Financial Crime World

Compliance Risks in Banking: A Growing Concern in Philippines

Introduction

In an effort to protect its reputation and maintain public trust, a major Philippine bank has taken steps to address business risks by establishing a robust compliance function. This comes as the bank faces growing pressure from regulatory bodies and increased scrutiny from stakeholders.

Definition of Business or Compliance Risk

Business or compliance risk is defined as the risk of regulatory or legal sanctions, material financial loss, or loss to reputation that a bank may suffer due to its failure to comply with laws, regulations, rules, related self-regulatory organization standards, and codes of conduct applicable to its banking activities.

Enterprise-Wide Compliance Program

The bank has implemented an enterprise-wide compliance program to identify, evaluate, and address these risks. The program is designed to be dynamically-responsive and distinctly-appropriate, helping to identify regulatory and reputational risk across business lines, while allowing management to consider how activities in one area may affect risks in other areas.

Compliance Function

Under the guidance of the Monetary Board Resolution No.116 dated January 20, 2011, and BSP Circular 747 Series of 2012 on the Revised Compliance Framework for Banks, the bank’s compliance function is overseen by the Chief Compliance Officer. The office uses regulatory and self-assessment compliance matrices to formulate measures to mitigate identified risks and tests their effectiveness.

Organizational Structure

The Compliance Office is currently organized to cover:

  • Regulatory Compliance
  • Corporate Governance
  • Anti-Money Laundering Compliance
  • FATCA Compliance
  • Data Privacy Office

Given rapid regulatory developments and growing complexity of bank products, services, and transactions, the office evolves its coverage of compliance practice areas to anticipate and meet forward challenges.

Compliance Testing and Monitoring Process

To promote adherence to compliance regulations, the office applies a three-layered compliance testing and monitoring process:

  • Unit self-assessment testing
  • Independent random testing
  • Independent periodic review by the Bank’s Internal Audit unit

The office also maintains a compliance database accessible to all employees and ensures prompt dissemination of new regulations and developments through continued dialogue with regulators.

Conclusion

As the banking industry continues to evolve, the importance of effective compliance risk management cannot be overstated. With increasing regulatory pressure and growing complexity in financial transactions, banks must prioritize compliance to maintain public trust and protect their reputation.