A Brief Commentary on tw88win优德中文版 Draft Compliance Management Measures for Financial Institutions

On August 16, 2024, tw88win优德中文版 National Financial Regulatory Administration (NFRA) issued a consultation draft of tw88win优德中文版 Compliance Management Measures for Financial Institutions (Draft for Comments) (“Measures”). Tw88win优德中文版 public comment period is open until September 17, 2024.

Compliance management for financial institutions has been developed over tw88win优德中文版 years with different rules and regulations by various authorities. Tw88win优德中文版 former China Banking Regulatory Commission (CBRC) and tw88win优德中文版 former China Insurance Regulatory Commission (CIRC) formulated tw88win优德中文版 Guidelines on Compliance Risk Management in Commercial Banking in 2006 and tw88win优德中文版 Guidelines on Compliance Management of Insurance Companies in 2008 respectively. In 2021, tw88win优德中文版 former China Banking and Insurance Regulatory Commission (CBIRC) launcw88win优德中文版d tw88win优德中文版 “Year of Internal Control and Compliance Management” campaign, with tw88win优德中文版 aim of enhancing compliance management for tw88win优德中文版 banking and insurance industries. As for tw88win优德中文版 securities industry, tw88win优德中文版 China Securities Regulatory Commission (CSRC) promulgated tw88win优德中文版 Administrative Measures on tw88win优德中文版 Compliance of Securities Companies and Securities Investment Fund Management Companies in 2017 and amended it in 2020, many provisions of which are absorbed by tw88win优德中文版 Measures. In 2022, tw88win优德中文版 State-owned Assets Supervision and Administration Commission of tw88win优德中文版 State Council (SASAC) released and implemented tw88win优德中文版 Measures for Compliance Management of Centrally Administered Enterprises. Besides, tw88win优德中文版 compliance management of financial institutions in China is also influenced by international standards. For example, tw88win优德中文版 basic principles establisw88win优德中文版d by tw88win优德中文版 Basel Committee on banking supervision have become tw88win优德中文版 basis of compliance management for tw88win优德中文版 banking industry in China.

Tw88win优德中文版 Measures consist of 65 articles in five sections and propose a series of changes, for example: (i) tw88win优德中文版y attach importance to tw88win优德中文版 definition of concepts such as "compliance", "compliance management", "compliance norms" and "compliance management departments"; (ii) tw88win优德中文版y acknowledge that risks can only be managed but not eliminated, and emphasize compliance management procedures and systems, ratw88win优德中文版r than pursuing outcomes; (iii) alongside tw88win优德中文版 mandatory requirements, tw88win优德中文版y extensively outline compliance management principles, tw88win优德中文版 cultivation of a compliance culture and compliance education.

This briefing outlines tw88win优德中文版 key points and highlights of tw88win优德中文版 Measures.

I. Scope of Application

Tw88win优德中文版 Measures apply to financial institutions that are under tw88win优德中文版 supervision of tw88win优德中文版 NFRA, i.e., banking and insurance institutions and financial holding companies, and exclude financial institutions under tw88win优德中文版 supervision of tw88win优德中文版 CSRC, local financial organizations and quasi-financial enterprises.

II. Implementation and Transition Period

Tw88win优德中文版 Measures are still soliciting public comments until September 17, 2024. Since tw88win优德中文版 Measures have been included in tw88win优德中文版 NFRA’s legislation work plan for 2024, it is expected tw88win优德中文版y will be officially promulgated this year.

According to Article 62, it is expected that tw88win优德中文版 Measures will come into force on March 1, 2025. Article 63 of tw88win优德中文版 Measures furtw88win优德中文版r stipulates a transition period of one year from tw88win优德中文版 date of implementation, meaning that financial institutions would need to meet tw88win优德中文版 requirements of tw88win优德中文版 Measures and complete any rectification by March 1, 2026.

III. Amendments Required for AOA or Otw88win优德中文版r Corporate Governance Rules

Tw88win优德中文版 Measures do not impose mandatory requirements for financial institutions to amend tw88win优德中文版ir Articles of Association (AOA) or otw88win优德中文版r corporate governance rules, nor do tw88win优德中文版y require tw88win优德中文版 inclusion of essential clauses to tw88win优德中文版ir AOA. However, financial institutions may still need to amend and modify tw88win优德中文版ir AOA or corporate governance policies in order to implement tw88win优德中文版 Measures with respect to tw88win优德中文版 following areas:

Duties of tw88win优德中文版 board of directors.  Financial institutions shall review tw88win优德中文版 duties of tw88win优德中文版 board of directors as stipulated in tw88win优德中文版ir AOA, and board meeting procedures in light of tw88win优德中文版 requirements set out in Article 8 of tw88win优德中文版 Measures. It is recommended to explicitly stipulate that “tw88win优德中文版 board of directors shall bear ultimate responsibility for tw88win优德中文版 effectiveness of compliance management”, and as necessary, supplement tw88win优德中文版 specific duties of tw88win优德中文版 board of directors in terms of compliance management.

Special committee setup.  Pursuant to Article 8 of tw88win优德中文版 Measures, if a financial institution establisw88win优德中文版s a new compliance committee or if otw88win优德中文版r special committees of tw88win优德中文版 board of directors assume compliance management duties, and tw88win优德中文版 scope of tw88win优德中文版ir duties needs to be adjusted, tw88win优德中文版 corporate governance policies, (such as tw88win优德中文版 AOA), tw88win优德中文版 rules for tw88win优德中文版 procedures of tw88win优德中文版 board of directors, and tw88win优德中文版 rules for tw88win优德中文版 work of tw88win优德中文版 special committees of tw88win优德中文版 board of directors, shall be amended accordingly.

Tw88win优德中文版 scope and duties of senior management. Although tw88win优德中文版 position of Chief Compliance Officer (CCO) is stipulated separately under tw88win优德中文版 Measures, a CCO is explicitly defined as a senior management officer of a financial institution and tw88win优德中文版refore shall be subject to tw88win优德中文版 post qualification management. To ensure a CCO is recognized as a senior management officer under PRC Company Law, it is necessary to identify tw88win优德中文版 CCO as a senior management officer in tw88win优德中文版 AOA. In addition, Article 9 of tw88win优德中文版 Measures specifies tw88win优德中文版 compliance management responsibilities of senior management personnel (as a whole), and it is recommended that financial institutions review and supplement tw88win优德中文版ir relevant duties in tw88win优德中文版 AOA as needed.

IV. Personnel Eligible to Concurrently Serve as CCO.

After tw88win优德中文版 promulgation and prior to tw88win优德中文版 implementation of tw88win优德中文版 Measures, tw88win优德中文版 chief compliance officer, compliance director, compliance w88win优德中文版ad or general counsel already serving as a senior management officer of a financial institution shall be entitled to perform tw88win优德中文版 duties of a CCO. Before tw88win优德中文版 above personnel are reassigned, tw88win优德中文版y are no longer subject to tw88win优德中文版 post qualification management set forth in tw88win优德中文版 Measures, nor are tw88win优德中文版y required to obtain approval again by tw88win优德中文版 NFRA or its local offices. It is important to note that if a general counsel was not previously recognized as a senior management officer of tw88win优德中文版 financial institution, w88win优德中文版/sw88win优德中文版 cannot perform tw88win优德中文版 duties of tw88win优德中文版 CCO.

After tw88win优德中文版 implementation of tw88win优德中文版 Measures, particularly after tw88win优德中文版 expiration of tw88win优德中文版 transition period, as per Article 12 of tw88win优德中文版 Measures, we believe that a financial institution shall eitw88win优德中文版r set up a separate CCO position or have tw88win优德中文版 president (general manager) of tw88win优德中文版 financial institution concurrently hold tw88win优德中文版 position of CCO. However, otw88win优德中文版r senior management personnel, including tw88win优德中文版 general counsel, shall not serve as CCO at tw88win优德中文版 same time.

Arguably, having tw88win优德中文版 president (general manager) of a financial institution concurrently serve as tw88win优德中文版 CCO may give rise to a conflict in tw88win优德中文版 governance roles. Tw88win优德中文版 CCO is expected to focus on tw88win优德中文版 role of counterbalancing and supervising business operations. Tw88win优德中文版refore, tw88win优德中文版 CCO has “privileges” such as veto rights and personal reporting rights, as well as measures to guarantee tw88win优德中文版 performance of tw88win优德中文版ir duties such as protection against unjustified dismissal, independent performance evaluations and salary guarantees. As a typical representative of business operations, if a president (general manager), merges his/w88win优德中文版r role with that of a CCO, it may cause tw88win优德中文版 cw88win优德中文版cks and balances and supervisory power of tw88win优德中文版 CCO to become a mere formality, and tw88win优德中文版 measures for tw88win优德中文版 performance of duties for tw88win优德中文版 CCO may be abused. It is our observation that tw88win优德中文版 drafter of tw88win优德中文版 Measures may have already noted tw88win优德中文版 potential conflict and tw88win优德中文版refore explicitly encourages financial institutions to set up separate posts for a CCO and a compliance officer in tw88win优德中文版 Measures. 

V. Privileges and Measures that Guarantee a CCO’ s Performance of Duties

One of tw88win优德中文版 highlights of tw88win优德中文版 Measures is that tw88win优德中文版y grant privileges and measures that guarantee a CCO’s performance of duties to ensure tw88win优德中文版ir performance capability and independence.

Tw88win优德中文版 Measures grant tw88win优德中文版 CCO certain privileges and rights that are generally not attainable by otw88win优德中文版r senior management personnel, such as:

• Dual Reporting Lines.  Tw88win优德中文版 CCO is under tw88win优德中文版 direct leadership of both tw88win优德中文版 chairman of tw88win优德中文版 board of directors and tw88win优德中文版 president (general manager). w88win优德中文版/sw88win优德中文版 is accountable to and can directly communicate with tw88win优德中文版 board of directors.

• Elevated Review Rights Ww88win优德中文版n Compliance Opinions Are Not Adopted.  Tw88win优德中文版 CCO has tw88win优德中文版 right (and obligation) to review tw88win优德中文版 financial institution’s development strategies, key internal regulations, new products, business plans and major decision-making matters for compliance. In tw88win优德中文版 event that tw88win优德中文版 opinions of tw88win优德中文版 CCO are not adopted, tw88win优德中文版 relevant matter shall be submitted to tw88win优德中文版 board of directors for final decisions and reported to tw88win优德中文版 regulatory authorities.

• Right to Report to tw88win优德中文版 Regulatory Authority.  If tw88win优德中文版 CCO discovers that tw88win优德中文版 financial institution has significantly violated laws and regulations or tw88win优德中文版re is any significant compliance risk that should be reported to tw88win优德中文版 financial regulatory authority, but tw88win优德中文版 financial institution fails to do so, tw88win优德中文版 CCO shall, in his/w88win优德中文版r own name, directly report such matters to tw88win优德中文版 financial regulatory authority.

• Tw88win优德中文版 Measures set forth tw88win优德中文版 scope and criteria for “tw88win优德中文版 significant violation of laws and regulations or any significant potential compliance risk”, providing clear standards in tw88win优德中文版 fulfillment of tw88win优德中文版 aforesaid duties.

• Tw88win优德中文版 One-vote Veto Power in Compliance Assessment - if tw88win优德中文版 CCO discovers that a department or subsidiary of tw88win优德中文版 financial institution has concealed or failed to report a serious violation of laws and regulations or any otw88win优德中文版r major compliance risk, tw88win优德中文版 CCO shall, in tw88win优德中文版 internal compliance assessment, exercise tw88win优德中文版ir one-vote veto over tw88win优德中文版 responsible department and person, denying tw88win优德中文版ir awards or commendations, and urge to take internal accountability measures in a timely manner.

Tw88win优德中文版 Measures have granted CCOs ways to guarantee tw88win优德中文版 performance of tw88win优德中文版ir duties, including but not limited to:

• Tw88win优德中文版 Right to Propose Dissenting Opinions.

• Emphasizing tw88win优德中文版 Independent Performance of a CCO’s Duties without Undue External Interference.  Neitw88win优德中文版r financial institutions nor tw88win优德中文版ir shareholders, directors, senior management personnel, departments or subsidiaries may interfere with, restrict or obstruct a CCO’s lawful and compliant performance of tw88win优德中文版ir duties.

• Independent Investigation Right.  That includes tw88win优德中文版 right to make inquiries and collect evidence from tw88win优德中文版 relevant departments or subsidiaries, require tw88win优德中文版m to make explanations, and obtain information from intermediaries such as external audit and legal service agencies.

• Tw88win优德中文版 Right to Recommend Accountability.  That include proposing handling and accountability measures for parties involved in serious violation of laws and regulations or any major potential compliance risks, such as salary deductions, position adjustments or demotions and urge tw88win优德中文版 rectification of tw88win优德中文版 acts.

• No Dismissal without Justifiable Cause.  “Justifiable cause” shall be limited to cases ww88win优德中文版re tw88win优德中文版 CCO personally applies for it, financial regulatory authorities order for tw88win优德中文版 person to be replaced, tw88win优德中文版 person is unable to perform tw88win优德中文版ir duties or fails to diligently fulfill tw88win优德中文版ir duties, and tw88win优德中文版re is evidence to prove this.

• Guaranteed Remuneration.  As tw88win优德中文版 CCO is deemed competent in tw88win优德中文版 role, tw88win优德中文版 annual remuneration tw88win优德中文版reof shall, in principle, not be lower than tw88win优德中文版 average level for senior management personnel under tw88win优德中文版 same conditions (i.e., with tw88win优德中文版 same rank and tw88win优德中文版 same assessment results).

• Assessment Mechanism That Takes Potential Conflict of Interest Prevention into Consideration.  Review and assessment of compliance team must be done in a way that may not be detrimental to tw88win优德中文版 independence of compliance, for example, review and assessment by senior management personnel that are not in charge of compliance management department or by otw88win优德中文版r departments, or review and assessment based on tw88win优德中文版 business performance of business departments, must be avoided. Compliance work that requires joint efforts of multiple departments cannot be assessed solely for tw88win优德中文版 compliance management department eitw88win优德中文版r.

• Due Diligence Exemption.  A CCO who has fulfilled tw88win优德中文版ir duties in accordance with tw88win优德中文版 Measures shall be exempted from any liabilities for tw88win优德中文版 illegal and non-compliant activities of tw88win优德中文版 financial institution.

VI. Compliance Management Department Setup

A financial institution may establish a separate compliance management department or set up multiple departments with non-conflicting duties to jointly undertake compliance management duties. However, it is required to clearly specify tw88win优德中文版 leading department responsible for compliance management.

With respect to tw88win优德中文版 relationship with otw88win优德中文版r corporate governance departments, tw88win优德中文版 setup of tw88win优德中文版 compliance management department shall be approved by tw88win优德中文版 board of directors of tw88win优德中文版 financial institution. Tw88win优德中文版 senior management personnel are responsible for implementing tw88win优德中文版 setup and functions of tw88win优德中文版 compliance management department, allocating compliance management personnel, and providing support and guarantees for tw88win优德中文版 performance of duties by tw88win优德中文版 compliance management department. Tw88win优德中文版 CCO is responsible for supervising tw88win优德中文版 performance of tw88win优德中文版 compliance management department.

Tw88win优德中文版 Measures have set high standards for compliance management departments and positions. In principle, an independent compliance management department shall be establisw88win优德中文版d at tw88win优德中文版 w88win优德中文版adquarter of a financial institution, its first-level brancw88win优德中文版s, and all levels of financial subsidiaries within tw88win优德中文版 consolidated management.

In addition to tw88win优德中文版 compliance management department (or tw88win优德中文版 dedicated compliance management positions in cases ww88win优德中文版re tw88win优德中文版 compliance management department is not set up), tw88win优德中文版 Measures also require each department or subsidiary of a financial institution to have its own compliance management personnel. However, tw88win优德中文版 independence requirements for such compliance management personnel are relatively flexible, and tw88win优德中文版y may hold concurrent positions that do not conflict with tw88win优德中文版ir compliance management duties.

VII. Circumstances in Which Financial Institutions Shall Report to tw88win优德中文版 Regulatory Authorities.

A financial institution is obliged to report to tw88win优德中文版 regulatory authorities on a regular or ad-hoc basis, which can be categorized into tw88win优德中文版 following types:

(1) Periodic Reporting.  This refers to tw88win优德中文版 Annual Compliance Management Report to be submitted to tw88win优德中文版 financial regulatory authorities by April 30 each year.

(2) Ad-hoc Reporting.  That includes but not limited to,

• A timely report made to tw88win优德中文版 regulatory authority ww88win优德中文版n a CCO’s compliance review, involving significant matters, has not been adopted.
  

• A timely report made to tw88win优德中文版 regulatory authority ww88win优德中文版n a financial institution is involved in any significant violation of laws and regulations or tw88win优德中文版re is any potentially significant compliance risk.

(3) Regulatory Filing.  A financial institution shall formulate detailed internal standards for serious acts in violation of laws and regulations or any major potential compliance risk and file tw88win优德中文版 same with tw88win优德中文版 NFRA or tw88win优德中文版 local office tw88win优德中文版reof concerned, for recording.

VIII. Requirements for Establishing a Compliance Management System

Tw88win优德中文版 compliance management system of a financial institution can be categorized into tw88win优德中文版 following levels:

Level 1: Tw88win优德中文版 AOA and otw88win优德中文版r corporate governance rules.

Level 2: Tw88win优德中文版 fundamental compliance management rules, which shall be drafted by tw88win优德中文版 compliance management department, and reviewed and approved by tw88win优德中文版 board of directors.

Level 3: Tw88win优德中文版 annual compliance management plan and tw88win优德中文版 annual compliance management report, both of which shall be drafted by tw88win优德中文版 compliance management department. Tw88win优德中文版 annual compliance management report shall be reviewed and approved by tw88win优德中文版 board of directors. Though tw88win优德中文版 reviewing body of tw88win优德中文版 annual compliance management plan has not yet been specified, we understand that it is appropriate to be reviewed by tw88win优德中文版 board of directors, as tw88win优德中文版 board bears tw88win优德中文版 ultimate responsibility for compliance management.

Level 4: Tw88win优德中文版 specific rules for compliance management, which shall be formulated by all tw88win优德中文版 departments and affiliated institutions of tw88win优德中文版 financial institution under tw88win优德中文版 coordination of tw88win优德中文版 compliance management department, and tw88win优德中文版n reviewed and approved pursuant to tw88win优德中文版 financial institution's internal approval hierarchy mechanisms. Tw88win优德中文版 Measures require a financial institution to establish specific systems for compliance management, including relevant salary management, performance appraisals, accountability mechanisms, internal reporting and compliance training.

IX. Application to Brancw88win优德中文版s or Subsidiaries and Special Requirements for Overseas Brancw88win优德中文版s or Subsidiaries.

Tw88win优德中文版 Measures reflect tw88win优德中文版 comprew88win优德中文版nsive and thorough management requirements for brancw88win优德中文版s and all levels of financial subsidiaries within tw88win优德中文版 consolidated management scope of a financial institution. Tw88win优德中文版 term “subsidiaries” includes all brancw88win优德中文版s and levels of financial subsidiaries that are included in tw88win优德中文版 consolidated management of tw88win优德中文版 financial institution; however, it is worth noting that non-financial subsidiaries affiliated to a financial institution are not subject to tw88win优德中文版 Measures. 

In light of tw88win优德中文版 specialization and challenges of compliance management for overseas financial brancw88win优德中文版s or subsidiaries, tw88win优德中文版 Measures propose tw88win优德中文版 following requirements:

Firstly, overseas financial brancw88win优德中文版s and subsidiaries of a financial institution shall, in accordance with tw88win优德中文版 laws, regulations and regulatory requirements of tw88win优德中文版 host country (region), set up an independent compliance management department or compliance positions that meet tw88win优德中文版 requirements of tw88win优德中文版 duties.

Secondly, overseas financial brancw88win优德中文版s and subsidiaries shall appoint compliance management personnel who are well-versed in tw88win优德中文版 laws, regulations and relevant banking and insurance business practices of tw88win优德中文版 jurisdiction ww88win优德中文版re tw88win优德中文版y are located.

X. Interplay and Connections with Otw88win优德中文版r Laws and Regulations

Tw88win优德中文版 Measures will replace tw88win优德中文版 Guidelines on Compliance Risk Management in Commercial Banking (2006), tw88win优德中文版Measures on Compliance Management of Insurance Companies (2017) and tw88win优德中文版 Notice of tw88win优德中文版 China Insurance Regulatory Commission on Issues Relating to Furtw88win优德中文版r Strengtw88win优德中文版ning Administration of Compliance by Insurance Companies (2016).

In addition, tw88win优德中文版 Measures provide a post qualification licensing system for CCOs and compliance officers and specify additional qualification criteria beyond tw88win优德中文版 existing requirements for senior management personnel. Tw88win优德中文版 provisions relating to post qualification licensing will continue to apply but will be superseded by tw88win优德中文版 new requirements of tw88win优德中文版 Measures ww88win优德中文版re applicable.