Uganda Cooperative Savings and Credit Union Limited (UCSCU)

Governance Standards Module I Advanced Kit Conducted for SACCOs

Course Objective

By the end of the course participants will understand, appreciate and be in position to apply good management and governance standards in their SACCOs.

1.0

Standards of Sound Business Practice

What are standards of sound business practice (SSBP)? The SSBP are a set of stated business principles against which SACCO Boards of Directors and Managers can measure their performance. These principles are not new. They are largely practiced by most SACCOs and will not be unfamiliar to you. These principles serve as a guide to help you: Direct and manage your SACCO efficiently and appropriately; Create an ethical and productive working environment for employees; and Provide quality service to SACCO members.

2.0

Corporate Governance

It is important to note that care, diligence, skill and prudence exhibited by members of the Board and Managers have critical influence on the SACCOs viability, safety and soundness, and its ability to achieve its business objectives.

3.0

The Standards

Standard 1: Understand and Fulfill Directors Responsibilities

The Board must understand its corporate governance responsibilities, meet those responsibilities and regularly evaluate its effectiveness in fulfilling those responsibilities.
A Boards key responsibilities fall under the following categories: Note I will be showing the relationship between corporate values, ethics and principles 1. Strategic Planning: Considering approving ,and monitoring strategic business plans for the SACCO 2. Risk Identification: Recognizing, identifying, and evaluating the risk involved in a SACCOs business operations 3. Succession Planning: Ensuring that the Board has a plan of succession to replace Board members or the Manager should they resign, retire or pass away.

Governance Standards for SACCOs

MAT OVU BRENDAH

4. Communications: Ensuring that the SACCO cultivates a system of effective and courteous communication among its employees, stake holders in the SACCO system and the general public 5. System Integrity: Ensuring that business operations are functioning properly and effectively and under sound system of internal controls. 6. Competent Management: Ensuring that the Board hires a qualified Manager and appropriately oversees his or her activities

Standard 2: Understand Responsibilities of the Board vs. the Responsibilities of the Manager
While ultimate accountability lies with the Board, the Board must understand how its responsibilities differ form the responsibilities of the Manager. When the Board becomes involved in the daily operations of a SACCO, the Board relinquishes the right to hold management accountable for the results. The Board and the Manager must clarify and understand their respective roles to avoid conflicts and enhance teamwork. The greatest benefits occur when the Board and Manager work closely together to shape the strategic plans and policies of the SACCO. Responsibilities of the Board: Ensure that the Board and Manager develop and implement strategic planning process; Review and approve SACCO policies; Define the SACCOs business objective; Consider, challenge, alter ,and approve strategic business plans; Represent the interest of members, depositors, and those to whom the Directors owe a fiduciary duty; Appoint a qualified and competent Manager; Ensures that the Manager assesses, reports, and manages risks appropriately; Ensure that the Manager follows the SACCOs policies, business plans, and all legislation that applies to the SACCO; Monitor the performance of the Manager annually; and Oversee member and community relations

Responsibilities of the Manager: Develop and recommend policies for Board consideration and approval; Communicate SACCO Policies and business plans to the appropriate people in the SACCO; Implement policies and plans for business procedures, members relations, and inter office communications;

Governance Standards for SACCOs

MAT OVU BRENDAH

Develop draft strategic business plans for Board consideration and approval; Develop budgets to carry out the strategic business plans; Regularly report to the Board an exceptions made to policy; Ensure that systems are in place to measure risk levels of the SACCO; Report risk levels to the Board; and Ensure that appropriate procedure are in place to manage risks

Standard 3: Excise Independent Judgment

The Board must excise independent judgment. Board members are accountable to SACCO members. The Board must exercise independent judgment in order to direct and oversee a SACCOs business affairs. Effective corporate governance requires a high level of coordination, cooperation and team work between a Board and its Manager.

Standard 4: Set Limits of Authority for Board Committees and Manager

The Board must determine the duties, the limits of authority, and the accountability requirements of the Board committee and the Manager The Board may delegate some of its responsibilities to the Board committees or to the Manager. However the Board is still accountable for the results. Hence it should clearly define the limits of the delegated duties.

Standard 5: Selection of the Manager

A Board of Directors must hire a Manager who has the qualifications and competencies to provide effective and prudent management of the SACCO. The Manager ensures that the SACCOs policies and business plans, which are approved by the Board, are implemented in daily business activities. It must consider the candidates education, training, experience; the ability and integrity can also be measured.

Standard 6: Evaluation of Managers Performance

The Board must regularly evaluate the Managers effectiveness and prudence in managing the operations of the SACCO, and in managing the risks to which the SACCO is expected. The Board must ensure that this performance is consistent with the Boards expectations.

Governance Standards for SACCOs

MAT OVU BRENDAH

Regular performance evaluations and feed back on those evaluations enhance the mangers accountability to the Board.

Standard 7: Set Benchmark for Ethical Business Conduct

The Board must approve policies of ethical business conduct for Board members, the Manager and other employees. The Board must also obtain evidence that the Manager has developed and implemented procedures to promote compliance with those policies. Because SACCOs are stewards of member assets, they must gain and maintain public confidence to stay viable. The reputation of a SACCO depends on the integrity of its business practices, policies, and people. When the Board defines expectations for ethical behavior and evaluates its own compliance with these expectations, the Board sets the benchmark for ethical business conduct, which is key to the Boards effective oversight of the SACCO.

Standard 8: Conduct Strategic Business Planning

The Board must work with the Manager to evaluate and approve a strategic business plan at least once a year. This plan contains the SACCOs strategy and objectives for significant business activities. The Board must also obtain evidence that the Manager has developed and implemented effective processes to manage the plan. Business objectives are the short- and long-term operating and financial goals of the SACCO. They provide the parameters for establishing a strategic plan. They also provide the parameters for assessing the SACCOs programs and the Managers performance. The nature and extent of the Boards supervision must be appropriate to the circumstances of the SACCO. These circumstances include: The SACCOs business environment; The SACCOs business strategy; The SACCOs financial performance, particularly the amount and sustainability of net income; The outcome of independent evaluations; and The experience and depth of knowledge of the SACCOs senior management team.

Standard 9: Oversee Risk Management

The Board must be aware of the significant risks facing the SACCO. The Board must understand the actual and potential implications of those risks and evaluate them regularly. The Board must also approve prudent policies to decrease the risks, and obtain evidence that the Manager has developed and implemented effective processes to manage the risks.

Governance Standards for SACCOs

MAT OVU BRENDAH

By studying the risks facing the SACCO, the Board is better equipped to establish a prudent strategic business plan, as well as effective risk management policies, procedures, and controls.

Standard 10: Oversee Capital Management

The Board must understand the SACCOs capital needs and approve prudent policies for managing these capital needs. The Board must also obtain evidence that the Manager has developed and implemented effective processes to manage the SACCOs capital needs. Capital is a necessary financial resource that supports SACCO operations and acts as a safety net against unanticipated losses. It is also a measurement of the SACCOs financial performance and the SACCOs safety and soundness. A strong capital position engenders public confidence and allows a SACCO to be flexible in choosing business opportunities.

Standard 11: Oversee Liquidity and Funding Management

The Board must understand the SACCOs liquidity and funding needs and approve prudent policies for the management of those needs. The Board must also obtain evidence that the Manager has developed and implemented effective processes to manage the SACCOs liquidity and funding needs.

Standard 12: Set the Benchmark for the Control Environment

The Board must support and encourage effective systems of internal control within the SACCO. The Board must also obtain reasonable assurance that the Manager and other SACCO employees maintain a positive attitude toward internal controls. The control environment of a SACCO is shaped by: The Boards governance approach; The Managers management style and example; The SACCOs organizational structure; The amount of resources allocated to an effective control system; The emphasis on training employees to apply proper internal controls; The nature of the SACCOs procedures and controls; and The employees level of adherence to those procedures and controls. The control environment strongly influences the effectiveness of risk management processes, and employees attitudes towards internal controls and their behavior when complying with internal controls.

Governance Standards for SACCOs

MAT OVU BRENDAH

Standard 13: Ensure Control Systems

The Board must obtain evidence that the Manager has developed and implemented effective internal control systems, as described under Standard 25: Manage Control Environment. The Board must also be alert for signs that controls are slipping and regularly evaluate whether the Manager has the SACCO firmly under control. The Manager has the SACCO under control when he or she can give evidence to the Board that: The SACCOs business operations are complying with the Boards direction; The strategic, risk, capital, liquidity, and funding processes are being managed effectively; and An appropriate control environment supports SACCO operations. The Board must ensure that: Those that serve internal audit functions have the mandate and sufficient resources to carry out assigned duties; Those that serve internal audit functions have independence in carrying out assigned duties and can report to the Board, audit committee, or the Manager without fear of repercussion; Those that serve internal audit functions verify that the SACCO is monitoring and complying with its processes, policies, procedures, and controls; and The Manager takes appropriate action to address control weaknesses or breakdowns identified by those that serve internal audit functions or external sources. An independent audit allows the Board to objectively validate whether the SACCOs processes, policies, procedures, and controls are working. The Board must understand and address control shortcomings that are identified by external sources such as regulators and auditors. NOTE Board has to respect the managers standards as below, so that they are in good relationship to avoid micromanagement practices such as conflicting interests, lack of respect, interferences and duplicating duties.

Standard 14: Manage Strategic Business Plans

The to: Manager must develop and implement ongoing and effective processes Stay informed about current business and economic trends; Develop business objectives for Board consideration and approval; Develop strategies and action plans to met the business objectives; Submit the strategies and action plans for Board consideration and approval;
7 MAT OVU BRENDAH

Governance Standards for SACCOs

Implement and manage the strategic business plan approved by the Board; Review the strategic business plan regularly to ensure it remains appropriate to the SACCOs environment, performance, and resources; and Provide the Board with accurate, timely, and meaningful reports on: 1. The implementation of the strategic business plan; 2. The SACCOs operating performance; and 3. The SACCOs financial performance measured against expected results.

The strategic business plan identifies how a SACCO plans to achieve its business objectives. It includes: The type of business activity that the SACCO will conduct; The distribution channels that the SACCO will use to conduct the business activity; The significant risk to which the SACCO will be exposed when conducting the business activity; The key functions and resources needed to conduct the business activity; and The expected short- and long-term operating and financial results. The strategic business plan is the foundation on which a SACCO should build new initiatives. The Manager must evaluate the SACCOs progress toward meeting business objectives by regularly reviewing the SACCOs activities and comparing them to the business plan. SACCOs face continuous changes in their environments, which in turn affect their business plans. By identifying the significant risks in its strategic business plan, the Board and Manager can develop processes to mitigate the risks and ensure that the plan is appropriate to the SACCOs circumstances and financial condition.

Standard 15: Implement Risk Management Processes

The Manager must develop and implement effective processes to: Identify risks inherent in the SACCOs current and anticipated operations; Develop and submit risk management policies for Board approval; Review risk management policies regularly to ensure they remain appropriate; Implement and manage risks within approved policies; Establish appropriate and effective procedures and controls to manage the risks; Monitor the SACCOs performance in implementing the procedures and controls;

Governance Standards for SACCOs

MAT OVU BRENDAH

Provide the Board with accurate, timely, and meaningful reports about the SACCOs significant risks; and Regularly develop, review, and update procedures for dealing with unexpected events.

Risk management processes which apply to Standards 16 to 22. Risk Management Processes Risk Identification Risk Assessment Risk Policies Risk Management Risk Management Reporting Planning for Business Disruptions

Standard 16: Manage Credit Risk

SACCOs are continually exposed to significant credit risk. Loan policies are based on a credit-granting philosophy defined by the Board. The Manager must develop and submit for Board approval, appropriate and prudent policies on: Types of credit in which the SACCO is prepared to engage or will not engage (on- or off-balance sheet); Credit concentration limits for borrowers, groups of associated borrowers, industrial sectors, economic sectors, or geographic regions; and The management and control of loan default risks, including the management of property for resale. The Manager must also ensure that he or she manages significant credit risks within established policy limits. The Manager must manage these risks by implementing appropriate and effective: Levels of decision-making authority for approving credit; Processes for evaluating individual credit risks; Processes to evaluate and rate the SACCOs total credit risk; Processes to manage higher risk credits that warrant special attention; Methods for promptly recognizing, estimating, and recording credit impairments; and Methods for minimizing loss when resolving distressed loans/asset liquidation situations. Credit risk is the principal business risk to which SACCOs are exposed. When a SACCO exposes itself to significant credit risk, it can jeopardize its ability to maintain capital, liquidity, and profitability.

Governance Standards for SACCOs

MAT OVU BRENDAH

Credit Exposure Limits Credit Approval Authority Credit Risk Rating System Credit Risk Evaluation and Rating Processes Managing Credit Exposures that Warrant Special Attention Credit Impairment Recognition

Standard 17: Manage Asset/Liability Structure Risks

Because of the way its assets and liabilities are structured, a SACCO is exposed to risk. The Manager must develop, and submit for Board approval, appropriate and prudent policies on the types and extent of asset/liability structure risk the SACCO is willing to assume. The Manager must also ensure that the SACCO manages its asset/liability structure risks within the established policy limits by: Defining levels of authority for managing asset/liability structure risks; Measuring asset/liability structure risks; and Evaluating how the SACCO responds to economic changes, such as rising or falling interest rates. Evaluation techniques should include stress and shock testing. Asset/Liability Risk Management Policies Asset/Liability Risk Management Processes and Controls

Standard 18: Manage Fiduciary Risk

The Manager must develop, and submit for Board approval, appropriate and prudent policies on the types and extent of fiduciary activities the SACCO has assumed. The Manager must also ensure that he or she: Complies with all laws and regulations governing fiduciary services; Counsels and advises members appropriately, according to the risk tolerances and reward expectations of those members; Prudently deals with assets that are held, administered, or invested on behalf of other parties; Deals with those assets according to agreements made between those parties and the SACCO; and Protects the SACCO members personal and financial data from misuse by unauthorized individuals. Fiduciary risks are minimal when SACCOs act only as intermediaries simply taking deposits and providing loans. Once a SACCO advertises its wealth counseling services and charges fees for providing advice, the fiduciary risks greatly increase. Financial institutions have a responsibility to protect the privacy of their customers. A SACCO can face substantial financial penalties if the SACCOs
Governance Standards for SACCOs 10 MAT OVU BRENDAH

records are inappropriately used or somehow made available to an unauthorized third party.

Standard 19: Manage People Risk

The Manager must develop, and submit for Board approval, appropriate, prudent, and relevant human resource policies. The Manager must also ensure that the policies are regularly reviewed so that they remain current. The Manager must also ensure that: The SACCO has effective human resource recruitment, performance management, and employee retention programs; The levels of decision-making authority delegated to Managers and other employees are reasonable and prudent; SACCO employees receive clear and concise communication about their individual responsibilities; SACCO employees acknowledge their responsibilities; SACCO employees are appropriately supervised; and The duties of SACCO employees are separated so that a single employee cannot carry out all the steps of a financial transaction (except for member-initiated transactions and minor internally generated adjustments).

Standard 20: Manage Process Risk

The Manager must ensure that the SACCO: Appropriately documents its policies and processes; Uses accounting principles and valuation methods that ensure its assets and liabilities are appropriately valued; Has accurate and complete financial information, business records, member data, and information about SACCO operations; Uses effective management information systems. Documentation of Policies, Procedures, and Processes Integrity of Financial and Other Information Management Information Systems

Standard 21: Manage Outsourcing Risk

If the SACCO relies on external contractors to provide service, the Manager must develop and implement effective processes to: Select capable and reliable service providers; Monitor the providers performance; Enforce appropriate standards of service quality, accuracy, security, and response time; Ensure the quality and security of external services, including independent auditing and testing; and

Governance Standards for SACCOs

11

MAT OVU BRENDAH

Ensure that electronic banking products provided by external contractors meet the SACCO systems information technology (IT) standards for safety, security, and connectivity.

Hiring external services, or outsourcing, can expose a SACCO to more operational risks than when the services are conducted internally. Such operational risks include: Loss of control over the services; Overpayment for the services; and Interruption of service due to financial or other difficulties experienced by the external contractors.

Standard 22: Manage Technology Risk

The Manager must: Adapt the SACCOs technology to its business strategy, business plans, and operating needs; Properly authorize, test, and document technology changes before implementing them; Obtain confirmation from external IT specialists that (where the technology relates to the SACCOs in-house banking system) the banking system is secure; Obtain confirmation from external IT specialists that procedures used to run the banking systems are adequate before the systems are implemented; Implement effective security systems and processes to protect the integrity of technology; Implement effective security systems and processes to protect the information that the technology records, processes, reports, and stores; Implement effective security systems and processes to protect sensitive and private member information, and prevent unlawful use of this information; Implement effective backup processes, recovery processes, and standby arrangements when critical technology is unavailable (for example, when access is interrupted or when technology is destroyed); and Allocate appropriate resources (money, people, and training) to maintain and enhance the technology. SACCOs depend on information technology (IT) to operate their business. These investments expose SACCOs to significant risk because interruptions and failures in technologies, or the improper use and control of technologies, can greatly disrupt business activities.

Governance Standards for SACCOs

12

MAT OVU BRENDAH

By implementing data backup procedures, data recovery procedures, and standby arrangements, a SACCO can continue its business activities in the event of a technology disruption.

Capital, Liquidity and Funding Management Standard 23: Manage Capital

The Manager must develop, and submit for Board approval, appropriate and prudent policies on the quantity and quality of capital that is appropriate for the SACCOs risk exposure and regulatory requirements. The Manager must also ensure that the SACCO: Develops and implements effective processes to measure and monitor its capital requirements and capital position; Develops and implements capital planning processes that comply with regulatory and internal capital requirements; and Provides the Board of Directors with accurate, timely, and meaningful reports on the SACCOs capital management processes and capital position. Policy Considerations: A SACCO must ensure that its capital meets legislated requirements and that the capital can support its current and planned operations. The Manager must develop and implement processes to ensure that the SACCOs capital is sufficient to balance overall risk. Process Considerations: The Board and Manager must assess capital whenever the SACCOs risk profile changes. When the Board and Manager analyze the SACCOs capital, they must consider the extent to which its components can absorb losses. In SACCOs, the most secure form of capital is retained earnings. The Manager must develop processes for assessing and fulfilling the SACCOs anticipated capital needs.

Standard 24: Manage Liquidity and Funding

The Manager must develop, and submit for Board approval, appropriate and prudent policies for liquidity management and funding management. Policies for liquidity management must address sources, types, and levels of liquidity. Funding management policies must ensure that funding is not unduly concentrated by source of funding, type of funding, length of term to maturity, or currency. The Manager must also ensure that the SACCO:

Governance Standards for SACCOs

13

MAT OVU BRENDAH

Manages its liquidity and funding according to established policies; Manages its liquidity and funding such that funds will be available to honour all cash commitments; and Provides the Board of Directors with accurate and timely reports on its liquidity management processes, funding management processes, and liquidity position.

Policy Considerations: Liquidity determines the SACCOs ability to function from day-to-day, and deposits are the principal source of liquidity funds. A SACCOs operational liquidity must meet anticipated day-to-day cash commitments and regulatory liquidity requirements. The primary liquidity risks are unplanned deposit withdrawals and decreases in deposit renewals. Process Considerations: To manage liquidity effectively, a SACCO must consider anticipated as well as known liquidity and funding requirements.

Control Environnent Standard 25: Manage Control Environment

The Manager must take steps to ensure that: The SACCO has appropriate and effective internal control systems; The SACCO employees are trained to respect the internal control systems; The SACCO employees are aware that the controls protect them from being wrongfully accused if a theft occurs or money disappears; The internal control systems are regularly monitored; Employees are personally protected from repercussions if they see and report control weaknesses; The internal audit and/or independent external audit review confirms that internal control systems are effective; Observations from external sources about the SACCOs internal control systems are seriously considered; Weaknesses or breakdowns in internal control systems are addressed; The Board of Directors receives accurate, timely, and meaningful reports on the SACCOs internal control systems; and The Board of Directors receives regular reports on any deficiencies in these systems and receives evidence that the Manager has taken action to address them. SACCOs embed internal controls in their business activities to manage risk and to assign responsibility to the people managing the risks. SACCOs also use internal audit functions to verify that the SACCOs controls are effective.

Governance Standards for SACCOs

14

MAT OVU BRENDAH

Process to ensure control: The Board and Manager can obtain evidence that they are in control from several sources: The audit committee The internal auditor or internal audit function External sources SACCO branch Managers and department Managers

Standard 26: Ensure Business Conduct and Ethical Behaviour

The Manager must: Develop and submit for Board approval appropriate and prudent standards of business conduct and ethical behavior for the SACCOs employees; and Provide evidence to the Board that the SACCO has an ongoing, appropriate, and effective process for ensuring that the employees comply with the standards of business conduct and ethical

behavior.

4.0

Operational Strengths and Weaknesses in some SACCOs

Strengths Steady increase of membership. High confidence in management and the Board. High skills and technical knowledge. Proper organizational structure. Follow rules and regulations. Regular auditing of accounts. Active savers and borrowers. Acquiring loans from Government and other financial institutions. Legal status is clear and presence of by-laws. Roles and responsibilities of the Board and management are clearly separated. The AGM is the decision making body and meets regularly. The loan committee is doing its work. The Board is exercising independent judgment. Weaknesses Operating without following policies. Poor management of cash reserves. Failure to make timely reports. Failure to hold Board meetings. Failure to separated duties. Poor customer care by management. Lack of confidentiality in the SACCO organs.
Governance Standards for SACCOs 15 MAT OVU BRENDAH

Overworking staff.

5.0

Suggested solutions to the above weaknesses

Clear job descriptions and promotion of team work. Creation of conducive working environment. Clear policies and procedures put in place. Trainings and seminars. Transparency and strong internal controls. Develop customer care skills. Promote good working relationships. Choose competent leaders and managers. Ensure proper flow of information. Supervisory committee should ensure that policies are followed. Regular auditing should be conducted. The Board should follow SACCO rules and policies. Staff should be well motivated. Lobbying for funds for the SACCO. Proper accounting systems and delegation.

Key Areas of highlight will involve the following Questions like identifying ownerships, governance and management challenges that you meet in your SACCOs Suggesting possible solutions to the challenges What the current organization structure in the SACCO? What are the roles and responsibilities of each member?

Governance Standards for SACCOs

16

MAT OVU BRENDAH