Compliance and Operational Risk Management

In order to support its sustainable profitability objective and safeguard its capital base BSTDB is committed to actively identify and manage all risks inherent in its organization and activities, including also compliance and operational risks.


BSTDB has defined Compliance Risk as the risk of legal sanctions, material financial loss, or loss to reputation the Bank may suffer as a result of its failure to comply with laws, its own regulations, code of conduct, and standards of best/good practice. Compliance risk is sometimes also referred to as integrity risk, because a bank’s reputation is closely connected with its adherence to principles of integrity and fair dealing.


Operational risk is defined as the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events. The definition includes legal risk but excludes strategic and reputational risk.


In accordance with the requirements of the Basel Committee on Banking Supervision the Compliance and Operational Risk Management Office (DCR) has a formal status within the Bank to give it the appropriate standing, authority and independence, set out in its Charter, approved by the Bank’s Board of Directors and communicated to all staff throughout the bank.


DCR is a unit independent of the business activities of the Bank, reporting to the President of the Bank and the Board of Directors, through its Chairman.


The Office is, mainly, responsible for the procedures and the processes in relation to the following activities:

  • The Code of Conduct’s requirements;
  • Integrity and conflicts of interest issues within the Bank as well as within financed operations;
  • Combating fraud, corruption, money laundering and terrorist financing
  • The review of the Bank’s rules for consistency with each other;
  • Performance of Compliance Reviews and testing;
  • Conduct of investigation of reported suspicions on fraud, corruption, money laundering, terrorist financing, and unsatisfactory conduct or misconduct on behalf of staff;
  • Dealing with the Bank’s operational risk.


Related regulations:

1. Code of Conduct  

2. DCR’s Charter  

3. Anti-Fraud, Corruption, Money Laundering and Terrorism Financing, and Domiciliation of BSTDB Counterparties Policy  

4. Operational Risk Management Policy  


Fraud is usually taken to involve theft or defalcation -the removal of cash and assets to which the fraudster is not entitled-, improper and unlawful enrichment, improper use of assets and other items, false accounting -falsification or alteration of accounting records or other documents- and other fiscal irregularities.


In the context of banking and International Financial Institutions, corruption may best be defined as the abuse of official -public or private- office or position for personal gain or enrichment, or the misuse of one’s position to assist others in improperly or unlawfully enriching or empowering themselves.


“Unsatisfactory conduct” means an intentional or negligent failure by a staff member to observe the rules of conduct or standards of behaviour prescribed by the Bank in the Code of Conduct or other staff regulations.


“Misconduct” constitutes “unsatisfactory conduct”, which is particularly serious and may warrant the staff member’s dismissal.


Any staff member, or an individual or group of persons or a legal entity outside the Bank may file a fraud/corruption/money laundering/terrorism financing/misconduct-related complaint, eponymously or anonymously, either directly to the Compliance and Operational Risk Management Office or through the Bank’s Complaints mechanism . Anonymous complaints will be accepted as a basis for a review/analysis/investigation. However, the Bank’s capacity to follow up such reports may be limited. In order for a complaint to be formally considered, the subject of the complaint should be clearly stated with as much detail as possible and support documentation (if any).