Good business practices through effective compliance management
Compliance plays an important role in the financial sector and is something that DZ BANK has viewed as a matter of course for many years. Governments are calling on the finance industry for support in the battle against insider trading, market manipulation, corruption, and other criminal behavior, and for the imposition of financial embargoes. Additional rules regulate transactions and subject institutions to disclosure and stringent inspection. This restrictive statutory environment has a fundamental effect on the way we do business as a bank. Furthermore, lawmakers have made increasing demands on banks’ compliance departments in the past few years. For example, the Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) [Federal Financial Supervisory Authority] has set out the rules of the German Securities Trading Act (WpHG) in more detail in the Minimum Requirements for the Compliance Function and Additional Requirements Governing Rules of Conduct, Organization and Transparency (MaComp). And the updates to the Minimum Requirements for Risk Management (MaRisk) have increased the tasks and duties of the Compliance Office still further.
Central Compliance Office
As a central institution of the cooperative financial network, DZ BANK bears particular responsibility for guaranteeing good business practices in its own operations. It was back in the 1990s that, in accordance with international standards, we first introduced a central Compliance function to interact with the other banking functions. In line with legal requirements, its particular responsibilities are capital markets compliance, the prevention of money laundering, and the new Compliance function pursuant to MaRisk. The Compliance Office
is also the main body responsible for preventing other criminal activity. Its compliance experts advise managers, staff, and business units in the bank on the implementation and monitoring of legal requirements.
The Compliance Office also checks compliance with the provisions of the WpHG, the ban on insider trading, and the rules on employee transactions and ensures that the bank does not become involved in money laundering or the funding of terrorism. As compliance officer, anti-money-laundering officer, and group anti-money-laundering officer, the head of the Compliance function reports directly and regularly to the Board of Managing Directors and the Supervisory Board. In addition, all members of the Supervisory Board are provided with information about the measures and procedures implemented by DZ BANK to fight corruption as part of the yearly reporting process.
We include all sites in the annual risk analysis that we are required to carry out by law. No significant risk of corruption was identified in the 2016 risk analysis.
Fraud prevention measures
DZ BANK’s code of conduct, introduced in 2012, contains various measures to prevent fraud. These include guidelines for dealing with gifts, written procedures for fraud prevention, a whistleblowing hotline, and training.
Dealing with gifts
The policy on gifts, introduced by DZ BANK in 2010, is a key element of the bank's fraud prevention measures. It provides our employees with clear instructions on how to deal with gifts and business entertainment.
Processes for assessing customers and transactions
We use instructions and rules to assess new customers in order to meet the 'know your customer' and customer due diligence requirements contained within the German Anti-Money Laundering Act (GwG). The bank carries out continuous monitoring at transaction and customer level, and our Compliance Office checks that policies are adhered to.
Approach to compliance risk
The Compliance Office works closely with the Group Operational Risk function in the Risk Controlling division, and others, in order to collect data on money laundering risk and fraud risk for the annual risk analysis.
The requirements for the Compliance function specified by MaRisk for the banking sector have been implemented by the relevant subsidiaries in consultation with DZ BANK. The DZ BANK Compliance function lays down the fundamental and standardized requirements with respect to the methods for identifying relevant compliance risks to be used across the group. It liaises with the group entities to ensure that consistent procedures are used throughout the group. The managers responsible for the Compliance functions each report directly to the member of the Board of Managing Directors responsible for this area of activity.
Implemented in 2016, the compliance policy for the DZ BANK Group and the associated compliance standards form a standardized groupwide compliance framework for handling legal rules and requirements. The aim is to create a groupwide compliance management system.
So that irregularities can be identified at an early stage, our staff are able to report them in the strictest confidence. In addition to a compliance and money-laundering hotline, we operate a whistleblowing hotline that allows employees to anonymously report signs of suspected criminal activity to the head of the Compliance Office, who is the internal ombudsman, or to an experienced lawyer who is acting in confidence as an external ombudsman. They guarantee the whistleblower’s anonymity as part of client confidentiality, including vis-à-vis public bodies. The information provided is checked confidentially by a committee. This system helps DZ BANK to ensure it complies with legal obligations and to avoid reputational damage or financial loss.
In 2012, we introduced a software program that examines all trades for market price manipulation. DZ BANK reported 46 cases of suspected market manipulation to the Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) [Federal Financial Supervisory Authority] in the year under review. In addition, a multi-level process within DZ BANK ensures that employees adhere to the statutory requirements aimed at preventing insider trading.
At all sites, our staff receive regular compulsory training in banking compliance, the prevention of money laundering, the ban on market price manipulation, and fraud prevention. This compliance training also covers how to fight corruption. All Supervisory Board members are regularly trained on anti-corruption topics. The average rate of participation in training is 99 percent. We also offer seminars on specific topics, such as investment advice and managing conflicts of interest.
Compliance Office in dialog
Our Compliance Office seeks to engage in dialog with compliance-relevant organizations so that it can play a part in the future development of the general parameters under which we operate. The office participates in working groups organized by the Bundesverband der Deutschen Volksbanken und Raiffeisenbanken (BVR) [National Association of German Cooperative Banks]. It also represents DZ BANK as a guest member of the Bundesverband Öffentlicher Banken Deutschlands (VÖB) [Association of German Public Sector Banks]. In addition, it fulfills our disclosure obligations vis-à-vis the Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) [German Federal Financial Supervisory Authority] and the trading surveillance offices of the various stock exchanges.
Careful and secure handling of data is one of the core pillars of a business relationship that is based on trust. DZ BANK protects its customers’ data and only passes it on to third parties if customers consent to this or if it is required to do so by law. Our employees adhere to the laws and principles of data protection that apply to their work. We also make sure that they are kept up to date with the latest data protection regulations. Our data protection officer is responsible for ensuring conformity with the law and is the primary contact for customers, business partners, and staff. In 2016, we received no substantiated customer complaints related to data protection.
The DZ BANK Group has a comprehensive risk management system that, in general, meets its own business management needs and statutory requirements. Furthermore, the management of opportunities and risks forms an integral part of the groupwide strategic planning process. The risk management system is based on risk strategies that are derived from the business strategies and approved by the Board of Managing Directors. All DZ BANK Group entities are integrated into the groupwide opportunity and risk management system, which is divided between the Bank sector and the Insurance sector.
Dealing with reputational risk
Reputational risk refers to the risk of losses from events that damage confidence, mainly among customers (including the Volksbanken und Raiffeisenbanken – the local cooperative banks), shareholders, employees, the labor market, the general public, and the supervisory authority, in the entities in the Bank sector of the DZ BANK Group or in the products and services that they offer. Reputational risk is incorporated into the risk strategy. Crisis communications aimed at mitigating reputational risk are designed to prevent large-scale damage to the entities in the Bank sector if a critical event occurs. This therefore supports the sustainability concept embraced by the DZ BANK Group.