Maintenance Act, 1998
R 385
Banks Act, 1990 (Act No. 94 of 1990)RegulationsRegulations relating to BanksChapter III : Corporate Governance49. Compliance function |
(1) | A bank shall have in place as part of its risk-management framework and governance structure an independent compliance function, which independent compliance function shall ensure that the bank continuously manages its regulatory and supervisory risks, that is, the risk that the bank does not comply with applicable laws and regulations or supervisory requirements. |
(2) | The compliance function— |
(a) | shall be headed by a senior executive officer of the bank with the authority to communicate directly and freely in respect of any relevant matter, including, for example, decisions made by the management of the bank that may be in conflict with legal or regulatory requirements, and on his/her own initiative, |
(i) | with the members or chairman of the bank's board of directors; |
(ii) | with the members or chairman of the bank's audit committee; or |
(iii) | with the external auditor of the bank, when appropriate. |
(b) | shall be headed by a compliance officer who shall perform his/her functions with diligence and care and with such a degree of competence as can reasonably be expected from a person responsible for such a function; |
(c) | shall have adequate resources and stature in order to ensure that non-compliance with laws and regulations or supervisory requirements by the bank can be duly addressed. |
(3) | As a minimum, the compliance officer of a bank— |
Effectiveness
(a) | shall report directly to and have demonstrable support from the board of directors, the audit committee and the chief executive officer of the bank; |
(b) | shall function independently from functions such as internal audit and shall be demonstrably independent; |
(c) | shall in a timely manner report non-compliance with laws and regulations or supervisory requirements to the chief executive officer, the board of directors and the audit committee of the bank; |
(d) | shall submit a report on the level of compliance with laws and regulations or supervisory requirements by the bank at every meeting of the board of directors or the audit committee of the bank and provide the Registrar with a copy of such a report; |
(e) | shall ensure, as far as possible, that no conflict of interest with/between other internal control functions exists; |
Monitoring
(f) | shall be responsible for establishing a compliance culture in the bank that contributes to the overall objective of prudent risk management by the bank; |
(g) | shall establish a line of communication to line management, in order to monitor continuously compliance with laws and regulations or supervisory requirements by the bank; |
(h) | shall require line management to monitor compliance with laws and regulations or supervisory requirements as part of their normal operational duties; |
(i) | shall require relevant regulatory requirements to be incorporated into operational procedure manuals; |
(j) | shall make recommendations whenever necessary in order to ensure that there is compliance with laws and regulations or supervisory requirements; |
Reporting
(k) | shall establish prompt mechanisms for reporting and resolving non-compliance with laws and regulations or supervisory requirements; |
(I) | shall ensure that resolutions are signed off; |
(m) | shall duly document the compliance officer's findings, including any remedial action, as part of the compliance monitoring programme; |
Resources
(n) | shall recruit sufficient staff of the correct quality in order to monitor and test continuously the bank's compliance with laws and regulations or supervisory requirements; |
(o) | shall ensure that compliance staff are trained on a continuous basis in order to ensure that they have adequate technical knowledge in order to understand the regulatory framework that applies to the bank, as well as the risks to which the bank is exposed; |
Manual
(p) | shall compile and maintain a compliance manual that— |
(i) | duly addresses all material risks to which the bank is exposed; |
(ii) | duly addresses all material objectives and aspects of applicable legislation; |
(iii) | refers to specific legislation, rules and regulations when appropriate; |
(iv) | is readily available to all relevant staff; |
(v) | is reviewed and updated at least once a year. |
(4) | The provisions contained in this regulation shall not be construed as derogating from the general provisions contained in the Act that place the primary responsibility of compliance with the provisions of the Act and the Regulations on directors and executive officers. |