Corporate Governance Manual

RCBC affirms its commitment to good corporate governance. With an empowered Board leading the way, RCBC continues to work towards a solid control environment, high levels of transparency and disclosure, and well-defined shareholders’ rights.

The corporate governance framework of RCBC combines global best practices such as the G20/OECD Principles of Good Governance and the general principles of the ASEAN Corporate Governance Scorecard, and the regulatory requirements of SEC Memorandum Circular No. 19, series of 2016 or the Code of Corporate Governance for Publicly-listed Companies and BSP Circular No. 969, series of 2017 or the Enhanced Corporate Governance Guidelines for BSP Supervised Financial Institutions. RCBC’s corporate governance framework is embodied in its Corporate Governance Manual, the latest version of which was approved by the Board in March 2021.

Code of Business Conduct and Ethics

All Directors and Employees are governed by the Bank’s Code of Conduct, which revolves around the Core Values of the company. It is designed to serve as guide to directors and employees on how they should conduct themselves within and outside the Bank premises and in dealing with clients/customers and co-associates.

Adherence to this Code is the responsibility of each and every associate. It is administered uniformly throughout the Bank and is independent of the practices of other banks. It is a condition for continuous employment. Any breach of this Code may result in disciplinary action ranging from reprimand to termination of employment, depending on the gravity of the offense, after the observance of due process.

All Directors and Employees are required to adhere to and uphold the tenets of the Code of Conduct and to report any violation thereof to a more senior officer, the Security Department, the Internal Audit Division or the Human Resources Group.

The Code of Conduct is divided into five parts as follows:

A. Treatment of Clients

B. Treatment of Bank Assets

C. Treatment of Others

D. Conflict of Interests

E. Knowledge, Understanding & Compliance

Corporate Social Responsibility

RCBC has pursued its corporate social responsibility initiatives in the areas of environmental care, education, and community development since 2013. 


Sustainable Finance Framework

As one of the largest banks in the Philippines, RCBC recognizes its role in maintaining stability in the financial services sector in support of the economy while ensuring that the welfare of the environment and communities are sustained. In 2019, RCBC launched its own Sustainable Finance Framework which intends to prioritize fundraising and lending to activities that have environmental and social benefits.  This is part of the Bank’s response to the Bangko Sentral ng Pilipinas’ (BSP) call for financial institutions to be enablers of environmentally and socially responsible business decisions.


The framework’s initiative aims to reduce our corporate carbon footprint and finance the flow of funds into a low-carbon and climate-resilient future not only in the Philippines but also within ASEAN. To further enhance this advocacy, last December 2020, RCBC announced that it will no longer extend financing to new coal-fired power projects as the Philippines moves to cleaner energy sources.


In 2021, as customers continue to struggle with the economic impact of the pandemic, we remain responsive to their needs as well as reach out to others so we can assist them throughout this crisis.


A Year of CARE

RCBC believes that assisting our clients to survive the economic hardships from the global pandemic is our moral obligation. In 2020, we launched the COVID Assistance and Recovery (CARE) Program to provide pre-emptive refinancing support to customers severely affected by the pandemic and may take time to recover. Those qualified under CARE were customers in good standing as of March 2020 when the Enhanced Community Quarantine was first enforced.


Specifically, CARE was designed to extend financial assistance by way of extended repayment plans given customers’ cash flow tightness during the pandemic. It also aimed to immediately get customers back into the habit of paying based on the amount they can afford so they can focus on the more important task of recovering and seeing themselves through the crisis.


Before rolling out the program, we conducted a collection training program for our account officers and front liners so they can properly assess and categorize clients based on their needs and credit history. We made our clients aware of the program through various touchpoints such as via our website, electronic direct mail, and social media (Facebook).


Relationship with Community

In light of the pandemic, we aimed to create a net positive impact to the communities we serve

and focus on mass market digitization with the following innovations to address the needs of the

unbanked and underserved Filipinos and in support of BSP’s advocacy for financial inclusion:


  1. Diskartech: We launched a mobile-based application which is the country’s first financial inclusion accelerator app to serve unbanked and underserved Filipinos. We also pioneered the Philippines’ first Tagalog-English inclusion in the mobile app to make it a simple and convenient yet safe and secure digital way of doing financial transactions.

  1. ATM Go: These handheld ATM terminals are instrumental in the government’s distribution of the Social Amelioration Program (SAP) payouts. The government has partnered with RCBC to help distribute cash assistance to families greatly affected by the Enhanced Community Quarantine in provinces and remote locations where there are no bank branches.

  1. Go Digital: Our digital plan was set in motion in 2019 with the re-launch of the RCBC online retail mobile app. The pandemic accelerated the acceptance and use of the new mobile app with the expanded array of features Go Digital has the ability to send and receive cash through several remittance partners (i.e., LBC, MLhuillier and Bayad Center) which are accessible to millions of Filipinos in far-flung areas.

In June 2020, Rizal MicroBank (RMB), our thrift bank subsidiary, launched “Bangko ng Bayan” after receiving BSP approval for its pilot run. RMB was able to implement its initiatives and acquire relevant data that will testify to the relevance of an agency banking program for the unbanked and underserved market. The services include account opening, cash-in/deposit, cash-out/ withdraw, bills payment, loan referral and micro insurance availment.


Emergency Relief

During the height of the pandemic, Filipinos came together to help the affected families by enhancing community quarantine. Through ABS-CBN’s “Pantawid ng Pag-ibig” fundraising program which aims to provide food and assistance to families in need, RCBC and AY foundation together with other 20 top business groups raised funds and pledged P100 million.

Enterprise Risk Management

Risk Governance Framework and Capital Management Framework

The Group's Risk Governance Framework (RGF) and Capital Management Framework rest on five pillars: a) effective Board oversight, b) sound risk management strategy, c) dynamic capital management process, d) risk and capital monitoring and escalation, and e) review and validation. The Group's risk management strategy and capital management systems respond to internal and external signals. Internal signals are manifested in its corporate Mission & Vision, which animate a set of strategies that aim to fulfill such vision while taking into account external indicators mostly involving current market movements and projections. Always, the RGF and Capital Management Framework see through bi-focal lenses - growth/business-as-usual scenario, and stress. With the foregoing as backdrop, business targets are determined along with the risks and the necessary capital, bearing in mind minimum capital adequacy regulations and internal triggers. In an ideal scenario, the process should lead to maximization of capital via robust capital allocation among the business units, and with performance assessed via risk-adjusted measures. The Group is committed to working towards this goal. The Frameworks and corresponding sub-processes are all subject to review and validation, a role largely driven by the Internal Audit Group. Finally, each facet of the Frameworks is monitored and reported to the designated oversight bodies.

Risk-and-Capital-Management-Framework

Risk Governance Framework

The Risk Governance Framework of the Group follows a top-down approach, whereby the Board of Directors (BOD) takes ultimate accountability for: the risks taken, setting the tolerance level for these risks, business strategies, operating budget, policies, and overall risk philosophy. In the interest of promoting efficient corporate governance, the BOD constitutes committees to perform oversight responsibilities. These committees perform oversight functions in the area of risk policy formulation, decision-making, and risk portfolio management.

 

Enterprise Risk Management Board of Directors

 

Board of Directors

The BOD ensures that the Group‘s corporate objectives are supported by a sound risk strategy and an effective risk governance framework that is appropriate to the nature, scale, and complexity of its activities. The BOD provides effective oversight of senior management‘s actions to ensure consistency with the risk strategy and policies, including the risk appetite framework. The BOD:

  • Sets policies, strategies and objectives and oversees the executive function
  • Sets the risk appetite and ensures that it is reflected in the business strategy and cascaded throughout the organization
  • Establishes and oversees an effective risk governance and organizational structure

 

The Risk Oversight Committee

The ROC supports the BOD with respect to oversight and management of risk exposures of the RCBC parent bank and subsidiaries (the Group). In this regard, the ROC exercises authority over all other risk committees of the Group, with the principal purpose of assisting the BOD in fulfilling its risk oversight responsibilities. The ROC oversees:

  • The risk governance framework
  • Adherence to risk appetite
  • The risk management function
  • Capital planning and management
  • Recovery plans

 

The Risk Management Groups

Supporting the ROC in carrying out its mandate are the Risk Management Group (RMG), and the Credit Management Group (CMG), headed by the Chief Risk Officer (CRO) and the Chief Credit Officer, respectively.  

Administratively and functionally, enterprise risk management follows the ―centralized risk monitoring – decentralized risk management approach. The risk units in the subsidiaries implement the risk management process individually, and report to their respective risk committees.

The Parent Bank‘s risk management groups implement the risk management process in the parent and consolidate the risk MIS from the various subsidiary risk units for a unified risk profile that is presented to the ROC.

The risk management groups are responsible for overseeing the risk-taking activities across the Group, as well as in evaluating whether these remain consistent with the Bank‘s risk appetite and strategic direction. It shall ensure that the Risk Governance Framework remains appropriate relative to the complexity of the Bank‘s risk-taking activities. The risk management groups shall be responsible for identifying, measuring, monitoring, and reporting risk on an enterprise-wide basis. It shall directly report to the ROC. Personnel in the risk management groups should collectively have knowledge and technical skills commensurate with the Bank‘s business activities and risk exposures.

 

The Risk Management Group (RMG)

Enterprise Risk Management Risk Management Group

 

The following are the major risk management divisions and departments under RMG:

 

Enterprise Risk Management Enterprise Risk Division Head

Enterprise Risk Division: The Enterprise Risk Division (ERD) is responsible for the Internal Capital Adequacy Assessment Process (ICAAP), Basel compliance, credit risk analytics, and the credit portfolio risk function. A quantitative risk unit is responsible for quantitative analysis, back-testing and validation of risk models, and the building of other risk metrics.

 

Enterprise Risk Management Portfolio Quality Division Head

Portfolio Quality Division: The Portfolio Quality Division (PQD) was created to conduct an independent credit review and ensure compliance with the requirements of BSP Circular 855 on credit review process. PQD contributes to Risk Portfolio Management as governed by the ROC through the assessment of the overall portfolio quality of the Bank in terms of credit risk mitigation, environmental and social impact, and adherence to environmental and social risk due diligence. The Independent Credit Review function covers an evaluation of credit review procedures, policy formulation, and action plan monitoring. Observations are reported periodically to the ROC, following discussions with accountable groups in line with the requirements of BSP Circular 855. The functions pertaining to Sustainable Finance and ESMS provide oversight on the implementation of RCBC‘s Sustainable Finance Framework and ESMS policy, in support of the Bank‘s commitment to uphold social and environmental responsibility in all its business activities. Environmental and social risk and sustainable finance related updates are regularly reported to the ROC.

 

Enterprise Risk Management Market Liquidity Division Head

Market and Liquidity Risk Management Division: The Market and Liquidity Risk Management Division (MLRMD) is primarily tasked with the development and implementation of market and liquidity risk policies and measurement methodologies, recommending and monitoring compliance to risk limits, and reporting the same to the appropriate bodies. It is also the primary unit in the Group responsible for the formal management of interest rate risk in the banking book (IRRBB). It regularly reports to the ROC and the Asset & Liability Committee (ALCO) activities relevant to market, liquidity, and interest rate risk in the banking book management of the Group.

 

Enterprise Risk Management Operational Risk Division Head

Operational Risk Management Department; The Operational Risk Management Department (ORMD) was created to ensure that operational risks are managed at an enterprise level, the systems and processes used to manage these risks are effectively implemented, and that management of these risks is embedded in the Group‘s processes. ORMD is tasked to ensure implementation of the Operational Risk Management (ORM) Framework across the Group; and to develop an appropriate operational risk management environment where operational risks are identified, assessed, reported, monitored, and controlled/mitigated. It is also expected to identify and recommend mitigants for emerging risk types, and to promote and maintain quality operational risk programs and infrastructure. ORMD is also responsible for ensuring the Bank‘s capability to plan and respond to incidents and business disruptions and enable the continuity of key business operations at predefined acceptable levels. The department also provides the processes and methodologies designed to protect the clients by implementation of the Consumer Protection Program.

 

To facilitate implementation of ORM tools in the various business lines of both the parent bank and its subsidiaries, various officers are deputized and serve as embedded Deputy Operational Risk Officers (DORO) and Consumer Assistance Officers (CAO). A DORO or CAO functions as ORMD‘s liaison to and implementation arm in the various business units for Operational Risk and Consumer Protection, respectively.

 

Enterprise Risk Management Enterprise Fraud Risk Division Head

Enterprise Fraud Risk Department: The Enterprise Fraud Risk Department (EFRD) is tasked to ensure proper observance of the fraud management program (i.e., prevention, detection, investigation and escalation, containment and recovery, analysis and recommendation), and provide a high-level Enterprise-wide Fraud Risk Management Framework and its corresponding policies and standards. This serves as the basis upon which the Business, Operations and Support units will develop their own specific procedures and guidelines that will operationalize the controls to mitigate fraud risks that are inherent in their day-to-day activities. EFRD also conducts periodic analysis of all fraud incidents and losses, creates rules/parameters for monitoring, investigates fraud cases, and determines current and emerging fraud risk trends which are reported to the BOD, through the ROC, and to the Management, thereby assisting them to make well-informed fraud risk management decisions.

 

Enterprise Risk Management Information Security Division Head

Information Security Governance Department: The Information Security Governance Department (ISGD) deals with all aspects of information whether spoken, written, printed, electronic, or relegated to any other medium regardless of whether it is being created, viewed, transported, stored, or destroyed. This covers all business units, branches/offices, and subsidiaries, both domestic and overseas, third party institutions, and individuals.

 

The ISGD is tasked to ensure compliance with regulatory requirements set forth by the regulating bodies and laws in the areas of information security and electronic banking services. The department monitors and ensures that policies, procedures, and standards in managing information security and technology risk are observed across the Group. It also oversees and is part of the process for detecting, analyzing, and responding to any information security incident. ISGD also keeps the senior management and BOD apprised on information security risks. ISGD executes an Information Security Strategic Plan (ISSP) and Information Security Program (ISPr) aligned with the business objectives of the Group. The department also establishes governance specific policies, standards, and procedures for information security risk management, conducts trainings and issues advisories to increase information security awareness, and performs the Information Security Risk Assessment (ISRA) and Information Security Annual Certification (ISAC) for the whole RCBC Group to manage, identify, and address information security risks.

 

ISGD executes an Information Security Strategic Plan (ISSP) and Information Security Program (ISPr) aligned with the business objectives of the Group. The department also establishes governance-specific policies, standards, and procedures for information security risk management, conducts trainings and issues advisories to increase information security awareness, and performs the Information Security Risk Assessment (ISRA) and Information Security Annual Certification (ISAC) for the whole Group to manage, identify, and address information security risks.

 

The Credit Management Group (CMG)

 

The Credit Management Group (CMG) focuses on the operational and front-end aspect of the credit cycle.

Enterprise Risk Management Credit Management Group

 

Major responsibilities of CMG include:

 

  • Provides inputs on the credit quality of accounts to ascertain that all credit issues are disclosed and discussed thoroughly, so that approving authorities can render decisions based on adequate information
  • Prepares financial analysis and spreadsheets to provide input for credit risk assessment and credit packaging; issues and reviews credit risk ratings
  • Strengthens loan portfolio quality; guides business units and determines which accounts are weak or are potential problem loans
  • Subjects the portfolio to stress testing to determine the potential effect on the loan portfolio of possible stress scenarios, in order to assist management in formulating contingency plans for the portion of the portfolio that is vulnerable
  • Provides property valuation to ensure adequate collateral security as a second way out of the bank's lending activities
  • Formulate and amends credit policies through benchmarking, industry research, keeping updated with regulatory requirements and international risk standards, and ensuring compliance with all BSP requirements
  • Reviews policies formulated by various business units/groups within the Bank, and of subsidiaries such as RSB and Bankard to ensure that their policies are generally aligned with the parent bank‘s policies
  • Reviews/revises annually credit concentration limits such as industry, country and counterparty limits for CBG and Treasury by consulting the Corporate Planning Group, CBG, and Treasury on business requirements and risks
  • Prepares various regulatory and management reports to provide the needed inputs for audited financial reporting, compliance with regulatory requirements, and as a tool for managing the loan portfolio and for credit decision-making

 

Capital Management Framework

The Capital Management Framework of the Group incorporates the planning process, the Capital Plan, and the continuing review and reporting of results.

Strategic and Business Planning

In the Strategic and Business Planning Process of the UniBank, the overall risk appetite is developed as part of the business plans. 

The process involves the development of strategic and business objectives, anchored on the Mission & Vision, as interpreted and articulated by Senior Management. This is an iterative process involving both internal and external analyses and risk assessment.

The planning process then results in a business plan, the annual budget, medium-term forecast/projections, which all incorporate identified risks. It includes a regular review of the business plan (monthly, quarterly) based on key performance indicators. 

Capital Planning

The other component of the Framework is the development of the Capital Plan that incorporates the current business plan and additional projections and stress testing. 

This component highlights the use of medium to long-term forecasts and stress scenarios in the management of capital. The results of the forecasts are always reviewed against the internal minimum capital ratios, inclusive of Pillar 2 charges, and the regulatory minimum.

 

More details on the Group’s RGF and Capital Management Framework can be found in the published Annual and Sustainability Report (https://www.rcbc.com/annual-reports).

Company's Policies

Highlights

Anti-Money Laundering

Composition:

Three (3) directors, majority of which are independent directors including the chairperson.

Members:

Gabriel S. Claudio (ID) – Chairperson
Vaughn F. Montes (ID)
Florentino M. Herrera III (NED)

The AML Committee assists the Board of Directors in its mandate to fully comply with the Anti-Money Laundering Act, as amended, its Revised Implementing Rules and Regulations and the Anti-Money Laundering Regulations under the Manual of Regulations for Banks (MORB); and to ensure that oversight on the Bank’s compliance management is adequate.

FATCA

ASEAN Corporate Governance Scorecard

As part of the ASEAN Capital Market Forum's regional initiatives of promoting the development of an integrated market, a tool measuring the corporate governance practices among the ASEAN Publicly-Listed Companies has been developed. The OECD Principles of Corporate Governance were used as the main benchmark. The ACGS initiative has been practiced since 2011, and RCBC has been a participant from its inception.

Board and Board Committee