FCTR 2 Firms’ high-level management of fraud risk (2006)

Who should read this chapter? This chapter is relevant to all firms subject to the financial crime rules in SYSC 3.2.6R and SYSC 6.1.1R and to e-money institutions and payment institutions within our supervisory scope.

In February 2006 the FSA reviewed a sample of 16 firms (predominantly larger financial services groups) to assess how firms’ senior management were managing fraud risk.

The findings of the review reflected our overall expectation that firms’ senior management should be proactive in taking responsibility for identifying and assessing fraud risk and the adequacy of existing controls, and ensure that, if necessary, appropriate additional controls are put in place. We expect a firm to consider the full implications of the fraud risks it faces, which may have wider effects on its reputation, its customers and the markets in which it operates.

The report emphasised that fraud is more than just a financial crime issue for firms; it is also a reputational one for the industry as a whole. The report concluded that while there had been some improvement in the management of fraud there was still more that firms could be doing to ensure fraud risk was managed effectively.

The contents of this report are reflected in FCG 2 (Financial crime systems and controls) and FCG 4 (Fraud).

You can read the findings of the FSA’s thematic review here: Https://webarchive.nationalarchives.gov.uk/ukgwa/20130411040819mp_/http://www.fsa.gov.uk/pubs/other/fraud_risk.pdf

This report did not contain consolidated examples of good and poor practice.