RESOLUTION OF BOARD OF THE NATIONAL BANK OF UKRAINE

of December 29, 2014 No. 867

About approval of the Regulations on the organization of internal control in banks of Ukraine

According to Articles 7, of 15, of 55, 56 Laws of Ukraine "About the National Bank of Ukraine", article 67 of the Law of Ukraine "About banks and banking activity", for the purpose of reduction of risks which banks face during the activities, increase in efficiency and stability of activities of banks, the Board of the National Bank of Ukraine decides ensuring depositor protection and creditors:

1. Approve Regulations on the organization of internal control in banks of Ukraine (further - the Provision) which are applied.

2. To banks till July 1, 2015 to bring internal documents on the organization of internal control system into compliance with requirements of the Provision.

3. To department of normative and methodological ensuring bank regulation and supervision (Ivanenko N. V.) to bring contents of this resolution to the attention of structural divisions of central office, territorial administrations of the National Bank of Ukraine, and also banks of Ukraine for use in work.

4. To impose control over the implementation of this resolution on the First Deputy Chairman of the National Bank of Ukraine Pisaruk A. V.

5. The resolution becomes effective from the date of, its official publication following behind day, except Item 1, becoming effective since January 10, 2015.

 

Approved by the Resolution of Board of the National Bank of Ukraine of December 29, 2014 No. 867

Regulations on the organization of internal control in banks of Ukraine

I. General provisions

1. This Provision is developed according to the Law of Ukraine "About banks and banking activity" taking into account the document of "Basic Provisions of Assessment of Internal Control Systems" Basel Committee on Banking Supervision and the commonly accepted principles and standards in the international practice, for the purpose of increase in level of the organization of internal control in banks of Ukraine and efficiency of functioning of internal control system for ensuring stability and safety of activities of banks and depositor protection and creditors.

2. This Provision establishes the mandatory minimum requirements on the organization of internal control in bank.

The bank can establish other additional requirements to internal control system, adequate to features of its activities, nature and amounts of banking, financial services and other types of activity of bank (further - transactions of bank).

II. Determination of terms

1. In this Provision the following basic concepts are used:

internal documents of bank - provision, the instruction, technique, rules, orders, decisions, orders, job descriptions, the description of procedures and operational processes, other documents regulating activities of bank, including procedure of internal control in bank;

internal control - actions (procedure) of bank aimed at providing efficiency and effectiveness of implementation of transactions of bank, effective management of assets and liabilities, risks, ensuring completeness, timeliness and reliability of conducting financial accounting and creation and provision of financial, statistical, management, tax and other reporting, prevention of fraud, комплаенс and so forth;

information security - multi-level complex of organizational actions of bank, the program and technical means providing information security from accidental and deliberate threats as a result of which realization violation of services of safety is possible: availability, integrity, confidentiality and observability;

комплаенс - observance by bank of legal acts, market standards, and also standards and internal documents of bank, including procedures;

komplayens-risk - risk of legal sanctions, financial losses or loss of reputation owing to failure to carry out by bank of legal acts, market standards, and also standards and internal documents of bank, including procedures;

risk - probability that the events expected or unexpected, will have negative impact on the capital and/or receipts of bank. Main types of risks are determined by regulatory legal acts of the National Bank of Ukraine;

internal control system - set of procedures, forms, methods and directions of control which provides procedure and goal achievements of internal control in bank;

risk management - systematic process of identification, identification, assessment, monitoring and risk control.

2. Other terms used in this Provision are applied in the values determined legislative and regulatory legal acts of Ukraine.

III. The organization of internal control system in bank

1. The bank shall enter effective internal control system for the purpose of achievement of the following purposes:

1) efficiency of carrying out transactions of bank, protection against potential mistakes, violations, losses, losses in activities of bank;

2) effective management of risks;

3) adequacy, thoroughness, completeness, reliability, availability, timeliness of submission of information to users for adoption of relevant decisions, including submission of financial, statistical, management, tax and other reporting;

4) completeness, timeliness and reliability of reflection in financial accounting of transactions of bank;

5) комплаенс;

6) effective management of personnel;

7) non-admission of use of services of bank in the illegal purposes, identification and prevention of carrying out the financial transactions connected with legalization (washing) of income gained in the criminal way or to terrorism financing.

2. The bank provides functioning of internal control system in the way:

1) control of management of bank of compliance with law of Ukraine and internal procedures of bank;

2) distributions of obligations when implementing activities of bank;

3) control of functioning of risk management system;

4) control of information security and exchange of information;

5) implementations of procedures of internal control;

6) carrying out monitoring of internal control system;

7) implementations of procedures of internal audit.

3. The bank under the organization of internal control system shall consider:

1) size of bank (amount of general assets, means of legal entities and physical persons, etc.);

2) types and amount of transactions of bank;

3) the risks arising in the course of activities of bank;

4) level of centralization of management and activities of bank;

5) level of implementation of information technologies and sphere of their use.

4. Subjects of internal control system of bank are:

1) council of the bank;

2) bank board;

3) division of internal audit;

4) chief accountant and his deputies;

5) heads and chief accountants of separate divisions;

6) division on risk management;

7) the division providing комплаенс;

8) the division managers and workers exercising internal control according to the powers determined by internal documents of bank.

5. The bank shall develop internal documents concerning the organization of internal control system which are subject to approval by council of the bank.

6. The minimum list of internal documents on organizational structure of bank and process descriptions of its activities and the requirement to their content are specified in the Section IV of this provision.

7. The organization of internal control system shall answer the following principles:

1) effectiveness and efficiency - the organization of permanent process of the internal control integrated into the current activities of bank and bank staff, clear at all levels;

2) distribution of obligations - ensuring avoidance of situation in case of which one person exercises complete control over function or type of activity of bank (department of function of control from implementation of transactions of bank);

3) thoroughness - scope of all types of activity of bank and all its divisions;

4) timeliness - creation of internal control system which allows to obtain information on threat of emergence of losses of bank earlier than such losses will be suffered;

5) independence - department of function of efficiency evaluation of internal control system from functions of its organization and implementation;

6) confidentiality - non-admission of disclosure of information to persons who have no opportunity for its obtaining.

8. Shall provide functioning of internal control system:

1) accurate distribution of obligations, powers and responsibility between governing bodies of bank, between its structural divisions, between employees of bank in order to avoid their duplication;

2) double control which consists in observance of the rule of "two hands" when implementing transactions of bank and according to which implementation and accounting of transactions cannot belong to powers of one person. In the presence of the corresponding software with appropriate levels of control separate transactions of bank can be carried out from their initiation to recognition and/or the reporting by one person on condition of implementation of the subsequent control of these transactions;

3) carrying out careful and comprehensive operation analysis of bank before, and also after their implementation for the purpose of prevention unauthorized to transactions or it which are carried out with violation of requirements of the corresponding engineering procedure;

4) the organizations of operating activiies of bank and accounting of transactions according to regulatory legal acts of the National Bank of Ukraine;

5) fulfillment of requirements on the organization of information security in software and hardware complexes according to regulatory legal acts of the National Bank of Ukraine;

6) implementation and functioning of management system information security according to standards of the National Bank of Ukraine concerning information security;

7) protection against intentional and unintentional actions of personnel;

8) increase in qualification level of personnel.

9. The internal control system shall cover all stages of its activities and include:

1) preliminary control which is carried out before the actual implementation of transactions of bank and is provided in such parts:

personnel recruitment - by the careful analysis of business and professional qualities of candidates for vacant positions, increase in professional level and qualification of workers;

attraction and placement of money - by the preliminary analysis of riskiness and efficiency of transactions of bank, determination of optimum means and methods of their accomplishment for the purpose of prevention or minimization of possible losses and risks;

material resources - by the analysis of quality and level of security of bank with necessary technical means, the equipment, systems of automation of banking activity with use of the modern information technologies answering amount and complexity of the transactions performed by it;

the choice of suppliers of goods, works and services - by the careful analysis of goodwill and level of professionalism of workers, respect for the principle of diversification in case of the choice of suppliers and non-admissions of concentration of order amounts to one supplier;

developments and deployments of new products - by the preliminary analysis of riskiness and efficiency of product/service that it is planned to enter;

2) the current control which is carried out when implementing transactions of bank and includes control of observance of legal acts and internal documents of bank on implementation of these transactions, procedure for decision making about their implementation, control of complete, timely and reliable reflection of transactions in financial accounting and the reporting, control of safety of property of bank;

3) the subsequent control which is carried out after implementation of transactions of bank and consists in check of justification and correctness of implementation of transactions, compliance of documents to the established forms and requirements for their registration, compliance of the obligations which are carried out by workers to their job descriptions, identification of the reasons of violations and shortcomings and determination of measures for their elimination, control over the implementation of the planned targets of activities determined in the development strategy of bank, its business plans and the budget, check of completeness and accuracy of the data of the financial, statistical, management, tax and other reporting created by bank.

IV. Minimum requirements to the list of internal documents of rather organizational structure of bank and process descriptions of its activities

1. Internal documents of bank of rather organizational structure, in particular, shall contain:

1) organizational structure of bank;

2) personal distribution of functions and powers of board members of bank;

3) distribution of obligations between divisions and bank employees;

4) procedure and storage durations (archivings) of documents;

5) documents which development is provided by standards of the National Bank of Ukraine on information security management in bank system of Ukraine, including procedure for protection against unauthorized access and distribution of confidential information, and also from use of confidential information for personal reasons, the plan of recovery of activities of bank.

2. Internal documents of bank by description of processes of activities shall contain the detailed description of all transactions of bank and the managerial procedures performed by bank, given in schematic and/or text type and, in particular, to determine:

1) the sequence of implementation of the described processes of activities of bank, communication between separate processes;

2) terms of step-by-step implementation of processes of activities of bank;

3) resulting effects of processes of activities of bank (documents, transactions, certain types of information, etc.);

4) the main criteria by determination of the list of processes of bank according to activities, for example, management processes (corporate management, strategic management), basic processes [credit, supplementary (deposit) operations, corporate finances, management of accounts, etc.], the providing processes (personnel, financial, material, information resources, financial accounting, etc.);

5) principles of creation of process descriptions, for example, ensuring integration and approval of actions of management, effectiveness and efficiency of activities of bank, increase in level of motivation of workers, improvement of quality and predictability of results of work and so forth;

6) approaches to the choice of technique process descriptions, for example, the choice of type of the description (graphical in the form of schemes and/or text), possibility of the choice and application at the same time both types or determination only of one type process descriptions;

7) stages of realization of processes of banks, for example, development of process description (determination of consumers of each process, identification of their requirements and completeness of specifying of such requirements in process, establishment of interaction of this process with other processes of banks, establishment of powers and responsibility for process control, determination of resource ensuring process, results of process); maintenance of process in urgent condition; conditions of enhancement of processes and so forth.

3. Internal documents of bank on personnel management, in particular, shall contain:

1) procedure for acceptance for work, transfers/movements, combination of positions, appointment of the acting as workers, registration of business trips, dismissals of workers;

2) payment procedure of work, encouragement and application of authority punishment to workers;

3) evaluation procedure of quality of accomplishment by workers of the obligations assigned to them;

4) procedure for personnel training, advanced training of workers;

5) procedure for job development, forming of personnel reserve;

6) procedure for provision of leaves;

7) rules of corporate ethics, culture, communication, goodwill of workers, requirements to behavior on workplace and out of it;

8) procedure for informing employees of bank on the risks connected with execution by them of the service duties, their role in internal control system of bank;

9) regulations, operating mode, time keeping of use of working hours;

10) procedure for forming of the staff list;

11) procedure for distribution of personal data of workers;

12) procedure for the organization of labor protection;

13) procedure for maintaining personnel documentation (the unified forms of personnel documents, personal records, service records, etc.).

4. Internal documents of bank on carrying out credit operations, in particular, shall contain:

1) description of the target markets of bank, credit products;

2) the main criteria to which there shall correspond clients of bank for receipt of the credits;

3) procedure and payment terms for use of the credit, determination of aggregate value of the credits and fair value of credit operations;

4) procedure for decision making about loan granting;

5) structure and number of members of credit committee, their power and obligation;

6) procedure for execution of contractual relations, determination of persons having the right to sign credit agreements, agreements of pledge, guarantee, the guarantee, etc. from bank name;

7) list of documents and information on procedure for forming and storage conditions of credit case;

8) description of operational processes and subprocesses of provision and maintenance of the credits;

9) procedure for providing the credits which, in particular, includes:

acceptable types of providing;

providing ratio coefficients to loan amount by types of credit products and types of providing are established;

requirements to documentary registration of providing (notarial assurance of agreements, insurance of subject of pledge for benefit of bank, registration of providing in the state registers, etc.);

monitoring of pledge and frequency of implementation of revaluation of providing;

requirements to employees of bank which perform pledge assessment, operating procedure with independent appraisers;

10) information on monitoring of the credits, its directions:

assessment of financial condition of borrowers (guarantors, guarantors) with determination of the corresponding terms of its implementation and the list of documents based on which it will be performed;

accomplishment by borrowers (guarantors, guarantors) of obligations under the signed agreements;

target use of the credits, implementation of business plans on use of borrowing facilities;

11) mechanism of return of the credits;

12) operating procedure with problem debt;

13) the description of form (the bulletin, the reference, the message, etc.) of provision to the consumer of reliable information about terms for crediting and the estimated aggregate value of consumer loan which is drawn up according to requirements of the legislation of Ukraine;

14) the description of procedures for work with borrowers who got/can get into difficult financial position;

15) procedure for classification of the credits and forming of reserves on credit operations of bank;

16) procedure for restriction on concentration of the credits, principles of diversification of credit portfolio;

17) bases of provision of unsecured loans;

18) the principles and restrictions on crediting of faces tied with bank;

19) procedure for quality management of credit portfolio, credit risk, including taking into account stress scenarios;

20) operations procedure of bank on the information transfer containing bank secrecy, to the third parties, including persons with whom agreements on receipt of services in return by debtors of overdue (problem) debt on the credits obtained by them are signed;

21) the description of report forms about credit operations and frequency of representation of bank to their governing bodies.

5. Internal documents of bank of rather investing activities, in particular, shall contain:

1) the description is more whole than investing activities, procedure for decision making about implementation of investments;

2) the principles of investment diversification on types of investment tools, issuers of securities, to economy industries, the countries;

3) conditions and the bases of reference of security to the corresponding portfolio taking into account intention of its acquisition and possibility of content;

4) procedure for complex financial analysis of the issuer, determination of class of the issuer, risk of security;

5) the description of the methods of determination of fair value of the corresponding securities, methods of calculation of the amount of the expected compensation for securities elected by bank in portfolio of bank for sale and to repayment, including criteria for evaluation of future cash flows;

6) determination of sources of information concerning the address of the corresponding security in the stock market, and not have rating agencies which shall be independent of bank with bank of conflict of interest;

7) the description of investment restrictions depending on rating assessment of the issuer or securities of the issuer;

8) calculation of profitability of investments, reserves under transactions with securities;

9) the strategy of implementation of transactions with derivative financial instruments;

10) procedure and criteria for evaluation of impairment on investments into the associated and subsidiary companies;

11) the set transaction limits, concluded by the workers having the right to the conclusion of investment agreements;

12) procedure for quality management of investment portfolio, including taking into account stress scenarios;

13) description of operational processes and subprocesses of implementation of investing activities;

14) the description of report forms about investing activities and frequency of representation of bank to their governing bodies.

6. Internal documents of bank on liquidity management, in particular, shall contain:

1) structure, procedure for appointment, power and obligation of members of the committee on asset-liability management of bank;

2) procedure for daily liquidity management of bank;

3) requirements to asset diversification and liabilities of bank on currency types, the amounts and repayment periods;

4) limits of discrepancies between repayment periods of assets and liabilities, forecasts of cash flows;

5) determination of the sizes of interest rates for assets and liabilities of bank, restriction of the size of interest rates, considering risk of interest rate realignment;

6) procedure for determination of level of percentage margin;

7) the principles of coordination of works of divisions which can influence the actions bank liquidity level;

8) assessment of availability of the market, market forecasts and options of financing;

9) liquidity analysis and liquidity risk managements, including taking into account stress scenarios;

10) anti-crisis plans and action plans on maintenance of liquidity on case of contingencies;

11) the description of report forms on liquidity management and frequency of representation of bank to their governing bodies.

7. Internal documents of bank on carrying out supplementary (deposit) transactions, in particular, shall contain:

1) procedure for attraction of money and bank metals into the current and supplementary (deposit) customer accounts;

2) principles of diversification of deposit portfolio;

3) conditions about types and deposit terms (deposits);

4) procedure for determination of the size of interest rates, conditions of charge and interest payment, determination of fair value of supplementary (deposit) transactions;

5) procedure for contractual regulation of supplementary (deposit) transactions, determination of persons, representatives to sign bank deposit agreements (deposit) from bank name;

6) procedure for return of deposits (deposits) by bank;

7) procedure for release, placement and repayment of savings (deposit) certificates, accounting treatment, storages and destructions of forms of savings (deposit) certificates;

8) procedure for promulgation by bank in the place of information, public for clients, for investors - physical persons and the requirement to content of disclosure of information on consumer protection;

9) description of operational processes and subprocesses of carrying out supplementary (deposit) transactions;

10) the description of report forms about supplementary (deposit) transactions and frequency of representation of bank to their governing bodies.

8. Internal documents of bank on maintaining customer accounts by bank, in particular, shall contain functioning of payment systems, ensuring carrying out calculations and document storage:

1) procedures of opening, servicing, closing of bank accounts of clients and control of them;

2) procedure for operational maintaining by the client of the bank accounts and exchange of technological information by means of systems of remote servicing;

3) procedure for accomplishment by bank of measures for arrest of means on the customer account;

4) procedure for suspension of financial account transactions of the client;

5) procedure for accomplishment by bank of settlement documents on write-off / forced write-off / money recovery from customer accounts;

6) procedure for functioning of intra bank payment system and the description of possible violations in system and the actions directed to their elimination;

7) rules of payment system, including organizational structure of payment system, condition of participation in payment system, the types of service provided in payment system, terms of carrying out money transfer, risk management system in payment system and so forth;

8) procedure for functioning of system of information security when carrying out money transfer;

9) procedure for carrying out monitoring for the purpose of identification of wrong and inadequate transfers, subjects of wrong and inadequate transfers and taking measures to prevention or the termination of the specified transfers;

10) rules of implementation by bank and its branches of money transfer in case of work of bank in electronic payment system of the National Bank of Ukraine of rather corresponding model of servicing of the consolidated correspondent account;

11) procedures of implementation of settlement transactions, including transactions with use of bills of exchange and settlement checks, namely: procedure for release and servicing of bank payment instruments, commission fees, etc.;

12) procedures of carrying out documentary operations, conditions and transaction types, restrictions concerning these transactions;

13) procedure for issue of electronic means of payment and the procedure of implementation of payment transactions with their use, procedure for charge/payment of commission fee, establishment of limits and/or restrictions for transactions with use of special means of payment and so forth;

14) procedure for promulgation by bank in the public place of information for clients which shall contain conditions about use of electronic means of payment;

15) the procedure of the notification of electronic means of payment on transactions with use of electronic means of payment;

16) procedure of informing bank by the user on loss of electronic means of payment;

17) procedures for ensuring physical and technical safety of the established payment devices (the choice of installation site, security measure, the relevant agreements, etc.), and also procedure for monitoring of operation of these devices and measure for elimination of the reasons and conditions which can promote possibility of carrying out fraudulent transactions (stealing of means)

18) procedures for identification of persons in case of customer service;

19) storage condition (archiving) of documents;

20) the description of report forms on maintaining customer accounts by bank, functioning of payment systems, carrying out calculations and frequency of representation of these forms to governing bodies of bank.

9. Internal documents of bank on the organization of work on implementation of cash transactions, in particular, shall contain:

1) requirements to responsibility of officials for storage of cash and other values of bank in storage of values and the organization of their work;

2) requirements to responsibility of employees of bank which carry out transactions with cash and other values;

3) operating procedure of operational cash desk in operational and postoperative time;

4) procedure for movement and transfer of cash and other values of bank under responsibility of employees of bank;

5) procedure employees of bank of cash transactions on receiving and delivery of cash, including using electronic means of payment through operational cash desk of bank, and also application of automatic cash register (ATM);

6) operating procedure with payment devices and control of the cash transactions made with their use;

7) operating procedure of bank on acceptance, issue and storage of cash of operational cash desk and other values;

8) procedure for determination of responsible persons which are granted the right to sign cash documents;

9) requirements to the control system of implementation of cash transactions;

10) procedure for packaging of cash for cash servicing of the clients and transfer to other banks;

11) procedure for reinforcement cash of branches/departments and acceptance of cash from them;

12) rules of construction of balances in cash in operational cash desk;

13) procedure for dispute settlement between bank and the client concerning cash servicing, including via payment devices;

14) procedure for ensuring safety of cash and other values of bank:

accounting and storage of keys, their duplicates, seals and stamps, indicator seals;

rules of opening and closing of storages of values;

15) operating procedure of deposit system, delivery under protection and acceptances from custody storages of values and deposit systems, and also storage of keys and duplicates to them;

16) procedure for acceptance from clients/issue to clients on safe custody of values;

17) procedure for provision in lease of individual safes and storage of values of clients of bank in them;

18) procedure for transportation of currency values and collection of means according to requirements of regulatory legal acts and administrative documents of the National Bank of Ukraine;

19) operating procedure of cash desk of recalculation;

20) procedure for acceptance of collector bags with cash revenue;

21) operating procedure with other values (commemorative and investment coins, souvenirs, etc.);

22) procedure for carrying out audit of the cash and other values which are stored in operational cash desk and payment devices (terms of carrying out and types of audits, registration of results of audit);

23) procedure for quality management of cash transactions taking into account stress scenarios;

24) description of operational processes and subprocesses of carrying out cash transactions;

25) the description of report forms about cash transactions and frequency of representation of bank to their governing bodies.

10. Internal documents of bank on transactions with fixed assets and intangible assets, in particular, shall contain:

1) recognition criteria, classifications of fixed assets and intangible assets;

2) procedure for determination of original cost of fixed assets and intangible assets, terms of their useful use (operation);

3) procedure for documentary registration and accounting of transactions with fixed assets and intangible assets;

4) the list of positions of responsible persons for safety of fixed assets and intangible assets;

5) the list of positions of the leading persons having the right to grant permission for acquisition and disposal of fixed assets and intangible assets;

6) procedure for creation of the permanent commissions on commissioning, rational use, inventory count, revaluation, write-off of fixed assets and intangible assets, structure and functions of the permanent commissions;

7) rules of acquisition, creation, improvement and enhancement, reproduction of fixed assets and intangible assets;

8) procedure for revaluation of fixed assets and intangible assets, including frequency of its carrying out;

9) procedure for fixed asset depreciation and intangible assets, depreciation methods;

10) procedure for disposal of fixed assets and intangible assets:

realization of fixed assets and intangible assets;

free transfers of fixed assets and intangible assets;

write-off of fixed assets and intangible assets in case of conclusion from operation owing to physical, obsolescence or unfitness for further use;

liquidation of fixed assets and intangible assets;

the conclusions of fixed assets and intangible assets in the authorized capital of the companies (economic societies);

11) procedure for transfer and acceptance to operational and financial leasing of fixed assets;

12) procedure for inventory count of fixed assets and intangible assets, terms, results of inventory count;

13) procedure for recognition by bank of impairment of fixed assets and intangible assets;

14) procedure for use by bank of the rights to pledged property;

15) the description of report forms about management of fixed assets and intangible assets and frequency of their representation of bank to governing bodies.

11. Internal documents of bank on carrying out transactions with foreign currency and bank metals, in particular, shall contain implementation of functions of the agent of currency exchange control by bank:

1) procedure for carrying out currency exchange transactions with cash foreign currency both road and cheques payable to a named person (purchase sale of foreign currency and checks, the return exchange, converting, acceptances for collection banknotes and checks);

2) procedure for establishment of rates of purchase and sale of cash foreign currencies and bank metals;

3) procedure for import by bank of cash foreign currency and bank metals to Ukraine and export out of its limits;

4) rules of implementation of transactions with bank metals in operational cash desk of bank;

5) procedure for carrying out transactions by bank on purchase and sale of bank metals on its own behalf, on behalf and at the expense of means of clients, and also within limits of own open foreign exchange position, with their physical delivery or without it, in the interbank foreign exchange market of Ukraine and in the international foreign exchange market;

6) conditions of carrying out credit operations in bank metals;

7) rules of provision and receipt of bank metals as a deposit;

8) procedure for attraction of bank metals on deposits (deposits) of clients with their physical delivery or without it;

9) accounting treatment for mass of bank metal and maintaining registers of accounting for accumulating of information on the mass of bank metals;

10) requirements to qualification of the expert of bank from bank metals;

11) procedure for opening, maintaining and closing of customer accounts in foreign currency and bank metals, including the current, supplementary (deposit), correspondent accounts;

12) rules of accomplishment by bank of payment orders and control of the external economic transactions of clients;

13) procedure for control of bank of use of foreign currency in the territory of Ukraine as instruments of payment based on individual licenses of the National Bank of Ukraine;

14) procedure for purchase, exchange of foreign currency in the interbank foreign exchange market of Ukraine;

15) procedure for sale (according to the order and without order of the client) foreign currency in the interbank foreign exchange market of Ukraine which arrived for benefit of the client;

16) rules of work of bank with foreign currency in the international foreign exchange market;

17) procedure of payments bank of open foreign exchange position in foreign currencies and bank metals, control of observance of the set limits of open foreign exchange position;

18) procedure for accomplishment by banks of documents for forced write-off and arrest of money in foreign currencies and bank metals;

19) procedure for quality management of transactions with foreign currency and bank metals taking into account stress scenarios;

20) procedure for servicing of transactions under the agreement on accomplishment of debt obligations before the nonresident on the loan attracted from it, loan, financial aid;

21) procedure in Ukraine and out of its limits of transfers of physical persons on the current currency uncommercial transactions and their payments in Ukraine;

22) the description of operational processes and subprocesses of carrying out transactions with foreign currency and bank metals;

23) the description of report forms about transactions with foreign currency and bank metals and frequency of representation of bank to their governing bodies.

12. Internal documents of bank on questions комплаенс, in particular, shall contain:

1) determination and assessment of komplayens-risks;

2) the basic principles and procedure for management of komplayens-risks in bank, including taking into account stress scenarios;

3) powers and obligations of komplayens-division, his head and members of the division or the worker performing functions комплаенс in case of absence of komplayens-division in bank;

4) order of interaction between divisions of bank concerning implementation of management of komplayens-risks;

5) procedure for management of komplayens-risks at the level of group - for banking groups, including international;

6) internal documents concerning legal support of activities of bank;

7) procedures and processes of ensuring responsibility of activities of bank to requirements of the legislation in the field of prevention and counteraction of legalization (washing) of income gained in the criminal way or to terrorism financing.

V. Control of management of bank of compliance with law of Ukraine and internal procedures of bank

1. The bank shall provide accurate distribution of obligations, powers and responsibility between all subjects of internal control system.

2. The council of the bank provides functioning of internal control system and exercises control of its efficiency within the powers conferred by the legislation, the charter and internal documents of bank.

3. The bank board provides the organization of internal control system.

4. The bank board can delegate part of functions on the organization of internal control system to permanent committees, heads of structural divisions of bank. The bank board provides control over the implementation of the functions delegated by it.

5. The bank implements the principles of corporate management, professional standards and codes of behavior of workers determined by it for the purpose of increase in efficiency of functioning of internal control system.

6. Council of the bank shall take measures for prevention of emergence of conflicts of interest and promote their settlement, and also report to the National Bank of Ukraine about the conflicts of interest arising in bank.

7. Heads of bank shall take measures according to the legislation for ensuring control over the implementation of functional obligations of employees of bank, increase in efficiency of their accomplishment, including taking into account strategy and business plans of development of bank.

VI. Distribution of obligations when implementing activities of bank

1. The bank board determines clear boundary of responsibility of structural divisions of bank, their heads and workers when implementing transactions of bank.

2. The bank board performs distribution of obligations which shall provide avoidance:

1) conflict of interest and conditions of its origin;

2) possibilities of making of crimes and making of other illegal actions during transactions of bank;

3) possibilities of implementation by one division or the worker (except the operations performed in the presence of the corresponding software with the proper level of control and on condition of implementation of the subsequent control of these transactions):

transactions of bank and implementation of their registration and/or recognition;

documentary registration of cash transactions, implementation of their actual accomplishment and timely reflection in financial accounting;

account transactions of clients of bank and the accounts, reflecting financial and economic activities of bank;

estimations of reliability and completeness of the documents provided by the client in case of receipt of the credit and implementation of monitoring of the borrower after loan granting;

actions in any other spheres in which emergence of conflict of interest is possible.

3. Heads of bank and its structural divisions shall provide compliance to functional obligations of tasks which are set for workers.

4. Heads of structural divisions of bank shall provide control over the implementation by subordinate workers of the functions provided by job descriptions.

5. Employees of bank shall be informed under list of the job descriptions and be effective within certain powers.

VII. Control of functioning of risk management system

1. The internal control system shall include control of functioning of risk management system of bank.

2. The bank creates complex and adequate risk management system which provides detection, identification, assessment, monitoring and control of all types of risks at all organizational levels taking into account specifics of activities of bank and assessment of capital adequacy of bank for covering of all types of risks, being guided by requirements of National Bank Ukraine.

3. The bank creates risk management system which provides:

1) assessment of external factors (the change of political, economic conditions, changes connected with separate type of economic activity, technological changes, etc.);

2) assessment of internal factors (complexity of organizational structure of bank, specifics of activities of bank, skill level of personnel, organizational changes, implementation of new products, etc.);

3) risks assessment, subject to quantitative measurement, and that which are not subject to quantitative measurement;

4) risk identification which the bank has no opportunity to control;

5) control of ratio of the expenses connected with risk management and expenses to which these risks can lead.

4. The bank enters changes into risk management system in case of new risks.

VIII. Control of information security and exchange of information

1. The bank establishes in internal documents procedure for information security management according to standards of the National Bank of Ukraine on information security management in bank system of Ukraine.

2. The bank exercises control of exchange of information in the way:

1) providing with adequate, comprehensive, complete, solid, available, confidential and timely internal financial, operational and statistical data, information on observance of requirements of the legislation of Ukraine, internal documents of bank, market information necessary for decision making and accomplishment of service duties;

2) establishments of procedure for finishing information, exchange of information which would provide complete understanding and observance by employees of bank of domestic policy and procedures.

3. The bank determines form of provision of information taking into account requirements and requirements of the specific user (governing bodies of bank, structural divisions, employees of bank, supervisory authorities, members of bank and clients).

4. The bank enters effective exchange of information in the different directions, namely:

1) vertically (from below - up) that the council of the bank and bank board knew and was realized by risks to which the bank is exposed, and adequately reacted, organized and controlled work of bank;

2) vertically (from above - down) that information on strategy and policy of bank was brought to the attention of all managerial levels and other workers involved to information security management and exchange of information;

3) horizontally that information which is possessed by one division of bank was provided to other division for which it is necessary for accomplishment of the functions.

IX. Procedures of internal control

1. The bank for functioning of internal control system shall provide availability of organizational structure and the corresponding specialists, the bank equipment, the computer equipment, the software, rooms meeting the requirements established by the National Bank of Ukraine and also to develop and implement the corresponding procedures of internal control.

2. The bank provides holding procedures of internal control behind the current activities daily.

3. Procedures of internal control shall be properly documented and provide at least three stages: development of policy and control procedures, check of their observance and control of their efficiency.

4. The bank enters procedures of internal control, providing:

1) reporting to council of the bank and bank board. Heads of bank according to distribution of functional obligations constantly receive and analyze reports on accomplishment of effective objectives for the purpose of determination of compliance of the actual financial results to the planned indicators;

2) multi-level control of activities of bank. Control of heads of structural divisions of accomplishment by workers of the functional obligations; control of bank board of work (activities) of structural divisions of bank; control of council of the bank of activities of bank board;

3) the list of actions (actions) of bank for ensuring control of availability of assets of bank, including cycle inventory counting, double control, limited access to assets;

4) the list of actions (actions) of bank for ensuring access control to electronic bank systems, databases and the software, including development of procedures and procedure for provision of the corresponding permissions;

5) the list of actions (actions) of bank for ensuring access control to information containing bank secrecy including development of procedures and procedure for provision of access

6) the list of actions (actions) of bank for ensuring access control of bank employees to making of transactions of bank, including development of procedures and procedure for provision of access

7) reflection of all transactions of bank in financial accounting in day of their making or the next working day if the transaction is made after the termination of operational day (time) of bank or in days off or holidays;

8) the list of actions (actions) of bank for ensuring control of execution of accounting documents by the workers authorized on it by the head of bank or other authorized person;

9) check of observance of the set limits and restrictions;

10) check of completeness, reliability and timeliness of creation of financial, statistical, management, tax and other reporting;

11) permanent estimation of adequacy and system effectiveness of internal control.

5. Employees of bank within the functional obligations provide implementation of procedures of internal control.

X. Monitoring of internal control system

1. The council of the bank provides regular control (at least once a quarter) concerning system effectiveness of internal control.

2. The bank board provides implementation of permanent monitoring of efficiency of functioning of internal control system.

3. The bank generalizes results of monitoring of efficiency of functioning of internal control. Reports on results of monitoring of efficiency of functioning of internal control system shall prepare at the level of all structural divisions involved in internal control system, be brought to the attention of board members of bank and council of the bank, heads of other structural divisions and it is obligatory to contain information on the generalized shortcomings of internal control system, the reason of their origin, possible effects to which can lead these shortcomings, and offers on increase in efficiency of functioning of internal control system.

XI. Procedures of internal audit

1. The division of internal audit performs check and efficiency evaluation of functioning of internal control system on which results informs council of the bank and bank board by provision of objective judgments, conclusions and estimates of sufficiency and overall performance of risk management systems, compliance of these systems to types and to amounts of the transactions performed by bank and internal control of bank.

2. The bank provides carrying out internal audit of checks of system effectiveness of internal control by division which frequency and amount depends on nature, complexity and riskiness of transactions.

The efficiency evaluation of internal control system is provided by internal audit directly to council of the bank and bank board by results of the approved procedures (methodology) performed taking into account.

3. The bank develops procedures of internal audit for the purpose of fulfillment of requirements, specified in Item 1 of this Section.

4. Requirements to procedures of internal audit and the organization of work of internal audit in bank are established by the separate regulatory legal act of the National Bank of Ukraine.

5. The National Bank of Ukraine has the right to perform check of efficiency of functioning of internal control system of bank.

 

Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info