Banks told to strengthen risk management, compliance frameworks

MANILA, Philippines -  The Bangko Sentral ng Pilipinas (BSP) has directed banks and other financial institutions to strengthen their risk governance as well as compliance frameworks.

BSP Governor Nestor Espenilla Jr. issued Circular 971 directing banks and BSP supervised financial institutions (BSFIs) to come up with a risk governance framework that would include policies, supported by appropriate processes and control procedures, designed to ensure that the risk identification, aggregation, mitigation and monitoring capabilities are commensurate with their size, complexity, risk profile and systemic importance.

“The risk governance framework shall consider the entities in the conglomerate and shall be applied on a group-wide scale,” Espenilla stated in the circular.

The framework, he explained, should cover the bank’s risk appetite, risk management policy, risk management processes and infrastructure, risk identification, monitoring, and controlling as well as risk communication.

Espenilla said universal and commercial banks or big banks should create a separate risk management function to assist management in meeting its responsibility to understand and manage risk exposures and ensure the development and implementation of risk policies, processes and procedures.

On the other hand, branches of foreign banks could establish their own risk management function or may be covered by the parent or regional group risk management function.

Likewise, the board of directors of thrift, rural and cooperative banks could create a risk management function that would report directly to risk oversight committee or the board of directors.

The BSP also directed banks to appoint a chief risk officer to head the risk management function.

The BSP chief also issued Circular 972 enhancing the guidelines in strengthening compliance frameworks.

Espenilla said BSFIs should establish a dynamic and responsive compliance risk management system designed to specifically identify and mitigate risks that may erode their franchise value such as risks of legal or regulatory sanctions, material financial loss or loss to reputation.

The risks could arise from the banks’ failure to comply with laws, rules, related self-regulatory organization standards, and codes of conduct applicable to its activities.

The risks could also arise from failure to manage conflict of interest, treat customers fairly, or effectively manage risks arising from money laundering and terrorist financing activities.

“Compliance risk management should be an integral part of the culture and risk governance framework of the BSFI. In this respect, it shall be the responsibility and shared accountability of all personnel, officers, and the board of directors,” Espenilla added.

The BSP also requires supervised institutions to appoint a chief compliance officer to oversee the identification and management of compliance risk.