The BS 9222:2007 Banking, currencies and finance standard (the “Standard”) is a standard that helps to guide banks and other bodies confronted with irregularities, as a tool in the process of determining whether evidence of fraud exists and in helping with the determination of the mitigating or aggravating circumstances. The Standard has been developed by Risk Intelligence (RI), which is an independent professional services company with headquarters in the United Scotia Building, Birmingham, United Kingdom.
Developed in accordance with the recommendations of the international banking community, the Standard is intended to promote control of risks, to support supervision and audit by providing definitions of “fraud” and related activities, and by explaining methodologies to apply in assessing the materiality of irregularities.
To understand the Standard, it is helpful to first consider the source for the information that must be examined: all available information, including what is already known from a review of first-hand, audited business records or from a review of an internal audit process, concerning cash transactions that require, or lack, adequate controls and oversight. Financial irregularities are examined to determine what the practice is, when and where the practice occurred, whether the written policies and procedures adequately control the activity and whether the controls are implemented. For example, a suspicious transaction is investigated using existing information and including information the bank obtains from customers. In the case of regulatory inquiries, it is equally important to understand the issues, interpretations and differences arising between regulatory and anti-fraud considerations so that the penalties and severe damage imposed by banking supervisory authorities can be reduced. A bank’s analysis of transactions results in answers to questions that clarify the underlying transactions and determine whether they were sources of deposits for the bank.
One of the fundamental steps in analyzing financial irregularities is acquiring an understanding of the source of deposit funds. The Standard invites consideration of what a bank has discovered about the physical source of deposits after providing the customer with an obligation to disclose relevant details.
Another fundamental step in analyzing discrete financial irregularities is selecting the investigative approach best suited to the circumstances. For example, the nature of the customer relationship, prior knowledge of the customer, the amount of the irregular activity and other factors are things that a bank should consider when determining the appropriate response based on their own control framework. The Standard indicates that there are at least three things that can be done when fraud is suspected: the banking body can stop the transaction, remove the evidence from the customer possession and initiate an internal investigation.
The Standard contains a variety of recommendations addressing all phases of a bank’s investigation of suspected financial irregularities or fraud. The recommended steps are illustrated with examples. The Standard discourages a banking body from creating policies that tie its hands, or, in other words, policies that would complicate making a decision.
The Standard suggests that a bank can detect a fraud by (i) creating a proactive policy to prevent fraud and (ii) using documents that are reliable and detect fraud. In addition, as part of its proactive efforts to prevent fraud, a bank can do the following (i) require the customer to sign an agreement before commencing with the transaction, (ii) educate the customer on identity theft, (iii) check and monitor customers’ credit scores, (iv) monitor the level of risk in customer portfolios and (v) obtain an 18-month financial snapshot from the customer’s bank.