Risk And Compliance

December 2, 2016 Pyae Kyaw

Risk And Compliance

RISK MANAGEMENT

AYA Bank recognizes that an effective risk management system must be in place to mitigate various risks to the bank operations. AYA Bank adopts the risk management policy to affirm its awareness of the need to establish a program for Enterprise Risk Management (ERM). The Board further commits to provide sufficient personnel and other resources to ensure full implementation of an enterprise risk management program. AYA Bank will maintain an Enterprise Risk Management policy and framework to coordinate the many aspects of risk. ERM policy does not replace any existing risk and compliance program but serves to provide a cohesive umbrella for all the risk management programs currently in place.

Board Risk and Compliance Committee (BRCC)

ARCC (Audit, Risk and Compliance Committee) was formed in 2014. It was upgraded to Board level in 2018 and divided into two committees: Audit Committee (AC) and Board Risk and Compliance Committee (BRCC). BRCC assist the Board in fulfilling its oversight responsibilities with respect to the risk management, compliance as well as ethics and integrity according to the prevailing law and regulations. In fulfilling its oversight responsibilities, the Committee will perform duties and responsibilities as delineated in the Risk and Compliance Committee Charter.

The responsibilities of Board Risk and Compliance Committee are to:

  • Formulate policies relating to risk management that are consistent with the strategic direction and overall risk appetite as set by the Board of Directors.
  • Ensure that the Senior Management operates within the risk tolerance limits set and to recommend changes as and when appropriate in line with any significant changes in internal and external environment.
  • Monitor and regular review of the effectiveness of Risk Management Policy.

Management Risk and Compliance Committee (MRCC)

Management Risk & Compliance Committee (MRCC) was established by BRCC on 2nd May 2019. The Committee is formed by appointing Risk Managers at each unit of the Bank to track and address the various risks in a timely manner.

The roles and responsibilities of the Committee is to:

  • Provide advice to and report to BRCC on all relevant matters pertaining to possible risks,
  • Assist BRCC on setting up Risk Management Policy, Framework and Risk Tolerance Limit for the Bank,
  • Oversee the adequacy of the controls established by senior management,
  • Ensure that proper process in place for the Chairman of the Board and BRCC is immediately informed of any material non-compliance matter or material litigation,
  • Obtain information from, and access to Management,
  • Ensure all the risks are properly addressed within a specified time limit and Bank’s risk tolerance level.

Enterprise Risk Management & Compliance Department (ERMC)

ERMC Department is responsible for AYA Bank’s Enterprise Risk Management (ERM) framework and advising on compliance and risk management across the branches and all Bank’s business operations.

The role & responsibilities of ERMC Department are to:

  • Identify and manage areas of potential risk and to safeguard the assets of the Bank and its shareholders,
  • Assess whether the right risks have been identified and are appropriately managed,
  • Understand current areas of greatest risk (financial and non-financial) and review these areas on a regular basis,
  • Obtain regular updates from management, the Bank’s legal counsel, auditors, and any external parties, as deemed appropriate, regarding audit, financial reporting, risk management and compliance matters,
  • Review the adequacy of the Management Information & Intelligence Systems for appropriate management of the Bank’s customers, business – e.g., risks and profitability,
  • Periodically review the effectiveness of the Compliance function, including the process of monitoring for compliance with CBM laws and regulations and the results of management’s investigations and follow-ups (including disciplinary action) of any fraudulent acts or non-compliance,
  • Review the findings of any examinations by regulatory agencies and any material correspondence with such agencies,
  • Review and monitor the effectiveness of the Bank’s controls in the areas of credit, operational and financial risks, legal and regulatory compliance, and financial reporting,

COMPLIANCE

AYA Bank has established compliance approach, policies and functions that contain the fundamental principles to be followed by the Board, Management and Staff.

An independent compliance function is a key component of the Bank’s second line of defense. This function allows monitoring that the Bank operates with integrity and in compliance with applicable, laws, regulations, and internal policies. Similarly, it helps improving in compliance issues, act as a contact point within the bank for compliance queries from staff members and provide guidance to staff on the appropriate implementation. The areas focused by the compliance function includes bribery, money laundering, country sanctions, fair business dealing with the consumers, practices raising ethical issues and including those that could create reputational risk for the bank.

ANTI-MONEY LAUNDERING & COUNTER FINANCING OF TERRORISM POLICY AND INTERNAL CONTROL MEASURES

Money launderers can deceit or fraud to capture the processes of financial entities for illicit purposes. We have implemented internal control designs that increase the chances of preventing or detecting such activities. We are fully in compliance with Pyidaungsu Hluttaw Law No.11/2014 “Anti-Money Laundering Law”, Pyidaungsu Hluttaw Law No.23/2014 “Counter Terrorism Law”, Ministry of Home Affairs “Anti-Money Laundering Rules and Counter Terrorism Financing Rules”, regulations of Central Bank of Myanmar, and to the extent possible, adopt the recommendations of FATF. AYA Bank’s AML/CFT Policy establishes governing principles and procedures to protect AYA Bank from being used or implicated in money laundering or counter terrorist financing activities such as securities fraud and market manipulation.

Following key elements are effective steps to ensure better compliance.

Know Your Customer Policy

AYA Bank Customer Acceptance Policy takes into consideration all factors related to the type of customers, their activities, related accounts, and any other relevant indicators. The policy includes adequate description of customers in accordance with their associated risk.

Customer Due Diligence Measures

Customer Due Diligence is the vital process for us. AYA Bank established a systematic procedure which uncover any potential risk to the Bank of doing business with an organization or individual by analyzing information from a variety of sources. These include verifying the identity of new customers and not entering a business relationship until the identity and ownership structure of a new customer is satisfactorily established, collecting information about the activities a customer is engaged in and markets in which they operate, and the other entities with which a customer does business.

On- Going Monitoring of High-Risk Transactions and Accounts

We have developed the risk-based approach for dealing with high-risk transactions or customers to assess money laundering and terrorist financing activities. Understanding the nature of normal and reasonable account activity of customers are of great help to detect unusual suspicious patterns of activity.

Reporting of Suspicious Transactions

It is required by law to file a suspicious transaction report promptly. As such, the designated officers of the Bank will be reported upon detection of suspicious transactions or if there are reasonable grounds to believe that a transaction is related to criminal activity.

Reporting of Suspicious Transactions Record keeping

The details of suspicious transactions and all relevant records of investigations together with the decisions made are retained and recorded for a required period in accordance with Bank’s policy and regulatory requirements.

Appointing Compliance Officers

Compliance Officers are appointed in all department and branches to establish and maintain internal policies, procedures, manual of compliance. The responsibilities of the Compliance Officer revolve around identifying and eliminating the risks of noncompliance, both externally and internally. They are responsible to report management constantly concerning the organization’s compliance with laws and regulations. Our compliance officers communicate with employees in respective areas and make sure that everyone is aware of what they need to do to comply with internal and external laws and regulations.

Effective Risk and Compliance Training

Every day brings new changes and challenges in the financial world. We design our training to focus more to reduce risks, increase workforce efficiency, stay up to date in the banking sector. Risk and Compliance related training and seminars are conducted continuously to help detect and report suspicious activity including the predicate offenses to money laundering and terrorist financing, such as securities fraud and market manipulation. Compliance seminars are available to learn at any time at any place on our intranet.

Independent Audits

Our Internal Audit Team plays pivotal role for the Bank as they are proactively identifying and assessing potential risk towards the Bank, potential weakness, and noncompliance situations. They are working with all the departments and branches of AYA Bank across the country to enforce the compliance and measure the effectiveness of applying AML/CFT guidelines and respective law annually.

AYA BANK AML/KYC Questionnaire

The information on due diligence for AYA Bank can be available on request at link here.