2. Self- introduction
Name : _______________________________________
Educational background :_________________________
Work area/branch/division/region/HO/other : ____________________________
Current position/responsibility : ________________________________________
Years of experience : __________________________________
Expectations from this training : ________________________________________
3. Understand the definition of risk and risk management;
Describe types of Risks in Banking Industry;
Understand about Operational risk & Operational Risk Management
,and
Understand Fraud risks and ways to manage/control
Training Objective
4. Contents
1. What is Risk?
2. Types of Risks in Banking Industry
3. What is Risk Management?
4. Operational Risk
5. Fraud Risk
6. Types of Fraud Risk
7. Fraud Risk Management
8. Best Practice
5. Introduction…
Vision
To be the best and preferred financial services
provider where customers' feel valued!
Mission
To provide the most Innovative and accessible
banking services to our customers using the
most relevant technology, and motivated and
talented staff to maximize stakeholders value
and influence the life of the society positively.
Core values
6. Awash Bank is providing a diverse
range of financial products and
services to a wholesale, retail and
SME clients based in Ethiopian
market and aspires to expand to
African markets.
Introduction…
7. 7
Source: Awash website
2027 Forecast 2030 Forecast
Awash will need a minimum
CAGR of 38%, 40%, 37%
and 35% for assets,
revenues, PBT and capital
respectively to be a top
3 East African Bank
Top 3 East African Bank
Awash is expected to reach
a minimum CAGR of 44%,
37%, 28% and 37% for assets,
revenues, PBT and capital
respectively
Top 10 African Bank
Assets
$20bn
Revenue
$1.7bn
PBT
$0.7bn
Capital
$2.2bn
CIR
46%
ROE
24%
Awash Bank New Aspiration
To be a top 3 East African Bank by 2027and a top 10 African bank by
2030
Assets
$76.7bn
Revenue
$3.9bn
PBT
$1.0bn
Capital
$5.9bn
CIR
47%
ROE
24%
Following major macro and
micro economic changes,
Awash Bank has articulated
a brand-new 5-year
aspiration going forward
10. Risk
DEFENITION
Different disciplines define the term risk in very
different ways.
The International Organization for
Standardization (ISO) defines Risk simply as
the “effect of uncertainty on objectives”, but
most sources of guidance on Risk
Management characterize Risk as a function
of threats and vulnerabilities applicable to an
and the likelihood of that occurrence
Risk is the possibility of suffering
harm or loss (American Heritage
Dictionary, Houghton Mifflin Co.)
12. Risk
Risk exists because the future cannot be
predicted with certainty; organizational plans or
strategies regarding future events reflect
assumptions, calculations, or estimates about
what will occur, but there is always a chance
that events will unfold differently than
anticipated, potentially with results less
favorable than what the organization planned
Certainty _ the outcome can be
predicted with a high degree of
confidence
Uncertainty – refers to the lack of
certainty, a state of limited knowledge
where it is impossible to exactly describe
the existing state, inability to predict
future outcome
13. Risk
In reality, most decisions are taken without
complete information, and therefore give rise
to some degree of uncertainty in the
outcome;
In AB’s context, risk refers to any event or
issue that could occur and adversely affect
the achievement of the Bank’s strategic,
Financial and operational objectives
14. Attributes of Risk
Attributes of Risk
Includes;
things like the probability of a risk occurring,
the potential consequences or impact of the
risk,
the time frame in which the risk is expected to
occur,
and the controls or mitigations in place to
manage the risk.
In Further explanation:-
Risk Cause:
factors that may give rise to a risk event.
Risk Event:
an event that either has occurred or has
the potential to occur;
of two types: positive or negative events
15. Risk Attributes cont’d
Risk likelihood/probability: the possibility of
a potential risk to occur
Risk Severity (Impact):
is the expected harm or adverse effect that may
occur due to exposure to the risk
Magnitude of Risk:
probability of risk occurrence and the severity
of its consequences
Risk timeframe: the time during which
a risk, if it occurs, will impact the
company. Example, short-term, medium
term and long term.
16. Risk Attributes cont’d
Risk Rating
•Risk Rating:
is assessing the risks involved
in the daily activities of an
organization and classifying them
(very low, low, medium, high,
very high) on the basis of their
impact on the organization.
Ranking or prioritizing
risks:
is one way to help
determine which risk is the
most serious and thus which
to control first.
17. Types of Risks
The most common risk in Banks
Reputational
Compliance
Liquidity
Market
Operational
Credit risk
Strategic
18. Risk Categories cont.…
1. Credit Risk:
It is defined as the potential that a
bank borrower or counterparty will
fail to meet its obligations in
accordance with agreed terms
It arises from the potential that
the borrower or counterparty is
either unwilling to perform on an
obligation or its inability to
perform such obligation is
impaired resulting in accounting
losses and economic exposures.
The credit risk can be analyzed
both at transaction level and
portfolio level unacceptable cost
or losses and leading to bankruptcy
or rise in funding cost.
19. Credit Risk cont..
Transaction level:
An element of risk is inherent in any
type of loan and other placements
because of the uncertainty of the
repayment.
Establishing sound, well-defined credit-
granting criteria is essential to identify
credit risk at origination (policy &
procedure doc).”Is the Borrower Credit
Worthy.’’
Portfolio Level
It refers to the inherent risk in the
composition of the credit portfolio, in
general, and is highly influenced by the
following criteria:
Type of Product Contractual
Maturity/ tenure
Geographic are, Economic Sectors
Type of Collateral
Branches, borrower
20. 2. Liquidity Risk:
o Liquidity risk is the potential loss of a
bank arising from either its inability to
meet its obligations or to fund increases
in assets (like loan disbursement) as they
fall due without incurring unacceptable
cost or losses and leading to bankruptcy
or rise in funding cost.
o Banks perform maturity transformation
and insure public’s liquidity needs, but in
process become exposed to liquidity risk.
oLiquidity risk is the danger of having
insufficient cash to meet a bank’s
obligations when due.
oLiquidity risks also include our inability
to liquidate any asset at reasonable price
in a timely manner.
21. 2. Liquidity Risk Cont.…
TYPE OF LIQUIDITY RISKS
Funding risk: it is the risk counterparties
who provide the bank with short term
funding will withdraw or not rollover.
Time risk: time risk is the need to
compensate for non-receipt of expected
inflows of funds, e.g. when a borrower fails
to meet his repayment commitments. i.e.
mismatch of inflow and outflow of cash as
per anticipated time schedule.
Market Risks: market risk is the risk of a
generalized disruption in asset market that
makes assets illiquid or make considerable
loss to the bank to convert its assets to cash.
22. 2. Liquidity Risk Cont.…
There are important issues to be considered in
liquidity risk management tool
The stability of a Banks’s liability- core deposit is
considered as the most reliable and stable funding
source. It includes small amount of demand deposits,
saving deposits and small time deposit.
Deposit Concentration-
• Type and product of deposit Counterparty
deposit
• Maturity structure Geographic
area
23. Risk Categories Cont.…
3. Market Risk
Market Risk is the risk that changes in the market
value (prices) of assets and liabilities ( on and/or
off balance sheet items) will adversely affect
strategic objective of the banks.
Banks may be exposed to market risks in variety of
ways-
3.1. Interest rate risk: refers to the loss in earning
or economic value of assets and liabilities out
of adverse movements in interest rate in the
market.
3.2.Foreign exchange risk: it is the uncertainty
associated with adverse movements in foreign
exchange rates which may negatively affect
the Bank’s position.
24. Market Risk Cont.
3.3 Equity/security prices
the potential for reduced income or losses in
on-and off balance sheet position arising from
adverse changes in equity/security price
3.4 Commodity Prices
the risk that on or off balance sheet
positions will be adversely affected by
movement in commodity price.
In Awash Bank we considered the two
common type of Market Risks.
Interest rate risk & Foreign exchange risk
25. Risk Categories Cont.…
4. Operational Risk:
Operational risk refers to the risk
of direct or indirect loss resulting
from inadequate or failed internal
processes, people ,
systems/technology or from
external events.
Operational risk is the possibility
of financial loss in the course of
executing day to day operations;
26. Risk Categories Cont.…
5. Strategic Risk:
The risk arising from an inadequate strategy,
failure to properly implement a strategy or
an adverse shift in assumptions parameters,
goals and other features that underpin a
strategy, and the inability to adapt to changes
in the business environment and take
appropriate decisions.
27. Risk Categories Cont.…
6.Compliance Risk
The International Compliance Association
defines compliance as “the ability to act
according to an order, set of rules or request”.
It is risk of legal or regulatory sanctions,
material financial loss, or loss to reputation a
bank may suffer as a result of its failure to
comply with laws, regulations, rules, related
self-regulatory organization standards, and
codes of conduct applicable to its banking
activities.
Compliance risk is arising from violation
or non compliance with domestic &
international laws, rules & regulations.
29. Compliance Risk cont.…
Terrorist financing
Set of government laws, regulations, and other
practices that are intended to restrict access to
funding and financial services for those whom
the government designates as terrorists.
Transaction monitoring
After the due diligence process is
completed, ongoing tracking and monitoring
of customers’ transactions is required to
constantly keep a lookout for suspicious
activities.
30. Risk Categories Cont.…
7. Reputational Risk:
Reputational risk refers to the risk arise from
negative publicity, regarding the Bank’s
business practices, whether true or not, will
cause a decline in the customer base or revenue
reduction.
As Warren Buffet said, “it takes 20 years to
build a reputation, and five minutes to ruin it”.
Some of the potential sources that can
negatively affect the bank’s reputation include.
Financial soundness / business viability
Business practices
31. Risk Categories Cont.…
Sources of Reputational Risk
( Internal & External)
a) Internal
Poor product/service quality
Bad customer service/maltreatment
Lack of good sentiments/thoughts
Poor social media management
Irresponsible data security training and awareness
Fraud or financial misdemeanors
32. Risk Categories Cont.…
b) External
Breach of sensitive customer data/cyber attacks
Negative media coverage or smear/defamation campaigns
Competitors’ negative advertising
Third-party vendors that suffer from reputational damage
(Eg. the vendor's access to sensitive customer data or its interaction with the bank’s
customers)
34. Risk Management
Risk Management is a comprehensive
approach involving various risk
management tools, techniques, and
methodologies to manage risks effectively.
The process of ensuring systematic
identification, measurement, controlling and
monitoring of risks with the objective to
maintain risk within defined risk appetite of the
bank.
Risk Management is the capacity to take risk
and make forward looking choices with its risk
appetite that drive enterprise forward;
36. Risk Management cont.…
Risk Identification: is the process
of detecting, describing and catalog
all potential risks of the bank.
Risk Assessment: is a process used
to identify potential risks and
analyze what could happen if the
risk materializes.
Risk Analysis: is the process of
examining the identified potential
risks so as to enable the bank take
measures on treating them.
37. Risk Management cont.…
Risk prioritization - is the process used by risk managers to analyze risk
and determine the order in which they are mitigated.
•Risk Matrix 5 * 5
38. Risk Management cont.…
Risk Treatment - is the process of developing a range of options for
mitigating a risk (respond to a specific risk),assessing those options,
and then preparing for implementation of actin plans.
Risk Mitigation -is a strategy to prepare for and reduce the impacts of
the risk as it is realized/materialized.
Risk control is the process of implementing measures to reduce the
impact (adverse outcomes) and likelihood of the potential risk.
39. Risk Management cont.…
The Four
T’s
1.Treat
2. Transfer
3. Terminate
4. Tolerate
Risk Score
Risk
Rating
Risk Acceptance Action Required
(Probability (Priority
X Severity)
for
Action)
20 & 25 Very high Not acceptable
Implement further risk controls;
Frequently Monitor, review and
document controls
12, 15 & 16 High Not acceptable
Take additional mitigation actions,
Monitor, review and document
Controls
5,6, 8, 9 & 10 Medium
Acceptable but
mitigation effort
should be improved
Implement risk controls if
reasonably practicable; Monitor
and review
3 & 4 Low Acceptable Monitor and review
1 & 2 Very low Acceptable Monitor and review
40. Risk Management cont.…
Monitoring & Review
•Determine whether the operating environment
has changed and whether new risks have
emerged.
Recording & Reporting
• Document & report continuously on the risk
management process & its outcomes through
appropriate governance mechanisms to
enhance the quality of discussion with
stakeholders & support top management &
oversight bodies in meeting their
responsibilities.
41. Who Manage Risks/ Lines of Defense
BOARD/AUDIT COMMITTEE
SENIOR MANAGEMENT
2nd Line of Defense
• Set the boundaries for
delivery through the
definition of standards,
policies, procedures and
guidance
• Assist management in
developing controls in
line with good practice
• Monitor compliance
and effectiveness
• Monitor any deviation
from defined
requirements
• Identify and alert senior
management, and where
appropriate governing
bodies, to emerging issues
and changing risk
scenarios.
Functions that oversee
or specialize in risk
management
3rd Line of Defense
Internal Audit
• Provide an
objective
evaluation of the
adequacy and
effectiveness of
the framework of
governance, risk
management and
control
• Provide proactive
evaluation of
controls proposed
by management
• Advise on potential
control strategies
and the design of
controls.
1st Line of Defense (Risk Owners)
•Identify, assess, own and manage risks
•Design, implement and maintain effective
internal control measures
•Implement corrective actions to address
deficiencies
•Comply to rules and regulations, policies and
Frameworks
•Issues identification, planning and closure
•Business Control Committees & Governance
•RCSA, Loss Monitoring, Root cause analysis
and Reporting
•New Business product approval
•Positive Risk Culture
Management
Control
Internal Control
Measures
42. The three lines of defenses for risk management
•1st LINE OF DEFENSE…. Functions that own and manage risks
•2nd LINE OF DEFENSE….. Functions that oversee risks
•3rd LINE OF DEFENSE…. Functions that provide independent assurance.
1st LINE OF DEFENSE…. Functions that own and manage risks
•Manage risks/implement actions to manage and treat risk
•Execute risk assessments and identify emerging risk
•1st LINE OF DEFENSE…. Functions that own and manage risks
•2nd LINE OF DEFENSE….. Functions that oversee risks
•3rd LINE OF DEFENSE…. Functions that provide independent assurance.
1st LINE OF DEFENSE…. Functions that own and manage risks
•Manage risks/implement actions to manage and treat risk
•Execute risk assessments and identify emerging risk
43. Operational Risk
Operational risk is the possibility of financial
loss in the course of executing day to day
operations;
Operational risk refers to the risk of direct or
indirect loss resulting from inadequate or failed
internal processes, people, systems/technology
or from external events
CLASSIFICATION OF
OPERATIONAL Risk
Cause based
Event Based Operational Risk
Effect Based Operational Risk
44. Operational Risk
Peopel Risk
Ineffective eployment or
employee relation
Health & safty failure
Discrmination &
Harassment
Errors & Omission
Internal Fraud
Fraud & theft
Unauthorized activity
External Fraud
First party fraud
Second party fraud
Third party fraud
Agent/broker/intermedary fraud
Damage to physical Asset
Natural Disaster
Non-Natural Disaster
Client,product,business risk
Client /account mismanagement
Product/Service quality
Model Error
Business process mismanagement
45. Operational Risk
Information & Communication technology risk
Information
Hardware failure
Software failure
System & technology
failure
Power,utility &
communication failure
Information security
failure
Confidentiality breach
Cyber attacks
(External)
malacious act (Vendor)
Malacious acts (internal)
Data Management & Protection Risk
Poor data quality
GDPRbreach
Integrity Risk
Non-availability Risk
Change & Project Management Risk
Project management risk
Change or transformation
risk
46. Operational Risk
Process & Reporting Risk
Process design & excution
failure
Transaction, business process &
error
Monitoring & Reporting
failure
Process control failure
Out sourcing & third party
risk
OTP concentration risk
country or offshore risk
Vendor or supplier failure
Engagement & delivery failure
Management control failure
Legal Risk
Contractual risk
Non-Contractual obligation risk
Litigation risk
Interprtation Risk
BCM Risk
BCP failure
BC/DR failure
ESG Risk
Environmental,climate
pysical risk
Social risk
Governance risk
47. Increase in Bank operational Risk Exposures
Globalization
Growth of e-commerce
Large number of service providers
Increased outsourcing
Complexity and breadth of products
Increased business volume
Increased litigation-the growing risks have caused increased focus by banking
regulators.
48. Fraud Risk Management
It is the risk of unexpected financial,
material or reputational loss as the result of
fraudulent action of persons internal or
external to the bank.
misrepresentation of a material fact with the
intent to deceive.
A deliberate act of omission or commission
by any person, carried out in the course of a
banking transaction or in the books of
accounts maintained manually or under
computer system in banks, resulting into
wrongful gain to any person for a temporary
period or otherwise, with or without any
monetary loss to the bank”.
49. FROUD RISK AND FRAUD RISK MANAGEMENT
Why do people commit Fraud?
50. FROUD RISK AND FRAUD RISK MANAGEMENT
Opportunity : creates a chance to
commit a fraud
What creates opportunity to fraud in
Bank?
Weak internal control
- Internal audit, risk mgt
Poor management oversight
Misuse of position or authority
51. FROUD RISK AND FRAUD RISK MANAGEMENT
Pressure : is a motivation that leads to unethical behavior
Example ;
Family situation – Financial difficulties
Medical bills : health problem
Expensive tastes : desire for luxurious life
Addiction problem : immoral habits (drunkenness, smoking, chewing ‘chat’, etc..)
external pleasures : friend’s agitation/peer pressure
52. FROUD RISK AND FRAUD RISK MANAGEMENT
Rationalization: the intention of a person to
justify his/her fraudulent behavior, or why he is
engaged in fraud acts.
Example :
to save a family member or loved one
“because they are helpless”!
Job dissatisfaction factors (salaries,
work environment, treatment by
management)
Person labels the theft as
“borrowing”
53. FROUD RISK AND FRAUD RISK MANAGEMENT
•Capability : the quality possessed by
individuals that give such individuals the
opportunity to perform a fraud.
“The ability to turn opportunity into reality”
Such qualities include;
Professional or authoritative position or
functional unit within the bank
intelligence to exploit the accounting
and internal control system
ego and confidence
capability to effectively deal with
stress.
54. Types of Fraud in Banking
Types of Banking Fraud
Two sources : Internal & eternal
i)Internal Fraud: mainly committed by
employees of the bank
Bank fraud committed internally can take the
ff forms
Transaction reversals
A teller accepts a deposit from a customer and
then reverses the deposit and pockets the funds
Account manipulation
A banking professional removes fees or
charges from their own account or from a
friend or relative’s accounts
Data theft
Banking employees steal personal data
from customers, and then, they open
accounts or apply for loans in their names
Internal collusion
Two or more bank employees work
together to bypass internal controls and steal
money from the bank.
55. Types of Fraud in Banking
IT administrator
Someone in the IT department
temporarily grants administer rights to
an unauthorized employee so they can
approve a fraudulent transaction
Identity theft, identity piracy or
identity infringement
occurs when someone uses another's
personal identifying information, like
their name, identifying number, or
56. Types of Fraud in Banking
Insider trading - the buying or selling of
securities by individuals who have access to
non-public information about a company or its
securities
This information can be about financial
performance, strategic plans, or other material
events that can significantly impact the price of
the company’s operation securities.
Insider trading leads to information or
securities fraud
Allowing insider trading can create a
culture of corruption and self-dealing in
which people in positions of power abuse
their position for personal gain.
This can have far-reaching consequences,
damaging institutions and harming innocent
people who become caught up in corruption
57. Types of Fraud in Banking
Red Flags for Internal Bank Fraud
The signs of internal fraud vary based on the
type of fraud being committed.
But, the following are very common signs to
indicate internal fraud in banks
Multiple customer complaints about
incorrect balances
oIf your branch receives an increased volume of
customer complaints about issues such as
incorrect balances or deposits not being credited,
an employee may be the culprit/offender.
Unexplained increases in expenses
oUnexplained increases in expenses may
indicate that an employee is drafting
payments to a fake vendor and pocketing
the money.
Unusual invoice patterns
oUnusual patterns with invoices can also be
a sign of internal bank fraud.
58. Types of Fraud in Banking
Employees who refuse to take time off
oAn employee who works all the time and puts
in extra hours on the weekend may seem like an
asset to the company, but they can be a liability.
•For example, the collapse of French investment
bank Société Générale in March 2008 was
perpetrated by a trader who had not taken a day
off for eight months.
Employees under pressure
oMost internal fraud does not happen in a
vacuum. Thieves typically require four
elements to commit a crime: pressure,
opportunity, capacity and rationalization.
59. Types of Fraud in Banking
Bypass of validation controls
o If you see any signs that internal controls are being bypassed, your bank may be
the victim of internal fraud.
o Even if Internal controls are designed to reduce the risk of fraud, but they can be
bypassed in different ways.
Activity in dormant accounts
o Dishonest employees may be tempted to steal funds from a dormant account.
60. Types of Fraud in Banking
ii) External fraud in Banking
External Fraud is the risk of unexpected
financial, material or reputational loss as the
result of fraudulent action of persons external to
the firm.
Example: Theft ,Robbery, Forgery,
cheque Kiting, cheque fraud Systems
Security ( data hacking), Card Fraud ,Money
laundering,
61. Types of Fraud in Banking
•While there are many different kinds of fraud the primary classifications are
listed below:
First Party Fraud
• First-party fraud is when
an individual or an
organization purposely
misrepresents their
identity or provides
incorrect information to
gain an unfair or
unlawful advantage.
This may involve using
a synthetic identity. The
risk to be covered under
this sub risk
types/events includes
• Credit card fraud
• Misrepresenting
identity
Second Party Fraud
• This type of fraud
involves an individual
agreeing to give their
personal information to
a family member or a
close friend to commit
the fraud. The risk to be
covered under this sub
risk types/events
includes-
• Money mulling
• Friendly fraud
Third Party Fraud
• It involves fraudsters using an innocent
person’s identity and information to take
over their bank account without their
consent. The risk to be covered under this
sub risk types/events includes-
• Account takeover (ATO)/hijack account
(eg. Mobile banking, online banking)
• Payment to stolen identity
• Organized crime
• Loan stacking
• Forgery: (e.g. Encashment of forged
notes, forged documentation, forgery of
signature etc)
• Fraud/forgery of financial instrument
(Check fraud, CPO fraud and others)
• Robbery
Agent/ broker/ intermediary fraud
• Risks arising from agents,
intermediaries and other parties
who intermediate between the
customer and the Bank. The risk
to be covered under this sub risk
types/events includes,
• Unauthorized fee by agents
• Unauthorized access to
customer PIN
• Split withdrawal
• Agent misdirect fund
• Agent counterfeit currency
• Voucher fraud
• Theft by service provider
• Robbery by service provider
64. Fraud risk management
FRM:-
is a holistic and proactive
fraud mitigation approach that
is embedded within an
organization.
65. Fraud Risk Management
Steps of FRM
effective fraud risk management
involves a strategic approach comprising
three key steps.
Step1:Risk identification
(Three stages)
i)Understanding potential threats
a thorough examination of the
environment to understand the
types of fraud threats that exist
ii) Assessing vulnerabilities
pinpoint areas vulnerable to fraud,
examine weak cells!
iii) Prioritizing risks
prioritize identified risks based
on their potential impact and
likelihood
66. Fraud Risk Management
Step 2: Preventive measures
( Three stages)
i) Building strong defenses
implementing safeguards and controls
(prevention)
setting up rules, policies, and security
measures to make it challenging for fraudsters
to succeed
ii) Employee training and awareness creation
Provide comprehensive training to
employees, helping them recognize
potential risks and understand their role
in fraud prevention
iii)Technological advancements
Leverage cutting-edge fraud prevention
technologies and tools that can
proactively identify and mitigate fraud
risks.
These tools act as electronic guard,
constantly monitoring for suspicious
activities and anomalies.
67. Fraud Risk Management
EX . Preventive
• Written policies and procedures Prevent Control
• Employees know what is expected of them
• Training material (Reference material)
• Segregation of duties-Four eyes principle
• Transactions are authorized and approved
• Physical control of assets
68. Fraud Risk Management
Step3 :Detection and response
the act or process of extracting
information
(Three stages)
i) Early warning systems
establish systems (Advanced analytics and
monitoring systems) that can detect fraud in its
early stages
ii) Response protocols
have well-defined procedures for responding
to detected fraud, including immediate action to
mitigate the situation, conducting
investigations, and fraud reporting
iii) Continuous improvement
Regularly evaluating and refining FRM
strategy, learning from past incidents, timely
adjust prevention measures, and enhance
detection capabilities to stay ahead of
evolving threats.
70. Fraud Risk Management
FRM importance
plays a pivotal role in safeguarding the
integrity and stability of the banking operation
FRM is crucial for:-
1. Financial protection
FRM creates a financial shield that helps
mitigate financial losses of the bank
2. Preservation of reputation
FRM reveals commitment to preserve the
bank’s reputation as a trustworthy entity
3. Legal compliance
FRM reduces the likelihood of legal
consequences that could be financially
crippling
4. Operational continuity
FRM helps the bank maintain
operational continuity, or ensures the
bank functions smoothly and efficiently
71. Fraud Risk Management
5. Cost efficiency
FRM minimizes the need for costly
investigations and remediation efforts
6. Competitive advantage
FRM equips the bank with a competitive edge
in the marketplace, potentially leading to
increased business opportunities
7. Protection of customer data
FRM safeguards customer information,
ensuring compliance with data protection
regulations
72. Fraud control in practice!
FRAUD CONTROL!
Why should I Care?
• Protect yourself and your friends
• Protect bank’s assets
• Help deter fraud
• Watch outs Management directives
• Your work basement must be policy &
procedure of the bank
73. Fraud Risk Management
•Not everything that looks suspicious is
a fraud, but every fraud looks
suspicious. If it looks suspicious,
follow up on it.
• Your work basement must be policy
& procedure of the bank
74. Fraud Control in practice!
Value your Signature!
Know what you are signing
You are responsible for what you have
signed
Don’t use a rubber stamp
Don’t sign blank forms
Don’t let other peoples sign your name or
initials
Before sign!
o Document?
o What?
o Why?
75. Fraud Control in practice!
Protect your Password
Don’t share your password with anybody
else, NEVER & EVER!
Don’t let anyone watch you enter your
password.
Use a strong password that you don’t have to
write down.
“TRUST AFTER LOCK”!
76. Fraud Control in practice!
Segregation of Duties
No one should control any process from initial
to end.
No one can approve their own transaction, or
each transaction should have at least 2 people
involved: an initiator and an approver.
Reduces the possibility of errors
Financial and Other Reports
Review financial reports regularly,
Review reports showing who accessed
computer files
Review suspense Accounts regularly
Investigate unusual transactions
77. Fraud Control in practice!
CURENT FRAUD PRACTICES IN
AWASH BANK (Cases by employees &
customers)
Based on circular issued from Branch
Affairs Directorate, identified fraud events:
Producing forgery cheque
Using International money transfer
Using lost or stolen cheque
Modifying customers data on core banking
Illicit ID
Illegal name
Un-Renewed ID card
Emulating customers signature
Producing forgery power of Attorney
Amending customers telephone number
78. Fraud Control in practice!
Producing forgery confirmation
letter
stealing ATM card
Forgery trade license & related
documents
Forgery CPO, Title deed
documents
Opening account with forgery ID
-VISA card,
using own authority position
Presenting incomplete ID card
POS, Stealing pass word
Producing forgery letter of
guarantee
79. Some committed Frauds and Disciplinary measures taken by Awash Bank
No
Name of suspected
persons
Branch Type of crime Status
1 Shinshicho
Withdrawing money from customers account by
transferring to other person's account
Sentenced to 16 years imprisonment and Birr
15,000 fine
2
Head Office
Branch
Falsification of documents on system and unlawful
withdrawal of money
Sentenced to 3 years rigorous imprisonment &
Birr 2000 fine.
3
Head Office
Branch
Falsification of documents on system and unlawful
withdrawal of money
Sentenced to 5 years of imprisonment and Birr
4000 fine.
4 Head Office Fraud with forged power of attorney
Each sentenced to 4 years of imprisonment and
Birr 10,000 fine.
5 Mehal gebeya Withdrawal of Money with forged ID
Sentenced with 2 years of rigorous
imprisonment & 2000 br penalty fee
6 Merkato
Attempted crime on withdrawal of money with
stolen pass book
Sentenced with 1 year and 4 months of
imprisonment and 500 br penalty fee