(1) Establish and improve the compliance risk management mechanism.
1, strengthen the construction of rules and regulations. Rural credit cooperatives should set high standards and be strict with themselves, and strengthen their awareness of system and compliance. On the one hand, they should implement external rules such as relevant laws, rules and standards into the internal management system, ensure that all business operations and management systems meet the requirements of external rules, and keep the internal and external rules consistent in the work practice of rural credit cooperatives. On the other hand, it is necessary to clean up, modify, supplement and abolish the existing management system, find and make up for the defects in system design and implementation in time, and constantly improve the system.
2. Improve the performance appraisal mechanism. Establish a Scientific Outlook on Development and a correct outlook on political achievements, take performance appraisal as an important part of compliance risk management, fully reflect the values of rural credit cooperatives advocating compliance and punishing violations, coordinate the relationship between business development and compliance management, operate according to law, and prevent violations.
3. Establish a reporting supervision mechanism. In order to cultivate employees' awareness of operating and controlling compliance risks according to law, it is necessary to establish a reporting supervision mechanism, provide necessary channels and ways for employees to report violations and illegal acts, and establish an effective reporting protection and incentive mechanism.
4. Establish a compliance accountability system. It is necessary to formulate an accountability system for internal violations and implement compliance responsibilities. The key is to clarify the responsibilities of managers. For financial losses and economic cases caused by violations, the responsibility of managers at all levels should be strictly investigated; Implement the supervision responsibility of inspectors, and investigate the joint responsibility for the problems found by inspectors in daily compliance risk management, and those who are not punished.
(2) Actively cultivate compliance culture.
Compliance culture is an important part of the corporate culture of rural credit cooperatives, and the construction process of compliance management mechanism is also a process of cultivating and forming excellent corporate culture. The top managers of an organization often have a decisive influence on the culture of the whole organization. To some extent, the corporate culture of rural credit cooperatives often depends on the core concept and value orientation of the leaders of rural credit cooperatives. As the top managers of rural credit cooperatives, it is their unshirkable responsibility to actively advocate compliance culture, form a culture of compliance for all and establish the concept that everyone is responsible for compliance. Compliance is not only a matter for compliance departments or compliance personnel, it is closely related to all processes, work links and employees of rural credit cooperatives. Let the concept and consciousness of compliance penetrate into the blood of every employee. Only in this way can we achieve full compliance and everyone comply. Only in this way can the compliance risk be effectively controlled, and the operation of rural credit cooperatives can be guaranteed not to deviate from the target, and the operating value can be maximized. Of course, everyone's compliance first requires leaders to set an example and advocate compliance culture and concepts in rural credit cooperatives, including integrity and due diligence. It can be said that leadership compliance is the first prerequisite to constitute the compliance culture gene of rural credit cooperatives and realize everyone's compliance. Conduct compliance training for all newly appointed departments and responsible persons at all levels through appropriate means, so that they can comprehensively and systematically understand and master the main rules and regulations of rural credit cooperatives and all the rules and regulations of their departments through training, and make clear the "rules" that may be involved in their work. Ensuring the compliance of business activities is the basis for the steady development of rural credit cooperatives, and it is also the responsibility of the management and all employees of rural credit cooperatives.
(3) Establishing a complete and independent compliance risk management organization and operation mechanism.
Rural credit cooperatives should speed up various reforms, transform the governance structure of rural credit cooperatives, and effectively rebuild the organizational structure and business processes, so that compliance risk management of rural credit cooperatives can be truly implemented at every level, post and link of business management.
1. It is necessary to clarify the responsibilities of senior management in compliance management. Compliance starts from the top, and compliance management will be most effective only by setting an example from the top. The compliance responsibilities of the senior management mainly include: formulating written compliance policies and submitting them to the board of directors for approval; Abide by the compliance policy approved by the board of directors, and take appropriate remedial measures and disciplinary actions for violations found; Establish and improve a long-term, effective and trustworthy compliance management department; Identify and evaluate compliance risks and compliance plan implementation with the assistance of compliance management department, and report to the board of directors. Attach great importance to the construction and improvement of compliance risk management mechanism of rural credit cooperatives, and gradually form a more mature compliance culture, laying a foundation for improving the internal control system of rural credit cooperatives and improving market competitiveness.
2. Establish a compliance risk management functional department. Regarding the organization of compliance department, there are significant differences among rural credit cooperatives, and rural credit cooperatives should set up compliance departments in a way that conforms to their own risk management strategies and organizational structure. No matter how they set up the compliance department, they must follow the following two points: First, they must clarify the positioning, authority and independence of the compliance department. Compliance Department is an independent functional department that supports and assists the senior management of rural credit cooperatives in compliance risk management. The Compliance Department has the right to independently investigate the incidents that may violate the compliance policy within the rural credit cooperatives, and the Compliance Department may report any abnormal situation or possible violations found in the investigation to the superior Compliance Department and/or the management of its subordinate institutions at any time. Second, it is necessary to clarify the relationship between the compliance department and the business department. All business departments should actively seek the support and help of the Compliance Department, actively provide compliance risk information or risk points, and cooperate with the risk monitoring and evaluation of the Compliance Department; Compliance departments should actively provide compliance advice and assistance to business departments, and provide compliance support for business and product innovation of rural credit cooperatives. At the same time, the scope, breadth and effect of the compliance department should also be regularly inspected and audited by the internal audit department.
(4) Actively build a compliance risk management guarantee mechanism.
Rural credit cooperatives at all levels often pay attention to the completion of assessment tasks and business objectives, pay attention to marketing and expansion, and ignore business compliance management. Some business organizations even risk illegal operations to achieve short-term performance, which increases the risk of compliance management of rural credit cooperatives. Some emphasize post-event management and neglect pre-event prevention. They tend to focus on the management and punishment measures after the occurrence or existence of risks, trying to curb the emergence of risks with severe punishment, while paying less attention to prevention in advance and control measures in the event. Therefore, while developing business, we should actively build a compliance risk management guarantee mechanism and establish the concept of paying equal attention to compliance management and management, which is the basic premise and key to business development. Establish a supervision mechanism of compliance risk management system according to local conditions, advocate actively discovering and exposing potential risks or problems of compliance risk, and accordingly make appropriate improvements to business policies and operational procedures to avoid any similar violations and correct the violations that have occurred. In view of the particularity of compliance construction, in order to ensure the fairness and independence of compliance work, a "privilege system" can be established, that is, when the competent leader has objections to compliance opinions or suggestions, the legal compliance department has the right to report their compliance opinions or suggestions directly to the higher legal compliance department and even the top management of rural credit cooperatives; The superior legal and compliance department also has the right to directly ask any employee or department about compliance-related issues and situations without obtaining the prior consent of the employee or leader.
(5) Establish an effective compliance evaluation system.
The purpose of compliance risk management is to strengthen the identification and control of hazards in the business environment, which requires the establishment and improvement of a standardized and effective compliance risk analysis and evaluation system, including the identification, quantification, evaluation, monitoring and reporting of compliance risks.
1. Investigate and identify compliance risks. Compliance departments and personnel should actively investigate and identify compliance risks related to the business activities of rural credit cooperatives, including the development of new products and businesses, the expansion of new business methods, the establishment of new customer relationships, or the compliance risks caused by major changes in the nature of customer relationships, and provide timely compliance support.
2. Quantitative assessment of compliance risk. By designing compliance risk assessment indicators, the assessment of compliance risk is strengthened by using measurement methods. With the help of technical tools, evaluation indicators can be quantified by subscribing or screening data that may predict potential compliance problems, and any identified compliance defects can be investigated in depth and evaluated.
3. Monitor and report compliance risks. The Compliance Department shall regularly and irregularly monitor, analyze and report compliance matters of institutions within its jurisdiction, including changes in compliance risk status, summarize all identified violations or defects, and take various corrective measures. At the same time, it is necessary to strengthen the informatization construction of compliance risk management and realize the comprehensive optimization of information collection, information sharing, risk control and compliance management.
Second, what is compliance management?
Compliance management refers to a set of management activities and mechanisms by which enterprises formulate compliance policies, uniformly formulate and constantly modify internal norms according to the requirements of external laws and regulations, supervise the implementation of internal norms, strengthen internal control, continuously monitor, identify and warn violations, and prevent, control and resolve compliance risks. Compliance management, business management and financial management are also called the three pillars of enterprise management, which is an important aspect of internal control and a key link of risk management.
Third, the composition of the compliance management system
1, compliance environmental control
The control of compliance environment mainly lies in the inheritance of corporate culture to the formation of compliance culture, which positively stimulates the development of the whole enterprise. Taking the construction of corporate culture as the starting point, we should instill the concept of corporate culture in employees, implement the professional ethics and value standards of enterprises, clarify the code of conduct of employees, including the behaviors explicitly encouraged and regulated by enterprises, concretely implement the value orientation and code of conduct of compliance in every business operation and behavior of all employees, establish the concept of all employees actively complying with regulations and creating value through compliance, and improve the compliance awareness of all employees.
2. Compliance risk assessment
First of all, according to the workflow of each position, combined with the original internal control system risk, HSE system risk and legal risk, we should comprehensively sort out the compliance risks that exist or may occur in various fields and links to form compliance management risks.
Secondly, according to the national laws and regulations, relevant policies and industry standards, combined with the actual production and operation of the company, sort out the applicable laws, regulations and other requirements in various business fields, and improve the list of laws, regulations and other requirements applicable to enterprises around the compliance management risk database.
Thirdly, compile compliance control measures that meet specific work, map compliance risks, control measures, laws and regulations, assessment standards and other elements one by one, form a compliance management manual with risks, specific control measures, legal system basis and assessment indicators, refine business operation standards and quantitative requirements, highlight risk tips, and list operational risk points, risk levels, control objectives, control measures and control positions in business processes. It is convenient for business operators to clearly know the risks and post control responsibilities faced by each work, which is conducive to controlling risks in a targeted manner, forming a mapping relationship between operational risk loss and processes, and enabling employees in each operating position to effectively identify and prevent basic risks in the business operation process.
3. Implementation of compliance training
① Training plan can be made by combining on-site training, written training and online training. The compliance management working group will formulate an annual compliance training plan, and all business departments will put forward training needs based on the actual needs of the work.
② Closely combine with the post, carry out training according to the annual training plan, changes in national policies and regulations and the needs of the company's business development, organize various forms of compliance training in a planned and purposeful manner, and strengthen the concept of compliance management.
Four. Document basis of compliance management system
1 and ISO 19600:20 14 "compliance management system-guide" are guiding documents on compliance management system formulated under the leadership of the international standards Committee. Its purpose is to establish an effective compliance management system for companies, enterprises or any other organizations, and to provide guidance for their implementation, evaluation, maintenance and improvement.
2. The significance of establishing a compliance management system with reference to ISO 19600.
First, help enterprises to resolve compliance risks from the perspective of risk management and control;
Second, help enterprises rebuild their management system from the perspective of enterprise management;
Third, help enterprises reconstruct corporate culture from the perspective of corporate culture;
Fourth, help enterprises adapt to global rules from the perspective of foreign investment. Enterprises and organizations should take action first, because the driving force of enterprises is huge. For example, large enterprises should conduct compliance review of suppliers, which can promote the improvement of compliance standards of a number of enterprises.