MORB_15_of_16

Manual of Regulations for Banks Appendix 64 - Page 1

APP. 64 08.12.31

BANGKO SENTRAL RULES OF PROCEDURE ON ADMINISTRATIVE CASESINVOLVING DIRECTORS AND OFFICERS OF BANKS

(Appendix to Sec. X150)

RULE I – GENERAL PROVISIONS

Section 1. Title. These rules shall beknown as the BSP Rules of Procedure onAdministrative Cases Involving Directorsand Officers of Banks.

Sec. 2. Applicability. These rules shallapply to administrative cases filed with orreferred to the Office of SpecialInvestigation (OSI), BSP, involving directorsand officers of banks pursuant to Section37 of Republic Act No. 7653 (The NewCentral Bank Act) and Sections 16 and 66of Republic Act No. 8791 (The GeneralBanking Law of 2000).

The disqualification of directors andofficers under Section 16 of R.A. No. 8791shall continue to be covered by existingBSP rules and regulations.

Sec. 3. Nature of proceedings. Theproceedings under these rules shall besummary in nature and shall be conductedwithout necessarily adhering to thetechnical rules of procedure and evidenceapplicable to judicial trials. Proceedingsunder these rules shall be confidential andshall not be subject to disclosure to thirdparties, except as may be provided underexisting laws.

RULE II – COMPLAINT

Sec. 1. Complaint. The complaint shall bein writing and subscribed and sworn to bythe complainant. However, in casesinitiated by the appropriate department ofthe BSP, the complaint need not be underoath. No anonymous complaint shall beentertained.

Sec. 2. Where to file. The complaint shallbe filed with or referred to the OSI.

Sec. 3. Contents of the complaint. Thecomplaint shall contain the ultimate factsof the case and shall include:

a. full name and address of thecomplaint;

b. full name and address of the personcomplained of;

c. specification of the charges;d. statement of the material facts;e. statement as to whether or not a

similar complaint has been filed with theBSP or any other public office.

The complaint shall include copies ofdocuments and affidavits of witnesses, ifany, in support of the complaint.

RULE III – DETERMINATION OFPRIMA FACIE CASE

AND PROSECUTION OF THE CASE

Sec. 1. Action on complaint. Upondetermination that the complaint issufficient in form and substance, the OSIshall furnish the respondent with a copythereof and require respondent to file withinten (10) days from receipt thereof, a swornanswer, together with copies of documentsand affidavits of witnesses, if any, copyfurnished the complainant.

Failure of the respondent to file ananswer within the prescribed period shallbe considered a waiver and the case shallbe deemed submitted for resolution.

Sec. 2. Preliminary investigation. Uponreceipt of the sworn answer of therespondent, the OSI shall determinewhether there is a prima facie case against

Manual of Regulations for BanksAppendix 64 - Page 2

APP. 6408.12.31

the respondent. If a prima facie isestablished during the preliminaryinvestigation, the OSI shall file the formalcharge with the Supervised BanksComplaints Evaluation Group (SBCEG),BSP. However, in the absence of a primafacie case, the OSI shall dismiss thecomplaint without prejudice or takeappropriate action as may be warranted.

Sec. 3. Formal charge. The formal chargeshall contain the name of the respondent,a brief statement of material or relevantfacts, the specific charge, and the pertinentprovisions of banking laws, rules orregulations violated.

Sec. 4. Prosecution. The OSI shallprosecute the case. The complainant maybe assisted or represented by counsel, whomay be deputized for such purpose, underthe direction and control of the OSI.

RULE IV – PROCEEDING BEFORETHE HEARING PANEL OR HEARING

OFFICER

Sec. 1. Filing of the formal charge. TheOSI shall file the formal charge before theSBCEG. It shall also furnish the SBCEG withsupporting documents relevant to theformal charge.

Sec. 2. Hearing officer and compositionof the hearing panel. The case shall beheard either by a hearing officer or ahearing panel, which shall be composedof a chairman and two (2) members, all ofwhom shall be designated by the SBCEG.The SBCEG shall determine whether thecase shall be heard either by a hearingpanel or a hearing officer.

Sec. 3. Answer. The hearing panel orhearing officer shall furnish the respondentwith a copy of the formal charge, with

supporting documents relevant thereto,and shall require him to submit, within ten(10) days from receipt thereof, a swornanswer, copy of which shall be furnishedthe prosecution.

The respondent, in his answer, shallspecifically admit or deny all the chargesspecified in the formal charge, includingthe attachments. Failure of the respondentto comment, under oath, on the documentsattached thereto shall be deemed anadmission of the genuineness and dueexecution of said documents.

Sec. 4. Waiver. In the event that therespondent, despite due notice, fails tosubmit an answer within the prescribedperiod, he shall be deemed to have waivedhis right to present evidence. The hearingpanel or hearing officer shall issue an orderto that effect and direct the prosecution topresent evidence ex parte. Thereafter, thehearing panel or hearing officer shall submita report on the basis of available evidence.

Sec. 5. Preliminary conference. Uponreceipt of the answer of respondent, thehearing panel or hearing officer shall setthe case for preliminary conference for theparties to consider and agree on theadmission or stipulation of facts and ofdocuments, simplification of issues,identification and marking of evidence andsuch other matters as may aid in the promptand just resolution of the case. Anyevidence not presented and identifiedduring the preliminary conference shall notbe admitted in subsequent proceedings.

Sec. 6. Submission of position papersAfter the preliminary conference, thehearing panel or hearing officer shall issuean order stating therein the matters takenup, admissions made by the parties andissues for resolution. The order shall alsodirect the parties to simultaneously submit,


APP. 64 08.12.31

within ten (10) days from the receipt of saidorder, their respective position paperswhich shall be limited to a discussion ofthe issues as defined in the order.

Sec. 7. Hearing. After the submission bythe parties of their position papers, thehearing panel or hearing officer shalldetermine whether or not there is a needfor a hearing for the purpose of cross-examination of the affiant(s). If the hearingpanel or hearing officer finds no necessityfor conducting a hearing, he shall issue anorder to the effect.

In cases where the Hearing Panel orHearing Officer deems it necessary toallow the parties to conduct cross-examination, the case shall be set forhearing. The affidavits of the parties andtheir witnesses shall take the place of theirdirect testimony.

RULE V – PROHIBITED MOTIONS

Sec. 1. Prohibited Motions. No motionto dismiss or quash, motion for bill ofparticulars and such other dilatory motionsshall be allowed in the cases covered bythese rules.

RULE VI – RESOLUTION OF THECASE

Sec. 1. Contents and period forsubmission of report. Within sixty (60)days after the hearing panel or hearingofficer has issued an order declaring thatthe case is submitted for resolution, a reportshall be submitted to the Monetary Board.The report of the hearing panel or hearingofficer shall contain clearly and distinctlythe findings of facts and conclusions of lawon which it is based.

Sec. 2. Rendition and notice of resolutionAfter consideration of the report, theMonetary Board shall act thereon and

cause true copies of its resolution to beserved upon the parties.

Sec. 3. Finality of the resolution. Theresolution of the Monetary Board shallbecome final after the expiration of fifteen(15) days from receipt thereof by theparties, unless a motion for reconsiderationshall have been timely filed.

Sec. 4. Motion for reconsideration. Amotion for reconsideration may only beentertained if filed within fifteen (15) daysfrom receipt of the resolution by the parties.No second motion for reconsideration shallbe allowed.

RULE VII – APPEAL

Sec. 1. Appeal. An appeal from theResolution of the Monetary Board may betaken to the Court of Appeals within theperiod and in the manner provided underRule 43 of the Revised Rules of Court.

RULE VIII – EXECUTION OFRESOLUTION

Sec. 1. Resolution becoming executoryThe resolution of the Monetary Board shallbecome executory upon the lapse of fifteen(15) days from receipt thereof by the partiesor from the receipt of the denial of themotion for reconsideration.

Sec. 2. Effect of appeal. The appeal shallnot stay the resolution sought to bereviewed unless the Court of Appeals shalldirect otherwise upon such terms as it maydeem just.

Sec. 3. Enforcement of resolution. Whenthe resolution orders the imposition offines, suspension or removal from officeof respondent, the enforcement thereofshall be referred to the appropriatedepartment of the BSP.


APP. 6408.12.31

RULE IX - MISCELLANEOUSPROVISIONS

Sec. 1. Repeal. All existing rules,regulations, orders or circulars or any partthereof inconsistent with these rules are

hereby repealed, amended or modifiedaccordingly.

Sec. 2. Separability Clause. If any part of theserules is declared unconstitutional or illegal, theother parts or provisions shall remain valid.


APP. 6508.12.31

FORMAT CERTIFICATION(Appendix to Subsec. X235.12)

______________________________Name of Bank

CERTIFICATION

Pursuant to the requirements of Subsec. X235.12, I hereby certify that on all bankingdays of the semester ended _____ that the ____________________ (bank) did not enter intoany repurchase agreement covering government securities, commercial papers and othernegotiable and non-negotiable securities or instruments that are not documented inaccordance with existing BSP regulations and that it has strictly complied with the pertinentrules of the SEC and the BSP on the proper sale of securities to the public and performed thenecessary representations and disclosures on the securities particularly the following:

1. Informed and explained to the client all the basic features of the security being soldon a without recourse basis, such as, but not limited to:

a. Issuer and its financial condition;b. Term and maturity date;c. Applicable interest rate and its computation;d. Tax features (whether taxable, tax paid or tax-exempt);e. Risk factors and investment considerations;f. Liquidity feature of the instrument:

(1) Procedures for selling the security in the secondary market (e.g., OTC orexchange);

(2) Authorized selling agents; and(3) Minimum selling lots.

g. Disposition of the security(1) Registry (address and contact numbers)(2) Functions of the registry(3) Pertinent registry rules and procedures

h. Collecting and Paying Agent of the principal and interesti. Other pertinent terms and conditions of the security and if possible, a copy of

the prospectus or information sheet of the security.

2. Informed the client that pursuant to BSP Circular No. 392 dated 23 July 2003 –

a. Securities sold under repurchase agreements shall be physically delivered, ifcertificated, to a BSP accredited custodian that is mutually acceptable to theclient and the bank, or by means of book-entry transfer to the appropriate securitiesaccount of the BSP accredited custodian in a registry for said securities, ifimmobilized or dematerialized, and

b. Securities sold on a without recourse basis are required to be delivered physicallyto the purchaser, or to his designated custodian duly accredited by the BSP, if


APP. 6508.12.31

certificated, or by means of book-entry transfer to the appropriate securitiesaccount of the purchaser or his designated custodian in a registry for said securitiesif immobilized or dematerialized

3. Clearly stated to the client that:

a. The bank does not guarantee the payment of the security sold on a “withoutrecourse basis” and in the event of default by the issuer, the sole credit risk shallbe borne by the client; and

b. The bank is not performing any advisory or fiduciary function.

Name of Officer Position

Date _____________

SUBSCRIBED AND SWORN to before me, this _____ day of _____, affiant exhibitinghis Community Tax Certificate as indicated below:

Name Community Tax Date/Place Cert. No. Issued

Notary Public


APP. 6508.12.31

Annex A

FORMAT CERTIFICATION

______________________________Name of Bank

CERTIFICATION

Pursuant to the requirements of Subsec. X235.12_______ dated _____, I herebycertify that as of 31 January 2005, the ____________________ (name of bank) does not haveany outstanding repurchase agreements covering government securities, commercial papersand other negotiable and non-negotiable securities or instruments that are not documentedin accordance with existing BSP regulations.

____________________ Name of Officer

Position

SUBSCRIBED AND SWORN to before me, this _____ day of _____, affiant exhibitinghis Community Tax Certificate as indicated below:

Name Community Tax Date/Place Cert. No. Issued

Notary Public


APP. 6608.12.31

REGULATORY REQUIREMENTS IN INVESTING IN CREDIT-LINKED NOTES,STRUCTURED PRODUCTS AND SECURITIES OVERLYING SECURITIZATION

STRUCTURES BY UNIVERSAL BANKS AND COMMERCIAL BANKS[Appendix to Secs. 1628 (2008 - 1633), 1635, 1636 and 1648]

a. Banks shall: submit the followingdocuments to the appropriate departmentof the SES within five (5) banking daysafter the date of its initial investment incredit-linked notes, structured productsand/or securities overlying securitizationstructures -

(1) A notarized certification in theprescribed formats (Annexes “A” and “B”)duly signed by the President/ChiefExecutive Officer or its equivalent, theTreasurer and Compliance Officer, statingthat the bank’s investments are incompliance with relevant BSP rules andregulations, and that the bank has anadequate risk management system inplace; and

(2) Terms and conditions and/orproduct manuals on the credit- linkednotes, structured products and/orsecurit ies overlying securit izationstructures, which as a minimum shouldcover the following:

(a) Description of the relevantfinancial product;

(b) Analysis of the proposedinvestments’ –

i. reasonableness vis-à-vis theinstitution’s overall financial condition andcapital levels; and

ii. consistency with the institution’sbusiness strategies and objectives;

(c) Analysis of the risks that may arisefrom the investments and thecorresponding impact on the bank’s riskprofile;

(d) Procedures/methodologies that thebank will implement to measure, monitorand control the risks inherent in thefinancial products;

(e) Relevant accounting guidelines,including pro-forma accounting entries;

(f) Relevant tax treatment; (g) Analysis of any legal/regulatory

restrictions and whether the investment ispermissible for the institution; and

(h) Process flow chart, from dealinitiation to risk reporting, indicating thedepartments and personnel involved in theidentified processes.

UBs/KBs failing to submit the requiredcertification within the prescribed deadlineshall be subject to monetary penaltiesapplicable for delayed reporting underexisting regulations. For purposes ofimposing monetary penalties, the requiredcertification shall be classified as a CategoryA-1 report. Further, failure to comply with theabove requirements shall subject the erringbank to the imposition of administrativesanctions under Section 37 of R.A. 7653.

The certification and the terms andconditions and/or product manual need notbe submitted for a bank’s subsequentinvestments in the same issue of credit-linked note or structured product, orsecurities overlying the same tranche of asecuritization structure.

b. The certification shall be subject topost-verification by the appropriatesupervision and examination departmentof the BSP.

Should the BSP subsequentlydetermine that the investments do not fullycomply with the provisions of Secs. 1628,1635, 1636 and 1648, as applicable, andother relevant BSP regulations, the UB/KBshall be considered to have submitted afalse certification, subject to the sanctionsprescribed under -


APP. 6608.12.31

(1) Sec. 1636 for investments instructured products by UBs and KBswithout expanded derivatives authority,or

(2) Section 37 of R.A. No. 7653 forinvestments in structured products by UBsand KBs with expanded derivativesauthority, and for investments in credit-

linked notes and similar products and insecurities overlying securitizationstructures by all UBs and KBs.

Monetary penalties shall be reckonedfrom the date of the investment until thedate that the erring bank shall have fullycomplied with the requirements underSecs. 1628, 1635, 1636 and 1648.


APP. 6608.12.31

Annex A

For investments in (1) structured products by UBs and KBs with expanded derivatives authority and(2) credit-linked notes and securities overlying securitization structures by all UBs and KBs

(Name of Bank)

C E R T I F I C A T I O N

We certify, in relation to (Name of Bank) ’s investmentin (name of financial product) on (date), that –

1. The bank is allowed to invest in the product cited above under existing rules andregulations of the Bangko Sentral ng Pilipinas and the investment was approved by theBoard of Directors in its Resolution No. _____ dated _______________; and

2. The bank has an adequate risk management system, which includes, among others, thefollowing:

a. Written policies and procedures that provide for adequate identification,measurement, monitoring and control of all risks in the investment;

b. Pertinent risk measurement system/methodologies that effectively measureon a timely basis all risks inherent in the investment;

c. Limit structure that addresses all risk factors and is consistent with the board-approved risk appetite and business strategy;

d. Internal controls; and

e. Management information system that efficiently provides accurate and timelymonitoring and reporting of risk exposures and limit compliance.

President/CEO Treasurer Compliance Officer

SUBSCRIBED AND SWORN to before me this ________ day of __________________ at__________________, with affiants exhibiting to me the following Community Tax Certificate Nos. –

Name Date Issued Place IssuedPresident/CEOTreasurerCompliance Officer

NOTARY PUBLIC

Not. Reg. No.Doc. No.Page No.Series of


APP. 6608.12.31

Annex B

For investments in structured products by UBs and KBs without expanded derivatives authority

(Name of Bank)

C E R T I F I C A T I O N

We certify, in relation to (Name of Bank ’s investmentin (name of financial product) on (date) , that –

1. The bank is allowed to invest in the product cited above under existing rulesand regulations of the Bangko Sentral ng Pilipinas;

2. The bank’s investment is in compliance with the conditions set out in CircularNo. 466 dated 05 January 2005, as follows:

a. The revenue stream of the structured product is linked only to interestrate indices and/or foreign exchange rates other than those that involvethe Philippine Peso, and that the minimum all-in return of suchinvestments is not lower than zero.

b. The contractual maturity of the instrument does not exceed 5 years.

c. The product is issued by a bank or special purpose vehicle (SPV)collateralized by securities rated at least “A” or its equivalent by aninternational rating agency acceptable to the Monetary Board.

d. The investment is booked in the “Held to Maturity” (HTM) Securities”account, or for instruments with put options, in the “Available for Sale(AFS) Securities” account.

e. The total carrying value of all the bank’s investments in structured productsdoes not exceed 20% of the total investment portfolio of its EFCDU.

f. The bank has established internal processes to identify, evaluate, monitorand manage the risk exposures (e.g. credit risk, market risk, liquidity risk,operational risk, legal risk, compliance risk), created by its investment inthe above-cited product. Further to this:

(i) The investment was specifically approved by the Board ofDirectors in its Resolution No. _____ dated _______________,and is subject to appropriate internal limits and periodic reportingto the Board.


APP. 6608.12.31

(ii) The bank complies with generally accepted accounting anddisclosure standards and/or rules and regulations prescribed bythe BSP.

(iii) An independent risk management function is in place.

(iv) The bank has the ability to value the investments on a continuingand consistent basis and to measure its sensitivity to marketmovements.

(v) The risks of the investments can be accurately aggregated in riskreports on a timely basis.

Further, we undertake to –

(i) Perform, at regular intervals, stress tests that reflect extreme marketconditions; and

(ii) Obtain, on a monthly basis, bid prices from the issuer(s) of theinvestment instruments, to supplement the valuation exercise inItem 2.f.iv above.

President/CEO Treasurer Compliance Officer

SUBSCRIBED AND SWORN to before me this day of_____________________ at ____________________, with affiants exhibiting to me thefollowing Community Tax Certificate Nos. –

Name Date Issued Place Issued President/CEO Treasurer Compliance Officer

NOTARY PUBLIC

Not. Reg. No. ____________________Doc. No. ____________________Page No. ____________________Series of ____________________

Manual of Regulations for Banks Appendix 66a - Page 1

APP. 66a 08.12.31

GUIDELINES ON THE ACCOUNTING TREATMENT FOR INVESTMENTS INCREDIT-LINKED NOTES AND OTHER STRUCTURED PRODUCTS

(Appendix to Sec. 1389)

In line with the policy of promotingfairness and accuracy in reporting financialtransactions, banks are enjoined to observethe following guidelines on accounting forinvestments in credit-linked notes (CLNs)and other structured products (SPs) inaddition to those prescribed under PAS 39:

CLNs and other SPs are financialinstruments which consist of the hostcontract (e.g., debt or equity contract) andone or more embedded derivatives. Saidfinancial instruments may be accounted foras compound financial instruments or asbifurcated financial instruments where theembedded derivatives shall be separatedfrom the host contracts. PAS 39 providesthe conditions on when the embeddedderivative may be bifurcated from the hostcontract.

Booking of CLNs and other SPs as acompound instrument

1. CLNs may be booked under the“Held for Trading” (HFT) or “Designatedat Fair Value through Profit or Loss”(DFVPL) category according to intentionas provided under Circular No. 494 dated20 September 2005.

2. Other SPs, shall also be bookedunder the HFT or DFVPL category accordingto intention as provided in PAS 39.

In either case, the compoundinstrument (host contract and embeddedderivatives) shall be carried at fair valuewith fair value changes reflected in profitor loss.

Booking of CLNs and other SPs asbifurcated financial instrument

Investment in CLNs and other SPs thatare not intended to be traded (i.e., not to

be booked as HFT) or to be designated atfair value through profit or loss shall beaccounted for as bifurcated financialinstruments.

Accounting for host contracts. Whenthe embedded derivatives are bifurcated(separated) from the host contract, thehost contract shall be accounted for asfollows:

1. In the case of CLN, the host contractshall be booked under the “Available forSale” (ASS) but not under the “Held toMaturity” (HTM) nor under the “UnquotedDebt Securities Classified as Loans”(UDSCL) category in accordance withCircular No. 494.

2. In the case of other SPs, the hostcontract shall be booked under the ASS,HTM or UDSCL category in accordancewith X388.5.

Host contracts of investments in CLNsand Other SPs shall in no case be bookedunder the “Due from Other Banks” or“Interbank Loans Receivable” accounts.

Accounting for embedded derivativesThe bifurcated embedded derivatives shallbe accounted for as “Derivatives Held forTrading” with fair value changes reflectedin profit or loss, except in cases where thebifurcated embedded derivatives aredesignated and effective hedginginstruments, which shall be booked underthe “Derivatives Held for Hedging”account. The following shall be observedfor purposes of FRP reporting of bifurcatedembedded derivatives:

• The entire notional amount (orleveraged notional amount in cases ofleveraged exposures) of the hybrid contract

Manual of Regulations for BanksAppendix 66a - Page 2

APP. 66a08.12.31

and the corresponding positive/(negative)fair value of the embedded derivatives shallbe reported in Schedule 4 (DerivativesHeld for Trading – Embedded Derivatives)of the FRP.

• In the case of CLNs and Other SPsthat have more than one embedded derivatives(multiple embedded derivatives) that arerequired to be separated from the hybridcontract, the entire notional amount (orleveraged notional amount in cases ofleveraged exposures) of the hybrid contractand the corresponding positive/(negative)fair value of the embedded derivatives shallbe reported in Schedule 4 (Derivatives Heldfor Trading – Embedded Derivatives) of theFRP for each type of bifurcated derivatives.

Generally, multiple embedded derivativesin a single instrument are treated as a singlecompound embedded derivative. However,embedded derivatives that are classified asequity are accounted for separately fromthose classified as assets or liabilities. Inaddition, if an instrument has more than oneembedded derivatives and those derivativesrelate to different risk exposures and arereadily separable and independent of eachother, they are accounted for separately fromeach other.

Marking to market guidanceIn addition to the marking to market

guidelines provided under PAS 39, banksshould likewise consider apart from thecarrying amount of the host contract thenotional amount (or leveraged notionalamount in cases of leveraged exposures)of embedded derivatives in marking tomarket the hybrid financial instrument.

For this purpose, the term CLN shallinclude similar instruments such ascredit linked deposits (CLDs) and creditlinked loans (CLLs) where the repaymentof the principal to the note holder iscontingent upon the occurrence of adefined credit event. On the other hand,other SPs (as defined under X625.2) shallrefer to a financial instrument where thetotal return is a function of one or moreunderlying indices, such as interest rates,equities and exchange rates. I t iscomposed of a host contract (e.g., plainvanilla debt or equity securities) and anembedded derivative (e.g., swaps,forwards or options) that re-shape therisk-return pattern of the hybridinstrument. The term SP does not includeasset-backed securities.(M-2008-010 dated 07 March 2008)


APP. 6709.12.31

THE GUIDELINES FOR THE IMPOSITION OF MONETARY PENALTY FORVIOLATIONS/OFFENSES WITH SANCTIONS FALLING UNDER SECTION 37 OF

R.A. NO. 7653 ON BANKS, DIRECTORS AND/OR OFFICERS(Appendix to Secs. X199, X299, X399, X499, X599, X699, X799, X899, X999,

Circular No. 645 dated 13 February 2009)

A. For Serious Offense Asset Size Up to Above P200.0 Above P500.0 Above P1.0 Billion Above P10.0 Above Penalty P200.0 million but million but but not Billion but P50.0 Range million not exceeding not exceeding exceeding not exceeding Billion

P500.0 million P1.0 Billion P10.0 Billion P50.0 Billion Minimum P 500 P 1,000 P 3,000 P 10,000 P 18,000 P 25,000 Medium 750 1,500 5,000 12,500 20,000 27,500 Maximum 1,000 2,000 7,000 15,000 22,000 30,000

B. For Less Serious Offense Asset Size Up to Above P200.0 Above P500.0 Above P1.0 Billion Above P10.0 Above Penalty P200.0 million but million but but not Billion but P50.0 Range million not exceeding not exceeding exceeding not exceeding Billion

P500.0 million P1.0 Billion P10.0 Billion P50.0 Billion Minimum P 300 P 600 P 1,000 P 3,000 P 7,000 P 15,000 Medium 350 700 1,250 4,000 8,500 17,500 Maximum 400 800 1,500 5,000 10,000 20,000

C. For Minor Offense Asset Size Up to Above P200.0 Above P500.0 Above P1.0 Billion Above P10.0 Above Penalty P200.0 million but million but but not Billion but P50.0 Range million not exceeding not exceeding exceeding not exceeding Billion

P500.0 million P1.0 Billion P10.0 Billion P50.0 Billion Minimum P 150 P 300 P 600 P 1,000 P 3,000 P 6,000 Medium 200 400 700 1,500 4,000 8,000 Maximum 250 500 800 2,000 5,000 10,000

The schedule of penalty, categorized based on: (1) the nature of offenses such as minor,less serious, and/or serious, and (2) the asset size of the bank, shall be as follows:

For purposes of this Regulation, thefollowing definition of terms shall mean:

1. Serious Offense - This refers to

unsafe or unsound banking practice. Anunsafe or unsound practice is one (1) inwhich there has been some conduct,whether act or omission, which is contraryto accepted standards of prudent bankingoperation and may result to the exposureof the bank and its shareholders toabnormal risk or loss.

(a) In determining the acts oromissions included under the unsafe orunsound banking practice, an analysis ofthe impact thereof on the banks/quasi-banks/trust entities’ operations and financialcondition must be undertaken, includingevaluation of capital position, assetcondition, management, earnings postureand liquidity position. The followingcircumstances shall be considered:

(b) The act or omission has resulted ormay result in material loss or damage, or


APP. 6709.12.31

abnormal risk or danger to the safety,stability, liquidity or solvency of theinstitution;

(c) The act or omission has resulted ormay result in material loss or damage orabnormal risk to the institution’s depositors,creditors, investors, stockholders or to theBangko Sentral or to the public in general;

(d) The act or omission has caused anyundue injury, or has given unwarrantedbenefits, advantage or preference to thebank or any party in the discharge by thedirector or officer of his duties andresponsibilities through manifest partiality,evident bad faith or gross inexcusablenegligence; or

(e) The act or omission involvesentering into any contract or transactionmanifestly and grossly disadvantageous tothe bank, QB or trust entity, whether ornot the director or officer profited or willprofit thereby.

Certain acts or omissions as fallingunder this classification maybe determinedbased on the guidelines provided underAppendix 48.

2. Less Serious Offense - Theseinclude major acts or omissions definedas bank/individual’s failure to complywith the requirements of banking laws,rules and regulations, provisions ofManual of Regulations (MOR)/Circulars/Memorandum as well as Monetary Boarddirectives/instructions having material1/

impact on Bank’s solvency, liquidity orprofitability and/or those violationsclassified as major offenses under theReport of Examination, except thoseclassified under unsafe or unsoundbanking practice.

3. Minor Offense - These include actsor omissions which are procedural in

nature, can be corrected immediately anddo not have material impact on thesolvency, liquidity and profitability of theBank. All other acts or omissions thatcannot be classified under the majoroffenses/violations will be classified underthis category.

4. Minimum refers to the range ofpenalties to be imposed if the mitigatingfactor(s) outweigh the aggravatingcircumstances.

5. Medium refers to the penalty to beimposed in the absence of any mitigatingand aggravating circumstances or if themitigating factor(s) offset the aggravatingfactor(s).

6. Maximum refers to the penaltyto be imposed i f the aggravatingcircumstances outweigh the mitigatingfactor(s).

In determining the amount of penalty,a two-stage assessment shall be conductedas follows:

Step 1: Determine the nature ofoffense whether it is: (a) Serious; (b) LessSerious; or (c) Minor Offense; and

Step 2: Determine whether there areaggravating and/or mitigating factors (aslisted and defined in Annex A).

Both the aggravating and mitigatingfactors shall be considered for initialpenalty imposition and subsequentrequests for reconsideration thereto.

The foregoing monetary penalties shallbe without prejudice to the imposition ofnon-monetary sanctions, if and whendeemed applicable by the MonetaryBoard. Violations of banking laws andBangko Sentral regulations with specificpenal clause are not covered by thisRegulation.

1/ SFAS/IAS defines materiality as any information, which if omitted or misstated, could influence the economic decisionsof users taken on the basis of the financial statements. Per Financial Accounting Standard Board (FASB), it is defined as themagnitude of an omission or misstatement of accounting information xxx.


APP. 6709.12.31

Aggravating and Mitigating Factorsto be Considered in the Imposition ofPenalty

1. Aggravating Factors(a) Frequency of the commission of

specific violation. This pertains tocommission or omission of a specificoffense involving either the same ordifferent transaction. This will also refer toa violation which may have been correctedin the past but found repeated in anothertransaction/account in the subsequentexamination.

In determining frequency, the numberof times of commission or omission of aspecific offense during the preceding three(3) - year period shall also be considered.

The word offense pertains to a violationthat connotes infraction of existing BSP rulesand regulations as well as non-compliancewith BSP/MB directives.

(b) Duration of violations prior tonotification. This pertains to the length oftime prior to the latest notification on theviolation. Violations that have been existingfor a long time before it was revealed/discovered in the regular examination orare under evaluation for a long time due topending requests or correspondences frombanks on whether a violation has actuallyoccurred shall be dealt with through thiscriterion. Violations outstanding for morethan one (1) year prior to notification, atthe minimum, will qualify as violationsoutstanding for a long time.

(c) Continuation of offense or omissionafter notification. This pertains to thepersistence of an act or offense after the latestnotification on the existence of the violation,either from the appropriate department ofthe SES or from the Monetary Board and/orDeputy Governor, in cases where theviolation has been elevated accordingly.This covers the period after the finalnotification of the existence of the violationuntil such time that the violation has been

Annex A

corrected and/or remedied. The correctiveaction shall be reckoned with from the dateof notification.

(d) Concealment. This factor pertainsto the cover up of a violation. In evaluatingthis factor, one shall consider the intentionof the party(ies) involved and whetherpecuniary benefit may accrue accordingly.

Intention precedes concealment. Theact of concealing an offense or omissioncarries with it the intention to defraudregulators. Moreover, the amount ofpecuniary benefit, which may or may notaccrue from the offense or omission, shallalso be considered under this factor.

Concealment may be apparent in caseswhen bank officers purposely complicatesthe transaction to make it difficult touncover or refuse to provide information/documents that would support theviolation/offense committed.

Inasmuch as concealment and intentionare speculative matters and may be difficultto establish, appropriate support of facts orcircumstantial evidence in this factor shallbe considered.

(e) Loss or risk of loss to bank. Inassessing this factor, potential loss refers toany time at which the bank was in dangerof sustaining a loss.

Substantial actual loss. The Bank hasbeen exposed to a significant loss ofearnings and capital. The volume ofaccounts involved in the loss is substantial/significant in relation to the institution’sassets and capital. The bank/individualmay have substantial/serious violations thatcould impact the reputation and earningsof the bank.

Minimal actual loss or substantial riskof loss. The Bank has incurred minimal lossor will be exposed to substantial risk of lossof earnings or capital although both do notmaterially impact financial condition.Thevolume of accounts involved for minimalloss or substantial risk of loss is reasonable


APP. 6709.12.31

and manageable. While a loss was incurred,the bank could absorb the loss in the normalcourse of business. Substantial risk of lossincludes any potential losses the aggregateof which amounts to at least one percent(1%) of the capital of the bank1/.

Minimal risk of loss. The risk exposureon earnings or capital is minimal. Bank isnot vulnerable to significant loss. Thevolume of accounts involved for potentialloss/risk is minimal/negligible. The risk ofloss would have little impact on the bankor its financial condition. The risk of lossaggregating to less than one percent (1%) ofthe capital of the bank will fall under thisclassification.

(f) Impact to bank/banking industry. Inassessing this factor, it is appropriate toconsider any possible negative impact or harmto the bank. (e.g. A violation of law involvinginsider abuse may result in adverse publicityfor the institution, possibly causing a run ondeposits and affecting the bank’s liquidity).Resulting effect on the banking industry onthe violation/offenses committed by the bank,if any, will also be considered. Sources of datamay come from news reports.

Substantial impact on bank. No impacton banking industry. This may involvereputational risk of the bank as a result ofnegative publicity generated for example,by involvement of bank’s director/officer inactivities not acceptable to the regulatorybodies, e.g. pyramiding, investmentscams etc. This may also involve insiderabuse of authority/power. However, thebanking industry is not affected for thisisolated case.

Moderate impact on banking industryor on public perception of bankingindustry. This may involve poor corporategovernance and mismanagement of bankthat may result to erosion of publicconfidence leading to bank run in variousbranches. This may also trigger a bank runin other subsidiaries.

Substantial impact on banking industryor on public perception of bankingindustry. This is a worst-case scenario. Theviolations/irregular activities of the bank maytotally erode the trust and confidence of thebanking public resulting to a nationwidebank run. Pessimistic perception of thebanking public on the banking industry ishighly observed.

2. Mitigating Factors(a) Good faith. Good faith is the absence

of intention of the of the erring individual/entity in the commission of a violation.

Full cooperation. This is determined bythe actions of the individual and/or banktowards the regulators after or even beforenotification of the offense and/or omission.Assistance rendered by the Bank duringthe investigation and/or examinationconducted relative to the cited offense and/or omission may be viewed favorably whencomputing the amount of penalty to beimposed on the Bank/individual.

With positive measures/actionundertaken although not correctedimmediately. The bank is willing to remedy/correct the violation but is being restrainedof its capacity to take immediate action thus,will undertake a Memorandum ofUndertaking/Commitment for a specifiedperiod as a sign of good faith. The bank hasstarted to rectify the infraction by institutingreforms in their operations or systems.

Voluntay disclosure of offense. Voluntarydisclosure of the bank of the offensecommitted before it is discovered by BSPexaminers in the regular/special examinationor in the supervisory work (e.g. submissionof reports to the BSP disclosing the violationcommitted by the bank based on the internalauditor's findings) may be considered as thehighest level of mitigation under this factor.

The burden of proof, however, falls onthe bank/individual to support its/his/her claimof good faith and may be used as basis to mitigatethe amount of penalty that may be imposed.

1/ Circular 410 dated 29 October 2003 provides that external auditors of banks must report to BSP, among others, anypotential losses the aggregate of which amounts to at least one percent (1%) of the capital to enable the BSP to take timelyand appropriate remedial action.


APP. 68 08.12.31

IMPLEMENTATION OF THE DELIVERY BY THE SELLER OF SECURITIES TO THEBUYER OR TO HIS DESIGNATED THIRD PARTY CUSTODIAN

(Appendix to Sec. X441 and Subsecs. X235.5 & X238.1)

Section 1. Statement of Policy. Pursuantto the policy of the BSP to promote theprotection of investors in order to gain theirconfidence in the securities market asenunciated under Circular Nos. 392 and428 dated 23 July 2003 and 27 April 2004,respectively, the following rules/guidelines shall be observed by banks andNBFI under BSP supervision in theirdealings in securities whether they areacting as seller, buyer, agent or custodian.

The disposition of compliance issuesof this Appendix is shown in Appendix 68a.

The guidelines on the delivery ofgovernment securities by the sellingbank to an investor’s Principal SecuritiesAccount with the RoSS through the ClientInterface System facility are in Appendix68b.

Sec. 2. Distinction Between a Custodianand a Registry. A securities custodian is aBSP-accredited bank or NBFI designatedby the investor to perform the functions ofsafekeeping, holding title to the securitieseither in a nominee or trustee capacity,reports rendition, mark-to-marketvaluation, administration of dividends orinterest earnings and representation ofclients in corporate actions. It may alsoperform value added services such ascollecting and paying and securitiesborrowing and lending as agent. A BSP-accredited custodian is considered a thirdparty if it has no subsidiary or affiliaterelationship with the issuer or seller ofsecurities.

On the other hand, a securitiesregistry, other than the Bureau of Treasury, is a BSP-accredited bank or NBFIdesignated or appointed by the issuer tomaintain the securities registry book either

in electronic or in printed form. It recordsthe initial issuance of the securities andsubsequent transfer of ownership and issuesregistry confirmation to the buyers/holders.Except as otherwise provided in existing BSPregulations, a BSP-accredited securitiesregistry is considered a third party if it hasno subsidiary or affiliate relationship withthe issuer of securities.

Sec. 3. Registry of Scripless Securitiesof the Bureau of Treasury. The Bureau ofTreasury, as operator of the RoSS, whichserves as the official registry forgovernment securities, is not subject toBSP accreditation and is exempted fromthe independence requirement under theexisting BSP regulations.

Sec. 4. Delivery of Securities. Pursuant toexisting BSP regulations, securities sold ona without recourse basis shall be deliveredby the seller to the purchaser, or to hisdesignated BSP-accredited custodianwhich must not be a subsidiary or affiliateof the issuer or seller.

Sec. 5. Mode of Delivery. If the securitiessold are certificated, delivery shall beeffected physically to the purchaser, or tohis designated BSP-accredited custodian. The certificate must be transferred to andregistered under the name of the purchaserand properly recorded in the registry book. On the other hand, delivery ofimmobilized or dematerialized securitiesshall be effected by means of book entrytransfer to the appropriate securitiesaccount of either: (1) the purchaser in aregistry of said securities; or (2) thepurchaser’s designated custodian in aregistry of said securities. Book-entry


APP. 6808.12.31

transfer to a sub-account for clients underthe primary account of the seller will notbe deemed compliant with thisrequirement. The delivery must besupported by a confirmation of book-entrytransfer to be issued by the securitiesregistry in case of name on registry or by aconfirmation receipt to be issued by thecustodian in case of delivery to thepurchaser’s designated custodian.

Sec. 6. Client Information. Selling ordealing banks shall inform their clients ofthe requirements under Secs. 3 and 4above, together with the complete list ofall BSP-accredited custodians. The sellingor dealing bank or NBFI must inform theirclients that the choice of custodian is thesole prerogative of the securities purchaser.The seller or dealer may, however, indicateto their clients their preferred custodian. Attached as Annex “A” is a suggestedtemplate of the letter to the client.

Sec. 7. Custodianship Agreement. Thesecurities owner/purchaser shall enter intoa custodianship agreement with a BSP-accredited third-party custodian of hischoice. However, the securitiespurchasers/owners may designate/appointthrough a special power of attorney (SPA)a representative or agent for the purposeof opening and maintaining an accountwith the BSP-accredited third-partycustodian: Provided, That if the securitiesseller or dealer is appointed as an agent,its authority shall be limited to the openingof the custodianship account and theexecution of trade transactions (i.e. buying and selling instructions including relayingof instructions to the custodian to receive or deliver securities in order toconsummate the buy/sell transactions). Itshall be the responsibility of the custodianto protect the interest of the client byensuring that the agent is acting within thescope of his authority.

Sec. 8. Authority of the SecuritiesOwner/Purchaser to Revoke SpecialPower of Attorney (SPA). Whenever asecurities owner/purchaser executes anSPA designating/appointing an agent toopen and maintain a custodianship accountwith a BSP-accredited third party custodianpursuant to Sec. 6 above, said SPA shallclearly stipulate that the appointment of theagent is revocable at the instance of thesecurities owner/purchaser or his agent.Any revocation by either party shall bemade in writing and must be given to theother party and to the custodian. Thecustodian is hereby enjoined toacknowledge and respect said right of theclient. It is, however, understood that therevocation of the SPA shall be withoutprejudice to any transaction executed bythe agent or custodian prior to said party’sknowledge of the revocation. Uponrevocation of the SPA, the custodian shalldeal directly with the securities owner orhis newly appointed agent. However, thecustodian has the right to impose additionalreasonable conditions similar to thosebeing imposed on separate custodyaccounts maintained directly by individualor corporate clients.

Sec. 9. Reports of theCustodian. Periodic reports of thecustodian on account balances shall berendered at least quarterly and shall reflectthe mark-to-market valuation of the securityin accordance with existing BSPregulations. It shall be delivered, mailedor electronically transmitted directly to thesecurities owner unless the securitiesowner gives a written request or instructiondirectly to the custodian to deliver saidreports to a person/entity named therein.Said request/instruction of the securitiesowner shall indicate that he is appointingan agent/ representative for the purpose,notwithstanding contrary advice of theBSP.


APP. 68 08.12.31

Aside from the periodic reports, thecustodian shall also issue confirmation oftransfers of ownership as they occur ineither electronic or printed formdelivered directly to the securitiesowner, unless the securities ownergives a written request or instructiondirectly to the custodian to deliver theconfirmation reports to a person/entitynamed therein.

Sec. 10. Right of the Securities Ownerto Sell his Securities. Subject to therequirements of existing laws andregulations, securities owners shall havethe right to choose the best buyers of hissecurities in the secondary market,without limiting himself to the originalselling or dealing bank that he transactedwith. The securities seller or dealer shallnot impose any condition that will impairthis right of the securities owner or leavehim no alternative except to sell hissecurities exclusively to the selling ordealing bank.

Sec. 11. Undelivered Securities. Incases where banks or NBFIs under BSPsupervision maintain custody of securitieswhich were sold prior to the effectivityof Circular No. 457 dated 14 October2004 to clients who are unable orunwilling to take delivery of saidsecurities pursuant to the provisions ofCircular No. 392 dated 23 July 2003 butwho declined to deliver their existingsecurities to a BSP-accredited third partycustodian, said banks/FIs shall:

a. report on a quarterly basis to theappropriate department of the SES thevolume of said securities broken downinto maturity dates, type of security, ISINor applicable certificate or referencenumber, and registry; and

b. ensure that said securities undercustody are segregated from theirproprietary holdings.

Sec. 12. Compliance with the Anti-MoneyLaundering Act of 2001. For purposes ofcompliance with the requirements ofR.A. No. 9160, otherwise known as the“Anti-Money Laundering Act of 2001”, asamended, particularly the provisionsregarding customer identification,recordkeeping and reporting of suspicioustransactions, a BSP-accredited custodianmay rely on referral by the seller/issuer ofsecurities, in lieu of the face-to-face contactwith client, subject to the followingconditions:

a. the seller/issuer is also a coveredinstitution;

b. the seller/issuer certifies to thecustodian that it has performed its own KYCscreening on the client;

c. the custodian has unchallengedaccess to the KYC records/documents ofthe referring seller/issuer pertaining to thereferral client;

d. the custodian maintains a record ofthe referral together with the minimuminformation/documents required under thelaw and its implementing rules andregulations; and

e. the seller/issuer must provide thecustodian with the following minimuminformation/documents:

For individual clients:1. Name;2. Present address;3. Permanent address;4. Date and place of birth;5. Nationality;6. Nature of work and name of employer

or nature of self-employment/business;7. Contact numbers; 8. Tax identification number, SSS

number or GSIS number;9. Specimen signature; and10. Source of fund(s);

For corporate clients:1. Articles of Incorporation/

Partnership;


APP. 6808.12.31

2. By-laws;3. Official address or principal

business address;4. List of directors/partners;5. List of principal stockholders

owning at least two percent (2%) of thecapital stock;

6. Contact numbers;7. Beneficial owners, if any;8. Authorized signatories; 9. Board/Partnership Resolution on

the authority of the signatories; and10. Verification of the identification and

authority of the person purporting to act onbehalf of the client.

Sec. 13. Safekeeping of Customers’Identification Documents. The BSPaccredited third-party custodian mayentrust to the referring seller/dealer thesafekeeping and maintenance of the

customer identification documentssupporting its KYC certification: Provided,That:

a. The BSP accredited custodian hasreceived a certification from the seller/dealer that it has in its possession allrequired KYC documents and the custodianshall maintain a list of such documents;

b. The accredited custodian shallhave unhampered access to the KYCdocuments for its own verification; and

c. KYC or customer identificationdocuments shall be made available toregulators for verification upon request.

Notwithstanding Secs. 12 and 13, thecustodian is not precluded fromconducting its own KYC activities andmaintaining direct custody of the KYCdocuments of its clients.(Circular No. 524 dated 31 March 2006 and as amended by

M-2007-002 dated 23 January 2007)


APP. 68 08.12.31

Annex A

TEMPLATE OF LETTER TO INVESTOR

Dear Investor:

We wish to inform you that the Bangko Sentral ng Pilipinas (BSP), in July of 2003issued Circular No. 392, Series of 2003, which requires all securities sold by banks on a“without recourse basis” (i.e. the bank has no liability to the buyer of securities in payingthe obligation due on the security) to be delivered to the buyer/purchaser of securitiesthrough any of the following means:

(a) If the security is evidenced by a certificate of indebtedness, the certificatemust be transferred in the name of the purchaser/buyer and physically deliveredto the purchaser/buyer or to his designated BSP-accredited third party custodian.

(b) If the security is immobilized or dematerialized (i.e., that the security is notevidenced by a certificate of indebtedness and instead security account iscreated in the electronic books of the registry in the name of the purchaser/buyer or his designated custodian):

i. The security must be delivered by book-entry transfer to the appropriatesecurities account of the buyer in the registry of said securities which mustbe evidenced by a confirmation in writing by the registrar to the buyer.The confirmation of sale or document of conveyance shall be physicallydelivered by the seller or dealer to the buyer, or

ii. The security must be delivered by book-entry transfer to the appropriatesecurities account of the BSP-accredited third party custodian designatedby the buyer/purchaser in the registry of said securities which must beevidenced by a confirmation in writing by the registrar to the said BSP-accredited third party custodian, who shall in turn issue to the securitiesowner a delivery receipt acknowledging receipt of the securities

Circular No. 392 is part of a package of reforms to support the development of thedomestic capital market through enhanced investor protection and greater markettransparency. It provides for a more defined role and responsibilities for the custodians andregistrars and a stricter supervision and regulation thereof by the BSP. It aims to provide theclient with the following benefits:

a. Full control and possession of the securities purchased;b. Independent validation of the existence of securities purchased;c. Regular reporting of securities holdings; andd. Capability to choose most competitive counter-parties in case of sale, pledge,

transfer, and lending of securities.


APP. 6808.12.31

Moreover, Circular No. 392, which amends CBP Circular 437-74, seeks to addressthe changes in the legal framework brought by the developments in the market, i.e., wherepurchase of securities may be evidenced not only by transfer of certificates but also byelectronic book-entry transfer of ownership in the books of the registrar for said security.

As an investor, therefore, of securities which is dematerialized or scripless, youhave the option to require your dealer/broker to deliver the securities to you by requiringthem to have the securities registered directly in your name in the registry of said securitiesor by requiring them to have the securities registered in the name of the BSP accreditedthird party custodian of your choice who in turn will credit your securities account withthem.

The registry is a BSP-accredited bank or non-bank financial institution (NBFI) designatedor appointed by the Issuer to (1) maintain the securities registry book; (2) record the (a) issuanceof the securities and (b) subsequent transfers of ownership thereof; and (3) issue registryconfirmation to the buyers/holders of security.

The custodian, on the other hand, is a BSP-accredited bank or NBFI designated bythe investor to safekeep the security by allowing it to hold title to the security, either in anominee or trustee capacity, to enable it to perform the following administrative functions/services related to investing in a security or various securities: i) Mark to market valuationof security that will enable the client to know the value of his investment at any period intime; ii) compute and collect the interest due on the security; iii) render statements onoutstanding securities under safekeeping; iv) represents the client (per its instruction) in theevents of default or breach of contract of the issuer; and v) lend the security of the clients as“agent” that will enable the client to earn additional income on the security.

The registrars and custodians underwent a rigorous evaluation process by the BSPto determine whether they have the following: i) adequate capital to cover for potentialoperating risks related to performing its custody functions; ii) competent management teamto manage the company with responsibility and proper corporate ethics; iii) robusttechnology system to operate the custody business efficiently; and iv) favorable track recordor significant experience in the custody business or related business. They will also undergoregular audit by the BSP to ensure that they comply with BSP rules and regulations and willbe subject to penalties and administrative sanctions for any violation thereof.

As of date, BSP has accredited the following registrars and custodians: Bank of thePhilippine Islands, CITIBANK N.A., Deutsche Bank, Hongkong and Shanghai BankingCorporation, Philippine Depository and Trust Corporation, and Standard Chartered Bank.

The Registry of Scripless Securities (RoSS) operated by the Bureau of Treasury (BTR)which is acting as a registry for government securities, is automatically accredited as securitiesregistry. However, the BTR, as registry, cannot act as custodian of government securitiespursuant to the opinion of the Secretary of Justice rendered on 17 January 2005 due toirreconcilable conflict of loyalties that is anathema to agency if the same institution were toact as registrar and custodian at the same time.


APP. 68 08.12.31

The custodian shall render periodic reports on your account balances on a quarterlybasis, or at such interval as you may require. Moreover, the custodian shall issue to you aconfirmation of any transfer of ownership as it occurs, in either electronic or printed forms.Said reports shall be delivered/mailed directly at your address unless you give a writteninstruction directly to the custodian to deliver the said reports to your designated person/entity. You are, however, required to acknowledge in the written instruction that you aredesignating another person/entity to receive the periodic reports from the custodian,notwithstanding contrary advice of the BSP.

Please note that the abovementioned arrangements may change once the BSP issuesmore detailed implementing rules and guidelines to the abovementioned circulars. We willupdate you if and when these developments occur.

Please fill up and sign the required documentation of your chosen custodian andwe will forward the same to them so that your securities account can be opened as soon aspossible. You may, however, designate/appoint an agent for this purpose. In either case,the custody arrangement may or may not entail additional fees.

If you have any further questions, please call us so that we can refer the matter tothe appropriate custodian/registrar.

Very truly yours,

(Circular No. 524 dated 31 March 2006 and as amended by M-2007-002 dated 23 January 2007)


APP. 68a08.12.31

DISPOSITION OF COMPLIANCE ISSUES ON APPENDIX 68(Appendix to Sec. X441 and Subsecs. X235.5 & X238.1)

A. The Monetary Board, in its ResolutionNo. 581 dated 5 May 2006 approved a thirty(30) calendar day period from 05 June 2006within which banks/non-banks will effectrevisions to non-conforming SPAs issued byinvestor-clients to strictly conform to the limitedauthority provisions of Section 7 of Appendix68, subject to the following conditions:

1. The clean-up of SPAs will coverthose issued by clients prior to Circular No.524 dated 31 March 2006;

2. Custodians will allow transfers ofsecurities from proprietary accounts ofdealers to their omnibus principal custodyaccounts within the period;

3. There will be no penalties imposedfor dealer-banks and accredited securitiescustodians that allowed non-compliant SPAsprior to Circular No. 524 dated 31 March2006 or those issued under Circular Letterdated 4 August 2005 if corrected within thethirty (30)-day period; and

4. Non-compliance with otherprovisions of Appendix 68 are not covered/qualified to be corrected within the thirty(30)-day period and are therefore subjectto the usual penalty/sanctions underexisting regulations.

B. The Monetary Board, in itsResolution No. 876 dated 06 July 2006approved the following disposition ofcompliance issues for the period of 05 July2006 - 04 August 2006:

1. The sending by a dealing bank to allits clients of:

(a) a notice indicating a limitation onthe authority of the dealing bank pursuantto Section 7 of Appendix 68; and

(b) compliant SPA for executionwill be deemed substantial complianceonly as of 05 July 2006. Proof thereof shouldbe preserved for examination purposes.

2. Custodians will be deemed insubstantial compliance as of 05 July 2006 ifthey have obtained confirmation from the

dealing banks that notifications on thelimitation of the dealing bank’s authority,together with a compliant SPA for theclients’ signature, have been sent to alltheir clients. Absent confirmation from thedealing bank of the sending of notices andthe revised SPA, the custodian shouldimmediately freeze (i.e., no newmovements in the security, except sale ordisposition thereof) the account to beconsidered in substantial compliance.

3. Absent a compliant SPA, the dealingbank and custodian should “freeze” theaccount of the client. Accordingly, if a clientwants to transact with securities, the dealingbank must require the submission of anexecuted compliant SPA before any newtransaction can be entered into. Otherwise,the dealing bank will be subject to theappropriate penalties prescribed underSubsec. X441.29. However, for the periodof 05 July 2006 - 04 August 2006,transactions by the dealing bank with itsclients, absent a compliant SPA but to whichan advice on the limitation of the authorityof the dealing bank and a compliant SPA forsignature have been sent, will be subject toa fine of P10,000.00 per transaction/day:Provided, That the total penalty arising fromthat class of violation for the said period shallnot exceed P100,000.00, computed inaccordance with Section 37 of R.A. No. 7653(The New Central Bank Act). Furthermore,the Custodian will not be subject to anypenalties for accepting securities subject ofthe transaction.

4. Starting on 05 August 2006, thepenalties under Subsec. X441.29 shall beapplied for any violation of the provisionsof Appendix 68. Custodians shall berequired to freeze the securities account forthose without a compliant SPA from theinvestor.(M-2006-009 dated 06 July 2006 and M-2006-002 dated

05 June 2006)

Manual of Regulations for Banks Appendix 68b - Page 1

APP. 68b08.12.31

DELIVERY OF GOVERNMENT SECURITIES TO THE INVESTOR’S PRINCIPALSECURITIES ACCOUNT WITH THE REGISTRY OF SCRIPLESS SECURITIES

(Appendix to Sec. X441, and Subsecs. X235.5 and X238.1)

The following are the guidelines on thedelivery of government securities by theselling bank and/or NBFI under thesupervision of the BSP to an investor’sPrincipal Securities Account with theRegistry of Scripless Securities (RoSS)through the Client Interface System facilityas compliance with the requirement ofeffective delivery under Sec. X441 andSubsecs. X235.5, X238.1, X238.3 and X441.12:

(a) Banks/NBFIs, acting either asaccredited government securities eligibledealers (GSEDs) or licensed governmentsecurities dealers, shall execute the attachedMemorandum of Agreement (MOA) with theBTr regarding the creation of the PrincipalSecurities Account with the RoSS on orbefore 31 January 2007. The MOA betweenthe BTr and the GSED is attached asAnnex A.

(b) If the dealing bank/NBFI isdesignated as the agent of the client/investor,the authority of the dealing bank/NBFI underthe Special Power of Attorney (SPA)executed by the client/investor shall belimited to the opening of the PrincipalSecurities Account with the RoSS and theexecution of trade transactions (i.e., buyingand selling instructions, including relayingof instructions to the BTr, as operator of theRoSS, to receive and deliver securities in orderto consummate the buy/sell transaction).

(c) Banks/NBFIs shall require theirclients/investors who have manifested thedesire to have their own PrincipalSecurities Account with the RoSS to execute(1) an SPA pursuant to Sec. X441 andSubsecs. X235.5, X238.1 and X238.3 and(2) the revised Investor’s Undertaking(attached as Annex B) on or before 28February 2007.

(d) Absent a compliant Investor’sUndertaking and SPA as of 01 March 2007,

the dealing bank/NBFI should freeze theaccount of the client/investor (i.e., no newmovements in the account, except sale/disposition upon written instruction by theclient/investor): Provided, That starting01 March 2007 no new Investors PrincipalSecurities Account shall be created unlessthe investor submits a compliant Investor’sUndertaking and SPA. Otherwise,the dealing bank/NBFI will be subject to theappropriate penalties prescribed under Sec.X441 and Subsecs. X235.5, X238.1, X238.3and X441.12.

(e) The sub-accounts in the RoSSmaintained by dealing banks/NBFI fortheir client/investor who either (1)declined in writing the delivery of his/itssecurities to a direct registry account underhis/its name or a third-party custodian or(2) have not responded to the dealer’sletter to the client/investor as regards thedisposition of his/its securities shall befrozen. However, sale/disposition ofsecurities in the sub-accounts shall beallowed upon written instruction by theclient/investor to dispose the same:Provided, That in case of a client/investorwho as of 04 November 2004 has notresponded to the dealer’s letterregarding the disposition of his/itssecurities, the dealer should be able toobtain from the said client/investor thewritten instruction regarding the client/investor’s inability to take delivery ofexisting securities. For clarity, the sub-accounts maintained by the dealing banks/NBFIs shall not be considered a violationof Subsecs. X235.5, X238.1, X238.3 andX441.12: Provided, That (1) the same werecreated on or before 04 November 2004;and (2) no additional securities have beenlodged thereon since 04 November 2004.(M-2007-002 dated 23 January 2007)

Manual of Regulations for BanksAppendix 68b - Page 2

APP. 68b08.12.31

Annex A

MEMORANDUM OF AGREEMENT

KNOW ALL MEN BY THESE PRESENTS:

This agreement made and entered into this at_________________, Philippines by and between:

The BUREAU OF THE TREASURY, a duly constituted governmentbureau under the Department of Finance, Republic of the Philippines,with principal office at Palacio del Gobernador Building, Gen. Lunacorner A. Soriano Avenue, Intramuros, Manila, represented herein bythe Treasurer of the Philippines, _________________________, andhereinafter referred to as “BTr”;

-and-

, a domestic/international banking/financial institution organized and existing pursuantto the laws of the Republic of the Philippines/(country of incorporation),duly licensed by the Securities and Exchange Commission (SEC) to dealin securities, represented herein by

in her/his capacity as____________________________, and hereinafter referred to as the“Dealer”;

(the “BTr” and the “Dealer” may be referred to as a “Party” in the singulartense, as “Parties” in the plural/collective tense)

WITNESSETH: THAT

WHEREAS, the Registry of Scripless Securities (“RoSS”) is the official registry ofgovernment securities issued by the National Government through the Bureau of theTreasury;

WHEREAS, the RoSS is an electronic registry of recording ownership of or interestin and transfers of government securities;

WHEREAS, the delivery of government securities sold by the Dealer, on a withoutrecourse basis, to the investor’s Principal Securities Account with the RoSS through theClient Interface System (“CIS”) Facility shall be sufficient compliance with the deliveryrequirement under Subsec. X238.1, of the Bangko Sentral ng Pilipinas (“BSP”) Manual ofRegulations for Banks (MORB) and Circular No. 524 dated 31 March 2006.

WHEREAS, the Dealer is a government securities eligible dealer, accredited bythe BTr to participate in the primary auction of government securities pursuant to Finance


APP. 68b08.12.31

Department Order No. 141-95, as amended, and/or a bank/financial institution licensed bythe SEC to deal in government securities in the secondary market;

WHEREAS, investors of government securities purchase/trade the same in thesecondary market through any of the dealers;

WHEREAS, recording of ownership of, or interest in government securities requiresthe creation/opening of a Principal Securities Account with the RoSS through the CIS Facility;

WHEREAS, to promote transparency, investor confidence and deepening of thegovernment bond market, investors must be given adequate assistance in the opening/creation of his/its Principal Securities Account with the RoSS (“Name-on- Registry”);

NOW, THEREFORE, in view of the foregoing premises and the mutual covenantshereinafter provided, the parties hereby agree as follows:

Section 1. Obligations of BTr.

The BTr shall:

1. Receive instruction from the Dealer through the RoSS-CIS for the creation/opening of the Principal Securities Account, as indicated in the Special Power ofAttorney executed by the investor in favor of the Dealer for that purpose;

2. Create/open in the RoSS a Principal Securities Account for the requesting investorof scripless government securities through which all transactions affecting saidsecurities will be recorded;

3. Provide and forward to the investor an electronic confirmation of his/its RoSSPrincipal Securities Account Number and notices and statements of account underany of the modes indicated in the Investor’s Oath of Undertaking submitted to theBTr;

4. On relevant coupon/maturity payment dates and for payments made throughthe BSP, instruct the BSP to credit the regular demand deposit account (DDA) ofthe investor’s settlement bank: Provided, That if the coupon/maturity payment datefalls on a Saturday, Sunday, or Holiday or on a day during which business operationsof the BTr is suspended, payment/s shall be made by the BTr on the next businessday, without adjustment in the amount of interest to be paid.

5. Ensure that all government securities bought by investors from the Dealer areaccurately recorded under the investor’s Principal Securities Account or to theSecurities Custody Account of the investor’s designated third-party custodian.

6. Furnish the investor with Statement(s) of Securities Account, at least quarterlyand whenever there is a movement in the investor’s Principal Securities Account,through the investor’s preferred mode of receipt of notice and/or statement;


APP. 68b08.12.31

7. Consistent with BTr Memoranda dated 28 December 2005, 12 January 2006and 31 January 2006 and applicable BSP regulations, disallow any increase in theholdings of beneficial owners of securities recorded in the sub-account of the Dealer,if any, existing as of 02 February 2006, for beneficial owners of securities whohave either (a) declined in writing the delivery of his/its securities to a direct registryaccount under his or its name or a third-party custodian or (b) not responded to theDealer’s letter to the investor as regards the disposition of his/its securities. Anywithdrawal or sale of the securities, either partial or total, under the sub-account ofthe Dealer for the beneficial owners may only be allowed if the Dealer is authorizedin writing by the client/Investor. Such written authority shall be furnished by theDealer to the BTr prior to the execution of the transaction.

Sec. 2. Obligations of the Dealer

The Dealer shall:

1. Assist the investor to open his/its individual Principal Securities Account (Name-On-Registry) with the RoSS through the CIS facility;

2. Conduct the Know your Client (“KYC”) screening of its investors/clients referredto the BTr for the creation of the Principal Securities Account (Name-On-Registry)with the RoSS. In this connection it shall: (a) issue a certification to the BTr that ithas conducted the necessary “KYC” screening; (b) maintain client identificationrecords; (c) report any suspicious transaction in accordance with the provisions ofR.A. No. 9160, otherwise known as the “Anti-Money Laundering Act of 2001”, asamended, and its implementing rules and regulations; and whenever necessary,(d) afford BTr unchallenged access to said KYC records/documents. The same KYCor customer identification documents shall likewise be made available to regulatorsfor verification upon request.

3. Transmit the investor’s instructions to the RoSS for the creation/opening of aPrincipal Securities Account. For this purpose, the Dealer shall submit and/or informthe investor to submit to the BTr his/her settlement account maintained in asettlement bank of his/her choice, through which all relevant payments on thesecurities will be made by the BTr;

4. Upon the creation of the investor’s Principal Securities Account with the BTr’sRoSS to which the securities subject of a sale will be credited, immediately furnishthe investor with the BTr’s electronic confirmation of its creation. The Dealer shallalso provide to the investor the BTr electronic confirmation that includes a statementon the credited amount of securities;

5. Ensure that Special Power of Attorney (SPA) executed by client investors in theirfavor as agents of the former be limited, pursuant to BSP Circular No. 524;

6. Ensure that all government securities sold to investors are delivered to theirappropriate Principal Securities Account with the RoSS, or to the account of theinvestor’s designated custodian;


APP. 68b08.12.31

7. Undertake not to misuse the investor’s RoSS Account No., which may comeinto its possession upon the creation of a Principal Securities Account for the investoror on previous transactions with the investor;

8. Acquaint/apprise investors on the rules and procedure prescribed by the BTr inconnection with investment and trading of scripless government securities, includingbut not limited to coupon payment, redemption value/proceeds of the investor’ssecurities, legal encumbrances, and other relevant information relative to investor’ssecurity holdings. As a minimum, investors must be apprised of the Revised RoSSProcedure on Buy and Sell of Securities and recording of transfers through theRoSS-CIS facility found in the BTr website, with particular emphasis on the featureof non-tagging of securities to GSEDs, or non-exclusivity of the selling GSEDs forsubsequent transactions;

9. Whenever designated as authorized agent, provide BTr upon reasonable request,all evidence of authority to transact on the securities issued by investor to suchauthorized agent;

10. Whenever designated as authorized agent and/or settlement bank, ensureconfidentiality and prompt delivery of all notices and statements of securitiesaccount/s to investors;

11. Ensure that all instructions transmitted to BTr concerning the securities accountof clients-investors are legal, valid and duly authorized pursuant to an agreement,a special power of attorney, or any written authority executed by the client-investorin favor of the dealer; and

12. Disallow any increase in the securities holdings of clients recorded in its sub-account in the RoSS, with respect to clients who have either (a) declined in writingthe delivery of his/its securities to a direct registry account under his or its name ora third-party custodian or (b) have not responded to the Dealer’s letter to the investoras regards the disposition of his/its securities. The Dealer shall allow the client/investor to withdraw or sell, whether partial or total, from the said securities holdingsrecorded in the Dealer’s sub-account only upon written request/instruction by theinvestor/client: Provided, That in case of investors who have not responded to theDealer’s letter regarding the disposition of his/its securities, the Dealer should beable to obtain from such investor a written advice that he is neither willing to takedelivery nor have his securities delivered to a third-party custodian. The dealershall furnish BTr such written request/instruction prior to the execution of thetransaction.

Sec. 3. Cut Off Period. No transfer of securities shall be allowed (i) during the period oftwo (2) business days ending on (and including) the due date of any redemption paymentof principal and (ii) during the period of two (2) business days ending on (and including) thedue date of any coupon payment date (the “Closed Period”). BTr shall prevent any transferof the securities to be recorded in the RoSS during any Closed Period. Bondholders ofrecord as appearing in the RoSS as of the Closed Period will be treated by BTr as thebeneficial owners of such securities for any relevant payment.


APP. 68b08.12.31

Sec. 4. Settlement Bank. Whenever the Dealer is designated by the investor as his/itssettlement bank, it shall confirm receipt of payments from BTr intended for the investorand shall promptly and punctually credit the investor’s bank account all said relevantpayments on the securities. Upon the crediting of the regular DDA of the Dealer with BSPfor the applicable payments, the investor shall be considered as having been fully paid onhis/its securities and the Dealer shall then be responsible to the investor. The BTr, itsofficers and employees and agents shall not be made liable for any claim, liability, orresponsibility for damages or injury incurred by the investor on account of the Dealer’sfailure to pay/credit the investor’s settlement account.

Sec. 5. Compliance with Anti-Money Laundering Law. The Dealer shall be responsiblefor compliance with the requirements of Anti-Money Laundering Law and other bankinglaws, rules and regulations relative to reporting of suspicious accounts and deposits.

Sec. 6. Limitation of Liability. The BTr, its officers, employees and agents shall not beheld liable for any claim, liability or responsibility for damages or injury incurred by theinvestor on account of the loss of his/its securities holdings unless the loss or injury wascaused by the act or omission of the BTr. Likewise, the BTr, its officers, employees andagents shall be rendered free and harmless from any liability on account of effectinginstruction/s transmitted by the Dealer to the RoSS which the latter believed in good faithto have emanated from the Dealer.

Sec. 7. Sanctions for Fraudulent Transactions. In case the Dealer commits any fraudulentact or transaction in connection with government securities or violates any of its undertakingsherein, the BTr shall have the right to impose administrative sanctions such as but notlimited to dis-accreditation and/or suspension of accreditation as a government securitieseligible dealer, and other administrative sanctions as may be prescribed by competentauthorities without prejudice to civil or criminal prosecution in accordance with law.

Sec. 8. Amendment and Repeal. This agreement may be amended, modified or repealedby the parties in writing, by giving 30 days prior written notice.

Sec. 9. Effectivity. This agreement shall take effect immediately.

IN WITNESS WHEREOF, the parties have hereunto signed these presents this at .

BUREAU OF THE TREASURY [Dealer]

By: By:

Treasurer of the Philippines President & CEO

Signed in the presence of:


APP. 68b08.12.31

Republic of the Philippines)________________________) S.S

ACKNOWLEDGMENT

BEFORE ME, a Notary Public for and in the City of ________________, personallyappeared:

Name CTC No. Date & Place Issued

Bureau of the Treasury ________ ________________Rep. by the Treasurer of thePhilippines

[Dealer]Rep. by ____________________ ________ ________________

known to me to be the same persons who executed the foregoing instrument consistingof ____ ( ) pages, including this page where this Acknowledgment is written, andacknowledge to me that the same is their free and voluntary act and deed and of theagency/institution they represent.

WITNESS MY HAND AND NOTARIAL SEAL this at__________________, Philippines.

NOTARY PUBLIC

Doc. No.:Page No.:Book No.:Series of


APP. 68b08.12.31

Annex B

NOTE: TO BE SUBMITTED TO THEBUREAU OF THE TREASURY

INVESTOR’S UNDERTAKING

I/We,

For Individual Investors Name:of legal age Address:

Civil Status:

For Juridical Entity Name:authorized to do business Principal Office Address:in the Philippines Place of Incorporation:

Name of Representative:Capacity/Position of Representative:

A. Hereby agree to execute, pursuant to BSP Circular 524, a limited Special Power ofAttorney in favor of either the dealing Government Securities Eligible Dealer1

(GSED) or Securities Dealer2 for the creation of a Principal Securities Account withthe RoSS or for the execution of trade transactions (i.e. buying and selling instructions,including relaying of instructions to “the CUSTODIAN“ to receive or deliversecurities in order to consummate the buy/sell transactions) and to be bound bythe provisions of a written Authority or a special power of attorney, or any relevantagreement I/we have entered into concerning my/our government securityholdings, thereby confirming my/our authority for BTr-RoSS to carry out and executethe acts or instructions referred to in the aforesaid documents;

B. It is understood that the RoSS administered by the BTr is the official registry ofownership of or interest in government securities; that all government securitiesfloated/originated by NG under its scripless policy are recorded in the RoSS aswell as subsequent transfer of the same; and that I/we will abide by the rules andregulations of BTr-RoSS concerning government securities.

And further undertake as follows:

1. To create/open through the Client Interface System a Principal Securities Accountwith the RoSS to ensure that title of said scripless securities is officially recorded inmy/our name and under my/our control.

2. That as a condition for the creation/opening of my/our Principal Securities Accountwith the RoSS, I/we have opened a bank account with(___________________________________ as Settlement Bank) to which couponand maturity proceeds and any other payments to be made on my/our governmentsecurities holdings will be credited; undertake to furnish the RoSS of said bank

1 Accredited by the Bureau of the Treasury2 Licensed by the Securities and Exchange Commission


APP. 68b08.12.31

account number; and give notice at least three (3) business days prior to any couponand/or maturity payment of any change in the Settlement Bank and/or bank accountnumber.

3. That no transfer of securities shall be made (i) during the period of two (2) businessdays ending on (and including) the due date of any redemption payment of principaland (ii) during the period of two (2) business days ending on (and including) thedue date of any coupon payment date (the “Closed Period”). I/We further acknowledgethat the BTr shall prevent any transfer of the securities to be recorded in the RoSSduring any Closed Period.

4. That in the case of outright sale transactions of government securities, including thatof RTBs, I/we undertake to sell the same to any of the GSEDs or Securities Dealers,save those provided for under existing rules and regulations on governmentsecurities applicable to tax-exempt institutions, government-owned or controlledcorporations and local government units. Otherwise, I/we shall have the saidsecurities delivered to my/our agent/custodian for trading or any other transactionspursuant to a relevant written instruction/authority.

5. To receive notices and/or statements of account on a quarterly basis or wheneverthere is a movement in my Principal Securities Account from the RoSS throughany of the following modes:(Please indicate choice)

[ ] Pick-up at the RoSS[ ] Registered Mail to Home/Office Address[ ] Deliver electronically to Agent[ ] Deliver electronically to Settlement Bank (for pick up)[ ] Email - email address

In the absence of an indicated choice, I/we understand that the BTr shall electronicallydeliver all Notices and Statements to my/our designated settlement bank.

Note: In addition to the indicated manner of receiving notice(s) and statement(s),Investor can directly secure from the BTr written copy of any notice, statement ofaccount, or confirmation report, subject to prior notice to and in accordance withthe procedures of the BTr.

I/We hereby agree to abide with the Schedule of Fees and the manner of collection,as may be prescribed by the BTr from time to time.

6. That I/we expressly agree and acknowledge that the crediting to the regular DDA ofmy/our settlement bank of coupons and/or redemption value due my/our scriplesssecurities, shall constitute actual receipt of payment by me/us.

7. To hold the BTr, its officers, employees and agents free and harmless against allsuits, actions, damages or claims arising from failure of my/our Settlement Bank tocredit my/our bank account for coupons and maturity values on due date.


APP. 68b08.12.31

8. That all instructions affecting my/our scripless securities which are transmitted toor received in good faith the RoSS from myself/ourselves or my/our designatedagent/custodian are covered by relevant documentation indicating my/our expressconsent and authority.

9. That I/we expressly warrant and authorize the delivery of copies of all evidence ofauthority granted to my/our designated agent/custodian to transact on my/ourscripless securities upon reasonable demand by BTr.

10. That I/we undertake to immediately notify the RoSS of any unauthorized trade of my/our scripless securities, and until receipt of such notice, transactions effected by BTrin good faith are deemed valid.

11. To render free and harmless the BTr, its officers, employees and agents for anyclaim or damages with respect to trade instructions carried out in good faith.

12. That while it is understood that BTr shall maintain the strict confidentiality of recordsin the RoSS, I/we hereby expressly waive and authorize BTr, to the extent allowed bylaw, to disclose relevant information in compliance with Anti-Money Launderinglaws, rules and regulations.

13. To submit to the BTr the relevant special power of attorney or authorizations issuedto my/our agent, upon demand of BTr.

IN WITNESS WHEREOF, I/We hereunto affix our hands this day of_______________ at _____________________, Philippines.

__________________________________ Name & Signature of Investor

Conforme:

Settlement Bank


APP. 68b08.12.31

ACKNOWLEDGMENT

BEFORE ME, a Notary Public for and in the City of _____________, personallyappeared:

Name: CTC No. Date: Place of Issue:

(Investor or Representative of Juridical Entity)

known to me to be the same person who executed the foregoing instrument and he/sheacknowledged to me that the same is his/her free and voluntary act and deed (and the freeact and deed of the entity they represent).

WITNESS MY HAND AND NOTARIAL SEAL this at ,Philippines.

NOTARY PUBLIC

Doc. No.:Page No.:Book No.:Series of


APP. 6909.12.31

PROMPT CORRECTIVE ACTION FRAMEWORK[Appendix to Sec. X193 (2008 - X106.4)]

In carrying out its primary objective ofmaintaining price stability conducive to abalanced and sustainable growth of theeconomy1, the BSP must necessarilymaintain stability of the financial systemthrough preservation of confidence therein.While preservation of confidence in thefinancial system may call for closure ofmismanaged banks and/or financial entitiesunder its jurisdiction, such closure is notthe only option available to the BSP. Whena bank’s closure, for instance, is adjudgedby the Monetary Board to have adversesystemic consequences, the State may actin accordance with law to avert potentialfinancial system instability or economicdisruption.2

It is recognized that the closure of abank or its intervention can be a costly andpainful exercise. For this reason, the BSP,as supervisor, can enforce PCA3 as soon asa bank’s condition indicates higher-thannormal risk of failure.

PCA essentially involves the BSPdirecting the board of directors of a bank,prior to an open outbreak of crisis, toinstitute strong measures to restore theentity to normal operating condition withina reasonable period, ideally within one (1)year. These measures may include any orall of the following components:

(1) Implementation of a capitalrestoration plan;

(2) Implementation of a businessimprovement plan; and

(3) Implementation of corporategovernance reforms.

Capital restoration plan - thiscomponent contains the schedule forbuilding up a bank’s capital base (primarilythrough an increase in Tier 1 capital) to a

level commensurate to the underlying riskexposure and in full compliance withminimum capital adequacy requirement.In conjunction with this plan, the BSP mayalso require any one (1), or a combinationof the following:

1. Limit or curtail dividend paymentsto common stockholders;

2. Limit or curtail dividend paymentsto preferred stockholders; and

3. Limit or curtail fees and/or otherpayments to related parties.

Business improvement plan - thiscomponent contains the set of actions tobe taken immediately to bring about animprovement in the entity’s operatingcondition, including but not limited to anyone (1), or a combination of the following:

1. Reduce risk exposures tomanageable levels;

2. Strengthen risk management;3. Curtail or limit the bank’s scope of

operations including those of its subsidiariesor affiliates where it exercises control;

4. Change or replace managementofficials;

5. Reduce expenses; and6. Other measures to improve the

quality of earnings.Corporate governance reforms - this

component contains the actions to beimmediately taken to improve thecomposition and/or independence of theboard of directors and to enhance the qualityof its oversight over the management andoperation of the entity. This also includesmeasures to minimize potentialshareholder conflicts of interest detrimentalto its creditors, particularly, depositors in abank. This likewise lays down measuresto provide an acceptable level of financial

1 Section 3 of Republic Act No. 76532 Section 17 and 18 of Republic Act No. 3591, as amended3 Section 4.6 of Republic Act No. 8791


APP. 6909.12.31

transparency to all stakeholders. Such actionscould include, but are not limited to, any one(1), or a combination of the following:

1. A change in the composition of theboard of directors or any of the mandatorycommittees (under the MORB);

2. An enhancement to the frequencyand/or depth of reporting to the board ofdirectors;

3. A reduction in exposures to and/ora termination or reduction of businessrelationships with affiliates that poseexcessive risk or are inherentlydisadvantageous to the supervised financialinstitution; and

4. A change of external auditor.A bank may be subject to PCA

whenever any or all of the followingconditions obtain:

(1) When either of the Total Risk-BasedRatio1, Tier 1 Risk-Based Ratio, or LeverageRatio2 falls below ten percent (10%), sixpercent (6%) and five percent (5%),respectively, or such other minimum levelsthat may be prescribed for the said ratiosunder relevant regulations, and/or thecombined capital account falls below theminimum capital requirement prescribedunder Subsec. X106.1;

(2) The CAMELS composite rating is lessthan “3” or a Management component rating ofless than “3” ;

(3) A serious supervisory concern hasbeen identified that places a bank at more-than-normal risk of failure in the opinion ofthe director of the Examination Departmentconcerned, which opinion is confirmed bythe Monetary Board. Such concerns couldinclude, but are not limited, to any one (1)or a combination of the following:

a. Finding of unsafe and unsoundactivities that could adversely affect theinterest of depositors and/or creditors;

b. A finding of repeat violations of lawor the continuing failure to comply withMonetary Board Directives; and

c. Significant reporting errors thatmaterially misrepresent the bank’s financialcondition.

The initiation of PCA shall berecommended by the Deputy Governor,SES to the Monetary Board for approval.Any initiation of PCA shall be reported tothe PDIC for notation. Upon PCAinitiation, the BSP shall require the bankto enter into a MOU committing to thePCA plan. The MOU shall be subject toapproval by the Monetary Board.

In order to monitor compliance withthe PCA, quarterly progress reports shallbe made. The BSP reserves the right toconduct periodic on-site visits outside ofregular examination to validatecompliance with the PCA plan.

Subject to Monetary Board approval,sanctions may be imposed on any banksubject to PCA whenever there isunreasonable delay in entering into a PCAplan or when PCA is not being compliedwith. These may include any or all of thefollowing:

(1) monetary penalty on or curtailmentor suspension of privileges enjoyed bythe board of directors or responsibleofficers;

(2) restriction on existing activities thatthe supervised financial institution mayundertake;

(3) denial of application for branchingand other special authorities;

(4) denial or restriction of access toBSP credit facilities; and

(5) restriction on declaration ofdividends.

On the other hand, if the bank subjectto PCA promptly implements a PCA planand substantially complies with itsconditions, it may continue to have accessto BSP credit facilities notwithstanding non-compliance with standard conditions ofaccess to such facilities. The DeputyGovernor, SES shall recommend such

1 Otherwise known as Capital Adequacy Ratio (“CAR”)2 Total Capital /Total Assets


APP. 6909.12.31

exemption to the Monetary Board forapproval.

In cases where a bank’s problems aredeemed to be exceptionally serious fromthe outset, or when a bank is unwilling tosubmit to the PCA or unable to substantiallycomply with an agreed PCA plan, theDeputy Governor, SES may immediatelyrecommend to the Monetary Board moredrastic actions as prescribed under Section29 (conservatorship) and Section 30(receivership) of R.A. No. 7653.

Subject to Monetary Board approval, thePCA status of a bank may be lifted: Provided,That the bank fully complies with the termsand conditions of its MOU and: Provided,further, That the Deputy Governor, SES hasdetermined that the financial and operatingcondition of the bank no longer presents arisk to itself or the financial system. Suchimproved assessment shall be immediatelyreported to the PDIC.(Circular No. 523 dated 23 March 2006, as amended by Circular

No. 664 dated 15 September 2009)

APP. 7008.12.31

(RESERVED)


APP. 70a08.12.31


AUTOMATED TELLER MACHINE SAFETY MEASURES[Appendix to Sec. X705 (2008 - X624)]

To minimize/prevent ATM frauds andcrimes, banks should, at a minimum,implement the following security measureswith respect to their ATM facilities:

1. Locate ATM’s in highly visible areas;2. Provide sufficient lighting at and

around the ATMs;3. Where ATM crimes (e.g., robbery,

vandalism) are high in a specific area orlocation, banks should install surveillancecamera or cameras which shall view andrecord all persons entering the facility. Suchrecordings shall be preserved by the banksfor at least thirty (30) days;

4. Implement ATM programmingenhancements like masking/non-printingof card numbers;

5. Educate customers by advisingthem regularly of risks associated withusing the ATM and how to avoid theserisks;

6. Conduct and document periodicsecurity inspection at the ATM location, andmake the pertinent information availableto their clients;

7. Educate bank personnel to beresponsive and sensitive to customerconcerns and to communicate themimmediately to the responsible bankofficer; and

8. Post near the ATM facility a clearlyvisible sign which, at a minimum, providesthe telephone numbers of the bank as wellas other banks’ hotline numbers for othercardholders who are allowed to transactbusiness in the ATM, and police hotlinesfor emergency cases.

Banks must study and assess ATMcrimes to determine the primary problemareas. Procedures for reporting ATM crimeshould also be established. Knowing whatcrimes have occurred will aid the banks inrecognizing the particular crime problemand to what degree it exists so that theycan implement specific preventionmeasures to mitigate the risk. In thisconnection, banks are encouraged to shareinformation involving ATM fraud cases todeter and prevent proliferation of the crime.(Circular No. 542 dated 01 September 2006)

APP. 70b08.12.31

Appendix 70b - Page 1Manual of Regulations for Banks

INTERNET AND WIRELESS BANKING SECURITY MEASURES[Appendix to Sec. X705 (2008 - X624)]

1. Network controlsa. Implement adequate security

measures on the internal networks andnetwork connections to public network orremote parties. Segregate internal networksinto different segments having regard to theaccess control needed for the data stored in,or systems connected to, each segment.

b. Properly design and configure theservers and firewalls used for the e-bankingservices either internet-based or deliveredthrough wireless communication networks(e.g., install firewalls between internal andexternal networks as well as betweengeographically-separate sites).

c. Deploy strong and stringentauthentication and controls especially inremote access or wireless access to theinternal network.

d. Implement anti-virus software,network scanners and analyzers, intrusiondetectors and security alert as well as conductregular system and data integrity checks.

e. Maintain access security logs andaudit trails. These should be analyzed forsuspicious traffic and/or intrusion attempts.

f. Ensure that wireless software forwireless communication network includesappropriate audit capabilities (e.g.,recording dropped transactions).

g. Develop built-in redundancies forsingle points of failure which can bringdown the entire network.

2. Operating Systems Controlsa. Harden operating systems by

configuring system software and firewallto the highest security settings consistentwith the level of protection required,keeping abreast of enhancements, updatesand patches recommended by systemvendors.

b. Change all default passwords fornew systems immediately upon installationas they provide the most common meansfor intruders to break into systems.

3. Encryptiona. Implement encryption technologies

that are appropriate to the sensitivity andimportance of data to protect confidentialityof information while it is stored or in passageover external and internal networks.

b. Choose encryption technologiesthat make use of internationally recognizedcryptographic algorithms where thestrengths of the algorithms have beensubjected to extensive tests.

c. Apply strong “end-to-end”encryption to the transmission of highlysensitive data (e.g., customer passwords)so that the data are encrypted all the waybetween customers’ devices and bank’sinternal systems for processing the data.This would ensure that highly sensitivedata would not be compromised even ifthe banks’ web servers or internal networkswere penetrated.

4. Website and Mobile BankingAuthentication

a. Authenticate official website toprotect bank customers from spoofed orfaked websites. Banks should determinewhat authentication technique to use toprovide protection against these attacks.

b. For wireless applications, adoptauthentication protocols that are separateand distinct from those provided by thewireless network operator.

5. Physical Securitya. House all critical or sensitive

computers and network equipment in


APP. 70b08.12.31

physically secure locations (e.g., awayfrom environmental hazards, unauthorizedentry and public disclosure, etc.).

b. Implement physical securitymeasures such as security barriers (e.g.,external walls, windows); entry controls(e.g., biometric door locks, manual orelectronic logging, security guards) andphysical protection facilities/devices (e.g.,water and fire detectors, uninterruptiblepower supply [UPS], etc.) to preventunauthorized physical access, damage toand interference with the e-bankingservices.

6. Development and Acquisitiona. Separate physical/logical

environments for systems development,testing and production.

b. Provide separate environments forthe development, testing, staging andproduction of internet facing web-basedapplications; connect only the productionenvironment to the internet.

7. IT Personnel TrainingProvide appropriate and updated

training to IT personnel on network,application and security risks and controlsso that they understand and can respondto potential security threats.

8. Service Providersa. Perform due diligence regularly to

evaluate the ability of the service providers(e.g., internet service provider,telecommunication provider) to maintainan adequate level of security and to keepabreast of changing technology.

b. Ensure that the contractualagreements with the service providers haveclearly defined security responsibilities.

9. Independent Audit, Vulnerability Testand Penetration Testing

a. Conduct regular audit to assess theadequacy and effectiveness of the riskmanagement process and the attendantcontrols and security measures.

b. Perform vulnerability test orassessment to evaluate the informationsecurity policies, internal controls andprocedures, as well as system and networksecurity of the bank. Assessment shouldalso include latest technologicaldevelopments and security threats,industry standards and sound practices.

c. Conduct penetration testing at leastannually.

d. The audit and tests should beconducted by security professionals orinternal auditors who are independent inthe development, implementation oroperation of the e-banking services, andhave the required skills to perform theevaluation.

e. For e-banking services provided byan outside vendor or service provider,ensure that the above tests and audit areperformed and the bank is provided withthe results and actions taken on systemsecurity weaknesses.

10. Incident ResponseEstablish an incident management and

response plan and test the predeterminedaction plan relating to security incidents.(Circular No. 542 dated 01 September 2006)

APP. 70c08.12.31

Appendix 70c - Page 1Manual of Regulations for Banks

ELECTRONIC BANKING CONSUMER AWARENESS PROGRAM[Appendix to Sec. X705 (2008 - X624)]

To ensure security in their e-bankingtransactions and personal information,consumers should be oriented of their rolesand responsibilities which, at a minimum,include the following:

1. Internet Products and Services

a. Secure Login ID and Password or PIN(1) Do not disclose Login ID and

Password or PIN.(2) Do not store Login ID and

Password or PIN on the computer.(3) Regularly change password or PIN

and avoid using easy-to-guess passwordssuch as names or birthdays. Passwordshould be a combination of characters(uppercase and lowercase) and numbersand should be at least 6 digits in length.

b. Keep personal information private.Do not disclose personal information

such as address, mother’s maiden name,telephone number, social security number,bank account number or e-mail address -unless the one collecting the informationis reliable and trustworthy.

c. Keep records of online transactions.(1) Regularly check transaction history

details and statements to make sure thatthere are no unauthorized transactions.

(2) Review and reconcile monthlycredit card and bank statements for anyerrors or unauthorized transactionspromptly and thoroughly.

(3) Check e-mail for contacts bymerchants with whom one is doingbusiness. Merchants may send importantinformation about transaction histories.

(4) Immediately notify the bank ifthere are unauthorized entries ortransactions in the account.

d. Check for the right and securewebsite.

(1) Before doing any onlinetransactions or sending personalinformation, make sure that correctwebsite has been accessed. Beware ofbogus or “look alike” websites which aredesigned to deceive consumers.

(2) Check if the website is “secure” bychecking the Universal Resource Locators(URLs) which should begin with “https” anda closed padlock icon on the status bar inthe browser is displayed. To confirmauthenticity of the site, double-click on thelock icon to display security certificateinformation of the site.

(3) Always enter the URL of the websitedirectly into the web browser. Avoid beingre-directed to the website, or hyperlink it froma website that may not be as secure.

(4) If possible, use software thatencrypts or scrambles the informationwhen sending sensitive information orperforming e-banking transactions online.

e. Protect personal computer fromhackers, viruses and malicious programs.

(1) Install a personal firewall and areputable anti-virus program to protectpersonal computer from virus attacks ormalicious programs.

(2) Ensure that the anti-virus programis updated and runs at all times.

(3) Always keep the operating systemand the web browser updated with thelatest security patches, in order to protectagainst weaknesses or vulnerabilities.

(4) Always check with an updated anti-virus program when downloading aprogram or opening an attachment toensure that it does not contain any virus.

(5) Install updated scanner softwares todetect and eliminate malicious programs

Manual of Regulations for BanksAppendix 70c - Page 2

APP. 70c08.12.31

capable of capturing personal or financialinformation online.

(6) Never download any file or softwarefrom sites or sources, which are not familiaror hyperlinks sent by strangers. Openingsuch files could expose the system to acomputer virus that could hijack personalinformation, including password or PIN.

f. Do not leave computer unattendedwhen logged-in.

(1) Log-off from the internet bankingsite when computer is unattended, even ifit is for a short while.

(2) Always remember to log-off whene-banking transactions have beencompleted.

(3) Clear the memory cache andtransaction history after logging out fromthe website to remove account information.This would avoid incidents of the storedinformation being retrieved by unwantedparties.

g. Check the site’s privacy policy anddisclosures.

(1) Read and understand websitedisclosures specifically on refund,shipping, account debit/credit policies andother bank terms and conditions.

(2) Before providing any personalfinancial information to a website,determine how the information will beused or shared with others.

(3) Check the site’s statements aboutthe security provided for the informationdivulged.

(4) Some websites’ disclosures areeasier to find than others — look at the bottomof the home page, on order forms or in the“About” or “FAQs” section of a site. If thecustomer is not comfortable with the policy,consider doing business elsewhere.

h. Other internet security measures:(1) Do not send any personal

information particularly password or PINvia ordinary e-mail.

(2) Do not open other browserwindows while banking online.

(3) Avoid using shared or publicpersonal computers in conductinge-banking transactions.

(4) Disable the “file and printersharing” feature on the operating systemif conducting banking transactions online.

(5) Contact the banking institution todiscuss security concerns and remedies toany online e-banking account issues.

2. Other Electronic Products

a. ATM and debit cards(1) Use ATMs that are familiar or that

are in well-lit locations where one feelscomfortable. If the machine is poorly lit oris in a hidden area, use another ATM.

(2) Have card ready beforeapproaching the ATM. Avoid having to gothrough the wallet or purse to find the card.

(3) Do not use ATMs that appear tohave been tampered with or otherwisealtered. Report such condition to the bank.

(4) Memorize ATM PIN and neverdisclose it to anyone. Do not keep thosenumbers or passwords in the wallet orpurse. Never write them on the cardsthemselves. Avoid using easily availablepersonal information like a birthday,nickname, mother’s maiden name orconsecutive numbers.

(5) Be mindful of “shoulder surfers”when using ATMs. Stand close to the ATMand shield the keypad with hand whenkeying in the PIN and transaction amount.

(6) If the ATM is not working correctly,cancel the transaction and use a differentATM. If possible, report the problem to thebank.

(7) Carefully secure card and cash inthe wallet, handbag, or pocket beforeleaving the ATM.

(8) Do not leave the receipt behind.Compare ATM receipts to monthlystatement. It is the best way to guard againstfraud and it makes record-keeping easier.

APP. 70c08.12.31

Appendix 70c - Page 3Manual of Regulations for Banks

(9) Do not let other people use yourcard. If card is lost or stolen, report theincident immediately to the bank.

b. Credit cards(1) Never disclose credit card

information to anyone. The fraudulent useof credit cards is not limited to the loss ortheft of actual credit cards. A capablecriminal only needs to know the credit cardnumber to fraudulently make numerouscharges against the account.

(2) Endorse or sign all credit cards assoon as they are received from the bank.

(3) Like ATM card PINs, secure creditcard PINs. Do not keep those numbers orpasswords in the wallet or purse and neverwrite them on the cards themselves.

(4) Photocopy both the front and backof all credit cards and keep the copies in asafe and secure location. This will facilitatein the immediate cancellation of the card iflost or stolen.

(5) Carry only the minimum numberof credit cards actually needed and neverleave them unattended.

(6) Never allow credit card to be usedas reference (credit card number) or as anidentification card.

(7) Never give your credit cardaccount number over the telephone unlessdealing with a reputable company orinstitution.

(8) When using credit cards, keep aconstant eye on the card and the onehandling it. Be aware of the “swipe andtheft” scam using card skimmers. Askimmer is a machine that records theinformation from the magnetic stripe on acredit card to be downloaded onto apersonal computer later. The card can beswiped on a skimmer by a dishonestperson and that data can then be used tomake duplicate copies of the credit card.

(9) Do not leave documents like bills,bank and credit card statements in an

unsecure place since these documentshave direct access to credit card and/ordeposit account information. Considershredding sensitive documents rather thansimply throwing them away. (Some peoplewill go through the garbage to find thisinformation).

(10) Notify the bank in advance of achange in address.

(11) Open billing statements promptlyand reconcile card amounts each month.

(12) Do not let other people use yourcard. If card is lost or stolen, report theincident immediately to the bank.

c. Mobile Banking(1) Do not disclose your Mobile

Banking Pin (MPIN) to anyone.(2) Regularly change the MPIN.(3) Do not let other people use your

mobile phone enrolled in a mobilebanking service. If the phone is lost orstolen, report the incident immediately tothe bank.

(4) Be vigilant. Refrain from doingmobile banking transactions in a placewhere you observe the presence of“shoulder surfers”.

(5) Keep a copy of the transactionreference number provided by the bankwhenever you perform a mobile bankingtransaction as evidence that the specifictransaction was actually executed.

Since customers may find it difficult totake in lengthy and complex advice, banksshould devise effective methods andchannels for communicating with them onsecurity precautions. Banks may make useof multiple channels (e.g., banks’ websites,alert messages on customers mobilephone, messages printed on customerstatements, promotional leaflets,circumstances when banks’ frontline staffcommunicate with their customers) toenforce these precautionary measures.(Circular No. 542 dated 01 September 2006)

APP. 70d08.12.31

Appendix 70d - Page 1Manual of Regulations for Banks

DISCLOSURE REQUIREMENTS[Appendix to Sec. X705 (2008 - X624)]

1. General RequirementBanks offering e-banking services have

to adopt responsible privacy policies andinformation practices. They should providedisclosures that are clear and readilyunderstandable, in writing, or in a form theconsumers may print and keep.

Banks should also ensure thatconsumers who sign-up for a newbanking service are provided withdisclosures (e.g., pamphlet) informingthem of their rights as a consumers. At aminimum, the following disclosuresshould be provided to protect consumersand inform them of their rights andresponsibilities:

a. Information on the duties of thebanking institution and customers.

b. Information on who will be liablefor unauthorized or fraudulent transactions.

c. Mode by which customers will benotif ied of changes in terms andconditions.

d. Information relating to howcustomers can lodge a complaint, and howa complaint may be investigated andresolved.

e. Disclosures that will helpconsumers in their decision-making (e.g.,PDIC-insured, etc.)

f. For internet environment,information that prompt in the bank’swebsite to notify customers that they areleaving the banking institutions’ websiteand hence they are not protected by theprivacy policies and security measures ofthe banking institutions when theyhyperlink to third party’s website.

2. Disclosure Responsibilitya. Compliance officers should review

bank’s disclosure statements to determinewhether they have been designed to meetthe general and specific requirements setin this circular.

b. For banks that advertise depositproducts and services on-line, they mustverify that proper advertising disclosuresare made (e.g. whether the product isinsured or not by the PDIC; fees andcharges associated with the product orservices, etc.). Advertisements should bemonitored to determine whether they arecurrent, accurate, and compliant.

c. For banks that issue various productslike stored value cards, e-wallets, debit cardsand credit cards, they must provideinformation to consumers regarding thefeatures of each of these products to enableconsumers to meaningfully distinguish them.Additionally, consumers would find itbeneficial to receive information about theterms and conditions associated with theirusage. Example of these disclosuresinclude: PDIC-insured or non-insured statusof the product; fees and charges associatedwith the purchase, use or redemption ofthe product; liability for loss; expirationdates, or limits on redemption; and toll-freetelephone number for customer service,malfunction and error resolution.

d. Whenever e-banking services areoutsourced to third parties or serviceproviders, banks should ensure that thevendors comply with the disclosurerequirements of the BSP.(Circular No. 542 dated 01 September 2006)


APP. 7108.12.31

GUIDELINES FOR THE CHANGE IN THE MODE OF COMPLIANCE WITH THE LIQUIDITY RESERVE REQUIREMENT(Appendix to Subsecs. X253.2 & X405.5)

The following guidelines shall beobserved in implementing the change in themode of compliance with the liquidityreserve requirement from holdinggovernment securities bought directly fromthe BSP:

1. Government securities previouslybought from the BSP in compliance withthe liquidity reserve requirement shallremain eligible for such purpose until thesemature or are sold back to the BSP at yieldsquoted by the BSP Treasury Department(TD). Only the outstanding ERAP andPEACe bonds shall qualify as eligiblesecurities for liquidity reserves. Futureissuances will no longer carry the liquidityreserve eligibility under this Section.

2. The interest rates applied to thereserve deposit account (RDA) shall be setby the TD at one-half percent (1/2%) belowthe prevailing market rate for comparablegovernment securities;

3. Pre-termination of RDAs shall beallowed subject to a reduction in applicableinterest rates, as prescribed by the TD;

4. Banks and QBs shall submit onplacement date a written authority (seeAnnex A) to the TD to debit their demanddeposit account with the BSP as paymentfor the RDA;

5. Principal and interest payments atmaturity net of applicable tax shall bemade by the BSP through automatic creditto the institution’s demand deposit accountwith the BSP. Full or partial rollover ofplacements in the RDA shall be settled on agross basis;

6. Any deficiency in the liquidityreserves shall continue to be in the forms ormodes prescribed under existing regulationsfor the composition of required reserves;

7. Banks and QBs shall continue tospecify in the prescribed reports to the SDCof the BSP the balance of governmentsecurities held for liquidity reservepurposes. Said balance shall decline overtime as government securities previouslybought from the BSP mature or are sold backto the BSP; and

8. To facilitate the adoption of thechange in the mode of compliance with theliquidity reserve requirement, the TD (whilestarting to accept placements in the reservedeposit account) shall continue to sellgovernment securities for liquidity reservepurposes until 29 September 2006.

The above guidelines shall take effect on25 August 2006.(Circular Nos. 551 dated 17 November 2006 and 539 dated

09 August 2006)


APP. 7108.12.31

Annex A

DEBIT/CREDIT AUTHORITY FORMATORDINARY WHITE PAPER

2 COPIES

(COUNTERPARTY’S LETTERHEAD)

DATE: _______________

TREASURY DEPARTMENTTREASURY SERVICES GROUP – DOMESTICBANGKO SENTRAL NG PILIPINAS

GENTLEMEN:

THIS IS TO CONFIRM OUR RESERVE DEPOSIT ACCOUNT (RDA) PLACEMENT WITHYOUR OFFICE, DETAILED AS FOLLOWS:VALUE DATETERMMATURITY DATERATEPRINCIPAL AMOUNTGROSS INTERESTWITHHOLDING TAXLIQUIDITY RESERVES FOR Deposit Liabilities & Deposit Substitute

(PLEASE CHECK ONE) TOFA - OthersCTF

ACCORDINGLY, PLEASE DEBIT OUR REGULAR DEMAND DEPOSIT ACCOUNTWITH YOURSELVES ON VALUE DATE FOR THE PRINCIPAL AMOUNT OF (AMOUNT INWORDS) (P) AND CREDIT THE SAME ACCOUNT ON MATURITY DATE THE AMOUNTOF (AMOUNT IN WORDS) (P) REPRESENTING FULL PAYMENT OF THE PRINCIPALPLUS INTEREST (NET OF APPLICABLE WITHHOLDING TAX) THEREON.

VERY TRULY YOURS,

(AUTHORIZED SIGNATORY)1


(Circular Nos. 551 dated 17 November 2006 and 539 dated 09 August 2006)


APP. 7208.12.31

GUIDELINES ON SUPERVISION BY RISK(Appendix to Sec. X173)

I. BackgroundIt must be recognized that banking is a

business of taking risks in order to earnprofits. While banking risks historically havebeen concentrated in traditional bankingactivities, the financial services industry hasevolved in response to market-driven,technological, and legislative changes.These changes have allowed FIs to expandproduct offerings, geographic diversity,and delivery systems. They have alsoincreased the complexity of the FI’sconsolidated risk exposure. Because of thiscomplexity, FIs must evaluate, control, andmanage risk according to its significance.The FI’s evaluation of risk must take intoaccount how non-bank activities within abanking organization affect the FI.Consolidated risk assessments should be afundamental part of managing the FI. LargeFIs assume varied and complex risks thatwarrant a risk-oriented supervisoryapproach.

II. Statement of policyThe existence of risk is not necessarily

a reason for concern. Likewise, theexistence of high risk in any area is notnecessarily a concern, so long asmanagement exhibits the ability toeffectively manage that level of risk. Underthis approach, the BSP will not necessarilyattempt to restrict risk-taking but ratherensure that FIs identify, understand, andcontrol the risks they assume. As anorganization grows more diverse andcomplex, the FI’s risk managementprocesses must keep pace. When risk is notproperly managed, BSP will direct FImanagement to take corrective action suchas reducing exposures, increasing capital,strengthening risk management processesor a combination of these actions. In all

cases, the primary concern of the BSP isthat the FI operates in a safe and soundmanner and maintains capital commensuratewith its risks. Further guidance on riskmanagement issues will be addressed insubsequent issuances that are part of theoverall risk assessment program.

III. Guidelines for risk managementFor purposes of the discussion of risk,

the BSP will evaluate banking risk relativeto its impact on capital and earnings. Froma supervisory perspective, risk is the potentialthat events, expected or unanticipated, mayhave an adverse impact on the FI’s capitalor earnings.

The BSP-SES has defined eight (8)categories of risk for FI supervisionpurposes. These risks are: credit, market,interest rate, liquidity, operational,compliance, strategic, and reputation.These categories are not mutuallyexclusive; any product or service mayexpose the FI to multiple risks. In addition,they can be interdependent. Increased riskin one (1) category can increase risk inother categories.

Types and definitions of risk1. Credit risk arises from a

counterparty’s failure to meet the terms ofany contract with the FI or otherwise performas agreed. Credit risk is found in all activitieswhere success depends on counterparty,issuer, or borrower performance. It arisesany time FI funds are extended, committed,invested, or otherwise exposed throughactual or implied contractual agreements,whether reflected on or off the balance sheet.Credit risk is not limited to the loan portfolio.

2. Market risk is the risk to earningsor capital arising from changes in the valueof traded portfolios of financial instruments.


APP. 7208.12.31

This risk arises from market-making,dealing, and position-taking in interest rate,foreign exchange, equity and commoditiesmarkets.

3. Interest rate risk is the current andprospective risk to earnings or capital arisingfrom movements in interest rates. Interestrate risk arises from differences between thetiming of rate changes and the timing of cashflows (repricing risk); from changing raterelationships among different yield curvesaffecting FI activities (basis risk); fromchanging rate relationships across thespectrum of maturities (yield curve risk); andfrom interest-related options embedded inFI products (options risk).

4. Liquidity risk is the current andprospective risk to earnings or capital arisingfrom an FI’s inability to meet its obligationswhen they come due without incurringunacceptable losses. Liquidity risk includesthe inability to manage unplanned decreasesor changes in funding sources. Liquidity riskalso arises from the failure to recognize oraddress changes in market conditions thataffect the ability to liquidate assets quicklyand with minimal loss in value.

5. Operational risk is the current andprospective risk to earnings or capital arisingfrom fraud, error, and the inability to deliverproducts or services, maintain a competitiveposition, and manage information. Risk isinherent in efforts to gain strategicadvantage, and in the failure to keep pacewith changes in the financial servicesmarketplace. Operational risk is evident ineach product and service offered.Operational risk encompasses: productdevelopment and delivery, operationalprocessing, systems development, computingsystems, complexity of products and services,and the internal control environment.

6. Compliance risk is the current andprospective risk to earnings or capital arisingfrom violations of, or non-conformancewith, laws, rules, regulations, prescribedpractices, internal policies and procedures,

or ethical standards. Compliance risk alsoarises in situations where the laws or rulesgoverning certain FI products or activities ofthe FI’s clients may be ambiguous or untested.This risk exposes the FI to fines, payment ofdamages, and the voiding of contracts.Compliance risk can lead to diminishedreputation, reduced franchise value, limitedbusiness opportunities, reduced expansionpotential, and lack of contract enforceability.

7. Strategic risk is the current andprospective impact on earnings or capitalarising from adverse business decisions,improper implementation of decisions, orlack of responsiveness to industry changes.This risk is a function of the compatibility ofan organization’s strategic goals, thebusiness strategies developed to achievethose goals, the resources deployed againstthese goals, and the quality of implementation.The resources needed to carry out businessstrategies are both tangible and intangible.They include communication channels,operating systems, delivery networks, andmanagerial capacities and capabilities. Theorganization’s internal characteristics mustbe evaluated against the impact ofeconomic, technological, competitive,regulatory, and other environmental changes.

8. Reputation risk is the current andprospective impact on earnings or capitalarising from negative public opinion. Thisaffects the FI’s ability to establish newrelationships or services or continueservicing existing relationships. This risk mayexpose the FI to litigation, financial loss, ora decline in its customer base. In extremecases, FIs that lose their reputation maysuffer a run on deposits. Reputation riskexposure is present throughout theorganization and requires the responsibilityto exercise an abundance of caution indealing with customers and the community.

IV. FI management of riskBecause market conditions and

company structures vary, there is no


APP. 7208.12.31

single risk management system thatworks for all FIs. Each FI should tailor itsrisk management program to its needsand circumstances. Sound riskmanagement systems, however, haveseveral things in common; for example,they are independent of risk-takingactivit ies. Regardless of the riskmanagement program’s design, eachprogram should:

1. Identify risk: To properly identifyrisks, an FI must recognize andunderstand existing risks or risks thatmay arise from new business initiatives,including risks that originate in non-banksubsidiaries and aff i l iates. Riskidentification should be a continuingprocess, and should occur at both thetransaction and portfolio level.

2. Measure risk: Accurate and timelymeasurement of risk is essential toeffective risk management systems. An FIthat does not have a risk measurementsystem has limited ability to control ormonitor risk levels. Further, the morecomplex the risk, the more sophisticatedshould be the tools that measure it. An FIshould periodically conduct tests to makesure that the measurement tools it uses areaccurate. Good risk measurement systemsassess the risks of both individualtransactions and portfolios. During thetransition process in FI mergers andconsolidations, the effectiveness of riskmeasurement tools is often impairedbecause of the technologicalincompatibility of the merging systems orother problems of integration. Therefore,the resulting FI must make a strong effortto ensure that risks are appropriatelymeasured across the consolidated entity.Larger, more complex FIs must assess theimpact of increased transaction volumeacross all risk categories.

3. Monitor risk: FIs should monitorrisk levels to ensure timely review ofrisk positions and exceptions. Monitoring

reports should be frequent, timely,accurate, and informative and should bedistributed to appropriate individuals toensure action, when needed. For large,complex FIs, monitoring is essential toensure that management’s decisions areimplemented for all geographies,products, and legal entities.

4. Control risk: The FI should establishand communicate risk limits throughpolicies, standards, and procedures thatdefine responsibility and authority. Thesecontrol limits should be valid tools thatmanagement should be able to adjustwhen conditions or risk tolerances change.The FI should have a process to authorizeexceptions or changes to risk limits whenwarranted. In merging or consolidatingFIs, the transition should be tightlycontrolled; business plans, lines ofauthority, and accountability should beclear. Large, diversified FIs should havestrong risk controls covering allgeographies, products, and legal entities.

The Board must establish the FI’sstrategic direction and risk tolerances. Incarrying out these responsibilities, theBoard should approve policies that setoperational standards and risk limits. Well-designed monitoring systems will allowthe Board to hold managementaccountable for operating withinestablished tolerances. Capablemanagement and appropriate staffing arealso essential to effective riskmanagement. FI management isresponsible for the implementation,integrity, and maintenance of riskmanagement systems. Management alsomust keep the directors adequatelyinformed. Management must:

a. Implement the FI’s strategy;b. Develop policies that define the

FI’s risk tolerance and ensure that they arecompatible with strategic goals;

c. Ensure that strategic direction andrisk tolerances are effectively


APP. 7208.12.31

communicated and adhered to throughoutthe organization;

d. Oversee the development andmaintenance of management informationsystems to ensure that information istimely, accurate, and pertinent.

V. Assessment of risk managementWhen assessing risk management

systems, the BSP will consider the FI’spolicies, processes, personnel, and controlsystems. Significant deficiencies in any oneof these areas will cause the BSP to expectthe FI to compensate for these deficienciesin their overall risk management process.

1. Policies are statements of the FIs’commitment to pursue certain results.Policies often set standards (on risktolerances, for example) and recommendcourses of action. Policies should expressan FI’s underlying mission, values, andprinciples. A policy review should alwaysbe triggered when an FI’s activities or risktolerances change.

2. Processes are the procedures,programs, and practices that impose orderon the FI’s pursuit of its objectives. Processesdefine how daily activities are carried out.Effective processes are consistent with theunderlying policies, are efficient, and aregoverned by checks and balances.

3. Personnel are the staff and managersthat execute or oversee processes. Goodstaff and managers perform as expected,are qualified, and competent. Theyunderstand the FI’s mission, values,policies, and processes. Compensationprograms should be designed to attract,develop, and retain qualified personnel. Inaddition, compensation should bestructured to reward contributions toeffective risk management.

4. Control systems include the toolsand information systems (e.g, internal/external audit programs) that FI managersuse to measure performance, make

decisions about risk, and assess theeffectiveness of processes. Feedbackshould be timely, accurate, and pertinent.

VI. Supervision by RiskUsing the core assessment standards

of the BSP as guide, an examiner willobtain both a current and prospective viewof an FI’s risk profile. When appropriate,this profile will incorporate potentialmaterial risks to the FI from non-bankaffiliates’ activities conducted by the FI.Subsidiaries and branches of foreign FIsshould maintain sufficient documentationonsite to support the analysis of their riskmanagement. This risk assessment drivessupervisory strategies and activities. It alsofacilitates discussions with FI managementand directors and helps to ensure moreefficient examinations. The coreassessment complements the RAS.Examiners document their conclusionsregarding the quantity of risk, the qualityof risk management, the level ofsupervisory concern (measured asaggregate risk), and the direction of riskusing the RAS. Together, the coreassessment and RAS give the appropriatedepartment of the SES the means to assessexisting and emerging risks in FIs,regardless of size or complexity.

Specifically, supervision by riskallocates greater resources to areas withhigher risks. The appropriate departmentof the SES will accomplish this by:

1. Identifying risks using commondefinitions. The categories of risk, as theyare defined, are the foundation forsupervisory activities.

2. Measuring risks using commonmethods of evaluation. Risk cannot alwaysbe quantified in pesos. For example,numerous internal control deficienciesmay indicate excessive operational risk.

3. Evaluating risk management todetermine whether FI systems and


APP. 7208.12.31

processes permit management to manageand control existing and prospective levelsof risk.

The appropriate department of the SESwill discuss preliminary conclusionsregarding risks with FI management.Following these discussions, theappropriate department of the SES willadjust conclusions when appropriate.Once the risks have been clearlyidentified and communicated, theappropriate department of the SES canthen focus supervisory efforts on the areasof greater risk within the FI, the

consolidated banking organization, and thebanking system.

To fully implement supervision by risk,the appropriate department of the SES willalso assign CAMELS ratings to the lead FIand all affiliated FIs. It may determine thatrisks in individual FIs are increased,reduced, or mitigated in light of theconsolidated risk profile of the FI as awhole. To perform a consolidated analysis,it will obtain pertinent information from FIsand affiliates, and verify transactionsflowing between FIs and affiliates.(Circular No. 510 dated 03 February 2006)


APP. 7308.12.31

GUIDELINES ON MARKET RISK MANAGEMENT(Appendix to Sec. X174)

I. BackgroundThe globalization of financial markets,

increased transaction volume and volatility,and the introduction of complex productsand trading strategies have made market riskmanagement take on a more important rolein risk management. FIs now use a widerange of financial products and strategies,ranging from the most liquid fixed incomesecurities to complex derivativeinstruments and structured products. Therisk dimensions of these products andstrategies must be fully understood,monitored, and controlled by an FI.

II. Statement of policyFor purposes of these guidelines, FIs

refer to banks and NBFIs supervised by theBSP and their respective financialsubsidiaries.

The level of market risk assumed byan FI is not necessarily a concern, so longas the FI has the ability to effectivelymanage the risk. Therefore, the BSP willnot restrict the level of risk assumed by anFI, or the scope of its financial marketactivities, so long as the FI is authorized toengage in such activities and:

• Understands, measures, monitorsand controls the risk assumed,

• Adopts risk management practiceswhose sophistication and effectiveness arecommensurate to the risk being monitoredand controlled, and

• Maintains capital commensuratewith the risk exposure assumed.

If the BSP determines that an FI’s riskexposures are excessive relative to the FI’scapital, or that the risk assumed is not wellmanaged, the BSP will direct the FI toreduce its exposure to an appropriate leveland/or strengthen its risk managementsystems.

In evaluating the above parameters,the BSP expects FIs to have sufficientknowledge, skil ls and appropriatesystem and technology necessary tounderstand and effectively manage theirmarket risk exposures. The principles setforth in these guidelines shall be used indetermining the adequacy andeffectiveness of an FI’s market riskmanagement process, the level and trendof market risk exposure and adequacyof capital relative to exposure. The BSPshall consider the following factors:

1. The major sources of market riskexposure and the complexity and level ofrisk posed by the assets, liabilities, and off-balance-sheet activities of the FI;

2. The FI’s actual and prospective levelof market risk in relation to its earnings,capital, and risk management systems;

3. The adequacy and effectiveness ofthe FI’s risk management practices andstrategies as evidenced by:

• The adequacy and effectiveness ofBoard and senior management oversight;

• Management’s knowledge andability to identify and manage sources ofmarket risk as measured by past andprojected financial performance;

• The adequacy of internalmeasurement, monitoring, and managementinformation systems;

• The adequacy and effectiveness ofrisk limits and controls that set toleranceson income and capital losses;

• The adequacy and frequency of theFI’s internal review and audit of its marketrisk management process.

Further, an FI’s market risk managementsystem shall be assessed under the FI’sgeneral risk management framework,consistent with the guidelines on supervisionby risk as set forth under Appendix 72.


APP. 7308.12.31

III. Market risk management processAn FI’s market risk management

process should be consistent with itsgeneral risk management framework andshould be commensurate with the level ofrisk assumed. Although there is no singlemarket risk management system thatworks for all FIs, an FI’s market riskmanagement process should:

1. Identify market risk. Identifyingcurrent and prospective market riskexposures involves understanding thesources of market risk arising from an FI’sexisting or new business initiatives. An FIshould have procedures in place to identifyand address the risk posed by new productsand activities prior to initiating the newproducts or activities.

Identifying market risk also includesidentifying an FI’s desired level of riskexposure based on its ability and willingnessto assume market risk. An FI’s ability toassume market risk depends on its capitalbase and the skills/capabilities of itsmanagement team. In any case, market riskidentification should be a continuingprocess and should occur at both thetransaction and portfolio level.

2. Measure market risk. Once thesources and desired level of market risk havebeen identified, market risk measurementmodels can be applied to quantify an FI’smarket risk exposures. However, market riskcannot be managed in isolation. Market riskmeasurement systems should be integratedinto an FI’s general risk measurement systemand results from models should beinterpreted in coordination with other riskexposures. Further, the more complex an FI’sfinancial market activities are, the moresophisticated the tools that measure marketrisk exposures arising from such complexactivities should be.

3. Control market risk. Quantifyingmarket risk exposures help an FI alignexisting exposures with the identified desiredlevel of exposures. Controlling market risk

usually involves establishing market risklimits that are consistent with an FI’s marketrisk measurement methodologies. Limitsmay be applied through an outrightprohibition on exposures above a pre-setthreshold, by restraining activities ordeploying strategies that alter the risk-returncharacteristics of on- and off- balance sheetpositions. Appropriate pricing strategiesmay likewise be used to control market riskexposures.

4. Monitor market risk. Ensuring thatmarket risk exposures are adequatelycontrolled requires the timely review ofmarket risk positions and exceptions.Monitoring reports should be frequent,timely and accurate. For large, complex FIs,consolidated monitoring should beemployed to ensure that management’sdecisions are implemented for allgeographies, products, and legal entities.

IV. Definition and sources of market riskMarket risk is the risk to earnings or

capital arising from adverse movements infactors that affect the market value ofinstruments, products, and transactions inan institution’s overall portfolio, both on oroff-balance sheet. Market risk arises frommarket-making, dealing, and position-takingin interest rate, foreign exchange, equity andcommodities markets.

Interest rate risk is the current andprospective risk to earnings or capital arisingfrom movements in interest rates.

Foreign exchange risk refers to the riskto earnings or capital arising from adversemovements in foreign exchange rates.

Equity risk is the risk to earnings orcapital arising from movements in the valueof an institution’s equity-related holdings.

Commodity risk is the risk to earningsor capital due to adverse changes in thevalue of an institution’s commodity-relatedholdings.

While there are generally four sourcesof market risk, as defined herein, the focus


APP. 7308.12.31

of this Appendix is interest rate risk andforeign exchange risk. Nevertheless, theprinciples set forth in the market riskmanagement process and sound riskmanagement practices are generallyapplicable to all sources of market risk.

a. Interest rate riskInterest rate risk is the risk that changes

in market interest rates will reduce currentor future earnings and/or the economic valueof an FI. Accepting interest rate risk is anormal part of financial intermediation andis a major source of profitability andshareholder value. Excessive orinadequately understood and controlledinterest rate risk, however, can pose asignificant threat to an FI’s earnings andcapital. Thus, an effective riskmanagement process that maintains interestrate risk within prudent levels is essentialto the safety and soundness of FIs.

1. Sources of interest rate riska. Re-pricing riskThis is the most common type of

interest rate risk and arises from differencesin the maturity (for fixed-rate instruments)and re-pricing (for floating-rate instruments)of an FI’s assets, liabilities and off-balancesheet (OBS) positions. While suchre-pricing mismatches are fundamental tothe business of financial intermediation,they also expose an FI’s earnings andunderlying economic value to changesbased on fluctuations in market interestrates.

b. Basis riskBasis risk arises from imperfect

correlations among the various interestrates earned and paid on financialinstruments with otherwise similar re-pricing characteristics. A shift in therelationship between these rates orinterest rates in different markets can giverise to unexpected changes in the cashflows and earnings spread between assets,liabilities and OBS instruments of similarmaturities or re-pricing frequencies.

c. Yield curve riskYield curve risk is the risk that rates of

different maturities may change by adifferent magnitude. It arises from variationsin the movement of interest rates acrossthe maturity spectrum of the same indexor market. Yield curves can steepen, flattenor even invert. Unanticipated shifts of theyield curve may have adverse effects on anFI’s earnings or underlying economic value.

d. Option riskOption risk is the risk that the payment

patterns of assets and liabilities will changewhen interest rates change. Formally, anoption gives the option holder the right, butnot the obligation to buy, sell, or in somemanner alter the cash flow of an instrumentor financial contract. Options may be stand-alone instruments or may be embeddedwithin otherwise standard instruments.Examples of instruments with embeddedoptions include various types of bonds,notes, loans or even deposits which give acounterparty the right to prepay or evenextend the maturity of an instrument or tochange the rate paid. In some cases, theholder of an option can force a counterpartyto pay additional notional, or to forfeitnotional already paid.

The option holder’s ability to choose toalter cash flows creates an asymmetricperformance pattern. If not adequatelymanaged, the asymmetrical payoffcharacteristics of instruments withoptionality can pose significant riskparticularly to those who sell the options,since the options held, both explicit andembedded, are generally exercised to theadvantage of the holder and thedisadvantage of the seller.

2. Measuring the effects of interestrate risk.

Changes in interest rates affect bothearnings and the economic value of an FI.This has given rise to two separate, butcomplementary, perspectives for evaluatingan FI’s exposure to interest rate risk.


APP. 7308.12.31

Exposure to earnings typically receivesthe most attention. Many FIs use a modifiedinterest rate gap or earnings simulationmodel to forecast earnings over a runningnext twelve (12) month time horizon undera variety of interest rate scenarios. Giventhat a large portion of a typical FI’s liabilitiesand even assets re-price in less than one (1)year, there is value in such a system. Forexample, earnings are a key measure indetermining if the board of directors iscreating value for the shareholders.

However, earnings over the next twelve(12) months do not present a completepicture of an FI’s exposure to interest raterisk. Many FIs hold assets such as bondsand fixed rate loans with extended terms.The full effect of changes in interest rateson the value of these assets cannot be fullycaptured by a short-term earnings model.Thus, it is also important to consider a morecomprehensive picture of the FI’s exposureto interest rate risk through an assessmentof the FI’s economic value.

The BSP will not consider market riskto be “well managed” unless the FI has fullyimplemented an effective risk measurementsystem whose sophistication iscommensurate with the nature andcomplexity of the risk assumed. Smaller FIswith non-complex single currency balancesheets may be able to use a single non-complex measurement methodology, such asre-pricing gap analysis to manage their interestrate risk. However, large commercial oruniversal banks with complex, multi-currencybalance sheets, or FIs that accept largeexposures of interest rate risk relative to capitalwill be expected to measure interest rate riskthrough a combination of earnings simulationand economic value. Trading activities shouldcontinue to be managed through the use ofan effective, and independently validatedValue-at-Risk (VaR) methodology.

a. Earnings perspectiveAn FI should consider how changes in

interest rates may affect future earnings.

The focus of analysis under the earningsperspective is the impact of changes ininterest rates on accrual or reportedearnings. Volatility in earnings should bemonitored and controlled because reducedearnings or outright losses can threaten thefinancial stability of an FI by underminingits capital adequacy. Further, unexpectedvolatility in earnings can undermine an FI’sreputation and result in an erosion of publicconfidence.

Fluctuations in interest rates generallyhave the greatest impact on reportedearnings through changes in net interestincome (i.e., the difference between totalinterest income and total interest expense).Thus, the BSP will expect FIs to adoptsystems that are capable of estimatingchanges to net interest income under avariety of interest rate scenarios. Forexample, non-complex FIs with traditionalbusiness lines and balance sheets couldpotentially limit their simulations to a single+100 basis point parallel rate shock.However, FIs that hold significant levelsof derivatives and structured productsrelative to capital should incorporate moresevere rate movements (e.g. +100, 200and 300 basis points) to determine whathappens if strike prices are breached or“events” are triggered. Further, the BSP willexpect an FI to employ alternativescenarios such as changes to the shape ofthe yield curve if the FI is exposed tosignificant levels of yield curve or basis risk.

Changes in market interest rates mayalso affect the volume of activities thatgenerate fee income and other non-interestincome. Thus, FIs should incorporate abroader focus on overall net income –incorporating both interest and non-interestincome and expenses – if the FI reportssignificant levels of interest rate sensitivenon-interest income.

b. Economic value perspectiveThe economic value of an FI can be

viewed as the present value of an FI’s


APP. 7308.12.31

expected net cash flows, defined as theexpected cash flows from assets minus theexpected cash flows from liabilities plus theexpected net cash flows on OBS positions.As such, it provides a morecomprehensive view of the potential long-term effects of changes in interest rates thanis offered by the earnings perspective.

While a variety of models are available,the BSP expects that economic value modelswill incorporate all significant classes ofassets, liabilities and OBS. As with earningsat risk, the FI should incorporate a varietyof interest rate scenarios to ensure that anystrike prices, caps, limits, or “events” arebreached in the simulation. Also, FIs withsignificant levels of basis or yield curve riskare expected to add scenarios such asalternative correlations between interestrates and/or a flatter or steeper yield curve.

Managing earnings and economic exposuresManagement must make certain

tradeoffs when immunizing earnings andeconomic value from interest rate risk. Whenearnings are immunized, economic valuebecomes more vulnerable, and vice versa.The economic value of equity, like that ofother financial instruments, is a function ofthe discounted net cash flows it is expectedto earn in the future. If an FI has immunizedearnings, such that expected earningsremain constant for any change in interestrates, the discounted value of those earningswill be lower if interest rates rise. Hence,its economic value will fluctuate with ratechanges. Conversely, if an FI fully immunizesits economic value, its periodic earningsmust increase when rates rise and declinewhen interest rates fall.

b. Foreign exchange riskForeign exchange risk (FX risk) is the risk

to earnings or capital arising from changesin foreign exchange rates.

In contracting to meet clients’ foreigncurrency needs or simply buying and

selling foreign exchange for its ownaccount, an FI undertakes a risk thatexchange rates might change subsequentto the time the contract is consummated.Foreign exchange risk may also arise frommaintaining an open foreign exchange (FX)position. Thus, managing FX risk includesmonitoring an FI’s net FX position.

An FI has a net position in a foreigncurrency when its assets, including spot andfuture contracts to purchase, and itsliabilities, including spot and futurecontracts to sell, in that currency are notequal. An excess of assets over liabilities iscalled a net “long” position and liabilities inexcess of assets, a net “short” position.

It should be noted that when engagingin FX activities, FIs are also exposed toother risks including liquidity and creditrisks, particularly related to the settlementof FX contracts. FIs should have anintegrated approach to risk management inrelation to its FX activities: FX risk shouldbe reviewed together with other risks todetermine the FI’s overall risk profile.Liquidity and settlement risks related to FXactivities are outside the scope of theseguidelines. Nevertheless, future guidelinesmay be issued on these risk areas.

V. Sound market risk management practicesWhen assessing an FI’s market risk

management system, the BSP expects an FIto address the four (4) basic elements of asound risk management system:

1. Active and appropriate Board andsenior management oversight;

2. Adequate risk management policiesand procedures;

3. Appropriate risk measurementmethodologies, limits structure, monitoringand management information systems; and

4. Comprehensive internal controlsand independent audits.

The specific manner in which an FIapplies these elements in managing itsmarket risk will depend upon the


APP. 7308.12.31

complexity and nature of its activities, aswell as the level of market risk exposureassumed. What constitutes adequatemarket risk management practices cantherefore vary considerably. Regardless ofthe systems used, the BSP will not considermarket risk to be well managed unless allfour of the above elements are deemed tobe at least “satisfactory”.

As with other risk factor categories,banking groups (banks and subsidiaries/affiliates) should monitor and manage marketrisk exposures of the group on a consolidatedand comprehensive basis. At the same time,however, FIs should fully recognize any legaldistinctions and possible obstacles to cashflow movements among affiliates and adjusttheir risk management practices accordingly.While consolidation may provide acomprehensive measure in respect of marketrisk, it may also underestimate risk whenpositions in one affiliate are used to offsetpositions in another affiliate. This is becausea conventional accounting consolidation mayallow theoretical offsets between suchpositions from which an FI may not in practicebe able to benefit because of legal oroperational constraints.

A. Active and appropriate board andsenior management oversight1

Effective board and seniormanagement oversight of an FI’s marketrisk activities is critical to a sound marketrisk management process. It is importantthat these individuals are aware of theirresponsibilities with regard to market riskmanagement and how market risk fitswithin the organization’s overall riskmanagement framework.Responsibilities of the board of directors

The board of directors has the ultimateresponsibility for understanding the

nature and the level of market risk takenby the FI. In order to carry out itsresponsibilities, the Board should:

1. Establish and guide the FI’sstrategic direction and tolerance for marketrisk. While it is not possible to provide acomprehensive list of documents toconsider, the BSP should see a clear anddocumented pattern whereby the Boardreviews, discusses and approves strategiesand policies with respect to market riskmanagement. In addition, there should beevidence that the Board periodicallyreviews and discusses the overallobjectives of the FI with respect to thelevel of market risk acceptable to the FI.

2. Identify senior management whohas the authority and responsibility formanaging market risk and ensure thatsenior management takes the necessarysteps to monitor and control market riskconsistent with the approved strategiesand policies. The BSP should be able todiscern a clear hierarchal structure with aclear assignment of responsibility andauthority.

3. Monitor the FI’s performance andoverall market risk profile, ensuring thatthe level of market risk is maintainedwithin tolerance and at prudent levelssupported by adequate capital. The Boardshould be regularly informed of themarket risk exposure of the FI and anybreaches to established limits forappropriate action. Reporting should betimely and clearly presented. In assessingan FI’s capital adequacy for market risk,the Board should consider the FI’scurrent and potential market r iskexposure as well as other risks that mayimpair the FI’s capital, such as credit,liquidity, operational, strategic, andreputation risks.

1 This section refers to a management structure composed of a board of directors and senior management. The BSP is awarethat there may be differences in some FIs as regards the organizational framework and functions of the board of directorsand senior management. For instance, branches of foreign banks have board of directors located outside of the Philippinesand are overseeing multiple branches in various countries. In this case, “board-equivalent” committees are appointed.Owing to these differences, the notions of the board of directors and the senior management are used in these guidelinesnot to identify legal constructs but rather to label two decision-making functions within a FI.


APP. 7308.12.31

4. Ensure that the FI implementssound fundamental principles that facilitatethe identification, measurement,monitoring and control of market risk. Theboard of directors should encouragediscussions among its members and seniormanagement – as well as between seniormanagement and others in the FI –regarding the FI’s market risk exposuresand management process.

5. Ensure that adequate resources,both technical and human resources, aredevoted to market risk management.While board members need not havedetailed technical knowledge of complexfinancial instruments, legal issues orsophisticated risk management techniques,they have the responsibility to ensure thatthe FI has personnel available who havethe necessary technical skills to evaluateand control market risk. This responsibilityincludes ensuring that there is continuoustraining of personnel on market riskmanagement and providing competenttechnical staff for the internal audit function.

Responsibilities of senior managementSenior management is responsible for

ensuring that market risk is adequatelymanaged for both long-term and day-to-day basis. In managing the FI’s activities,senior management should:

1. Develop and implement policies,procedures and practices that translate theboard’s goals, objectives and risktolerances into operating standards that arewell understood by personnel and that areconsistent with the board’s intent. Seniormanagement should also periodicallyreview the organization’s market riskmanagement policies and procedures toensure that they remain appropriate andsound.

2. Ensure adherence to the lines ofauthority and responsibility that the boardhas established for measuring, managing,and reporting market risk exposures.

3. Maintain appropriate limits structure,adequate systems for measuring market risk,and standards for measuring performance.

4. Oversee the implementation andmaintenance of management informationand other systems to identify, measure,monitor, and control the FI’s market risk.

5. Establish effective internal controlsover the market risk management process.

6. Ensure that adequate resources areavailable for evaluating and controllingmarket risk. Senior management of FIs,including branches of foreign banks, shouldensure that analysis and market riskmanagement activities are conducted bycompetent staff with technical knowledgeand experience consistent with the natureand scope of the FI’s activities. There shouldbe sufficient depth in staff resources tomanage these activities and to accommodatethe temporary absence of key personnel andnormal succession.

In evaluating the quality of oversight, theBSP shall evaluate how the board and seniormanagement carry out the above functions/responsibilities. Further, sound managementoversight is highly related to the quality ofother areas/elements of an FI’s riskmanagement system. Thus, even if board andsenior management exhibit active oversight,the FI’s policies, procedures, measurementmethodologies, limits structure, monitoringand information systems, controls and auditmust be considered adequate before qualityof board and senior management can beconsidered at least “satisfactory”.

Lines of responsibility and authorityFIs should clearly define the individuals

and/or committees responsible for managingmarket risk and should ensure that there isadequate separation of duties in keyelements of the risk management process toavoid potential conflicts of interest.

Management should ensure thatsufficient safeguards exist to minimize thepotential that individuals initiating risk-taking


APP. 7308.12.31

positions may inappropriately influence keycontrol functions of the market riskmanagement process. FIs should thereforehave risk measurement, monitoring, andcontrol functions with clearly definedduties that are sufficiently independentfrom position-taking functions of the FI andwhich report risk exposures directly to theboard of directors.

The nature and scope of safeguards tominimize potential conflicts of interestshould be in accordance with the size andstructure of an FI. Larger or more complexFIs should have a designated independentunit responsible for the design andadministration of the FI’s market riskmeasurement, monitoring and controlfunctions.

B. Adequate risk management policiesand procedures

An FI’s market risk policies andprocedures should be clearly defined,documented and duly approved by the boardof directors. Policies and procedures shouldbe consistent with the nature and complexityof the FI’s activities. When reviewing bankinggroups, the BSP will assess whetheradequate and effective policies andprocedures have been adopted andimplemented across all levels of theorganization.

Policies and procedures should delineatelines of responsibility and accountability andshould clearly define authorizedinstruments, hedging strategies, position-taking opportunities, and the market riskmodels used to quantify market risk. Marketrisk policies should also identify quantitativeparameters that define the acceptable level ofmarket risk for the FI. Where appropriate, limitsshould be further specified for certain types ofinstruments, portfolios, and activities. Allmarket risk policies should be reviewedperiodically and revised as needed.Management should define the specificprocedures to be used for identifying,

reporting and approving exceptions topolicies, limits, and authorizations.

It is important that FIs identify marketrisk, as well as other risks, inherent in newproducts and activities and ensure these aresubject to adequate procedures and controlsbefore the new products and activities areintroduced or undertaken. Specifically, newproducts and activities should undergo acareful pre-acquisition review to ensure thatthe FI understands their market riskcharacteristics and can incorporate them intoits risk management process. Major hedgingor risk management initiatives should beapproved in advance by the board or itsappropriate delegated committee.

Proposals and the subsequent newproduct/activity review should be formal andwritten. For purposes of managing market riskinherent in new products, proposals should,at a minimum, contain the following features:

1. Description of the relevant productor strategy;

2. Use/purpose of the new product/activity;

3. Identification of the resourcesrequired and unit/s responsible forestablishing sound and effective market riskmanagement of the product or activity;

4. Analysis of the reasonableness of theproposed activities in relation to the FI’soverall financial condition and capitallevels; and

5. Procedures to be used to measure,monitor, and control the risks of theproposed product or activity.

C. Appropriate risk measurementmethodologies, limits structure, monitoring,and management information system

Market risk measurement models/methodologies

It is essential that FIs have market riskmeasurement systems that capture allmaterial sources of market risk and thatassess the effect of changes in market risk


APP. 7308.12.31

factors in ways that are consistent with thescope of their activities. Depending uponthe size, complexity, and nature of activitiesthat give rise to market risk, the ability tocapture all material sources of market riskin a timely manner may require an FI’smarket risk measurement system to beinterfaced with other systems, such as thetreasury system or loan system. Theassumptions underlying the measurementsystem should be clearly understood by riskmanagers and senior management.

Market risk measurement systemsshould:

1. Assess all material market riskassociated with an FI’s assets, liabilities, andOBS positions;

2. Utilize generally accepted financialconcepts and risk measurement techniques; and

3. Have well-documented assumptionsand parameters.

There are a number of methods/techniques for measuring market risks.Complexity ranges from simple marking-to-market or valuation techniques to moreadvanced static simulations using currentholdings to highly sophisticated dynamicmodeling techniques that reflect potentialfuture business activities. In designingmarket risk measurement systems, FIs shouldensure that the degree of detail regardingthe nature of their positions is commensuratewith the complexity and risk inherent inthose positions.

At a minimum, smaller non-complex FIsshould have the ability to mark-to-marketor revalue their investment portfolio andconstruct a simple re-pricing gap. Whenusing gap analysis, the precision of interestrate risk measurement depends in part onthe number of time bands into whichpositions are aggregated. Clearly,aggregation of positions/cash flows intobroad time bands implies some loss ofprecision. In addition, the use of reasonableand valid assumptions is important for ameasurement system to be precise. In

practice, the FI must assess the significanceof the potential loss of precision indetermining the extent of aggregation andsimplification to be built into the measurementapproach. Assumptions and limitations of themeasurement approach, such as the loss ofprecision, should be documented.

On the other hand, banks holding anexpanded derivatives license and FIsengaging in options or structured productswith embedded options cannot capture allmaterial sources of market risk by using staticmodels such as the re-pricing gap. These FIsshould have interest rate risk measurementsystems that assess the effects of rate changeson both earnings and economic value. Thesesystems should provide meaningfulmeasures of an FI’s current levels of interestrate risk exposure, and should be capableof identifying any excessive exposures thatmight arise. Pricing models and simulationtechniques will probably be required.

There is also a question on the extent towhich market risk should be viewed on awhole institution basis or whether thetrading book, which is marked to market,and the accrual book, which is often not,should be treated separately. As a generalrule, it is desirable for any measurementsystem to incorporate market risk exposuresarising from the full scope of an FI’sactivities, including both trading and non-trading sources. A single measurementsystem can facilitate analysis of market riskexposure. However, this does not precludedifferent measurement systems and riskmanagement approaches being used forsimilar or different activities. For example, abank with expanded derivatives license willuse pricing models as basic tools in valuingposition from its derivatives activities andstructured products. In addition, the bankshould use simulation models to assess thepotential effects of changes in market riskfactors by simulating the future path ofmarket risk factors and their impact on cashflows from these activities.


APP. 7308.12.31

Different methodologies may also beapplied to the trading and accrual books.Regardless of the number of models ormeasurement systems used, managementshould have an integrated view of marketrisk across products and business lines.

Regardless of the measurement systemused, the BSP will expect the FI to ensurethat input data are timely and correct,assumptions can be supported and are valid,the methodologies used produce accurateresults, and the results can be easilyunderstood by senior management and theboard.

(1) Model input. All market riskmeasurement methodologies require varioustypes of inputs, including hard data, readilyobservable parameters such as asset prices,and both quantitatively and qualitatively-derived assumptions. This applies equallyto simple gap as well as complex simulationmodels.

The integrity and timeliness of data is akey component of the market riskmeasurement process. The BSP expects thatadequate controls will be established toensure that all material positions and cashflows from on- and off- balance sheetpositions are incorporated into themeasurement system on a consistent andtimely basis. Inputs should be verifiedthrough a process that validates dataintegrity. Assumptions and inputs should besubject to control and oversight review. Anymanual adjustments to underlying datashould be documented, and the nature andreasons for the adjustments should also beclearly understood.

Critical to model accuracy is the validityof underlying assumptions. Assumptionsregarding maturity of deposits, for example,are critical in measuring interest rate risk.The treatment of positions where behavioralmaturity is different from contractual maturityrequires the use of assumptions and maycomplicate the measurement of interest raterisk exposure, particularly when using the

economic value approach. The validity ofcorrelation assumptions to aggregate marketrisk exposures is likewise important asbreakdowns in correlations may significantlyaffect the validity of model results. Keyassumptions should therefore be subject torigorous documentation and review. Anysignificant changes should be approved inadvance by the board of directors.

(2) Model risk. While accuracy is keyto an effective market risk measurementsystem, methodologies cannot be expectedto flawlessly predict potential losses arisingfrom market risk. The use of modelsintroduces the potential for model risk. Thus,model risk is the risk of loss arising frominaccurate or incorrect quantification ofmarket risk exposures due to weaknesses inmarket risk methodologies. It may arise fromrelying on assumptions that are inconsistentwith market realities, from employing inputparameters that are unreliable, or fromcalibrating, applying and implementingmodels incorrectly.

Model risk is more likely to arise forinstruments that have non-standard oroption-like features. The use of proprietarymodels that employ unconventionaltechniques that are not widely agreed uponby market participants is likewise moresensitive to model risk. Even the use ofstandard models may lead to errors if thefinancial tools are not appropriate for a giveninstrument.

The BSP expects FIs to implementeffective policies and procedures to managemodel risk. The scope of policies andprocedures will depend upon the type andcomplexity of models developed orpurchased. However, FIs holding anexpanded license or significant levels ofcomplex investments including structuredproducts, should at a minimum implementthe following controls:

a. Model development/acquisition,implementation and revisions. The BSPexpects larger, complex FIs to adopt policies


APP. 7308.12.31

governing development/acquisition,implementation and revision of market riskmodels. These policies should clearlydefine the responsibilities of staff involvedin the development/acquisition process. FIsshould ensure that modeling techniquesand assumptions are consistent with widelyaccepted financial theories and marketpractices. Policies and procedures shouldbe duly approved by the board of directorsand properly documented. An inventoryof the models in use should be maintainedalong with documentation explaining howthey operate.

The BSP also expects that revisions tomodels will be performed in a controlledenvironment by authorized personnel andchanges should be made or verified by acontrol function. Written policies shouldspecify when changes to models areacceptable and how those revisions shouldbe accomplished.

b. Model validation. Before models areauthorized for use, they should be validatedby individuals who are neither directlyinvolved in the development process norresponsible for providing inputs to the model.Independent model validation is a keycontrol in the model development processand should be specifically addressed in anFI’s policies. Further, the BSP expects thatthe staff validating the models will havethe necessary technical expertise.

A sound validation process shouldrigorously and comprehensively evaluatethe sensitivity of the model to materialsources of model risk and includes thefollowing:

1. Tests of internal logic andmathematical accuracy;

2. Development of empirical supportfor the model’s assumptions;

3. Back-testing. The BSP expects FIs toconduct backtesting of model results. Back-testing is a method of periodically evaluatingthe accuracy and predictive capability of anFI’s market risk measurement system bymonitoring and comparing actual movements

in market prices or market risk factors withprojections produced by the model. To bemore effective, back-testing should beconducted by parties independent of thosedeveloping or using the model. Policiesshould address the scope of the back-testingprocess, frequency of back-testing,documentation requirements, andmanagement responses. Complex modelsshould be back-tested continually whilesimple models can be back-testedperiodically. Significant discrepancies shouldprompt a model review.

4. Periodic review of methodologiesand assumptions. The BSP expects that FIswill periodically review or reassess theirmodeling methodologies and assumptions.Again, the frequency of review will dependon the model but complex models shouldbe reviewed at least once a year, whenchanges are made, or when a new productor activity is introduced. Model reviewcould also be prompted when there is a needfor the model to be updated to reflectchanges in the FI or market. The reviewprocess should be performed by anindependent group as it is considered to bepart of the risk control and audit function.

The use of vendor models can presentspecial challenges, as vendors often claimproprietary privilege to avoid disclosinginformation about their models. Thus, FIsmay be constrained from performingvalidation procedures related to internallogic, mathematical accuracy and modelassumptions. However, vendors shouldprovide adequate information on how themodels were constructed and validated sothat FIs have reasonable assurances that themodel works as intended.

c. Stress testing. The underlyingstatistical models used to measure marketrisk summarize the exposures that reflect themost probable market conditions. Regardlessof size and complexity of activities, the BSPexpects FIs to supplement their market riskmeasurement models with stress tests. Stresstesting are simulations that show how a


APP. 7308.12.31

portfolio or balance sheet might performduring extreme events or highly volatilemarkets.

Stress testing should be designed toprovide information on the kinds ofconditions under which the FI’s strategies orpositions would be most vulnerable. Thusstress tests must be tailored to the riskcharacteristics of the FI. Possible stressscenarios might include abrupt changes inthe general level of interest rates, changesin the relationships among key market rates(i.e., basis risk), changes in the slope and theshape of the yield curve (i.e., yield curve risk),changes in the liquidity of key financialmarkets, or changes in the volatility of marketrates.

In addition, stress scenarios shouldinclude conditions under which keybusiness assumptions and parameters breakdown. The stress testing of assumptionsused for illiquid instruments andinstruments with uncertain contractualmaturities are particularly critical toachieving an understanding of the FI’s riskprofile. When conducting stress tests,special consideration should be given toinstruments or markets whereconcentrations exist. FIs should consideralso “worst case” scenarios in addition tomore probable events.

Further, the BSP will expect FIs withmaterial market risk exposure, particularlyfrom derivatives and/or structured productsto supplement their stress testing with ananalysis of their exposure to“interconnection risk.” While stress testingtypically considers the movement of asingle market factor (e.g., interest rates),interconnection risk considers the linkagesacross markets (e.g., interest rates andforeign exchange rates) and across thevarious categories of risk (e.g., credit, andliquidity risk). For example, stress from onemarket may transmit shocks to other marketsand give rise to otherwise dormant risks,such as liquidity risk. Evaluating

interconnected risk involves assessing thetotal or aggregate impact of singular events.

Guidelines for performing stress testingshould be detailed in the risk managementpolicy statement. Management and theboard of directors should periodicallyreview the design, major assumptions, andthe results of such stress tests to ensure thatappropriate contingency plans are in place.

(3) Model output. Reports should beprovided to senior management and theboard as a basis for making decisions.Report content should be clear andstraightforward, indicating the purpose ofthe model, significant limitations, thequantitative level of risk estimated by thesimulation, a comparison to Boardapproved limits and a qualitative discussionregarding the appropriateness of the FI’scurrent exposures. Sophisticatedsimulations should be used carefully so thatthey do not become “black boxes”producing numbers that have theappearance of precision but may not bevery accurate when their specificassumptions and parameters are revealed.

Market limits structureThe FI’s board of directors should set

the institution’s tolerance for market riskand communicate that tolerance to seniormanagement. Based on these tolerances,senior management should establishappropriate risk limits, duly approved bythe Board, to maintain the FI’s exposurewithin the set tolerances over a range ofpossible changes in market risk factors suchas interest rates.

Limits represent the FI’s actualwillingness and ability to accept real losses.In setting risk limits, the board and seniormanagement should consider the natureof the FI’s strategies and activities, pastperformance, and management skills.Most importantly, the board and seniormanagement should consider the level ofthe FI’s earnings and capital and ensure that


APP. 7308.12.31

both are sufficient to absorb losses equalto the proposed limits. Limits should beapproved by the board of directors.Furthermore, limits should be flexible tochanges in conditions or risk tolerances andshould be reviewed periodically.

An FI’s limits should be consistent withits overall approach to measuring market risk.At a minimum, FIs using simple gap shouldestablish limits on mismatches in each timebucket on a stand-alone and cumulativebasis. In addition, limits should be adoptedto control potential losses in the investmentportfolio to a pre-set percentage of capital.

Larger, more complex FIs shouldestablish limits on the potential impact ofchanges in market risk factors on reportedearnings or/and the FI’s economic valueof equity. Market risk limits may includelimits on net and gross positions, volumelimits, stop-loss limits, value-at-risk limits,re-pricing gap limits, earnings-at-risk limitsand other limits that capture either notionalor (un)expected loss exposures. In assigninginterest rate risk limits under the earningsperspective, FIs should explore limits on thevariability of net income as well as netinterest income in order to fully assess thecontribution of non-interest income to theinterest rate risk exposure of the FI. Suchlimits usually specify acceptable levels ofearnings volatility under specified interestrate scenarios.

For example, interest rate risk limits maybe keyed to specific scenarios of movementsin market interest rates such as an increaseor decrease of a particular magnitude. Therate movements used in developing theselimits should represent meaningful stresssituations taking into account historic ratevolatility and the time required formanagement to address exposures. Limitsmay also be based on measures derived fromthe underlying statistical distribution ofinterest rates, such as earnings at risk oreconomic value-at-risk techniques.Moreover, specified scenarios should take

account of the full range of possible sourcesof interest rate risk to the FI including re-pricing, yield curve, basis, and option risks.Simple scenarios using parallel shifts ininterest rates may be insufficient to identifysuch risks. This is particularly important forFIs with significant exposures to thesesources of market risk.

The form of limits for addressing theeffect of rates on an FI’s economic value ofequity should be appropriate for the size andcomplexity of its underlying positions. ForFIs engaged in traditional banking activities,relatively simple limits may suffice.However, for FIs with significant holdingsof long-term instruments, options,instruments with embedded options, orother structured instruments, more detailedlimit systems may be required.

Depending on the nature of an FI’sholdings and its general sophistication, limitscan also be identified for individual businessunits, portfolios, instrument types, or specificinstruments. The level of detail of risk limitsshould reflect the characteristics of the FI’sholdings including the various sources ofmarket risk the FI is exposed to.

The BSP also expects that the limitssystem will ensure that positions that exceedpredetermined levels receive promptmanagement attention. Limit exceptionsshould be communicated to appropriatesenior management without delay. Policiesshould include how senior management willbe informed and what action should betaken by management in such cases.Particularly important is whether limits areabsolute in the sense that they should neverbe exceeded or whether, under specificcircumstances, breaches of limits can betolerated for a short period of time. Thecircumstances leading to a tolerance ofbreaches should be clearly described.

Market risk monitoring and reportingAn accurate, informative, and timely

management information system is


APP. 7308.12.31

essential for managing market riskexposures both to inform management andto support compliance with board policy.Reporting of risk measures should be doneregularly and should clearly compare currentexposure to policy limits. In addition, pastforecasts or risk estimates should becompared with actual results to identify anymodeling shortcomings.

Reports detailing the market riskexposure of the FI should be reviewed bythe board on a regular basis. While the typesof reports prepared for the board and forvarious levels of management will vary basedon the FI’s market risk profile, they shouldat a minimum include the following:

1. Summaries of the FI’s aggregateexposures;

2. Reports demonstrating the FI’scompliance with policies and limits;

3. Summary of key assumptions, forexample, non-maturity deposit behavior,prepayment information, and correlationassumptions;

4. Results of stress tests, includingthose assessing breakdowns in keyassumptions and parameters; and

5. Summaries of the findings of reviewsof market risk policies, procedures, and theadequacy of the market risk measurementsystems, including any findings of internal andexternal auditors and retained consultants.

D. Risk controls and auditAdequate internal controls ensure the

integrity of an FI’s market risk managementprocess. These internal controls should bean integral part of the institution’s overallsystem of internal control and shouldpromote effective and efficient operations,reliable financial and regulatory reporting,and compliance with relevant laws,regulations, and institutional policies. Aneffective system of internal control for marketrisk includes:

1. A strong control environment;2. An adequate process for identifying

and evaluating risk;

3. The establishment of controlactivities such as policies, procedures, andmethodologies;

4. Adequate information systems;5. Continual review of adherence to

established policies and procedures; and6. An effective internal audit and

independent validation process.Policies and procedures should specify

the approval processes, exposure limits,reconciliations, reviews, and other controlmechanisms designed to provide areasonable assurance that the institution’smarket risk management objectives areachieved. Many attributes of a sound riskmanagement process, including riskmeasurement, monitoring, and controlfunctions, are actually key aspects of aneffective system of internal control. FIsshould ensure that all aspects of theinternal control system are effective,including those aspects that are not directlypart of the risk management process.

An important element of an FI’sinternal control system is regularevaluation and review. The BSP expectsthat FIs will establish a process to ensurethat i ts personnel are followingestablished policies and procedures, andthat i ts procedures are actuallyaccomplishing their intended objectives.Such reviews and evaluations should alsoaddress any significant change that mayimpact the effectiveness of controls, andthat appropriate follow-up action wasimplemented when limits werebreached. Management should ensurethat all such reviews and evaluations areconducted regularly by individuals whoare independent of the function they areassigned to review. When revisions orenhancements to internal controls arewarranted, there should be a mechanismin place to ensure that these areimplemented in a timely manner.

Independent reviews of the market riskmeasurement system should also includeassessments of the assumptions,


APP. 7308.12.31

parameters, and methodologies used. Suchreviews should seek to understand, test,and document the current measurementprocess, evaluate the system’s accuracy,and recommend solutions to any identifiedweaknesses. If the measurement systemincorporates one or more subsidiary systemsor processes, the review should includetesting aimed at ensuring that thesubsidiary systems are well-integrated andconsistent with each other in all criticalrespects. The results of this review, alongwith any recommendations forimprovement, should be reported tosenior management and/or the board.

The BSP expects that FIs withcomplex risk exposures should have theirmeasurement, monitoring, and controlfunctions reviewed on a regular basis byan independent party (such as an internalor external auditor). In such cases, reportswritten by external auditors or otheroutside parties should be available to theBSP. It is essential that any independentreviewer ensures that the FI’s riskmeasurement system is sufficient to captureall material elements of market risk, whetherarising from on- or off-balance-sheetactivities. Among the items that an auditshould review and validate are:

1. The appropriateness of the FI’s riskmeasurement system(s) given the nature,scope, and complexity of its activities.

2. The accuracy and completeness ofthe data inputs - This includes verifying thatbalances and contractual terms are

1 It is acceptable for parts of the reconciliation to be automated; e.g., routines may be programmed to investigatewhether the balances being extracted from various transaction systems match the balances recorded on the FI’s generalledger. Similarly, the model itself often contains various audit checks to ensure, for example, that maturing balances do notexceed original balances.

2 Key areas of review include the statistical methods that were used to generate scenarios and assumptions (ifapplicable), and whether senior management reviewed and approved key assumptions. The review should also compareactual pricing spreads and balance sheet behavior to model assumptions. For some instruments, estimates of value changescan be compared with market value changes. Unfavorable results may lead the FI to revise model relationships.

3 The validity of the model calculations is often tested by comparing actual with forecasted results. When doing so, FIscan compare projected net income results with actual earnings. Reconciling the results of economic valuation systems canbe more difficult because market prices for all instruments are not always readily available, and the FI does not routinelymark all of its balance sheet to market. For instruments or portfolios with market prices, these prices are often used tobenchmark or check model assumptions.

correctly specified and that all majorinstruments, portfolios, and business unitsare captured in the model. The reviewshould also investigate whether dataextracts and model inputs have beenreconciled with transactions and generalledger systems.1

3. The reasonableness and validity ofscenarios and assumptions – This includesa review of the appropriateness of the interestrate scenarios as well as customer behaviorsand pricing/volume relationships to ensurethat these assumptions are reasonable andinternally consistent.2

4. The validity of the risk measurementcalculations - The scope and formality of themeasurement validation will depend on thesize and complexity of the FI. At large FIs,internal and external auditors may have theirown models against which the FI’s model istested. FIs with more complex risk profilesand measurement systems should have themodel or calculations audited or validatedby an independent source. At smaller andless complex FIs, periodic comparisons ofactual performance with forecasts may besufficient.3

The frequency and extent to which anFI should re-evaluate its risk measurementmethodologies and models depend, inpart, on the particular market riskexposures created by holdings andactivities, the pace and nature of marketrate changes, and the pace and complexityof innovation with respect to measuringand managing market risk.


APP. 7308.12.31

VI. Capital adequacyIn addition to adequate risk

management systems and controls, capitalhas an important role to play in mitigatingand supporting market risk. FIs must holdcapital commensurate with the level ofmarket risk they undertake. As part ofsound market risk management, FIs musttranslate the level of market risk theyundertake whether as part of their tradingor non-trading activities, into theiroverall evaluation of capital adequacy.Where market risk is undertaken as partof an FI’s trading activities, existingcapital adequacy ratio requirements shallprevail.

The BSP will periodically evaluate themarket risk measurement system for theaccrual book to determine if the FI’scapital is adequate to support its exposureto market risk and whether the internalmeasurement systems of the FI are adequate.In performing this assessment, the BSP mayrequire information regarding the marketrisk exposure of the FI, including re-pricinggaps, earnings and economic valuesimulation estimates, and the results ofstress tests. This information will typicallybe found in internal management reports.

If an FI’s internal measurement systemdoes not adequately capture the level ofmarket risk, the BSP may require an FI to

improve its system. In cases where an FIaccepts significant market risk in its accrualbook, the BSP expects that a portion ofcapital will be allocated to cover this risk.

When performing these evaluations,the BSP will determine if:

(a) All material market risk associatedwith an institution’s assets, liabilities, andOBS positions in the accrual book arecaptured by the risk management systems;

(b) Generally accepted financialconcepts and risk measurementtechniques are utilized. For larger,complex FIs, internal systems must becapable of measuring risk using both anearnings and economic value approach.

(c) Data inputs are adequatelyspecified (commensurate with the natureand complexity of an FI’s holdings) withregard to rates, maturities, re-pricing,embedded options, and other details;

(d) The system’s assumptions (used totransform positions into cash flows) arereasonable, properly documented, and stableover time.1

(e) Market risk measurement systemsare integrated into the institution’s daily riskmanagement practices. The output of thesystems should be used in characterizing thelevel of market risk to senior managementand board of directors.(Circular No. 544 dated 15 September 2006)

1 This is especially important for assets and liabilities whose behavior differs markedly from contractual maturity orre-pricing, and for new products. Material changes to assumptions should be documented, justified, and approvedby management.


APP. 7408.12.31

GUIDELINES ON LIQUIDITY RISK MANAGEMENT(Appendix to Sec. X175)

I. BackgroundThe on-going viability of institutions,

particularly financial organizations, isheavily influenced by their ability tomanage liquidity. Innovations ininvestment and funding products, growthin off-balance sheet activities andcontinuous competition for consumerfunds have affected the way FI do businessand intensified the need for proactiveliquidity risk management. FIs need to fullyunderstand, measure and control theresulting liquidity risk exposures.

II. Statement of PolicyFor purposes of these guidelines, FI

include banks, NBFIs supervised by theBSP and their financial subsidiaries. TheBSP recognizes the liquidity risk inherentin FI activities and how these activitiesexpose an FI to multiple risks which mayincrease liquidity risk.

The BSP will not restrict risk-takingactivities as long as FIs are authorized toengage in such activities and:

1. Understand, measure, monitor andcontrol the risk they assume;

2. Adopt risk management practiceswhose sophistication and effectiveness iscommensurate to the risk assumed; and

3. Maintain capital commensuratewith their risk exposures.

The principles set forth in theseguidelines shall be used to determine thelevel and trend of liquidity risk exposureand adequacy and effectiveness of an FI’sliquidity risk management process. Inevaluating the adequacy of an FI’s liquidityposition, the BSP shall consider the FI’scurrent level and prospective sources ofliquidity as compared to its funding needs.Further, the BSP will evaluate theadequacy of funds management practices

relative to the FI’s size, complexity, andrisk profile.

In general, liquidity risk managementpractices should ensure that an institution isable to maintain a level of liquidity sufficientto meet its financial obligations in a timelymanner and to fulfill the legitimate fundingneeds of its community. Practices should reflectthe ability of the institution to manageunplanned changes in funding sources, as wellas react to changes in market conditions thataffect the ability to quickly liquidate assets withminimal loss. In addition, funds-managementpractices should ensure that liquidity is notconsistently maintained at a high cost, fromconcentrated sources, or through unduereliance on funding sources that may not beavailable in times of financial stress or adversechanges in market conditions.

In evaluating the above parameters, theBSP shall consider the following factors:

1. The actual and potential level ofliquidity risk posed by the FI’s products andservices, balance sheet structure and off-balance sheet activities;

2. The cost of an FI’s access to moneymarkets and other alternative sources offunding;

3. The diversification of fundingsources (on and off-balance sheet);

4. The adequacy and effectiveness ofboard and senior management oversight,particularly the Board’s ability to recognizethe effects of interrelated risk areas, such asmarket and reputation risks, to liquidity risk;

5. The reasonableness of liquidity risklimits and controls in relation to earnings,as affected by the cost of access to moneymarkets and other alternative sources offunding, and capital;

6. The adequacy of measurementmethodologies, monitoring andmanagement information systems;


APP. 7408.12.31

7. The adequacy of foreign currencyliquidity management;

8. The appropriateness andreasonableness of contingency plans forhandling liquidity crises;

9. The adequacy of internal controls andaudit of liquidity risk management process.

The sophistication of liquidity riskmanagement shall depend on the size, natureand complexity of an FI’s activities. However,in all instances, FIs are expected to measuretheir liquidity position on an ongoing basis,analyze net funding requirements underalternative scenarios, diversify funding sourcesand adopt contingency funding plans.

An FI’s liquidity risk managementsystem shall be assessed under the FI’sgeneral risk management framework,consistent with the guidelines on supervisionby risk as set forth under Appendix 72. If anFI’s risk exposures are deemed excessiverelative to the FI’s capital, or that the riskassumed is not well managed, the BSP willdirect the FI to reduce its exposure and/orstrengthen its risk management system.

III. Liquidity Risk Management ProcessLiquidity risk management process

should be tailored to an FI’s structure andscope of operations and application can varyacross institutions. Regardless of thestructure, an FI’s liquidity risk managementprocess should be consistent with its generalrisk management framework and should becommensurate with the level of riskassumed. At a minimum, the process should:

1. Identify liquidity risk. Properidentification of liquidity risk requires thatmanagement understand both existing riskand prospective risks from new products andactivities. It involves determining the volumeand trends of liquidity needs and the sourcesof liquidity available to meet these needs.Identifying liquidity risk necessitatesexpressing the FI’s desired level of riskexposure based on its ability and willingnessto assume risk which may primarily depend

on the FI’s capital base and access to fundsproviders. Liquidity risk identification shouldbe a continuing process and should occur atboth the transaction, portfolio and entity level.

2. Measure liquidity risk. Adequatemeasurement systems enable FIs to quantifyliquidity risk exposures on a per entity basisand across the consolidated organization.A relatively large organization with extensivescope of operations would generally requirea more robust management informationsystem to properly measure risk in a timelyand comprehensive manner.

3. Control liquidity risk. The FI shouldestablish policies and standards on acceptableproduct types, activities, counterparties andset risk limits on a transactional, portfolio andaggregate/consolidated basis to controlliquidity risk. In setting limits, the FI shouldrecognize any legal distinctions and possibleobstacles to cash flow movements amongaffiliates or across separate books. Lines ofauthority and accountability should be clearlydefined to ensure liquidity risk exposuresremain reasonable and within the risktolerance expressed by the board.

4. Monitor liquidity risk. Monitoringliquidity risk requires timely review of liquidityrisk positions and exceptions, including day-to-day liquidity management. Monitoringreports should be frequent, timely, andaccurate and should be distributed toappropriate levels of management.

IV. Definition of Liquidity RiskLiquidity risk is generally defined as

the current and prospective risk to earningsor capital arising from an FI’s inability tomeet its obligations when they come duewithout incurring unacceptable losses orcosts. Liquidity risk includes the inabilityto manage unplanned decreases orchanges in funding sources. Liquidity riskalso arises from the failure to recognize oraddress changes in market conditions thataffect the ability to liquidate assets quicklyand with minimal loss in value.


APP. 7408.12.31

In terms of capital markets and tradingactivities, FIs face two (2) types of liquidityrisk: funding liquidity risk and marketliquidity risk. Funding liquidity risk refersto the inability to meet investment andfunding requirements arising from cashflow mismatches without incurringunacceptable losses or costs. This issynonymous with the general definition ofliquidity risk.

Market liquidity risk, on the other hand,refers to the risk that an institution cannot easilyeliminate or offset a particular positionbecause of inadequate liquidity in the market.The size of the bid/ask spread of instrumentsin a market provides a general indication ofits depth, hence its liquidity, under normalcircumstances. Market liquidity risk is alsoassociated with the probability that largetransactions may have a significant effect onmarket prices in markets that lack sufficientdepth. In addition, market liquidity risk isassociated with structured or complexinvestments as the market of potential buyersis typically small. Finally, FIs are exposed tothe risk of an unexpected and sudden erosionof market liquidity. This could be the result ofsharp price movement or jump in volatility,or internal to the FI such as that posed by ageneral loss of market confidence.Understanding market liquidity risk isparticularly important for institutions withsignificant holdings of instruments traded infinancial markets.

Market and liquidity risks are highlyinterrelated, particularly during times ofuncertainty when there is a high correlationbetween the need for liquidity and marketvolatility. Likewise, an FI’s exposure to otherrisks such as reputation, strategic, and creditrisks, can likewise significantly affect aninstitution’s liquidity risk. It is thereforeimportant that an FI’s liquidity risk

management system is consistent with itsgeneral risk management framework.

V. Sound Liquidity Risk ManagementPractices

When assessing an FI’s liquidity riskmanagement system, the BSP shall considerhow an FI address the four basic elementsof a sound risk management system:

1. Active and appropriate board andsenior management oversight;

2. Adequate risk management policiesand procedures;

3. Appropriate risk measurementmethodologies, limits structure, monitoringand management information system; and

4. Comprehensive internal controlsand independent audits

Evaluation of the adequacy of the FI’sapplication of the above elements will berelative to the FI’s risk profile. FIs with lesscomplex operations may generally usemore basic practices while larger, and/ormore complex institutions will beexpected to adopt more formal andsophisticated practices. Large organizationsshould likewise take a comprehensiveperspective to measuring and controllingliquidity risk by understanding howsubsidiaries and affiliates can raise or lowerthe consolidated risk profile.A. Active and appropriate Board andsenior management oversight1

Effective liquidity risk managementrequires that the Board and seniormanagement be fully informed of the levelof liquidity risk assumed by the FI andensure that the activities undertaken arewithin the prescribed risk tolerance. Seniormanagement should have a thoroughunderstanding of how other risks such ascredit, market, operational and reputationrisks impact the FI’s overall liquidity strategy.1

1 This section refers to a management structure composed of a board of directors and senior management. The BSP isaware that there may be differences in some financial institutions as regards the organizational framework and functionsof the board of directors and senior management. For instance, branches of foreign banks have board of directors locatedoutside of the Philippines and are overseeing multiple branches in various countries. In this case, “board-equivalent”committees are appointed. Owing to these differences, the notions of the board of directors and the senior managementare used in these guidelines not to identify legal constructs but rather to label two decision-making functions within afinancial institution.


APP. 7408.12.31

Responsibilities of the board of directorsThe Board has the ultimate responsibility

for understanding the nature and level ofliquidity risk assumed by the FI and theprocesses used to manage it.

The board of directors should:1. Establish and guide the FI’s strategic

direction and tolerance for liquidity risk byadopting a formal written liquidity/fundingpolicy that specifies quantitative andqualitative targets;

2. Approve policies that govern orinfluence the FI’s liquidity risk, includingreasonable risk limits and clear guidelineswhich are adequately documented andcommunicated to all concerned;

3. Identify the senior management staffwho has the authority and responsibility formanaging liquidity risk and ensure that thisstaff takes the necessary steps to monitor andcontrol liquidity risk;

4. Monitor the FI’s performance andoverall liquidity risk profile in a timelymanner by requiring frequent reports thatoutline the liquidity position of the FI alongwith information sufficient to determine ifthe FI is complying with established risklimits;

5. Mandate and track theimplementation of corrective action ininstances of breaches in policies andprocedures;

6. Establish, review and to the extentpossible, test contingency plans for dealingwith potential temporary and long-termliquidity disruptions; and

7. Ensure that the FI has sufficientcompetent personnel, including internalaudit staff, and adequate measurementsystems to effectively manage liquidity risk.

Responsibilities of senior managementSenior management is responsible for

effectively executing the liquidity strategyand overseeing the daily and long-termmanagement of liquidity risk. In managingthe FI’s activities, senior management should:

1. Develop and implement proceduresand practices that translate the Board’s goals,objectives, and risk tolerances intooperating standards that are transmittedto and well understood by personnel.Operating standards should be consistentwith the Board’s intent;

2. Plan for adequate sources of liquidityto meet current and potential funding needsand establish guidelines for the developmentof contingency funding plans;

3. Adhere to the lines of authority andresponsibility that the Board has establishedfor managing liquidity risk;

4. Oversee the implementation andmaintenance of management information andother systems that identify, measure, monitor,and control the FI’s liquidity risk; and

5. Establish effective internal controlsover the liquidity risk management process.

In evaluating the quality of oversightprovided by the Board and seniormanagement, the BSP will evaluate how theBoard and senior management carry out theabove functions/responsibilities. Further,sound management practices are highlyrelated to the quality of other areas/elementsof risk management system. Thus, even ifBoard and senior management exhibit activeoversight, the FI’s policies, procedures,measurement methodologies, limitsstructure, monitoring and informationsystems, controls and audit should beadequate before quality of Board and seniormanagement can be considered“satisfactory”.

Lines of Responsibility and AuthorityManagement of liquidity risk generally

requires collaboration from various businessareas of the FI, thus a clear delineation ofresponsibilities is necessary. Themanagement structure should clearly definethe duties of senior level committees,members of which have authority over theunits responsible for executing liquidity-related transactions. There should be a clear


APP. 7408.12.31

delegation of day-to-day operatingresponsibilities to particular departmentssuch as the Treasury Department.

To ensure proper management ofliquidity risk, the FI should designate anindependent unit responsible formeasuring, monitoring and controllingliquidity risk. Said unit should take acomprehensive approach and directlyreport to the board of directors or acommittee thereof.

B. Adequate risk management policies andprocedures

An FI’s liquidity risk policies andprocedures should be comprehensive,clearly defined, documented and dulyapproved by the board of directors. Policiesand procedures should cover the FI’sliquidity risk management system in orderto provide appropriate guidance tomanagement. These policies should beapplied on a consolidated basis and, asappropriate, at the level of individualaffiliates, especially when recognizing legaldistinctions and possible obstacles to cashmovements among affiliates.

Liquidity risk policies should identify thequantitative parameters used by the FI todefine the acceptable level of liquidity risksuch as risk limits and financial ratios as wellas describe the measurement tools andassumptions used. Qualitative guidelinesshould include description of the FI’sacceptable products and activities, includingoff-balance sheet transactions, desiredcomposition of assets and liabilities, andapproach towards managing liquidity indifferent currencies, geographies and acrosssubsidiaries and affiliates. Whereappropriate, a large FI should apply thesepolicies on a consolidated basis to addressrisk exposures resulting from inter-connected funding structures and operationsamong members of an FI’s corporate group.

It is essential that policies include thedevelopment of a formal liquidity risk

measurement system that addresses business-as-usual scenarios and a contingency fundingplan that addresses a variety of stress scenarios.FIs should likewise have specific proceduresfor addressing breaches in policies andimplementation of corrective actions.

Management should periodically reviewits liquidity risk policies and ensure that theseremain consistent with the level andcomplexity of the FI’s operations. Policiesshould be updated to incorporate effects ofnew products/activities, changes incorporate structure and in light of its liquidityexperience.

C. Appropriate risk measurementmethodologies, limits structure, monitoring,and management information system

Liquidity risk measurement models/methodologies

An FI should have a measurementsystem in place capable of quantifying andcapturing the main sources of liquidity riskin a timely and comprehensive manner.Liquidity management requires ongoingmeasurement, from intra-day liquidity tolong-term liquidity positions. Depending onits risk profile, an FI can use techniques ofsimple calculations, static simulations basedon current holdings or sophisticated models.What is essential is that the FI should be ableto identify and avoid potential fundingshortfalls such that the FI can consistently meetinvestment, funding and/or strategic targets.

FIs with simple operations can generallyuse a static approach to liquiditymanagement. Static models are based onpositions at a given point in time. While anexact definition of “simple operations” willnot be provided, the BSP expects that banksusing a static approach to liquiditymanagement would limit their operations tocore banking activities such as acceptingplain vanilla deposits and making traditionalloans. Such banks would not have activeTreasury Departments, would not hold or


APP. 7408.12.31

offer structured products and would not beexposed to significant levels of FX risk.Board reporting could be less frequent thanin more complex banks but in no eventshould be less than quarterly.

Complex FIs, on the other hand, will beexpected to adopt more robust approachessuch as a dynamic maturity/liquidity gapreporting or even simulation modeling. At aminimum, universal banks should usemaximum cash outflow/liquidity or maturitygap models. FIs engaged in holding oroffering significant levels of structuredproducts and/or derivatives will be expectedto have the capability to model the cashflows from these instruments under a varietyof scenarios. Specifically, scenarios shouldbe designed to measure the effects of abreach of the triggers (strike price) on theseinstruments.

Where the FI’s organizational structureand business practices indicate cash flowmovements and liquidity support amongcorporate group members, the FI shouldadopt consolidated risk measurement toolsto help management assess the group’sliquidity risk exposure. Depending on thedegree of inter-related funding, non-complexmeasurement and monitoring systems maybe acceptable. However, large, complex FIsthat display a high degree of inter-related andinter-dependent funding will be expected toutilize more sophisticated monitoring andmanagement systems. These systems shouldenable the Board of the consolidated entityto simulate and anticipate the funding needsof the FIs on both a consolidated basis andin each of its component parts.

Liquidity risk measurementmethodologies/models should bedocumented and approved by the board andshould be periodically independentlyreviewed for reasonableness and tested foraccuracy and data integrity. Assumptionsused in managing liquidity should beperiodically revisited to ensure that theseremain valid.

Liquidity models require projecting allrelevant cash flows. As such, FIs engagedin complex activities should have thecapability to model the behavior of all assets,liabilities, and off-balance sheet items bothunder normal/business-as usual and a varietyof stressed conditions. Stressed conditionsmay include liquidity crisis confinedwithin the institution, or a systemicliquidity crisis, in which all FIs areaffected. For FIs operating in a globalenvironment, cash flow projections shouldreflect various foreign-currency fundingrequirements.

When projecting cash flows,management should also estimate customerbehavior in addition to contractualmaturities. Many cash flows are uncertainand may not necessarily follow contractualmaturities. Cash flows may be influencedby interest rates and customer behavior, ormay simply follow a seasonal or cyclicalpattern. When modeling liquidity risk, it isimportant that assumptions be documented.Assumptions should be reasonable andshould be based on past experiences or withconsideration of the potential impact ofchanges in business strategies and marketconditions. Measurement tools shouldinclude a sufficient number of time bandsto enable effective monitoring of both short-and long-term exposures. This expectationapplies not only to complex simulationmodeling, but to the construction of simpleliquidity GAP models as well.

To sufficiently measure an FI’s liquidityrisk, management should analyze how itsliquidity position is affected by changes ininternal (company-specific) and external(market-related) conditions. Managementwill need to assess how a shift from a normalscenario to various levels of liquidity crisiscan affect its ability to source external fundsand at what cost, liquidate certain assets atexpected prices within expected timeframes,or hasten the need to settle obligations (e.g.,limited ability to roll-over deposits).


APP. 7408.12.31

Management should, at a minimum,consider stress scenarios where securitiesare sold at prices lower than anticipated andcredit lines are partially or wholly cancelled.

Regardless of the liquidity risk modelsused, an FI should adopt an appropriatecontingency plan for handling liquiditycrisis. Well before a liquidity crisis occurs,management should carefully plan how tohandle administrative matters in a crisis.Management credibility, which is essentialto maintaining the public’s confidence andaccess to funding, can be gained or lostdepending on how well or poorly someadministrative matters are handled. Acontingency funding/liquidity plan ensuresthat an FI is ready to respond to liquidity crisis.

The sophistication of a contingency planshould be commensurate with the FI’scomplexity and risk exposure, activities,products and organizational structure. Theplan should identify the types of events thatwill trigger the contingency plan, quantifypotential funding needs and sources andprovide the specific administrative policies andprocedures to be followed in a liquidity crisis.

Specifically, the contingency planshould:

1. Clearly identify, quantify and rankall sources of funding by preferenceincluding, but not limited to:

• Reducing assets• Modifying the liability structure or

increasing liabilities• Using off-balance-sheet sources,

such as securitizations• Using other alternatives for

controlling balance sheet changes2. Consider asset and liability

strategies for responding to liquidity crisisincluding, but not limited to:

• Whether to liquidate surplusmoney market assets

• When (if at all) HTM securitiesmight be liquidated

• Whether to sell liquid securities inthe repo markets

• When to sell longer-term assets,fixed assets, or certain lines of business

• Coordinating lead bank fundingwith that of the FI’s other banks andnon-bank affiliates

• Developing strategies on how tointeract with non-traditional funding sources(e.g., whom to contact, what type ofinformation and how much detail should beprovided, who will be available for furtherquestions, and how to ensure thatcommunications are consistent)

3. Address administrative policies andprocedures that should be used during aliquidity crisis:

• The responsibilities of seniormanagement during a funding crisis

• Names, addresses, and telephonenumbers of members of the crisis team

• Where, geographically, teammembers will be assigned

• Who will be assigned responsibilityto initiate external contacts with regulators,analysts, investors, external auditors, press,significant customers, and others

• How internal communications willflow between management, ALCO,investment portfolio managers, traders,employees, and others

• How to ensure that the ALCOreceives management reports that arepertinent and timely enough to allowmembers to understand the severity of theFI’s circumstances and to implementappropriate responses.

The above outline of the scope of agood contingency plan is by no meansexhaustive. FIs should devote significanttime and consideration to scenarios thatare most likely, given their activities.Regardless of the strategies employed, anFI should consider the effects of suchstrategies on long-term liquidity positionsand take appropriate actions to ensure thatlevel of risk exposures shall remain orbe brought down within the risktolerance of the Board.


APP. 7408.12.31

Limits structureThe Board and senior management

should establish limits on the nature andamount of liquidity risk they are willing toassume. In setting limits, managementshould consider the nature of the FI’sstrategies and activities, its pastperformance, the level of earnings andcapital available to absorb potential lossesand costs of an FI’s access to moneymarkets and other alternative sources offunding.

Limits can take various forms. FIsshould address limits on types of fundingsources and uses of funds, including off-balance sheet positions. In addition,policies should set targets for minimumholdings of liquid assets relative toliabilities. Complex FIs, or FIs engaged incomplex activities should set maximumcumulative cash-flow mismatches overparticular time horizons and establishcounterparty limits. Such limits should beapplied to all currencies to which the FIhas a significant exposure. In particular, FIsshould take into consideration any legaldistinctions and possible obstacles to cashflow movements between the RBU andthe FCDU.

When evaluating a bank’s liquidityposition, the BSP will consider low levelsof liquid assets relative to liabilities, andsignificant negative funding gaps to beindicative of high liquidity risk exposure.Further, negative cash-flow mismatches inthe short term time buckets will receiveheightened scrutiny by the BSP and shouldalso receive the attention of seniormanagement and the board of directors.

Before accepting negative fundinggaps, or setting limits that allow negativefunding gaps, the board and seniormanagement should consider the FI’sability to fund these negative gaps. Factorsinclude, but are not limited to: theavailability of on-balance sheet liquidity,the amount of firm credit lines available

from commercial sources that can bedrawn to fund the shortfall, and the amountof unencumbered on-balance sheet assetsthat can be sold without excessive loss andin a reasonable time-frame.

Further, actual positions and limitsshould reflect the outcome of possiblestress scenarios caused by internal andexternal factors, particularly those relatedto reputation risk. Stress scenarios shouldconsider the possibility that securities maybe sold at a greater discount and/or maytake more time to sell than expected orthat credit lines and other off-balance sheetsources of funding may be cancelled ormay be unavailable at reasonable cost.

Management should define specificprocedures for the prompt reporting anddocumentation of limit exceptions and themanagement approval and action requiredin such cases.

Liquidity risk monitoring and reportingAn adequate management information

system is critical in the risk monitoringprocess. The system should be able toprovide the Board, senior managementand other personnel with timelyinformation on the FI’s liquidity positionin all the major currencies it deals in, onan individual and aggregate basis, and forvarious time periods.

Effective liquidity risk monitoringrequires frequent routine liquidity reviewsand more in-depth and comprehensivereviews on a periodic basis. In general,monitoring should include sufficientinformation and a clear presentation suchthat the reader can determine the FI’songoing degree of compliance with risklimits. For example, reports should addressfunding concentrations, funding costs,projected funding needs and availablefunding sources.

Monitoring and board reporting shouldbe robust. It is not unreasonable to expectcomplex FIs or FIs engaged in complex


APP. 7408.12.31

activities to monitor liquidity on a dailybasis. Board reporting should be no lessfrequent than monthly. However, the BSPwould expect Board-level committees orsub-committees to receive more frequentreporting.

Comprehensive and accurate internalreports analyzing an FI’s liquidity risk shouldbe regularly prepared and reviewed bysenior management and submitted to theboard of directors.

D. Risk controls and auditAn FI should have adequate internal

controls in place to protect the integrity ofits liquidity risk management process.Fundamental to the internal control systemis for the Board to prescribe independentreviews to evaluate the effectiveness ofthe risk management system and checkcompliance with established limits,policies and procedures.

An effective system of internal controlsfor liquidity risk includes:

1. A strong internal controlenvironment;

2. An adequate process for identifyingand evaluating liquidity risk;

3. Adequate information systems; and4. Continual review of adherence to

established policies and procedures.To ensure that risk management

objectives are achieved, management needsto focus on the following areas: appropriateapproval processes, limits monitoring,periodic reporting, segregation of duties,restricted access to information systems andthe regular evaluation and review byindependent competent personnel.

Internal audit reviews should cover allaspects of the liquidity risk managementprocess, including determining theappropriateness of the risk managementsystem, accuracy and completeness ofmeasurement models, reasonableness ofassumptions and stress testingmethodology. Audit staff should have theskills commensurate with the sophisticationof the FI’s risk management systems. Auditresults should be promptly reported to theboard. Deficiencies should be addressedin a timely manner and monitored untilresolved/corrected.

E. Foreign currency liquidity managementThe principles described in this

Appendix also apply to the managementof any foreign currency to which the FImaintains a significant exposure.Specifically, management should ensurethat its measurement, monitoring andcontrol systems account for theseexposures as well. Management needs toset and regularly review limits on the sizeof its cash flow mismatches for eachsignificant individual currency and inaggregate over appropriate time horizons.In addition, an FI should consider effectsof other risk areas, particularly settlementrisks from its off-balance sheet activities.An FI should also conservatively assess itsaccess to foreign exchange markets whensetting up its risk limits. As with overallliquidity risk management, foreigncurrency liquidity should be analyzedunder various scenarios, including stressfulconditions.(Circular No. 545 dated 15 September 2006)


APP. 7508.12.31

GUIDELINES ON TECHNOLOGY RISK MANAGEMENT(Appendix to Sec. X176)

I. BackgroundBanks using technology-related products,

services, delivery channels, and processes canbe exposed to all types of risks enumeratedunder the BSP risk supervision frameworkmore particularly operational, strategic,reputation, and compliance risk. With banks’increased reliance on technology, it isimportant for the banks to understand howspecific technologies operate and how theiruse or failure may expose banks to risk. TheBSP expects banks to have the knowledge andskills necessary to understand and effectivelymanage their technology-related risks. The BSPwill evaluate technology-related risks in termsof the categories of risks identified in its riskassessment system.

II. Description of technology related risksOperational risk - This is the risk to

earnings or capital arising from problemswith service or product delivery. This risk isa function of internal controls, informationsystems, employee integrity, and operatingprocesses. Operational risk exists in allproducts and services.

Technology can give rise to operationalrisk in many ways. Operational risk oftenresults from deficiencies in system design,implementation, or ongoing maintenance ofsystems or equipment. For example,incompatible internal and external systemsand incompatible equipment and softwareexpose a bank to operational risk.Operational risk can increase when a bankhires outside contractors to design products,services, delivery channels, and processesthat do not fit with the bank’s systems orcustomer demands. Similarly, when a bankuses vendors to perform core bank functions,such as loan underwriting and creditscoring, and does not have adequatecontrols in place to monitor the activities of

those vendors, operational risk may increase.Also, when banks merge with other banksor acquire new businesses, the bank’scombined computer systems may produceinaccurate or incomplete information orotherwise fail to work properly. The failureto establish adequate security measures,contingency plans, testing, and auditingstandards also increases operational risk.

Strategic risk - This is the risk to earningsor capital arising from adverse businessdecisions or improper implementation ofthose decisions. This risk is a function of thecompatibility of an organization’s strategicgoals, the business strategies developed toachieve those goals, the resources deployedagainst these goals, and the quality ofimplementation. The resources needed tocarry out business strategies are both tangibleand intangible. They include communicationchannels, operating systems, deliverynetworks, and managerial capacities andcapabilities.

Use of technology can create strategic riskwhen management does not adequately planfor, manage, and monitor the performance oftechnology-related products, services,processes, and delivery channels. Strategic riskmay arise if management fails to understand,support, or use technology that is essential forthe bank to compete or if it depends on atechnology that is not reliable. In seeking waysto control strategic risk, a bank should considerits overall business environment, including:the knowledge and skills of seniormanagement and technical staff; its existingand planned resources; its ability tounderstand and support its technologies; theactivities and plans of suppliers of technologyand their ability to support the technology;and the anticipated life cycle of technology-related products and services.


APP. 7508.12.31

Reputation risk - This is the risk toearnings or capital arising from negativepublic opinion. This affects the institution’sability to establish new relationships orservices, or to continue servicing existingrelationships. This risk can expose theinstitution to litigation, financial loss, ordamage to its reputation. Reputation riskexposure is present throughout theorganization and that is why banks have theresponsibility to exercise an abundance ofcaution in dealing with its customers andcommunity. This risk is present in activitiessuch as asset management and regulatorycompliance.

Reputation risk arises whenevertechnology-based banking products,services, delivery channels, or processes maygenerate adverse public opinion such that itseriously affects a bank’s earnings or impairscapital. Examples may include: flawedsecurity systems that significantlycompromise customer privacy; inadequatecontingency and business resumption plansthat affect a bank’s ability to maintain orresume operations and to provide customerservices following system failures; fraud thatfundamentally undermines public trust; andlarge-scale litigation that exposes a bank tosignificant liability and results in severedamage to a bank’s reputation. Adversepublic opinion may create a lasting, negativepublic image of overall bank operations andthus impair a bank’s ability to establish andmaintain customer and business relationships.

Compliance risk - This is the risk toearnings or capital arising from violationsof, or nonconformance with laws, rules,regulations, prescribed practices, or ethicalstandards. Compliance risk also arises insituations where the laws or rules governingcertain bank products or activities of thebank’s clients may be ambiguous oruntested. Compliance risk exposes theinstitution to fines, civil money penalties,payment of damages, and the voiding ofcontracts. Compliance risk can lead to a

diminished reputation, reduced franchisevalue, limited business opportunities,lessened expansion potential, and the lackof contract enforceability.

Compliance risk may arise in manydifferent ways. For example, it may arisewhen a bank fails to comply with applicabledisclosure requirements or when it disclosesinformation to outside party that it is requiredto keep confidential. Compliance risk alsomay arise when a bank does not havesystems in place to ensure compliance withmandatory reporting statutes. The use oftechnology to automate lending decisionsalso could expose a bank to compliancerisks if the programs are not properly testedor if the quality of the data is not verified.For example, the use of credit scoring modelsto automate lending decisions could exposea bank to compliance risk if the data uponwhich the program rely are flawed or if theprogram design itself is flawed.

As banks move increasingly frompaper to electronic-based transactions andinformation exchanges, they need toconsider how laws designed for paper-based transactions apply to electronic-basedtransaction and information exchanges.Some new technologies raise unexpectedcompliance issues. Transactions conductedthrough the internet also can raise novelquestions regarding jurisdictional authorityover those transactions. Therefore, banksshould be careful to monitor and respondto changes to relevant laws and regulationsarising from these developments.

III. Technology risk management processThe technology risk management

process is designed to help the bank toidentify, measure, monitor, and control itsrisk exposure. The process involves three(3) essential elements, namely:

1. Planning2. Implementing3. Measuring and monitoring

performance


APP. 7508.12.31

It is the responsibility of bank’s boardof directors and a senior managementcommittee to ensure that an effectiveplanning process exists, that technology isimplemented properly with appropriatecontrols, and that measurement andmonitoring efforts effectively identify waysto manage risk exposure. The process shouldbe more complex for larger institutions,particularly for those with major technology-related initiatives.

For each IT project, the bank shouldadopt specific milestones and correspondingtimelines up to the full implementation ofthe IT project.

A. PlanningTechnology planning often involves

strategic, business, and project planning;• Strategic plan establishes the overall

role of technology as it relates to the bank’smission and assesses the type of technologythat a bank needs to fulfill that role;

• Business plan integrates the newtechnology into existing lines of businessand determines the level of technologybest suited to meet the needs of particularbusiness lines;

• Project plan establishes resourceneeds, time lines, benchmarks, and otherinformation necessary to convert thebusiness plan into operation.

The review and planning cycle may varydepending on the type of institution and itsuses of different types of technologies. Properplanning minimizes the likelihood ofcomputer hardware and software systemsincompatibilities and failures, and maximizesthe likelihood that a bank’s technology isflexible enough to adapt to future needs ofthe bank and its customers.

Because technology is constantlychanging, bank management shouldperiodically assess its uses of technology aspart of its overall business planning. Suchan enterprise-wide and ongoing approachhelps to ensure that all major technology

projects are consistent with the bank’soverall strategic goals. Planning shouldconsider issues such as:

• Cost of designing, developing,testing and operating the systems whetherinternally or externally;

• Ability to resume operations swiftlyand with all data intact in the event ofsystem failure or unauthorized intrusions;

• Adequacy of internal controls,including controls for third party providers;and

• Ability to determine when a specificrisk exposure exceeds the ability of aninstitution to manage and control that risk.

In cases when specialized expertise isneeded to design, implement, and servicenew technologies, vendors may provide avaluable means to acquire expertise andresources that a bank cannot provide on itsown. However, in planning on whether andhow to contract for its technology needs, abank should assess how it will manage therisks associated with these newrelationships. Without adequate controls,the use of vendors to design or support newbank technologies and systems could increasea bank’s exposure to risk. While a bank canoutsource many functions, managementremains responsible for the performance andactions of its vendors while the vendors areperforming work for the bank.

To have an effective planning processfor technology-related applications, bank’splanning process should at least have thefollowing basic components:

1. Involvement of the board of directorsand senior management

The board of directors and a seniormanagement committee play an importantrole in managing bank’s IT risks. Both shouldhave knowledge of and involvement in thetechnology planning process.

The board of directors and the seniormanagement committee should review,approve, and monitor technology projectsthat may have a significant impact on the


APP. 7508.12.31

bank’s operations, earnings or capital. Inaddition, senior management is expectedto have more involvement in and moreknowledge about the day to day operationsof these projects than the board of directors.At least one (1) key senior manager shouldhave knowledge and skills to evaluatecritically the design, operation and oversightof technology projects. The board should befully informed by the senior managementcommittee, on an ongoing basis, of the risksthat technology projects may pose to thebank.

Banks that use technology extensively,particularly large banks, should havesufficient expertise and knowledge amongmanagers and staff to provide critical reviewand oversight of technology projects and tomanage risks associated with them. Projectsshould be coordinated to ensure that theyadhere to appropriate policies, standards,and risk management controls. In addition,senior managers with knowledge of thebank’s technology initiatives should reportperiodically to the board of directors ontechnology-related initiatives.

2. Gathering and analysis of relevantinformation

Banks should consider existing systems,consumer expectations, and competitiveforces in their planning for new or enhanceduses of technology. In the process ofgathering and analyzing information, a bankshould:

a. Make an inventory of the existingsystems and operations. A bank shouldreview their existing systems to determinewhether they satisfy current and projectedbank needs. They should also evaluate hownew technologies will fit into existingsystems and whether additional changes tothose systems will be necessary toaccommodate the new technologies.

b. Review industry standards. Bankmanagement should assess current anddeveloping industry standards indetermining whether to implement

specific technologies. Technical standardshelp to ensure that systems are compatibleand inter-operable.

c. Determine when to deploy newtechnology. Timing is critical because thereare risks in deploying new technologies tooslowly or too rapidly.

3. Assessment and ReviewBank management should carefully

assess its technology needs and review itsoptions within the context of overallplanning. Management should considerwhether the necessary resources, time, andproject management expertise is availableto successfully complete any newtechnology proposal. Prior to adopting newtechnologies, bank management shouldidentify weaknesses or deficiencies in thebank’s ability to use them. Managementshould also consider whether staff canoperate both new and existing systemssimultaneously. These considerations willhelp management to choose the type andlevel of technology best suited to supportits key business needs and objectives.

Banks should be cautious in establishingproject objectives and should ensure thatthe objectives are neither too ambiguous nortoo ambitious. Management should controlthe bank’s risk exposure through practicalplanning. This planning may includedividing projects into manageable segmentsand establishing specific decision points asto whether a project should be modifiedor terminated. Planning should alsoestablish contingency and exit plans in theevent a new project does not proceed asplanned.

Management should assess and, wherepossible, attempt to quantify the costs andbenefits of adopting new technology whenreviewing its options. As part of thisassessment, management should evaluatethe risks, financial consequences, andlikelihood that certain risks may occur. Thisreview should also include assessment ofthe cost to start, run, and terminate a project.


APP. 7508.12.31

B. ImplementationProper implementation of projects and

initiatives is needed to convert plans intobetter products and services, deliverychannels, and processes. Banks shouldestablish the necessary controls to avoidoperational failures and unauthorizedintrusions which could result in increasedlosses and damaged reputation. At aminimum, management should establishtechnology standards that set the directionfor the bank in terms of the overall structureor architecture of its technology systems.

Management should establish prioritiesto ensure proper coordination andintegration of projects among managers,work units, and team members. It shouldprovide clearly defined expectations,including user and resource requirements,cost estimates, project benchmarks, andexpected deliver dates. Proper projectmonitoring by all relevant parties isimportant. Project managers should informthe senior management committee ofobstacles as early as possible to ensure thatproper controls are in place and correctiveaction can be taken to manage risk exposure.

Proper project implementation shouldinclude the following:

a. ControlsControls comprises of policies,

procedures, practices and organizationalstructures designed to provide reasonableassurance that business objectives will beachieved and undesired events will beprevented or detected and corrected. Banksshould adopt adequate controls based onthe degree of exposure and the potential riskof loss arising from the use of technology.Controls should include clear andmeasurable performance goals, theallocation of specific responsibilities forkey project implementation, andindependent mechanisms that will bothmeasure risks and minimize excessiverisk-taking. These controls should bere-evaluated periodically.

Bank information system securitycontrols are particularly important. Securitymeasures should be clearly defined withmeasurable performance standards.Responsible personnel should be assignedto ensure a comprehensive security program.Bank management should take necessarysteps to protect mission-critical systems fromunauthorized intrusions. Systems should besafeguarded, to the extent possible, againstrisks associated with fraud, negligence, andphysical destruction of bank property.Control points should include facilities,personnel, policies and procedures, networkcontrols, system controls, and vendors. Forexample, security access restrictions,background checks on employees,separation of duties, and audit trails areimportant precautions to protect systemsecurity within the bank and with vendors.As technologies and systems change ormature, security controls may need tochange periodically as well.

b. Policies and proceduresBank management should adopt and

enforce appropriate policies and proceduresto manage risk related to bank’s use oftechnology. The effectiveness of thesepolicies and procedures depends greatly onwhether they are in practice among bankpersonnel and vendors. Testing compliancewith these policies and procedures oftenhelps banks correct problems before theybecome serious. Clearly written andfrequently communicated policies canestablish clear assignments of duties, helpemployees to coordinate and perform theirtasks effectively and consistently, and aid inthe training of new employees. Bankmanagement should ensure that policies,procedures, and systems are current andwell-documented.

c. Expertise and trainingBank management should ensure that

key employees and vendors have theexpertise and skills to perform necessary


APP. 7508.12.31

functions and that they are properly trained.Management should allocate sufficientresources to hire and train employees andto ensure that there is succession planningparticularly for the critical officers of thebank. Training may include technical coursework, attendance at industry conferences,participation in industry working groups, aswell as time allotment for appropriate staffto keep abreast of important technologicaland market developments. Training alsoincludes customer orientations to ensure thatbank’s customers understand how to use oraccess bank’s technology products andservices and that they are able to do so in anappropriate and sound manner.

d. TestingBank management should thoroughly

test new technology systems and products.Testing validates that equipment andsystems function properly and produce thedesired results. As part of the testing process,management should verify whether newtechnology systems operate effectively withthe bank’s existing systems and, whereappropriate, should include vendors. Pilotprograms or prototypes can be helpful indeveloping new technology applicationsbefore they are used on a broad scale. Testingshould be conducted periodically to helpmanage risk exposure.

e. Contingency planning and businessresumption planning

Bank’s systems should be designed toreduce bank’s vulnerability to systemfailures, unauthorized intrusions, and otherproblems. Bank should have back-upsystems in place and they should bemaintained and tested on a regular basis tomake sure that they will be readily availablewhen the need arises. The risk of equipmentfailure and human error is possible in allsystems. This risk may result from sourcesboth within and beyond bank’s control.System failures and unauthorized intrusionsmay result from design defects, insufficientsystem capacity, and destruction of a

facility by natural disasters or fires, securitybreaches, inadequate staff training, oruncontrolled reliance on vendors.

A bank should have business continuityplans in place before the bank implementsnew technology. They should establish abank’s course of action in the event of asystem failure or unauthorized intrusionsand should be integrated with all otherbusiness continuity plans for bankoperations. The plan may address datarecovery, alternate data-processingcapabilities, emergency staffing, andcustomer service support. Managementshould establish a communication plan thatdesignates key personnel and outlines aprogram for employee notification. Theplan should include a public relations andoutreach strategy to respond promptly tocustomer and media reaction to systemfailure or unauthorized intrusions.Management should also plan for how itmay respond to events outside the bank thatmay substantially affect customerconfidence, such as an operational failureexperienced by a competitor that relies onsimilar technology.

Additional reference should also be madeto BSP Memorandum dated 22 January 2004and 03 April 2003 on Back-up OperationsCenters and Data Recovery Sites andUpdated Business Continuity Plan,respectively.

f. Proper oversight of outsourcingactivities

Bank management should ensure thatall necessary controls are in place to managerisks associated with outsourcing andexternal alliances. Management shouldensure that vendors have the necessaryexpertise, experience, and financial strengthto fulfill their obligations. They also shouldensure that the expectations and obligationsof each party are clearly defined, understoodand otherwise enforceable. Managementshould make certain that the bank has auditrights for vendors so that the bank can


APP. 7508.12.31

monitor performance under the vendorcontract.

The key elements of proper projectimplementation apply whether a bank relieson employees, vendors, or both to developand implement projects. Failure to establishnecessary controls may result incompromised security, substandard service,and the installation of incompatibleequipment, system failure, uncontrolledcosts, and the disclosure of private customerinformation. If a bank joins or formsalliances with other banks or companies,management should perform adequate duediligence to ensure that the joint-venturepartners are competent and have the financialstrength to fulfill their obligations. Adequatebank resources will be required to monitorand measure performance under the terms ofany third-party agreement. Additionalreference should be made to Sec. X162 onOutsourcing.

C. Measurement and monitoringAs part of both planning and monitoring,

banks must establish clearly definedmeasurement objectives and conductperiodic reviews to ensure that goals andstandards established by bank managementare met. Goals and standards should includean emphasis on data integrity, which isessential to any effective use of technology.Information should be complete andaccurate both before and after it is processed.This is a particular concern in any significantmerger with other institutions or acquisitionof other businesses. Control of technologyprojects is complex because of the difficultyin measuring progress and determiningactual costs. It is important that bankmanagement establish benchmarks that areappropriate for particular applications.Ultimately, the success of technology dependson whether it delivers the intended results.

Management should monitor andmeasure the performance of technologyrelated products, services, delivery

channels, and processes in order to avoidpotential operational failures and to mitigatethe damage that may arise if such failuresoccur. Bank management should establishcontrols that identify and manage risks sothat the bank can adequately manage them.To ensure accountability, managementshould specify which managers areresponsible for the business goals,objectives, and results of specific technologyprojects or systems and should establishcontrols, which are independent of thebusiness unit, to ensure that risks areproperly managed. Technology processesshould be reviewed periodically for qualityand compliance with control requirements.

AuditingAuditors provide an important control

mechanism for detecting deficiencies andmanaging risks in the implementation oftechnology. They should be qualified toassess the specific risks that arise fromspecific uses of technology. Bankmanagement should provide auditors withadequate information regarding standards,policies, procedures, applications, andsystems. Auditors should consult with bankmanagement during the planning process toensure that technology-related systems areaudited thoroughly and in a cost-effectivemanner.

Quality assuranceBank management should establish

procedures to ensure that quality assuranceefforts take place and that the results areincorporated into future planning in orderto manage and limit excessive risk taking.These procedures may include, for example,internal performance measures, focusgroups and customer surveys. Bank shouldconduct quality assurance reviewswhenever it engages in a significantcombination with another institution oracquires another business.(Circular No. 511 dated 03 February 2006)


APP. 7608.12.31

AUTHORIZATION FORM FOR QUERYING THE BANGKO SENTRALWATCHLIST FILES FOR SCREENING APPLICANTS AND CONFIRMING

APPOINTMENTS OF DIRECTORS AND OFFICIALS(Appendix to Subsec. X143.5)

A U T H O R I Z A T I O N

I, , after being sworn in accordance with law, dohereby authorize the following, pursuant to the provisions of Subsec. X143.5(c), of theMORB:

a) (Name of Bank) , to conduct a background investigationon myself relative to my application for or appointment to the position of (position)in (Name of Bank) which include, among others, inquiring from theWatchlist Files of the BSP; and

b) The BSP to disclose its findings pertinent to the aforementioned inquiry on the saidwatchlist files to (Name of Bank) .

With the above authorization, I hereby waive my right to the confidentiality of theinformation that will be obtained as a result of the said inquiry, provided that disclosure ofsaid information will be limited for the purpose of ascertaining my qualification or non-qualification for the said position.

IN WITNESS WHEREOF, I have hereunto set my hand this ________________.

______________________________ (Signature Over Printed Name)

SIGNED IN THE PRESENCE OF:

(Witness) (Witness)


APP. 7608.12.31

ACKNOWLEDGMENT

REPUBLIC OF THE PHILIPPINES } S.S. CITY }

BEFORE ME, this ___ day of _________________200___ in __________________personally appeared the following person:

Name Community Tax Place Date Certificate

known to me to be the same person who executed the foregoing instrument and heacknowledged to me to be the same person who executed the foregoing instrument andhe acknowledged to me that the same is his free act and deed.

This instrument, consisting of two (2) pages, including the page on which thisacknowledgment is written, has been signed on the left margin of each and every pagethereof by __________________, and his witnesses, and sealed with my notarial seal.

IN WITNESS WHEREOF, I have hereunto set my hand, the day, year and placeabove written.

Notary Public

Doc. No.:Page No.:Book No.:Series of 200___

(CL-2006-046 dated 21 December 2006, as amended by CL-2007-001 dated 04 January 2007)


APP. 7710.12.31

FINANCIAL REPORTING PACKAGE[Appendix to Subsection X191.2 (2008 - X162.16)]

The Financial Reporting Package(FRP) is a set of financial statements forprudential reporting purposes composedof the Balance Sheet, Income Statementand Supporting Schedules. The FRP isprimarily designed to align the BSPreportorial requirements with the(1) provisions of the Philippine FinancialReporting Standards (PFRS)/PhilippineAccounting Standards (PAS) and(2) Basel 2 Capital Adequacy Framework.It is also designed to meet BSP statisticalrequirements.

Organization of the Instructions of theFRP

This instruction is divided into thefollowing sections:

(1) The General Instructions, whichdescribe the overall reportingrequirements;

(2) Structure of the FRP;(3) Manual of Accounts, which

provides in the order presented in theBalance Sheet and the IncomeStatement the definitions of the accountsin the FRP;

(4) Line Item Instructions for theBalance Sheet; Income Statements andSupporting Schedules; and

(5) Report Formats, for solo andconsolidated reports

In determining the requiredtreatment of particular transactions or indetermining the definitions of thevarious items, the General Instructions,the Structure of the FRP, Manual ofAccounts and Line Item Instructionsmust be used jointly. A single sectiondoes not necessarily give the completeinstructions for accomplishing the mainreport and schedules.

GENERAL INSTRUCTIONS

Who must Report on What Forms/Schedules

All banks are required to prepare theFRP. The FRP shall be prepared on a soloand consolidated basis. Solo basis shall referto the combined financial statements of thehead office and branches/other offices.Consolidated basis shall refer to thecombined financial statements of parentbank and subsidiaries consolidated on aline by line basis. Only banks withfinancial allied subsidiaries, excludinginsurance subsidiaries, shall submit thereport on consolidated basis.

The solo and consolidated FRP shall beprepared on a quarterly basis, except forthe solo balance sheet and the followingselected schedules which shall be preparedon a monthly basis.

(1) Schedule 1 : Checks and Other CashItems

(2) Schedule 2 : Due from Other Banks(3) Schedule 3 : Financial Assets Held for Trading(4) Schedule 4a : Derivatives Held for

Trading, Matrix ofCounterparty and Typeof Derivative Contracts

(5) Schedule 5 : Financial AssetsDesignated at FairValue Through Profitor Loss

(6) Schedule 6 : Available for SaleFinancial Assets

(7) Schedule 7 : Held to MaturityFinancial Assets

(8) Schedule 8 : Unquoted DebtSecurities Classifiedas Loans

(9) Schedule 9 : Investment in NonMarketable EquitySecurities


APP. 7710.12.31

(10) Schedule 10 : Interbank LoansReceivables

(11) Schedule 11 : Loans and Receivables– Others

(12) Schedule 11a :Loans and Receivablesto 11a4 – Others, Classified

as to Status(13) Schedule 11b : Restructured Loans

to 11b4 and Receivables,Classified as to Status

(14) Schedule 11d : Loans and Receivablesto 11d4 – Others, at Amortized

Cost, Classified as toType of Business/Industry

(15) Schedule 11f :Schedule of Agri/Agra,SME, DevelopmentLoans Incentives andMicrofinance Loansand Receivables,Classified as toCounterparty

(15) Schedule 12 :Loans and ReceivablesArising from RepurchaseAgreements,Certificates ofAssignment/Participation withRecourse andSecurities Lendingand BorrowingTransactions, ByCounterpart

(16) Schedule 15 :Equity Investment inSubsidiaries,Associates and JointVentures

(17) Schedule 19 :Other Assets(19) Schedule 20 :Breakdown of Due

from/to HO/Branches/Agencies Abroad –Philippine Branch of aForeign Bank

(20) Schedule 22 :Deposit LiabilitiesClassified as to Typeof Deposit

(21) Schedule 23 :Due to Other Banks(18) Schedule 24 :Bills Payable(19) Schedule 28 :Other Liabilities

Solo and consolidated income statementshall be prepared quarterly on a cumulativebasis, i.e., first quarter report shall coverresults of operations during the first quarter,second quarter report shall cover results ofoperations during the first and secondquarters, etc.

All schedules shall be available to anytype of reporting bank. Hence, schedulesthat do not apply to a particular bank shouldonly be left blank when submitted.

Frequency of ReportingThe solo FRP, shall be submitted

quarterly within fifteen (15) banking daysafter the end of the reference quarter. Thesolo balance sheet and the selectedschedules listed above shall be submittedmonthly within fifteen (15) banking daysafter the end of the reference month. Theconsolidated FRP, on the other hand, shallbe submitted quarterly within thirty (30)banking days after end of referencequarter.

The following schedules or columns ofparticular schedules of the solo and/orconsolidated FRP, however, are requiredto be submitted and/or accomplished onlyannually (i.e. end December of each year):

(1) Schedule 6b : Available for Saleto 6b(3) Financial Assets

("Collateral and OtherCredit EnhancementsReceived as Securityfor the RelatedImpaired and PastDue Assets" column)

(2) Schedule 6c : Available for Saleto 6c(3) Financial Assets

Movements inAllowances for CreditLosses

(3) Schedule 7b : Fair Value of Held toMaturity FinancialAssets


APP. 7710.12.31

(4) Schedule 7c : Held to Maturityto 7c(3) Financial Assets

("Collateral andOther CreditEnhancementsReceived as Securityfor the RelatedImpaired and Past DueAssets” column)

(5) Schedule 7d : Held to Maturityto 7d(3) Financial Assets

Movements inAllowances for CreditLosses

(6) Schedule 8a : Fair Value of UnquotedDebt SecuritiesClassified as Loans

(7) Schedule 8b : Unquoted Debtto 8b(3) Securities Classified as

Loans (“Collateral andOther CreditEnhancementsReceived as Securityfor the RelateImpaired and Past DueAssets” column)

(8) Schedule 8c : Unquoted Debtto 8c(3) Securities Classified as

Loans Movements inAllowances for CreditLosses

(9) Schedule 11e : Loans andto 11e(3) Receivables-Others

Classified as to StatusPer PAS 39

(10) Schedule 15a : Investment inSubsidiaries,Associates and JointVentures(Fair Value Column)

(11) Schedule 18 : Tax Assets andLiabilities

(12) Schedule 26 : Fair Value of FinancialLiabilities

Rules of ConsolidationIn preparing consolidated financial

statements, only investments in financialallied subsidiaries except insurancesubsidiaries shall be consolidated on aline-by-line basis in accordance with

PAS 27 "Consolidated and SeparateFinancial Statements", while insurance andnon-financial allied subsidiaries shall beaccounted for using the equity method.Financial/non-financial allied/non-alliedassociates shall be accounted for using theequity method in accordance with theprovisions of PAS 28 "Investments inAssociates".

For purposes of preparing solo financialstatements, financial/non-financial allied/non-allied subsidiaries/associates, includinginsurance subsidiaries/associates, shall alsobe accounted for using the equity method.

For purposes of preparing consolidatedreports, the "Peso accounts", "Foreignaccounts", "FCDU/EFCDU" and "ForeignOffices", and their supporting schedules shallnot be filled-up/accomplished.

Amounts ReportedAll amounts reported in the FRP must

be in absolute figures including two (2)decimal places, except for "Losses"columns/rows which shall be reported innegative figures, i.e., enclosed inparentheses.

STRUCTURE OF THE FRP

(1) The FRP is designed to reflect thetwo (2) types of books as follows1:(1) regular banking book, which shall becomprised of (a) peso accounts; and (b)foreign accounts and (2) FCDU/EFCDU asallowed under Circular No. 1389 dated13 April 1993, as amended. Transactionsin the foreign regular and FCDU/EFCDUbooks shall be recorded at their foreigncurrency amounts and their local currencyequivalent using the Philippine DealingSystem (PDS) Peso/US Dollar closing rateand the New York US Dollar/ThirdCurrencies closing rate.

(2) The FRP generally groupstransactions into the different counterpartiesof the reporting bank. Foreign offices and

1 Provide Columns (in US$ and Peso Equivalent) for foreign accounts, where applicable.


APP. 7710.12.31

branches of local banks abroad shall classifytheir counterparties from the perspectiveof the Head Office. Counterparties arebroadly classified as to residents andnon-residents and further sub-classified intothe different sectors and institutional unitsdefined as follows:

(a) Residents – This refers to individualsor institutional units that have a center ofeconomic interest in the economic territoryof the Philippines.

(a.1) Government(i) National Government – This refers

to the Philippine National Governmentand its agencies such as departments,bureaus, offices, and instrumentalities, butexcluding local government units andgovernment-owned and controlledcorporations.

(ii) Local Government Units (LGUs) –This refers to the Philippine governmentunits below the level of nationalgovernment, such as city, provincial andmunicipal governments.

(iii) Government-Owned and ControlledCorporations (GOCCs) – This refers to anyagency organized as a stock or non-stockcorporation vested with functions relatingto public needs whether governmental orproprietary in nature, and owned by thegovernment directly or indirectly orthrough its instrumentalities either wholly,or where applicable as in the case of stockcorporations to the extent of at leastfifty-one percent (51%) of its capital stock:Provided, That GOCCs may be furthercategorized by the DBM, the Civil ServiceCommission and the COA for the purposeof the exercise and discharge of theirrespective powers, functions andresponsibilities with respect to suchcorporations.

• Social Security Institutions (SSIs) –This refers to the social security agenciessuch as the Employees CompensationCommission (ECC), Government ServiceInsurance System (GSIS), Philippine Health

Insurance Corporation (PhilHealth) andSocial Security System (SSS).

• Other FIs – This refers to GOCCsthat are primarily engaged in financialintermediation or in auxiliary financialactivities that are closely related to financialintermediation but are not classified asbanks such as the Home GuarantyCorporation (HGC), Trade and InvestmentDevelopment Corporation (TIDCORP) andSmall Business Corporation (SBC)

• Non-FIs – This refers to GOCCsthat may not be classified as a socialsecurity institution nor other FIs.

(a.2) BSP(a.3) Banks• UBs/KBs – This refers to UBs and

KBs as defined under existing laws andregulations.

• Government Banks – This refersto UBs/KBs owned or controlled by thenational government such as the DBP, theLBP and the Al-Amanah Islamic InvestmentBank of the Philippines.

• Non-Government Banks – Thisrefers to private UBs/KBs, which areneither owned nor controlled by thenational government, including branchesof foreign banks licensed as UBs/KBsoperating in the Philippines.

(ii) Other Banks – This refers tobanks other than UBs/KBs i.e., TBs, RBsand Coop. Banks.

(a.4) Private Corporations(i) Financial - This refers to private

corporations that are primarily engaged infinancial intermediation or in auxiliaryfinancial activities that are closely relatedto financial intermediation but are notclassified as banks. This shall includeamong others, insurance corporations,pension funds that are constituted asseparate from the units that have createdthem, NSSLAs and QBs. Except in the caseof “Loans and Receivables – InterbankLoans and Receivables” where QBs shallbe a separate line item.


APP. 7710.12.31

(ii) Non-Financial – This refers toprivate corporations whose principalactivity is the production of goods or non-financial services for sale.

(b) Non-Residents – This refers toindividuals or institutional units that havea center of economic interest outside theeconomic territory of the Philippines.

(b.1) Central Government/CentralBank – Central Government refers to thecentral government of a foreign countrywhich is regarded as such by a recognizedbanking supervisory authority in thatcountry. Central Bank refers to the nationalFI (or institutions) that exercises controlover key aspects of the financial systemand carries out such activities as issuingcurrency, managing international reserves,and providing credit to other depositorycorporations.

(b.2) Public Sector Entities – This refersto entities which are regarded as such bya recognized banking supervisoryauthority in the country in which they areincorporated.

(b.3) Banks(i) Off-Shore Banking Units (OBUs) –

This refers to a branch, subsidiary or affiliateof a foreign banking corporation which isduly authorized by the BSP to transactoffshore banking business in thePhilippines.

(ii) Other Banks – This refers to thenon-resident banks other than OBUs.

(b.4) Corporations –This refers to non-resident corporations.

(c) Multilateral Agencies – This refersto the World Bank Group comprised of theIBRD and the IFC, ADB, AfDB, the EBRD,the IADB, the EIB, the NIB; the CDB, theCEDB and such others as may berecognized by the BSP.

(3) The supporting schedules in theFRP contain an Additional Informationsection which requires disclosure ofinformation necessary for validatingcompliance with other BSP requirements

and for statistical purposes. Among theinformation required to be disclosed arethe following:

(a) Classification as to Original Term,which shall be reported only for solo reports

(a.1) Short Term (1 year or less)(a.2) Medium Term (>1 year to 5

years)(a.3) Long Term (> 5 years)(b) Geographic Regions of Non-

Resident Counterparties(b.1) Advanced Economies – Australia;

Austria; Belgium; Canada; Cyprus;Denmark; Finland; France; Germany;Greece; Hong Kong SAR; Iceland;Ireland; Israel; I taly; Japan; Korea;Luxembourg; Netherlands; NewZealand; Norway; Portugal; Singapore;Slovenia; Spain; Sweden; Switzerland;Taiwan Province of China; UnitedKingdom and United States

(b.2) Regions Excluding AdvancedEconomies

(i) Africa – Algeria; Morocco; Tunisiaand Sub-Sahara

Of which; Sub-Sahara – South Africa;Djibouti; Ethiopia; Sudan; Burundi; Congo,Democratic Republic of; Kenya; Rwanda;Tanzania; Uganda; Angola; Botswana;Comoros; Lesotho; Madagascar; Malawi;Mauritius; Mozambique, Republic of;Namibia; Seychelles; Swaziland; Zambia;Zimbabwe; Cape Verde; Gambia, The;Ghana; Guinea; Mauritania; Nigeria; SaoTome and Principe; Sierra Leone; Benin;Burkina Faso; Cameroon; Central AfricanRepublic; Chad; Congo, Republic of; Cote d’Ivoire; Equatorial Guinea, Gabon; Guinea –Bissau; Mali; Niger; Senegal; and Togo.

(ii) Central and Eastern Europe -Albania; Bulgaria; Croatia; Czech Republic;Estonia; Hungary; Latvia; Lithuania;Macedonia, FYR; Malta; Poland; Romania;Slovak Republic and Turkey.

(iii) Commonwealth of IndependentStates – Armenia; Azerbaijan; Belarus;Georgia; Kazakhstan; Kyrgyz Republic;


APP. 7710.12.31

Moldova; Mongolia; Russia; Tajikistan;Turkmenistan; Ukraine and Uzbekistan.

(iv) Developing Asia – Bangladesh;Bhutan; Cambodia; China; Fiji; India;Indonesia; Kiribati; Lao PDR; Malaysia;Maldives; Myanmar; Nepal; Pakistan;Papua New Guinea; Samoa; SolomonIslands; Sri Lanka; Thailand; Tonga;Vanuatu and Vietnam.

(v) Middle East – Bahrain; Iran I.R.;Kuwait; Libya; Oman; Qatar; Saudi Arabia;United Arab Emirates; Yemen, Republic of;Egypt; Jordan; Lebanon and Syrian ArabRepublic.

(vi) Western Hemisphere – Mexico;Argentina; Brazil; Bolivia; Chile; Colombia;Ecuador; Paraguay; Peru; Uruguay;

Venezuela; Costa Rica; El Salvador;Guatemala; Honduras; Nicaragua;Panama; Antigua and Barbuda; Bahamas,The; Barbados; Belize; Dominica;Dominican Republic; Grenada; Guyana;Haiti; Jamaica; St. Kitts and Nevis; St. Lucia;St. Vincent and the Grenadines; Surinameand Trinidad and Tobago.

Definition of the other items andinstructions for filling-out the AdditionalInformation section of each supportingschedule are presented in the Line ItemInstructions.

(Circular No. 512 dated 03 February 2006 as amended byCircular Nos.701 dated 13 December 2010, 691 dated 23 June2010, M-2010-016 dated 16 June 2010, M-2008-012 dated14 March 2008 and Circular No. 568 dated 08 May 2007


APP. 7808.12.31

GUIDELINES FOR TRUST DEPARTMENTS’ PLACEMENTS IN THE SPECIALDEPOSIT ACCOUNT FACILITY OF THE BANGKO SENTRAL

(Appendix to Subsec. X409.2)

The following are the guidelinesgoverning the trust deparments’ placementsin the SDA facility of BSP.

1. Access to the subject BSP facilityshall be granted upon receipt by the BSPTreasury Department (BSP-TD) of a letterof request (Appendix 78 Annex 1) foraccount opening together with the followingrequirements:

a. Internal approvals allowing the trustdepartment to invest in the BSP SDAfacility;

b. A list of authorized signatories;c. A list of authorized traders; andd. Contact details for the front and back

offices.2. The trust department shall use a

depository institution that is a PhilPASSmember when placing its funds in the SDAfacility. On transaction date, the trustdepartment shall instruct said depositoryinstitution to debit their account in favor oftheir SDA with the BSP. Similarly, the trustdepartment shall specify a PhilPASSmember to which its principal and interestwill be credited at maturity of the SDAplacement.

3. Trading hours shall be from I0:00am to 3:00 pm for all business days. Alltrades shall settle on trade date.

4. Applicable tenors and pricing shallbe based on published rates (i.e., inBloomberg’s CBPHI and Reuters BANGKOpage).

5. The existing tiering scheme, asdetailed below shall be applied to the SDAplacements of the trust departmentsseparately from the placements of their bankproper.

Tier Tiered RateAmounts less than or BSP published rate

equal to P5.0 billion

Tier Tiered RateAmounts in excess of BSP published rate less

P5.0 billion up to 2%

PI0.0 billion

Amounts in excess of BSP published rate less

PI0.0 billion 4%

6. The minimum placement is P10.0million with the additional amounts inincrements of PI .0 million.

7. Trust departments may place onlyonce per tenor per day

8. Trust departments may pre-terminate their SDA placements, eitherfully or partially. If the holding period ofthe SDA placement when it is rate pre-terminated is less than fifty percent (50%)of the original tenor of the said placement,the applicable interest rate for the pre-terminated amount will be the rate dealt onvalue date less two percent (2%) p.a. If theholding period is fifty percent (50%) or moreof the original tenor, the applicable interestrate for the pre-terminated amount will bethe rate dealt on value date less one percent(1%) p.a. The pre-termination rate shallapply only to the amount pre-terminated.

9. The income from the SDA is subjectto a twenty percent (20%) final withholdingtax

10. Depository institution shallgenerally follow the existing settlementprocess for SDA placements with BSP ofbanks. The trust department will be requiredto send the transaction confirmation directlyto the BSP-TD back office. A sampleconfirmation is attached as Appendix 78Annex 1 and Annex 2.

11. Trust departments may request astatement from the BSP-TD for theiroutstanding SDA placement as of aspecified date.(M-2007-011 dated 08 May 2007)


APP. 7808.12.31

Annex 1

(Institution’s Letterhead)

Date:_____________________

Mrs. Ma. Ramona GDT SantiagoManaging DirectorTreasury DepartmentBangko Sentral ng Pilipinas

Dear Madam:

Pursuant to Monetary Board Resolution Nos. 433 and 518 dated 19 April 2007 and3 May 2007, allowing trust departments to place their funds in the BSP’s Special DepositAccount (SDA) facility, the trust department of (name of institution) respectfully request thecreation of an account for the said facility.

Please find attached the following documents, as required:

a. Internal approvals allowing the trust department to invest in the SDAfacility;

b. A list of authorized signatories;c. A list of authorized traders; andd. Contract details for the front and back offices.

For your kind attention.

Very truly yours,

__________________________ (AUTHORIZED SIGNATORY)1

__________________________ (AUTHORIZED SIGNATORY)2


APP. 7808.12.31

Annex 2

(Institution’s Letterhead)

Date:_________________

TREASURY DEPARTMENTTreasury Services Group - DomesticBangko Sentral ng Pilipinas

Gentlemen:

This is to confirm our Special Deposit Account placement to yourselves asfollows:

VALUE DATETERMMATURITY DATERATEPRINCIPAL AMOUNTGROSS INTERESTWITHHOLDING TAXNET MATURITY VALUE

On value date, our funds will come from Regular Demand Deposit account of(name of depository bank).

Accordingly, please CREDIT the Regular Demand Deposit Account of(name of depository bank) on maturity date the amount of ____________PESOS (P___________),representing full payment of the principal plus interest (net of applicable withholding tax)thereon.

Very truly yours,




APP. 78a08.12.31

SPECIAL DEPOSIT ACCOUNT PLACEMENTS OF TRUST DEPARTMENTS/ENTITIES AS AGENT FOR TAX-EXEMPT INSTITUTIONS AND ACCOUNTS

(Appendix to Subsection X409.2)

Section 1. Placement of tax-exemptaccounts in the SDA facility should complywith existing minimum placement andincremental requirements for the SDAfacility.

Sec. 2. On transaction date, the trustdepartment/entity must inform the BSP theexact amount of the tax-exempt placementin the SDA and submit the followingsupporting documents:

a. Copy of the relevant ruling from theBIR, duly certified by the latter, affirmingthe exemption from taxes of the incomeearned by concerned TEls or accounts fromtheir investments;

b. Copy of the board resolution dulycertified by the corporate secretaryauthorizing the placement (directly formanaged funds or indirectly throughdesignated trustee bank/FI in the caseof managed trust funds) in the SDAfacility;

c. Copy of the covering trustagreement; and

d. Certification from the trustdepartment that such placements, for as longas these are outstanding, are owned by thespecified TEls and are accordingly exemptfrom said twenty percent (20%) finalwithholding tax (FWT). Shown in Annex 1.

Advance copies may be sent throughfacsimile (facsimile number 523-3348) orelectronic mail of BSP-Treasury Back Officepersonnel (jsiguenza@bsp. gov. ph).

Absent the supporting documents byend of the business day, the tax-exemptplacement will be cancelled.

Sec. 3. For outstanding tax-exempt SDAplacements as of 01 November 2007, trustdepartments must submit the documentsspecified in Item "2" hereof on or before04 December 2007 to avail of theexemption from withholding tax.( M-2007-038 dated 29 November 2007)

Manual of Regulations for BanksAppendix 78a - Page 2

APP. 78a08.12.31

Annex 1(Trust Entity/Department’s Letterhead)

Date:Ms. Ma. Ramona GDT SantiagoManaging DirectorTreasury DepartmentBangko Sentral ng PilipinasA. Mabini corner P. Ocampo Sts.Manila 1004

Dear Ms. Santiago:

This refers to the placement/s amounting to (Peso Amount) placed in the BSP’s SDA facilityat (SDA rate) % per annum for value (Value date) to mature on (Maturity date).

This is to certify that the above placement/s is/are transacted on behalf of the followingTax-Exempt Institutions (TEI) or tax-exempt funds and interest income thereon are exempt from thetwenty percent (20%) final withholding tax based on the corresponding BIR rulings:

Tax Exempt Institutions Basis Amount(BIR Ruling No. and date)

1.2.3.(rows may be increased depending on number of placements) TOTAL

This is to further certify that above placements will be owned by the specified TEIs/tax-exemptfunds for as long as these placements are outstanding.

In the event that the BSP is assessed for deficiency final withholding tax on the aboveplacements by the Bureau of Internal Revenue (BIR), (Bank name) shall be liable for and pay suchdeficiency taxes and surcharges, and/or indemnify/reimburse the BSP for such deficiency taxes andsurcharges that the latter may eventually pay to the BIR as a result thereof. Further, (Bank name)hereby authorizes the BSP to automatically debit its regular demand deposit account with the BSP forpayment or reimbursement of any such deficiency taxes and surcharges.

Sincerely yours,

HEAD OF TRUST DEPARTMENT

SUBSCRIBED AND SWORN to before me this ____ day of 2007 at, affiant exhibiting to me his Community Tax Certificate/Passport No.

, issued at , on .

Notary PublicDoc. No. _________;Page No. _________;Book No. _________;Series of 200___

Appendix 79 - Page 1Manual of Regulations for Banks

APP. 79 09.12.31

The following are the guidelines indetermining compliance with ceilings onequity investments prescribed underSections/Subsections X3781, X379.1, X380,1381, 1381.1, 1381.2 and X383, in viewof the adoption of the PFRS/PAS:

a. Components of equity investment.Equity securities booked under theDesignated at Fair Value Through Profit orLoss (DFVPL), Available-For-Sale,Investment in Non-Marketable EquitySecurities (INMES) and Equity Investmentsin Subsidiaries/Associates/Joint Venturescategories shall all be considered incomputing for compliance with the ceilingson equity investments prescribed under Sec.X383 and Subsec. X379.1: Provided, ThatUnderwritten equity securities bookedunder the Available-For-Sale category shallbe excluded from total equity investmentsfor a period of two (2) years from the dateof acquisition thereof: Provided, further,That upon prescription of the two (2) yearperiod, such equity securities shall bebooked according to intention and shallthen be included in the computation ofcompliance with the prescribed ceilings.

For this purpose, the following financialinstruments shall likewise be included in thecomputation of compliance with theprescribed ceilings:

(1) Equity securities including thoseaccounted for as debt instruments bookedunder the Held for Trading (HFT) category,which remain unsold for more than one (1)year.

(2) Mandatorily redeemable preferredshares and preferred shares of similar naturethat are accounted for as debt instruments,which may also be booked under the HTMor Unquoted Debt Securities Classified asLoans (UDSCL) categories.

(3) Investments in Hybrid Tier 1securities that are issued in the form ofperpetual preferred shares.

b. Shares of stock acquired insettlement of loans. Shares of stock ofanother corporation acquired in settlementof loans shall be excluded from total equityinvestments for purposes of determiningcompliance with the prescribed ceilings onequity investments under Secs. X378, X380,1381 and X383 and Subsecs. X379.1,1381.1 and 1381.2: Provided, Thatconfirmation of the Monetary Board shallbe required in the following cases withinthirty (30) days from the date of acquisitionthereof:

(1) Acquisition of shares of stock ofnon-allied enterprises by banks withoutuniversal banking authority, otherwiseprohibited in Sec. 1381;

(2) Acquisition of shares of stock ofnon-allied enterprises other than thosespecified under Subsec. 1381.1 by bankswith universal banking authority, otherwiserequiring prior Monetary Board approval;

(3) Acquisition of shares of stock ofnon-allied enterprises by UBs in excess oflimits provided in Subsec. 1381.2;

(4) Acquisition of shares of stock ofventure capital corporation in excess oflimits provided in Subsec. X379.1;

(5) Acquisition of shares of stock offinancial allied enterprises by banks, inexcess of limits provided in Sec. X378;

(6) Acquisition of shares of stock ofnon-financial allied enterprises by TBs andRBs in excess of limit provided in Sec. X380;and

(7) Acquisition of shares of stock inexcess of limits provided in Sec. X383;

Provided, further, That said confirmationshall be subject, among others, to the

GUIDELINES IN DETERMINING COMPLIANCE WITH CEILINGSON EQUITY INVESTMENTS

(Appendix to Secs. X378, X380, 1381, and X383, Subsecs. X379.1, 1381.1, and 1381.2)

1 amended by Circular No. 530 dated 19 May 2006


APP. 7909.12.31

condition that such shares of stock shall bedisposed of within a reasonable period notto exceed five (5) years from the date ofacquisition thereof.

c. Basis of computation. Compliancewith the prescribed ceilings on equityinvestments shall be determined at eachtime additional equity securities areacquired or shall be considered in thecomputation as in the case of prescriptionof the two (2) year period for underwrittenequity securities or in the case of equitysecurities booked under the HFT category,which remain unsold for more than one (1)year. Further, this shall be computed usingthe carrying amount of the equitysecurities, which shall be the fair value(marked-to-market amount) for thoseinvestments booked under HFT, DFVPL andAvailable- For-Sale, amortized cost for thoseinvestments booked under HTM andUDSCL or the cost and adjusted cost forthose booked under INMES and EquityInvestment in Subsidiaries/Associates/JointVentures, respectively, net of Allowance forCredit Losses where applicable.

For this purpose, adjusted cost shall referto the acquisition cost of Investments inSubsidiaries/Associates/Joint Venturesadjusted for the investor’s share of the profitor loss of investee after the date ofacquisition and other adjustments to thecarrying amount of the investment.

d. Transitory Provisions. Banks withacquired shares of stock in settlement ofloans that fall under any of the followingcases, which have not been previously

confirmed by the Monetary Board, shallseek confirmation by the Monetary Boardof such acquisition not later than ninety (90)banking days from 05 October 2007.

(1) Those without universal bankingauthority with acquired shares of stocks ofnon-allied enterprises in settlement of loansprohibited in Sec. 1381;

(2) Those with universal bankingauthority with acquired shares of stock non-allied enterprises in settlement of loans otherthan those specified under Subsec. 1381.1;

(3) Those with universal bankingauthority with acquired shares of stock ofnon-allied enterprises in settlement of loansthat are in excess of limits prescribed inSubsec. 1381.2;

(4) Those with acquired shares of stockof financial allied enterprises in settlementof loans that are in excess of limits providedin Sec. X378; and

(5) TBs and RBs with acquired sharesof stock of non-financial allied enterprisesin settlement of loans that are in excess oflimit provided in Sec. X380.

Provided, That said confirmation shallbe subject, among others, to the conditionthat such shares of stock shall be disposedof within a reasonable period not to exceedfive (5) years from 05 October 2007.

e. Sanctions. Any violation of theprovisions of this Appendix shall subject thebank and the director/s and/or officer/sconcerned to the sanctions provided underSection 37 of R.A. No. 7653.(Circular No. 581 dated 14 September 2007, as amended by

Circular No. 671 dated 27 November 2009)


APP. 80 09.12.31

Currency notes/coins are classified asfit, unfit and mutilated pursuant to Sec.X950. The BSP Cash Department (CD) andRegional Offices/Branches shall accept alltypes of currency notes/coins for depositexcept mutilated currency notes/coins, whichmust be presented directly for determinationof redemption/exchange value to CD or thenearest BSP Regional Office/Branch inaccordance with Subsec. X950.6(f).

Banks are encouraged to arrange directexchange of their accumulated excess fitcurrency notes/coins with other banks tooptimize circulation of said notes/coins andto deposit only unfit currencies to theirDDAs with BSP.

To facilitate the expeditious receipt ofbanks’ cash deposits and servicing of theircash withdrawals by BSP, all banks,including their provincial branches shallobserve the following guidelines andprocedures when making cash depositsand/or withdrawals with BSP CD or any ofthe BSP Regional Offices/Branches:

a. Receiving/releasing of banks’ cashdeposits/withdrawals shall start at 9:00 A.M.and end at 2:00 P.M.

b. Banks should pre-sort all theircurrency notes/coins for fitness to ensurethat only pre-counted fit or unfit currencyis deposited with BSP to effect anexpeditious servicing of banks’ cashwithdrawals and retirement of unfitcurrency notes pursuant to the “Clean NotePolicy” of BSP under Subsec. X950.5.

c. The BSP shall accept fit and unfitnote deposits only after conductingpackage and bundle count. Fit notes neednot be verified piece-by-piece by the BSPbefore the same shall be re-issued to servicecash withdrawals of banks.

d. Bank deposits of fit currency notesreferred to in Item "c" above not withdrawnby the banks shall be verified piece-by-pieceby the BSP on scheduled dates.

e. The BSP shall accept coin depositsin standard quantity per denomination incontainers prescribed by BSP.

CURRENCY DEPOSITSf. Head Offices/Cash Centers of banks

in Metro Manila or their designated cashcenter/main branch in the provinces shall makedirect deposits of currency notes and coinswith the BSP CD or the nearest BSP RegionalOffice/Branch, respectively. The currencynotes shall be duly classified as fit or unfit inaccordance with the “Currency Guide for BankTellers, Money Counters and CashCustodians” prepared by BSP CD, and bydenomination pursuant to Subsec. X950.5 (a).

g. In areas where there are no BSPRegional Offices/Branches, provincialbranches of banks shall arrange with theirrespective Head Offices the shipment oftheir unfit notes/coins for deposit with BSPCD. Cost of shipment and other relatedexpenses to be incurred shall be solely forthe account of the bank concerned.

h. Banks shall provide securely sealedtransparent plastic bags prescribed by theBSP for their deposits at BSP CD; separatelyfor the fit and unfit notes. Each plastic bagshall have uniform capacity of twenty (20)full bundles accompanied by a deposit slipfor each type/category. The deposit slip foreach type/category of currency notes shallbe clearly labeled as “FIT” or “UNFIT” asthe case may be.

At the BSP Regional Offices/Branches,banks shall provide securely sealed portablemetal sheet or GI sheet boxes measuring

GUIDELINES AND PROCEDURES GOVERNING CURRENCY DEPOSITS ANDWITHDRAWALS OF BANKS FOR CREDIT TO AND DEBIT FROM THEIR

DEMAND DEPOSIT ACCOUNTS WITH THE BANGKO SENTRAL[Appendix to Section X950 (2008 - X610)]


APP. 8009.12.31

15” in length x 12” in width x 14” in heightfor their deposits, separately for the fit andunfit notes. Each prescribed containershall have uniform capacity of twenty (20)full bundles, accompanied by a depositslip for each type/category. The depositslip for each type/category of currencynotes shall be clearly labeled as “Fit” or“Unfit” as the case may be.

i. To facilitate handling of cashdeposits, notes and coins shall be arrangedand placed in prescribed containers in thefollowing manner:

(1) Fit and Unfit Currency Notes(a) Notes of a single denomination

must be arranged face and top up inpackages of 100 pieces each:

(b) The wrapper of each package shallbe plainly marked with:

(i) the denomination and amount ofcurrency in the package;

(ii) the date of verification;(iii) the printed name(s) and signature(s)

of depositing bank’s employee(s) whoperformed the verification; and

(iv) the name of the depositing bank, (c) Pins, clips and staple wires, if any,

must be removed prior to deposit in orderto avoid possible injury to employees anddamage to equipment;

(d) Individual packages of 100 noteseach shall be strapped/bundled in standardunits as follows:

Denomination Standard Value Unit No. of Package (Per 1 Bundle)1000-Piso 10 P 1,000,000.00500-Piso 10 500,000.00200-Piso 10 200,000.00100-Piso 10 100,000.0050-Piso 10 50,000.0020-Piso 10 20,000.00

(e) Notes of different denominationsshall not be mixed in a single package/

bundle/container subject to the provisionsof Item i(1)(h);

(f) Bundled notes shall be packed insealed plastic containers in uniform quantityof twenty (20) complete bundles perdenomination (each bundle containing1,000 notes in ten equal packages, eachpackage containing 100 notes) subject to theprovisions of Item i(1)(h);

g. A packing list/tag of the currency ineach plastic container shall be placed insidethe container. Another tag shall be attachedto the container; and

h. The regional offices/branches mayhowever accept deposit of bundled notespacked in sealed containers in uniformquantity of twenty (20) complete bundlesof one or various denominations.

(2) Coins(a) The coin container bearing the name

of the bank shall be prescribed by the BSP;(b) A tag shall be attached to each bag

indicating the denomination, quantity,amount, and date deposited:

(c) Individual bags shall contain standardquantities per denomination as follows:

Denomination Quantity Value (Pieces)10-Piso 1,200 P12,000.005-Piso 1,500 7,500.001-Piso 2,000 2,000.0025-Sentimo 3,000 750.0010-Sentimo 4,500 450.005-Sentimo 5,000 250.001-Sentimo 5,000 50.00

j. Upon delivery of the currencynotes/coins to the BSP CD/RegionalOffice/Branch, the representative of thedepositing bank shall witness the packageand bundle count for notes and bag countfor coins made by the BSP CD/RegionalOffice/Branch Accountable Officerconcerned. If found in order, said BSPofficer shall acknowledge receipt of thecurrency note/coin deposits.


APP. 80 09.12.31

k. Deposits of currency notes at BSPCD need not be taken out of the containersince contents are seen and can be countedthrough the transparent plastic bag. Fordeposits at BSP Regional Offices/Branches,the bundles of currency notes shall bereturned by the authorized bankrepresentative to the containers, dulysealed with the depositor banks logo andpadlocked with the key/s controlled by thesaid representatives.

l. The CD/Regional Office/Branchshall schedule piece-by-piece verificationof cash deposits at a later date or wheneverit deems necessary, to be duly witnessedby the bank’s authorized representatives.

m. The CD/Regional Offices/Branchesof BSP may refuse acceptance of cashdeposits that do not conform to theforegoing guidelines and procedures.

CURRENCY WITHDRAWALSn. The Cash Department (CD) shall

service cash withdrawals of banks fromtheir respective unverified fit currencydeposits and/or from verified/new currenciesin stock.

The regional offices/branches shallservice cash withdrawals of banks from theirrespective unverified fit currency deposits,unverified fit deposits of other banks or fromverified/new currencies in stock.

o. Only authorized representative ofthe depositor-bank shall open the sealedcontainer(s) of unverified fit currency notedeposits from which the BSP shall servicethe cash withdrawal of a bank. It isunderstood that said representative, whoupon at least one (1) day notice, shall makehimself available to service the withdrawalsof another bank, shall have all the keys tothe containers’ padlock of the bank’s

currency fit note deposits wheneverassigned to BSP CD/Regional Office/Branchto effect cash withdrawals.

p. At BSP CD, cash withdrawals ofbanks shall be effected using the ElectronicCash Withdrawal System. A Cash Order Slip(COS), shall be sent by banks through FAXto CD not later than 12:00 noon one (1) dayprior to actual cash withdrawal. Cashwithdrawal shall be settled through thePhilPaSS before release of the cashwithdrawal to banks.

q. At the BSP Regional Offices/Branches, cash withdrawal shall be madeusing the Integrated Regional InformationSystem (IRIS). BSP demand deposit checkspresented by banks for withdrawal after12:00 noon shall be accepted for processingpurposes only and the servicing thereof shallbe effected the following banking day.

r. The authorized representative ofthe withdrawing bank shall conduct:

(1) bag/bundle/package count of thenotes and bag count of the coins withdrawnfrom the bank’s unverified fit currency note/coin deposits; and

(2) box/bundle/package/piece count ofthe notes and bag count of the coinswithdrawn from reissued/new currencynote/coin witnessed by authorizedrepresentative of the BSP.

Any overage/shortage found in theverification of cash withdrawn fromreissued currency verified by BSP CD/Regional Office/Branch shall be for theaccount of BSP. The BSP shall not honorany shortage/overage found after theauthorized bank representatives shall haveleft the BSP teller’s counter/cashwithdrawal area.(M-2007-027 dated 19 September 2007, as amended by

M-2009-021 dated 16 June 2009)