GOVERNANCE REPORT RISK REPORT REMUNERATION REPORT
  Compliance risk Compliance risk is the risk of failing to comply with applicable legislation, and consequently the risk of cancelled trade licences, penalties and reputational damage.
   How we mitigate this risk
As a leading financial services Group, we face complex challenges in ensuring that our activities comply with local legislation, regulations and supervisory requirements as well as the relevant international standards.
The compliance function manages an extensive compliance management programme. This programme entail identifying, assessing, advising on, monitoring and reporting on the compliance risk of the Group and its subsidiaries with core legislation. The programme includes a legislative review of the impact of pending legislation, and assessments to judge readiness for implementation.
Key risk indicators
No penalties have been issued to any Group entity in the period under review.
FUTURE FOCUS AREAS
We want to enhance the AML and Combating the Financing of Terrorism (“CFT”) Compliance Programme to incorporate and automate AML and CFT requirements. This will result in a seamless automation of AML requirements as part of our business processes.
It includes the following projects that will be, or are being, delivered on the legal, risk and compliance platform:
• The mandatory Client Due Diligence (“CDD”) indicator project, whereby all the CDD documents that are required per entity type will be listed on the system to avoid uncertainty that leads to non-compliance
• Automation of Enhanced Due Diligence (“EDD”) on the banking system, prompting bank officials to conduct EDD and capture the required information on the system for analysis
• The Ultimate Beneficial Ownership (“UBO”) project to capture UBO information per client on the system for analysis
• An AML system health check to provide assurance that the system is correctly configured and integrated into the banking system
• Scenario reviews and updates as well as implementation of weighted averages into high-risk client identification
• Automation of the Foreign Account Tax Compliance Act (“FATCA”) onboarding process
GOVERNANCE OVERSIGHT
Monthly reporting to risk committees and a quarterly compliance report to the entity and Group board risk and compliance committees.
   PRIORITIES FOR 2020 AND PROGRESS MADE
 A three-year compliance monitoring plan was approved to enable the compliance monitoring department to forewarn Bank Windhoek of non-compliance with core legislation, to remediate pro-actively. Sanction screening systems and processes were enhanced.
 78