Principle 9: Compliance
The bank's board of directors is responsible for overseeing the management of the bank's compliance risk. The board should establish a compliance function and approve the bank's policies and processes for identifying, assessing, monitoring and reporting and advising on compliance risk.
132. An independent compliance function [See BCBS, Compliance and the compliance function in banks, 2005, available at www.bis.org/publ/bcbs113.pdf.] is a key component of the bank's second line of defence. This function is responsible for, among other things, ensuring that the bank operates with integrity and in compliance with applicable, laws, regulations and internal policies.
133. The bank's senior management is responsible for establishing a compliance policy that contains the basic principles to be approved by the board and explains the main processes by which compliance risks are to be identified and managed through all levels of the organisation.
134. While the board and management are accountable for the bank's compliance, the compliance function has an important role in supporting corporate values, policies and processes that help ensure that the bank acts responsibly and fulfils all applicable obligations.