This Resolution, published by Romania’s Financial Supervisory Authority sets out the corporate governance principles that came into force on 1st  January 2017 that are mandatory for companies that are authorised, regulated and supervised by this body.

The document is divided into 6 chapters which broadly cover the responsibilities of the Board of Directors and senior management, how to handle conflicts of interest and the risk management function.

It establishes that supervised institutions must have a system of corporate governance that meets the following minimum requirements:

• Transparent and appropriate organisational structure
• Allocation and appropriate separation of functions
• Effective risk management policy
• Mechanisms, policies and strategies for internal control
• Policies for communicating and disseminating information
• Procedures for preventing the publication of sensitive information

Furthermore, the members of the Board and senior management must have experience and be competent to fulfil their role, act with integrity and promote the good name and continuity of the company.

Board of directors

The structure and size of the Board must be commensurate with the nature and complexity of the institution in question. In any event, such advisory committees as are considered necessary to provide support on specific subjects may be set up.

The functions of this organ relating to the application of corporate governance principles must be set out in the company's bylaws and developed in internal organisational and operational regulations. In any event, the Board will be responsible, at the very least, for:

  Defining the company’s strategy and approving its business plan;

• Ensuring compliance with applicable legislation in the area of information reporting to the financial supervisory body;
• Analysing the suitability and effectiveness of the company’s risk management system and its internal control systems;
• Defining the remuneration policy in such a way as to be consistent with the approved business plan, the institution’s aims and its long-term continuity;
• Designing a policy for communicating with stakeholders that ensures fair treatment of shareholders, timely dissemination of information and a transparent communication framework ;
• Monitoring the results of senior management’s actions, at least once every six  months;
• Analyse the company’s activities at least once a year;

Senior management

Senior management shall be responsible for the management, supervision and proper performance of the regulated entity, including the implementation of policies, strategies and achievement of the objectives defined by the Board of Directors.

Members of senior management shall work within a defined framework, with specific aims, and must have the necessary experience and skills to carry out their duties.

They will be in permanent contact with the Board of Directors, supplying them with timely and relevant, complete and accurate information about the company’s activity and its financial situation.

Managing conflicts of interest

The Board of Directors must ensure responsible conduct throughout the organisation, such that minimises the risk of creating conflicts of interest. To this end, it shall define and guarantee the implementation of procedures that enable potential conflicts of interest that might arise to be identified, and establish a way of managing these.

In any event, such conflicts of interest as may arise during the financial year must be reported to senior management and to the Board of Directors.

Risk management

The company must apply risk management procedures and strategies commensurate with the risk appetite and tolerance approved by the Board, which in any event should contain a definition of:

• The risk types identified and the manner of assessing and managing them;
• The risk tolerance limits for each type, in compliance with applicable legislation;
• The frequency of stress tests conducted and what they consist of.

Both the Board and senior management must ensure that the entity applies the procedures established. Moreover, the risk management system must be assessed at least once a year in order to analyse how it is working and introduce improvements as needed.

Annual report

In their annual reports, supervised entities must declare their compliance with the principles contained in the Resolution, using the model attached in the appendix, explaining the reasons for any failure to comply.