Introducing
Your new presentation assistant.
Refine, enhance, and tailor your content, source relevant images, and edit visuals quicker than ever before.
Trending searches
Policy Life Cycle
5
Habib Bank Limited
Policy Life Cycle
Global Compliance
CREATION & APPROVAL
PHASE 1
COMMUNICATION & MAINTENANCE
PHASE 2
REVIEW & ARCHIVAL
PHASE 3
Need Identification
Need Identification
- Currently only Business owner identifies the need to develop new policies.
- Any proactive process for regulatory requirement is not available in the bank.
Recommendation
We recommend a proactive approach whereby Global Compliance should identify the need of new policies as and when the regulatory requirement arises.
Ownership
Ownership
- The bank has a board approved framework for policy creation and approval which is known as “Approval Framework for Policies and Associated Documents (AFPAD).
- This document details the roles and responsibilities of policy owners.
Drafting
AFPAD provides guidelines on drafting a Policy document with templates.
Drafting
Approval
Approval
- After development of the policy, the approval process is initiated with the review of relevant stakeholders and their concurrence.
- Although an automated system DRS was implemented in early 2020, However COVID-19 and subsequent work from home environment,exposed the system limitations and hence it was abandoned.
There is a need to have an automated robust system for document review, enabling all stakeholders to review simultaneously
Recommendation
Publication
Publication
- After approval, the policy needs to be published.on bank’s Intranet portal.
- Currently the bank has scattered structure to publish policies on Share point portal and there is no centralized publishing shop in the bank.
We recommend that Global Compliance should act as centralized Policy Publication Channel to ensure efficiency as well as control over the process.
Recommendation
Attestation
Attestation
Current system of Policy Communication at the bank does not have an automated attestation process associated with it.
Recommendation
While the respective owner should remain primarily responsible for attestation, Global Compliance should have monitoring role of Policy attestation of approved policies through automated system.
Maintenance
Maintenance
- Currently, Global Compliance is responsible to keep a record of the policies’ repository.
- The Compliance Policy Management team within Global Compliance maintains a repository of the last updated policies.
Custodianship
Custodianship
- At current, custodianship is scattered and is linked with ownership.
- There is a need for centralized custodianship role in the bank to cater the need of coordination with regulator and other internal or external stakeholders.
Recommendation
Global Compliance should act as centralized custodian of all policies of the bank to streamline the communication with regulators and internal/external stakeholders.
Archival
- Currently there is no process in the bank to archive the policies at a centralized location with proper version control.
Archival
Recommendation
Global Compliance should act as centralized archival to keep the track of previous policies of the bank with appropriate version control.
Periodic Review Alerts
Periodic Review Alerts
- There is a regular review cycle of policy as mentioned in AFPAD.
- The Compliance team is responsible to issue the policies alerts to the owners through DTS (Data Tracking System) prior to the expiry of the policy at periodic intervals.