News

FSA fines bank

The Financial Services Authority (FSA) has fined private bank BNP Paribas £350,000 for weaknesses in its systems and controls, which allowed a senior employee to fraudulently transfer £1.4m out of clients' accounts without permission.

This is the first time a private bank has been fined for weaknesses in its anti-fraud systems.

The 13 fraudulent transactions were carried out between February 2002 and March 2005, using forged clients'
signatures and instructions and by falsifying change of address documents.

During its investigation, the FSA found that BNP Paribas did not have an effective review process for large transactions over £10,000 from clients' accounts.

It also found that the bank's procedures were not clear about the role of senior management in checking significant transfers prior to payment. As a result, a number of fraudulent transactions were not independently checked.

In addition, a flaw in the bank's IT system allowed the senior employee to evade the normal Middle Office processes. This meant that basic authorisation and signatory checks were not carried out on internal cash transfers between different customer accounts.

Margaret Cole, FSA director of enforcement, said, "BNP Paribas’ failures exposed clients' accounts to the risk of fraud. Senior management must make sure their firms have robust systems and controls to reduce the risk of them being used to commit financial crime.

"This is a warning to other firms that we are raising our game in this area and expect them to follow suit. We will not hesitate to take action against any firm found wanting."

The FSA said BNP Paribas had now improved its systems to stop the same thing happening again.

In the last two years, the FSA has fined Nationwide, Capita Group and Kyte for weaknesses in their anti-fraud systems and controls.

Nationwide fine prompts drive to secure customer data >>

High price of failing to tighten IT security >>

FSA website >>

Comment on this article: e-mail computer.weekly@rbi.co.uk


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy