Following the global financial crisis, regulators globally have introduced tougher regulations with enhanced monitoring. The CBB Rule-book and the Basel paper on ‘Compliance functions in banks’ set standards for banks’ compliance functions.
The CBB Rule-book is module-based and contains ‘requirements’ and ‘guidelines’ for banks. Module-specific requirements may involve multiple functions and processes. Each task has to be assigned or delegated, roles and responsibilities must be defined and a monitoring mechanism has to be established for on-going compliance.
Compliance levels must be periodically reviewed. Featuring examinations of internal policies, procedures and checklists – as well as discussions with relevant decision makers – our compliance reviews are both module- and function-based.
The process includes:
- Reviewing the tools used to determine compliance status
- Creating module-specific checklists of key requirements and actions
- Determining monitoring requirements by module
- Assessing how date-sensitive reporting requirements are monitored
- Reviewing compliance set-up – centralised, de-centralised or hybrid
- Assigning ownership with defined actions and target dates
- Reviewing annual compliance plans for risk-based checks
- Reviewing the process of reporting to boards and management
- Assessing annual disclosures, corporate governance reporting and CBB reporting
Keypoint’s review model considers qualitative (empirical) and quantitative (specific) regulatory requirements based on criticality. In discussions with the head of the compliance function and others involved in the implementation process, our FRC team examines policies, procedures and processes.
After assessment, compliance levels are scored. Based on risk-weighted parameters, a final score indicates the level of overall compliance. Keypoint’s customised process identifies gaps and recommends steps to enhance compliance.
Compliance function reviews include:
- Benchmarking of the compliance function against CBB regulations and leading practice
- The roles, responsibilities and authorities of the compliance function leader
- Compliance charters, frameworks and manuals
- Compliance monitoring tools
- Reporting structures and processes
- Stakeholder communications
- Annual checks on compliance programmes
- Monitoring of submission of reports to the CBB and other regulators
- Processes for handling non-compliance and issues of concern
- New product approval processes
- Gap assessments