Your access and use of SAMA Regulatory Rulebook and its content is considered as an acceptance and approval of commitment by you without any limitation or condition to the following:
SAMA Regulatory Rulebook is a platform that aims to assist the regulated entities to access SAMA regulatory content adeptly and efficiently.
SAMA Regulatory Rulebook is still on its development and soft launch stage. SAMA is not liable for its contents and does not warrant or represent that (the Services related to the platform, information or material presented in the platform) is displayed free of any inaccuracies, omissions, or errors (“Faults”). SAMA accepts no liability for any loss, claim or damage resulting from any use of the platform, and any decisions made, or actions taken based on the information contained in or generated by the platform.
SAMA Regulatory Rulebook has no legal effect and it does not aim to amend or revoke any legal provisions. The Rulebook still Contains some documents under review, including translated versions. Therefore, SAMA Regulatory content circulated through SAMA official channels remains in force.
Without prejudice to the terms of use of SAMA website Hereby, you acknowledge that any illegal, unauthorized use and/or any breach of any of these provisions may result in legal actions against you.
Effective from Oct 11 2022 - Oct 10 2022 To view other versions open the versions tab on the right
Principle
Member Organisations should define, approve and implement a process for the reporting of Management Information to enable Senior Management to monitor Counter-Fraud risks and performance.
Control Requirements
a.
Member Organisations should define, approve and implement a process for the reporting of Management Information to monitor Counter-Fraud risks and performance.
b.
Fraud Management Information should be reported to Senior Management and the CFGC on a periodic basis and on an ad hoc basis as required (e.g., if a new or unusual typology is identified).
c.
Member Organisations should coordinate the collation of fraud Management Information to ensure a holistic picture can be reported of all fraud impacting the organisation or its customers.
d.
Member Organisations should identify appropriate Management Information to adequately inform Senior Management of Counter-Fraud risks and performance. At a minimum this should include:
1.
Fraud Risk Assessment results.
2.
Fraud Risk Appetite measures and performance against thresholds and limits.
3.
Volume of fraud alerts notified by:
a.
Customers
b.
Employees
c.
Fraud systems
4.
Volume and trends of Fraud cases handled, split by product and typology.
5.
New typologies identified.
6.
Value of near misses or potential frauds that were detected and prevented.
7.
Case value of fraud handled (the total value of the fraud case, including actual and potential losses).
8.
Fraud losses, split by product, payment type (where applicable) and typology, including:
