Governance Charter Rules and Best Practices

Charter of Corporate Governance

Palestine Islamic Bank is committed to the regulations and rules of governance in force in Palestine. Many codes of governance have been approved, including the Code of Corporate Governance in Palestine issued by the National Governance Committee in 2009.The Bank is also committed to the handbook for bank governance in Palestine issued by the Palestine Monetary Authority, the latest of which was issued at the end of 2017. With the aim of strengthening the governance system, the Bank has prepared a charter of corporate governance in line with the guidance from the Palestine Monetary Authority. Among the most important principles mentioned in the charter, are the principles related to the tasks of the Board of Directors, the composition and qualifications of board members, practices of the Board, conflicts of interests, and committees of the Board with regard to the following:

• The Board performs all tasks assigned to it, covering all fields and takes into account the interests of the relevant stakeholders.
• The Board of Directors of the Palestine Islamic Bank is composed of eleven members, including three independent members and one member representing the small shareholders. The Board's composition meets the requirements related to the composition and qualifications of the Board as mentioned in the governance regulations issued by the Palestine Monetary Authority.
• Most members of the Board have the necessary experience and knowledge to manage the Bank. Most members hold higher degrees in economics, accounting and banking sciences, in addition to other certificates that enrich the work of the Board of Directors.
• A number of specialized committees emerge from the Board of Directors, such as the Review and Audit Committee, the Risk Management Committee, the Governance Committee, the Nomination and Rewards Committee, the Investment Committee, the Financing Committee and the Social Responsibility Committee.
• Each committee has a working charter that specifies the composition of the committee and the conditions of membership, meetings, tasks and responsibilities.
• The Board shall hold at least six meetings a year and the chairman of the Board of Directors or the Secretary, in coordination with the executive management, shall propose the topics covered in the agenda of each meeting.
• Members of the Board of Directors are provided with adequate information no less than four days before the meetings of the Board of Directors to enable them to study and collect information on the agenda so they can take appropriate decisions.
• The responsibilities of the members of the Board of Directors are specific, clear, and reasonable within the relevant legislation. Each member of the Board is provided with a letter explaining his rights, responsibilities and duties, upon his election.
• All banking operations that require Board approval are identified.
• Board members should keep abreast of developments within the Bank and the domestic and international banking sectors.
• The members of the Board of Directors have the right to have direct contact with the general manger. The Board committees also have the right to directly communicate with the department manager whose work is relevant to the area of responsibility of the Committee.

Board Committees

The Bank’s Board of Directors has several specialized committees with the aim of enhancing its supervisory effectiveness over the Bank’s activities and overseeing its work. The Board has formed several committees in compliance with governance rules, namely: the Risk Management Committee, the Review and Audit Committee, the Nomination and Rewards committee, the Governance Committee, the Finance Committee, the Investment Committee, and the Social Responsibility Committee. These committees are formed from the members of the Board of Directors.

Internal Control & Oversight Board

The internal control and supervising system is based on:

• Creating a professional environment that:
• Establishes rules of integrity and ethical values committed to by the Bank’s employees.
• Provides specialized professional competencies and supplies trained cadres to complete the Bank's work.
• Ensures the effectiveness of the role of the Board supervising committees and their affiliated departments.
• Directs the executive management to follow the methods compatible with the policies of the Board of Directors.
• Adopts an organizational and administrative structure that reflects the scale of operations and tasks of the executive management.
• Sets functional and automated tasks to delegate and separate powers.
• Lays the foundations for recruitment, evaluation and guidance of employees with high credibility and transparency.

Internal Audit

The Institute of Internal Auditors defines internal audit as “an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.”

Message by the Internal Audit Department

The internal audit assists the Board of Directors in performing its duties and responsibilities effectively. It provides reasonable and independent assurance to the Board represented by the Audit Committee that the policies, procedures, corporate governance and business risks are subject to appropriate controls. It submits reports that include the required information and relevant analyzes and recommendations.

The Internal Audit Department seeks to achieve its mission by focusing audit efforts on the risks faced by PIB and providing timely management information on the efficiency and effectiveness of the bank's internal control system and the quality of operational and financial performance.

Independence and objectivity of the internal audit

PIB’s Internal Audit Department technically reports to the Audit Committee established by the Board of Directors. This helps in maintaining independence and objectivity and avoiding any inappropriate interference with the work of the internal auditor which would affect their ability to carry out their responsibilities, including determining the scope and audit procedures and the content of audit reports. The audit should not be subjected to any conditions or circumstances which could threaten the ability of the Internal Audit Department to carry out its responsibilities without bias.

Objectives of the Internal Audit Department

• Evaluate the efficiency and effectiveness of internal control and regulation systems in PIB’s various departments, branches and divisions.
• Assess the efficiency of risk management procedures.
• Contribute to the protection of the bank's assets.
• Evaluate policies and procedures related to fraud prevention and detection.
• Determine the extent of reliance on accounting systems and financial reports, including information systems and electronic banking services.
• Review all approved systems to ensure their compliance with regulatory requirements and work ethics.
• Assist the directors of various departments, branches and units and the executive management in carrying out their internal control responsibilities.
• Verify compliance with PIB’s policies and procedures, PMA instructions, and the applicable laws and regulations.
• Cooperate and coordinate with the external auditor and PMA inspectors.
• Review proposed systems, processes or contracts, and make recommendations thereon before their implementation and signature.

Powers of the Internal Audit Department.

• Unrestricted access to all information, data, records, assets, bank employees, and reports required to carry out the internal audit.
• Access to the decisions of the Board of Directors and the Executive Management for review.
• Unrestricted and free communication with the Audit Committee and the Chairman of the Board of Directors.
• Definition of the scope of the audit and selection of the processes, activities and samples to be audited.
• Selection of the audit methods to be followed.

Risk Management

The Board of Directors is committed to providing risk management governance, reviewing the general levels of risk acceptance and diversification and providing the necessary mitigations against them. This is in addition to ensuring that senior management maintains a sophisticated and effective internal risk management and control system.

The main features of the risk management policy are as follow:

• The Bank's approved strategy reflects the commitment of the Board of Directors to reduce risks by directing the executive management to integrate the principles of risk management into the operations carried out by the Bank.
• The Board and the Risk Management Committee adopt policies, regulations and comprehensive and effective action programs and procedures to manage risks and provide guidance and insights for managing risks faced by the Bank.
• The Board and the Risk Management Committee continuously review and approve the scenarios that are used in risk analysis and review the assumptions and measurement mechanisms.
• The Board makes sure that the culture of identifying risk is strengthened within the Bank and that all Bank cadres at the executive and control levels participate in identifying, measuring, collecting and managing risks in a systematic, organized and transparent manner. It also ensures that risk management requirements are an essential part of the operations and procedures carried out by Bank, while providing services and products and signing agreements.
• In order to achieve integration between the operating supervisory bodies, the Bank adopts the risk-based auditing methodology within the framework of implementing the Bank's risk management.
• For the purposes of analyzing, measuring, controlling and managing risks, the Bank applies the decisions of the Basel Committee and any subsequent amendments, as well as applying the instructions of the Palestine Monetary Authority, issued in particular for Islamic banks, including:

1. Commitment to apply the regulatory authorities' instructions related to the capital adequacy standard within the framework of (Basel II and Basel III) and any subsequent amendments thereto and maintain a sufficiently adequate capital adequacy ratio to cover credit, market and operational risks, and other risks related to the Bank’s business environment within the second pillar of the Basel recommendations.
2. Implementing financial stress tests using the scenarios specified in the instructions of the Palestine Monetary Authority and any of the Bank's scenarios to determine the impact of these scenarios on the capital adequacy ratio and develop and follow up on the implementation of recommendations based on the results.
3. Implementing the internal capital adequacy assessment process and ensuring that the Bank maintains sufficient capital to face other risks inherent in the banking business.

• Based on the instructions of governance and regulatory authorities and the best practices in this field, and out of awareness of the great importance of the nature of the tasks and responsibilities relating to risk management, the Bank’s Board of Directors, through its risk committee, oversees the accomplishments and objectives of the Risk Management Department, and gives it the necessary attention and support to succeed in implementing its tasks according to its vision for this area.
• In order to enhance its presence and role in all the services and operational processes provided by the Bank, the Board of Directors is committed to the independence of the Risk Management Department from other business units by linking it directly to the Risk Committee of the Board of Directors and ensuring this is reflected in the organizational structure of the Bank.
• Taking into account the nature of the banking sector in Palestine, the Palestine Islamic Bank adheres to the principles and policies adopted globally in relation to risk management. It continuously strives to maintain a strong risk management environment with the aim of achieving a balance between the risks it incurs and the return it seeks to achieve at the portfolio level as a whole and in its operations and business units.
• The Bank's risk management procedures cover all activities and operations to ensure the availability of adequate controls to reduce risks inherent in the banking business to a minimum and to within the proportions and limitations set by the Board of Directors. The department, continuously and through constant communication with departments, works to maintain, update, and adjust the risk matrix in a way that enhances control procedures and reflects regulatory needs and developments, and any related new instructions or standards.
• The general framework of risk management processes includes a comprehensive set of quantitative and qualitative measurement tools based on best practices and internationally approved measurement methodologies in line with the recommendations issued by the relevant global bodies. It also covers a wide range of fields and activities with the aim of preparing accurate calculations of the risks that fall within the first pillar of the recommendations of the Basel Committee, including an internal capital adequacy assessment process and financial stress tests, as well as other risks that affect the working environment set out in the second pillar of the same recommendations, and in accordance with the requirements of the regulatory authorities.
• The risk management processes are subject to continuous development and increased efficiency in order to support and manage the Bank’s operations. The tasks and responsibilities of the Risk Management Department include identifying, analyzing, measuring and controlling risks which fall within the following classifications:

1. Credit risk
2. Market risk
3. Operating risks
4. Liquidity risk
5. Business Continuity Risks
6. Information Security risks
7. Any other risks which affect the Bank's reputation and assets

• During 2021 and due to the Coronavirus pandemic and the resulting effects on all economic sectors, the Bank was able to execute a number of procedures which aimed foremost to maintain sufficient liquidity ratios for its operational processes, support its clients and assist them in overcoming the hardships that resulted due to the pandemic, support other economic sectors, and develop its procedures for dealing with the requirements of this phase, especially those concerning the lives of its employees and clients.

In general, PIB’s management continuously seeks to improve quantitative and qualitative indicators and increase the bank’s financial strength and liquidity ratios, in order to grow and expand, while preserving its reputation and gains in terms of market share, increasing the confidence of its customers, protecting its assets, and preserving the rights of depositors within acceptable levels of risk.

The bank continues to increase its market share in most areas, including in credit, while at the same time it managed to significantly increase its capital adequacy ratio. According to financial data, PIB maintained a low default rate within the target set out in its annual budget despite the prevailing conditions. This practically reflects the bank’s success in supporting its customers, the quality of its credit portfolio, and the efficiency of its risk management processes and credit decision-making methods.

Compliance Policy

The Compliance Department is known to be an independent department responsible for identifying, assessing, providing advice and guidance, monitoring and reporting on the risks of non-compliance in the Bank. This includes risks arising from non-compliance with laws, regulations and instructions, the resulting financial losses or reputation risks that the Bank may suffer as a result of its failure to comply with laws, regulations, codes of conduct, and standards of good practice, including the following:

• Laws and legislations that govern and regulate the banking sector in Palestine.
• Instructions, decisions and notes issued by the Palestine Monetary Authority.
• Good banking practices in accordance with the requirements of "know your customer"
• Good business rules, good governance and banking ethics.

To achieve this in a professional environment, the Compliance Department was established by the Bank’s Board of Directors, to implement its responsibilities by reviewing documents, files and records, in order to perform its functions in a neutral manner and provide advice and guidance to all the Bank’s departments to enhance the culture of compliance in the Bank as a whole. The Compliance Department is responsible for receiving and following up on customer complaints and coordinating with all parties to find solutions.

Compliance with FATCA requirements

The Palestine Islamic Bank seeks to comply with the requirements of relevant local and international laws, including the FATCA law. The Bank is a financial institution involved in the application of the law, and the Compliance Department implements the requirements of tax cooperation laws, including the Foreign Account Tax Compliance Act. The Bank started to implement the law gradually as per the timeline required by the US Treasury. The law aims primarily to prevent tax evasion by taxpayers in the United States, whether individuals or companies, through the use of their accounts with foreign financial institutions or foreign investments. The Bank was listed with the American Tax Authority in 2014 as a participating financial institution. To achieve this, an approved policy and work procedures were prepared to comply with the application of the law by updating customer data and amending the accounts opening forms. The Bank purchased electronic systems to help implement the requirements of the law.

Anti-Money Laundering/Combating the Financing of Terrorism

The Palestine Islamic Bank is committed to local and international laws and directives, including the recommendations of Financial Action Task Force, the decisions of the International Security Council, and the decisions of the Basel Committee related to anti-money laundering and combating terrorism financing through comprehensive policies and procedures approved by the Board of Directors. Such policy and procedures are subject to modifications periodically to ensure they meets any new requirements.

The KYC policy is an essential part of the anti-money laundering and combating terrorism financing policy, as it has an effective role in limiting the Bank's exposure to risks that may result from its services being used in money laundering and/or terrorism financing. The policy aims at:

• Emphasizing adherence to the applicable laws and regulations at the local and international levels relating to anti-money laundering and combating terrorism financing.
• Emphasizing the importance of knowing the customer before and after establishing a business relationship with the Bank, obtaining all information and documents which enhance the identification of the customer (natural and/or legal), knowing the nature of the customer’s activity, the source and size of income, the real beneficiary of any transactions, the address and any further information which will help to enrich the Bank's knowledge of the customer, in accordance with the applicable laws and regulations.
• Continuous monitoring of Bank customers and identification and retention of good customers.
• Avoiding dealing and/or stop dealing with any customer who refuses to provide the Bank with the necessary data and information in accordance with this policy and procedures.
• Emphasizing the importance of updating the Bank’s customer data, by adopting a mechanism that ensures this is done continuously.
• Refraining from dealing with unidentified persons, people with fake or fictitious names or prohibited persons in accordance with the legislation in force, including shell banks and companies.

Privacy Policy

The noble Sharia is an approach followed by the Bank in all its dealings, in line with Islamic religious values which stipulate the importance of maintaining privacy , trust and seeking standards and tools that guarantee protection and privacy for clients of the Bank, whether they are individuals or bodies. Allah The Almighty says: “Surely, we offered the trust to the heavens and the earth and the mountains, but they refused to be unfaithful to it and feared from it, and man has turned unfaithful to it; surely he is unjust, ignorant," Surah Al-Ahzab: Verse 72

Maintaining customer privacy and protecting their personal information is a top priority for the Bank and one of its pillars. The Bank puts a special focus on client privacy and considers all information received by its employees and that which results from dealing with customers, private and confidential. Allah The Almighty says: "O you who believe! Do not be dishonest to Allah and His Messenger, nor betray your trusts knowingly." Surah Al-Anfal: Verse 27. In line with this, Bank employees work hard to protect the privacy of customers and provide them with the highest standards of protection for their personal information, supported by the Code of Professional Conduct of the Board of Directors and all employees.

The Palestine Islamic Bank applies a strict policy and follows strict procedures to keep customer information private and confidential. It ensures the confidentiality of personal information obtained through the dealings of customers and clients with the Bank, keeps such information in a safe and secure way and guarantees its protection from loss and unauthorized access, misuse by any person, amendment of personal information, or disclosure thereof to a third party in a way not permitted by law in line with Article (32) of Banking Law No. (9) of 2010.

Procedures followed by the Palestine Islamic Bank to maintain the confidentiality of customers’ personal information include:

• Modern and advanced electronic and technological protection systems that are used to prevent electronic piracy preventing access to those who are not authorized to use the systems of the Bank.
• Regular developing and updating of financial and administrative control systems and protection controls which adhere to international banking standards.
• The employees of the Palestine Islamic Bank are qualified, trained and committed to Islamic banking and are governed by the principles of noble Islamic Sharia regarding trust. It was narrated that the Messenger, may God bless him and grant him peace, said: “Verily, friends are holders of the Exalted God's trusts and thus, they are not allowed to reveal each other's secrets."
• It is not permissible to disclose information provided by customers or collected from them to any agency, organization or external party before obtaining the customer's prior written consent or as the law or decision issued by a Palestinian court requires.
• Only authorized employees who have powers are permitted to access the customer's personal information, and strict administrative and legal disciplinary procedures shall apply to any employee who violates the Bank's privacy policy.