So what is Fraud? Fraud is generally defined in the law as “an intentional misrepresentation of material existing fact made by one person to another with knowledge that it is false and for the purpose of inducing the other person to act, and upon which the other person relies with resulting injury or damage.
Fraud may also be made by an omission or purposeful failure to state material facts, which nondisclosure makes other statements misleading”. In the Bahamas, Fraud is considered criminal conduct, irrespective of the size. Additionally, under the Proceeds of Crime Act 2000, it is included as serious crime related to Money Laundering.
The Board of Directors and Compliance professionals of financial institutions have a duty of care to make certain that their institutions have in place the necessary controls to prevent and detect fraudulent activities.
The combined internal audit, risk management and compliance function should make certain that areas susceptible to Fraud are well controlled and routine monitoring of transactions is the order of the day. Types of fraud perpetrated against the financial services sector include counterfeiting of cheques and other documents, misuse of credit and debit cards or related identification numbers (PINs), “skimming” of information from magnetic strips on cards, and the dishonest operation of automatic teller machines (ATMs). Facsimile machines and personal computers are also increasingly being used to transmit fraudulent instructions to financial institutions.
How can fraud affect your institution?
Fraud within your business may result in the following:
* Serious financial loss
* Lowering of staff morale
* Adverse publicity
* Disruption caused by major investigation
How can you prevent fraud in your institution?
There are four (4) key elements in the prevention of fraud in any business. These are centered on knowing your employees, good management control, working environment and effective computer security. We should always believe that honesty matters and seek to create a climate of honesty and agreed ethical principals in the business at the highest level. Therefore, we must design our compliance program as follows:
1) Consider Employees
* Check all references
* Define each persons responsibilities clearly and make sure they know who they should report to if a problem arises, e.g. Money Laundering Reporting Officer
* Avoid having “indispensable” staff who alone knows the workings of a particular part of your institution.
* Make certain everyone takes regular breaks from work. The good employee who never takes a holiday may be ripping you off!
* Remember – the bigger and more sophisticated the fraud the more likely it will be that senior staff may be involved.
2) Consider Management Control
* Review your management control systems for weaknesses. You should perform a risk assessment of your financial institution and make certain fraud risks are controlled and tested. Take specialist advice if you are uncertain
* Make use of criminal database checks, such as World check, Complinet ,Lexis Nexis etc. to check out clients, potential clients and introducers of business
* Protect your financial position by asking new clients for part payment in advance or provide partial services.
* Always check bank and credit references
3) Consider the Working Environment
* Have a clear company policy relative to fraud and stick to it. Come down hard on any irregularities. Set an example from the top.
* Inform staff and clients of your policy.
* Encourage and reward ‘Whistle blowing’, but be prepared to protect any member of staff who does so.
* Use the advice of internal audit, risk management, compliance or non-executive directors
* Remember – dissatisfied employees are more likely to be tempted by fraud.
4) Consider Computer Security
* Have a clear policy concerning the use of computer systems. In particular, change passwords regularly and keep them confidential.
* Ensure all staff is aware of their legal standing with regards to their use of computers. Particularly with regards to the Computer Misuse Act 2003.
* Employ staff who know what they are doing.
* Take regular back-ups of data. Keep copies of back-ups off the premises in case of theft, fire or other disaster.
* Beware of computer viruses through unsolicited discs or through the internet.
Institutions’ compliance programs should include a compendium of policies and procedures used to identify legal and regulatory problems, correct identified deficiencies, prevent future violations and assure regulatory compliance.
The degree of formality required depends on the size and structure of the organisation and there should be a demonstrated strong organisational commitment to the detection, reporting and resolution of wrongful conduct.
Additionally, the existence of benchmarks that demonstrate implementation and achievement are essential to any effective compliance program. With an effective Fraud Compliance program in place, the institution can convince regulators, influence prosecutors not to proceed with criminal prosecution and also help to negotiate a less damaging civil settlement.
As we embark on this increasingly complex financial services landscape, undoubtedly Fraudsters will continually test the strength of your business’ risk management and compliance programmes relative to fraud and other criminal conduct.
As stakeholders in our organizations, it is critical that we arm ourselves through effective training, control and monitoring processes and continued organizational development in the area of ethical behavior. Fraud should not have to be part of the cost of living or the cost of doing business, but it is.
Look out for BACO’s new articles and new training initiatives!
www.bahamascompliance.com
The Nassau Guardian
