compliance firm boss praises new dfsa anti-fraud measures
The managing director of Dubai's only specialist compliance consultancy, CCL Ltd, today commended the new anti-fraud requirements which have been put in place by the Dubai Financial Services Authority (DFSA).
The DFSA, which regulates all financial companies registered within the DIFC, recently changed its rulebook by imposing upon senior management of DFSA-regulated firms responsibility for setting up systems and controls specifically to prevent fraud and to report suspected cases.
Most fraud is committed by company insiders, such as directors, senior managers and long serving employees. Up to 50 per cent of fraud cases involve collusion between two to five people, with a third of frauds involving a person acting alone. CCL’s managing director, Christopher Hobbs, explained that fraud is on the increase worldwide and that the DFSA has implemented the changes to force firms to manage the problem more effectively.
He said: "The changes have been implemented in line with the DFSA’s regulatory objectives and mirror the global trend among regulators to deal with this increasing problem. By no means all cases are reported, and firms need reliable fraud data and analysis to see where and why they are at risk.
"All commercial enterprises need systems and controls to guard against conventional fraud, including payroll, payments and procurement fraud, as well as accounts manipulation and misuse and misappropriation of assets. Financial services firms need to take this several stages further as, increasingly, they are not only the holder of other peoples’ money, but also a custodian of their personal data and other confidential information.
"Firms need to take a 360 degree view of their possible sources of risk, including those from customers, business partners and suppliers, as well as from management, employees and temporary staff. Enhanced vetting plays an important part, but firms must bear in mind that most fraudsters do not have a previous criminal record. Firms should also identify and assess fraud risks within their product design processes.
"Firms must look carefully at where and why they may be at risk and ensure they have adequate systems and controls in place. There must be adequate segregation of duties, effective physical and data security and clear allocation of responsibilities.
"One must not underestimate the ingenuity and determination of the criminal organisations involved, particularly in relation to the growing threats from cyber crime, and identity theft where infiltration of firms and coercion of key employees are rapidly on the increase.
"Recent cases have underlined the importance of having adequate controls to prevent autocracy and detect collusion for even the most trusted employees. Abuse of authority and positions of trust, usually accompanied by lack of accountability or ineffective monitoring and reporting, continue to lead to spectacular headlines of embezzlement, creative accounting and other corporate abuse.
"The new fraud prevention requirement means that financial services firms will need to have a robust anti-fraud strategy in place as they can be sure that the DFSA will be looking at these issues more closely in their risk assessment and monitoring visits.
"Fraud prevention can only work if sponsored from the top. Thankfully CCL is increasingly being asked to advise senior management from UAE-based firms on these issues to help them devise and establish the appropriate systems and controls."
The UK Financial Services Authority recently fined Capita Financial Administrators Limited over Dh 2 million for poor anti-fraud controls. It was judged that, as a third party administrator of collective investment schemes, Capita should have had better systems and controls for ensuring changes to client data and instructions for payments were genuine and that payments were not made to accounts that were not controlled by clients.
Hobbs added: "It appears Capita had not properly considered its fraud risks, in particular staff collusion, and had failed to implement effective procedures including appropriate fraud awareness training. Notably, the initial frauds were not discovered by Capita but by its clients who then brought them to the firm's attention. This is an example of the type of case that the new measures by the DFSA have been designed to prevent."
Established in 1988 in the UK, CCL services over 30 regulated firms in DIFC and has been involved in the authorisation process of more than 25 Dubai-based companies. In the UK, CCL handles over 300 regulated firms and has obtained authorisation for more than 600 firms. CCL provides professional practitioner advice to a wide range of financial services clients, advising on authorisation and general compliance matters and offering specialist anti-money laundering and risk management services.
