Financial Crime World

Bank’s Probity and Compliance Functions Under Scrutiny

The Bank of Cyprus’ probity and compliance functions have come under scrutiny as part of efforts to ensure that all members of the Board and Senior Management are held to the highest standards of integrity and ethics.

Review of Probity and Compliance Functions

According to sources, the Bank has been conducting a thorough review of its probity and compliance functions to assess their suitability in line with European Banking Authority (EBA) guidelines and relevant Central Bank of Cyprus (CBC) directives. The review is being conducted on an ongoing basis, with reports submitted annually to the Board of Directors and the CBC.

Assessment of Governance Framework

The assessment covers all members of the Board and Senior Management, as well as the Bank’s compliance division, internal audit function, and risk management division. The aim is to ensure that these functions are operating independently and effectively in identifying and mitigating risks, as well as ensuring the Bank’s compliance with relevant regulations and directives.

Annual Board Performance Evaluation

The Bank has also been conducting an annual Board performance evaluation in coordination with the National Committee for Governance and Compliance (NCGC). The report on this evaluation is submitted to the Board of Directors and the CBC, providing a comprehensive overview of the Bank’s governance and compliance framework.

Financial Crime Compliance

  • The Bank’s Financial Crime Compliance function has been monitoring anti-financial crime activity through various means, including:
    • Investigation of alerts generated by its Anti-Money Laundering (AML) system
    • Assessments of cash-based business clients
    • Internal suspicious activity reports
  • The function also provides AML assurance through onsite audits, policy updates, and follow-up on supervisory audits and investigations.

Data Privacy Management

  • The Bank’s Data Privacy Management function has been acting as liaison between the Personal Data Commissioner and the Bank, supporting and consulting with the Bank and Board of Directors on personal data protection matters.
  • The function also monitors and ensures the adequacy of established procedures for:
    • Implementing data subject rights
    • Data inventory management
    • Vendor management

Internal Audit

  • As part of the Three Lines of Defence model, the Internal Audit function provides independent assurance to the Board of Directors and Senior Management over the effectiveness of the governance, risk management practices, and internal control environment.
  • The function’s main responsibilities include:
    • Developing an audit plan
    • Evaluating corporate governance framework
    • Assessing risk management processes
    • Evaluating accounting and financial reporting systems
    • Assessing internal control systems

Risk Management

  • The Bank’s Risk Management Division (RMD) ensures that all material risks are identified, measured, and properly reported.
  • The RMD is independent from executive functions and has direct access to the Board of Directors and the Risk Committee.
  • The function’s role includes:
    • Assisting the Board in establishing risk management objectives
    • Developing management policies
    • Identifying and measuring risks
    • Monitoring and reporting on risk exposures
    • Submitting reports to the CBC

Conclusion

The Bank’s commitment to probity and compliance is evident in its efforts to strengthen its governance framework and ensure that all functions are operating effectively. The annual review of these functions will provide a comprehensive overview of the Bank’s progress in this area and identify areas for improvement.