The Reserve Bank of India (RBI) has prescribed guidelines for ‘Compliance Functions in Banks and Role of Chief Compliance Officer (CCO)’ to bring uniformity in the approach followed by banks and also to align the supervisory expectations on CCOs with best practices.

These guidelines cover policy (which should be reviewed at least once a year), tenor and appointment of CCO, and reporting requirements and duties and responsibilities of the compliance function, among others.

The RBI observed that banks currently follow diverse practices vis-a-vis ‘compliance functions in banks and role of CCO’.

As per the guidelines, a bank shall lay down a board-approved compliance policy, clearly spelling out its compliance philosophy, expectations on compliance culture covering ‘tone at the top’ (ethical atmosphere created in the bank by its leadership) and accountability.

The policy will also encompass incentive structure and effective communication and challenges thereof, structure and role of the compliance function, role of CCO, processes for identifying, assessing, monitoring, managing, and reporting on compliance risk throughout the bank.

Further, the policy shall, inter-alia, adequately reflect the size, complexity and compliance risk profile of the bank, expectations on ensuring compliance to all applicable statutory provisions, rules and regulations, various codes of conduct (including the voluntary ones) and the bank’s own internal rules, policies and procedures, and creating a disincentive structure for compliance breaches.

According to the guidelines, the bank shall also develop and maintain a quality assurance and improvement programme covering all aspects of the compliance function.

The CCO shall be a senior executive of the bank, preferably in the rank of a General Manager or an equivalent position (not below two levels from the CEO). The CCO could also be recruited from the market. This officer has to be appointed for a minimum fixed tenure of not less than three years.

The RBI has specified age as “not more than 55 years”, without clarifying whether this is the upper age limit for entry or an officer cannot hold this position beyond 55.

The RBI said the instructions contained in the circular would come into effect immediately from the date of this circular (September 11), and any new appointment shall be governed by the instructions contained herein.

In respect of banks already having a CCO, they may follow the indicated processes for selection of CCO within six months, and are free to reappoint the current incumbent as the CCO if she/he meets all the requirements.

Reporting requirements

As per reporting requirements prescribed by the guidelines, prior intimation to the RBI’s Department of Supervision shall be provided before appointment, premature transfer/removal of the CCO.

Such information should be supported by a detailed profile of the candidate, along with the fit and proper certification by the MD & CEO of the bank, confirming that the person meets the above supervisory requirements, and detailed rationale for changes, if any.

The CCO shall have direct reporting lines to the MD and CEO and/or board / board committee (ACB) of the bank. In case the CCO reports to the MD and CEO, the Audit Committee of the board shall meet the CCO quarterly on a one-to-one basis, without the presence of the senior management, including MD and CEO.

The RBI underscored that the CCO shall not have any reporting relationship with the business verticals of the bank, and shall not be given any business targets. Further, the performance appraisal of the CCO shall be reviewed by the Board/ACB;

No ‘dual hatting’

The guidelines underscored that there shall not be any ‘dual hatting’ – the CCO shall not be given any responsibility, which brings elements of conflict of interest, especially the role relating to business.

Roles that do not attract direct conflict of interest, such as the role of anti-money laundering officer,can be performed by the CCO in those banks where principle of proportionality in terms of bank’s size, complexity, risk management strategy and structures justify that.

The CCO shall not be a member of any committee that brings his/her role in conflict with responsibility as member of the committee, including any committee dealing with purchases / sanctions. In case the CCO is a member of a committee, he/she may have only an advisory role.

Related Topics
comment COMMENT NOW