policies related to the corporate governance manual

 

alrajhi bank has adopt a comprehensive set of policies and procedures that strengthens its governance framework in line with the Board of Directors approved Delegation of Authorities (DoA) matrix to adequately reflect internal practices.

Code of Conduct

The bank’s Code of Conduct provides its employees with the values and philosophy of the bank and how to main the highest ethics while conducting their day-to-day responsibilities. The Code of Conduct covers the following areas:

1. Demonstrating the highest standards of ethics, transparency, integrity and honesty
2. Treating all people with dignity and maintaining an inclusive work environment. This includes speaking up against discrimination and harassment in the workplace
3. Protecting and safeguarding confidential information of customers and fellow employees.
4. Assisting in the prevention of the misuse of material, non-public information

The bank’s Code of Conduct applies to all employees. alrajhi bank operates with full integrity and transparency and ensures that no personal or financial interests of its employees, stakeholders or partners conflict with its business operations through its Code of Conduct by providing some general considerations to identify potential conflicts of interest. They are enumerated as follows:

• Perception: Could the activity or transaction be perceived as a potential conflict by others? If all the related facts were made public, would you or ARB Group be viewed negatively?
• Intent: Is the offer or request an attempt to influence the recipient’s or your judgment?
• Impact: Will the Bank or its customers be disadvantaged without legitimate reason if you participate in the activity or transaction?
• Objectivity: Will participation in the activity or transaction affect a customer’s or your judgment or your ability to be objective with regard to any business decisions.
• Time considerations: Will the time required by the outside activity interfere with your ability to effectively carry out your job responsibilities to the company, its shareholders or its customers?

The Code of Conduct contains key principles that employees must follow while carrying out their duties. These include guidelines on how to conduct oneself in the workplace, complying with all applicable laws, rules and regulations, and decisions of the Shariah Board, preventing money laundering, terrorist financing and corruption, preventing conflict of interest from arising and serving customers and shareholders. All employees are required to report any activity or behaviour that is non-compliant with the Code of Conduct through the Whistleblowing channels (As per procedures as explained in the next section). This includes matters related to but not limited to the following:

• Fraud, embezzlement, theft, money laundering, financing terrorism, and insider trading
• Counterfeiting and falsifying documents
• A colleague exploiting or misusing his/her position for personal gain.
• Presenting or receiving a bribe or acting as a middleman for one.
• Harassment or Extortion
• Unethical behaviour of any colleague(s) such as breach of honesty and integrity
• Any other violation of the Code of Conduct or Whistle-Blowing policy

Anti-bribery and corruption (ABC) policy

alrajhi bank has a zero-tolerance approach towards all forms of bribery, corruption and facilitation payments and if any employee is found to be indulging in bribery or corruption, disciplinary action will be undertaken and may include legal prosecution.

All employees, including staff across alrajhi’s local and international branches and subsidiaries as well as third parties are covered under this policy. All employees must be made aware of the provisions of this Policy and that they have an obligation to report any suspected violations through the reporting channels.

Communication and training about anti-corruption policies and procedures (Employees at bank level)
Parameters	2024
	Senior management	Middle management	Junior Management	Non- management/ Workers
Total number of employees	14	174	518	8,329
Total number of employees that the organization’s anti-corruption policies and procedures have been communicated to	14	174	518	8,329
Total number of employees that have received training on anticorruption	14	174	518	8,329
Percentage of employees that the organization’s anti-corruption policies and procedures have been communicated to	100%	100%	100%	100%
Percentage of employees that have received training on anticorruption	100%	100%	100%	100%

 

The Whistleblowing and ABC Department is the owner of the Policy and is responsible for overseeing compliance with the Policy while the Legal Department of the Human Resources Group is responsible for taking decisions and taking actions against employees involved in bribery and corruption cases.

Whistleblower policy

alrajhi bank is committed to ensuring the highest ethical and professional standards and has formulated a Whistleblower Policy to take reasonable steps to prevent and control any act of bribery or corruption. The Bank encourages staff at its local and international branches as well as subsidiaries to report any violations, misconduct, manipulations, vandalism, bribery, corruption, breach of its policies, aiding and abetting and provides various channels for people to report such acts including hotline number & e-mail.

The bank will take necessary measures to maintain the confidentiality and/or anonymity of the whistleblower. The Whistleblowing and ABC Department is responsible for investigating the cases reported through the policy. Al Rajhi Bank does not tolerate acts of retaliation against those who report their concerns and consider retaliatory acts as a potential disciplinary matter.

The bank’s ABC and Whistleblowing Policy Statement can be accessed here.

Anti-money laundering (AML) policy

alrajhi bank complies with the international standards set in relation to the following: Anti-Money Laundering (AML), Weapons of Mass-Destruction (WMD), Countering Terrorism Financing (CTF), Anti-Bribery and Corruption (ABC). In order to manage compliance risks, the bank has integrated the following:

1. Risk Assessment: The bank has developed a risk scoring methodology by which customers are rated into High, Medium or Low Risk based on their profile. The bank also conducts risk assessments of products and services and geographical risks on an annual basis.
2. Customer Due Diligence (CDD): alrajhi bank has adopted a risk-based approach for conducting customer due diligence to ensure that the procedures taken are adequate and proportionate to the customer.
3. Enhanced Due Diligence (EDD): In addition to the basic Know-Your-Customer requirements and CDD, enhanced due diligence is conducted when there is a business relationship has a greater risk of money laundering and/or terrorist financing. EDD is the additional examination and scrutiny performed on the customer, aimed at identifying customers and confirming that their activities and funds are legitimate.
4. Sanction screening: The bank screens customers, beneficiaries and transactions against lists issued by the Saudi Arabian Monetary Authority (SAMA), Saudi Arabian Ministry of Interior, United Nations (UN), United States (OFAC lists), European Union (EU), United Kingdom (HMT), Switzerland (SWISS list) and alrajhi bank’s internal lists.
5. Customers Transaction Monitoring: Customer transactions are monitored through the AML transaction system based on certain rules/scenarios that trigger alerts which are reviewed by AML-CTF Department.
6. Suspicious Transaction Reporting: All suspected cases of money laundering and terrorist financing are reported to the Saudi Financial Investigation Unit (SAFIU).

More information on alrajhi bank’s AML Compliance Program can be found here.

Remuneration policy

The Remuneration Policy is designed to attract and retain quality talent with required knowledge, skills and expertise. As per the Remuneration Policy, an employee’s remuneration should take into account all existing and potential risks. The remuneration should vary depending on the employee’s position and role, it should consider the full range of financial and non-financial incentives, and may include cash, equity and other forms of remuneration. Control functions and Human Resources function should be adequately involved in remuneration design and decision-making to ensure effective remuneration incentives in addressing misconduct risk.

Insider information policy

The insider Information policy has been created to establish guidelines intended to prevent both intentional and unintentional acts of prohibited insider trading or any type of utilization of insider information for personal purposes, thereby to promote compliance with applicable laws by the bank and its employees.

Risk management policy

The Policy outlines alrajhi bank’s strategy and objectives towards operational risk management. The bank has adopted Basel and SAMA’s definition of operational risk, and follows a three-lines-of-defence approach to operational risk:

1. First line – Business Line Management who have immediate responsibility over day-to-day activities of their businesses and responsible for establishing and developing their policies in line with this policy.
2. Second line – Operational Risk Management function which provides oversight and objective challenge to the first line of defence.
3. Third line – Internal Audit function that provides independent assurance over the effectiveness of the operational risk management practices of 1st and 2nd lines throughout the Bank.

Business Continuity and Crisis Management Policy

The Business Continuity and Crisis Management Policy enables alrajhi bank to enable a response mechanism to minimise the impact of incidents on the Bank. The Policy is applicable to all subsidiaries and local and international branches of alrajhi bank. The Policy is in compliance with the following:

1. Business Continuity Management Framework issued by Saudi Central Bank (SAMA)
2. Essential Cybersecurity Controls issued by the National Cybersecurity Authority (NCA)
3. ISO 22301:2019 – Security and Resilience – Business Continuity Management System – Requirements

The Policy states that alrajhi bank, through the Business Continuity Management Committee (BCMC) shall implement a Business Continuity Management System (BCMS) that conforms to the local regulatory requirements. The BCMC shall act as the steering committee for the BCMS.

Policy of dealing with politically exposed persons (PEP)

Politically Exposed Persons are a category of customers who are classified as High-Risk customers based on SAMA regulations and other competent registry bodies (Manual of AML & CTF). As per the requirements issued by the regulatory authorities, KYC & EDD procedures shall be applied to analyse the potential risk of PEPs and their family or close relatives when starting a relation with a PEP customer.