Presented by En. Wahid Ali Mohd Khalil - Bank Islam Malaysia · PDF file · 2013-05-06Presented by En. Wahid Ali Mohd Khalil ... e-FIDs refers to Bank Negara Malaysia’s (BNM)

Presented by En. Wahid Ali Mohd KhalilChief Compliance Officer

Bank Islam Malaysia Berhad

1

2

3

Financial Sector Talent Enrichment Programme (fstep)Operational Fraud in Financial Institutions

4

5

Financial Sector Talent Enrichment Programme (fstep)Operational Fraud in Financial Institutions

6

7

Fraud is defined as a deliberate and premeditated action which involves the use of deception to gain advantage or benefit, not necessarily but usually from a position of trust and authority, by either internal or external persons or parties.

However, in the banking environment, the following definition may be more applicable:“ the use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization's resources or assets”.

Simply put, it means offences committed by individuals for themselves in the course of their occupation and offences of employee against their employers / business owner.

Financial Sector Talent Enrichment Programme (fstep)Fraud Risk Awareness

8

1.Deliberate;2.Deception;3.Misuse or misapplication of the organization’s resources;4.Personal enrichment;5.By employees against employer/ business owner; and6.Conducive environment to facilitate fraud.


9

MOTIVE OR PERCEIVED PRESSURE

OPPORTUNITYJUSTIFICATION/ RATIONALIZATION


In order for fraud to occur, all 3 elements have to be present.

10

Motive/pressure is what drives a person to commit fraud in the first instance, i.e., his motivation;Pressure can include almost everything including medical bills, expensive taxes, addiction problem, etc;It is non-sharable in the eyes of the fraudster. That is, the person believes, for whatever reason, their problem can only be solved by themselves; andThere are instances where fraud is committed simply out of greed.


11

Circumstances conducive to commit fraud;The perception by someone believing they can commit fraud without getting caught;Opportunity is created by weak internal controls, poor management oversight, and/ or through misuse of ones position or authority;Failure to establish adequate procedures to detect fraudulent activity such as a strong Internal Audit Function and Risk Management process; and The ability to “control” opportunity is the single most important factor in combating fraud.


12

The process where the fraudster reconciles his/ her actions with the commonly accepted notion of right and wrong within the Shariah context such as:-

To save family members or loved ones;Will lose everything – family, home, car, etc., if they don’t take the money;“To borrow”, with the intention of paying back the stolen money at some point; andJob dissatisfaction (salaries, bonus);Believes that something is owed to him/ her.


13

Fraud is a cost; 92% of companies in Asia-Pacific were affected by at least one fraud in the past 12 month*; andAmount lost by business to fraud rose fromUSD1.4M to USD1.7M per billion dollars of sales inthe past 12 months – an increase of more than20%.*

* Global Fraud Report (2010/2011)


14

Management;The “C’s”Senior Managers & Managers

Non Management Staff; Customers; Service Providers; and Suppliers.


15

Employees – 52%Management – 35%Service providers – 11%Customers – 1%Others (i.e. suppliers) – 1%

* KPMG Malaysia Fraud Survey Report 2009


16

Internal controls – 55%Notification by employee – 33%Internal auditor – 30%Notification by customer/

supplier – 25%Anonymous letter/ informant

Whistleblower – 25%External auditor – 8%

* KPMG Malaysia Fraud Survey Report 2009 (Note that some respondents indicated more than one response)


17

18

Committee of Sponsoring Organizations of the Treadway Commission (COSO) defines internal control as “a process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories: effectiveness and efficiency of operations, reliability of financial reporting and compliances with applicable laws and regulations.”

Financial Sector Talent Enrichment Programme (fstep)Internal Control

19

1. Control environmentManagement’s commitment to good governanceTone from the top

2. Risk assessmentIdentify, analyze and manage risks that could negatively impact the organization and prevent it from achieving its goals

3. Control activitiesPolicies and procedures (actions) put into place to address the risk of the entities


20

4. Information & communicationsEnable management to make reliable decisionsAccurate and relevant information must be identified, captured and exchanged (communicated) in a timely manner

5. MonitoringEnables management to detect changes and deficiencies,Assessing effectiveness and efficiency of internal control performance, the process flow and operations of controls and to take necessary corrective actions on defects or flaws.


21

1. Preventive controls What you do to ensure that the right thingshappen; wrong things don’t happen, i.e.,segregation of duties/ authorization levels;i. Proactiveii. Reactiveiii. Correction

2. Directive controls mandatory checking & reporting; and

3. Detective controlsWhat you do when preventive controls do notwork, e.g., surprise check.


22

(i) ProactiveEffective internal controls;Financial and operational audits;Intelligence gathering;Logging of exceptions; andReviewing variances.

(ii) ReactiveFraud investigations;Intuition; andSuspicion.


23


24

Tone at the Top

Education and Training

Investigation and Follow-

up

Integrity Risk and Controls

Reporting and

Monitoring

Proactive Detection

Fraud;Negligence;Cash shortage/ customer’s suit; andBreach of COE.


25

IntroductionBrief introduction of events leading to the investigation.BackgroundBrief write-up on the fraud/ negligence/ breach of COE case.ObjectivesScopeDefine the coverage of the investigation.Chronology of EventsA list of all events leading to the discovery of fraud/ negligence/ breach of COE case in chronological order.


26

Critical Issues Detailed by Chronology of EventsHighlight critical risks/ issues/ gaps noted from the chronologyof eventsConclusionArising from the chronology of events and critical risk identifiedRecommendationsDisciplinary actions to be taken against the staff involvedProcess enhancement including additional control requirementsPolice reportLegal action


27

28

Financial Services Bill 2012;Islamic Financial Services Bill 2012;Electronic Fraud Information Database System (e- FIDS) issued by BNM in August 2002; andPenal code (Act 574):-

Section 378 - Theft.Section 405 - Criminal breach of trust.Section 408 - Criminal breach of trust by clerk or servant.Section 415 - Cheating.

However, to-date, there is no specific law relating to crimes under “FRAUD”.

Financial Sector Talent Enrichment Programme (fstep)Fraud Detection & Red Flags

29


Gender: Men (87%); Women (13%)

Age: 26-40 years (69%); 25 years & below (31%)

Average Annual Income: RM30,001 to RM50,000 (53%); RM15,001 to RM30,000 (46%); RM15,000 and below (1%)

No of years of service: 6 to 10 years (50%); 2 to 5 years (40%); less than 2 years (10%)

30


I. BehaviorsDramatic changes in lifestyle (Ferrari / Rolex);Comes in first and leaves last;Constantly looks worried;Always willing to help, but not willing to teach;Stubborn, unwilling to implement changes to process/ procedures;Willingly takes on additional work;Seldom goes on leave - returns to work during leave;When on leave request relief to do only daily work;May refuse promotion to remain in existing job.

31


II. Documentation

Documents “Misplaced” or “Lost” when requested;Erased or crossed out figures;Unusual fonts or inconsistent typefaces;Regular round sum transactions/ entries;Many transactions for exactly the same sum;Values consistently just below authority limit; andAbsence of documentary proof or key evidence.

32

III. Relationships

Recluse – loner;Regular visits by same customers/ customer refuse to deal with anyone else;Exceptionally friendly or hospitable to auditors;Never turns down request for help by superior/ colleagues; and Often pays for team/ branch activities.


33

Cash;Saving Accounts/ Current Account/ Investment

Account/ Remittances;Clearing Process/ Cheque return;Stamp account;Procurement;ATM/ CDM Management; andAccount Reconciliation.


34

All Frauds and Breach of Code of Ethics are required to be reported to Jabatan Penyeliaan Perbankan 1&2 BNM, via e-FIDS (Fraud Information Database System).

e-FIDs refers to Bank Negara Malaysia’s (BNM) secureInternet web-based application system for Banks to transmitinformation electronically to BNM on fraud and defalcation,breaches to the COE, robberies and burglaries.

e-FIDS was launched in November 2000.


35

The reporting timelines:

For Fraud, e-FIDS Form is required to be submittedto BNM within 24 hours from discovery.

For Breach of Code of Ethics not involving fraud bystaff, e-FIDS Form is required to be submitted toBNM within 48 hours from discovery.


36


37

38

Financial Sector Talent Enrichment Programme (fstep)Governance & Business Ethics

COE refers to the BNM/GP7 guidelines for the banking industry where a minimum standard of conduct is expected of directors, officers and employees of Financial Institutions in Malaysia.

39


40

“ In looking for people to hire, you look for three qualities: integrity, intelligence, and energy. And if they don’t have the first, the other two will kill you.”

Warren Buffet

CEO, Berkshire Hathaway


41


Conflict of interestOutside financial interestOther business interestOther employmentEntertainment and giftsCorporate directorshipsTrusteeships

Misuse of Position

42


Misuse of InformationCompleteness and accuracy of relevant recordsConfidentiality of communications and transactionsFair and equitable treatment of all customersAbuse of general trading practices

Conflict of interestGrey market trading

Insider tradingMisuse of Bumiputera Names in Public Share issues

43


Divided into 2:

Foundation of Islamic Ethics

Characteristics of the Prophet

44


IntegrityPerform any task or responsibility with honesty, truthfulness and adequate transparency.

SincerityBe fair, impartial and unbiased; free from conflict of interest.

Piety (Wara’)Avoid from syubahah/ haram activities.

Professional Competence & DiligencePerform duties and responsibilities in the best manner possible.

45


ALLAH-fearing conduct in everythingBelieve that Allah is observing our every action.Therefore, the behavior and conduct must be consistent with faith values.

Accountability before ALLAHAll actions are answerable before Allah.Strictly observe the Shariah requirements in any action taken, decision made, approval granted, etc.

46


Siddiq (Truthfulness)Speaks only the truth

Amanah (Trustworthiness)Uses time wisely to perform the required duties, use company’s properties appropriately, avoid theft, cheating, fraud and abuse of power.

Tabligh (Advocacy)To deliver or inform; knowledge and information sharing.

Fatonah (Wisdom)Habitual ability to do or accomplish something rightly, correctly and properly.

47

48

49