The bank must achieve its business objectives while complying not only with regulations, but also the domestic and international standards and best practices required of its operations. Regulatory compliance is not just a legal obligation for Bankinter, it is an ethical commitment to society.
This commitment also serves as an opportunity to reflect for Bankinter to become a leading institution adapted to the new reality of the finance industry, which is subject to the need to change relationships with customers and adjust the bank's business model in line with new financial consumption habits and multiple reporting requirements.
The growing importance of regulatory compliance has been underlined by the entry into force (first as a result of the economic and financial crisis and then as a result of the health crisis) of several highly complex regulations and the launch of a new supervisory architecture, obliging the bank to strengthen its available resources.
The purpose of the compliance function is to assess and provide guidelines for the lines of business that help define its strategy, ensuring compliance with applicable legislation at all times. With this in mind, all areas of the compliance function spare no efforts in enhancing the training activities of its commercial staff.
The regulatory compliance function is integrated within Bankinter through an internal institutional framework. The new Control and Compliance Department was formed in January 2021, integrating the areas responsible for the following second lines of control in the entity:
The decision aims to standardise the information systems of these second-level control areas, ensuring greater interaction between them and a single risk map. All of this will result in greater efficiency and optimisation of resources and will provide the second line of control with the necessary independence to perform its functions, in line with the best practices in this field.
The new Department was included as a corporate function in September 2021, structured so as to coordinate the management of all risks at the group level, while preserving the individual and specific features of each country. The new framework also allows for better coordination of the control and compliance areas at a global level, as well as the simplification of reports and controls within the organisation, by establishing common policies and procedures and a single methodology, in accordance with the new international internal control framework standards.
This corporate structure follows the model based on the three lines of defence and is integrated into Bankinter's risk culture, which is deeply rooted in the organisation and driven by the strong involvement of the Board of Directors and Senior Management. Its application leads to the agile and efficient use of the necessary tools and systems to ensure compliance with the regulations and prevent undesired behaviour. The risk control culture is reinforced through an incentive policy aligned with the Group's risk appetite, a continuous and compulsory training programme for the entire workforce, and a reinforced whistleblower channel.
Under this regulatory and institutional framework, the bank developed the basic areas of the compliance function in 2021 through the following units:
The functions of Regulatory Compliance and Anti Money Laundering and Counter Terrorism Financing are integrated into the Corporate Control and Compliance Department, which has global and corporate responsibilities and supports the Group's governing bodies. The head of the Control and Compliance division reports to the chief risk officer, and reports hierarchically to the board of directors' risk and compliance committee. The Control and Compliance unit ensures effective control in relation to the bank's risk culture and policies, and compliance with its operating procedures and regulations. It also guarantees that risks are managed as per the defined risk appetite.
This organisational structure enables the Bank to adequately manage the risk of failing to comply with regulations, which also entails significant reputational risk, with a potentially adverse impact on relations with customers, markets, employees and the authorities. In particular, failure to comply with regulations may lead to sanctions, damage or cancellation of contracts, harming the bank's image.
In particular, it is involved in the following bodies of the bank:
In addition, to support the supervisory function of the Board of Directors, other specialised Senior Management committees have been set up, which the Control and Compliance Department participates in to ensure effective and consistent risk management, such as the Crime Prevention and Professional Ethics Committee. It is also involved in various committees, such as the credit risk map monitoring committee, the credit risk models committee, the data management operations committee; the coordination of technological risks committee, the information security and business continuity committee, and the outsourcing committee.
Bankinter Group has assigned the competencies of identifying and reporting regulatory changes to the Regulatory Area, attached to the Office of the General Secretary. The Regulatory area facilitates the early detection of the potential impacts of regulatory changes, thus reducing their risks. Every year it prepares a three-year regulatory map that serves as the basis for the relevant strategy. The management of regulatory change was carried out in a cross-cutting manner last year, through the participation in various projects that required the adaptation of Group activities or processes. These notably include regulations deriving from the European Union's legislative package on Sustainable Finance and preparation of a new report to the Banco de España under Circular 4/2021, on models for reserved statements in matters of market conduct, transparency and customer protection, and on the recording of complaints.
Another priority was the final cessation or loss of representativeness of certain LIBOR maturities and currencies announced by the UK Financial Conduct Authority, with advice being provided to the Group Regulation area regarding adaptation and the analysis and decisions to be adopted in order to mitigate the impact and carry out an smooth transition.
The entry into force of consumer protection regulations, such as those relating to open-ended credit associated with payment instruments, also required certain adaptations that enhance customer protection. In the same vein, the guide on the criteria for organising and running customer services to be followed by banks supervised by Banco de España was adapted.
Other significant regulatory changes included: those introduced by: the Central Securities Depository Regulations, specifically with regard to the Securities Settlement Discipline regime; the ESMA Guidelines on the Regulatory Compliance function; and those resulting from transposition of Directive 2015/849, on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing.
Looking ahead to 2022, intense regulatory activity is expected. Below are the main projects underway: