Guidelines for the Compliance Risk Management of Commercial Banks (3)
Source: CBRC View: 579 Date: 2011-05-16

Chapter III Functions and Duties of the Compliance Management Department


Article 18 The compliance management department shall, under the guidance of its person-in-charge, assist the senior management to effectively recognize and manage the compliance risks, if its commercial bank is faced with, and perform the following fundamental functions and duties:

(1) Paying continuous attention to the latest development of the related laws, rules and standards, correctly understanding the provisions and spirit of the related laws, rules and standards, accurately understanding the impact of the related laws, rules and standards on the business operation of the commercial bank, and putting forward corresponding suggestions on compliance to its senior management;

(2) Instituting and carrying out the plans of compliance management which focus on risks, including the implementation and appraisal of special policies and formalities, appraisal on compliance risks, compliance testing, compliance training and education, etc..

(3) Examining and appraising the compliance of all policies, formalities and operational guidelines of the commercial bank, organizing, coordinating and supervising and urging all business lines and the internal control department to sort of and revise the related policies, formalities and operational guidelines, and guaranteeing that all policies, formalities and operational guidelines comply with the requirements of the related laws, rules and standards;

(4) Helping the related training and education departments to implement compliance trainings, including the compliance trainings of new staff members as well as the periodic compliance trainings of all its staff members, and functioning as the internal communication department for staff members to consult the related matters of compliance;

(5) Organizing the institution of the formalities for compliance management as well as such compliance guidelines as compliance booklets and behavioral code of its staff members, appraising the formalities for compliance management and the appropriateness of compliance guidelines, offering guidance to its staff members on proper implementation of related laws, rules and standards;

(6) Recognizing and appraising the compliance risks in relation to the business operation of the commercial bank actively, including conducting the necessary examination and testing for the development of new products and services, recognizing and appraising any compliance risk arising from the development of any new business mode, establishment of new customers’ networks or change of nature of the bank’s relationship with its customers.

(7) Collecting and choosing the data that may indicate potential compliance problems, such as increasing index of customers’ complaints and abnormal transactions etc., establishing a supervisory index of compliance risks, and determining the preferential sequence of compliance risks to be considered in accordance with the possibility and impact of compliance risk occurrence measured by the risk matrix;

(8) Carrying out enough and representative appraisal and testing of compliance risks, including testing through on-the-spot examination on the compliance of all policies and formalities, inquiring the existing defects in the policies and formalities, and making corresponding investigation. The result of a compliance testing shall be reported in accordance with the formalities for internal risk management of commercial banks through the reporting line of compliance risks so as to ensure that all policies and formalities comply with the requirements of related laws, rules and standards; and

(9) Keeping daily contact with its supervisory organ, and tracing and appraising the implementation of supervisory opinions and supervisory requirements.

Article 19 A commercial bank shall allocate the resources for effectively performing the compliance management for its compliance management department. A person who engages in compliance management shall have the qualification, experience, expertise and individual quality corresponding to his/her functions and duties.

A commercial bank shall offer systematic and professional technical trainings to its personnel who engage in compliance management, especially technical trainings in such aspects as correct master the latest development of the related laws, rules and standards as well as their impacts on the business operation of the commercial bank.

Article 20 The persons-in-charge of all business lines or branches or sub-branches of a commercial bank shall take primary responsibility for the business operation of their lines or departments.

A commercial bank shall, in accordance with the business scope of its lines of business and the branches and sub-branches as well as the operational scale, set up the corresponding compliance management departments.

The compliance management departments of all business lines and the branches and sub-branches of a commercial bank shall, in accordance with the formalities for compliance management, actively recognize and manage the compliance risks and report the related information in time through the reporting lines in accordance with the reporting requirements of compliance risks.

Article 21 A commercial bank shall establish a coordination mechanism between the compliance management department and the risk management department in respect of compliance management.

Article 22 A commercial bank shall separate the functions and duties of compliance management from the function of internal auditing, and the performance of compliance management shall be subject to independent appraisal by the internal auditing department periodically.

The internal auditing department shall be responsible for the auditing on compliance among all business operations of the commercial bank. An internal auditing plan shall include an auditing appraisal on the appropriateness and effectiveness of the functions and duties of compliance management. An appraisal on compliance risks shall be included in the measures for risk appraisal in the internal auditing.

A commercial bank shall specify the functions and duties of compliance risk appraisal and compliance testing between the compliance management department and the internal auditing department. The internal auditing department shall notify the result of compliance auditing to the related persons-in-charge of compliance.

Article 23 A commercial bank shall specify its reporting lines of compliance risks as well as the elements, format and frequency of a report on compliance risks.

Article 24 The overseas branches or sub-branches or affiliated institutions of a commercial bank shall strengthen the functions of compliance management. The organizational structure of the compliance management functions shall accord with the local laws and requirements of supervision.

Article 25 The board of directors and senior management of a commercial bank shall guarantee that the outsourcing of the work of the compliance management department shall comply with local laws, rules and standards.

A commercial bank shall guarantee that any outsourcing work of the compliance management department be under a proper supervision of its person-in-charge of compliance and will not hamper an effective supervision by China Banking Regulatory Commission.

Devott Publications
The Selection of the TOP Global Outsourcing Destinations – China TOP 15 (TGOD China TOP 15) Ended and Its Rankings and Research Reports are Now Available Worldwide