ING Bank Śląski S.A. defines compliance risk as the consequences of the Bank’s failure to comply with applicable laws, internal regulations or standards of conduct adopted by the Bank when conducting its activities. The said consequences include, among others: reputation damage, Bank’s exposure to losses following legal claims, or fines or any other sanctions imposed by the regulators or other control bodies.
Bank’s basic objectives in terms of compliance risk management are: protection of the clients’ and stakeholders’ trust and protection of the Bank’s reputation. The Bank Management Board ensure effective compliance risk management, whereas the Bank Supervisory Board oversee that risk management. Based on periodic management information, the latter assess the effectiveness of the said actions.
The Bank manages compliance risk in line with applicable laws, regulatory requirements, as well as standards specified in that regard in the ING Group’s regulations. Tasks related to the compliance risk management are executed as part of the Three Lines of Defence Model determined by the Bank Management Board and aimed at protection against threats.
Basic principles of the Bank’s compliance risk management are provided for in the Compliance Risk Management Policy accepted by the Bank Management Board and approved by the Supervisory Board. The said Policy incorporates requirements of the Banking Law Act, resolutions and recommendations of the Polish Financial Supervision Authority as well as the European Securities and Markets Authority (ESMA) standards outlined in the Guidelines on Certain Aspects of the MiFID Compliance Function Requirements.
Following the issuance of the Principles of Corporate Governance for Supervised Institutions by the Polish Financial Supervision Authority, a review of the organisational solutions and internal regulations regarding compliance risk management was conducted at the Bank and required adaptation changes were drafted with requirements specified by the Polish Financial Supervision Authority taken into account.
In 2014, the Bank continued execution of the training courses intended to increase employees knowledge and awareness about compliance risk and observance of the business ethics standards.