The governance structure is built on three pillars: establishing strategic direction; executing strategy and managing risks; and stewardship through conformance with policy and established procedures, rules and practices.

The governance structure is underpinned by policies, procedures and practices to ensure good governance, organisation structure to implement the foregoing, values, ethics and integrity. Values, ethics and integrity will help ensure implementation of the laid down governance rules and procedures.

The Corporate Governance Manual lays down the Bank’s governance framework, the Board and Executive Management governance structures, key policies, guidelines and control functions, duties of and restrictions on Board members. The General Manager – Corporate Governance is responsible for keeping the manual updated under the guidance of the Bank’s Corporate Governance Subcommittee. The Manual is accessible to the general public through the Bank’s website.

The Manual is in accordance with the guidelines of regulatory authorities; CMA, SAMA and the Board Committee on Banking Supervision.

The General Assembly will appoint the Board of Directors. The terms for such appointment are approved by the General Assembly itself. The normal term of a Board member is 3 years. Membership for more than 12 consecutive years is discouraged in conformance with SAMA's principles of Corporate Governance. Subject to the foregoing limitation, members may be reappointed in the absence of anything to the contrary in the Articles of Association. Compensation to Board members is governed by SAMA regulations and any other relevant regulations.

The Bank’s governance structure, with its different levels, is depicted in the diagram below. The various levels are shareholders annual meeting, Board of Directors, Board committees, Management committees and Management subcommittees.

The Board should consist of at least nine members of whom not more than two should be executive members. The composition of the Board should reflect the diversity of knowledge, skills and disciplines needed to guide the affairs of the Bank.

The qualifications for Board membership in terms of honesty, integrity, past record and personal financial soundness are specified. They should also be free of conflicts of interest to be able to perform their duties in the best interests of the Bank. The Chairman and Vice-Chairman should be Non-Executive Directors. No Board member may serve on the Board of another bank licensed and operating in the Kingdom, or on that of another financial institution that may result in a conflict of interest. They may also not serve on the Board of another significant competitor or on the Board of more than four listed companies. All Board members should keep the Bank informed about other directorships and executive positions they hold in other listed companies.

The profiles of the Board members show an extremely wide range of qualifications, skills and experience. Their exposure includes banking, IT, commerce, regulatory functions, audit, capital markets and strategic planning. The governance Manual stipulates the requirements for the composition of the Board. The Board presently has nine members of which five are Non-Executive Directors and four are
Independent Directors.

The details of the members of the Board including status, classification, date of appointment, number of Board meetings attended and other directorships are given in the table below:

The responsibilities of the Board include strategy responsibilities, risk responsibilities, performance management responsibilities and organisation responsibilities.

A Board member has a fiduciary responsibility to keep confidential all information that has been obtained in the course of his duties other than such information which will be made public. Confidential information may be divulged, during or after his tenure, only with the written permission of the Chairman of the Board. Members are also prohibited from making use of any information for personal gain or for the benefit of any person or entity inside or outside the Bank.

The number of meetings should be at least the minimum required by Saudi law and the meetings should be scheduled at the beginning of the year. Additional Board meetings can be convened at the request of the Chairman and two or more Board members. The agenda and information packs should be circulated at least seven days prior to the meeting and the Board secretary is responsible for this. For extra-ordinary meetings it should be sent as much in advance as feasible. In addition to face-to-face meetings, teleconference or video conference meetings are also permissible. The quorum for a Board meeting is:

• The Chairman or Vice-Chairman
• At least five Board members, either in person or by an authorised representation by another Board member subject to the fact that a Board member may not represent more than one member.

Board decisions shall be by a simple majority of members present or represented with the Chairman’s (or in his absence the Vice- Chairman’s) vote being the deciding vote in the case of a tie.

It is the Board secretary’s responsibility to assist the Chairman in the smooth functioning and logistics of the Board. He should maintain minutes of meetings, including deliberations, votes, objections and abstentions from voting. Minutes should be distributed not later than 15 days after the date of the meeting.

Six Board of Directors’ meetings were held in 2018 and the details of Directors’ attendance are given below:

While the ultimate responsibility for the governance of SAIB rests with the Board of Directors, the Board is assisted in this function by several committees. There are six Board committees.

The Board committees are:

• Board Executive Committee
• Board Risk Committee
• Board Audit Committee
• Board Nomination and Remuneration Committee
• Board Shariah Committee
• Board Governance Committee

The Composition and responsibilities of the Board Committees are given below:

• The Executive Committee is comprised five Board members. This Committee supervises the credit and financial policies of the Bank.
• The Risk Committee is comprised five Board members. This Committee supervises the risk management activities of the Bank including market, credit, and operational risks.
• The Audit Committee is comprised five members: two Board members and three non-Board members. The Audit Committee’s activities include overseeing the Bank’s internal audit function, recommending the appointment of the external Auditors, and related activities.
• The Nomination and Remuneration Committee is comprised of five Board members. This Committee is responsible for recommending to the Board of Directors appointments to membership of the Board in accordance with the approved policies and standards, reviewing on an annual basis the criteria for membership of the Board of Directors, and reviewing the structure of the Board of Directors and recommending changes thereto. It is also responsible to recommend to the Board the approval of the Bank’s compensation policy and amendments thereto, and other activities related to the Bank’s compensation policies and guidelines.
• The Shariah Committee is comprised three members and is responsible for providing Shariah opinions on submitted applications and related contracts and forms. The Committee is also responsible for ensuring the Bank’s compliance with Shariah principles and decisions through the Shariah control function. In addition, the Committee answers Shariah related enquiries for the Bank and its customers.
• The Governance Committee is composed of three Board members. The Committee is responsible for promoting and implementing best practices of governance by acting on behalf of the Board to ensure the implementation of these practices in all activities of the Bank. The Committee also monitors the Bank’s compliance with relevant local and international regulations.

The membership of the six Board committees is given below:

The details of Board Committee meetings and attendance are given below:

Eleven Executive Committee meetings were held in 2018 the details of which are given below:

Five Audit Committee meetings were held in 2018, the details of which are given below:

Seven Nomination and Remuneration Committee meetings were held during 2018, the details of which are given below:

Four Governance Committee meetings were held in 2018 the details of which are given below:

Four Risk Committee meetings were held in 2018, the details of which are given below:

Six Shariah Committee meetings were held in 2018, the details of which are given below:

Two Extraordinary General Meetings were held in 2018 the details of which are given below:

The Board is responsible for the appointment of the CEO and the continued evaluation of his performance. The roles and responsibilities of the Chairman and the CEO are clearly distinguished to ensure separation of the Executive Management and the Board.

Decisions and directives of the Board and the Senior Management are implemented by Management committees. The Management committees also recommend, decide, approve and monitor matters which are within their purview. They also provide a forum for discussion and exchange of views at a Senior Management level.

There are nine Management committees which are listed below:

• Management Committee
• Credit Committee
• Asset and Liability Committee
• IT Steering Committee
• Enterprise Risk Management Committee
• Information Security Committee
• Compliance Committee
• Expected Credit Loss Committee
• MSME Committee

The Management subcommittees make recommendations
on specific topics to a specific Management or Board Committee. There are eight Management subcommittees which are listed below:

• Sustainability subcommittee
• Business Continuity subcommittee
• Securities Valuation subcommittee
• Structures Solution Approval subcommittee
• Financial Fraud Control subcommittee
• Operational Risk Management subcommittee
• Stress Testing subcommittee
• Labour subcommittee

Since Board members cannot give directives directly to members of the staff, communication between the Board and Management should be either through the Board Committee or subcommittee meetings or through the Corporate Secretary. In the latter case the Secretary will obtain the consent of the CEO for the meeting or contact. The CEO can also opt to participate in the discussion if he so desires.

In accordance with the principles of corporate governance issued by SAMA and endorsed by the CMA, annually the Board carries out an assessment of its own performance, the performance of individual members and of the Board committees. Every three years this is carried out by an external consultant. The objective is to review the effectiveness of controls, identify shortcomings and take corrective action. An external review was carried out in 2018, and the conclusion was that the governance framework and the systems of the Bank measure up to both national and international corporate governance best practices. The evaluation found the Board to be among the top 5% of Boards that the GCC Board Directors Institute (BDI) has reviewed.

SAIB follows the:

International Financial Reporting Standards (IFRS) as modified by SAMA for the accounting of Zakat and Income Tax (relating to the application of International Accounting Standard (IAS) 12 “Income Taxes” and IFRIC 21 - “Levies” in so far as these relate to accounting for Saudi Arabian Zakat and Income Tax); and are in compliance with the provisions of the Banking Control Law, the Regulations for Companies in the Kingdom of Saudi Arabia and the Bank’s Articles of Association.

The Financial Statements for the year ended December 31, 2018 have been approved by the Directors to ensure that they present a true and fair view of the state of affairs of the Bank for the year under review.

IT governance

Information technology plays a vital role in the Management and operations of the Bank. The cutting-edge technology we employ is a vital part of our competitive edge. All our IT development and operations are conducted in accordance with international standards and best practices. The IT strategy has been crafted to align with business strategy.

SAIB has a comprehensive IT Information Security Policy which is the bedrock of the Information Security Management System (ISMS). ISMS safeguards the Bank’s IT hardware and digital assets. It thereby also safeguards the interests of customers, investors, employees, and other stakeholders. A framework has been designed to restrict access to digital assets. All assets have a nominated owner and rules for access are well established. Access to data and facilities are on a “least privileged” and “need to know” basis. Critical sensitive facilities are housed in areas with appropriate security barriers and limitations to access. Procedures are in place to make swift and effective responses to any information security threats.

Ethics and standards

The Bank maintains the highest degree of ethical and professional standards which are governed by a code of conduct. This governs all commercial operations and practices. Through this code the Bank seeks to inculcate a culture of professionalism where the highest standards of ethics, integrity and respect for confidentiality prevail. The code applies to all Directors, employees, affiliates and any person who may represent the Bank. It provides a guide for making day-to-day decisions as well as strategic decisions. The governance exercised by the Board ensures the effective implementation of the Bank’s ethical standards and the Code of Conduct.

To strengthen assurance of ethical conduct we have a Whistle- blowing Policy in place where employees may report suspected cases of breaches of code of conduct, ethics, laws, regulations or procedures without any fear of reprisals. Such reporting may be done to the CEO or to the General Manager – Human Resources. The Bank also has a portal on its website where external parties may report any suspected irregularities.

Internal controls

The Management is responsible for establishing an adequate, effective, and efficient internal control system that will cover all operations of the Bank. The internal control system should include the policies, processes and procedures which are designed by or under the supervision of the Board to achieve the strategic objectives of the Bank and ensure smooth day-to-day operations. All significant findings related to the internal control systems are reported to the Audit Committee of the Bank. The Committee ensures that any shortcomings are corrected to ensure the smooth functioning of the Bank. All levels of the Bank are involved in the efforts to strengthen the internal control system. Each function, under the supervision of the Senior Manager is responsible for rectifying any identified deficiencies relating to the function. It is recognised that necessary controls may change with changing circumstances and review needs to be an ongoing and continuous process.

The testing and assessment of internal controls carried out during the year however, gave reassurance that the system has proved to be adequate and effective.