SWITZERLAND Law and Practice Contributed by: Judith Raijmakers and Florian Thomas Willi, Loyens & Loeff
Internal Control System The internal control system (ICS) needs to be comprised of at least two main controlling bod - ies: revenue-generating units and independ - ent control bodies. Revenue-generating units manage risks as part of their daily operations, actively monitoring and reporting on these risks to maintain effective control. Independent control bodies oversee risks and ensure compliance with legal, regulatory, and internal guidelines. Institutions can establish a variety of control bodies carrying out different functions, but must at least cover (i) risk control, and (ii) compliance (see in further detail below). The control bodies need to be integrated into the ICS independently from the revenue-generating units, having full rights to access information and conduct inspections. Their compensation structures must be designed to avoid conflicts of interest. One or more executive board members must oversee the independent control bodies, ensur - ing they have direct access to the board. For banks in supervisory categories 1 to 3, an auton - omous risk control and compliance function is established, led by a Chief Risk Officer (CRO). SIBs must appoint a CRO who is a member of the executive board. Risk control’s primary responsibilities include monitoring and reporting on individual and aggregated risk positions, conducting stress tests, and performing scenario analyses under adverse conditions. It also implements risk data aggregation and reporting provisions for larger institutions, monitors risk profiles against defined tolerances, and ensures compliance with supervisory regulations. Risk control must be consulted during the development of new
tion, maintenance, monitoring, and periodic review of internal controls. To fulfil these duties, the board must possess adequate managerial and technical expertise, relevant experience, and the necessary time commitment. Members are required to person - ally fulfil their responsibilities and maintain a constant state of readiness to respond to crises and emergencies, beyond the routine schedule of meetings. The board’s composition must be sufficiently diverse, representing key areas of responsibility, including finance, accounting, and risk management. For the sake of clear functional separation, no member of the board of directors may simultaneously serve on the bank’s management team. Additionally, at least two-thirds of the members must meet independ - ence criteria, which include the following prohi - bitions: • they have not been employed by the institu - tion in any other capacity within the past two years; • they have not served as the lead auditor for the institution within the last two years; • they do not have any business relationships with the institution that could result in a con - flict of interest; and • they are not qualified participants in the insti - tution or represent such participants. The board may establish committees to assist in carrying out its responsibilities. For banks in supervisory categories 1 to 3, a sufficiently inde - pendent audit committee and a risk committee are mandatory. Further, SIBs must establish, at least at group level, a compensation and nomi - nation committee.
575 CHAMBERS.COM
Powered by FlippingBook