Administrative Measures for Reputational Risks of Banking and Insurance Institutions (for Trial Implementation)
Administrative Measures for Reputational Risks of Banking and Insurance Institutions (for Trial Implementation)
Administrative Measures for Reputational Risks of Banking and Insurance Institutions (for Trial Implementation)
Yin Bao Jian Fa [2021] No.4
February 8, 2021
The Administrative Measures for Reputational Risks of Banking and Insurance Institutions (for Trial Implementation) were adopted at the first executive meeting of 2021 of the China Banking and Insurance Regulatory Commission on January 6, 2021, and are hereby issued to you for compliance and implementation.
Administrative Measures for Reputational Risks of Banking and Insurance Institutions (for Trial Implementation)
Chapter I General Provisions
Article 1 For the purpose of raising the level of reputational risk management of banking and insurance institutions, effectively preventing and defusing reputational risks and safeguarding financial stability and market confidence, these Measures are formulated in accordance with the Law of the People's Republic of China on Banking Supervision and Administration, the Law of the People's Republic of China on Commercial Banks, the Insurance Law of the People's Republic of China, the Trust Law of the People's Republic of China and other laws and regulations.
For the purpose of these Measures, banking and insurance institutions refer to Chinese-funded commercial banks, Chinese-foreign joint venture banks, wholly foreign-owned banks, trust companies, insurance group (holding) companies and insurance companies legally established within the territory of the People's Republic of China.
Article 2 For the purpose of these Measures, reputational risks refer to risks that acts of banking and insurance institutions, behaviors of practitioners or external events lead to the formation of negative views on banking and insurance institutions by stakeholders, the public and media, thus damaging their brand value, hindering their normal operation, and even affecting market and social stability.
Reputational events refer to relevant acts or activities that cause obvious damage to the reputations of banking and insurance institutions.
Article 3 Banking and insurance institutions shall manage their reputational risks in line with the following basic principles:
1. The principle of foresight. Banking and insurance institutions shall adhere to the reputational risk management idea of prevention first, strengthen research, prevent and control risks at the source, regularly review their reputational risk management situations and potential risks, and improve the predictability of reputational risk management.
2. The principle of matching. Banking and insurance institutions shall carry out multi-level and differentiated reputational risk management, match reputational risk management with their sizes, operational situations, risk profiles and system importance, and make timely adjustments in light of their external environments and internal management changes.
3. The principle of full coverage. Banking and insurance institutions shall focus on corporate governance, incorporate reputational risk management into their comprehensive risk management systems, and cover all business lines, all branches and subsidiaries, all departments, posts, personnel and products, as well as all management links of decision-making, execution and supervision. At the same time, they shall prevent any adverse reputational risk which may be caused by cooperative third-party institutions, and fully consider the correlation and infectiousness of other internal and external risks.
4. The principle of effectiveness. Banking and insurance institutions shall regard risk prevention and control, effective handling and image restoration as the ultimate criteria for reputational risk management, establish scientific, reasonable, timely and efficient risk prevention, response and handling mechanisms, and ensure that they can quickly respond to, collaboratively cope with and efficiently handle reputational events, and timely repair their damaged reputations and social images.
Article 4 Banking and insurance institutions shall assume entity responsibilities for reputational risk management, and the China Banking and Insurance Regulatory Commission (hereinafter referred to as the “CBIRC”) and its local offices shall supervise the reputational risk management of banking and insurance institutions in accordance with the law.
Chapter II Governance Structure
Article 5 State-owned and state holding banking and insurance institutions shall take the political building of the Party as the overarching principle, give full play to the leading role of Party organizations in setting the direction, managing the overall situation and ensuring implementation, and integrate Party leadership into all aspects of reputational risk management. Banking and insurance institutions controlled by private or social capital which have established Party organizations shall proactively leverage the core political role of Party organizations, closely combine Party leadership with reputational risk management, and realize the pursuit of the same goals, mutual promotion and common progress.
Article 6 Banking and insurance institutions shall strengthen the role of corporate governance in reputational risk management, specify the functions and responsibilities of their boards of directors, boards of supervisors, senior managements, reputational risk management departments, other functional departments, branches and subsidiaries, and establish reputational risk governance structures with sound organization and well-defined functions and responsibilities, as well as mutually connected and effectively linked operational mechanisms.
Article 7 The board of directors, board of supervisors and senior management of a banking or insurance institution shall respectively assume the ultimate responsibilities, supervisory responsibilities and managerial responsibilities for reputational risk management, with the board chairman or main principal being the first responsible person.
The board of directors shall be responsible for determining reputational risk management strategies and overall objectives, grasping reputational risk profiles, and supervising the senior management to carry out reputational risk management. For reputational events that cause major institutional and industrial losses, significant market fluctuations and systematic risks or affect the stability of the social and economic order, the board of directors shall hear special reports on them, and listen to special reports on reputational risk management in the following year.
The board of supervisors shall be responsible for supervising the performance of the duties and responsibilities of the board of directors and the senior management in relation to reputational risk management, and incorporating relevant situations into the work reports of the board of supervisors.
The senior management shall be responsible for establishing and improving a reputational risk management system, perfecting working mechanisms, formulating reputational risk response plans and handling plans for major matters, and arranging and promoting the handling of reputational events. Each year, at least one reputational risk management assessment shall be conducted.
Article 8 Banking and insurance institutions shall establish or designate departments as their reputational risk management departments, and allocate corresponding management resources. Reputational risk management departments shall be responsible for leading the implementation of the work plans of senior managements, guiding and coordinating other functional departments, branches and subsidiaries to implement the requirements of reputational risk management systems, coordinating and organizing the monitoring, reporting, screening and assessment of, response to and handling of reputational risks, and formulating and implementing staff education and training plans.
Other functional departments and branches shall be responsible for implementing various decisions related to their own departments (institutions) in regard to reputational risk prevention and reputational event handling. At the same time, they shall also set up full- or part-time reputational risk management posts, strengthen communication and coordination with reputational risk management departments, and firmly build the first line of defense in reputational risk management.
Banking and insurance institutions shall guide their subsidiaries to establish, with reference to the basic principles of reputational risk management of their parent companies, reputational risk governance structures, systems and processes suitable for their own situations and external environments, implement the relevant reputational risk management requirements of their parent companies, and carry out effective work in regard to the monitoring, prevention and handling of their own reputational risks.
Chapter III Whole-process Management
Article 9 Banking and insurance institutions shall establish reputational risk ex-ante assessment mechanisms, assess reputational risks when making major strategic adjustments, participating in major projects, carrying out major financial innovations and businesses, major marketing activities and media promotions, disclosing important information, getting involved in major legal proceedings or administrative punishments, facing mass events, or encountering major changes in industry rules or external environments or other circumstances which are prone to cause reputational risks, and formulate response plans based on the assessment results.
Article 10 Banking and insurance institutions shall establish reputational risk monitoring mechanisms, fully consider the correlation of reputational risks with credit, insurance, market, liquidity, operational, country, interest rate, strategic, IT and other risks, and timely discover and identify reputational risks.
Article 11 Banking and insurance institutions shall establish reputational event grading mechanisms, study, judge and assess the nature, severity, speed of spread, scope of impact and development trend of reputational events in light of their specific situations, scientifically classify reputational events, and respond to them level by level.
Article 12 Banking and insurance institutions shall strengthen their response to and handling of reputational risks, and flexibly take corresponding measures according to the different levels of reputational events. Such measures may include:
1. checking the basic facts and subjective and objective causes of reputational events, and analyzing the scope of institutional responsibilities;
2. examining the correlation of reputational events with other operation areas, businesses and publicity strategies, so as to prevent the escalation of reputational events or the occurrence of secondary risks;
3. evaluating possible remedial measures, and taking reasonable remedial measures according to the specific situations so as to control the degree and scope of losses to stakeholders;
4.
......
Yin Bao Jian Fa [2021] No.4
February 8, 2021
The Administrative Measures for Reputational Risks of Banking and Insurance Institutions (for Trial Implementation) were adopted at the first executive meeting of 2021 of the China Banking and Insurance Regulatory Commission on January 6, 2021, and are hereby issued to you for compliance and implementation.
Administrative Measures for Reputational Risks of Banking and Insurance Institutions (for Trial Implementation)
Chapter I General Provisions
Article 1 For the purpose of raising the level of reputational risk management of banking and insurance institutions, effectively preventing and defusing reputational risks and safeguarding financial stability and market confidence, these Measures are formulated in accordance with the Law of the People's Republic of China on Banking Supervision and Administration, the Law of the People's Republic of China on Commercial Banks, the Insurance Law of the People's Republic of China, the Trust Law of the People's Republic of China and other laws and regulations.
For the purpose of these Measures, banking and insurance institutions refer to Chinese-funded commercial banks, Chinese-foreign joint venture banks, wholly foreign-owned banks, trust companies, insurance group (holding) companies and insurance companies legally established within the territory of the People's Republic of China.
Article 2 For the purpose of these Measures, reputational risks refer to risks that acts of banking and insurance institutions, behaviors of practitioners or external events lead to the formation of negative views on banking and insurance institutions by stakeholders, the public and media, thus damaging their brand value, hindering their normal operation, and even affecting market and social stability.
Reputational events refer to relevant acts or activities that cause obvious damage to the reputations of banking and insurance institutions.
Article 3 Banking and insurance institutions shall manage their reputational risks in line with the following basic principles:
1. The principle of foresight. Banking and insurance institutions shall adhere to the reputational risk management idea of prevention first, strengthen research, prevent and control risks at the source, regularly review their reputational risk management situations and potential risks, and improve the predictability of reputational risk management.
2. The principle of matching. Banking and insurance institutions shall carry out multi-level and differentiated reputational risk management, match reputational risk management with their sizes, operational situations, risk profiles and system importance, and make timely adjustments in light of their external environments and internal management changes.
3. The principle of full coverage. Banking and insurance institutions shall focus on corporate governance, incorporate reputational risk management into their comprehensive risk management systems, and cover all business lines, all branches and subsidiaries, all departments, posts, personnel and products, as well as all management links of decision-making, execution and supervision. At the same time, they shall prevent any adverse reputational risk which may be caused by cooperative third-party institutions, and fully consider the correlation and infectiousness of other internal and external risks.
4. The principle of effectiveness. Banking and insurance institutions shall regard risk prevention and control, effective handling and image restoration as the ultimate criteria for reputational risk management, establish scientific, reasonable, timely and efficient risk prevention, response and handling mechanisms, and ensure that they can quickly respond to, collaboratively cope with and efficiently handle reputational events, and timely repair their damaged reputations and social images.
Article 4 Banking and insurance institutions shall assume entity responsibilities for reputational risk management, and the China Banking and Insurance Regulatory Commission (hereinafter referred to as the “CBIRC”) and its local offices shall supervise the reputational risk management of banking and insurance institutions in accordance with the law.
Chapter II Governance Structure
Article 5 State-owned and state holding banking and insurance institutions shall take the political building of the Party as the overarching principle, give full play to the leading role of Party organizations in setting the direction, managing the overall situation and ensuring implementation, and integrate Party leadership into all aspects of reputational risk management. Banking and insurance institutions controlled by private or social capital which have established Party organizations shall proactively leverage the core political role of Party organizations, closely combine Party leadership with reputational risk management, and realize the pursuit of the same goals, mutual promotion and common progress.
Article 6 Banking and insurance institutions shall strengthen the role of corporate governance in reputational risk management, specify the functions and responsibilities of their boards of directors, boards of supervisors, senior managements, reputational risk management departments, other functional departments, branches and subsidiaries, and establish reputational risk governance structures with sound organization and well-defined functions and responsibilities, as well as mutually connected and effectively linked operational mechanisms.
Article 7 The board of directors, board of supervisors and senior management of a banking or insurance institution shall respectively assume the ultimate responsibilities, supervisory responsibilities and managerial responsibilities for reputational risk management, with the board chairman or main principal being the first responsible person.
The board of directors shall be responsible for determining reputational risk management strategies and overall objectives, grasping reputational risk profiles, and supervising the senior management to carry out reputational risk management. For reputational events that cause major institutional and industrial losses, significant market fluctuations and systematic risks or affect the stability of the social and economic order, the board of directors shall hear special reports on them, and listen to special reports on reputational risk management in the following year.
The board of supervisors shall be responsible for supervising the performance of the duties and responsibilities of the board of directors and the senior management in relation to reputational risk management, and incorporating relevant situations into the work reports of the board of supervisors.
The senior management shall be responsible for establishing and improving a reputational risk management system, perfecting working mechanisms, formulating reputational risk response plans and handling plans for major matters, and arranging and promoting the handling of reputational events. Each year, at least one reputational risk management assessment shall be conducted.
Article 8 Banking and insurance institutions shall establish or designate departments as their reputational risk management departments, and allocate corresponding management resources. Reputational risk management departments shall be responsible for leading the implementation of the work plans of senior managements, guiding and coordinating other functional departments, branches and subsidiaries to implement the requirements of reputational risk management systems, coordinating and organizing the monitoring, reporting, screening and assessment of, response to and handling of reputational risks, and formulating and implementing staff education and training plans.
Other functional departments and branches shall be responsible for implementing various decisions related to their own departments (institutions) in regard to reputational risk prevention and reputational event handling. At the same time, they shall also set up full- or part-time reputational risk management posts, strengthen communication and coordination with reputational risk management departments, and firmly build the first line of defense in reputational risk management.
Banking and insurance institutions shall guide their subsidiaries to establish, with reference to the basic principles of reputational risk management of their parent companies, reputational risk governance structures, systems and processes suitable for their own situations and external environments, implement the relevant reputational risk management requirements of their parent companies, and carry out effective work in regard to the monitoring, prevention and handling of their own reputational risks.
Chapter III Whole-process Management
Article 9 Banking and insurance institutions shall establish reputational risk ex-ante assessment mechanisms, assess reputational risks when making major strategic adjustments, participating in major projects, carrying out major financial innovations and businesses, major marketing activities and media promotions, disclosing important information, getting involved in major legal proceedings or administrative punishments, facing mass events, or encountering major changes in industry rules or external environments or other circumstances which are prone to cause reputational risks, and formulate response plans based on the assessment results.
Article 10 Banking and insurance institutions shall establish reputational risk monitoring mechanisms, fully consider the correlation of reputational risks with credit, insurance, market, liquidity, operational, country, interest rate, strategic, IT and other risks, and timely discover and identify reputational risks.
Article 11 Banking and insurance institutions shall establish reputational event grading mechanisms, study, judge and assess the nature, severity, speed of spread, scope of impact and development trend of reputational events in light of their specific situations, scientifically classify reputational events, and respond to them level by level.
Article 12 Banking and insurance institutions shall strengthen their response to and handling of reputational risks, and flexibly take corresponding measures according to the different levels of reputational events. Such measures may include:
1. checking the basic facts and subjective and objective causes of reputational events, and analyzing the scope of institutional responsibilities;
2. examining the correlation of reputational events with other operation areas, businesses and publicity strategies, so as to prevent the escalation of reputational events or the occurrence of secondary risks;
3. evaluating possible remedial measures, and taking reasonable remedial measures according to the specific situations so as to control the degree and scope of losses to stakeholders;
4.
......