The political crisis triggered by the Carwash operation in Brazil has resulted in a public outcry for improved standards of integrity and compliance in private and public institutions, and this could ultimately be beneficial for the business environment. Given the increased risk of enforcement and potential consequences in financial markets, Brazilian companies have been highly inclined to implement and strengthen their compliance programs.
A study by FTI Consulting showed that 83% of multinationals based in emerging market countries have suffered losses due to bribery and fraud in the period from 2010 to 2015.1 Actions taken by these organizations against such risks are clearly reflected in the growth in adoption of compliance programs. According to research published by Deloitte, in 2013 only 30% of the companies surveyed in Brazil claimed to have a compliance program.2 That percentage rose to 65% in 2015 and is still increasing.
The Brazilian government is reinforcing this trend with further regulation. On August 29, 2017 the Central Bank of Brazil published Resolution 4595/2017 (the “Resolution”), which contains a set of guidelines for financial institutions to establish compliance policies.3 The Resolution imposes control requirements that need to be implemented by financial institutions by the end of December 2017.
The Resolution is in alignment with the new regulatory framework established by the National Monetary Council for risk management and internal audit, which aims to strengthen and modernize the compliance structures of financial institutions. It also reflects the best international practice related to corporate governance.
Financial institutions (excluding consortium administrators and payment institutions) will now be required to implement and maintain a compliance program proportionally compatible with its nature, size, complexity, structure, risk profile and business model in order to truly ensure effective management of its compliance risks.
According to the Resolution, the compliance policy needs to be approved by the board of directors of each bank (in case of credit cooperatives a general meeting is also necessary). It is the board of director’s responsibility to:
- ensure management, effectiveness and continuity of compliance policies;
- disseminate the compliance policies, standards and guidelines adopted to employees; and
- ensure that corrective measures are taken when necessary.
Once the compliance policy is defined, institutions should send the documentation to the Central Bank, followed by an annual report detailing the results of activities related to the compliance program and containing conclusions, recommendations and actions taken by the financial institution’s management.
In addition to listing the responsibilities of those in charge of implementing the compliance program, the Resolution also sets out requirements that need to be followed by the programs. Some of the requirements are listed below:
- Division of responsibilities of those involved in maintaining the compliance program, in order to avoid possible conflicts of interest.
- Sufficient allocation of trained and experienced staff to perform activities related to the compliance function.
- Free access by those responsible for implementing the compliance policy to all information required to properly perform their function.
- Communication channels with the company's management body or audit committee to report results of compliance activities, including irregularities or failures.
Financial institutions may hire specialists to carry out activities related to compliance, but attributions and responsibilities assigned to the board of directors shall be fully maintained.
The Resolution is a positive step towards the broad implementation of efficient compliance and anti-corruption programs in Brazil´s financial institutions, and will hopefully be followed by additional clarifying regulations in due course.
For any questions about this publication please contact Camilla Arno Sant'Anna or Felippe de Almeida.