DPP warns of ‘friend and company’ behaviour by managers tasked with fraud protection
Published:Friday | July 15, 2022 | 12:11 AM
Director of Public Prosecutions Paula Llewellyn is imploring compliance and security officers, particularly those working in sectors susceptible to fraud, such as finance and manufacturing, to ditch the 'friend and company attitude', saying it was a likely facilitator of the rising fraudulent activities detected in Jamaica over the past year.
DPP Llewellyn, who was speaking at the Jamaica Bankers Association / Jamaica Institute of Financial Services Annual Anti-Fraud Seminar on Thursday, also scolded the banks for their sluggishness in reporting criminal wrongdoing among their ranks to the Counter-Terrorism and Organised Crime Investigations Branch, CTOC, and the Jamaica Cyber Incident Response Team, CIRT, in an attempt to protect the institutions from the “embarrassment” of being labelled among companies with high levels of fraud.
She warned that a delay in reporting suspected fraudulent activities often hinders a thorough investigation of the crime committed, and gives the accused more time to cover up their illicit activities.
“For those of you who are shaking your head and saying, I know all the people in my organisation and that can never happen, I have seen all sorts of people, the ones you least suspect ... successfully prosecuted. You have to approach this situation very seriously,” she added. “No wilful blindness,” DPP Llewellyn warned.
“Compliance officer, only trust yourself; data controller, only trust yourself. There is no room for the 'friend and company' and 'buddy boy' system, because anybody who wants to perpetrate fraud internally, they usually have good emotional intelligence,” she said.
Her remarks come amid reports of a senior employee of National Commercial Bank Jamaica being arrested by the police Fraud Squad on Wednesday over an alleged multimillion-dollar racket.
It's the second known incidence of fraud within the bank over a one-year period, the other related to former senior manager Andrea Gordon, who was sentenced to seven and a half years in prison after she admitted to swindling $34 million.
Also, just weeks ago, 12 customers of NCB reportedly lost approximately $18 million in smishing and phishing fraud attacks.
“As I said, only trust yourself. We have conducted an investigation where both managers knew each other's access code, and it took a major [incident] for the particular bank to change that system,” the DPP said.
Llewellyn also implored managers to embrace the National Identification System, NIDS, and the Data Protection Act, both of which are expected to help minimise identify theft and protect customers' data from being misused.
“Although the financial institutions say that they are interested in the customer, there is a perception in the public that the real goal is making sure that you make profit and money for your shareholders,” she said.
Jamaica's banking sector, comprising 11 institutions, signed a pact with the Jamaican government in June to participate in the pilot programme for NIDS.
In the meantime, recommendations coming out of CTOC and the CIRT is for company heads to institute fraud risk assessments, prepare fraud risk map, link key internal controls, review elements of fraud cycle, continuously review organisational structure, conduct regular background checks of third parties, and assist in preparing an effective mechanism system for whistle-blowing.
“I'm telling you, you will have persons in your organisation who are aware that persons are flouting the system and they say nothing,” the DPP warned.