Al Rajhi Bank

Compliance Report

Approach

Our approach to compliance is two pronged - preventive and corrective. On the preventive side we work on promoting a compliance culture, updating and making available all applicable regulations and circulars, education and training, weekly awareness messages etc. On the corrective dimension, whenever violations are discovered we conduct investigations and organize workshops in collaboration with relevant departments to analyze the violation, provide recommendations and ensure the execution of corrective action plans.

Responsibility

Compliance protects the reputation and credibility of the institution; protects different stakeholders including shareholders and depositors and provides safeguards against legal sanctions and other regulatory and financial consequences.

Accordingly, compliance at Al Rajhi Bank is a comprehensive and multi-faceted responsibility as set out in the Board-approved Compliance Policy. It starts with the Board of Directors and senior management and ends with all employees, each according to the powers and tasks entrusted to them. The Policy also defines the relationship between the compliance function and other control functions such as audit, risk management, legal and anti-fraud management as well as others including operations, human resources and customer services.

Framework

Al Rajhi Bank strictly follows all rules and regulations applicable to banks operating in Saudi Arabia as well as those applicable in countries where our branches and subsidiaries operate. The former include Saudi Arabian Monetary Agency (SAMA), Capital Market Authority (CMA), Ministry of Commerce and other regulatory bodies. In addition, Al Rajhi Bank complies with best international practices such as the Basel Committee Principles pertaining to the setting up of compliance units at banks, resolutions or recommendations issued by the Financial Action Task Force (FATF), Wolfsburg Standards and others. In executing our transactions Al Rajhi Bank also follows applicable rules and regulations of various countries and jurisdictions such as the US and UK.

Implementation

The Bank maintains written guidelines to staff on the appropriate implementation of compliance laws, rules, standards and other relevant documents such as compliance manuals, internal codes of conduct and best practice guidelines. These are approved by the Board and are subject to periodic reviews.

The Board's commitment and support of the compliance function within Al Rajhi Bank is further demonstrated through a Compliance Committee whose membership includes the CEO, Chief Operating Officer, Head of Retail, Head of Corporate, Chief Risk Officer, Chief Compliance Officer and Head of AML & CTF. The Committee's main focus is on enhancing the compliance culture across all functions of the Bank, which is supported through formal training of staff, updates through internal awareness links and circulars as well as access to all applicable rules and regulations through the Bank's intranet. The Committee is empowered to co-opt any member of staff as and when needed. It meets quarterly and shares its findings with the Audit Committee of the Board.

Relationship with Regulators

The Bank maintains regular dialogue with regulatory bodies, especially SAMA, to ensure full compliance with rules and regulations. This commitment extends to the participation in various platforms and forums including committees established by SAMA with members from banks operating in Saudi Arabia. Such participation resulted in several initiatives and recommendations that have helped improve the banking industry in general and the compliance culture in particular. Some examples are given below:

  • Al Rajhi Bank's Chief Compliance Officer chaired the Anti-Financial Crimes & Money Laundering Committee from October 2011 to September 2012. Notable achievements include the following:

    • Implementing the recommendations of the FATF regarding inward and outward remittances and understanding the ownership structure;
    • Drafting a comprehensive framework on building an effective Risk Based Approach (RBA) and Business Risk Assessment (BRA) for banks operating in Saudi Arabia;
    • Delivering a presentation on how to enhance due diligence through an effective RBA
    • Delivering a presentation on detecting suspicious transactions and its reporting;
    • Introducing international consultancy and system service providers to all member banks to build a better internal control environment, with a special focus on financial fraud, money laundering and terrorism financing risks.
  • The Bank's Chief Compliance Officer worked with the Institute of Banking (the training arm of SAMA) to develop a certified training module on Compliance, AML and Corporate Governance that set an industry benchmark.

Compliance Reports

As an essential part of its Annual Compliance Programme the Bank issues several reports, both periodic and ad hoc. Some examples are given below:

  • Annual report to SAMA
    This includes:

    • An assessment of the level of compliance in the Bank during the period of the report
    • Any changes in compliance risks
    • A summary of any violations identified or shortcomings that might affect the level of compliance in the Bank
    • A summary of recommended corrective measures to address violations or shortcomings, as well as the time frame for implementation
    • Actual corrective measures taken
    • Training programmes on compliance for Bank staff
    • Adequacy of human and financial resources
  • Periodic reports
    Monthly and quarterly reports which are shared with the Audit Committee and senior management. These reports include topics such as:

    • Relationship with the regulators
    • Compliance status
    • Compliance programme
    • Compliance/AML issues/initiatives/projects
    • Support needed from management
  • Compliance dashboard reports
    These are monthly reports summarizing compliance issues of the Bank and the progress made in rectifying any shortcomings. The reports are sent to all function heads and the Audit Committee. Such reports are available on the Bank website for easy reference.
  • Reports on money laundering risks
    Assessment reports are issued every quarter to business units addressing money laundering and terrorism financing risks. Such reports identify gaps, ineffectiveness of controls and recommend remedial actions. The reports are also shared with concerned functions, Chief Internal Auditor and CEO. These reports pay special attention to high risk products, in particular charity accounts, correspondent banking relationships, politically exposed persons, remittance business and branches.

Compliance Initiatives and Projects

The Bank rolls out a series of activities each year to enhance the level of compliance in the Bank and ensure all compliance and AML risks are controlled effectively. Given that the nature of money laundering and terrorism financing risks are dynamic, there is a continuing need to evaluate the effectiveness of controls that also take into account recommendations made by international organizations.

Examples of such initiatives include the following:

  • Restructuring the AML Department to cope with challenges in handling compliance risks, including risks associated with money laundering and terrorism financing. Measures included recruitment of additional staff, setting up KYC & EDD Unit and the appointment of compliance/AML officers in vulnerable business units.
  • Introducing a new AML monitoring system to detect suspicious transactions
  • Updating the Bank's customer database to ensure proper classification and more effective implementation of RBA
  • Establishing a Compliance Dashboard which provides a high level view on all compliance issues
  • Creating an in-house AML management system to report suspicious transactions by business units and track progress made
  • Updating the AML & CTF Policy of the Bank to incorporate local and international regulatory updates, including the acceptance policy of high risk customers
  • Updating the policies of business units to ensure all compliance/AML risks are effectively controlled
  • Developing new policies which enhance compliance/AML culture within the Bank, including 'Know Your Employee' (KYE) and the Conflict of Interest Policy
  • Developing an electronic system for archiving compliance documents, files and internal and external communications for the purpose of retrieving documents easily and safely.

Going forward, the implementation of the US Foreign Account Tax Compliance Act (FATCA) requirements will be one of the major projects that the Compliance Department of the Bank will be driving.

Compliance with Financial Reporting

The Bank maintains a specialized unit to govern all financial policies and set the framework for compliance with the International Financial Reporting Standards. The unit disseminates the directives and guidelines issued by regulators across all Al Rajhi Bank companies. It also ensures governance and adoption, and oversees all Shariah policies, banking conventions and internal guidelines.

Compliance with Shariah Principles

The Bank's independent Shariah Board, formed and ratified by the Constituent General Assembly, ensures that all Bank activities are compliant with Islamic Shariah. The Shariah Board is served by two departments.

The Shariah Counsel Department reviews all products, agreements and contracts of other departments in the Bank, and submits the necessary subjects of research and studies to be presented to the Shariah Board. It participates in creating and developing Shariah compliant products and finding appropriate legal alternatives where applicable.

The Shariah Control Department ensures the implementation of the Shariah Board's decisions through control visits to the Bank's Head Office and branches, transfer centres, trading rooms, dealing rooms etc. and prepares regular reports to be presented to the Shariah Group on the compliance performance of the Bank. It also conducts training sessions for new employees and issues general and compliance related publications.

Statement of Compliance

The Bank always follows applicable best practices on compliance and corporate governance and has in place the required systems and procedures to ensure that these are adequately adopted. As a result it has stayed clear of engaging in any activity contravening applicable laws or regulations currently in force, while maintaining an effective corporate governance framework within the Bank to enhance corporate accountability. Additional details may be found in the section titled Report of the Board of Directors given in this Annual Report.