Corporate Governance, A Solid Anchor
Sound and effective corporate governance enables Metrobank to build a culture of integrity and sustain its business amidst the rapidly evolving business environment.
To meet financial and operational challenges of the times, business leaders must be agile in promptly addressing the needs of their people, customers, and stakeholders.
Integrity, accountability, fairness, and transparency are the four pillars upon which the Bank’s governance policies rest. The corporate governance framework defines the roles and responsibilities, as well as the practices and procedures, to ensure that the organization is governed with the highest standards of good governance. These principles and values continue to be observed in all its operations and dealings, even during these challenging and unprecedented times.
The Board is comprised of a diverse group of proficient people who combine insight and good judgment in implementing good governance. To ensure diversity, it keeps a balanced representation in terms of expertise, policy-making experience, ethnicity and independence. Members possess integrity, probity, physical and mental fitness, competence, education, financial literacy, training, diligence, knowledge and experience relevant to the banking industry.
The Bank maintains a board of 12 directors, 10 of which are non-executive directors and of which five are independent, including one female independent director. They are elected annually and may be nominated by any stockholder in accordance with the Bank’s By-Laws.
The Nominations Committee screens and recommends candidates to the Board and Senior Management, assesses nominee and candidate qualifications and with due consideration to the relevant regulations of the Bangko Sentral ng Pilipinas (BSP) and the Securities and Exchange Commission (SEC), ensure that candidates have all the qualifications and none of the disqualifications.
When identifying or screening potential candidates, the Committee may use whatever resources it deems appropriate, including, but not limited to, referrals from existing directors and officers, recommendations, and suggestions from stockholders. To the extent possible, it also makes use of external databases or external search firms. Only nominees whose names appear in the Final List of Candidates shall be eligible for election as director.
There are 10 board-level committees assisting the Board in carrying out its responsibilities that include, among others, the Anti-Money Laundering, Audit, Corporate Governance and Compensation, Nominations, Related Party Transactions, Risk Oversight and Trust Committees chaired by independent directors. Their respective charters are fully disclosed in the Bank’s CGM and posted in the Bank’s website.
Code of Conduct and Ethics for Bank Directors
The Code of Conduct and Ethics for Bank Directors articulates the standards of conduct for ensuring the proper discharge of duties and responsibilities befitting their position. It imposes guidelines of the organization and regulators reminding directors not to use their position to make profit, acquire a benefit or prioritize self-interest, and avoid situations that may compromise their impartiality. The Code is incorporated in the Bank’s CGM and posted in its intranet and the company’s website.
Code of Conduct for Employees
The Code of Conduct for Employees guides the performance of duties and responsibilities of employees, taking into account:
- The avoidance of conflict of interest between the Bank’s business and personal activities;
- The preservation of confidential information; and
- The prohibition of accepting any form of gift or gratuity from any person which may influence the employee’s judgment or action in performing their responsibilities.
The Code of Conduct is disseminated to all employees. Both internal and external stakeholders can access the Bank’s Code of Conduct for Employees posted on the Bank’s intranet and on the Corporate Governance section of its website.
Compliance Risk Management System
The Bank has a Compliance Risk Management System (CRMS) designed to identify and mitigate risks that may erode the Bank’s franchise value. It implements an enterprise-wide Compliance Policy Manual to formalize and document its CRMS. It provides reasonable assurance that Bank directors, officers and employees comply with all banking and corporate laws, regulations, rules, and standards as well as create a culture of compliance that contribute to the maintenance of a sound and stable bank.
The Compliance Division works closely with business and support units to identify, assess, monitor and manage possible regulatory compliance risks, which may impact operations and franchise value and ensures that these are proactively identified and measured.
The Compliance Officer (CO) as head of the Compliance Division, oversees the identification and management of compliance risks, oversees the compliance officers of financial subsidiaries and affiliates and reports to the Board of Directors via the Corporate Governance and Compensation Committee.
The Bank’s dividends are declared and paid out of unrestricted retained earnings as the Board may determine and in accordance with the provisions of the law and the regulations of the BSP and the SEC. Cash dividends are subject to approval by at least a majority of the Board while stock dividends require prior clearance from the BSP, SEC and the PSE.
In February 2022, the Board approved a new dividend policy making the annual “regular” cash dividend equal to Php1.60 per common share equivalent to 8% of par value, paid in two equal semi-annual tranches in March and in September. A special cash dividend of Php1.40 per common share was also declared for a total Php3.00 per common share for the current year.
Cash dividend payments may be restricted when the bank undertakes major projects and developments requiring substantial cash expenditures, in which case the Board may modify the dividend payout ratio. Nevertheless, the Board may also approve special cash dividends on top of regular cash dividends from time to time, as conditions allow.
Customer Protection Policy
Customer protection is a collective and shared responsibility of everyone at the Bank, from the Board, to Management, and to all employees. The Bank has instituted a Customer Protection Policy Manual, which serves as foundation in the Bank’s adherence to customer protection standards of conduct, in handling complaints across all segments and in redefining the turnaround time in resolving incidents to meet clients’ expectations.
In compliance with BSP Circular No. 949, the Bank also has a Social Media Risk Management Policy providing guidance to covered individuals in the business and legal risks associated with the use of social media. The rules require respect of coworkers and customers’ privacy, protect confidentiality and security, safeguard and proper use of the Bank’s information and assets.
Managing Risks in a Digital World
Building a strong bank takes exceptional commitment in managing risks. Metrobank has been in the banking business for the past 59 years, and the success of its enterprise reflects how it only takes on risks that it understands, can manage, mitigate, or accept. It conducts its business based on a risk management framework suited to its scope and complexity, consistent with international standards.
Risk Management Principles
Balancing risk and reward translates to the following risk management principles:
- The Bank manages risks that correspond to its goals and objectives as an ongoing business.
- The Bank’s risk management practices must continue to be relevant and practicable, but always aligned with standards set by its regulators.
- The Bank must ensure that it has the right governance structure to mitigate risks and avoid losses while maximizing gains that may accrue from business opportunities.
- Risk management is everyone’s concern–from the Board who sets the overall tone, to the officers and staff who execute the Bank’s risk management strategy.
Risk Management Process
Metrobank’s robust risk management process entails the determination of its strategic goals, material risks, and appetite for such risks. By identifying, measuring, managing, and monitoring risks, financial resources are properly allocated, and capital adequacy is continuously assured.
The Board of Directors, through the Risk Oversight Committee (ROC), composed primarily of independent members of the Board, plays an active role in setting the Bank’s risk culture and overseeing the risk infrastructure, operating policies, and exposures to ensure a good balance between risk appetite and prudence.
The Risk Management Group (RSK) supports and reports directly to the ROC. RSK is an independent unit of the Bank that identifies, analyzes, measures, and monitors identified material risks in close coordination with other business units. It exercises oversight on the risk management units of various subsidiaries and affiliates. It convenes the Risk Management Coordinating Council quarterly to ensure compliance with relevant regulations, and implements a consistent risk management framework across the Metrobank Group.
The Bank’s Anti-Money Laundering (AML) compliance program is designed to identify and mitigate business and regulatory risks. It is based on established risk management practices, and conforms to applicable rules and regulations on the prevention of money laundering, terrorist financing, and proliferation financing.
The sound risk management practices of the Bank are well established to ensure adequate and active Board and senior management oversight, acceptable policies and procedures embodied in a money laundering and terrorist financing prevention compliance program, appropriate monitoring, and management information systems, as well as comprehensive internal controls and audits. These practices, together with effective communication and training, and risk-based compliance testing, promote a robust, dynamically responsive, and appropriate compliance system along with a culture of compliance towards a sound and stable financial franchise.
The mission of internal audit is to enhance and protect organizational value by providing risk-based and objective assurance, advice and insight.
To carry out this mission, the Internal Audit Group (IAG) was established by the Board of Directors. Its responsibilities are defined by the Audit Committee as part of its oversight function. With the constant support of the Management and the Audit Committee, the Internal Audit function continues to conform to the principles required by the International Standards for the Professional Practice of Internal Auditing (Standards) and the Code of Ethics.
The Internal Audit function primarily confirms the level of compliance with internal and regulatory requirements, recognizes and reports control gaps and weaknesses, identifies opportunities and areas for enhancement, provides constructive recommendations or corrective actions as applicable, and tracks resolution of audit observations. IAG’s recommendations are geared towards strengthening internal controls, promoting effective compliance to negate exposure to unnecessary risks, and improving operational efficiencies.
In 2021, with the continuing challenges in the business operations and work environment, and as new and emerging risks were identified in light of the ongoing pandemic, IAG implemented its planned changes and reforms in its risk assessment methodology and prioritization strategies. This is to ensure that areas of greater risk are adequately assessed and dealt with high importance. It also takes into consideration recent developments on governance structures and changes in risk profiles.
Audit Committee Report to the Board of Directors
The Audit Committee has continued its work and assisted the Board of Directors in fulfilling its statutory and fiduciary responsibilities, as well as in protecting the value and interests of shareholders, through close coordination with the Management in the midst of the ongoing pandemic to ensure that processes and operations are kept at optimum level. It has effectively performed its duties and responsibilities throughout the year, as defined in the Board-approved Committee Charter.
The Audit Committee is composed of four qualified non-executive members duly appointed by the Board of Directors, with three of its four members as independent directors including the Chairperson. All Committee members are with relevant background and experiences, possess appropriate knowledge and skills necessary in carrying out their functions. The directors also hold membership positions in other Board-level Committees of the Bank, through which they are apprised of developments in other areas and are able to provide advices on risk taking and management activities.
In 2021, the Audit Committee held 12 regular meetings conducted virtually. Each regular committee meeting was attended by the Chief Audit Executive to report on the progress of plans, implementation of enhanced audit strategies/approaches, and significant issues arising from audit reviews. The Chief Risk Officer, Controller, and key Management Officers, and External Auditor attended relevant sessions and provided pertinent information.
The Audit Committee regularly reported results of its activities to the Board of Directors. It met with all other independent and non-executive Board members, together with the External Auditor, Heads of Internal Audit, Risk Management and Compliance Functions on a special meeting without the presence of any Senior Executives, and discussed the identified critical and emerging risk areas along with the Management solutions to address these risks and the IA strategies to evaluate the controls and also assess the effectiveness of oversight functions to monitor exposures driven by the changing business landscape.
The Committee completely performed its regular work program in 2021 despite the continuing challenges and limitations brought by the pandemic, and had the following key achievements:
1. Financial Reporting and Disclosure: Reviewed and discussed with Management and External Auditor the results of audit of the financial statements and related disclosures for the year ended December 31, 2021, and reported the same to the Board of Directors for approval. In carrying out the review, the Committee ensured that the financial reporting process and disclosure requirements are in compliance with applicable accounting standards and regulations.
2. Risk Management and Internal Controls: Performed a robust assessment of the Bank’s risk profile, and evaluated the adequacy and effectiveness of the Bank’s internal control policies and procedures, systems and processes through the audit assessment results derived from the focused testing on high priority business functions and areas particularly controls on fraud prevention, anti-money laundering, cybersecurity/data privacy, business continuity, among others. The Audit Committee continued the proactive engagement and involvement of Management in ensuring timely resolution of audit observations and implementation of control recommendations, effectively conveying the culture of risk ownership within the organization.
3. Regulatory Compliance: Monitored compliance of the Bank with new and existing laws and regulations promulgated by the Bangko Sentral ng Pilipinas and other regulatory government agencies.
The Audit Committee has performed the required annual review of its Charter to ensure that it is updated, aligned with peers, and compliant with regulatory changes and recommended best practice. The Committee also conducted an annual self-assessment to evaluate their performances against the requirements of the Charter.
4. Management and Internal Audit: Confirmed the effectiveness of the internal audit function, including audit services and activities provided to Bank’s subsidiaries and associates. Among the oversight activities performed by the Committee for the internal audit function are the following: (i) reviewed and approved the revised risk assessment framework and the annual audit plan including subsequent revisions and necessary adjustments throughout the year, ensured adequacy of scope and activities, and monitored accomplishments and plan completion to provide basis for the overall audit conclusion; (ii) reviewed the Internal Audit Charter and noted the revisions in the Internal Audit Manual, and supervised its implementation; (iii) reviewed the audit reports received on a regular basis to assess the overall condition of the Bank and its covered subsidiaries’ internal control system; (iv) discussed significant matters with Senior Management, as necessary, and evaluated timeliness of resolution of control weaknesses and compliance issues; (v) recommended enhancements and confirmed transformational initiatives in the audit processes for continuous improvement; and, (vi) evaluated the performance of the Chief Audit Executive.
The Committee ensured that the internal audit function has maintained its independence throughout the year, has adequate and competent resources, and has appropriate authority to effectively discharge its duties and achieve its goals and objectives. The Audit Committee extended full support and provided guidance to the Internal Audit Group as it implemented certain changes and reforms in its risk assessment and prioritization strategies to be more focused on critical and heightened risk areas, and to consider recent developments on governance structures and changes in risk profiles. These measures, among other transformation activities and initiatives, resulted to optimized use of resources whilst ensuring maintained level of audit execution effectiveness and quality of service outcomes.
5. External Audit: Exercised effective oversight of external audit function as the Committee assessed and approved the reappointment of SyCip Gorres Velayo & Co. (SGV), as the Bank’s external auditor for 2021; ensured the external auditor's objectivity, independence and compliance with ethical and professional standards; discussed and agreed to the terms of audit engagement, coverage and audit fees; reviewed and approved all non-audit services and expenses and related fees (i.e., validation of votes cast at the annual stockholders’ meeting and issuance of comfort letter) to ensure no conflict to independence; reviewed the external audit engagement plan, approach and scope of work; reviewed the results of audit and recommendations in the External Auditor’s Management Letter and action plans of the Management on reported observations, including monitoring of disposition and status of corrective actions.
Based on the Committee’s accomplishments, representation from the Bank Management, External Auditor’s unqualified opinion on financial statements, and Chief Audit Executive’s overall satisfactory assessment on the adequacy and effectiveness of Bank’s internal controls, risk management, and governance processes, the Audit Committee concludes that the business risks and emerging threats are effectively mitigated in accordance with the Bank’s policies and relevant regulations.
Chairman, Audit Committee
Francisco Del Rosario
Chairman, Audit Committee
Francisco Del Rosario