The Central Bank of The Bahamas

Transcription

1 The Central Bank of The Bahamas Consultation Paper Consultation Paper on the Credit Union Guidelines Policy Unit Bank Supervision Department June 12, 2015

2 Table of Contents 1. Background 1 2. Statement of Purpose 1 3. Key Elements of the Draft Guidelines 1 4. Consultation Period 1 5. Annex I (Guidelines for the Management of Liquidity Risk for Credit Unions) 3 6. Annex II (Guidelines for the Management of Operational Risk for Credit Unions) 9 7. Annex III (Guidelines for the Management of Credit Risk for Credit Unions) Annex IV (Guidelines for the Management of Interest Rate Risk for Credit Unions) Annex V (Guidelines for the Corporate Governance of Credit Unions) 30

3 Consultation Paper on the Credit Union Guidelines 1. Background On 1 st June, 2015, the Central Bank of The Bahamas (Central Bank) assumed regulatory and supervisory responsibility for the credit unions, under the recently enacted principal governing legislation, the Bahamas Co-Operative Credit Unions Act, 2015 and other relevant amending legislation. Consistent with its new statutory obligations, the Central Bank will be responsible for all regulatory and supervision matters pertaining to credit unions commencing with their registration, off-site supervision and on-site examinations. 2. Statement of Purpose The Consultation Paper on the Credit Union Guidelines (the Consultation Paper) sets out the Central Bank s expectations regarding the prudential standards that credit unions should adhere to and have been drafted with the following in mind: that credit unions are not-for-profit organizations, and in this respect are different from other deposit-taking financial institutions; and that credit unions work as a co-operative, valuing volunteerism, co-operation and member participation. 3. Key Elements in the Consultation Paper on the Credit Union Guidelines The Consultation Paper provides guidance to credit unions in relation to the following areas: the Management of Liquidity Risk (Annex I); the Management of Operational Risk (Annex II); the Management of Credit Risk (Annex III); the Management of Interest Rate Risk (Annex IV); and Corporate Governance (Annex V). In an attempt to maintain the unique characteristics of credit unions and simultaneously honour the Central Bank s mandate to protect the interests of credit union members, a lighter touch was applied to all of the drafted guidelines. 4. Consultation Period Registrants are invited to submit comments or questions seeking clarification on the proposals contained in the draft guidelines to the Policy Unit, Bank Supervision Department by July 13,

4 Comments may be submitted in writing via , post mail or fax to the following address:- The Policy Unit Bank Supervision Department The Central Bank of The Bahamas Market Street P.O. Box N-4868 Nassau, Bahamas Fax: (242)

5 ANNEX 1 DRAFT FOR INDUSTRY CONSULTATION SUPERVISORY AND REGULATORY GUIDELINES: PU-xxxx Management of Liquidity Risk Issued: XXX 2015 GUIDELINES FOR THE MANAGEMENT OF LIQUIDITY RISK FOR CREDIT UNIONS 1. INTRODUCTION 1.1 The Central Bank of The Bahamas ( the Central Bank ) is responsible for the registration, regulation and supervision of all credit unions operating in and from within The Bahamas, pursuant to the Bahamas Co-Operative Credit Unions Act, 2015 ( the Credit Unions Act ) and the Central Bank of The Bahamas (Amendment) Act, 2015 ( the CBA ). Additionally, the Central Bank has the duty, in collaboration with financial institutions, to promote and maintain high standards of conduct and management in the provision of credit union services. 1.2 The Central Bank recognizes that credit unions are not-for-profit organizations, and in this respect are different from other deposit-taking financial institutions. The Central Bank is aware that credit unions work as a co-operative, valuing volunteerism, cooperation and member participation. Therefore, the Central Bank is committed to ensuring the unique characteristics of credit unions are maintained, while still fulfilling its obligations to protect the interests of credit union members. 1.3 All registrants are expected to adhere to the Central Bank s registration and prudential requirements, ongoing supervisory programmes and regulatory reporting requirements, and are subject to periodic on-site examinations. Credit Unions are expected to conduct their affairs in conformity with all other Bahamian legal requirements. 2. PURPOSE 2.1 These Guidelines specifically address the minimum liquidity requirements for credit unions. Liquidity is a credit union s capacity to fund increases in assets or meet collateral obligations at a reasonable cost as they fall due, without incurring unacceptable losses. Liquidity must also be sufficient to satisfy demand for cash withdrawals, financing commitments for approved loans, and routine operating cash outflows. Therefore, 3

6 maintaining an adequate level of liquidity depends on the credit union s ability to meet expected and unexpected cash flows. 2.2 The Central Bank endorses the principles and best practices of the World Council of Credit Unions (WOCCU). Credit Unions are encouraged to refer to these principles and best practices on the WOCCU s website at 3. APPLICABILITY 3.1 These Guidelines apply to all financial co-operative credit unions which are registered under the Credit Unions Act or deemed, by virtue of section 126(1) to be registered under this Act. 4. DEFINITION 4.1 Liquidity risk is the risk that a credit union s financial condition or overall safety and soundness are adversely affected by an inability to meet its contractual obligations. A credit union s obligations and the funding sources used to meet them depend significantly on its business mix, balance sheet structure and the cash flow profiles. 5. MANAGEMENT OF LIQUIDITY RISK Board and Senior Management Responsibilities 5.1 Ultimate responsibility for the liquidity risk assumed by a credit union and the manner in which this risk is managed rest with the credit union s Board of Directors ( the Board ). Senior management should ensure that the standards set forth in these Guidelines are appropriately addressed. 5.2 Senior management is also responsible for ensuring that board approved strategies, policies and procedures for the day-to-day and long term liquidity management of the operations are appropriately executed within the lines of authority and responsibility designated for managing and controlling liquidity risk. 6. LIQUIDITY RISK MANAGEMENT FRAMEWORK 6.1 Liquidity risk management should be fully integrated into each credit union s risk management processes. Therefore, each institution should have a comprehensive process for identifying, measuring, monitoring and controlling liquidity risk. Critical elements of a sound liquidity risk management framework include: 4

7 6.1.1 Effective corporate governance consisting of oversight by the Board and active involvement by senior management in the control of liquidity risk; Appropriate strategies, policies, procedures and limits used to manage and mitigate liquidity risk; A process for measuring and monitoring operational liquidity levels; Conditions for liquidity funding and lines of credit, (inclusive of the aggregate maximum amount of any such lines of credit); A process for monitoring large deposits, the withdrawal of which could impact the level of operational activity; Internal controls and internal audit processes sufficient to determine the adequacy of the liquidity risk management process; and Appropriate contingency funding plans that sufficiently address potential adverse liquidity events to which the institution may be exposed and emergency cash flow requirements. 6.2 The Central Bank will review these critical elements in its assessment of each credit union s liquidity risk management framework, during the course of its on-site examination. 7. LIQUIDITY RISK MEASURMENT AND MONITORING 7.1 Credit unions should comply with the minimum liquidity requirements prescribed under Regulation 15 of the Bahamas Co-Operative Credit Unions Regulations, 2015 (the Regulations). 7.2 Credit unions should also comply with their statutory reserve requirements prescribed in Regulation 14 of the Regulations, Where a credit union cannot meet its statutory reserves allocation requirements as set out under Regulations 14, it may apply to the Central Bank in writing for an exemption from this requirement. 7.3 In addition to meeting the Apex Body s reserve requirements, each credit union shall have no less than 10% of its members savings deposits in liquid assets or demand deposit type accounts to provide sufficient liquidity for share and savings withdrawals, external borrowing repayments, loan demand and operating expenses. Liquidity Ratio 7.4 This ratio shall be reported to the Central Bank as prescribed. The liquidity ratio calculation is as follows: 5

8 Liquid Assets (those with no maturity or a maturity of less than 30 days) minus Liabilities (due in 30 days or less) Total Deposits Liquidity ratio range 15% - 20% Net Loans / Total Asset Ratio range 70% - 80% 7.5 A credit union should strive to maintain a loan to asset ratio sufficient to meet member loan demand and still meet other liquidity needs. A high loan to asset ratio (e.g., in excess of percent) may stress liquidity, especially if the credit union has limited other funding sources, existing funding depends on volatile sources (e.g., non-member shares), or the credit union has minimal short-term investments. 8. ASSET LIABILITY MANAGEMENT (ALM) POLICY 8.1 The credit union s Board of Directors shall be responsible for formulating, reviewing and adjusting the liquidity/alm policy. The policy shall address: Who is responsible for liquidity management and ALM; Who may access or establish a line of credit for liquidity purposes; How will liquidity be monitored: for example, what liquidity management systems will be used, what time frames will be used in cash flow analysis, their level of detail and the intervals for updating ratio and cash flow analysis; Minimums and maximums for total cash assets and for the amount to be kept onsite at the credit union; Minimums and maximums for other liquidity related ratios; What process or method will be used to monitor ALM; and How often the ALM position will be analysed and discussed. 8.2 The board shall annually review and revise the policy as needed. 9. CONTROL AND AUDIT 9.1 Credit unions should have appropriate internal controls addressing relevant elements of the risk management process, including adherence to policies and procedures, the adequacy of risk identification, measurement, reporting and compliance with applicable rules and regulations. 6

9 9.2 Senior management should ensure periodic reviews and assessment of various components of the credit union s liquidity risk management processes. A qualified, licensed independent party, i.e. internal and external auditors, should perform such reviews and assessments. 9.3 All weaknesses or problems identified in the review should be brought to the attention of senior management for prompt corrective action. The reviews and assessment should cover the following areas: Adequacy of risk identification, measurement, reporting and compliance with supervisory guidance (including statutory liquidity ratios/limits) and industry sound practices; Suitability of the underlying assumptions for conducting cash flow analyses; Integrity and usefulness of management information system reports; and Adherence to established liquidity policies and procedures. 10. MANAGEMENT INFORMATION SYSTEM 10.1 Credit unions should have a reliable management information system ( MIS ) consistent with the size and nature of their operations. This will measure, monitor and control liquidity risk under normal and stressed conditions. MIS should be able to capture all sources of liquidity risk, including contingent risks and the related triggers and those arising from new activities. The system should have the ability to deliver more granular and time sensitive information during periods of stress The MIS should particularly be able to: Calculate and project various liquidity related limits and ratios, including statutory requirements, and for internal risk management purposes; Set out clearly the assumptions and limitations underlying cash flow management reports; Generate timely reports on risk measures and liquidity trends for management; Check compliance with established liquidity policies and limits, and generate exception reports. 11. REPORTING REQUIREMENTS 11.1 The Central Bank will monitor the liquidity position of the credit union on an ongoing basis to satisfy itself that the liquidity risk is being appropriately managed, taking into account the nature, scale and complexity of the credit union s operations. As part of this process, the credit union is expected to: 7

10 Provide the Central Bank with a copy of its liquidity risk management strategy; and Report on its liquidity position via the Maturity Schedule of the Excel Reporting System (ERS) on a monthly basis, for large credit unions. END 8

11 ANNEX II DRAFT FOR INDUSTRY CONSULTATION SUPERVISORY AND REGULATORY GUIDELINES PU XXXX Operational Risk Issued: XXX 2015 GUIDELINES FOR THE MANAGEMENT OF OPERATIONAL RISK FOR CREDIT UNIONS 1. INTRODUCTION 1.1 The Central Bank of The Bahamas ( the Central Bank ) is responsible for the registration, regulation and supervision of all credit unions operating in and from within The Bahamas, pursuant to the Bahamas Co-Operative Credit Unions Act, 2015 ( the Credit Unions Act) and the Central Bank of The Bahamas (Amendment) Act, 2015 ( the CBA ). Additionally, the Central Bank has the duty, in collaboration with financial institutions, to promote and maintain high standards of conduct and management in the provision of credit union services. 1.2 The Central Bank recognizes that credit unions are not-for-profit organizations, and in this respect are different from other deposit-taking financial institutions. The Central Bank is aware that credit unions work as a co-operative, valuing volunteerism, cooperation and member participation. Therefore, the Central Bank is committed to ensuring the unique characteristics of credit unions are maintained, while still fulfilling its obligations to protect the interests of credit union members. 1.3 All registrants are expected to adhere to the Central Bank s registration and prudential requirements, ongoing supervisory programmes and regulatory reporting requirements, and are subject to periodic on-site examinations. Credit Unions are expected to conduct their affairs in conformity with all other Bahamian legal requirements. 2. PURPOSE 2.1 These Guidelines provide guidance to credit unions in relation to operational risk management. Credit Unions are expected to develop and implement an operational risk management framework in line with these Guidelines, taking into account the nature, size, complexity and risk profile of its activities. Credit Unions are expected to continuously improve their approaches to operational risk management as operational risk continues to evolve. 9

12 2.2 The Central Bank endorses the principles and best practices of the World Council of Credit Unions (WOCCU). Credit Unions are encouraged to refer to these principles and best practices on the WOCCU s website at 3. APPLICABILITY 3.1 These Guidelines apply to all credit unions which are registered under the Credit Unions Act or deemed, by virtue of section 126(1) to be registered under this Act. 4. DEFINITION 4.1 Operational risk refers to the risk of loss resulting from inadequate or failed internal processes, people, and systems or from external events. This definition includes legal risk, but excludes other risks like strategic and reputational risk. 4.2 Operational risk is potentially inherent in all of a credit union s products, activities, processes and systems and the effective management of operational risk is important. The most important types of operational risk involve breakdowns in internal controls and corporate governance. Such breakdowns can lead to financial losses through error, fraud, or failure to perform in a timely manner or cause the interest of the credit union to be compromised in some other way (e.g., lending officers or other staff exceeding their authority or conducting business in an unethical or risky manner). Other aspects of operational risk include major failure of information technology systems or events such as major fires or other natural disasters. 5. OPERATIONAL RISK MANAGEMENT FRAMEWORK 5.1. The Board of Directors of credit unions are expected to develop an operational risk management policy that sets out requirements, purpose and scope of related internal controls. Senior Management is required to document the internal controls within the credit union s operational procedures. The operational risk management policy and procedures should address the following: Defined levels of authority to make corporate decisions; Safeguards to protect the premises and assets of the credit union; An operational and secure management information system (MIS) which accurately records transactions; A framework for technology development; Business continuity and disaster recovery; A process for outsourcing services; and 10

13 5.1.7 Staffing and monitoring controls appropriate to the size of the credit union. Decision Making Authority and Approval 5.2. Credit unions should establish and implement an approval framework which ensures that responsibilities and approvals for transactions are assigned to the proper and appropriate individuals within the organization. The framework should outline the following: Defined levels of authority for corporate decisions in all areas of the operations; Appropriate delegation of authority defined and documented; The skills and experience of staff are commensurate with the defined levels of authority; and Establishment of lines of reporting, responsibility and authority. Safeguarding of Premises, Assets and Records 5.3. Credit unions should establish internal controls to ensure: Premises of the credit union are safeguarded, including protection of members and staff from exposure to crime or injury; Safety and protection of assets of the credit union and assets of other parties held in its care, control and custody; and Safety of financial records and other key information Insurance coverage should be utilized to reduce the risk of monetary loss from accidents. Management Information Systems 5.5. Credit Unions should establish a policy approved by the Board of Directors ( The Board ) that will address the operation and security of a management information system (MIS). The policy should require the following: Transactions are recorded on an accurate, complete and timely basis; Accounting for all on and off balance sheet activities to enable management to monitor and analyze the financial condition and performance of the credit union; Protection of integrity of the system hardware, software and data through appropriate access and process controls; Provisions of an audit trail for all transactions; and Back up. 11

14 Technology Development and Maintenance 5.6. Credit unions should establish an appropriate framework for technology development and maintenance and include processes for: Planning for technology requirements consistent with strategic and business plans; Identifying and evaluating technology solutions appropriate for the business activities of the credit union; Development and/or acquisition of software; Documentation, testing and implementation of the software; and Delivery and support for the software, including identification and solution of problems. Business Continuity and Disaster Recovery 5.7. Credit unions should establish the appropriate business continuity and disaster recovery plans, including: Processes to deal with short term and longer term business disruption; and Nature, frequency and extent of testing backup, recovery and contingency plans Credit Unions should confirm to the Central Bank that it has a Business Continuity Plan in place (see Appendix B for the minimum standards for business continuity plans). Outsourcing of Services 5.9. Outsourcing involves contracting out a business function to a service provider instead of performing that function internally (see Appendix A) for possible material outsourced functions). Before outsourcing services, credit unions should identify: The process for selecting capable and reliable service providers to ensure transparency; Standards for outsourced services, including accuracy, security, privacy and confidentiality; Process for monitoring the performance and risks related to outsourced services and service providers; and Schedules for periodic reviews of outstanding contracts Sufficient analysis should be undertaken to confirm that the service provider has the necessary expertise, capacity and viability to perform the functions or activities to be outsourced. Appropriate due diligence and impact analysis of non-performance by a service provider should also be undertaken. 12

15 5.11. The Board should approve the outsourcing of business functions. The Board and Senior Management maintain responsibility for oversight of outsourced functions Credit Unions should notify the Central Bank of all outsourcing arrangements they have in place. The service level agreements for these arrangements should be reviewed by the credit union s internal or external legal counsel. Staffing and Monitoring Controls Credit Unions should establish staffing and monitoring controls which protect against fraud, theft and misappropriation. These controls should be specified in policy approved by the Board of Directors and documented into procedures. Staffing Controls Credit unions should ensure there is the appropriate independence/segregation of duties as a control to avoid staff error, fraud or theft. Monitoring controls Appropriate controls should be established to monitor adherence to the operational risk policy, including: routines for transaction verification and validation for error detection and fraud prevention; and establishment of an independent internal audit function Internal audits regarding the operations should be carried out by the internal auditor, or an independent senior officer not involved in the business origination and/or approval process of the credit union or alternatively an external chartered accountant. This individual should be approved by the Board. Internal audit should report to the Board on the internal controls of the credit union and any other matters as the Board may direct. 6. SUPERVISION BY THE CENTRAL BANK 6.1. The Central Bank, as part of its ongoing supervisory responsibilities, intends to assess the degree of credit unions compliance with the principles set forth in these Guidelines. Consequently, the Central Bank will examine the effectiveness of the operational risk management policies and procedures during the course of its on-site examination of credit unions. 13

16 Appendix A Examples of Services that may be Regarded as Outsourcing Information system management and maintenance (e.g. data entry and processing, data centres, facilities management, end-user support, local area networks, help desks); Document processing (e.g., cheques, credit card slips, bill payments, bank statements, other corporate payments); Application processing (e.g. loan originations, credit cards); Loan administration (e.g., loan negotiations, loan processing, collateral management, lending analysis, collection of bad loans); Investment management (e.g., portfolio management, cash management); Marketing and research (e.g., product development, data warehousing and mining, advertising, media relations, call centres, telemarketing); Back office management (e.g., electronic funds transfer, payroll processing, custody operations, quality control, purchasing); Professional services related to the business activities of the registrant (e.g., accounting, internal audit, actuarial); Human resources (e.g., benefits administration, recruiting); Records management; and Business continuity and disaster recovery capacity and capabilities. The following are arrangements that would not be considered outsourcing for the purposes of these Guidelines: Courier services, regular mail, utilities, telephone; Procurement of specialized training; Discrete advisory services (e.g., legal opinions, certain investment advisory services that do not result directly in investment decisions, independent appraisals, trustees in bankruptcy); Purchase of goods, wares, commercially available software and other commodities; Independent audit reviews; Credit background and background investigation and information services; Market information services (e.g., Bloomberg, Moody s, Standard & Poor s, Fitch); Independent consulting; Services the registrant is not legally able to provide; Printing services; Repair and maintenance of fixed assets; Supply and service of leased telecommunication equipment; Travel agency and transportation services; Correspondent banking services; Maintenance and support of licensed software; Temporary help and contract personnel; Fleet leasing services; 14

17 Specialized recruitment; External conferences; Clearing and settlement arrangements between members or participants of recognized clearing and settlement systems; Sales of insurance policies by agents or brokers; Ceded insurance and reinsurance ceded; and Syndication of loans. 15

18 Appendix B Minimum Standards for a Business Continuity Plan Identification of who is responsible for approving the plan; Stating how often the plan should be reviewed; Stating who is responsible for implementing the plan or identifying alternative individual(s) should the primary person(s) be unavailable; Establishment of the duties and responsibilities of the group of employees that will be responsible for assessing the situation, providing information and establishing member service as quickly as possible; Identification of alternative credit union locations should the credit union office be destroyed; Identification of the most essential information needed to operate the credit union; and Stating how often the plan will be tested. END 16

19 ANNEX III DRAFT FOR INDUSTRY CONSULTATION SUPERVISORY AND REGULATORY GUIDELINES: PU S Credit Risk Guidelines Issued: XXX 2015 GUIDELINES FOR THE MANAGEMENT OF CREDIT RISK FOR CREDIT UNIONS 1. INTRODUCTION 1.1 The Central Bank of The Bahamas ( the Central Bank ) is responsible for the registration, regulation and supervision of all credit unions operating in and from within The Bahamas, pursuant to the Bahamas Co-Operative Credit Unions Act 2015 ( the Credit Unions Act ), and the Central Bank of The Bahamas (Amendment) Act, 2015 ( the CBA ). Additionally, the Central Bank has the duty, in collaboration with financial institutions, to promote and maintain high standards of conduct and management in the provision of credit union services. 1.2 The Central Bank recognizes that credit unions are not-for-profit organizations, and in this respect are different from other deposit-taking financial institutions. The Central Bank is aware that credit unions work as a co-operative, valuing volunteerism, cooperation and member participation. Therefore, the Central Bank is committed to ensuring the unique characteristics of credit unions are maintained, while still fulfilling its obligations to protect the interests of credit union members. 1.3 All registrants are expected to adhere to the Central Bank s registration and prudential requirements, ongoing supervisory programmes and regulatory reporting requirements, and are subject to periodic on-site examinations. Credit Unions are expected to conduct their affairs in conformity with all other relevant Bahamian legal requirements. 2. PURPOSE 2.1 The effective management of credit risk as a component of a comprehensive risk management program is fundamental to the safety and soundness of every credit union and is critical to its long-term viability. These guidelines specifically address the management of the credit risk present in the business activities of credit unions. It prescribes best practices that credit unions should adopt within their overall corporate governance process and risk management program to address its credit risk. 17

20 2.2 The Central Bank endorses the principles and best practices of the World Council of Credit Unions (WOCCU). Credit Unions are encouraged to refer to these principles and best practices on the WOCCU s website at 3. APPLICABILITY 3.1 These Guidelines apply to all credit unions which are registered under the Credit Unions Actor deemed, by virtue of section 126(1) to be registered under this Act. 4. CREDIT RISK POLICY 4.1 Every credit union is required to establish and implement a prudent lending policy. The board should review the policy periodically (at least annually) to ensure their adequacy and relevance given the changing operating circumstances, economic cycle, activities and risk that the credit union may face. At a minimum, lending policies must address major lending criteria including: Acceptable limits and repayment terms for each authorized type of loan; Acceptable types of tangible security; Lending values for each type of tangible security; Loan evaluation and documentation; Loan approval processes; Monitoring, evaluating and reporting of outstanding loans, including delinquent and impaired loans; Lender approval limits; and Write-offs. 4.2 Every credit union should articulate their credit risk tolerance, including how much and what types of risk they are prepared to undertake. Risk tolerance should be compatible with the credit union s overall strategic objective. The credit risk policy should specify inter-alia: Types of facilities to be offered, along with ceilings, pricing, profitability, maximum maturities and maximum debt-servicing ratios of borrowers for each type of lending; A ceiling for the total loan portfolio ratios (i.e., loan to deposit ratio, maximum dollar amount or a percentage of capital base); Limits, terms and conditions, approval and review procedures and records kept for connected lending; 18

21 4.2.4 The minimum information required from loan applicants (bearing in mind Anti- Money Laundering and Know Your Customer best practice and legal requirements). 4.3 Every credit union shall develop, and the board of directors shall adopt a policy on loans to directors, committee members, officers, employees and their associates, and such policy shall be compliant with the Credit Unions Act and the Bahamas Co-Operative Credit Unions Regulations, CREDIT COMMITTEE 5.1 Section 73 of the Credit Unions Act requires that each credit union should have a Credit Committee whose members are appointed by the Board. 5.2 The Credit Committee shall perform such duties as are prescribed in the Credit Unions Act, the regulations and the bye-laws of the co-operative credit union. These duties include inter-alia: Making decisions on applications for loans; and Fixing to time the rate of interest to be charged on loans to members from time. 5.3 Section 78 of the Credit Unions Act imposes a statutory responsibility on the Credit Committee to maintain books and records for the necessary and prudent recording of its credit functions. The Central Bank shall have unlimited access to all records of the Credit Committee. 5.4 The board of directors must ensure that the Credit Committee complies with its statutory obligations. 6. RISK CONCENTRATION AND LOAN LIMITS 6.1 Credit risk concentration may arise from excessive exposures to individual counterparties, related counterparties or consanguinity, and a group(s) of connected counterparties with similar characteristics (e.g. counterparties in specific geographical locations, economic or industry sectors). The Central Bank is concerned about credit risk concentration because if these exposures cannot be recovered, the financial condition of the credit union could be adversely affected. 6.2 Credit Unions should establish internal controls and systems, endorsed by the board of directors, to measure, monitor and control credit risk concentration and large exposures and other risk concentrations in accordance with these Guidelines. Safe guarding against credit risk concentrations should form an important component of a financial credit union s risk management system. 19

22 6.3 Subject to the Credit Unions Act, every loan granted by a credit union, must be approved in accordance with the policies established by the board of directors before any funds are advanced. 6.4 In addition, the bye-laws of every credit union shall provide for limits on the amounts of loans to any one member or as to the type of loans which may be granted. 6.5 Section 70 of the Credit Unions Act requires that loans may be made only to members. 7. DELEGATED CREDIT AUTHORITY 7.1 Credit authority should be clearly delegated by the Board of Directors (the Board) and should be appropriate for the products or portfolios assigned to the Credit Committee or individual credit officers and should be commensurate with their credit experience and expertise. 7.2 It is important to note that while the Board can delegate authority for certain credit functions, as set out above, it cannot delegate responsibility or accountability in relation to these functions. 8. LOAN APPROVAL 8.1 All loans should be approved in the manner prescribed under Sections 66 and 68 of the Credit Unions Act. Authorized Loan Types 8.2 Credit unions may only grant the following classes of loans: Personal loans (maximum of 7 years) Mortgage loans (maximum of 30 years) Agricultural loans (maximum of 7 years) Lending Values of Security 8.3 The credit union s credit policy must address the maximum lending values for each type of loan. 8.4 Subject to any restrictions that may be prescribed in its bye-laws, a credit union may take any security for loans that it considers advisable in keeping with sound business practices. The level of security required in respect of a loan application should reflect the size and risk profile of the proposed loan. 20

23 8.5 Approved types of security and circumstances in which the security should be taken, should be clearly set out in the credit policy. 9. IMPAIRED LOANS 9.1 The calculation and circumstances under which impaired loans should be measured and/or assessed by credit unions is established in Regulations (7) thru (12) of the Bahamas Co-Operative Credit Unions Regulations, 2015 (the Regulations). 9.2 An impaired loan as defined in the Regulations refers to a loan in respect of which, it is probable that a co-operative credit union will be unable to collect, on time, the full amount of principal or interest due according to the contractual terms of the loan agreement. An asset is impaired if the estimated recoverable amount of an asset is less than its carrying amount shown in the books of the credit union. 9.3 Interest income on impaired loans should be treated in accordance with Regulation 4 of these Regulations. 10. PAST DUE LOANS 10.1 Loans that are not paid as agreed are considered delinquent the day after the first missed payment. Immediate action should be taken to control delinquency and collect when a loan is reported past due A loan is considered past due when the contracted payment (principal and interest) has not been met when due or it is otherwise outside contracted arrangements. To measure the total percentage of delinquency in the loan portfolio of the credit union, the criterion is as follows: a. Sum of all delinquent loan balances b. Total (Gross) Loan Portfolio Outstanding Criteria: a b = < 5% 10.3 Loans past due more than 30 days, should comprise less than 5% of the total loan portfolio. When a loan becomes delinquent, the credit union should not grant new loans to pay off the outstanding capital and interest for the same borrower. 11. PROVISIONING FOR DOUBTFUL LOANS 11.1 Every co-operative credit union shall determine and disclose the monthly provision for doubtful loans as prescribed under Regulation 7 of the Regulations. 21

24 11.2 Income recognition in the case of write-offs and recoveries of impaired loans, should be maintained in accordance with Regulation 11 of the Regulations The Central Bank will require that credit unions retain on file sufficient documentation of their data and management s judgment on the credit union s provisioning methodology, and the board of directors support for their estimates of impairment. 12. ADEQUATE CONTROLS OVER CREDIT RISK 12.1 The Credit Unions Act grants general direction and control of the affairs of the credit union, including the proper and profitable conduct of credit union operations, the safety of credit union assets, and the accuracy and adequacy of the annual reports to the board of directors. The Board retains overall responsibility for the affairs of the credit union. As part of that responsibility, the board should establish internal controls, which include among other things, organizational plans, policies, and operating procedures to maintain control over the duties delegated to paid employees. 13. INVESTMENTS 13.1 Given the inherent risk that certain investments present, credit unions are required to seek the prior approval of the Central Bank for all financial investments with exception of securities issued or guaranteed by Government as prescribed under Section 61 of the Credit Unions Act. Credit Unions are also prohibited from investing in non-financial assets. 14. ACCOUNTABILITY 14.1 All staff should comply with the credit policies and procedures and should be held accountable, ultimately to the board of directors through their reporting officers, for their decisions when discharging their responsibilities. A registrant s remuneration policies should be consistent with its credit risk strategy. The policies should not encourage officers to generate short-term profits by taking an unacceptably high level of risk. 15. SEGREGATION OF DUTIES 15.1 Credit unions should keep the functions of credit initiation, approval, review and administration, payments and work-out as separate as possible A timely, accurate and in-depth management information system should be supported by a framework whereby relevant reports on the credit portfolio are generated and available to various levels of management on a timely basis. 22

25 16. RISK MITIGATION 16.1 In controlling credit risk, credit unions can utilize certain mitigation techniques. Generally, these may include: 16.1 Accepting collateral; 16.2 Entering into netting arrangements; 16.3 Setting strict loan covenants; and 16.4 Prudential underwriting practices When the mitigation arrangements are in place they should be controlled. Therefore, credit unions should have written policies, procedures and controls for the use of credit mitigation techniques. They should also ensure adequate systems are in place to manage these activities Credit unions should revalue their collateral and mitigation instruments on a regular basis. 17. INDEPENDENT AUDITS 17.1 Credit unions should establish a system of regular independent credit and compliance audits. These audits should be performed by independent parties (i.e., Supervisory Committee, Internal Audit and/or Compliance, which report to the Board or the Audit Committee) Credit audits should be conducted to assess individual credits on a sampling basis and the overall quality of the credit portfolio. Such audits are considered useful for evaluating the effectiveness of the credit process The findings of these audits should be reported to the Board or the Audit Committee on a timely basis, and appropriate remedial actions should be taken to address any concerns and weakness raised. 18. REPORTING REQUIREMENTS 18.1 In accordance with Section 71 of the Credit Unions Act, where a co-operative credit union is reporting loans on the balance sheet in its annual financial statements, it shall report the loans at their net estimated value after deducting an allowance for doubtful loans, or in any other format as may be prescribed by the Central Bank In addition, the submission of the Excel Reporting System (ERS) is a requirement of all credit unions, and must be completed on a monthly basis, for large credit unions. 23

26 Appendix 1 Definitions Associate means (a) a person who is related by consanguinity to a director committee member, officer or employee of a credit union; or (b) a partnership, company, trust or other entity in which a person who is related by consanguinity to a director, committee member, officer or employee of a credit union, has a controlling interest. Consanguinity means a relationship by descent and for the purposes of this Guideline; the degrees of consanguinity are as follows: (i) (ii) a relationship within the first degree by consanguinity means a spouse, child or parent; a relationship within the second degree by consanguinity means a sibling, half-brother, half-sister, grandchild or grandparent. Credit is the provision of funds on agreed terms and conditions to a debtor who is obliged to repay the amount borrowed together with interest thereon. Credit may be extended, on a secured or unsecured basis, by way of instruments such as mortgages, bonds, consumer and corporate advances, financial derivatives and finance leases. Credit risk is the risk of financial loss, despite realization of collateral security or property, resulting from the failure of a debtor to honour its obligations to the registrant. Credit risk management is the process of controlling the impact of credit risk-related events on the registrant. This management involves identification, understanding, and quantification of the degree of potential loss and the consequent taking of appropriate measures to minimize the risk of Doubtful loan means a loan which is impaired, the repayment of which is in doubt. Fully secured loan is a loan which is fully secured by cash, charges on real property such as land and buildings, or security interest in personal property such as an automobile or securities where the fair value of the security or estimated net realizable amount is sufficient to discharge the outstanding principal and interest in full. Impaired loan/asset means a loan/asset in respect of which it is probable that a co-operative credit union will be unable to collect, on time, the full amount of principal or interest due according to the contractual terms of the loan agreement. END 24

27 ANNEX IV DRAFT FOR INDUSTRY CONSULTATION SUPERVISORY AND REGULATORY GUIDELINES: PU-xxxx Management of Interest Rate Risk ISSUED: XXX 2014 GUIDELINES FOR THE MANAGEMENT OF INTEREST RATE RISK FOR CREDIT UNIONS 1. INTRODUCTION 1.1 The Central Bank of The Bahamas ( the Central Bank ) is responsible for the registration, regulation and supervision of all credit unions operating in and from within The Bahamas, pursuant to the Bahamas Co-Operative Credit Unions Act, 2015 ( the Credit Unions Act ), and the Central Bank of The Bahamas (Amendment) Act, 2015 ( the CBA ). Additionally, the Central Bank has the duty, in collaboration with financial institutions, to promote and maintain high standards of conduct and management in the provision of credit union services. 1.2 The Central Bank recognizes that credit unions are not-for-profit organizations, and in this respect are different from other deposit-taking financial institutions. The Central Bank is aware that credit unions work as a co-operative, valuing volunteerism, cooperation and member participation. Therefore, the Central Bank is committed to ensuring the unique characteristics of credit unions are maintained, while still fulfilling its obligations to protect the interests of credit union members. 1.3 All registrants are expected to adhere to the Central Bank s registration and prudential requirements, ongoing supervisory programmes and regulatory reporting requirements, and are subject to periodic on-site examinations. Credit Unions are expected to conduct their affairs in conformity with all other Bahamian legal requirements. 2. PURPOSE 2.1 These Guidelines specifically address the key principles, together with the minimum policies and procedures that each cooperative credit union needs to have in place and apply within its interest rate risk management program. It further establishes the minimum criteria these financial institutions should use to prudently manage and control their exposure to interest rate risk. 25

28 2.2 The Central Bank endorses the principles and best practices of the World Council of Credit Unions (WOCCU). Credit Unions are encouraged to refer to these principles and best practices on the WOCCU s website at 3. APPLICABILITY 3.1 These Guidelines apply to all credit unions which are registered under the Credit Unions Act or deemed, by virtue of section 126(1) to be registered under this Act. 4. DEFINITION 4.1 Interest rate risk is the exposure of a credit union s financial condition (earnings and capital) to adverse movements in interest rates. Interest rate risk arises when a financial institution s principal and interest cash flows from assets do not coincide with the principal and interest cash flows derived from liabilities. In other words, due to increases in the market interest rates, savings deposit interest rates may increase while the interest on fixed-rate loans and investments remains the same, thus causing a potential profitability problem. 5. INTEREST RATE RISK MANAGEMENT PROGRAM 5.1 Managing interest rate risk is a fundamental component in the safe and sound management of each credit union. It involves prudently managing mismatch positions in order to control within set parameters the impact of changes in interest rates on the institution. 5.2 Significant factors in managing the risk include the frequency, volatility and direction of rate changes, the slope of the interest yield curve, the size of the interest-sensitive position and the basis for repricing at rollover dates. 5.3 While the particulars of interest rate risk management will differ among institutions depending on the nature and complexity of their asset and liability structure (both on- and off-balance sheet), interest rate risk positions and risk profile, a comprehensive interest rate risk management program requires: Establishing and implementing sound and prudent interest rate risk policies; Developing and implementing appropriate interest rate risk measurement techniques; and 26

29 5.3.3 Developing and implementing effective interest rate risk management and control procedures. Each cooperative credit union must establish explicit and prudent interest rate risk limits, and ensure that the level of interest rate risk exposures does not exceed these limits. 5.4 Notwithstanding the provisions of Regulation 3 of the Bahamas Co-Operative Credit Unions Regulations, 2015, the Board of Directors (the Board) of each credit union must ensure that the rate of interest to be charged on loans to its members and those offered on deposits are set at levels deemed prudent. 6. THE ROLE OF THE BOARD OF DIRECTORS 6.1 Effective supervision by the Board and senior management is critical for sound interest rate risk management. It is essential that these individuals are aware of their responsibilities with regard to interest rate risk management and that they adequately perform their roles in overseeing and managing interest rate risk. 6.2 The Board is responsible for approving the overall policies of the credit union with respect to interest rate risk. The Board may delegate responsibility for establishing interest rate risk policies and strategies to the Asset and Liability Committee. Larger or more complex credit unions should have such committees, responsible for the design and administration of interest rate risk management. 6.3 Generally, the broad responsibilities of the Board are to: Establish and define the credit union s tolerance for interest rate risk, including Approve relevant risk limits and other key policies; Ensure that senior management has full understanding of the interest rate risks Inherent in the business activities of the credit union; Provide clear guidance to management regarding the Board s tolerance for risk; Approve in advance broad objectives and strategies and major policies governing Interest rate risk management; Approve policies that identify lines of authority and responsibility for managing Interest rate risk exposures; Ensure that adequate resources are devoted to interest rate risk management; To periodically review information that is sufficient in detail and timeliness to allow it to understand and assess the performance of senior management in monitoring and controlling interest rate risks in compliance with the credit union s board-approved policies; and 27

30 Assess periodically compliance with approved policies, procedures, and risk limits; and re-evaluate significant interest rate risk management policies, procedures and risk limits at least annually. 7. THE ROLE OF SENIOR MANAGEMENT 7.1 Senior management should ensure that the credit union s operations and level of interest rate risk are effectively managed and that appropriate risk management policies and procedures are established and maintained. Senior management must also ensure that resources are available to evaluate and control interest rate risk, which allows the credit union to conduct its activities in a safe and sound manner. 7.2 In managing the credit union s activities, senior management should: Develop and implement policies and procedures that translate the Board s goals, objectives, and risk limits into operating standards that are well understood by the credit union s staff and that are consistent with the board s intent; Ensure that appropriate policies and procedures are established to control and limit interest rate risks; Ensure adherence to the lines of authority and responsibility that the Board has approved for managing, measuring, and reporting interest rate exposures; Oversee the implementation and maintenance of management information and other systems that measure, monitor, control and report the credit union s interest rate risk; Establish and maintain effective internal controls over the interest rate risk management process; Monitor the credit union s overall interest rate risk profile and ensure that the level of interest rate risk is maintained at prudent levels; Ensure that the credit union s operations and activities are conducted by competent staff with technical knowledge and experience consistent with the nature and scope of their activities; Provide the board with periodic reports and briefings on the credit union s interest rate risk related activities and risk exposures; and Review periodically the credit union s risk management systems, including related policies, procedures, and risk limits. 8. RISK IDENTIFICATION AND MEASURMENT 8.1 Credit union management should also take appropriate steps to manage interest rate risk by reviewing and managing the balance sheet structure. This process should include the following: 28