled Board and Board Committee meetings that include sessions without Senior Management present. The recruitment process for new directors and the development of a director profile (both responsibilities of the Board) should emphasize the independence of Board members from Senior Management.
E. Risk Governance:
Risk governance is a distinct and crucial element of corporate governance of FRFIs. FRFIs should be in a position to identify the significant risks they face, assess their potential impact and have policies and controls in place to manage them effectively. This includes, as appropriate, the following risks: liquidity, credit, market, insurance, operational and any other risks applicable to the FRFI.
Risk Appetite Framework: A FRFI should develop a Risk Appetite Framework that is enterprise-wide and tailored to its domestic and international business activities and operations. The Risk Appetite Framework, as approved by the Board, should be well-understood throughout the organization and embedded within the culture of the FRFI. All operational, financial and corporate policies, practices and procedures of the FRFI should support the Risk Appetite Framework.
The Risk Appetite Framework should set basic goals, benchmarks, parameters and limits (e.g., level of losses) as to the amount of risk a FRFI is willing to accept, taking into account various financial, operational and macroeconomic factors. It should consider the material risks to the FRFI, as well as the institution’s reputation vis-à-vis policyholders, depositors, investors and customers.
F. The Role of the Audit Committee
The Audit Committee, not Senior Management, should recommend to the shareholders the appointment, reappointment, removal and remuneration of the external auditor, and should also agree to the scope and terms of the audit engagement and approve the engagement letter.
A FRFI’s Audit Committee should assess whether the FRFI’s accounting and actuarial practices are appropriate and within the bounds of acceptable practice. The Audit Committee should receive all substantive correspondence between the external auditor and Senior Management related to its audit findings.
G. Conclusion:
Effective corporate governance is an essential element in the safe and sound functioning of financial institutions. The Board and Senior Management are designated as key oversight functions in OSFI’s Supervisory Framework.
In addition, in situations where a financial institution is experiencing problems, or where significant corrective action is necessary, the important role of the Board is heightened and OSFI requires significant Board involvement in seeking solutions and overseeing the implementation of corrective actions.
OSFI supervises FRFIs to assess their condition and monitor compliance with the applicable federal laws and regulations. Supervision is carried out within a framework that is risk-focused. OSFI has developed a comprehensive set of assessment criteria, key among which is the quality of oversight and control provided by the Board and Senior Management of the FRFI.