By Eduardo de Abreu Sodre / Antonio Carlos C. Mazzucco

THE Resolution No. 4,595/2017, published on 08/30/2017, provides guidelines for financial institutions, credit unions and other entities authorized to operate by the Central Bank to implement compliance policies (compliance) and comply with the new rules by December 31, 2017.

It is worth highlighting that the new resolution determines that the compliance policies to be implemented must be compatible with the nature, size, complexity, structure, risk profile and business model of the financial institution, aiming to ensure the effective management of its compliance risk.

The Basel Committee, whose main objective is to strengthen regulation, supervision and best practices in the financial market, recommends that financial institutions adopt the three lines of defense model, the first being Internal Control (regulated by Resolution No. 2554/1998), the second Risk Management and Compliance (regulated by the new Resolution No. 4,595/2017), and finally, the third, Internal Audit (regulated by Resolution No. 4588/2017).

Resolution No. 4,595/2017 determines that the boards of directors, or in their absence, the boards of directors, of institutions must guarantee the effectiveness, management and continuity of the policy of compliance, and must also communicate the integrity guidelines and standards to their employees and service providers. In addition, institutions must ensure that corrective measures will be taken when necessary.

If the financial institution does not have the conditions to structure and implement its program, compliance, the new resolution provides that the institution may hire specialists for such activity, however, the attributions and responsibilities of the board of directors must be maintained in full.