Compliance Functions – Role of Staff

Compliance means complying with the applicable laws, regulations and rules, to mitigate
the risks of non-compliance such as financial loss, reputation loss, adverse comments/ penalties/
punishments from the regulators. The Basel Committee on Banking Supervision (BCBS) paper on
Compliance and the Compliance Function in banks (April 2005) defines Compliance risk as "the
risk of legal or regulatory sanctions, material financial loss, or loss to reputation a bank may suffer
as a result of its failure to comply with laws, regulations, rules, related self-regulatory organization
standards and codes of conduct applicable to its banking activities”. Compliance should not be
seen as an activity of the compliance department alone but as a culture that should pervade across
the Bank.

The Compliance functionality at different levels shall extend its focus beyond the bank and
employees. It should be ensured that the bank’s clients act within the law and don’t use the bank
for illegal activities, such as money laundering, evading taxes or funding terrorism etc.

The importance of compliance function in banks is increasing over the last few years due
to complexity of operations and increase of issues. Due to increase of frauds in banking industry,
either by employees or customers (depositors/borrowers) or by collusion of employees and public,
Government of India, the Reserve Bank of India and other statutory/ regulatory entities are
focusing on compliance function in Banks and taking stringent actions for non-compliance of
statutory and regulatory guidelines.

RBI has put in place a separate department called “Enforcement Department” at its Central
Office to assess the compliance of banks a d to determine enforcement action for non-compliance.
During the last one year, RBI has imposed penalties on various Banks, for non-compliance of
regulations related to KYC norms, cyber security, sanction of advances, identification and reporting
of frauds etc.

False reporting of compliance and submission of factually incorrect information are being
viewed very seriously by us and also by RBI. It is pertinent to note in this context that, non-
compliance by the bank exposes the bank to various risks in addition to monetary penalties and
serious reputation risk. Listed entities like us shall have to disclose the instances of any penalties
to SEBI and also in the Annual Financial Statements, which in turn raise questions how we operate
in a compliant manner to rules and regulations.

The role and important functions of Compliance function at different levels are:

- Compliance Policy of the Bank

- Compliance Department at Head Office
- Compliance functions at other Head Office Departments
- Compliance functions at Circle Offices and Zonal Offices
- Compliance functions at Branches & Other administrative offices

Page 1 of 16
 I. COMPLIANCE POLICY OF THE BANK:

The Compliance Policy in our Bank, is approved by the Board of Directors. This policy is
being reviewed by the Board every year, and last review was done on 11.02.2019. This policy
broadly defines the Compliance functionality in our Bank. The Compliance Policy detailed
hereunder, is meant strictly for internal circulation.

1. Introduction:

1.1 The Basel Committee on Banking Supervision (BCBS) paper on Compliance and the
Compliance Function in banks (April 2005) defines Compliance risk as "the risk of legal or
regulatory sanctions, material financial loss, or loss to reputation a bank may suffer as a result of
its failure to comply with laws, regulations, rules, related self-regulatory organization standards
and codes of conduct applicable to its banking activities".

1.2 Compliance laws, rules and standards generally cover matters such as observing proper
standards of market conduct, managing conflicts of interest, treating customers fairly and ensuring
the suitability of customer advice. They also include specific areas such as prevention of money
laundering and terrorist financing, and may extend to tax laws that are relevant to the structuring
of banking products or customer advice. Compliance laws, rules and standards have various
sources, including primary legislation, rules and standards issued by legislators and supervisors,
regulatory authorities such as RBI, SEBI, IRDA and self-regulatory authorities such as FIMMDA,
FEDAI etc., market conventions, codes of practice promoted by industry associations, and internal
codes of conduct applicable to the staff members of the bank.

1.3 The compliance area is critically important in identifying, evaluating, and addressing legal
and reputational risks. In order to manage the compliance risk, a policy named "Compliance Policy"
was framed taking into consideration the guidelines issued by the Reserve Bank of India.

2. Objectives of the Policy:

2.1 To ensure sound compliance of all regulatory/legal / statutory provisions as well as self-
regulatory standards and codes of conduct applicable to all types of banking activities.

2.2 To build a structure or reporting within the bank for an effective follow-up of all external
and internal compliances.

2.3 To define responsibilities at various levels for ensuring proper and timely compliance.

2.4 To foster/ inculcate a culture of compliance among all levels of the bank and educate
the staff members in the area of compliance.

2.5 To keep the Senior Management / Board informed at regular intervals that all the
compliance requirements are duly met by the bank and to report any material compliance failures
Page 2 of 16
that may attract legal / regulatory sanctions, or which may result in material financial / reputational
loss.

3. Organization of compliance structure:

3.1 The compliance function in the bank shall be discharged by the Compliance Department
at Head Office.

3.2 An Executive not less than the rank of Deputy General Manager shall be the Chief
Compliance Officer of the bank. He shall be assisted by an Assistant General Manager (AGM) /
Chief Manager and such other staff as considered necessary for discharging the duties related to
the management of compliance risk.

3.3 The Compliance Department shall be provided with sufficient and appropriate staff to
ensure that the compliance tasks within the Bank are managed effectively. The staff having
exposure and knowledge of law, accountancy, information technology and also adequate practical
experience in various business lines and audit/inspection function, shall be posted to Compliance
Department. The compliance staff should have sound understanding of compliance laws, rules
and standards and their practical impact on the Bank’s operations.

3.4 General Manager/ Functional Head of Head Office Departments shall designate an officer
preferably 2nd line executive not below the rank of Scale IV as Compliance Officer of the
department. Compliance Officer of the Head Office Department will be responsible for compliance
function in the respective Department and shall report any noncompliance/breach of compliance
to Chief Compliance Officer.

3.5 Circle General Manager/ Functional Head of Circle Office shall designate an officer
preferably 2nd line executive not below the rank of Scale IV as Compliance Officer of the Circle.
Compliance Officer of the Circle will be responsible for compliance function in the respective Circle
and shall report any non-compliance/breach of compliance to Chief Compliance Officer.
Compliance Officer of the Circle has to ensure compliance by obtaining periodical confirmation
from branches/offices etc., which are under direct control of Circle Office.

3.6 Zonal Manager shall designate an officer preferably 2nd line executive not below the rank
of Scale IV as Compliance Officer of the Zone. Compliance Officer of the Zone will be responsible
for compliance function in the Zone and shall report any non-compliance/breach of compliance to
Chief Compliance Officer. Compliance Officer of the zone has to ensure compliance by obtaining
periodical confirmation from branches/offices etc., in the zone.

3.7 Branch Manager shall designate a second line officer as compliance officer of the branch
to oversee the compliance function in the branch. Where there is no second line officer available
in the branch, branch manager himself will oversee the compliance function in the branch.
Compliance officer of the branch will be responsible for submission of information on compliance
and reporting of compliance breaches to controlling office promptly.

Page 3 of 16
 3.8 The Chief Compliance Officer shall in turn report to the Executive Director, the Managing
Director & Chief Executive Officer (MD & CEO) and the Board in that order and shall also have a
direct line of reporting to the Board / Audit Committee of the Board.

4. Scope of compliance function:

4.1 The statutory (including the latest amendments thereof), regulatory and internal
guidelines and codes that govern the banking business, such as:

i. Banking Regulation Act, 1949

ii. Reserve Bank of India Act, 1934
iii. Banking Laws (Amendment) Act, 2012.

iv. Banking Companies (Acquisition & Transfer of Undertakings) Act, 1970

v. Banking Companies (Acquisition & Transfer of Undertakings) Act, 1980

vi. Bankers Books Evidence Act, 1891

vii. Foreign Exchange Management Act, 1999

viii. Prevention of Money Laundering Act, 2002
ix. Negotiable Instruments Act, 1881

x. Banking Ombudsman Scheme 2006

xi. Income Tax Act, 1961

xii. Right to Information Act, 2005

xiii. Securitisation and Reconstruction of Financial Assets and Enforcement of Security

Interest (SARFAESI) Act, 2002

xiv. Credit Information Companies (Regulation) Act, 2005

xv. Information Technology Act, 2000

xvi. Consumer Protection Act 1986

xvii. Any other Act related to banking that is in force at present or may come into

existence in future.

4.2 Standards and codes prescribed by:

Page 4 of 16
 i. Reserve Bank of India

ii. Banking Codes and Standards monitored by the Banking Codes and Standards

Board of India (BCSBI)

iii. Indian Banks Association (IBA)

iv. Foreign Exchange Dealers Association of India (FEDAI)

v. Fixed Income Money Market and Derivatives Association of India (FIMMDA)

vi. Securities and Exchange Board of India (SEBI)

vii. Insurance Regulatory Development Authority (IRDA)

viii. Central Vigilance Commission (CVC)

ix. Goiporia Committee

x. Ghosh Committee

xi. Institute of Chartered Accountants of India (ICAI)

xii. Any other regulatory/statutory law, rule or standards.

4.3 Internal guidelines:

Various internal policies and guidelines issued by the Bank from time to time.

4.4 The aforesaid statutory, regulatory and internal guidelines shall be the scope for
operation of the compliance function in the bank. The Managing Director & CEO/Executive
Directors may modify the scope as deemed fit to widen or strengthen the compliance function.
The Compliance Department will identify the functions of the bank that fall under each guideline
and will also assess the risk level of each function.

5. Independence of compliance function:

5.1. The sole task of the Compliance Department is to oversee compliance function for
management of the bank’s compliance risk. The Compliance Department will function in an
independent environment and should be kept away from any conflict of interest with other
functions of the bank i.e. the staff of Compliance Department will perform only compliance
responsibilities. The compliance staff or the Chief Compliance Officer should not be assigned with
any other operational functions of the bank, in normal course.

5.2. The department will have the right, on its own initiative to communicate with any staff
member and obtain access to any records or files necessary to enable it to carry out its
responsibilities. It will also have the right to conduct review / investigation of possible breaches

Page 5 of 16
of the Compliance and to request assistance from specialists within the bank (e.g. Legal or
Internal Audit) or engage outside experts to perform this task under advice to the Managing
Director & CEO/Executive Directors, if the Chief Compliance Officer, in his discretion, finds it
appropriate.

5.3. The department will be free to report to the Managing Director & CEO/Executive
Directors any irregularities or possible breaches disclosed by its investigation without fear of
disfavour from management or other staff members. Although its normal reporting line will be
to the Managing Director & CEO and Executive Directors, it will also have the right of direct access
to the Board of Directors or to the Audit Committee of the Board, as the case may be, bypassing
normal reporting lines.

6. Responsibility of the Board:

6.1 The Board would be responsible for ensuring that an appropriate compliance policy is in
place in the bank to manage compliance risk and also overseeing its implementation. It shall ensure
that compliance issues are resolved effectively and expeditiously by senior management with the
assistance of compliance staff. In terms of the guidelines of the Reserve Bank of India, Board may
delegate these tasks to the Audit Committee of the Board [ACB] or a specific Board Level
Committee constituted for the purpose. The Board or Audit Committee of the Board or the Board
Committee, as the case may be, would review compliance function on a quarterly basis. A detailed
annual review shall also be placed before the Board/ Audit Committee of the Board or the Board
level Committee. In order to ensure that there is no potential conflict of interest and that the
activities of the compliance function are subject to independent review, the compliance function
and the audit function of the bank should necessarily be kept separate.

6.2 The responsibility of monitoring the compliance function in the bank is delegated to the
Audit Committee of the Board. All reports and reviews shall henceforth be placed before the Audit
Committee of the Board.

7. Responsibility of Senior Management:

7.1 The bank's senior management would be responsible for establishing a written
compliance policy that would contain the basic principles to be followed by the management and
staff, and would explain the main process by which compliance risk would be identified and
managed through all levels of the organization.

7.2 The senior management would ensure that appropriate remedial or disciplinary action is
taken if breaches are identified.

7.3 Senior management shall, with the assistance of the compliance Department:

Page 6 of 16
  At least once a year, identify and assess the main compliance risk facing the bank
and formulate the plans to manage them.
 Submit to Audit Committee of the Board, quarterly and annual reviews, in such a
manner as to assist committee members to make an informed judgment on whether
the bank is managing its compliance risk effectively; and
 Report promptly to Audit Committee of the Board on any material compliance failure
[e.g. failure that may attract a significant risk of legal or regulatory sanctions, material
financial loss, or loss to reputation].

8. Chief Compliance Officer:

8.1 There shall be a Chief Compliance Officer of the bank not less than the rank of Deputy
General Manager (DGM). His tenure will be for two years. The Audit Committee of the Board is
empowered to extend the tenure after expiry of the original tenure. As per the guidelines of the
RBI, the Chief Compliance Officer may be removed or transferred only with the approval of the
Board, and through an internal administrative procedure in which his negligence in discharging
compliance function or his serious acts of omission and commission in other financial or
administrative matters is established and recorded in a transparent manner.

8.2 The Board and the Audit Committee of the Board should be kept informed of any change
in the Chief Compliance Officer as also the reason for the change in the incumbent. The Reserve
Bank of India shall be kept informed of the name of the Chief Compliance Officer as also any
change thereof, as and when it takes place.

8.3 The Chief Compliance Officer shall be an invitee to the meetings of Audit Committee of
the Board.

8.4 The Chief Compliance Officer should be a member of the 'new product' committee/s to
ensure that the new products / processes have clearance from all perspectives including
compliance.

8.5 The Chief Compliance Officer shall be the nodal point of contact between the bank and
the regulator. He should necessarily be a participant in the quarterly informal discussions held with
RBI. In case no quarterly meeting is held, he should meet the Chief General Manager, DBS, in
charge of the bank at Central Office of RBI once in every quarter of the year to discuss compliance
issues.

8.6 The Chief Compliance Officer is authorized to design or modify formats, for ensuring
compliance from zonal offices, units/ branches and head office departments.

8.7 The decisions taken by the Chief Compliance Officer in discharging his duties cannot be
overruled by the business heads.

Page 7 of 16
 9. Compliance principles, processes and procedures:

9.1 The Compliance Department at Head Office would play central role in the area of
identifying the level of compliance risk in each business line, products and processes and issue
instructions to operational functionaries / formulate proposals for mitigation of such risk. It shall
periodically circulate the instances of compliance failures among staff along with preventive
instructions.

9.2 Bank should develop function-wise Compliance Manuals duly approved by the Chief
Compliance Officer if their operating manuals do not already contain specific sections on
compliance and provide these to the staff associated with the respective functions.

9.3 All the functional departments should have their policies with function wise compliance
parameters for information of the staff associated with the functions and also list out various
returns/reports to be submitted by the Bank to the statutory and regulatory authorities.

9.4 The functional departments at Head Office will put in place systems for meticulous
compliance of statutory, regulatory and internal guidelines by all the concerned under their control
while carrying out the business operations. Any breaches/failures of compliance noticed by them
in their area of operations should be promptly reported to compliance department. The compliance
department will scrutinize such breaches/failures of compliance and guide the functional
departments with measures for rectification and prevention.

9.5 The functional departments at Head Office should extend their cooperation to the
Compliance Department for the success of compliance function in the bank. They should promptly
submit the information requested by the Compliance Department for their assessment of
compliance. They should also strictly follow the instructions and guidelines issued by the
Compliance Department on compliance matters. A cordial working relationship between
Compliance Department and functional departments would help to identify and manage
compliance risks at an early stage.

9.6 The employees of the bank should deal with the customers in a fair manner and they
should conduct business operations consistent with rules and regulations.

9.7 Non-compliance with any regulatory guidelines and administrative actions initiated
against the Bank and/or corrective steps taken to avoid recurrence of the lapses should be
disclosed in the Annual Report of the Bank.

9.8 Inspection / audit findings shall serve as a feedback mechanism for the Compliance
Department for assessing the areas of compliance breaches / failures. A check-list on the
compliance aspect shall be made part of the inspection report for the inspectors / concurrent
auditors to verify the level of compliance. The audit function should keep the Chief Compliance
Officer informed of audit findings related to compliance.

Page 8 of 16
 9.9 Compliance Department shall vet the guidelines / circulars issued, for compliance with
regulatory guidelines before these are disseminated amongst the operational units. The
Compliance Department shall:

 Ensure that regulatory guidelines/ instructions are promptly disseminated within the
organization and
 Monitor compliance with the regulatory guidelines / instructions.

9.10 All the policies are to be vetted by Compliance Department and Risk Management
Department before they are put up to the competent authority for their approval / review. The
Departments concerned shall ensure the same.

9.11 The Compliance Department shall serve as a reference point for the bank's staff
from operational departments for seeking clarifications / interpretations of various regulatory and
statutory guidelines.

9.12 The Compliance Department shall, on a pro-active basis identify, document, and
assess the compliance risks associated with bank's business activities and products. The
compliance risks in all new products and processes shall be thoroughly analysed and appropriate
risk mitigants by way of checks and balances shall be put in place before launching. The concerned
department shall ensure that, it has taken note of all the compliance requirements and furnish a
certificate to this effect to the Chief Compliance Officer.

9.13 All new products shall be subjected to intensive monitoring for the first six months
of introduction to ensure that the indicative parameters of compliance risk are adequately
monitored.

9.14 The Compliance Department shall, at frequent intervals, interact with Legal
Department, Central Accounts Department and Inspection & Audit Department of the bank to take
stock of the latest developments. Compliance officers shall have access to all information they
require and have the right to conduct investigation and report the findings to the Chief Compliance
Officer.

9.15 The compliance personnel should be looked at as a friend, philosopher and guide
by the business units. There shall be close co-ordination and partnership between Compliance and
Business Operations functions. The interaction may be formalized by making the Chief Compliance
Officer a member of the various inter-departmental committees in the bank.

9.16 The Compliance Department shall also consider ways to measure compliance risk
(e.g. by using performance indicators) and use such measurements to enhance compliance risk
assessment. The Compliance department shall have the access to information necessary to carry
out the compliance function in the bank and to disclose its findings and views to management,
Board / Audit Committee.

Page 9 of 16
 9.17 An Annual Report on compliance failures / breaches shall be compiled and placed
before the Audit Committee of the Board & circulated to all the functional heads. Further, the
discomfort conveyed to the Bank on any issue by other regulators, should be brought to the notice
of the Reserve Bank of India.

9.18 The following shall be treated as compliance failures / breaches for the purpose of
reporting to Audit Committee of the Board:

 Non Compliance to Regulatory guidelines commented upon by the Regulators

warranting disclosure in the Annual Financial Statements of the Bank.
 Any breach of compliance communicated in writing to the bank by the regulator.
 Penalties imposed by Regulators or Statutory Authorities for non-compliance of
Regulatory / Statutory Guidelines.
 Instances of financial loss beyond Rs.1 Lac as a result of non-compliance of any
regulatory / statutory / self-regulatory / internal guidelines of the bank.
 Noncompliance with any regulatory guidelines and administrative actions initiated
against the bank and/or corrective steps taken to avoid recurrence of the lapses shall
be disclosed in the annual report of the bank.

9.19 The code of conduct for employees shall envisage working towards earning the trust
of the society by dealing with customers in a fair manner & conducting business operations
consistent with rules & regulations. Due weightage could be given to record of compliance during
performance appraisal of staff at various levels. Staff accountability shall be examined for all
compliance failures.

10. The compliance programme:

10.1 The responsibilities of the Compliance Department shall be carried out under a
compliance programme that sets out its planned activities. The compliance programme shall be
risk based and subject to oversight by the Chief Compliance Officer to ensure appropriate
coverage across businesses and co-ordination among risk management functions.

10.2 The Compliance Department shall monitor & test compliance by performing
compliance testing and the same shall be reported to the senior management. Compliance
Department shall conduct Compliance testing of 1/5th of the Zones including sample branches
of the respective zones and 1/5th of the Head Office Departments in a year covering compliance
of all the Statutory/ Regulatory guidelines.

10.3 Compliance department shall ensure that the deviations/deficiencies observed during
compliance testing of HO Departments/Zones are rectified/complied. The Chief Compliance
Officer is authorized to permit closure of the compliance testing reports.

10.4 Zonal Office shall conduct sample compliance testing once in a year, in at least 1/5 th
branches of the zone, selecting the branches on rotation basis. The Compliance testing shall be

Page 10 of 16
conducted by the Compliance Officer of Zonal Office, or any other senior officer authorized by
the Zonal Manager. Zonal Office should ensure that all the deviations/deficiencies observed
during compliance testing are rectified/complied. Zonal Office should submit a consolidated
report to the Chief Compliance Officer before end of the financial year, confirming completion
of compliance testing in 1/5th of branches during the year, along with summary of compliance
testing.

10.5 Bank shall carry out an annual compliance risk assessment in order to identify and
assess major compliance risks faced by it and prepare a plan to manage the risks. The Annual
review shall broadly cover the following aspects.

 Compliance failures, if any, during the preceding year and consequent losses and
regulatory action as also steps taken to avoid recurrence of the same.
 List of all major regulatory guidelines issued during the preceding year and steps
taken by the bank to ensure compliance.
 Independence of compliance function.
 Scope of compliance procedures and processes.
 Systems of internal control to minimize compliance risk.
 Compliance with fair practices codes and adherence to standards set by self-
regulatory bodies and accounting standards.
 Progress in rectification of significant deficiencies pointed out in the internal audit,
statutory audit and RBI inspection reports and position of implementation of
recommendations made therein.
 Strategy for the next year including restructuring of Compliance Department, if
necessary, such as posting / transfer / training of staff etc.,

10.6 Apart from the exhaustive annual review, a monthly report on the position of
compliance risk shall be put up to the senior management / ED / MD & CEO by the Chief
Compliance Officer. A brief report on the compliance position shall also be placed before the
Audit Committee of the Board on a quarterly basis.

10.7 Annual Review on Compliance shall be placed before the Board during the first
quarter of succeeding year.
10.8 Instances of all material compliance failures which may attract significant risk of
legal or regulatory sanctions, financial loss or loss of reputation shall be reported to the Audit
Committee of the Board promptly.

10.9 The activities of the Compliance Department shall be subject to annual review by
the internal audit. Compliance risk shall be included in the risk assessment methodology of the
internal audit function and the audit programme shall cover the adequacy and effectiveness of
the bank's compliance function including testing of controls commensurate with the perceived
level of risk.

10.10 Compliance Department will maintain the list of statutory periodical

returns/reports/review notes to be submitted by HO departments, and shall monitor the same.

Page 11 of 16
 10.11 The compliance department will prepare and submit the reports/returns.

11. Risk Based Supervision:

11.1 Certain specific templates oriented towards compliance assessment have been
introduced by RBI under the RBS framework. The guidelines forming part of such template are
neither exhaustive nor static and are expected to be updated on an annual basis. Chief
Compliance Officer should ensure total compliance with all specific guidelines enlisted in the said
template. An exhaustive compliance framework encompassing all guidelines emanating from
RBI will be put-up, the potential breaches will be identified and remedial action will be taken
upfront.

12. Compliance with risk mitigation plan (RMP):

12.1 A time-bound strategy is to be devised to ensure that compliance on all specified

points is achieved within the time frame. An adequate compliance scenario is to be ensured,
where all RMP points are complied with well before the commencement of the subsequent
supervisory cycle and/or within the periods prescribed for fulfilling the requirements of RMP.

13. Submission of compliance to RBI inspection reports:

13.1 In case the compliance to RBI inspection reports is communicated through the
Inspection & Audit Department, a copy of the same needs to be endorsed to the Chief
Compliance Officer, for information.

14. Promoting compliance culture:

14.1 The need to comply with instructions meticulously is to be re-emphasized among

all the staff in the bank through continuous and mandatory training to all staff on compliance
aspects, appropriate disciplinary measures through staff accountability framework/policies for
non- compliance etc. Compliance should not be seen as an activity of the compliance department
alone but as a culture that should pervade across the Bank.

15. Guidance and education:

15.1 The Compliance Department shall advise and assist the senior management on
compliance laws, rules and standards including keeping them informed on developments by
establishing written guidance to staff on the appropriate implementation of compliance laws,
rules and standards through policies and procedures and other documents such as compliance
manuals, internal codes of conduct and practice guidelines.

Page 12 of 16
 16. Cross border issues:

16.1 Bank may choose to carry on business in various jurisdictions for a variety of
legitimate reasons. In such cases, it shall be ensured that it complies with applicable laws and
regulations in all such jurisdictions and that the organization & structure of the compliance
function and its responsibilities are consistent with local legal and regulatory requirements. It is
for local businesses to ensure that compliance responsibilities specific to each jurisdiction are
carried out by individuals with the appropriate local knowledge and expertise, with oversight
from the Chief Compliance Officer in co-ordination with the bank's other risk management
functions.

17. Submission of quarterly compliance certificate to the audit committee of

the board:

17.1 Compliance Department shall obtain compliance Certificates on a quarterly basis

from all the Head Office Departments, Circle Offices and Zonal Offices confirming that all the
Statutory/Regulatory/Self-Regulatory and Internal Guidelines of the bank have been complied
with by them/by the offices under their control. After obtaining such certificates, Compliance
Department shall place before the Audit Committee of the Board, a comprehensive certificate of
compliance for the bank as a whole before the end of the succeeding quarter.

18. Review of the policy:

18.1 The policy should be reviewed annually by the Board.

II. COMPLIANCE DEPARTMENT AT HEAD OFFICE:

Compliance Department at Head Office is headed by Deputy General Manager who is

designated as Chief Compliance Officer of the Bank. He is reporting to the Executive Directors, the
MD & CEO and he Board in that order and also have a direct line of reporting to the Board / Audit
Committee of the Board.

The Compliance Department at Head Office oversees and ensures that the guidelines issued
by all statutory and regulatory authorities from time to time are implemented in our Bank in true
spirit. The Compliance department helps top management in appropriate implementation of
compliance laws, rules and regulations.

The Compliance department performs compliance testing every year in 1/5 th of Head Office
departments and 1/5th of Zones along with one or two sample branches in each zone. During this
compliance testing, the visiting official verifies implementation of statutory/regulatory guidelines
at functional level. The deviations/breaches noticed during this compliance testing, if any, are
reported to the top management.

Page 13 of 16
 III. COMPLIANCE FUNCTIONS AT OTHER HEAD OFFICE DEPARTMENTS:

The General Manager or the vertical head of each Head Office Department designates an
officer ranked not less than Scale IV, preferably second line executive of the department, as
compliance officer of that department. The Compliance officer of the Head Office Department will
be responsible for compliance function in their Department and shall report any non-
compliance/breach of compliance to Chief Compliance Officer. If the identified compliance officer
retires/transferred, the Head of the department should identify another officer as Compliance
Officer and should report the details of new Compliance Officer, to the Compliance Department.

It is the responsibility of the different Head Office Departments to ensure that all the
statutory and regulatory guidelines related to their functioning, are properly implemented in our
Bank. Mere issuance of a Circular to the Branches is not considered as compliance to
the guidelines, but the department should ensure that the guidelines are actually implemented at
functional level.

IV. COMPLIANCE FUNCTIONS AT CIRCLE OFFICES AND ZONAL OFFICES:

Circle General Manager / Zonal Manager shall designate an officer ranked not less than Scale
V, preferably the second line executive of the Circle/Zone, as the compliance officer of the
Circle/Zone. If the identified compliance officer retires/transferred, the Head of the Circle/Zone
should identify another officer as Compliance Officer and should report details of new Compliance
Officer, to Compliance Department, HO.

Compliance Officers of the Circles/Zones will be responsible for compliance function in their
Circles/Zones and shall report any non-compliance/breach of compliance to the Compliance
Officer. Compliance officers of the Circles/Zones have to obtain periodical confirmation from
branches/offices under their control, to ensure compliance by all the branches & offices in their
Circles/Zones.

Circle Offices/Zonal Offices shall conduct sample compliance testing once in a year, in at
least 1/5th branches of the Circle/Zone, by selecting the branches on rotation basis. The
Compliance testing shall be conducted by the Compliance Officer of Circle/Zonal Office, or any
other senior officer authorised by the CGM/Zonal Manager. Circle/Zonal Offices should ensure that
all the deviations/deficiencies observed during compliance testing are rectified / complied with.
They should ensure that such deviations/deficiencies do not recur. Circle Offices/Zonal Offices
should submit a consolidated report to the Chief Compliance Officer before end of the financial
year, confirming completion testing in 1/5th of branches during the year, along with the summery
of findings of compliance testing.

Some of the important functions to be performed at Zonal Offices:

a. CRILC verification has to be invariably done while opening Current accounts.

b. Surprise verification of cash, gold ornaments, other security items and ATM cash
is to be done without fail.
c. Legal Audit for all eligible accounts is to be conducted.
d. Monitoring of re-verification of title deeds and other related documents for credit exposure
of Rs.5.00 crore and above has to be done.

Page 14 of 16
 e. Registration of movable/immovable/intangible assets with CERSAI must be monitored.
f. Review of ADA reports has to be done on Real Time basis without delay.
g. Zonal office to depute a senior officer to verify assets financed by bank for fresh limits of
Rs.3.00 crore and above within 3 months.
h. Surprise verification of all branches in a quarter by Zonal Office has to be done without fail.

V. COMPLIANCE FUNCTIONS AT BRANCHES & OTHER ADMINISTRATIVE

OFFICES:

Branch Manager shall designate a second line officer as compliance officer of the branch to
oversee the compliance function in the branch. Where there is no second line officer available in
the branch, branch manager shall oversee the compliance function in the branch. Compliance
officer of the branch will be responsible for submission of information on compliance and reporting
of compliance breaches to controlling office promptly.

Some of the important functions to be performed at Branches:

a. Registration of all eligible properties under mortgage to us has to be registered with CERSAI
within the prescribed time.
b. Reverification of title deeds and other documents for credit exposure of Rs.5.00 crores and
above has to be done and a proper record has to be maintained.
c. Compliance to Zonal Office review reports has to be submitted without any time delay.
d. Critical day end reports like FTR, Day book, Cash scrolls, Exceptional transaction reports
have to be generated and filed in the branch.
e. Comprehensive Notice board containing details of Time norms, Interest rates, Service charges,
clean note policy has to be displayed in the branch.
f. CRILC verification while opening Current accounts has to be done.
g. System generated cash receipts have to be issued to customers.
h. Mandatory registers like Bait money, Coins distribution and Exchange of cut/soiled/mutilated
currency are to be maintained and updated regularly.
i. Surprise verification of cash by branch head is to be conducted every month invariably.

REPORTING OF INFORMATION TO RBI OFFICES:

RBI offices in different states may require information from Branches/Zonal Offices/Circle
Offices in the respective states. In order to ensure uniformity and consistency of flow of
information, it is informed that no branch shall submit information to any of the RBI Offices without
the concurrence of the concerned Zonal Compliance Officer. Zonal Compliance Officer shall mark
a copy of such information to the respective Circle Compliance Officer and also to the Chief
Compliance Officer, Head Office.

REPORTING OF PENALTIES PAID/SHOW-CAUSE NOTICES RECEIVED:

If any penalties are imposed by the statutory and regulatory authorities and paid by our
Branches/Offices as per the delegated authority/after obtaining the necessary approvals from the
competent authority, the same are to be reported to the Chief Compliance Officer. Further, if any

Page 15 of 16
show cause notices are received from the Statutory & Regulatory authorities, the same are to be
reported Chief Compliance Officer. Such penalties/show cause notices are to be reported as and
when they take place and are to be included in the quarterly compliance certificate.

RISKS OF NON-COMPLIANCE:

Regulators view non-compliance of guidelines or false reporting of compliance, as a serious

irregularity and initiate stringent action. The officials of RBI verify the implementation of directions
during their RBS (Risk Based Supervision) audit and incognito visits to the branches and point out
the deviations/deficiencies. The consequences of non-compliance include but are not limited to
the following:

1. Adverse Comments by Regulators

2. Penalties & Punishments
3. Loss of Reputation and Business
4. Creation of low quality assets (advances, investments & human resources) which in
turn result in above losses
5. Non-compliance/breaches are to be reported in our Annual report which may impact
the confidence of the investors.

IMPROVING COMPLIANCE CULTURE IN THE BANK:

Controlling Offices, especially executives at Circle Offices/Zonal Offices should encourage

and Develop compliance culture among all levels of the staff. The staff members working at
different Departments in the administrative offices (HO/CO/ZO) should be aware of the extant
(prevailing) rules, regulations and actual procedures related to the activities of their departments.
They should be able to guide them in discharging the duties, duly following the extant (prevailing)
policies and procedures.

***

Page 16 of 16