Diese Präsentation wurde erfolgreich gemeldet.
Die SlideShare-Präsentation wird heruntergeladen. ×
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Wird geladen in …3
×

Hier ansehen

1 von 17 Anzeige
Anzeige

Weitere Verwandte Inhalte

Diashows für Sie (19)

Ähnlich wie Corporate compliance ANZ (20)

Anzeige

Aktuellste (20)

Anzeige

Corporate compliance ANZ

  1. 1. CORPORATE COMPLIANCE PRACTICE ANZ Royal Bank (Cambodia) Ltd AUGUST 2017 Public
  2. 2. CONTENTS 2 • Introduction to ANZ Royal Bank (Cambodia) Ltd • ANZ Group’s Compliance principles • Our Compliance Framework 1. Culture 2. Governance 3. Understanding the business & regulatory environment 4. Obligations and policy management 5. Assessing risks and controls 6. Monitoring, oversight and reporting 7. Communications and training 8. Systems
  3. 3. INTRODUCTION TO ANZ ROYAL BANK (CAMBODIA) LTD 3  Operating in Cambodia since 2005  Joint venture with Royal Group of Companies  55% owned by ANZ Banking Group  15 branches of which11 are in Phnom Penh  100 ATMs, robust internet banking and 24/7 Contact Centre  450 staff  Location focus on Phnom Penh plus Siem Reap, Battambang, Kampong Cham and Sihanouk provinces ANZ Royal  Purpose: shape a world where people and communities thrive.  Aspiration: Cambodia’s great international bank.  How we want stakeholders to see us: - Shareholders: Sustainable, above hurdle return - Regulator: Compliant, most respected - Customers: Lead bank status, best service - Community: Most respected - Staff: Employer of choice, engaged Purpose and Aspiration  Retail mortgages, credit card, personal loan, savings account, cheque accounts, Visa Debit, Priority account, Bancassurance  Cash management account, term deposit, domestic and international transfers, foreign exchange, interest rate swap and commodities, bill payments  Business transactional accounts, trade and supply chain finance, overdraft, term loan Products
  4. 4. ANZ GROUP’S COMPLIANCE PRINCIPLES • Compliance at ANZ refers to our adherence to the laws, regulations, industry standards and codes, principles of good governance, internal policies and procedures that impact ANZ and its activities. • ANZ places the utmost importance on its reputation and the trust placed in us by our customers, investors, regulators, employees and the community. • Through the adoption of the principles presented in the following slide, ANZ recognises that good compliance management is key to our reputation. – Our values and culture must focus on doing what’s right, being ethical, accountable, trustworthy and transparent. • Fundamental to earning the trust of our stakeholders is that we comply with the laws, regulations, industry standards and codes, principles of good governance and internal policies and procedures. 4
  5. 5. ANZ GROUP’S COMPLIANCE PRINCIPLES (CONT’D) Here are the Compliance principles: 1. Doing the right thing the right way. 2. Enterprise-wide approach for compliance*. 3. Clearly defined authority and accountability. 4. Independent compliance function. 5. No tolerance for deliberate non-compliance. 6. Adequate risk and control environment and prompt response to deficiencies. * ANZ Royal follows the Group’s Compliance Framework. 5
  6. 6. ANZ’S COMPLIANCE FRAMEWORK 6 Business & Regulatory Environment Understand & assess ANZ’s business and regulatory environment Obligations & Policy Management Identify & manage obligations Develop supporting policy Risks & Controls Identify & assess risks Establish internal control environment Monitoring, Oversight & Reporting Perform assurance Analyse & report on control effectiveness & incidents Communications & Training Provide training & use communications to support compliance Systems Use systems to support enterprise-wide management of compliance Culture Promote a culture where business decisions are consistent with ANZ’s risk appetite and strategy Governance Clearly define responsibilities & appropriate levels of independence and oversight “No tolerance for deliberate non-compliance – Managing ANZ’s business to our global compliance standards and the laws of the countries in which we operate is non-negotiable. ANZ will not tolerate deliberate or negligent non- compliance.” “Enterprise-wide approach for compliance ANZ will adopt an enterprise- wide approach for managing compliance and ensure consistent standards are embedded in how we do business, how we conduct ourselves and the design and operation of our processes, systems and products.
  7. 7. 1. CULTURE • Make business decisions that are consistent with ANZ’s risk appetite and strategy and compliant with the laws of the countries in which the bank operates. • This means that: • Compliance expertise is engaged to assist with business change, product design, process reengineering and development of sales or advisory processes • Our people are encouraged to raise concerns, incidents or issues and meaningful corrective action will be implemented promptly • Compliance is actively involved in performance management and works with Human Resources to build appropriate reward and consequence management outcomes. • Deliberate or negligent non-compliance will not be tolerated at ANZ and may lead to disciplinary action – including dismissal or civil, criminal or regulatory liability. Key takeaways for participants: • Values commonly shared by all employees drive consistent compliance practice. 7
  8. 8. 2. GOVERNANCE • “Three Lines of Defence” model to clearly define compliance responsibilities and appropriate levels of independence, review and challenge and oversight • The First Line being Business/Enablement, the Second Line being Compliance and the Third Line being Internal Audit. • This is implemented through the bank’s organisational structure and its Management Committees. • Providing adequate numbers of skilled compliance staff • Maintaining oversight by Enterprise, Divisional and Regional/Country Risk Committees • Requiring our people to comply with policies and procedures that are relevant to their role • Assessing the performance of our people against clear accountabilities through the Performance Management Framework. Key takeaways for participants: • There are always risks in any business operations. • Sound governance with check and balance function is key to effective mitigation. 8
  9. 9. 3. UNDERSTANDING THE BUSINESS & REGULATORY ENVIRONMENT Describe and assess the business and regulatory environment of the market, i.e. assessing the: • Business Environment and Internal Control Factors to identify key risks and their associated internal controls • Regulatory environment and applicable compliance obligations to understand the nature of the risks. This results in a Business Environment Context Summary which: • Articulates the impact of regulation on existing strategic and business priorities and future direction • Formulates appropriate risk mitigation strategies • Captures the businesses’ understanding of regulatory expectations and requirements Key takeaways for participants: • Consider business and regulatory environment factors in business direction as well as operational risk assessment and mitigation. • Linking regulatory obligations to risks and controls “hits two birds with one stone”: 1) understand and mitigate risks well; and 2) ensure full compliance with regulations. 9
  10. 10. 4. OBLIGATIONS AND POLICY MANAGEMENT • Identify, document and categorise regulatory obligations • Develop relevant compliance policies supported by tools, systems, processes and/or procedures. • Identify and manage regulatory change • Identifying and communicating impacted businesses of proposed, new or changed obligations • Assessing and understanding the impacts of change on business activities and strategy • Overseeing regulatory change implementation within the business • Providing Compliance subject matter expertise • Advising and supporting regulatory change initiatives for successful transition to the compliance business as usual environment, including by identifying impacted ANZ policies, processes or controls • Periodically reviewing and maintaining the regulatory compliance obligations. • Demonstrate effective compliance management: monitor and reporting regulatory changes; update risk profile and assurance. Key takeaways for participants: • Keep abreast of regulatory changes and link them to internal processes. 10
  11. 11. CODES OF CONDUCT AND ETHICS • Practical set of guiding principles helping employees and Directors make decisions in their day to day work • Embody honesty, integrity, quality and trust ANZ’s Code of Conduct and Ethics are supported by detailed policies that together form the Conduct and Ethics Policy Framework. Summaries of those policies are public: • Anti-Bribery and Anti-Corruption Policy • Anti-Money Laundering and Counter-Terrorism Financing Policy • Expense Policy • Equal Opportunity, Bullying and Harassment Policy • Fraud Policy • Health and Safety Policy • Trading in ANZ Securities Policy • Whistleblower Protection Policy Other policies available to the public can be found at: http://www.shareholder.anz.com/our-company/corporate-governance?_ga=2.7564913.297526588.1502071086- 80195051.1498812969 Key takeaways for participants: • Codes of conduct and ethics are foundation for employees’ and Directors’ day to day actions, should be embedded in employment contracts/performance management activities, and monitored on an on-going basis. 11
  12. 12. 5. ASSESSING RISKS AND CONTROLS • Risks that have the potential to have a significant impact on business activities are assessed as key risks. • The results of risk and control assessments are used as an important input into business strategy, decision-making, treatment plans, training and communications. • All regulatory obligations are associated to an appropriately designed and compliant process and where related to a key risk, are linked to key controls with periodic testing. • Detailed and documented analysis is undertaken at least annually or when there is change in the business environment, to determine whether any risk with a compliance driver significantly impacts business activities. Key takeaways for participants: • Risk and control assessment gives assurance that the business is run within the expected appetite. 12
  13. 13. 6. MONITORING, OVERSIGHT AND REPORTING • Identify and manage compliance incidents • Perform ongoing assurance and oversight activities • Assess Key Risk Indicators (predictors of unfavourable events that can adversely impact the business). • Perform relevant compliance reporting activities • Reporting of incidents and potential breaches • Regulatory or other compliance changes that impact business operations • Results of assurance activities • Results of regulator visits or reviews including tracking and remediation of issues Key takeaways for participants: • Continuous monitoring and oversight are key to ensuring actions are taken in line with the plan established : lessons for future actions; and opportunities for corrective actions before it is too late. 13
  14. 14. 7. COMMUNICATIONS AND TRAINING • New, or change in, regulation is analysed, recorded and communicated to relevant staff. • A monthly Policy Governance Update is published to provide notification of policies that are new, currently under review, have been reviewed or have been decommissioned. • Intranet sites store relevant and updated policies, procedures and tools. • A Mandatory Learning Governance Framework regulates the content and delivery of mandatory compliance training to ensure that: • Everyone at has an understanding of the bank’s values, Code of Conduct and Ethics and globally applicable compliance obligations • Our people are allocated and complete training relevant to their duties • Roles or functions that operate or manage key compliance controls are appropriately skilled and resourced • The frequency of training reflects the risk profile of the business and importance of the subject • There is appropriate monitoring and reporting on completion of training and consequences for failing to complete it as required. Key takeaways for participants: • Consistent, on-going communications and training help employees keep up to date with internal and external developments and act accordingly. 14
  15. 15. 8. SYSTEMS • Robust Compliance and Operational Risk platform covering: • Detail of risks and controls • Assurance plan, outcomes and remedial actions • Compliance obligations, regulatory interactions, regulatory changes • Incidents and reportable events • Key risk indicators Plus other tools, templates, processes and systems. Key takeaways for participants: • While the degree of sophistication depends on the size of the business operations, at a minimum a set of tools processes and systems are essential in executing an effective compliance programme. 15
  16. 16. IN SUMMARY 16 Business & Regulatory Environment Understand & assess ANZ’s business and regulatory environment Obligations & Policy Management Identify & manage obligations Develop supporting policy Risks & Controls Identify & assess risks Establish internal control environment Monitoring, Oversight & Reporting Perform assurance Analyse & report on control effectiveness & incidents Communications & Training Provide training & use communications to support compliance Systems Use systems to support enterprise-wide management of compliance Culture Promote a culture where business decisions are consistent with ANZ’s risk appetite and strategy Governance Clearly define responsibilities & appropriate levels of independence and oversight To achieve a strong compliance outcome, we rely on a comprehensive framework consisting of: 1. A culture of compliance 2. Three-line of defence governance 3. Sound understanding of the business and regulatory environment and their changes 4. Clear identification of compliance obligations and development of relevant policies 5. Solid understanding of the risk exposures and putting in place robust controls 6. Continuous monitoring, oversight and reporting 7. Continuous communications and training 8. Comprehensive systems, processes and tools
  17. 17. THANK YOU

×