It is the first time a private bank has been fined for
weaknesses in its anti-fraud systems, according to the FSA.
Thirteen fraudulent transactions were carried out between
February 2002 and March 2005 using forged clients' signatures and
instructions and by falsifying change of address documents.
During its investigation, the FSA found that BNPP Private Bank
did not have an effective review process for large transactions,
over £10,000, from clients' accounts. It also found that the bank's
procedures were not clear about the role of senior management in
checking significant transfers prior to payment. As a result, a
number of fraudulent transactions were not independently checked.
In addition, a flaw in the bank's IT system allowed the senior
employee to evade basic authorisation and signatory checks on
internal cash transfers between different customer accounts.
FSA rules state that a firm must take reasonable care to
organise and control its affairs responsibly and effectively, with
adequate risk management systems.
Margaret Cole, FSA Director of Enforcement, said: "BNPP Private
Bank's failures exposed clients' accounts to the risk of fraud.
This is unacceptable particularly with the overall increase in
awareness around fraud and client money risks. Senior management
must make sure their firms have robust systems and controls to
reduce the risk of them being used to commit financial crime."
"This is a warning to other firms that we are raising our game
in this area and expect them to follow suit," she said. "We will
not hesitate to take action against any firm found wanting."
BNPP Private Bank has since taken steps to correct the failings
and no customers suffered loss, according to the FSA. A subsequent
independent review of the bank's anti–fraud systems and controls
found them to have no significant weaknesses.
The bank brought the fraud to the FSA's attention and
co-operated fully with the investigation, said the FSA.
