Compliance policy

This draft document is disclosed based on our transparency policy and it is under review



1.1 “Gyals Credit” NBFI /hereafter referred to as “NBFI”/ is an authorized business entity with the purpose of expanding the internal and external relations and developing cooperation. This document prescribes the procedures for complying with applicable regulations and international standards.       


2.1 Purpose of the NBFI’s compliance policy /hereafter referred to as “Compliance policy”/ is to create a system to operate within the framework of rules and regulations that meet the requirements of the legislation and regulatory authorities in order to prevent the risk of any kind of compliance activities and to support the NBFI’s implementing governance, competitiveness, and sustainable development.

2.2 This policy is in compliance with applicable Mongolian legislation and policies set out herein apply to all employees.  

2.3 Definitions of terms:

2.3.1 “Compliance activity” refers to the company’s activity to monitor and evaluate all activities and its compliance with International standards, Mongolian legislation and the requirement of authorities;

2.3.2 “Compliance risk” refers to the company’s liability, penalties, potential financial loss and reputational risk due to the lack of enforcement of legislation, regulations, and standards.

2.3.3 “Checklist” refers to the company’s checklist to identify potential risks and to evaluate NBFI’s operational compliance with the laws and regulations;

2.3.4 “Authorized organization” refers to an international or domestic organization to establish norms related to NBFI’s operations and The Parliament of Mongolia, The Government of Mongolia, Financial Regulatory Commission;

2.3.5 “Whistleblowing” refers to the reporting by employees who raise concerns about suspected misconduct, illegal acts or failure to act in accordance with company policies. These concerns may be relevant to combating money laundering, acts of fraud, accepting or offering bribes, and relating to shareholders, senior management, authorized employee(s) and other employee(s) who put the personal interest above the company’s interests;


3.1 Strengthening the composition of the Compliance Policy:

3.1.1 Establish the compliance department/officer that works independently, sustainably and separately from the company’s daily operations. The department will also develop its management and organizational structure in this manner;

3.1.2 Develop and optimize the objectives, functions, and operations of the compliance department/officer;

3.1.3 Improve the legal environment and working environment of the compliance department/ officer;

3.1.4 Continually train the compliance officer(s) to improve their knowledge and capacity as part of offering stable employment;

3.2 Complying NBFI’s operations, regulations, and principles with the legislation, and the requirements of the authorized organizations and standards:

3.2.1 Study newly adopted laws and regulations, procedures, and standards related to NBFI's operations;

3.2.2 Study experience and standards of international financial institutions;

3.2.3 Study the requirements of the international partners, and develop further collaboration with them;

3.2.4 Submit recommendations and conclusions on the measurement of internal standards and procedures complying with all applicable laws and regulations;   

3.3 Preventing possible compliance risk:

3.3.1 Monitor and evaluate the procedure of penetrating new products and services to the market, and the development of products and services of NBFI;

3.3.2 Ensure compliance with all laws on combating money laundering and terrorism financing;

3.3.3 Develop methodology to assess the level of money laundering risk through NBFI’s operations and to enhance monitoring on high-risk clients;

3.3.4 Create a database of all clients irrespective of its formation as a legal entity or individual. Continuance and ongoing monitoring of database to limit and prevent dealing with entities on United Nations’ blacklist, other regulatory institutions, and clients from high-risk jurisdictions.

3.3.5 Closely monitor clients with large deposits and inform the Financial Information Unit of Bank of Mongolia for further appropriate action if there is suspicious activity that may be relevant on combating money laundering or terrorism financing;

3.3.6 Monitor and verify customer information in order to prevent potential risks associated with establishment of a financial relation without knowing customer information and/or potentially spreading negative information regarding their illegal activities;

3.3.7 Review and report on consistency of obligations under the contract with international partners and international treaties to which Mongolia is a party;

3.3.8 Monitor the procedure of signing the contract with international partners;

3.3.9 Conduct the surveillance on the NBFI’s operations by developing the checklist to prevent compliance risks;

3.4 NBFI shall follow principles listed below while conducting compliance activities;

3.4.1 Independence – The compliance department/officer must work independent from other department or employees and must act objectively and independently while conducting compliance operations;

3.4.2 Transparency – The documents related to compliance report must be obtained by the relevant employees, department, and division per its request;

3.4.3 Sustainability – Maintaining the stability of the compliance department/officer;

3.4.4 Conflict of Interest – All employees must not engage in any activity that may have conflict of interest;

3.4.5 Effectiveness and Accessibility – All employees must follow the NBFI’s compliance policy and principles;  

3.4.6 Reporting – Prepare the compliance operations report on a regular basis with the given format and report to the direct management, senior management and CEO;

3.5 NBFI shall implement "whistle-blowing" principles based upon the information from individuals and customers to strengthen the integrity, transparency, and accountability of employees in order to prevent the risk of corporate governance, reputation, illegal actions and inaction of employees; 


4.1 NBFI shall take actions to identify, evaluate, and mitigate all possible compliance risks;

4.2 NBFI shall implement the compliance risk policy uniformly with its related regulations and Risk Management policy;

4.3 Compliance risks shall consist of;

4.3.1 Reputation – risks of losses resulting from the negative information in public domain due to the lack of enforcement of laws, regulations, and standards.

4.3.2 Legal - risks arising from non-compliance with applicable laws, regulations, and the requirements of the authorities;

4.3.3 Legal Responsibility - risks associated with liability determined by the court(s) due to the non-compliance with applicable law, rules, procedures, standards, and contract obligations;

4.3.4 Financial – the risk that inflictions of penalties, punishment, and financial loss due to non-compliance of applicable standards;

4.4 NBFI shall take actions to mitigate, prevent or identify the potential risks while introducing and developing new products and services to the market;

4.5 NBFI divisions, departments, units, and personnel shall immediately report to the compliance department/officer of any activities that may cause compliance risk. Compliance department/officer(s) shall take actions as appropriate;

4.6 NBFI compliance department/officer is entitled to conduct surveys of any unit or employees that are deemed to have the potential risk of compliance;


5.1 NBFI shall make decisions regarding the mitigation, prevention, and identification of the compliance activities, its levels and potential risks and evaluate its implementation process;

5.2 NBFI shall have internal regulations of procedures to implement the compliance policy. The regulation shall include the duties of divisions, departments, units, and personnel on implementing process and preventing the compliance risks;

5.3 NBFI’s business plan shall include the integrated program on reviewing the implementation process of compliance policy and regulation, assessing the level of compliance risk, training the employees, etc.

5.4 NBFI shall manage the compliance activities at the following levels:

5.4.1 Shareholders: Company’s strategy, the compliance policy and its amendment shall be defined and approved by the shareholders; Shareholders, with the function to decide issues regarding the implementation of the compliance policy identified by the senior management or the compliance department/officer within their authority; Review the quarterly reports of combating anti-money laundering and terrorism financing, identifying the customer and the consistency with of international treaty obligations;  

5.4.2 Senior management: Provide the constant supervision on the implementation process and maintain the stability of compliance officer; Build an investment budget including required investments regarding the detected compliance risk, or its mitigation, human resources, technology, and other required investments, and get it approved by shareholder’s committee, furthermore ensure its implementation; Take appropriate action on issues arising due to non-compliance of Mongolian legislation, regulations, and international standards. Appropriate reporting of these to the shareholders will be done in a timely manner;

5.4.3 Internal audit department/employee Audit the implementation process of compliance policy;

5.4.4 Compliance department/officer: Establish the internal regulations assessment of complying with the applicable laws, standards and report it to the senior management and monitor its implementation; Establish an independent and consistent assessment of internal regulations with the applicable laws, standards, and requirements; Identify, evaluate, and mitigate possible compliance risks while developing and penetrating new products and services to new markets. Moreover, broaden the international partnership; Train and advise other employees with respect to implementation processes of compliance activities; Monitor compliance activities and its constitution by developing a checklist based on specific actions collaborating with the responsible employee. Conduct surveys while monitoring the process. Provide necessary information to direct management, senior management, and shareholders regarding implementation processes of the compliance policy, monitoring of compliance activities and assessment of compliance risks at all levels; Ask support from relevant staff and/or hire international consultant(s) on cases to determine existing compliance risk and take action to mitigate risk; Compliance officer shall have the right to be acquainted with the NBFI’s confidential information within his/her scope of work; Monitor international and domestic transactions at program level; Examine the decisions and orders approved by the management to determine compliance with applicable laws, regulations, and standards. If deemed non-compliant, the compliance officer may cancel them with the approval of senior management; Compliance department/officer shall observe the whistle-blowing principle in cases that may cause compliance risk;

5.4.5 Other employees: Follow all applicable laws, standards from regulatory authorities, and regulations within his/her scope of work; Inform compliance department/officer of any concerns about possible or existing compliance risk; Collaborate with compliance department/officer on implementation of compliance policy and prevention of compliance risk;


6.1 Compliance department/officer shall not engage in any activities that may present a conflict of interest and shall work independently;