Corporate Governance

Introduction

Vattanac Bank is firmly committed to observing and maintaining high standards of corporate governance in compliance with the principles and guidelines set out in the Prakas on Governance in Banks and Financial Institutions issued by the National Bank of Cambodia. The Bank believes that its corporate conduct and growth must be supported by clear policies, transparent processes, adequate systems and qualified management and staff.  Furthermore, Vattanac Bank is guided by the Prakas on Internal Audit in Banks and Financial Institutions and adheres to both its spirit and its substance while seeking to continually improve and excel.  The Bank focuses on strengthening its position in the banking sector as it safeguards customers' interest and maximizes value and returns for the customers.

In that sense, a system of stringent internal checks and controls, a proper risk control and a permanent compliance control system with internal policies and guidelines, and especially with laws and regulations are in place. Furthermore, the international standard of Management Information System is deployed for controlling and supporting all the functions and activities of the bank effectively and efficiently.

Board Matters (The Board)

Vattanac Bank is led and managed by the Board of Directors whose members are appointed by the Bank's shareholders general assembly and approved by the National Bank of Cambodia. The Board has the power to establish different committees under its control including three Board Committees, an Executive Committee (EC) which is responsible for the overall operations of the Bank, and 8 other operational committees to assist the EC in carrying out its duties efficiently.

The Board also appoints the top Executive Management such as President, General Manager, Head of Internal Audit Department, and Head of Risk Management and Compliance Department with NBC's approval. The Executive Management is accountable to the Board.

The Board leads and manages the Bank by establishing policies, providing strategic direction, setting long-term goals and ensuring high standards of corporate governance thus maintaining an effective Internal Control System. The Board also ensures that the Executive Management conducts the business affairs of the Bank with integrity and transparency, in compliance with laws and regulations and with the ultimate aim of enhancing value and achieving sustainable growth for the Bank.

As at 31 December 2017, the composition of the Board was as follows:


Oknha Sam Ang   Chairman   Non-Executive Director
Lok Chumteav Oknha Chhun Leang   Member   President
Mr. Chan Kok Choy   Member   Executive Director/General Manager
Madam Tal Nay Im   Member   Non-Executive Director
Madam Sam Ang Kanika   Member   Non-Executive Director
Oknha Sam Ang Vattanac   Member   Non-Executive Director
Madam Sam Ang Leakhena   Member   Non-Executive Director
Mr. Tang Yue Kwong   Member   Independent Director
Mr. George Teo Choa Chee   Member   Independent Director















Board Committees

1. Audit Commitee

The Audit Committee was established to assist the Board in carrying out the internal audit responsibilities and to ensure the efficiency of the Bank's overall internal control system. The Committee is responsible for establishing policy, procedures and guidelines related to internal audit, updating them when necessary and submitting them to the Board for approval.

The Committee reviews the integrity of the financial statements, and also reviews the quarterly and full-year financial statements of the Bank to ensure compliance with the guidelines issued by the National Bank of Cambodia and with Cambodian Accounting Standards. The Audit Committee also reviews internal financial controls and recommends the annual financial results to the Board for approval. The Committee also monitors and ensures that all policies, guidelines and procedures issued by the Board and by the Executive Management are always respected.

Additionally, the Audit Committee monitors and reviews the effectiveness of the Bank's internal audit function by preparing yearly audit plans of the internal auditors and submits to the Board for approval. The Audit Committee submits to the Board significant audit findings, and provides solutions and recommendations. The Audit Committee conducts meetings four times a year prior to each BOD meeting.

The Audit Committee is composed of the following:

Mr. Tang Yue Kwong   Member   Independent Director
Mr. George Teo Choa Chee   Member   Independent Director
Madam Tal Nay Im   Member   Non-Executive Director
Madam Sam Ang Kanika   Member   Non-Executive Director
Oknha Sam Ang Vattanac   Member   Non-Executive Director
Madam Sam Ang Leakhena   Member   Non-Executive Director

*The Head of Internal Audit Department serves as the Secretary of the Committee.

In 2017, the internal audit activities consisted of full scale checks and spot checks of various banking operations at Head Office's departments and at the branches. Frequent surprise cash counts and checks of other transactions were conducted.

The committee reviewed internal and external audit reports and provided recommendations to Executive Management on actions to take on the findings. The Committee submitted the Audit Plan for 2018 to the Board and the latter approved the plan.

2. Audit Commitee

The Risk Management and Compliance Committee was established to assist the Board in monitoring key risks which may affect the Bank's business operations including credit risk, market risk, liquidity risk and operational risk. The Committee also assists the Board in monitoring the non-compliance risks of the Bank and in ensuring that the Bank always operates its business in compliance with all relevant laws and regulations, including regulations on Anti-Money Laundering and Combating the Financing of Terrorism. The chairperson of the RMCC is an independent Board member.

The Risk Management and Compliance Committee is composed of the following:

Mr. Tang Yue Kwong   Chairperson   Independent Director
Mr. George Teo Choa Chee   Member   Independent Director
Madam Tal Nay Im   Member   Non-Executive Director
Madam Sam Ang Kanika   Member   Non-Executive Director
Oknha Sam Ang Vattanac   Member   Non-Executive Director
Madam Sam Ang Leakhena   Member   Non-Executive Director

*The Head of Risk Management and Compliance Department serves as the Secretary for the Committee.

In 2017, the committee approved the revised AML & CFT guideline in order to strengthen the implementation of the AML & CFT.

Key AML & CFT compliance achievements in 2017 included the following:

  • Fully launched the AML/CFT system that enables the Bank to implement the AML & CFT's measures more effectively.
  • Conducted the regular review on the AML & CFT matters through the rule alerts from the AML/CFT system.
  • Conducted annual KYC and CDD on all correspondent banks;
  • Conducted seven AML & CFT awareness training sessions to 120 new staff members;
  • Conducted four AML & CFT refresher training sessions to 90 staff members and managers; and
  • Conducted AML & CFT test for 49 staff who were unable to attend the training within the year.

3. New Activities and Products Committee (NAP)

The New Activities and Products (NAP) Committee shall review any new transaction, service, equity participation, outsourcing, network extension or changes related to system or legal infrastructure or operational risks.

The committee is composed of the following:

Madam Tal Nay Im   Chairperson   Non-Executive Director
Mr. Tang Yue Kwong   Member   Independent Director
Mr. George Teo Choa Chee   Member   Independent Director
Madam Sam Ang Kanika   Member   Non-Executive Director
Oknha Sam Ang Vattanac   Member   Non-Executive Director
Madam Sam Ang Leakhena   Member   Non-Executive Director
Mr. Chan Kok Choy   Member   Executive Director/General Manager








In 2017, the Bank opened 2 Branches, at Russey Keo located along the National Road No. 5 and at Chaom Chau located along the National Road No. 4 while other branches are planned to be opened in different provinces in 2018.

The NAP Committee reviewed and endorsed Master Card, Union Pay International, WeChat Pay, National Shared Switch, payment gateway services, and PaloAlto Network Firewall Implementation in 2017.

Executive Committee

The Executive Committee was created by the Board to oversee the general management of the Bank.

The committee is composed of the following:

Lok Chumteav Oknha Chhun Leang   Chairperson   President
Mr. Chan Kok Choy   Member   Executive Director/General Manager
Mr. Kang Sopheak   Member   Deputy General Manager
Mr. Lim Chin Wan   Member   Deputy General Manager
Mr. Tom Piseth   Member   Head, Banking Operation
Ms. Ros Dara   Member   Head, Credit Operation








The Executive Committee is responsible for planning, formulating and reviewing the Bank’s strategies and annual budget. It develops necessary policies for Board approval and issues guidelines and procedures for implementing those policies, and ensures risk management and control in line with regulatory requirements.

The Committee is also responsible for the day-to-day operations of the Bank and promotes proper delegation of duties, authority and independent decision- making to the different levels of executive management.

In addition, the Committee has the responsibility to regularly report to the Board on new regulatory developments and financial reporting standards which are relevant to the Bank’s business.

In 2017, procedures and guidelines related to different aspects of Bank management such as ALCO Guidelines, Accounting Policy and Accounting Guidelines, Vattanac Bank’s Internal Regulation, were formulated and adopted or submitted to BOD for approval.

Committees Under the Executive Committee

To ensure the effective operations of the Bank, the Board established eight Management Committees: Credit, Assets and Liabilities, Human Resource, Information Technology, Operational Risk Management, Customer Service, Card and E-Banking and New Branch Opening. The management committees are tasked to assist the Executive Committee in the day-to-day running of the Bank and to maintain the highest levels of client satisfaction in the Bank’s services.

1. Credit Committee

The Credit Committee is responsible for reviewing and implementing policies and procedures of credit facilities as determined by the Board and in compliance with the NBC’s guidelines and regulations. These duties and roles include credit identification; assessment, measurement, approval, review and recovery of loans to mitigate risks.

The Credit Committee provides oversight on the administration and effectiveness of the Bank’s Credit Policy, and reviews the strategies to develop and achieve the credit and lending goals of the Bank. The committee then makes appropriate recommendations to the Board through the Executive Committee.

The committee is composed of the following:

Lok Chumteav Oknha Chhun Leang   Chairperson   President
Mr. Chan Kok Choy   Member   Executive Director/General Manager
Mr. Kang Sopheak   Member   Deputy General Manager
Mr. Tom Piseth   Member   Head, Banking Operation
Ms. Ros Dara   Member   Head, Credit Operation






In 2017 the Credit Committee conducted meetings every month to monitor the performance and quality of the Bank’s credit portfolio. It reviewed loan applications and reassessed approved loans to ensure that the Bank is in compliance with lending regulations and the Bank’s Credit Policy.

2. Assets and Liabilities Committee

The Assets and Liabilities Committee (ALCO) is responsible for managing the assets and liabilities of the Bank.

The Committee’s main responsibility is to maximize the Bank’s profitability, efficiency and effectiveness. Its activities include managing, reviewing and monitoring risks related to the Bank’s day-to-day business and operations such as liquidity levels, interest rates, exchange rates and market development.

The Committee also has the responsibility to ensure that the Bank is always in compliance with NBC’s prudential ratio requirements, such as liquidity, solvency and net worth.

In terms of liquidity management, the Committee prepares the contingency plan by identifying the source of liquidity that the bank can access when necessary. The Committee focuses on the security and management of treasury as it endeavors to develop relationships with local and international banks.

The committee is composed of the following:

Mr. Kang Sopheak   Member   Deputy General Manager
Mr. Chan Kok Choy   Member   Executive Director/General Manager
Mr. Tom Piseth   Member   Head, Banking Operation
Ms. Ros Dara   Member   Head, Credit Operation
Ms. Eng Sokphalla   Member   Head, Finance and Treasury









3. Human Resource Committee

The Human Resource Committee is responsible for managing the human resources of the Bank.

The main responsibility of the Human Resource Committee is to prepare transparent remuneration policies for the Bank’s staff to be submitted to the Executive Committee for approval. The Human Resource Committee reviews and recommends approval by the Executive Committee, salary changes and performance bonuses for staff at all levels.

The Human Resource Committee recommends to the Executive Management on the recruitment, hiring, nominations, promotions and staff retention initiatives that are in compliance with Human Resource Management Policies. The Committee leads in making training and development plans, including providing for Code of Conduct and professional skills training for existing staff and newly-recruited staff to ensure that they can efficiently serve the Bank.

The committee is composed of the following:

Lok Chumteav Oknha Chhun Leang   Chairperson   President
Mr. Chan Kok Choy   Member   Executive Director/General Manager
Mr. Kang Sopheak   Member   Deputy General Manager
Ms. Ros Dara   Member   Head, Credit Operation
Mr. Hong Sovandara   Member   Head, Human Resources & Training






In 2017, the Committee made staffing plan for the expanding operations and new branches for the coming year by recruiting from external sources and by honing the internal staff to take on new and higher responsibilities and roles, through systematic classroom and on-the-job trainings.

4. IT Committee

The IT Committee is responsible for managing the Bank’s information technology ecosystem. The IT Committee develops and manages the Bank’s information system, monitors and controls risks to ensure the effectiveness and security of the whole information technology ecosystem.

The committee is composed of the following:

Mr. Lim Chin Wan   Chairperson   Deputy General Manager
Mr. Chan Kok Choy   Member   Executive Director/General Manager
Mr. Kang Sopheak   Member   Deputy General Manager
Mr. Tom Piseth   Member   Head, Banking Operations
Mr. Khun Piseth   Member   Head, Information Technology






In 2017, the committee approved the acquisition of a new leased line to facilitate the implementation of MasterCard and UPI acquiring business. These new connections will be used to connect the Bank’s new 3G enabled POS terminals.

The IT Committee coordinated the work of the technical teams of Vattanac Bank and GDT to complete the GDT Online Tax Payment Project. A new IT infrastructure was also set up to accommodate the implementation of FAST System. The FAST System is a real-time inter-bank money transfer and payment system implemented by the National Bank of Cambodia.

The IT Committee defined the firewall policy implemented by the IT department with its next-generation firewall platform to protect the bank and prevent cyber threats.

The twice yearly Disaster Recovery exercises as initiated, planned and coordinated by the IT Committee were conducted successfully.

5. Operational Risk Management Committee

The Operational Risk Management Committee is responsible for monitoring and assessing the Bank’s operational risks and reports to the Executive Committee. The Committee has formulated strategies to manage the Bank’s operational risks by developing management systems and procedures to ensure the effective dealing with any direct or indirect risks to the Bank’s operations as well as any irregularities or mistakes that may occur in the operating system.

The committee is composed of the following:

Mr. Tom Piseth   Chairperson   Head, Banking Operations
Mr. Chan Kok Choy   Member   Executive Director/General Manager
Mr. Kang Sopheak   Member   Deputy General Manager
Mr. Lim Chin Wan   Member   Deputy General Manager
Mr. Khun Piseth   Member   Head, Information Technology
Ms. Eng Sokphalla   Member   Head, Finance and Treasury
Ms. Vann Theany   Member   Head, Trade Finance & Financial Institutions






In 2017, the Operational Risk Management Committee reviewed and approved the FATCA implementation for report sending to General Department of Taxation and the Policy/Guideline for bank operations, and reviewed/reduced the cash holding limit and cash in-transit transactions for each branch.

6. Customer Service Committee

The Customer Service Committee aims to promote excellence in delivery of service to Vattanac Bank’s customers. The Committee’s main responsibilities are to regularly monitor, assess, enhance and improve the quality of customer service. In addition, the Committee sets procedures and guidelines and regularly trains the Bank’s customer service providers - enabling them to have sufficient professional skills for serving customers, and motivating them to aspire for excellence.
The committee is composed of the following:

Mr. Chan Kok Choy   Chairperson   Executive Director/General Manager
Mr. Uch Sameth   Chairperson   Deputy Head, Banking Operations
Mr. Hong Sovandara   Member   Head, Human Resource & Training
Mr. Frederick Almeida   Member   Deputy Head, Public Affairs
Ms. Cynthia Maria Reimer   Member   Consultant
Ms. Ny Sophy   Member   Head, Business Development
Mr. Hang Pheakdey Cheat   Member   Acting Head, Secretariat Department






In 2017, the Customer Service Committee arranged for the monitoring and training of customer service staff assigned to work with special customers in the Vattanac Capital.

The Customer Service Campaign 12 (CCC 12) held on August 20, 2017 with the theme “Vattanac Bank @15: I am Customer Service” was attended by the bank’s 100 front liners.

7. New Branch Opening Committee

The New Branch Opening Committee (NBOC), formalized in early 2015, ensures that issues pertaining to opening of new branches are addressed properly and in a timely manner. The Committee oversees the Bank’s branch expansion projects and provides recommendations on the actions, timeframe and relevant arrangements for project implementation.
The committee is composed of the following:

Mr. Chan Kok Choy   Chairperson   Executive Director/General Manager
Mr. Kang Sopheak   Member   Deputy General Manager
Mr. Tom Piseth   Member   Head, Banking Operations
Mr. Frederick Almeida   Member   Deputy Head, Public Affairs
Ms. Ny Sophy   Member   Head, Business Development
Mr. Hang Pheakdey Cheat   Member   Acting Head, Secretariat Department






In 2017, the New Branch Opening Committee reviewed and approved the layout and design of Russey Keo Branch (opened in November), Chom Chao Branch (opened in December) and other branches under construction.

8. Card and E-banking Committee

The Card and E-banking Committee is responsible for reviewing, developing and implementing policies, procedures and guidelines related to card and E-Banking in compliance with national/international card association guidelines, regulations and best practices.
The committee is composed of the following:

Mr. Lim Chin Wan   Chairperson   Deputy General Manager
Mr. Chan Kok Choy   Member   Executive Director/General Manager
Mr. Kang Sopheak   Member   Deputy General Manager
Mr. Tom Piseth   Member   Head, Banking Operations
Mr. Khun Piseth   Member   Head, Information Technology
Mr. Samaraweera Ravinda Chinthaka   Member   Project Manager, Card & E-banking
Ms. Chan Pheaktra   Member   Deputy Head, Card & E-banking
Mr. Frederick Almeida   Member   Deputy Head, Public Affairs
Mr. Seng Kungkea   Member   Special Project Officer, Card & E-banking
Mr. Cheng Sotheavuth   Member   ATM Liaison, Card & E-Banking






In 2017, the committee launched the Bank’s MasterCard and UPI acquiring business to the public. This saw the rolling out of ATMs and POS terminals capable of accepting MasterCard and UPI cards.

The partnership with the General Department of Taxation was further strengthened when the GDT Online Payment was launched in November 2017.

Risk Management

Vattanac Bank takes proactive and prudent measures to manage and control risks due to changes in the business environment, such as credit risks, liquidity risks, market risks and operational risks that could greatly affect the business operations of the Bank.

1. Credit Risk Management

The Bank consistently maintains its good loans quality and successfully manages any possible credit risks. The Bank’s credit risks including settlement risk, collateral risk, concentration risk, credit risk assessment, counter-party risk and non-compliance risk are dealt with according to NBC’s laws and regulations. The Bank also conducts periodic and regular reviews of its existing loans focusing on collateral, capacity for repayment, conditions and conduct of loan account. The Credit Committee plays a vital and primary role in reviewing and monitoring credit risks and recommending necessary actions to eliminate or mitigate the risk exposures, and ultimately to ensure the quality of the Bank’s assets.

In 2017, all kinds of risk profiles related to credit were assessed carefully and the Bank took steps to provide loans prudently to ensure healthy loans growth and sustainable profit. As at 31 December 2017, the Bank’s non-performing loan was only 0.01%.

2. Liquidity Risk Management

The Bank’s liquidity coverage ratio is regularly monitored to ensure that the ratio is maintained at more than 70% and gradually increase up to 100% in 2020 as required by regulation. To further strengthen the Bank’s liquidity control, the Board set the alert limits 10% higher as a buffer over the regulatory requirement. As at 31 December 2017, the Bank’s liquidity coverage ratio was at 199%, which was higher than the limit set by NBC at 70%.

3. Market Risk Management

The market risks including interest rate risks and foreign exchange risks are thoroughly monitored and managed to avoid risks arising from any adverse events in the market.

Risk Management’s functions consist of identifying potential market risks by using risk management tools.

a. Interest Rate Risks
The Bank uses the interest rate gap analysis to monitor the market trends and cost of funds, and to analyze the changes of interest rates of the assets and liabilities.

b. Foreign Currency Exchange Risks
The Bank manages and maintains its foreign exchange position in accordance with its Assets and Liabilities Management Policy and in compliance with the NBC’s laws and regulations.

4. Operational Risk Management

The Bank uses Risk and Control Self-Assessment (RCSA) as a key tool to identify and monitor the changes of the risks and the Key Risk Indicators (KRI) as a measurement to identify the effectiveness of the controls. Management is required to report any incident that occurs within their respective areas of responsibilities on a monthly basis and implement any remedial action if a number of incidents exceed the tolerance limit.

Each committee, under the Executive Committee, plays a significant role in reviewing and managing the operational risks and takes corrective actions promptly.

Policies

Internal Control

The Bank commits to consistently comply with the Prakas on Internal Control in Banks and Financial Institutions of the NBC and continues to strengthen its internal control mechanisms.

The Board ensures the effectiveness of the internal control system, with the assistance of the Audit Committee, to ensure security, accountability and transparency to all stakeholders in accordance with the Bank’s corporate mission and objectives.

Internal Audit Policy

The Internal Audit Policy identifies the purpose, authority, and responsibility of the internal audit function. It plays the main role of overall internal control of the Bank and provides guidance for an independent audit function that complies with regulatory requirements and best practices.

The objective of internal audit policy is to set up guidelines to assist the Board of Directors and all members of management in the effective discharge of their responsibilities by clearly defining the duties of all parties involved in internal audit process and by providing analysis, assessments, recommendations and pertinent comments for remedies concerning the activities reviewed.

The mission of the internal audit function is to ensure that:

  • Bank’s policies and related procedures and guidelines are always in compliance with laws, regulations, and best practices;
  • Adequate policies, procedures and guidelines including internal controls are put in place to mitigate risks;
  • There are measures for permanent monitoring and control, and that those policies, procedures and guidelines are observed at all times.

Risk Management Policy

The Risk Management Policy is a part of the Corporate Governance Policy of Vattanac Bank. The Bank’s philosophy on risk management is that all risks faced must be identified, measured, monitored and managed within a risk management framework and that returns must be commensurate with the risks taken.

The Policy is formulated, revised and administered by the Risk Management and Compliance Committee as authorized by the Board of Directors, with the view to ensure that the Bank’s risks are effectively managed.

Compliance Policy

The adoption of the Compliance Policy reflects the Bank’s commitment to abide by all relevant laws, regulations and standards in order to mitigate and eliminate the risk of violations of law, regulations and ethical standards.

The policy is intended to present how the Bank defines compliance and how it manages non-compliance risk.

Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT) Policy

The AML/CFT Policy seeks to protect Vattanac Bank from being used, intentionally or unintentionally, for money laundering or terrorist financing activities. The policy also aims at ensuring that the entire Bank’s domestic and international financial transactions are not in any way used in money laundering or in financing of terrorism. More importantly, this policy protects the Bank from regulatory sanctions and safeguards the Bank’s good reputation.

To support these objectives, the Bank takes a proactive approach to monitor and review the compliance program and control mechanisms such as customer acceptance policy, suspicious transaction reporting system and detection mechanism.

All operations staff are required to attend the AML/CFT refresher training once a year and pass the post-training test. This training requirement is one of the compliance strategies to strengthen staff’s AML/CFT education and awareness that is a key deterrent to any attempt to improperly use the Bank’s services and products.

Whistle Blowing Policy

As part of the Bank’s corporate governance, the Whistle Blowing Policy, Procedure and Guidelines was established and implemented to make the Bank fully and consistently compliant with NBC’s Prakas on Internal Controls in Banking and Financial Institution.

The policy encourages the Bank’s management and staff, customers, suppliers and other external parties to disclose or report any concern or misconduct committed by the Bank’s staff. The disclosure in good faith, whistle blower protection and confidentiality are the principles included in the policy.

Information Technology Policy

The Information Technology Policy sets the standard for performance and properly articulates the bank’s IT objectives and its required Information Technology services in order to maintain financial soundness, ensure business continuity, and mitigate risk. It helps to deliver effectiveness, reliability, scalability and security through efficient use of Information Technology system.

The Information Technology Policy incorporates IT principles to control and safeguard IT assets that include the Business Continuity Plan and Disaster Recovery Plan, and to ensure the security of Data Center and the Back-up System Center.

New Activities and Products (NAP) Policy

The New Activities and Products (NAP) Policy was formulated in compliance with the Prakas on Corporate Governance and Prakas on Internal Control in Banks and Financial Institutions.

The Policy sets the objectives to assess and evaluate the strategies, procedures and operations related to new activities and products in order to ensure success and risks mitigation prior to any public launch.

Code of Ethics

The Bank’s Code of Ethics requires all Vattanac Bank employees, including its directors, management and staff to possess high integrity, honesty, accountability and morality.

The Code provides guidelines for Vattanac Bank’s employees to:

  • Avoid conflict of interest,
  • Avoid misuse of position,
  • Prevent misuse of information received through the Bank’s operations either for personal gain or for any purposes other than the fulfillment of his or her tasks for the Bank,
  • Ensure completeness and accuracy of relevant records,
  • Respect the privacy of customers and ensure the confidentiality of their transactions, and
  • Provide fair and equitable treatment to all customers and others who have a relationship with the Bank.

Confidentiality Policy

Observing confidentiality of business relations and transactions between the Bank and customers is essential in upholding the Bank’s reputation. All employees are required to ensure confidentiality of customers’ information and transactions including the following:

  • No staff or Director shall, during or after termination of his/her employment with Vattanac Bank, divulge or make use of any information, copyrighted materials, correspondence, accounts or dealings of the Bank or its customers for his/her personal benefit.
  • No business and financial information about any customer shall be used or disclosed to third parties without prior written consent of the customer, unless in accordance with the arrangements for the exchange of information between banks about credit risks, or when disclosure is required by law.