Your access and use of SAMA Regulatory Rulebook and its content is considered as an acceptance and approval of commitment by you without any limitation or condition to the following:
SAMA Regulatory Rulebook is a platform that aims to assist the regulated entities to access SAMA regulatory content adeptly and efficiently.
SAMA Regulatory Rulebook is still on its development and soft launch stage. SAMA is not liable for its contents and does not warrant or represent that (the Services related to the platform, information or material presented in the platform) is displayed free of any inaccuracies, omissions, or errors (“Faults”). SAMA accepts no liability for any loss, claim or damage resulting from any use of the platform, and any decisions made, or actions taken based on the information contained in or generated by the platform.
SAMA Regulatory Rulebook has no legal effect and it does not aim to amend or revoke any legal provisions. The Rulebook still Contains some documents under review, including translated versions. Therefore, SAMA Regulatory content circulated through SAMA official channels remains in force.
Without prejudice to the terms of use of SAMA website Hereby, you acknowledge that any illegal, unauthorized use and/or any breach of any of these provisions may result in legal actions against you.
Member Organisations should define, approve, and apply their Fraud Risk Appetite when designing and implementing Counter-Fraud systems and controls.
Control Requirements
a.
The Fraud Risk Appetite of the Member Organisation should be defined to state the level of fraud risk the Member Organisation is willing to tolerate.
b.
The Member Organisation Fraud Risk Appetite should be based on the outcome of the Fraud Risk Assessment and aligned to the overall risk appetite of the organisation.
c.
When defining Fraud Risk Appetite, Member Organisations should put in place measures with associated thresholds and limits that address the impact on both:
1.
The Member Organisation (e.g., fraud losses, reputational damage); and
2.
Its customers (e.g., customer losses, number of fraud victims, inconvenience).
d.
In the event that a Fraud Risk Appetite limit is breached with an impact on customers, a Member Organisation should escalate to Senior Management and initiate a crisis management process that should:
1.
Involve the CEO and other Senior Managers in the Member Organisation.
2.
Require meetings on at least a weekly basis until the issue is resolved and the measure returns to a level within appetite.
e.
Fraud Risk Appetite should be reviewed on at least an annual basis and be formally endorsed by the Board.
f.
Fraud Risk Appetite should be monitored and updated for material changes to the Member Organisation’s business model.
