CAIIB ABM Module D Unit 3 : Compliance Governance Structure

21/08/2023

Table of Contents

CAIIB Paper 1 ABM Module D Unit 3 : Compliance Governance Structure (New Syllabus)

IIBF has released the New Syllabus Exam Pattern for CAIIB Exam 2023. Following the format of the current exam, CAIIB 2023 will have now four papers. The CAIIB Paper 1 (Advanced Bank Management) includes an important topic called “Compliance Governance Structure”. Every candidate who are appearing for the CAIIB Certification Examination 2023 must understand each unit included in the syllabus.

In this article, we are going to cover all the necessary details of CAIIB Paper 1 (ABM) Module D (COMPLIANCE IN BANKS AND CORPORATE GOVERNANCE) Unit 3 : Compliance Governance Structure, Aspirants must go through this article to better understand the topic, Compliance Governance Structure and practice using our Online Mock Test Series to strengthen their knowledge of Compliance Governance Structure. Unit 3 : Compliance Governance Structure

Organisational Structure

The organisational structure of Compliance function could be as under.

Board of directors
Audit Committee of Board (ACB)
Managing/executive director
Independent Compliance department headed by Chief Compliance officer
Compliance Function at verticals in Corporate Office.
Compliance Function at Field offices – Field General Managers offices (wherever exist) – Regional Offices, Zonal Offices – Branches

Responsibility Of The Board And Senior Management

Compliance starts at the top
It will be most effective in a corporate culture that emphasises standards of honesty and integrity and one in which the board of directors and senior management lead by example.
Board/Audit Committee of Board/Managing Director & CEO shall overview the compliance function in terms of business needs and volume applicable to the Bank and the reporting lines of CCO to the Top management in this review process shall be properly documented in the Compliance Policy of the Bank.
The Compliance policy shall be approved by the Board.
Accordingly, the CCO shall report to the Board/ Audit Committee of Board/MD & CEO.
If as per policy CCO reports to MD & CEO, CCO shall also report to ACB/Board independently as per frequency vide Compliance Policy.

Responsibility of the Board of Directors

The Board of directors shall:

Ensure an appropriate compliance policy is in place in the bank to manage compliance function and also overseeing its implementation.
Ensure compliance issues are resolved effectively and expeditiously by senior management with the assistance of CCO & compliance staff.
Ensure there is no potential for any conflict of interest & that the activities of the compliance function are subject to independent review at least once in 3 years and the compliance function & the audit function of the bank are necessarily being kept separately.
Review compliance functions on a quarterly basis and an annual review of status in implementation of compliance functions to be carried out.
If necessary, the Board may delegate these tasks to the audit Committee of the Board (ACB).
Besides, periodical review on status of audit Functions & performance thereon, Board issues directions for improvement in adherence to Systems & procedures & its auditing System, as such this job may also be assigned to Audit Committee of the Board.
The Companies act, 2013 casts the responsibility on the directors to devise proper systems to ensure compliance with the provisions of all applicable laws, and also to ensure that these are adequate and operate effectively.

Responsibility of senior management

Selection of the candidate for the post of the CCO shall be done on the basis of a well-defined selection process and recommendations made by the senior executive level selection committee constituted by the Board for the purpose.
The selection committee shall recommend the names of candidates suitable for the post of the CCO as per the rank in order of merit and Board shall take final decision in the appointment of CCO;
A prior intimation to the Department of Supervision, Reserve Bank of India, Central Office, Mumbai, shall be provided before appointment, premature transfer/removal of the CCO.
Such information should be supported by a detailed profile of the candidate along with the ‘fit and proper’ certification by the MD & CEO of the bank, confirming that the person meets the above supervisory requirements, and detailed rationale for changes, if any;

The bank’s senior management with the assistance of the Compliance department shall ensure the following activities:

To apprise the Board and senior management on regulations, rules and standards and any further developments
To provide clarification on any compliance related issues.
To conduct assessment of the compliance risk (at least once a year) and to develop a risk-oriented activity plan for compliance assessment. The activity plan should be submitted to the ACB for approval and be made available to the internal audit.
To report promptly to the Board/ACB/MD & CEO about any major changes/observations relating to the compliance risk.
To periodically report on compliance failures/breaches to the
Board/ACB and circulating to the concerned functional heads.
To monitor and periodically test compliance by performing sufficient and representative compliance testing. The results of the compliance testing should be placed to Board/ACB/MD & CEO.
To ensure compliance of Supervisory observations made by RBI and/or any other directions in both letter and spirit in a time bound and sustainable manner.
At least once a year, to identify and assess the main compliance risk facing by the bank and formulate the plans to manage them.

Compliance Structure At The Corporate Office

Compliance department having formal status

Should be set up at the Central office/Corporate Office/Head office.
It shall have a senior executive of the bank, preferably in the rank of a General Manager or an equivalent position (not below two levels from the CEO) designated as Chief Compliance officer with overall responsibility for coordinating with the assistance of the functional departments.
It enables the identification of Compliance issues in the banks and management of the bank’s compliance risk and supervising the activities of compliance function assigned to the staff.
The CCO could also be recruited from market.

Following shall be the basis for identification of Compliance requirements:

Master Circulars/master directions of RBI consolidated and updated
RBI guidelines issued from time to time
Various laws/statutes applicable to banks
Bank’s internal guidelines and policies

Following shall be the basis for assessment of Compliance Risk:

Regulatory Focus
Nature of activity – whether inherently high risk in nature
Bank’s exposure to it – materiality
Any breaches reported in the past – history

The Chief Compliance officer shall be the nodal point of contact between the bank and the Regulator (RBI).

However, in cases where activities of the bank are not limited to the banking sector, the directions are also received from other regulators such as IRDA, SEBI, etc.
These directions shall also be a part of compliance functions of the bank.
Compliance officers for IRDA, SEBI or other regulators shall continue to remain separate.
In case of discomfort conveyed to the bank on any issue by other regulators, it shall be the duty of the concerned Compliance officer to bring it to the notice of the RBI through Chief Compliance officer of the bank.

Compliance Department shall Place the following MIS

Monthly report through EDs/CMD to the Board on status of Important RBI/MOF communications with the steps taken by functional departments on this communication.
Quarterly report to ACB on status of Compliance Function.
Summarised quarterly report to ACB on status of compliance of RBI/MOF communications. – To enable the Compliance department to submit the said report functional departments shall ensure that all RBI/MOF communications and communications received from self-regulatory bodies like IBA/ FEDAI/FIMMDA are attended to and feedback on its compliance is given to Compliance department, Central office within a period of 7 days.
Yearly report to the Board on assessment of Compliance Function/Risk.
Report to the Board, whenever exceptions are noticed, i.e., all material compliance failures which may attract significant risk of legal or regulatory sanctions, financial loss or loss of reputation (Compliance reporting is to be made on an exception basis.)
Report to ED/CMD on the results/findings of the test checking of certain key compliance issues on random sample basis.

Chief Compliance Officer Participation in Committees

The CCO shall not be member of any committee which brings his/her role in conflict with responsibility as member of the committee, including any committee dealing with purchases/sanctions.
In case the CCO is member of a committee, he/she may have only advisory role.

The Chief Compliance Officer may be a member of or invitee to the following committees:

Audit Committee of Board (ACB)/Audit Committee of Executives (ACE).
Credit Risk Management Committee (CRMC).
Committee for Operational Risk Management (CORM).
The Product Group Committee.
The Managing Director & CEO/Executive Directors may decide upon the Chief Compliance Officer’s participation in any other committees.

Functional Departments

The functional departments at Head Office will put in place systems for meticulous compliance of statutory, regulatory and internal guidelines by all the concerned under their control while carrying out the business operations.
Any breaches/failures of compliance noticed by them in their area of operations should be promptly reported to the Compliance Department.
The Compliance Department will scrutinise such breaches/failures of compliance and guide the functional departments with measures for rectification and prevention.
All the Functional Heads at Central office shall designate a senior officer in the department minimum in scale iv or v to act as Compliance officer for identifying and assessing compliance risk pertaining to their functional area and the same should be discussed with the functional head, accordingly, a mitigation plan shall be prepared in coordination with compliance department for onward submission to the Compliance department.
The designated compliance office shall be responsible for all types of reporting within a time bound manner.

Key functions of the designated compliance officer for the department for their Functional area with appropriate oversight of the functional head are, as under:

To identify compliance functions/issues pertaining to their Functional department based on regulatory/ statutory guidelines issued and send consolidated list of compliance functions/issues so prepared to Compliance department.
To act on compliance issues identified by Compliance department and respond to them
To monitor compliance of all regulatory and statutory guidelines as well as internal policy guidelines and report to Chief Compliance officer, Compliance department at Central office as per stipulated frequency and any breaches/non-compliances observed.
To maintain proper registers for returns covering regulatory/statutory and internal guidelines and monitor and follow up with the originating units regarding its timely submission.
To ensure timely submission of regulatory returns as per the calendar of returns.
To ensure that stipulated agendas/review notes are placed before the Board, audit Committee of the Board (ACB), Supervisory Committee on Risk management as per the calendar of reviews.
To interact with Compliance department, Central office in case of any clarification.
To extend necessary cooperation in the process of compliance testing.
To share their views/suggestions arising out of their experience and knowledge of Compliance Function in their functional area.

Role of Functional Departments

The functional department at HO should lay special thrust on building up compliance culture; vetting of the quality and integrity of information pertaining to supervisory/regulator compliance data/ information/ reports before its submission to RBI by the top executives, non-executive Chairman/ Chairman and ACB of the bank, as the case may be.
The concerned functional departments would hold the prime responsibility for their respective areas for monitoring compliance with the regulations, internal policies and procedures and reporting to Management, while compliance department would ensure overall oversight.
If serious gaps are observed in such compliances, the compliance function should take necessary corrective action in coordination with functional departments and with the Chief Compliance Officer.

Compliance Structure At Field Levels

The Branch manager and staff at the branches play a crucial role in compliance function as the products of the Bank are delivered and serviced through them.

Conflict of interest of managing the compliance risk and business development cannot be avoided at this level.

However, it shall be ensured that the potential conflict of interest is not allowed to come in the way of compliance function.
Therefore, the Branch manager, accountant and other officers are primarily responsible for compliance of rules and regulations.
Branch manager will also function as Compliance officer for his branch.

Compliance Officers should be designated in FGM/Zonal Offices/ Regional Offices and will perform the compliance function under close coordination of Compliance department at Corporate office/ Head office.

These Compliance Officer shall be directly reporting to Chief compliance officer of the Bank.
The departmental heads in FGMO/ZO/RO are equally responsible for managing the compliance function pertaining to their functional area.

The Compliance Officers in in FGMO/ZO/RO are also required to apprise the FGM/ZM/Regional Head about the level of compliance and breaches observed, if any, so that prompt corrective action is taken.

The Compliance Function at RO/ZO/FGMO shall Undertake Following Actions:

To report to Compliance department at Central office.
Status of compliance pertaining to their command area including all branches and functional departments shall be submitted on quarterly basis to Compliance department HO in the format devised for the purpose.
Breaches observed (immediately after breaches are noticed through audit reports or through visit reports of the Branches) to be reported/escalated and necessary corrective action measures to be taken.
The structure and role of the FGM/Zonal Offices/Regional offices was unveiled recently to mirror the organisation, Structure of Corporate office which among other things states that: “Compliance to laid down systems and procedures, rules and guidelines are integral to an efficient Zonal/Regional Management System.

The newly created Internal Control and Inspection department will be overall responsible for coordination at the Zonal Office/Regional office.

Each of the functional departments will ensure proper adherence to the areas of compliance. Wherever required, they will also maintain proper documents and records in fulfilment of the compliance requirements”.

Internal Control and Inspection department shall cover compliance related issue in their routine inspections through the matrix prepared for the purpose by including laid down systems, procedures, rules and guidelines for Zonal Office/Regional office as well as for all the branches reporting to Regional office.
Role of Zonal Office/Regional office as regards Compliance Function in Branches is that of handholding, trouble shooting and monitoring.

Compliance Functions at Overseas Centres

Each Centre covering a cluster of foreign branches/representative offices will have an independent Compliance Department headed by local compliance officer, preferably or/and an India Based Officer in the level of Scale III/IV supported by local staff.
The Compliance Officer (CO) of the centre may also be a local staff if mandated by the Host Regulator.
A local staff may also be the Compliance Officer where the local language necessitates such an arrangement.
He/She will be known as “Compliance Officer” of the centre.
Wherever required, the Compliance Officer of the Centre may be assisted by a Compliance Officer at the branches under the centre wherever such arrangement has been created as per host country regulations.
The Chief Executive of the centre will assess the staff requirement of the Compliance Department

The Compliance Officer of the centre should have the knowledge of various statutory and regulatory guidelines prevailing in host country/centre and also bank’s internal guidelines, general or specific for the centre/branch.

The Compliance officer of the centre will have a dotted line direct reporting to the CCO.
The Chief Compliance Officer/General Manager (International Division) will provide guidance and directions on the compliance issues at the centre to the Chief Executive and the Compliance Officer of the centre.
A dedicated overseas compliance desk at HO-Compliance shall ensure effective oversight on the overseas operations and ensure timely reporting to the Top Management/ACB/Board/RBI.

Role of Learning and Development Department:

In order to keep the compliance staff up-to-date with developments in the areas of banking laws, rules and standards, the Learning and Development Department will arrange regular and systematic education and training to the compliance staff in new products and services introduced in the bank as well as in Corporate Governance, Risk Management, Supervising practices, etc.
All training institutes/centres of the bank should ensure to have content pertaining to compliance function in each training schedule to educate the functional staff on the objective and importance of compliance function in the bank and the need for observances of the compliance guidelines.
The Learning & Development department will also ensure to include compliance related modules in administering e-learning process in the

Download PDF

CAIIB Paper 1 (ABM) Module D Unit 3-Compliance Governance Structure ( Ambitious_Baba )