Listed banks intensively appoint Chief Compliance Officers, potentially ushering in a profound transformation in banking compliance governance

Shishi Yu, China Securities Journal

As of March 2, nearly 30 listed banks have announced appointments of Chief Compliance Officers. Among them, Agricultural Bank of China, China Construction Bank, Bank of China, Lanzhou Bank, Qingnong Commercial Bank, and others have announced that their Chief Compliance Officers are also their presidents.

Industry insiders believe that establishing a Chief Compliance Officer is not only an important measure for banks to respond to regulatory policies but also promotes a deep restructuring of the banking compliance management system, which is beneficial for banks to shift from “passive regulatory compliance” to “proactive compliance governance.”

Compliance Starts at the Senior Management Level

Recently, listed banks have been actively announcing appointments of Chief Compliance Officers.

On February 27, five listed banks announced their Chief Compliance Officer candidates. Except for Bank of Communications, which appointed Liu Jianjun, the Chief Risk Officer, as Chief Compliance Officer, the positions at China Construction Bank, Zheshang Bank, Lanzhou Bank, and Qingnong Commercial Bank are held by their presidents. Among them, Lü Linhua’s appointment at Zheshang Bank will take effect after his president’s appointment is approved. On February 13, Agricultural Bank of China announced the appointment of President Wang Zhiheng as Chief Compliance Officer; on the same day, Bank of China issued a board resolution announcing the appointment of President Zhang Hui as Chief Compliance Officer. On February 12, Everbright Bank announced that the board approved Yang Wenhua to serve as Vice President and Chief Compliance Officer.

Looking at the current roles of the appointed Chief Compliance Officers, most are also bank presidents, while some banks appoint vice presidents, chief risk officers, or assistant presidents as Chief Compliance Officers. A few banks have adopted a dedicated Chief Compliance Officer model.

A relevant person from the Financial Supervision and Administration Bureau previously stated in an interview that financial institutions need to improve their ability to operate legally and compliantly, integrating compliance management organically into corporate governance, operational management structures, and business processes. This requires compliance to start from the top, promoting the effective operation of the compliance management system from a high level.

Compliance Management Must Be Serious and Independent

Industry analysts note that the recent wave of appointing Chief Compliance Officers by banks mainly responds to the requirements of the “Regulations on Compliance Management of Financial Institutions” issued by the China Banking and Insurance Regulatory Commission in December 2024. The regulations will take effect on March 1, 2025, with a one-year transition period.

“The regulations clearly state that financial institutions should establish a Chief Compliance Officer at their headquarters, who can be a dedicated compliance officer or a senior management member, depending on their operational circumstances,” said a relevant person from a state-owned bank’s board office. Appointing senior management as Chief Compliance Officer helps ensure compliance responsibilities are taken seriously from the top, fostering a compliance culture, raising awareness among all employees, and creating an environment where violations are not dared, not allowed, and not wanted, effectively supporting high-quality development.

The regulations require that the Chief Compliance Officer and compliance officers must not be responsible for front-office operations, finance, capital utilization, internal audit, or other departments where there could be conflicts of interest with compliance management. Exceptions are made for bank presidents (general managers) serving as Chief Compliance Officers or for presidents of provincial or primary branch offices serving as compliance officers.

A relevant person from the Financial Supervision and Administration Bureau emphasized that the core of compliance is to follow laws, regulations, and supervisory standards, avoiding crossing “bottom lines” or “red lines.” This demands that compliance management possesses the necessary seriousness and independence.

Moving Toward Proactive Compliance Governance

Experts generally believe that the establishment of Chief Compliance Officers in banks marks a new stage in compliance governance in the banking industry. Under the guidance of the regulations, financial institutions should build a comprehensive compliance management system that covers all areas and levels, embedding compliance into the entire process and all fields of development and decision-making, achieving a shift from “passive regulatory compliance” to “proactive compliance governance.”

“The unique nature of financial institutions requires higher compliance standards than ordinary enterprises,” said Dong Ximiao, Chief Economist at Zhaolian and Deputy Director of the Shanghai Financial and Development Laboratory. He believes that financial institutions must adhere to compliant operations, cultivate a compliance culture, guide employees to enhance risk and compliance awareness, and continuously improve compliance levels to effectively prevent operational risks.

According to the specific requirements outlined in the regulations, the Chief Compliance Officer at a bank should bear primary leadership responsibility for compliance management within the institution and its staff. Their main duties include: overseeing the institution’s compliance management work, organizing and promoting the construction of the compliance management system, supervising the performance of compliance departments and roles, ensuring strict and effective implementation of compliance standards, promoting the development of compliance policies, conducting compliance reviews, inspections, evaluations, handling major compliance incidents, conducting compliance assessments, problem rectification, and team building, and ensuring the orderly operation of compliance work; and regularly reporting to regulatory authorities as required.