Baydeldinova T.A.
PhD doctoral student
of customs, fiscal and environmental law
Al - Farabi Kazakh National University

 

Principles of constructing the compliance system.

 

     The key issue in the construction of the compliance system in financial institutions is the existence of a contradiction between the system of formal and informal rules that are formed on a specific financial market of the Republic of Kazakhstan. The conflict develops under the influence of the state, which requires not to participate in the shadow economic processes and not to facilitate their implementation, and, on the other hand, the interests of the owners of financial organizations, manifested in the realization of the main goal of entrepreneurial activity-raising profits. Given that the work in the financial markets involves a number of licensing risks, and at the same time, it is impossible to build compliance compliance controls that completely exclude the implementation of compliance risks, this conflict of interest is resolved by finding a compromise between the level of compliance risks taken and the costs incurred by the financial institution as a result of the creation and functioning of the compliance system. Therefore, it is the owners and the top management of the financial institution that must determine and fix the level of implementation of the compliance system.

     Proceeding from this, the system of distribution of competence and, accordingly, responsibility for the implementation of the compliance system in a financial organization is as follows:

• Collegial management bodies (the board of directors) are responsible to the owners of the financial institution for overall control of the compliance risk management system, the existence of an compliance policy and its annual evaluation and review. This requirement is combined with the successful practice of improving the quality of corporate governance introduced by the US Sarbanes Oxley law, which presupposes, among other things, the redistribution of control functions from the sole executive body to collegial bodies, in which the presence of external and independent members is desirable;

• Executive management bodies are generally responsible for the effective management of compliance risk. The person performing operational management of the financial organization-the sole executive body of management (the chairman of the board, the president) should be responsible for the presence of a constant function of compliance control;

• The head of the compliance department is responsible for the operative management of the compliance function, the optimal implementation of compliance procedures and interaction with other units of the financial organization in the process of implementing the compliance monitoring function. [1]

      Recorded by an internal regulatory document or otherwise (for example, at the level of informal arrangements between owners and management of a financial institution), the compliance policy should not be at variance with specific managerial decisions made in the course of the financial institution's activities. Often, compliance systems are created in financial institutions only under the influence of external influence from state supervisory bodies and managers and owners of financial organizations do not make informed decisions in the field of protection against compliance risks. As a result, compliance systems are foreign elements in the structure of financial organizations, and their activities are not integrated into the business process and are implemented formally. Internal intergroup conflicts develop between the compliance unit and business units. The resources allocated to the creation and operation of the compliance system are being spent in an inefficient way due to the appearance of additional costs due to unsettled business processes.

     Based on the recommendations of the Basel Committee on Banking Supervision [2], the compliance system in financial institutions and, in particular, in banks seems appropriate to build on the following principles:
A) the principle of responsibility and awareness of the management of a financial institution. Given the role that management bodies of a financial institution should play in the process of managing compliance risks, the main duties of the compliance system are related to identifying compliance-specific compliance risks and assistance to the executive body in their minimization. The principle implies the following functions for the compliance departments: the organization of timely reliable periodic reporting to the collegial management bodies (the board of directors) to ensure their control over the effectiveness of compliance risk management. Collegial authorities, in turn, implement the adoption of compliance procedures, as well as assess the actual results of implementation of the compliance system; Promptly informing and advising the management of the financial institution (the person in charge of the operational management of the financial institution) to ensure on his part the effectiveness of the implementation of compliance control and, if necessary, the application of disciplinary measures for improper implementation of the compliance function.

     Compliance monitoring should be carried out in accordance with the principle of continuity and in all jurisdictions of the presence of the financial institution due to the fact that the implementation of compliance risk in one unit will negatively affect the entire financial institution. At the same time, the compliance system must be periodically inspected and evaluated by the internal control unit of the financial organization or external auditor working on the principles of outsourcing. This is necessary to ensure the confidence of the owners and management of the financial institution in the reliability of the information obtained from compliance compliance and the reliability of the compliance risk management system. For this reason, the implementation of the compliance control function should not be performed by a subdivision of internal control. From this also follows the second principle of independence of the compliance system.

B) the principle of independence of the compliance system. The principle presupposes the assignment of the compliance unit with independence from the business function of the financial organization and the provision of the compliance unit with the appropriate resources necessary for the implementation of its activities, including information. It is also necessary to pay attention to the following: providing the compliance unit with a high official status in the structure of the financial organization and its leader with the necessary administrative resource to ensure overall coordination of the implementation of compliance and control over personal conflict of interests within the financial organization;

     To increase the level of objectivity of decisions and balance of interests between the compliance control functions and business, it is advisable to apply collegial methods for solving disputable situations. Given the existence of an internal intergroup conflict of interest, significant compliance risks should be addressed at the level of a collegial body, for example, the Compliance Committee, which should include representatives of units interested in resolving the issue;
     The remuneration of the compliance unit should not depend on the financial results of specific transactions or projects, but be carried out from general funds.
C) the principle of participation of all employees within their competence in implementing the compliance system. Compliance procedures (AML / CFT) in recent years, especially in banking, have become integral elements in the technological chains of almost every financial transaction. Therefore, the actual participation of the compliance officer in virtually every operation, both in the customer service area and at the site of the operation, is fundamentally impossible. Its task is to advise employees and coordinate the implementation of compliance control procedures, as well as the implementation of certain procedures that fall within its exclusive competence. For example, the verification and consolidation of information on transactions subject to control, before sending them to the Financial Monitoring Committee or assessing the risk of legalization of specific customers. The principle presupposes the need for routine maintenance of business processes, the consolidation of the compliance function in regulatory documents, job descriptions of employees, the distribution of authority between employees at the level of operational units, as well as the training function.

      In this context, the training function is extremely important and involves not only advising the management of the financial institution and coaching staff, but a whole set of activities that involves the formation of a culture of compliance within the financial institution. It is necessary to create communication platforms operating in both directions - from the compliance manager to the employees and back. The goal of training is not only to inform about the application of specific control compliance procedures, but also to develop an understanding of the danger of such a phenomenon as the legalization of criminal proceeds, both for a financial institution, in particular, and for society as a whole. It is advisable to expand the horizons of the employees in order that they understand the causal relationship between the shadow economic processes and the specific procedures of compliance control and apply (or did not apply) them consciously.
     The second important function of the principle of participation of all employees in the implementation of compliance control procedures is the level of automation culture. Without the proper level of automation of compliance control processes (in other, as well as any other procedures) the level of their implementation will be low and different in different operating units. This is fraught with significant operational risks, due to the serious impact of the human factor. [3] Automation of compliance control procedures, in essence, is the task of analyzing financial data and, like any other analytical automated system, can function only under the condition of sufficient data, automating the banking operations of technological gaps in their automated processing. In other words, an automated compliance compliance system is a superstructure over an automated banking system and works with the information it prepares. Thus, it is not enough to acquire a high-quality automated compliance system. It is necessary that the general level of automation allows such a system to be applied.

 

1. Булыга Роман Петрович., Куприянова Людмила Михайловна Управление корпоративными рисками // Экономика. Бизнес. Банки. - 2015. - №3 (12).. rimuniver.ru/wp-content/uploads/2015/10/Булыга-и-Куприянова.pdf

2. Basle Committee on Banking Supervision. (1997). Report of the Central European Working Group: A Response to the Core Principles for Effective Banking Supervision. The Committee. (2017).

3. Лаврищев, А.П., 2006. Формирование и развитие системы внутреннего контроля кредитных операции в российских банках, PhD thesis, Государственный университет управления, Москва.