Compliance and AML - postbank english
Compliance means conforming to stated requirements. at an organizational level, it is achieved through management processes which identify the applicable requirements (defined for example in laws, regulations, contracts, strategies and policies), assess the state of compliance, assess the risks and potential costs of non-compliance against the projected expenses to achieve compliance, and hence prioritize, fund and initiate any corrective actions deemed necessary.
Non-compliance with laws, regulations, executive rules in banking operations as well as risks related to the implementation of standards, it can harm the reputation of the bank.
Many banks differ in how they operate, but one thing they have in common is a compliance department.
Compliance department of banking operations, acts on two levels.
Level 1 - compliance with foreign laws that have been imposed on an organization as a whole.
Level 2 - compliance with the internal control systems to achieve compliance with externally imposed rules.
Our goal is to adapt the Basel compliance concept (Basel 2 and 3) and
the methodology on which it is based.
Essentially, the Basel regulations created two main objectives to which banks are held accountable by their regulator.
These two main objectives are:
1- Sufficient funding of all the material risks to which banks are or could be exposed; in short, the ability of banks to live up to their financial obligations and liabilities.
2- Transparent standardized reporting to regulators and other public stakeholders, for example shareholders. Through standardized reporting, the objective is to create a level playing field in the European banking market and more accurately assess and compare banks.
To achieve this banks have implemented a more or less sophisticated risk management approach that takes care of managing all material risks and related funding on a daily basis over the years. This has affected all aspects of the business operation, from extending the expertise of actuaries and asset managers to new governance structures and procedures, additional new reporting and IT/data quality and security. Ultimately, all aspects should be supported by a risk-based approach on a continual basis. Implications of the regulations are far reaching. In some cases, walls have been raised between business silos, hindering transparency and sometimes even preventing the exchange of crucial data. As responsibilities have adjusted, more intense cooperation between departments is needed.
Lastly, more detailed control and monitoring of risk related tasks in all relevant parts of the company is initiated.
It is fair to ask whether banks are ready in terms of maturity to effectively and efficiently implement and embed such an integrated risk governance structure and process for Basel III, given the silo based risk management approach of the bulk of banking organizations.
Years of experience with Basel II has created learning curves for all involved. Now it is time to incorporate an integrated approach for
Basel risk handling, so managerial control and assurance can be simplified and make Basel less of a burden for the entire organization.
We intend to implement integrated risk management can provide the conditions for the implementation of Basel 3.
So the first step is to fully implement corporate governance, compliance departments have formed.
Policies and strategies of compliance
Policies and strategies of compliance must specify the principles that all employees and managers should act within its framework.
These principles include:
1 - Code of Ethics employees (with an emphasis on staff that its commitment to the principles and ethical values, compliance with laws, regulations and standards will have a significant impact on their organizational position)
2. Establish the position of compliance department in the bank 3-functional and responsibilities of compliance department
4 Jurisdiction of the compliance Department (including the enjoyment of the right to communicate simultaneously with each of bank employees and receive any evidence or documents in the archives, in order to perform related tasks)
5-tasks and jurisdiction of the Department compliance Manager
6. Supply of independence compliance department and its staff, in particular, in terms of prevention of any conflict of interest between the duties of the director of the Department of compliance with the head of internal audit as well as other units.
7. The reporting requirements for compliance risk
8. How to audit compliance department
Duties and responsibilities of departmental compliance:
1-Developing criteria to ensure the independence of these units
2. The compliance department with regard to risk management and internal audit units
3- How to allocate responsibilities to staff, at a time when the compliance responsibilities of various department's employees have been laid.
4- The unit right of access to information necessary and duties of bank staff in cooperation with the unit to provide information to perform responsibilities assigned to this unit
5. The right to address the potential violations and compliance policy violations and, if necessary, the appointment of experts outside the bank to do so
6. The right to free speech and disclosure of the findings of this unit to
/ for senior executives and, if necessary, the Board of Directors or a committee appointed by the Board of Directors
7. Responsibility in relation to formal reporting to senior management and so on
8. The right of direct access to the board of directors or a committee appointed by it
9. In relation to compliance with laws, regulations Standards, in particular, the latest developments related to them through the provision of Operational guidelines and practices to help senior management.
10. Continually latest developments in the laws, regulations and standards would have to be pursued. , An understanding of materials
and achieve their true meaning. The exact impact of developments and changes in laws, regulations and standards on the activities of the enterprise would have to be identified. Accordingly, its recommendations on how to comply with the above, to provide senior management.
11. The compliance risk management programs (including implementation and evaluation of policies and specific procedures, compliance risk assessment, compliance testing), make Executive. And appropriate recommendations to senior management provide compliance risks.
12. In cooperation with the Subcommittee on compliance risk management, a practices for the duties to staff compliance, would have to be developed. And then approved by senior management, the employees will work as a practical guide.
13. The observance all policies, procedures and guidelines for banking supervision and internal control lines and business executives bank request that the policies, procedures and guidelines related to its review and to the implementation of the laws, regulations, standards of reliability sure.
14. Identify the risk level in the bank's compliance in products and processes play a major role. And in this regard, the guidelines provide for execution units or written plans to propose to the Board of Directors to reduce the risk of compliance or Risk Management Committee. Periodically violations of laws, regulations and standards as well as guidelines to inform senior management take to prevent this risk.
15. The precautionary approach, compliance risks associated with new products and processes to make the assessment. For this purpose, processes and products to be analyzed. And by controls necessary to provide a product or process started, it's an appropriate way to identify and reduce risk.
17-in the development of new products and services, expanding a new business area, Establish network connections with new customers or change the nature of the relationship banks with customers, to identify and evaluate the compliance risks.
17. In the case of cross-border activities are complied with laws, regulations and standards of the host country, the individual fluent in local laws, ensure that they compliance with laws, regulations and standards in the countries where the Bank operates.
18. As the only authority allowed to explain and interpret the laws, regulations Standards in the bank, is responsive to inquiries received from the working unit.
19. Continuous communication with units of banking supervision and enforcement of rules and recommendations that followed each of the units of the bank.
20- in ways measures (e.g. using key performance indicators and key risk indicators), compliance risks and improves the performance of the bank's compliance department.
21- will gathered information. (Such as complaints increased markedly, unusual operation), which outlines the Bank's compliance problems.
22. Department of compliance, measures Compliance Risk Index and determines the optimum time sequence which should be evaluated and monitored compliance risks in terms of likelihood and impact.
Compliance department effective cooperation with educational centers, for training employees need.
The independence of the compliance department:
Compliance department should be independent so requires the realization of the concept of independence is as follows:
1- The compliance department have official status within the bank.
2- Compliance department has been created centralized, so that employees are active in this department and do not active in any way in the executive units else.
3- Compliance staff have access to the information and other staff that needed to carry out their responsibilities.
4- All executive units in the bank, with compliance departments cooperate.