Triodos Bank’s Executive Board provides a perspective on the wider world it operates in, its impact and activity in 2017 and its prospects for the future.
Triodos Bank defines compliance risk as the risk of legal or regulatory sanctions, material financial loss or loss to reputation that Triodos Bank may suffer as a result of its failure to comply with laws, regulations, rules, related self-regulatory standards, and codes of conducts applicable to its banking activities. Internal policies, procedures and awareness activities are in place to guarantee that co-workers in all functions comply with relevant laws and regulations.
The compliance function independently monitors and challenges the extent to which Triodos Bank complies with laws, regulations and internal policies, with an emphasis on customer due diligence, anti-money laundering, treating customers fairly, preventing and managing conflicts of interest, data protection and the integrity of co-workers.
The Central Compliance Department is part of the risk organisation. Compliance Officers are present in every business unit with a functional line towards the Central Compliance Department. Resources of the local Compliance function are tailored to the size of the business unit and the regulatory environment. Significant compliance risks are reported to the Non-Financial Risk Committee and to the Supervisory Board’s Audit and Risk Committee on a quarterly basis. The Director Risk and Compliance reports to a member of the Executive Board.
Compliance risks are identified, assessed, mitigated, monitored and reported via a compliance risk management cycle. Controls to mitigate compliance risks are embedded in business processes. The compliance function monitors the effectiveness of controls by means of a risk based Compliance Monitoring Plan.
In 2017 Triodos Bank continued to enhance its controls related to anti-money laundering, counter terrorist financing and sanctions regulations. As part of the implementation of the General Data Protection Regulation, a Group Data Protection Officer was appointed within the second line of defence.
There were no significant incidents in 2017 concerning compliance and integrity. Triodos Bank was not involved in material legal proceedings or sanctions associated with non-compliance with legislation or regulations in terms of financial supervision, corruption, advertisements, competition, data protection or product liability during the year.