| 24

 GOVERNANCE FRAMEWORK  In  December  2017,  the  Board  approved  the  adoption  of  an   Audit and Risk Committee  It is the ARC’s view that the Regulatory Authority continues to
 amended form of the Governance Resolution of the Board of the               apply appropriate policies and controls to its various business areas
 Regulatory Authority to reflect changes in the terms of reference   Dr Jeffrey Carmichael serves as chairman of the ARC and Mr Jean-  and operations. The internal audit function and internal controls
 Board Composition  of the Audit and Risk Committee (ARC) that will be required in   François Lepetit as a member of the ARC.  framework are working as intended and provide assurance that
 conjunction with the introduction of the Regulatory Authority’s new   The principal focus of the ARC is to monitor and oversee:  improvement opportunities are identified and addressed.
 Under the QFC Law, the Board may have a maximum of six mem-  policy on whistle-blowing by employees of the Regulatory Authority.
 bers appointed by the Council of Ministers. Board members are   •the effectiveness of the Regulatory Authority’s policies, proce-
 required to have significant expertise in the regulation of finan-  The  standing  items  that  were  reviewed  included  the  annual   dures and internal controls, including those for financial reporting;  Nominations and Remuneration Committee
 cial services. The chairman and other directors on the Board were   budget, the audited financial statements, the quarterly financial   •the adequacy of the Regulatory Authority’s risk management   Mr  Jean-François  Lepetit  serves  as  chairman  and  Dr  Jeffrey
 appointed by the Council of Ministers for a three-year term on 8   reports, the annual review of the Regulatory Authority’s enterprise   framework;  Carmichael as a member of the Nominations and Remunera-
 March 2012 and their terms were renewed for a further three years   risk management process, the annual review of the Customer Dis-  tion Committee (NRC). The NRC met four times in 2017. The chief
 from 8 March 2015. The Board reports annually to the Council of   pute Resolution Scheme, and the monthly management report to   •compliance with legal and other requirements;  executive officer and the managing director, Corporate Services
 Ministers on the discharge by the Board of the Regulatory Author-  the Board. The Board also reviewed the semi-annual macropru-  •the performance of the internal audit function and the external   attended meetings of the NRC by invitation in 2017.
 ity’s functions; the extent to which, in its opinion, the Regulatory   dential supervisory report (The Macroprudential Review) and was   audit firm appointed by the Regulatory Authority;
 Authority’s objectives have been met; and other matters required   apprised of developments relating to the impact of regional events   The principal areas of focus for the NRC include considering and
 by law.  on the financial sector in Qatar.    •the effectiveness of the internal controls framework; and  delivering recommendations to the Board regarding remuner-
 The Board was kept informed of developments in relation to regu-  •business continuity and disaster recovery plans.  ation policy. The NRC also considers strategic human resources
 Board Meetings  latory coordination among Qatar’s financial regulators, including      matters such as progress on the recruitment and training of Qatari
 progress made by the Financial Stability and Risk Control Commit-           employees.
 The Board met four times during 2017.  The ARC met four times during 2017, supplemented by exchanges
 tee. The Board received regular updates on anti-money laundering/  of information between meetings. The head of Internal Audit, the   At each meeting in 2017 the NRC received a general update on
 counter finance terrorism strategic initiatives and projects.  managing director, Corporate Services, the director of Finance,   Human Resources matters including nationalisation efforts, organi-
 Board Activity
 Committees of the Board  the deputy head of Information Technology, general counsel and   sational development, headcount, turnover, contract renewals of
 The Board reviewed and approved a number of rule amendments   other executives attended ARC meetings by invitation. The ARC   senior management, succession planning, promotions, internships
 in 2017, considered various regulatory policies and enforcement   The Board is empowered to establish committees to undertake and   oversaw the introduction of an enhanced Enterprise Risk Man-  and secondments.
 matters, and reviewed a number of standing items. The rule and   advise on certain areas of responsibility. The Governance Resolu-  agement framework at the Regulatory Authority, and reviewed   All matters of significant discussion were reported to the Board,
 policy amendments decided by the Board in 2017 included the   tion of the Board provides for the establishment of an Audit and Risk   quarterly updates on the status of the Regulatory Authority’s risk   which also received the minutes of all NRC meetings.
 Islamic Banking Business Prudential (Securitisation) Amendments   Committee as well as a Nominations and Remuneration Committee   register.
 Rules 2017, the Banking Business Prudential (Securitisation) Amend-  and sets out the nature and membership of these committees.   The ARC approved the yearly internal audit programme and fol-  Board Internal Evaluation
 ments Rules 2017, and the Miscellaneous Amendments Rules 2017,   The committees review matters under their terms of reference and   lowed its implementation through regular communication with
 which became effective on 1 April 2017.  make recommendations and provide reports to the Board.  the head of Internal Audit. In 2017, the ARC met with the external   In 2017 the Board continued its practice of undertaking a self-as-
 The Board approved the issuing of a consultation paper on Pro-  auditors of the Regulatory Authority on two occasions and oversaw   sessment exercise, the purpose of which is to review Board practices
 posed Amendments to the Liquidity Risk Prudential Framework for   the completion of the external audit concerning the Regulatory   and to find ways to improve efficiency and effectiveness. The results
 Conventional and Islamic Banking at its March 2017 meeting. In   Authority’s financial statements.  of the 2017 assessment were discussed at the first Board meeting
 October 2017, the Board approved the issuing of a consultation   During 2017, the ARC held discussions with general counsel on the   in 2018.
 paper on the draft Banking Business Prudential (Liquidity Risk and   implementation of a new policy on whistle-blowing by Regulatory
 Miscellaneous) Amendments Rules 2017 and the Islamic Banking   Authority’s employees, which required the ARC’s terms of reference
 Business Prudential (Liquidity Risk and Miscellaneous) Amendments   to be amended to provide for the additional responsibilities it would
 Rules 2017, which were further considered by the Board at its March   assume under the policy. The final policy was agreed by the ARC at
 2018 meeting. The Board also approved the issuing of a consul-  its meeting in December 2017 and the amended terms of reference
 tation paper on proposed amendments to introduce protected   approved by the Board.
 reporting (i.e. whistle-blowing) rules for QFC authorised firms, which
 were reviewed by the Board in March 2018.  All matters of significant discussion were reported to the Board,
            which also received the minutes of all ARC meetings.