Roles and Responsibilities of the Board
Strategy and Policy
- Approve, monitor and update the overall business strategies of the Bank, including on risk governance, risk, sustainability and culture.
- Approve overall business plan, budget, and risk appetite.
- Safeguard the longer-term value of the Bank, which include the brand and corporate reputation.
- Approve all credit limits for amounts in excess of the amount delegated to other board committees, management, which delineates cascading levels of authorities.
- Approve all other risk limits and policies as prescribed by the Bank of Thailand and other relevant regulators.
- Determine a calendar each year that sets forth and schedules the issues to be discussed by the Board during the year. Substantive issues such as strategy, financial performance and progress against budget and operational plans, capital planning, actual risk profile, Chief Executive Officer’s performance evaluation and operational oversight issues such as product approval process should be prioritized over formalistic issues.
- Approve the authority or the delegation of authority to approve credit, market risk limits, acquisitions, disposals, investments, or realization or creation of a new venture.
- Ensure that the policies adopted by the Bank apply to and are implemented by each of its subsidiaries, or that each subsidiary adopt and implement policies of equivalent effectiveness.
- Oversee management’s actions and consistency with Board policies as part of the checks and balances embodied in sound corporate governance.
- Oversee Bank operation to provide fair service to customers
- Ensure and oversee a proper and efficient whistleblowing policy and procedure
- Meet regularly with senior management to review policies, establish communication lines and monitor progress toward corporate objectives.
- Promote Bank safety and soundness, understand the regulatory environment and ensure the Bank maintains an effective relationship with its regulators.
- Provide sound advice to management and recommend sound practices gleaned from other situations.
- Review and, where permissible or required under applicable regulations, consider approval of connected transactions as prescribed by the Securities and Exchange Commission and related party credit limits as prescribed by the Bank of Thailand.
- Oversee Bank disclosure of significant corporate governance to shareholder’s meeting and public in order to strengthen the bank’s good corporate governance
- Preside over the business in compliance with the Bank Objectives, Articles of Association and follow the shareholder’s resolution
- Oversee a delegation of authority or the lower delegation to operate the bank’s business according to the Board’s resolution
- Organize the Board and its committees in a way that promotes efficiency and strategic discussion.
- Establish certain specialized committees to assist the Board in its oversight function and to advise the Board on issues requiring specific technical expertise.
- Periodically assess the effectiveness of its own governance practices, including nomination and election of Board members and management of conflicts of interest, determining where weaknesses exist, and making changes as necessary.
- Develop and maintain an appropriate level of expertise as the Bank grows in size and complexity.
- Select, monitor and where necessary replace key executives, while ensuring that the Bank has an appropriate plan for executive succession and that any intended successor(s) will be qualified, fit and proper to manage the affairs of the Bank.
- Select, evaluate and determine the compensation of the Chief Executive Officer as well as certain key senior executives.
- Ensure that Bank’s compensation and benefits programs are appropriate and consistent with the strategic objectives and are compliant with relevant regulations.
- Continuously review the internal structure of the Bank to ensure that there are clear lines of accountability for management throughout the organization.
Role and Responsibility of Sub-Committee
Scope and Responsibility of Audit Committee
- To review the Bank’s financial statements to ensure accuracy and adequacy.
- To review and ensure that the Bank has suitable and efficient internal control system and internal audit and reviewing to ascertain that internal audit function is independent. Hiring, transferring, removal of Head of Audit shall be concurred by Audit Committee before submission to Nomination Remuneration and Corporate Governance Committee (NRCC) for endorsement and Board of Directors for approval respectively.
- To evaluate the efficiency and effectiveness of the performance including KPI setting of Head of Audit.
- To evaluate the efficiency and effectiveness of the performance including KPI setting of Head of Compliance.
- To review and approve the Annual Audit Plan of Internal Audit.
- To review to ensure compliance with the laws and regulations imposed by the BoT, SEC, SET and other relevant regulators.
- To review and approve the Compliance Policy, Annual Compliance Plan and Annual Compliance Report prepared by the Bank’s Compliance unit
- To select, nominate and recommend remuneration of the Bank’s external auditor by taking into account credibility, adequacy of resources, experience and independence including recommend dismissal of the external auditor. The Audit Committee shall meet with the external auditor without the members of executive management being present as often as it determines but at least once a year.
- To approve audit-related and other services engagements with the Bank’s external auditor.
- To review connected transaction or transaction that may lead to conflict of interest to ensure transactions are conducted and disclosed in compliance with the law and regulation and that transactions are entered with reasonableness for the benefit to the Bank.
- To prepare audit committee report, signed by the chairman of the Audit Committee, and disclose it in an annual report of the Bank. The report should at least contain the following information;
(1) The Audit Committee’s opinion regarding the accuracy, completeness and integrity of the Bank’s financial statements.
(2) The Audit Committee’s opinion regarding adequacy of the Bank’s internal controls.
(3) The Audit Committee’s opinion regarding compliance with applicable laws and regulations.
(4) The Audit Committee’s opinion regarding suitability of the Bank’s external auditor.
(5) The Audit Committee’s opinion regarding transaction that may lead to conflict of interest.
(6) The number of the meeting held during the year and number of each member’s attendance.
(7) Overall opinion on the discharge of Audit Committee’s duties according to its charter.
(8) Other information, within the scope of the roles and responsibilities of Audit Committee, which is deemed to be necessary for shareholders and general investors.
- To commence investigation without delay upon being informed by external auditor of suspicious circumstance and report to SEC and external auditor the preliminary result within 30 days. The committee also is to report to the Board of Directors so that the Board can rectify the issues within the timeline specified by Audit Committee on the following findings or suspected transactions or actions:
(1) Conflict of interest;
(2) Fraud, possible fraud, or significant deficiency of internal control;
(3) Breaching of the applicable laws and regulations.
In case where the Board of Directors or executive management fail to rectify the issues within the specified timeline, Audit Committee shall report to BOT, SEC and SET, and ensure disclosure in the Bank’s annual report.
- To perform appropriate action upon being informed of suspicious circumstance by internal staff and/or external parties including whistleblowers.
- To review the appropriateness of corrective measures and actions taken by management in response to the reports or instructions from BOT, SEC and SET and any other relevant regulators.
- To review the accuracy and reliability of the financial statements of the Bank's subsidiaries, and to review compliance with the policies, processes and standards set by the Bank for its subsidiaries, including those related to internal controls and audit.
- To perform any other duties as delegated by the Board of Directors and agreed by the Audit Committee
- To perform other duties as required by law.
Scope and Responsibility of Board of Executive Directors
- To review business performance of the Bank in detail on behalf of the Board.
1.1 Review and recommend annual budget and business plan of TMBThanachart including capital planning.
1.2 Conduct tracking of financial result and performance by business segment of TMBThanachart.
1.3 Oversee performance of subsidiaries.
- Review and recommend or approve large capital expenditure in relation to plan and strategy according to delegation of authority.
- Review and recommend new business models that are strategic for the Bank including equity participation.
- Monitor progress of transformation that build capabilities of the Bank for the future.
- Monitor progress of the branding and corporate communications programs.
- Review the overall performance of the Chief Executive Committee and provide advice to management as appropriate on urgent or important issues and review the critical issues raised by the management and propose to the Board.
- Oversee the Bank’s digital transformation and IT investment plans to ensure sufficient investment in IT architecture, infrastructure and supporting systems to effectively support the digital transformation that covers digital business, security, and risk.
- Ensure appropriate governance on customer data management, data quality, and information security.
- Review control, implementation and monitor IT security and cybersecurity controls (threats and vulnerabilities) to ensure reliability, accessibility, security, and stability in accordance with policy and risk appetite, including regular disclosure of IT and cyber security reports to BoD
- Appoint any sub-committees to assist the BoED and oversee the clear role and responsibility of such sub-committees
- Undertake such additional tasks as are related to and considered by the BoED to be necessary to achievement of the foregoing responsibilities or as may be assigned to it by the Board.
Scope Responsibility of Nomination, Remuneration, Corporate Governance Committee
- Review and recommend to the Board policies, criteria and methods, including an appropriate skills matrix, for the recruitment selection and nomination of
(a) Members of the Board
(b) Members and chairpersons of each Board Committee
(c) Representatives of the Bank as directors, chairpersons and chief executives of companies which are subsidiaries or where the Bank is entitled to nominate one or more representatives as director
(d) Senior management
- Screen, shortlist and propose to the Board for nomination or appointment qualified candidates for the positions mentioned above.
- Recommend to the Board appropriate succession plans for senior management.
- Review and monitor the implementation and effectiveness of the policies, criteria, methods and plans referred to above and report thereon to the Board at least annually.
- Review the overall remuneration structures policies and practices of the Bank as well as oversee the public disclosure thereof, including those on benefits, performance evaluation, incentive awards and severance payments, to ensure they are consistent with the decisions of the Board and the Bank's culture, objectives, strategy and control environment, promote long term shareholder value, and take fair account of the roles, responsibilities, management of risk and performance of the individuals concerned, and of market benchmarks for fairness of all parties ; and make recommendation to management and the Board as appropriate.
- Recommend to the Board (subject to further approval by the shareholders where required) the amount of actual remuneration and benefits of members of the Board and of Board Committees.
- Approve (or in the case of the CEO of the Bank recommend to the Board for approval) the actual remuneration and benefits, including any incentive award or severance payment, of senior management.
- Review and where appropriate recommend to the Board changes to applicable policies, codes, rules and guidelines including those governance, sustainability and culture to ensure the highest standards of good corporate governance and ethics in line with best international practice, and supervise, monitor and report to the Board at least annually on the implementation and effectiveness thereof.
- Recommend to the Board the appropriate size and composition of the Board and Board Committees, and the mandates of each Board Committee.
- Recommend to the Board policies criteria and methods for the periodic evaluation of the performance of the Board and Board Committees, implement the same and report the results to the Board.
- Undertake such additional tasks as are related to and considered by the NRCC to be necessary to achievement of the foregoing responsibilities or as may be assigned to it by the Board
- Make such reports and disclosures on its work to the Board, regulators, shareholders and the public as are required by applicable regulations or deemed appropriate in the interests of good governance.
Roles and Responsibilities of Risk Oversight Committee
- To advice the Board on the framework and policies for risk governance and overall risk management, covering all major risks such as credit risk, market risk, liquidity and capital risk, operational risk (including compliance risk), strategic and reputational risks, IT risks, etc.
1.1 To advise the Board on appropriate risk related frameworks, policies, appetite, tolerance and strategy for the Bank and its business units including authority or the delegation of authority to approve credit.
1.2 To recommend the risk and concentration levels for approval by the Board, in alignment with the Board’s risk appetite.
1.3 To approve significant policies and framework that govern the management of risks, including risk governance matters, and which have been delegated to ROC by the Board.
1.4 To approve only Credit DOA under management level as delegated by the Board whereby not beyond Credit Approval Authority of Sub-Committees under Board Level and excluding Related Lending Customer.
1.5 To acknowledge material changes from review / revisions of Policies / Guidelines / DOA which approved by Sub-Committees under management level on quarterly basis.
1.6 Supervise capital and liquidity management strategy, in alignment with the Board’s risk appetite.
1.7 Ensure and regularly review appropriate Technology, Information and cyber risk governance, policy, and appetite that meet international standards
1.8 Regularly monitor Technology, Information and cyber risk against appetite as a part of overall risk oversight
- To formulate strategies that are consistent with the risk management policy and which can assess, monitor, and ensure that the financial institution’s risks are at appropriate levels.
2.1 To approve the supplemental risk limits as defined in the relevant policies and frameworks.
2.2 To review the adequacy of the Bank’s risk management policy and systems, and the effectiveness of policy and systems implementation in terms of identifying, measuring, aggregating, controlling and reporting these risks by top management.
2.3 To review and monitor all risks and risk management practices, including internal control and compliance processes and systems.
- To approve the appointment, review of committee structure and composition, and roles and duties of the management – level risk management committees.
- To report the risk management performance and all risk management matters and measures to the Board, and to consult and exchange views with the Audit Committee in order to assess if the risk management policies and strategies cover all existing and new types of risk facing the financial institution and if the implementation of such policies and strategies are effective and efficient.
- To advise on the development and maintenance of a supportive culture, in relation to the management of risk, appropriately embedded through procedures, training and leadership actions so that all employees are alert to the wider impact of their actions on the Bank and its business units.
- To advise on the alignment of compensation structures in relation to the management of risk and to the risk culture, taking into account the Board’s risk appetite.
- Appointment, transfer, removal of CRO and performance appraisal of CRO’s performance shall be concurred by Risk Oversight Committee and acknowledge CRO’s KPIs.
- To perform other duties as delegated by the Board of Directors or regulatory requirements.
Scope and Responsibility of Credit Committee
- To approve the following:
1.2 credit restructuring,
1.3 NPL Write-off, and NPL Sales
1.4 NPA Acquisition, NPA Sales and NPA Write-off which exceed the Management’s approval authority, and are NOT related parties or group limits NOT exceeding the Single Lending Limit (SLL).
- To review specific credits proposals for related parties or in which group limits exceed the SLL prior to submission to the BOD for approval
- To approve specific credits proposals in which exceeding SEL borrower but still within Group SEL as defined in Corporate Lending DOA and SEL Guideline, and to endorse any exceeding of Group SEL for BoD’s approval.
- To review the credit decisions of the most senior executive credit committees (CUC/CRC1).
- To approve credit and related risks for transactional investments or underwriting commitments which exceed the Management’s approval authority.
- To perform other duties as delegated by the Board of Directors or regulatory requirements.
Scope and Responsibility of IT Oversight Committee
- Oversight IT Strategy, IT Management and IT Operations by
- Review IT strategy at least annually to ensure:
- The alignment of IT strategy and Bank’s strategic direction
- IT infrastructure is flexible, reliable, and scalable to support the business changes including new technology adoptions
- The readiness or maturity level of Information Technology including capabilities to manage and mitigate IT and cybersecurity risks
- Monitor the progress of strategic and high-risk IT-related projects
- Review IT strategy at least annually to ensure:
- Oversight IT Risk Management of both normal and crisis situation by
- Review IT Risk Management Policy at least annually
- Oversight operating model and organization structure according to three lines of defense principle
- Monitor risk levels, effectiveness of IT risk management and significant factors/ issues as well as rectification actions
- Oversight IT investment and expenditures budget to ensure the alignment with Bank’s strategy
- Oversight development programs for staffs to have sufficient knowledge on Information Technology and IT Risk awareness
- Perform other duties as regulatory requirements