Regulatory compliance : a framework for South African banks
Abstract
In April 2005, after lengthy discussions and much debate with banks around the world, the Basel Committee issued its paper entitled "Compliance and the compliance function in banks". This paper provides detailed compliance principles to which banks should adhere. Regulation 47(1) of the Regulations relating to the Banks Act, Act 94 of 1990, states that: A bank shall establish an independent compliance function as part of its risk-management framework, in order to ensure that the bank continuously manages its regulatory risk, that is, the risk that the bank does not comply with applicable laws and regulations or supervisory requirements. The regulations further require that a compliance officer of the bank shall head an independent compliance function and that the compliance function shall have adequate resources. The SARB has expressed its dissatisfaction in the past with the level of compliance among banks in South Africa and has ordered the different boards of directors to rectify the situation as a matter of urgency. This requirement compelled banks to spend more and more money on compliance, resulting in complaints from the banks about the cost of compliance. Media reports focussing on the increase in the cost of compliance have aggravated the situation even further. The cost of compliance is divided into two broad categories, namely the cost associated with performing compliance, and the cost of non-compliance. The problem that this study thus addresses is how to enable the compliance functions in the banks in South Africa to manage regulatory compliance with the relevant regulatory requirements at a measurable cost. The main objective of this study was therefore to provide a regulatory compliance framework for implementation by banks in South Africa. In order to achieve the stated objective, a specific methodology was formulated, namely: • The regulatory universe in South Africa was reviewed in order to identify all the acts that govern the activities of banks. • The direct cost of non-compliance was identified by reviewing the specific sections of the different acts in the regulatory universe where non-compliance is an offence. Included in this investigation was research into the possible indirect cost of non-compliance such as loss of revenue due to reputational damage caused by a bank's non-compliance. • Compliance officers of banks in South African were interviewed in order to ascertain the cost of compliance to these banks. Questions aimed at obtaining specific information pertaining to personnel cost, infrastructure cost, direct regulatory cost and operational cost were included.
• A review of the international perspective on regulatory compliance was performed and attention was paid to supervisory structures and current trends in regulatory compliance in the G10 countries. • A regulatory compliance framework was developed by incorporating the information obtained in the research. This framework was tested against Regulation 47 of the Regulations relating to banks as well as the Basel principles on compliance to ascertain whether it met the specific regulatory standards. • Legislative changes and other incentives were proposed in order to enhance the management of compliance risk.