Chapter 29: Framework for Identification of Compliance Issues and Compliance Risks (CAIIB – Paper 1)
1. What is the primary objective of identifying compliance issues in a bank?
A. To increase bank profits
B. To implement marketing strategies
C. To prevent legal, regulatory, and reputational risks
D. To improve customer relationships only
Identifying compliance issues helps the bank manage legal, regulatory, and reputational risks, ensuring adherence to laws and guidelines.
2. Which of the following best defines compliance risk?
A. The risk of market fluctuations affecting bank income
B. Risk of legal or regulatory sanctions, financial loss, or reputational damage due to non-compliance
C. Risk arising from interest rate movements
D. Risk from operational inefficiency only
Compliance risk refers to the possibility of legal, regulatory, or reputational penalties arising from failure to comply with applicable laws, rules, and regulations.
3. Which of the following is a key step in the framework for identifying compliance risks?
A. Assessing regulatory requirements and internal policies
B. Increasing branch expansion
C. Launching new banking products without approval
D. Hiring more staff in operations only
Identifying compliance risks requires assessing applicable laws, regulatory requirements, and internal policies to determine areas of potential non-compliance.
4. Compliance issues in a bank generally arise due to:
A. Customer complaints only
B. Staff training programs
C. Financial performance targets
D. Non-adherence to laws, regulations, and internal policies
Compliance issues occur when there is failure to follow legal and regulatory requirements or internal guidelines, which may result in penalties or reputational damage.
5. In the context of compliance, risk assessment helps a bank to:
A. Prioritize areas requiring attention and allocate resources effectively
B. Increase marketing campaigns
C. Hire more employees without evaluation
D. Expand ATM networks only
Risk assessment identifies and evaluates potential compliance risks, helping banks prioritize issues and allocate resources to mitigate them efficiently.
6. Which of the following is a direct consequence of failing to manage compliance risks?
A. Improved customer satisfaction
B. Reduced operational cost
C. Legal penalties, financial loss, and reputational damage
D. Increased product sales
Failure to manage compliance risks can lead to legal action, fines, financial loss, and reputational harm for the bank.
7. What is meant by inherent risk in the context of banking compliance?
A. Risk arising due to effective internal controls
B. The natural level of risk present in a process before controls are applied
C. Risk caused by external auditors
D. Risk that is eliminated after monitoring
Inherent risk is the exposure to potential loss or non-compliance that exists naturally in a process, transaction, or activity before any internal controls are applied.
8. Control risk can be defined as:
A. The risk that existing internal controls fail to prevent or detect a compliance issue
B. The risk due to market fluctuations
C. Risk from external fraud only
D. Risk arising only from customer defaults
Control risk arises when the internal controls designed to prevent or detect errors, fraud, or non-compliance fail, potentially allowing issues to occur.
9. Which of the following statements is true regarding inherent risk and control risk?
A. Inherent risk depends on internal controls, while control risk is independent
B. Both risks are only relevant for financial reporting
C. Inherent risk exists naturally, while control risk depends on the effectiveness of controls
D. Control risk is always zero if inherent risk exists
Inherent risk is the natural exposure in a process, while control risk depends on how effectively internal controls mitigate that exposure.
10. Which of the following measures can help reduce control risk?
A. Ignoring regulatory updates
B. Reducing staff training programs
C. Eliminating internal audits
D. Implementing robust internal controls and regular monitoring
Control risk can be mitigated by designing and implementing strong internal controls, coupled with regular monitoring and audits to ensure compliance.
11. Which of the following best describes the relationship between inherent risk, control risk, and residual risk?
A. Residual risk = Inherent risk × Control risk effectiveness
B. Inherent risk eliminates residual risk
C. Control risk has no impact on residual risk
D. Residual risk is always zero if inherent risk exists
Residual risk is the risk remaining after controls have been applied. It depends on both the inherent risk and the effectiveness of control measures.
12. In a high-risk banking process with weak internal controls, which risk is likely to be highest?
A. Residual risk is negligible
B. Both inherent risk and control risk are high, leading to high residual risk
C. Only control risk is high, inherent risk is zero
D. All risks are eliminated automatically
When inherent risk is high and internal controls are weak, control risk is high as well, which together result in a high residual risk for the process.
13. What is the primary purpose of independent testing in a bank's compliance framework?
A. To increase product sales
B. To implement marketing strategies
C. To provide an unbiased assessment of compliance controls and identify gaps
D. To train new employees
Independent testing ensures that compliance controls are objectively assessed, weaknesses are identified, and corrective actions can be recommended.
14. Which of the following best describes an effective audit programme?
A. A schedule for customer feedback
B. A structured plan outlining audit scope, frequency, methodology, and reporting
C. A plan to increase marketing campaigns
D. A guideline to expand branch operations
An effective audit programme defines the scope, objectives, frequency, procedures, and reporting structure, ensuring systematic and comprehensive audits.
15. Which of the following is a key benefit of independent testing in compliance?
A. Early detection of control weaknesses and regulatory non-compliance
B. Reducing employee salaries
C. Launching new products without approval
D. Increasing market share directly
Independent testing helps the bank detect control gaps early, address regulatory risks, and improve overall compliance effectiveness.
16. Which of the following activities is typically included in an effective audit programme?
A. Only reviewing financial statements
B. Conducting marketing surveys
C. Hiring new employees
D. Reviewing policies, assessing controls, testing transactions, and reporting findings
An effective audit programme includes reviewing policies, evaluating internal controls, testing processes, and reporting results with recommendations.
17. Independent testing is considered critical in compliance because:
A. It eliminates the need for management oversight
B. It provides objective verification of compliance effectiveness
C. It replaces internal controls entirely
D. It ensures higher profits directly
Independent testing ensures that the effectiveness of compliance controls is objectively verified, independent of operational staff or management biases.
18. Which of the following best ensures the success of an audit programme?
A. Clear scope, regular testing, documentation, and timely reporting
B. Random and unscheduled reviews only
C. Ignoring control failures if detected
D. Conducting audits once in 5 years
A successful audit programme requires well-defined scope, structured testing, proper documentation, and timely reporting of audit findings.
19. What is the primary purpose of a compliance reporting framework in a bank?
A. To increase customer deposits
B. To launch new banking products
C. To ensure timely, accurate, and structured reporting of compliance issues to management and regulators
D. To reduce employee training requirements
A compliance reporting framework ensures that compliance breaches, risks, and mitigation actions are reported accurately and in a structured manner to facilitate management and regulatory oversight.
20. Monitoring compliance primarily helps a bank to:
A. Increase branch expansion
B. Detect deviations from regulatory requirements and internal policies
C. Launch marketing campaigns
D. Reduce operational cost only
Monitoring compliance ensures that the bank continuously tracks adherence to laws, regulations, and internal policies, detecting deviations for timely corrective action.
21. Which of the following is a key element of an effective compliance monitoring system?
A. Ignoring minor non-compliances
B. Annual reporting only
C. Delegating monitoring entirely to external auditors
D. Regular review, reporting, follow-up, and corrective actions
An effective compliance monitoring system includes regular reviews, structured reporting, follow-up on issues, and implementation of corrective measures.
22. What is the role of senior management in the compliance reporting framework?
A. Ensuring that compliance reports are reviewed, escalated, and acted upon appropriately
B. Preparing regulatory circulars only
C. Hiring new compliance officers
D. Ignoring minor policy violations
Senior management ensures that compliance reports are properly reviewed, escalated, and that necessary actions are taken to mitigate risks and ensure regulatory adherence.
23. Which of the following best describes continuous compliance monitoring?
A. Conducting audits once every 5 years
B. Ongoing review of operations, controls, and policies to detect and address non-compliance promptly
C. Delegating monitoring to marketing team
D. Only relying on external regulators to detect issues
Continuous compliance monitoring involves an ongoing process to check adherence to regulations and internal policies, ensuring prompt detection and correction of any issues.
24. Which of the following is an outcome of an effective compliance monitoring and reporting framework?
A. Reduced number of branches
B. Increased marketing spend
C. Hiring more staff without evaluation
D. Early detection of issues, regulatory compliance, and mitigation of potential risks
An effective monitoring and reporting framework enables the bank to detect issues early, ensure compliance with regulations, and reduce operational and reputational risks.
25. What is the primary role of inspection in a bank?
A. To increase marketing campaigns
B. To independently evaluate branch operations, adherence to policies, and detect potential issues
C. To hire new staff only
D. To manage customer complaints exclusively
Inspections help management independently assess branch operations, ensure compliance with policies, and detect potential operational, financial, or compliance issues.
26. Which of the following best describes the role of audit in banks?
A. To promote new banking products
B. To increase customer deposits
C. To train employees in customer service
D. To independently evaluate internal controls, compliance, and financial reporting
Audits are independent assessments that evaluate the effectiveness of internal controls, ensure regulatory compliance, and verify accuracy in financial reporting.
27. Which of the following is a key objective of both inspection and audit in banks?
A. Detect deviations, prevent losses, and ensure compliance with policies and regulations
B. Expand branch networks
C. Increase marketing campaigns
D. Reduce employee training
Both inspections and audits aim to detect operational and compliance deviations, prevent potential losses, and ensure adherence to internal policies and regulatory requirements.
28. Which of the following differentiates inspection from audit in banks?
A. Inspection is performed externally, audit is always internal
B. Audit focuses only on marketing, inspection on operations
C. Inspection is typically operational and branch-focused, audit evaluates controls and compliance at a broader level
D. Both are the same with no difference
Inspections usually focus on operational and branch-level checks, while audits provide a broader independent evaluation of internal controls, compliance, and financial reporting.
29. Who typically conducts internal audits in a bank?
A. Branch managers only
B. Internal audit department or independent internal auditors
C. Marketing team
D. Customers
Internal audits are performed by the internal audit department or independent auditors to assess the effectiveness of controls, compliance, and operational efficiency.
30. Which of the following is a benefit of regular inspections and audits in banks?
A. Reducing branch operations
B. Increasing marketing expenses
C. Eliminating need for compliance officers
D. Early detection of risks, improvement of internal controls, and ensuring regulatory compliance
Regular inspections and audits help banks detect risks early, strengthen internal controls, and ensure adherence to regulatory and internal compliance standards.
31. What is the primary objective of a Loan Review Mechanism (LRM) in banks?
A. To increase marketing of loan products
B. To reduce customer complaints only
C. To periodically evaluate credit quality and identify potential problem loans
D. To approve loans faster without review
The Loan Review Mechanism helps banks periodically assess the quality of their loan portfolio, detect potential problem loans early, and take corrective actions to minimize credit risk.
32. Which of the following best describes credit audit in a bank?
A. Monitoring marketing campaigns for loan products
B. Independent evaluation of lending processes, adherence to credit policies, and quality of credit decisions
C. Approving loans without documentation
D. Conducting customer satisfaction surveys only
Credit audit ensures that lending processes are followed correctly, credit policies are adhered to, and the quality of credit decisions is maintained.
33. Which of the following is a key benefit of implementing a strong Loan Review Mechanism?
A. Early detection of weak loans and reduction of potential NPAs
B. Increased marketing reach
C. Faster loan approvals without review
D. Reducing employee workload only
A well-implemented Loan Review Mechanism helps detect weak loans early, allowing corrective action to prevent potential Non-Performing Assets (NPAs).
34. What is meant by “Good Compliance” in a bank?
A. Avoiding all regulatory reporting
B. Minimizing staff training costs
C. Following only selected regulations as convenient
D. Adhering fully to laws, regulations, internal policies, and proactively preventing breaches
Good compliance means the bank fully adheres to all applicable laws, regulations, and internal policies while taking proactive measures to prevent breaches and risks.
35. Which of the following practices indicates good compliance in credit operations?
A. Proper documentation, adherence to credit policies, and regular monitoring of loans
B. Approving loans without due diligence
C. Ignoring regulatory updates
D. Delegating all credit decisions to external agents
Good compliance in credit operations involves proper loan documentation, adherence to policies, periodic review, and monitoring to prevent credit risk and regulatory breaches.
36. Which of the following best supports the principle of good compliance in banks?
A. Ignoring minor policy breaches
B. Establishing a culture of accountability, regular training, and proactive risk management
C. Delegating compliance only to junior staff
D. Relying solely on external auditors
Good compliance is supported by creating a culture of accountability, providing regular training, monitoring processes, and proactively managing risks throughout the organization.
