CODE OF CORPORATE GOVERNANCE FOR BANKS AND DISCOUNT HOUSES IN NIGERIA MAY 2014 TABLE OF CONTENTS SECTION DESCRIPTION 1.0 Introduction 2.0 Board and Management 2.1 Responsibilities of the Board 2.2 Size and Composition 2.3 Separation of Powers 2.4 Appointment and Tenure 2.5 Board Committees 2.6 Board Meetings 2.7 Remuneration 2.8 Board Appraisal 3.0 Shareholders 3.1 Rights and Functions of Shareholders 3.2 Equity Ownership 3.3 Protection of Shareholder Rights 3.4 Meetings 3.5 Shareholder Associations 4.0 Rights of other Stakeholders 5.0 Disclosures in the Annual Report 5.2 Transparency and Integrity in Reporting 5.3 Whistle Blowing 6.0 Risk Management 7.0 Ethics & Professionalism and Conflict of Interest 7.1 Ethics & Professionalism 7.2 Conflict of Interest 8.0 Sanctions 9.0 Effective Date 2 1.0 INTRODUCTION The term corporate governance refers to the rules, processes, or laws by which institutions are operated, regulated and governed. It is developed with the primary purpose of promoting a transparent and efficient banking system that will engender the rule of law and encourage division of responsibilities in a professional and objective manner. Effective corporate governance practices provides a structure that works for the benefit of stakeholders by ensuring that the enterprise adheres to accepted ethical standards and best practices as well as formal laws. A country’s economy depends on the safety and soundness of its financial institutions. Thus the effectiveness with which the Boards of financial institutions discharge their responsibilities determines the country’s competitive position. They must be free to drive their institutions forward, but exercise that freedom within a framework of transparency and effective accountability. This is the essence of any system of good corporate governance. Corporate governance has received increased attention because of high-profile scandals involving abuse of corporate power and, in some cases, alleged criminal activity by corporate officers. Following the conclusion of the consolidation programme in 2005, a Code of Corporate Governance for Banks in Nigeria was issued to the banking industry. The Code which became effective in April 2006 was designed to enhance corporate governance practices within the banking industry in view of the fact that governance mechanisms in banks was notably weak and Board members of financial institutions were unaware of their statutory and fiduciary responsibilities, and merely endorsed all proposals of executive 3 management regardless of their implications to the financial condition and going concern status of such institutions. However, during the implementation of the code, it was observed that certain provisions could not be implemented by banks in view of their ambiguity and/ or conflict with the provisions of the Companies and Allied Matters Act (CAMA) 1990. Furthermore, in 2009, a joint CBN/NDIC examination that led to the removal of 5 CEOs of banks in the country revealed, amongst others, poor corporate governance practices in the institutions. There was also the need to up-date the code in order to align it with contemporary developments and international best practices, hence the need for the current review. Therefore, the revised Code provides clear guidelines on all aspects of governance and is expected to enhance Corporate Governance practices for banks in Nigeria. The provisions of this Code represent the minimum standard which banks shall comply. Banks are however encouraged to aspire to higher standards. 1.2 COMPLIANCE 1.2.1 This code shall apply to banks and discount houses. 1.2.2 External auditors of banks shall report annually to the CBN, the extent of the bank’s compliance with the provisions of this Code. The external auditor must have adequate experience/knowledge and competence to assess the governance systems in banks and discount houses. 4 2.0 BOARD AND MANAGEMENT 2.1 Responsibilities of the Board and Management 2.1.1 The Board is accountable and responsible for the performance and affairs of the bank. Specifically, and in line with the provisions in the Companies and Allied Matters Act (CAMA) 1990, Directors owe the bank the duty of care and loyalty and to act in the interest of the bank’s employees and other stakeholders. 2.1.2 The Board shall define the bank’s strategic goals, approve its long and short-term business strategies and monitor their implementation by management. 2.1.3 The Board shall determine the skills, knowledge and experience that members require and work effectively as a team to achieve the bank’s objectives. 2.1.4 The Board shall ensure that its human, material and financial resources are effectively deployed towards the attainment of set goals of the bank. 2.1.5 The Board shall appoint the CEO as well as top management staff and establish a framework for the delegation of authority in the bank, which must comply with the provisions of the CBN’s Circular on Harmonization of Job Roles in the Banking Industry. 2.1.6 The Board shall ensure that a succession plan is in place for the CEO, other executive Directors and top management staff. 2.1.7 The Board shall set limits of authority, specifying the threshold for large transactions which it must approve before they take place. There shall be no exception for such large transactions. 5 2.1.8 Members of the Board are severally and jointly liable for the activities of the bank. 2.1.9 The Board shall ensure strict adherence to the Code of Conduct for bank Directors. 2.2 Size and Composition 2.2.1 The size of the Board of any bank or discount house shall be limited to a minimum of five (5) and a maximum of twenty (20). 2.2.2 Members of the Board shall be qualified persons of proven integrity and shall be knowledgeable in business and financial matters, in accordance with the extant CBN Guidelines on Fit and Proper Persons Regime. 2.2.3 The Board shall consist of Executive and Non-Executive Directors. The number of Non-Executive Directors shall be more than that of Executive Directors. 2.2.4 The Board of banks shall have at least two (2) Non-Executive Directors as Independent Directors while that of discount houses shall have at least one (1) as defined in the CBN guidelines on the Appointment of Independent Directors 2.3 Separation of Powers 2.3.1 The positions of the Board Chairman and the Managing Director/Chief Executive Officer (MD/CEO) shall be separate. No one person shall combine the two positions in any bank at the same time. For the avoidance of doubt, no executive Vice Chairman shall be recognized in the Board structure. 6 2.3.2 Where the bank is a member of a holding company, not more than two extended family members shall be allowed to serve on the Boards of the bank and the holding company. 2.3.3 No two members of the same extended family shall occupy the positions of Chairman and MD/CEO or Executive Director of the bank and Chairman or MD/CEO of a bank’s subsidiary at the same time. 2.4 Appointment and Tenure 2.4.1 Procedure for appointment to the Board shall be formal, transparent and documented. 2.4.2 Existing CBN guidelines on appointment to the Board of financial institutions shall continue to be applied. 2.4.3 To ensure continuity and injection of fresh ideas, Non-Executive Directors of banks shall serve for a maximum of three (3) terms of four (4) years each. 2.4.4 Track record of appointees shall be an additional eligibility requirement. Such records shall cover both integrity and past performance, in accordance with the extant CBN Guidelines on Fit and Proper Persons Regime. 2.4.5 The tenure of the CEO of a bank shall be in accordance with the terms of engagement with the bank but subject to a maximum period of ten (10) years. Such tenure may be broken down into periods not exceeding five (5) years at a time. Such a CEO shall not be eligible for appointment in that capacity in the bank or its subsidiaries. 7 2.4.6 No Director, either Executive or Non-Executive, shall be allowed to serve on the Boards of a bank and a holding company within a Group at the same time. 2.4.7 To enhance the effectiveness of Directors, the bank shall allow Directors access to corporate information under conditions of confidentiality; provide training and continuing education arrangements and facilitate access to independent professional advice. 2.5 Board Committees 2.5.1 The Board shall establish at a minimum the following Committees: i) A Committee responsible for the oversight of Risk Management and Audit functions. These functions may be carried out by one committee, particularly in small institutions. This is without prejudice to the requirements of CAMA on the Statutory Audit Committee which is not a board committee. The Chief Risk Officer and Chief Internal Auditor must report directly to Risk Management and Board Audit Committees respectively. ii) Board Governance and Nominations Committee 2.5.2 All Board Committees must have a charter which must be submitted to the CBN for approval. 2.5.3 The Chairman of the Board shall not be a member/chairman of any Board Committee. 8 2.5.4 Board Committees shall be headed by Non-Executive Directors. 2.5.5 The Board Audit Committee (BAC) shall have unlimited access to the financial records of the bank including external auditors’ reports. 2.6 Board Meetings 2.6.1 To effectively perform its oversight function and monitor management’s performance, the Board shall meet at least once a quarter. 2.6.2 Every Director is required to attend all meetings of the Board and Board Committees. In order to qualify for re-election, a Director must have attended at least two-thirds of all Board and Board Committee meetings. 2.6.3 The Board shall disclose, in the Corporate Governance Section of the Annual Report, the total number of Board meetings held in the financial year and attendance by each Director. 2.7 Remuneration 2.7.1 Banks shall align executive and Board remuneration with the long term interests of the bank and its shareholders. 2.7.2 Levels of remuneration shall be sufficient to attract, retain and motivate executive officers of the bank and this shall be balanced against the bank’s interest in not paying excessive remuneration. 2.7.3 Where remuneration is linked to performance, it shall be designed in such a way as to prevent excessive risk taking. 9 2.7.4 Every bank shall have a remuneration policy put in place by the Board of Directors, which shall be disclosed to the shareholders in the annual report. 2.7.5 A Committee of Non-Executive Directors shall determine the remuneration of executive Directors. 2.7.6 Executive Directors shall not receive sitting allowances and Directors’ fees. 2.7.7 Non-Executive Directors’ (Non-EDs) remuneration shall be limited to Directors’ fees, sitting allowances for Board and Board Committee meetings and reimbursable travel and hotel expenses. Non-EDs shall not receive benefits, salaries, etc, whether in cash or in kind, other than those mentioned above. 2.7.8 Where stock options are adopted as part of executive remuneration or compensation, the Board shall ensure that they are not priced at a discount except with the authorization of the relevant regulatory agencies. 2.7.9 Share options shall be tied to performance and subject to the approval of the shareholders at AGMs. 2.7.10 Share options shall not be exercisable until one year after the expiration of the tenure of the Director. 2.7.11 Banks shall disclose in their annual reports, details of the shares held by Directors and their related parties. 2.7.12 Where there is a Remuneration Committee in addition to the three Committees prescribed in Section 2.5.1, the membership shall comprise Non- EDs only while the Board Governance and Nomination Committee shall have a combination of Executive 10 and Non-EDs. However, where both Committees are combined, its membership shall be drawn only from Non-EDs. 2.8 Board Appraisal 2.8.1 There shall be annual Board and Directors’ review/appraisal covering all aspects of the Boards’ structure, composition, responsibilities, processes and relationships, as may be prescribed by the CBN. 2.8.2 Each Board should identify and adopt, in the light of the company’s future strategy, its critical success factors or key strategic objectives. 2.8.3 The annual Board appraisal shall be conducted by an independent consultant. The report shall be presented to shareholders at the AGM and a copy forwarded to the CBN. 11 3.0 SHAREHOLDERS 3.1 Rights and Functions of Shareholders 3.1.1 Shareholders shall have the right to obtain relevant and material information from the bank on a timely and regular basis. 3.1.2 Shareholders shall have the right to participate actively and vote in general meetings. 3.1.3 In addition to the traditional means of communication, banks shall have a website and are encouraged to communicate with shareholders via the website. Such information shall include major developments in the bank, risk management practices, executive compensation, local and offshore branch expansion, establishment of investment in subsidiaries and associates, Board and top management appointments, sustainability initiatives and practices, etc. 3.2 Equity Ownership 3.2.1 An equity holding of 5% and above by any investor shall be subject to CBN’s prior approval. Where such shares are acquired through the capital market, the bank shall apply for a no objection letter from the CBN immediately after the acquisition. 3.2.2 In order to discourage government(s) from having majority shareholding in banks, government(s) direct and indirect equity holding in any bank shall be limited to 10%. 3.3 Protection of Shareholders’ Rights 3.3.1 Every shareholder shall be treated fairly. 12 3.3.2 The Board shall ensure that minority shareholders are adequately protected from overbearing influence of controlling shareholders. 3.3.3 The Board shall ensure that the bank promptly provides to shareholders documentary evidence of ownership interest in the bank such as share certificates, dividend warrants and related instruments. Where these are rendered electronically, the Board shall ensure that they are sent in a secure manner. 3.4 Meetings 3.4.1 Notice of general meetings shall be as prescribed by the Companies and Allied Matters Act (CAMA) 1990. 3.4.2 The Board shall ensure that the venue of a general meeting shall be convenient and easily accessible to the majority of shareholders. 3.4.3 The Board shall ensure that unrelated issues for consideration are not lumped together at general meetings. Statutory business shall be clearly and separately set out. Separate resolutions shall be proposed and voted on each substantial issue. 3.4.4 The Board shall ensure that decisions reached at general meetings are properly and fully implemented. 3.5 Shareholders’ Associations 3.5.1 The Board shall ensure that dealings of the bank with shareholders’ associations are in strict adherence with the Code for Shareholders’ Associations published by the Securities and Exchange Commission. Where a bank is not 13 listed, its dealings with the Association shall be transparent and in line with the relevant governance codes. 14 4.0 RIGHTS OF OTHER STAKEHOLDERS 4.1.1 Stakeholders shall be able to freely communicate their concerns about illegal or unethical practices to the Board. Where such concerns border on the activities of the Board, such individuals shall have recourse to CBN in accordance with Section 3.4 of the provisions of the Whistle Blowing Guidelines. 4.1.2 Where stakeholder interests are protected by law, stakeholders shall have the opportunity to obtain effective redress for violation of their rights. 4.1.3 Banks shall demonstrate good sense of corporate social responsibility to their stakeholders such as customers, employees, host communities, and the general public. 15 5.0 DISCLOSURE AND TRANSPARENCY 5.1.1 In order to foster good corporate governance, banks are encouraged to make robust disclosures beyond the statutory requirements in BOFIA 1991 as amended, CAMA 1990 and other applicable laws. 5.1.2 Disclosure in the annual report shall include, but not limited to, material information on: (a) Major items that have been estimated in accordance with applicable accounting and auditing standards. (b) Rationale for all material estimates; (c) Details on Directors: i. The bank’s remuneration policy for members of the Board and executives; ii. Total Non-EDs' remuneration, including fees, allowances, etc; iii. Total Executive compensation, including bonuses paid/payable; iv. Details and reasons for share buy-backs, if any, during the period under review; v. Board of Directors’ performance evaluation; and vi. Details of Directors, shareholders and their related parties who own 5% and above of the banks’ shares as well as other shareholders who, in concert with others, control the bank. (d) Corporate governance: i. governance structure; 16 ii. composition of Board Committees including names of chairmen and members of each Committee (e) Risk Assets: i. Concentration of assets, liabilities and off-balance sheet engagements by sector, geography, and product. ii. Loan quality. iii. Lending/borrowing to/from subsidiaries and associates. iv. Loans and advances/funding or commitment lines from institutions outside Nigeria. v. Related party transactions. vi. Insider-related credits in accordance with the extant CBN circular. (f) Risk management: i. All significant risks. ii. Risk management practices indicating the Board’s responsibility for the entire process of risk management as well as a summary of external auditors’ observed lapses thereon. (g) Information on strategic modification to the core business. (h) All regulatory/supervisory contraventions during the year under review and infractions uncovered through whistle blowing, including actions taken thereon. (i) Regulatory Sanctions and Penalties (j) Capital Structure/Adequacy. 17 (k) Any service contracts and other contractual relationships with related parties. (l) Frauds and Forgeries. (m) Contingency Planning Framework. (n) Any matter not specifically mentioned in this code but which is capable of affecting in a significant form, the financial condition of the bank or its status as a going concern. 5.2 Transparency and Integrity in Reporting 5.2.1 Banks shall have a structure to independently verify and safeguard the integrity of their financial reporting, which shall: i. entail the review and consideration of the financial statements by the BAC; and ii. enhance the independence and competence of the bank’s external auditors. 5.2.2 The BAC shall be structured in such a way that it: i. consists only of Non-Executive Directors; ii. is chaired by an independent Director; iii. has at least three members. 5.2.3 The BAC shall be of sufficient size, independence and technical expertise to discharge its mandate effectively. 5.2.4 The BAC shall include members who are financially literate (that is, be able to read and understand financial statements). At least one of the members shall have relevant qualifications 18 and experience (that is, shall be a qualified accountant or other finance professional with experience in financial and accounting matters). 5.2.5 The BAC shall review the integrity of the bank’s financial reporting and oversee the independence of the external auditors. 5.2.6 The BAC shall meet at least once every quarter. 5.2.7 The appointment and removal of the Chief Compliance Officer/ Head of Internal Audit shall be the responsibility of the Board subject to CBN’s ratification. The CBN must be notified of any change and reasons thereof, within fourteen (14) days of such change. 5.2.8 The qualification and experience of the Chief Compliance Officer/ Head of Internal Audit shall be in accordance with the provisions of the CBN’s Competency Framework for the Banking Industry. Chief Compliance Officers (CCO) shall, in addition to monitoring compliance with Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT) requirements, monitor the implementation of the corporate governance code. 5.2.9 Appointment of external auditors shall be approved by the CBN. 5.2.10 External auditors shall render reports to the CBN on banks’ risk management practices, internal controls and level of compliance with regulatory directives. 19 i. The external auditor shall review the work of the internal auditor on each of the bank’s key risk elements to cover risk identification, measurement, monitoring and control. The key risk elements as specified in the Risk Based Supervision framework are strategic, operational, liquidity, legal, market and credit risks. ii. The external auditor shall review compliance with policies and internal control procedures put in place by the Board to manage and mitigate the institution’s risks. iii. The external auditors shall report on the level of each key risk element as well as the composite risk profile of the bank and make recommendations to the Board to enhance the effectiveness of risk management processes in the bank. iv. Copies of their report shall be forwarded to the CBN together with the external auditor’s management letter on the bank’s audited financial statements 5.2.11 External auditors of banks shall not provide client services that shall amount to conflict of interest including the following: i. Bookkeeping or other services related to the accounting records or financial statements of the audit client; ii. Appraisal or valuation services, fairness opinion or contribution-in-kind reports; iii. Actuarial services; iv. Internal audit outsourcing services; 20 v. Management or human resource functions including broker or dealer, investment banking services and legal or expert services. 5.2.12 The tenure of auditors in a given bank shall be for a maximum period of ten (10) cumulative years after which the audit firm shall not be reappointed in the bank until after a period of another ten (10) consecutive years. 5.2.13 An audit firm shall not provide audit services to a bank if one of the bank’s top officials (Directors, Chief Finance Officer, Chief Audit Officer, etc) was employed by the firm and worked on the bank’s audit during the immediate past two (2) years. 5.3 Whistle – Blowing 5.3.1 Banks shall have a whistle-blowing policy made known to employees and other stakeholders. 5.3.2 The policy shall contain mechanisms, including assurance of confidentiality, that encourage all stakeholders to report any unethical activity to the bank and/or the CBN. 21 6.0 RISK MANAGEMENT 6.1.1 Every bank shall have a risk management framework specifying the governance architecture, policies, procedures and processes for the identification, measurement, monitoring and control of the risks inherent in its operations. 6.1.2 The Board is responsible for the bank’s policies on risk oversight and management and shall satisfy itself that management has developed and implemented a sound system of risk management and internal control. 6.1.3 Risk management policies shall reflect the bank’s risk profile and appetite and clearly describe all elements of the risk management as well as its internal control system. 6.1.4 Banks shall disclose a summary of its risk management policies. 6.1.5 A bank’s risk management policies shall clearly describe the roles and responsibilities of the Board, BRMC, management and internal audit function. 6.1.6 As part of its oversight for the risk management and internal control system, the Board shall review the effectiveness of the implementation of that system at least annually. Ultimate responsibility for risk oversight and risk management rests with the full Board. 6.1.7 It is the responsibility of the Board to prepare the bank’s risk management framework as well as oversight responsibility for its implementation. However, the management has the responsibility for the effective implementation of the framework. 22 6.1.8 The composition of the BRMC shall include at least 2 non-EDs and the executive Director in charge of risk management but chaired by a non-ED. 6.1.9 External auditors shall render annually, reports on the bank’s risk management practices to the CBN. 23 7.0 ETHICS & PROFESSIONALISM AND CONFLICT OF INTEREST 7.1 Ethics & Professionalism 7.1.1 To make ethical and responsible decisions, banks shall comply with their legal obligations and have regard to the reasonable expectations of their stakeholders. 7.1.2 Banks shall establish a code of conduct and disclose in the code or a summary of the code such information as: i. the practices necessary to maintain confidence in the bank’s integrity; ii. the practices necessary to take into account their legal obligations and the reasonable expectations of their stakeholders; iii. the responsibility and accountability of individuals reporting and investigating reports of unethical practices. 7.1.3 The Code should: (a) commit the bank, its Board and management (and employees) to the highest standards of professional behaviour, business conduct and sustainable business practices; (b) be developed in collaboration with management and employees; (c) receive commitment for its implementation from the Board and the Managing Director/Chief Executive Officer and individual Directors of the company; (d) be sufficiently detailed as to give clear guidance to users including advisers, consultants and contractors; 24 (e) be formally communicated to the persons to whom it applies; and (f) be reviewed regularly and updated when necessary. 7.1.4 Banks shall establish a policy concerning trading in the bank’s securities by Directors, senior executives and employees, and disclose the policy or a summary of that policy. 7.1.5 The trading policy shall contain appropriate compliance standards and procedures to ensure that the policy is properly implemented. There shall also be an internal review mechanism to assess compliance and effectiveness. This review may involve an internal audit function. 7.1.7 Banks shall publish the policy concerning the issue of Board and employee trading in its securities. 7.2 Conflict of Interest 7.2.1 Banks shall adopt a policy to guide the Board and individual Directors in conflict of interest situations. 7.2.2 The Board of Directors shall be responsible for managing conflicts of interest. 7.2.3 Directors shall promptly disclose to the Board any real or potential conflict of interest that they may have regarding any matter that may come before the Board or its Committees. 7.2.4 Directors shall abstain from discussions and voting on any matter in which they have or may have a conflict of interest. 7.2.5 Directors who are aware of a real, potential or perceived conflict of interest on the part of a fellow Director, have a responsibility to promptly raise the issue for clarification, either 25 with the Director concerned or with the Chairman of the Board. 7.2.6 Disclosure by a Director of a real, potential or perceived conflict of interest or a decision by the Board as to whether a conflict of interest exists shall be recorded in the minutes of the meeting. 26 8.0 SANCTIONS 8.1.1 Compliance with the code is mandatory for all banks and discount houses. 8.1.2 Returns on the status of each institution’s compliance with the code shall be rendered to the CBN at the end of every quarter or as may be specified from time to time by the CBN. 8.1.3 Failure to comply with the code will attract appropriate sanctions in accordance with Section 60 of BOFIA 1991 as amended or may be specified in any applicable legislation or regulation. 27 9.0 EFFECTIVE DATE 9.1.1 This code shall take effect from October 1, 2014 and supersedes our “Code of Corporate Governance for Banks in Nigeria Post Consolidation” that became effective on April 3, 2006. 28 GUIDELINES FOR WHISTLE-BLOWING FOR BANKS AND OTHER FINANCIAL INSTITUTIONS IN NIGERIA May 2014 TABLE OF CONTENT SECTION DESCRIPTION 1.0 Introduction 2.0 Scope of the Guidelines 3.0 Whistle-blowing Procedures 4.0 Protection of the Whistle Blower 2 I.0 INTRODUCTION The prevalence of misconduct in organizations, particularly banks and other financial institutions,in the recent past underscores the need to institute rigorous policies to allow employees and other stakeholders bring unethical and illegal practices to the fore to minimize the damage such misconduct can cause to different stakeholders. The banking system relies on the effective operation of a range of “integrity systems” for keeping the institutions and their management honest and accountable. One of such systems is Whistle-blowing. Whistle-blowing, therefore, is the reporting of alleged unethical conduct of employees, management, directors and other stakeholders of an institution by an employee or other person to appropriate authorities. A whistle-blower is any person(s) including the employee, management, directors, depositors, service providers, creditors and other stakeholder(s) of an institution who reports any form of unethical behavior or dishonesty to the appropriate authority. The objective of whistle-blowing is to encourage stakeholders to bring unethical conduct and illegal violations to the attention of an internal and or external authority so that action can be taken to resolve the problem. This will minimize the institution's exposure to the damage that can occur when internal mechanisms are circumvented. It will also demonstrate to stakeholders that the institution is serious about adherence to codes of ethics and conduct. 3 It is believed that an effective whistle-blowing mechanism in banks and Other Financial Institutions (OFIs) in the country would go along way in entrenching good corporate governance. However, in order to gain the protection afforded to whistle-blowers by this guidelines, such disclosures must actually be made in good faith and the information provided must also be substantially true/reliable. The provisions of these Guidelines represent the minimum standard of whistle-blowing which banks shall comply with. Banks and other financial institutions are however encouraged to aspire to higher standards. 4 1.2 COMPLIANCE 1.2.1 The provisions of these Guidelines shall be observed by all financial institutions under the supervisory purview of the Central Bank of Nigeria (CBN). 1.2.2 Compliance shall be mandatory with effect from October 1, 2014. 1.2.3 Banks and Other Financial Institutions are expected to forward copies of their whistle-blowing guidelines to the CBN within three months, effective from the date of issuance of the guidelines. These guidelines shall be updated from time to time as the need arises. 1.2.4 Banks and Other Financial Institutions shall render quarterly reports on their compliance with the provisions of the whistle-blowing guidelines along with their corporate governance compliance status returns. 1.2.5 The external auditor of each bank and other financial institution shall report annually to the CBN, the extent of the bank’s and other financial institution’s compliance with the provisions of these Guidelines. 5 2.0 SCOPE OF POLICY These Guidelines are designed to enable stakeholders of banks and other financial institutions to report acts of impropriety to appropriate authorities. This may include any of the following:  All forms of financial malpractice or impropriety or fraud;  Failure to comply with a legal obligation or Statutes;  Actions detrimental to Health & Safety or the environment;  Any form of criminal activity;  Improper conduct or unethical behaviour;  Failure to comply with regulatory directives;  Other forms of corporate governance breaches;  Connected transactions;  Insider abuses  Non-disclosure of interest;  Attempts to conceal any of these, etc 6 3.0 WHISTLE – BLOWING PROCEDURES 3.1 Banks and other financial institutions shall have a whistle– blowing policy which shall be made known to employees, management, directors and other stakeholders such as contractors, shareholders, job applicants and the general public. The policy should be disclosed in their web sites. 3.2 It is the responsibility of the board to implement such a policy and to establish a whistle-blowing mechanism for reporting any illegal or unethical behavior. 3.3 Banks and other financial institutions shall establish whistle- blowing procedures that encourage stakeholders by assurance of confidentiality, to report any unethical activity/breach of these Guidelines using, among others, a dedicated email or hotline to the bank, other financial institution and the CBN. 3.4 The whistle-blowing mechanism shall include a dedicated “hot–line” or e–mail address and other electronic devices that could be used anonymously to report unethical practices. 3.5 The Head of Internal Audit shall review reported cases and recommend appropriate action to the MD/CEO and where issues affect Executive Management, such issues should be referred to the Board. The Board or CEO shall take appropriate action to redress the situation within a reasonable time. 3.6 The Head of Internal Audit shall provide the Chairman of the Board Audit Committee with a summary of cases reported and the result of the investigation. 3.7 A whistle–blower shall disclose any information connected with the activities of the bank or other financial institution which indicates any of the following: 7 (i) that an infraction has been committed; (ii) that a person has failed to comply with banking laws, internal policies and procedures, etc; and (iii) that someone has concealed matters falling within (i) or (ii) above. 3.8 A disclosure is deemed to have been made in accordance with this section if the whistle-blower discloses to the bank, other financial institution, CBN, and/or other appropriate agencies or exercise any other lawful option provided that such disclosure is: (i) true; and (ii) reasonable; 8 4.0 PROTECTION OF THEWHISTLE-BLOWER 4.1 These Guidelines is designed to offer protection to whistle- blower(s) who disclose such concerns provided the disclosure is made: a) in the reasonable belief that it is intended to show malpractice or impropriety; and b) to an appropriate person or authority. 4.2 Banks and other financial institutions shall treat all disclosures resulting from whistle-blowing in a confidential manner. The identity of the whistle-blower shall be kept confidential. 4.3 Stakeholders are encouraged to disclose their name when filing reports to make their reports more credible. However, anonymous disclosures may be considered on discretionary basis taking into account the following factors: a) the seriousness of the issues; b) the significance and credibility of the concern; and c) the possibility of confirming the allegation. 4.4 In making a disclosure through whistle-blowing, the individual should exercise due care in reporting his concern. If, however, an individual makes malicious allegations, and particularly if he or she persists with making them, no action shall be taken. 4.5 No bank or other financial institution shall subject a whistle- blower to any detriment whatsoever on the grounds that s/he has made a disclosure in accordance with the provisions of these Guidelines. 9 4.6 Where a whistle-blower has been subjected to any detriment in contravention of the above, s/he may present a complaint to the CBN. This is without prejudice to the right of the whistle- blower to take appropriate legal action. 4.7 An employee who has suffered any detriment by reason of disclosure made pursuant to the provision of these Guidelines shall be entitled to compensation and/or reinstatement provided that in the case of compensation, the employee’s entitlement shall be computed as if he had attained the maximum age of retirement or had completed the maximum period of service, in accordance with his condition of service. For other stakeholders, the whistle-blower shall be adequately compensated. 4.8 Any bank or other financial institution which contravenes the provision of this section of the Guidelines will be sanctioned in line with Section 60 of the Banks and Other Financial Institutions Act 1991 (as amended). 4.9 For the purpose of these Guidelines, the word “detriment includes dismissal, termination, redundancy, undue influence, duress, withholding of benefits and/or entitlements and any other act that has negative impact on the whistle-blower. 4.10 Banks and other financial institutions shall make quarterly returns to the CBN and NDIC on all whistle-blowing reports and corporate governance related breaches. 4.11 Banks and other financial institutions shall include a whistle- blowing compliance status report in their audited financial statements. 4.12 Banks and other financial institutions should review their whistle-blowing policies every three (3) years and notify the regulatory authorities of all such reviews. 10