Compliance Corner: Compliance reports

Date 25 October 2012

Compliance reports are more than just a box-ticking exercise. Read part two of our Compliance Corner feature.


At least once a year, banks are legally obliged to report internally on how well they are complying with statutory laws and internal regulations. These compliance reports are intended for:

  • the bank’s policy-makers
  • the internal body that oversees compliance with statutory and internal rules and regulations in the policy and practice of the bank, where applicable.

It is the responsibility of the compliance officer(s) to compile these reports. Where shortcomings have been identified, they must clearly state what measures have been taken. This full accountability enables policy-makers to remain well informed and hence operate more efficiently.

The importance of the compliance role should not be underestimated. If it is not properly carried out, the bank will be exposed to risks in the form of problems and reputational damage.

What does the law say?
The statutory obligation governing compliance reporting is found in Article 21 paragraph 2d of the Prudential Regulations Decree of the Financial Supervision Act. DNB has marked the relevant passage below:

Article 21 of the Prudential Regulations Decree of the Financial Supervision Act:

  1. A payment institution, clearing house, electronic capital institution, risk acceptance entity, bank, premium pension scheme, insurer or branch office as defined in Article 17 shall include an organisational unit that performs an independent and effective compliance role. The task of the aforesaid unit is to monitor compliance with statutory regulations and internal rules which the financial institution or branch has itself drawn up.
  2. The aforesaid organisational unit of a bank, as referred to in Articles 3:17, paragraph 1, and 3:23, paragraph 2 of the Act, which is authorised to provide investment services or perform investment activities in the Netherlands, also has the following tasks:
    a. To advise those responsible for providing investment services or performing investment activities about compliance with statutory regulations and internal rules;
    b. To monitor the soundness and effectiveness of internal rules and procedures;
    c. To evaluate the effectiveness of the procedures that have been drawn up and the measures that have been taken to remove identified shortcomings in compliance with statutory regulations and internal rules; and
    d. To report at least once a year to those responsible for deciding the day to day policy of the bank and to the body in charge of overseeing the policy and general operations of the bank, where applicable, about compliance with statutory regulations and internal rules. This annual report shall in particular state what measures have been taken in response to identified shortcomings.
  3. The bank’s organisational unit as referred to in paragraph 2 must have the requisite authority, resources, expertise and access to all information necessary to enable it to carry out its tasks independently and effectively.