Skip to main content
Back Custom print Text Only Rich Text Print / Save as PDF
Download Original PDF

  • Chapter III: Policies and Procedures

    7- The Finance Company shall put in place policies and procedures to implement anti-fraud and risk management strategies. Such policies and procedures shall be updated regularly and tested in terms of effectiveness to keep abreast of developments in fraud. A copy of such policies and procedures shall also be provided to SAMA.

    8- Policies shall be based on an analysis of fraud risks to which a Finance Company is exposed.

    9- Policies and procedures shall include, at a minimum, the following:

    a. the role of employees in the implementation of anti-fraud strategy, and identification of individuals responsible for its implementation;

    b. standards for the detection and prevention of fraud;

    c. a mechanism clarifying the procedures and communication methods for internal reporting of suspicious or actual cases of fraud, identifying the party responsible for investigating fraud cases inside the Company, and designating the available external reporting channels and the protection offered to whistleblowers;

    d. a policy on retention of documents containing details of suspicious and actual cases of fraud; and

    e. a mechanism for training the Company’s employees on a regular basis to raise awareness of fraud risks and prevention methods.

    10- The Finance Company shall develop a mechanism to ensure the soundness of financed asset’s valuation carried out by the accredited valuer.

    11- The Finance Company shall establish a mechanism to ensure the implementation of its credit policy on financing contracts.

     

    • Training

      12- The Finance Company shall ensure that its board of directors and employees understand anti-fraud policies through training programs in fraud control. The training materials shall be updated regularly to keep abreast of developments in fraud.

      13- The scope of training shall vary depending on the role and responsibilities of individuals, and shall cover the responsibility of employees when suspecting fraudulent acts and the steps of escalating fraud incidents within the Company or to competent authorities.

      14- The Finance Company shall provide training programs dedicated to new employees, especially those dealing directly with the public.

       

    • Reporting

      15- The Finance Company shall develop a policy describing the steps of escalating a fraud incident within the Company or to external competent authorities, and providing for confidentiality of the report and protection offered to whistleblowers.

       

    • Documentation and Record Retention

      16- The Finance Company shall document the actions taken in fraud incidents, inside and outside the Company, and shall maintain, for 10 years, records containing detailed information of suspicious and actual cases of fraud.

       

    • Exchange of Information

      17- The Finance Company shall, using the form attached hereto, inform SAMA of any fraud incidents within 10 business days from closing the investigation.

      18- Without prejudice to any other regulations or instructions on the confidentiality of consumer information and transactions, Finance Companies may enhance cooperation mechanisms among them to exchange information on fraud incidents. SAMA’s non-objection shall be required for any agreed cooperation mechanism.