Risk Philosophy

Yoma Bank’s risk philosophy is based on its commitment to be the “Responsible Bank” in Myanmar. Yoma Bank commits to accept risk in supporting the development of the economy, in assisting foreign business to invest in the country and local entrepreneurs to build businesses and expanding banking access for farmers and urban consumers. 


Risk Management

Under Yoma Bank’s Risk Management Structure as shown in the following diagram, the Risk Management team together with the business and branch support units identify the respective risks, facilitate risk and control assessments and redundant. 



Risk Governance

Effective risk management starts with effective governance. Yoma Bank is committed to sound corporate governance practice. Board of Directors oversees the corporate governance structure to ensure that the Bank’s Business activities are:

  • aligned with the Bank’s long-term strategic objectives,
  • governed by an effective risk and control framework which enables all material risk to be identified, assessed and managed and
  • carried out within the defined risk appetite of the Bank.

The Board is assisted by Risk Oversight Committee which oversees the Bank’s risk management framework and practices with particular emphasis on credit, market and liquidity risk, and other operational and macroeconomic risk components that may affect the Bank’s business.

Risk Oversight Committee delegate responsibility related to risk management to the following sub-committees

  • Executive Credit Committee (ECC)
  • Asset-Liability Committee (ALCO)
  • Product Committee

The Chief Executive Officer (CEO) and the Chief Risk Officer (CRO) are both responsible to ensure implementation of the risk policies and procedures approved by the Board and Risk Management Oversight Committee across the Bank.

Executive Credit Committee (ECC)

The ECC mandate is to provide an oversight of the Bank’s credit activities on behalf of the Board. The ECC is responsible to ensure that suitable credit risk policies, underwriting standards, risk measurement and approval limits are developed and applied. The ECC monitors compliance with credit policies and the portfolio risk profile to ensure that it is consistent with the defined risk appetite. It will review and approve requests for credit as per Credit Risk Delegation of Authority. Lower level credit approving authorities have been delegated to joint authority of heads of business, credit or risk or to the Junior Credit Committee (JCC) or to the deputy heads/head of Credit Risk Department as defined in the delegation of authority. To ensure that the quality of the loan portfolio is sound and within the approved credit risk profile, the ECC will periodically review credit risk monitoring reports. In addition, the ECC will also ensure compliance with Central Bank of Myanmar (CBM) regulations, relevant laws and any other legal obligations or agreements that Yoma Bank has. The ECC function shall also include: review of the credit strategy, recommending changes where necessary, and review credit products and programs prior to submission to Risk Oversight Committee.


Asset-Liability Committee (ALCO)

The ALCO mandate is to ensure the implementation of the Asset-Liability Management (ALM) policy and oversight of the risks prescribed within it. ALM covers the following key functions and risks: capital adequacy; liquidity; interest rate risk; foreign exchange; other market risks. The ALCO has a key strategic role to: manage the structure of the Bank’s balance sheet; determine pricing for all banking products; and ensure that capital and liquidity are adequate to support the projected business growth plans and in compliance with relevant regulations and standards, including all other related legal obligations and covenants that the Bank has.


Product Committee

The Product Committee Mandate is to ensure new products and services are developed in accordance with product policy, risk appetite and in response to market demands.  The Committee also reviews product performance and considers necessary modifications to existing products including sunset clauses/actions.  


Three Lines of Defence

Risk management is the responsibility of every employee in the Bank. This is executed through a corporate governance structure that provides 3 Lines of Defence as follows:

The business units (1st Line of Defence) are responsible for real-time operational focus, embedding sound risk management practices in standard operating procedures. They monitor risk management performance in operation, and are accountable for its effectiveness.

The Risk Management Division (2nd Line of Defence) will be responsible for real-time monitoring and review. The RMD will develop the Risk Management framework (policies, systems, processes, tools) and ensure  that the framework covers risk identification, assessment, response, controls, information, monitoring and reporting.

Internal Audit (“IA”) (3rd Line of Defence) is responsible for independent assurance to the Board. IA reviews the effectiveness of the risk management and control framework, confirms the level of compliance to regulations, and other limits and requirements as defined in the Bank’s policies. IA identifies significant internal control deficiencies or material weaknesses and monitors changes needed to mitigate the issues.