|Board of Directors (“BOD”)
|Members of the Board of Directors shall understand their roles and responsibilities in managing bribery and corruption risk faced by the Bank, which include:
- be aware of bribery and corruption risks associated with the Bank’s business activities and understand the anti-bribery and corruption measures required by law, regulations, guidelines and the industry’s standards and best practices.
- Maintain adequate oversight of the overall ABCP measures undertaken by the Bank.
- be fully committed in establishing an effective corruption risk management framework, internal control system; review and monitoring and training and communication.
- ensure the Bank establishes, maintains and periodically reviews its ABCP program including policies, procedures and controls to address corruption risk and approve those policies.
- define lines of authority and responsibilities between those implementing policies and those enforcing controls, i.e. by:
- ensuring appointment of a key competent employees at group level to be responsible for all anti-corruption compliance matters including provision of advice and guidance to staff and business associates in relation to the ABCP program;
- ensuring effectiveness of internal audit in assessing and evaluating controls to prevent bribery and corruption.
- develop mechanism to ensure the ABCP policy and procedures are in line with changes and developments in the Bank’s business activities, operations and affairs, products and services, technology as well as trends in bribery and corruption.
- ensure that there is adequate ABCP training and communication provided to both internal and external parties, including promoting awareness of their ABCP obligations.
Senior Management is accountable for the implementation and management of the ABCP compliance programme in accordance with policies and procedures established by the Board, requirements of the law, regulations, guidelines and the industry’s standards and best practices which includes:
- be aware of and understand bribery and corrupt practices risks associated with business dealings.
- formulate ABCP policies to ensure that these are in line with the risk profiles, nature of business, complexity, volume of transactions undertaken by the Institution and its geographical coverage.
- establish appropriate mechanisms and formulate procedures to effectively implement ABCP policies approved by the Board, including the mechanism and procedures to monitor and detect complex and unusual transactions.
- undertake review and propose to the Board the necessary enhancements to the ABCP policies to reflect changes in the Bank’s risk profile, institutional and group business structure, delivery channels and geographical coverage.
- provide timely periodic reporting to the Board on the level of bribery and corruption risk facing the Group, the strength and adequacy of risk management and internal controls implemented to manage the risks and the latest development on ABCP programme which may have impact on the Bank.
- allocate adequate resources to effectively implement and administer the ABCP programme that is reflective of the size and complexity of the Bank’s operations and risk profiles.
- appoint a compliance officer at management level at Head Office to manage all anti-corruption compliance matters.
- provide appropriate levels of ABCP training for its employees at all levels throughout the organisation.
- ensure that there is a proper communication channel to effectively communicate the ABCP and procedures to all levels of employees.
- ensure that bribery and corruption issues raised are addressed in a timely manner.
- ensure the necessary steps are taken to rectify the bribery and corruption inadequacies highlighted, if any.
- ensure the integrity of its employees by establishing an appropriate employee assessment system; and
- responsible for communicating and reinforcing the ABCP compliance culture established by the RMC (Risk Management Committee) and the Board of Directors.
- implement and enforce the approved ABCP programme.
|Group Chief Compliance Officer ("GCCO")
The appointed person who is the central point of authority on compliance matters and responsible for the management of compliance risk in the Bank.
- advise line management to establish controls required for business practices and products to ensure that bribery and corruption deterrence procedures are adequate.
- ensure BOD is updated with timely information.
- to assist senior management and Board in formulating the ABCP policy to ensure that this is in line with the risk profiles, nature of business and complexity.
- monitor adherence to anti-bribery and corruption procedures and controls to ensure that it is effective and sufficient to address any change in bribery and corruption trends.
- ensure that there is adequate ABCP training provided for employees, including promoting personnel awareness of their ABCP obligations.
- act as the contact point in representing the Bank in dealings with the local regulators.
- disseminate information and policy/ procedures to Business Operational Control (BOC) Officers, and Head of Departments (HOD) for dissemination to employees.
- provide guidance to BOCs and HODs regarding compliance with ABCP.
- Implement necessary changes to the ABCP and procedures with the approval of the BOD in ensuring that the current policy is sound and appropriate.
- act as a central point for the receipt and validation of suspicious transaction reports.
- evaluate suspicious transactions reported and advise on the next course of action.
|Business Operational Controls (“BOC”) officer for the Team/ Unit/ Line of Business
- provide guidance to business/ support unit regarding compliance with ABCP.
- act as liaison between his/ her business/ support unit and Group Compliance.
- assist Group Compliance in its effort to raise awareness on bribery and corruption issues.
- ensure that reporting procedures are observed.
- assist HOD in ensuring that all staff are trained in relation to applicable rules and procedures in their respective specialised areas.
- disseminate information and policy/ procedures to staff when received from Group Compliance and ensure that it is secure and kept confidential.
- provide day to day guidance to staff regarding compliance with ABCP.
- ensure the documentation, standard form in use and agreements contain provisions related to Section 17A of the MACC Act.
- Assist HOD in ensuring bribery and corruption issues are raised to Senior Management timely.
- undertake periodic review of the gift register and claims to ensure compliance to established policy and procedure.
- To assist with risk assessment for the Unit in relation to Section 17A of the MACC Act.
|Group Internal Audit
- ensure that independent audits are conducted to check and test the effectiveness of the ABCP, procedures and controls.
- ensure the effectiveness of oversight function in assessing and evaluating compliance with the ABCP controls.
- ensure the ABCP measures are in compliance with MACC Act, its regulations and the relevant Guidelines.
- assess whether current ABCP measures which have been put in place are in line with the latest developments and changes of the relevant ABCP requirements.
- submit a written report on the audit findings to the Board of Directors on a regular basis so that the Board of Directors would ensure that necessary steps are taken to rectify the situation.
- facilitate the role and function of the Board of Directors with regards to independent audit.
|Group Human Resources
- Group Human Resource must have in place screening procedure which shall apply upon hiring potential employees and appointing officers, and throughout the course of employment.
- The Bank is required to establish an employee assessment system that is commensurate with the size of operations and risk exposure of the Bank to bribery and corruption risk.
- The employee assessment shall include an evaluation of an employee’s personal information, including criminal records.
- All employees are to be aware of, and comply with, the requirements the Bank has laid down as well as the requirements of this Policy. An employee may be held personally liable for any failure to observe the ABCP requirements.
- Ask any questions about this Policy that may arise or if there is a lack of clarity about the required action in a particular situation.
- Be alert to indications or evidence of possible violations of this Policy.