تجاوز إلى المحتوى الرئيسي

11.2 Anti-Fraud Framework

N 35/2018 STA
  1. 11.2.1The Licensed Person must implement an appropriate Anti-Fraud Framework in order to prevent, detect, investigate and respond to fraud incidents; and
  2. 11.2.2The following are the four basic elements that must be included in the Anti-Fraud Framework at a minimum, depending on the nature, size and complexity of the Licensed Person:

 

Elements of an Anti-Fraud Framework
  1. a)Preventive measures for reducing the risk of Fraud from occurring:
    • Tone at the top by the Board of Directors (or by the Owner/Partners where there is no Board of Directors) on zero tolerance of fraud;
    • Introduce Policies and Procedures including a Code of Conduct and a Fraud Prevention Policy;
    • Conduct Fraud Risk Assessment;
    • Appropriate access controls in sensitive areas, both physical and in IT systems;
    • Segregation of duties (e.g. introducing maker/checker controls);
    • Background screening before hiring employees;
    • Annual declaration completed by all employees to:
      • oDisclose conflict of interest, if any; and
      • oConfirm their understanding of the Code of Conduct.
    • Provide training to assist employees to prevent fraud and to maintain public confidence.
  1. b)Detection measures for discovering fraud when it occurs:
    • Accurate and timely account reconciliations;
    • Independent Audits/AUPs (e.g. by External Auditors);
    • Scrutinizing required documents prior to completing transactions;
    • System controls;
    • Systematic fraud detection tools (to be implemented only if the Licensed Person has more than 25 branches); and
    • Whistleblowing Policy (to be implemented only if the Licensed Person has more than 25 branches).
  1. c)Investigation Process that includes the following:
    • Laid down Procedures for investigating fraud incidents through research, followup, interviews or a formal procedure of discovery.
  1. d)Response
    • Immediate reporting of fraud incidents to the police authorities, FID and the Banking Supervision Department;
    • Recovery through legal action, insurance claim, criminal referrals, disciplinary action, etc.; and
    • Monitoring:
      • oOngoing corrective actions to ensure that internal controls continue to operate effectively; and
      • oOngoing updates to respective policies and procedures to reflect developments in the Licensed Person and its operational environment.