Fraud prevention policy

General

This fraud and whistleblower policy is established to outline the controls in place to educate, prevent, detect, and report any form of fraudulent behavior.

By definition, “Fraud is any intentional act or omission designed to deceive others, resulting in the victim suffering a loss and/or the perpetrator achieving a gain.” We (hereinafter – “We” or the “Company”) have a strong commitment to fraud risk management. Examples of fraud can include but are not limited to these three categories.
Financial misstatement
  • Forgery or alteration of any financial document;
  • Improper revenue recognition;
  • Misappropriation of funds, securities, supplies, or other assets;
  • Understatement of liabilities;
  • Management override;
  • Deviation from full and fair reporting of the financial condition.
Misappropriation of assets
  • Misappropriation of funds, supplies or other assets;
  • Impropriety in the handling or reporting of money or financial transactions;
  • Use Сompany-owned assets for personal use;
  • Loss or misuse of Company’s resources by not following system controls.
Misconduct
  • Theft of a payment or other financial asset;
  • Profiting as a result of insider knowledge;
  • Impropriety in the handling or reporting of money or financial;
  • Confidential information used in the conduct of outside business;
  • Disclosing information that should be secure;
  • Non-compliance with internal controls.
Staff awareness

Each employee shall have a basic understanding of fraud and be aware of the red flags and know their role within the internal control framework. Fraud involves not just monetary issues, but also is significant to an organization’s financial reporting, operations, reputation, legal, and regulatory compliance. Staff have an awareness of how their job procedures are designed to help mitigate fraud risks and when noncompliance may open up the opportunity for fraud to occur. Each member of the management team will be familiar with the types of improprieties that might occur within their area of responsibility and will be alert for any indication of possible irregularity.
Fraud RED FLAGS and mitigation options Frequent "red flags" indicating fraud opportunities include:
  • Poorly written or poorly enforced internal controls, procedures, policies or security;
  • Irregular or unexplained variances in financial reporting;
  • Failure to take action on audit findings;
  • Unusually high expenses or purchases;
  • Frequent complaints from customers;
  • Missing or incomplete files, records, and documentation;
  • Employee comments concerning possible fraud;
  • Complex business arrangements not widely understood and appear to serve little or no purpose;
  • Financial results that seem “too good to be true”;
  • A consistently close match between reported results and planned results;
  • Changes to employee’s behavior.

Prior to employment, background checks are used in employment screening with the specific objective of assuring that persons with inappropriate records or inconsistency are identified and eliminated from the hiring process. Every employee is required to read and understand policies and procedures upon employment with the Company.

Ongoing monitoring procedures are built into normal recurring operating activities. Certifications and self-assessments create strong controls that help prevent occurrences of fraud. Segregation of duties exists and is tested routinely. The annual fraud risk assessment, which is a part of the annual Company’s risk assessment process, helps to identify potential schemes and events.

 Other internal controls help prevent fraud as follows:
  • Adherence to documentation and authorization limits;
  • Physical security and restricted access;
  • Independent review;
  • Clear lines of authority;
  • Enforcement of conflict of interest;
  • Internal control walkthroughs;
  • Regular vacation breaks;
  • Board oversight;
  • Anonymous reporting “Whistleblower” procedures.

These controls help to create an environment where employees, vendors, and other parties believe that dishonest acts will be detected, reported, and dealt with appropriately.
Reporting and complaint "Whistle Blower" procedures

Employees, vendors or other parties with concerns of fraud or suspected fraud may report the responsible employee. Any fraud that is detected or suspected must be reported immediately.

Upon receipt of a complaint, the responsible employee will take appropriate action for investigation, tracking and confidentiality.

Any investigative activity required will be conducted without regard to the suspected wrongdoer’s length of service, position/title, or relationship to the Company. It is important to provide as much information regarding the facts and circumstances surrounding the complaint as possible in order to facilitate a full and complete investigation.

Upon receipt of a complaint, the responsible employee will determine whether the complaint actually pertains to accounting or auditing matters and, as possible, acknowledge receipt of the complaint to the sender. Complaints relating to accounting or auditing matters will be forwarded for investigation to such person or persons as responsible employee determines to be appropriate. Confidentiality will be maintained to the fullest extent possible, consistent with the need to conduct an adequate review.

The Company is committed to achieving compliance with all applicable securities laws, regulations, accounting standards, accounting controls, and audit practices.

Any employee, vendor, or other party may file a good faith complaint without the fear of dismissal or retaliation of any kind. The Company will not discharge, demote, suspend, threaten, harass or in any manner discriminate against anyone because of any lawful actions in providing information or other assistance in investigation of fraud or the commission. This will be true even in the event that it is concluded from the investigation that no violation occurred.
Fraud prevention mechanisms

Here is the list of prevention mechanisms which the Company is using to mitigate fraud:

  • Establish clear and easy to understand standards from the top-down. Maintain employee manual that clearly outlines these standards and keeps the rules from becoming arbitrary;
  • Always check references and perform background checks that include employment, credit, licensing and criminal history for all new hires;
  • Secure physical assets, access to data, and money at all levels including monitoring and using pre-numbered checks. Keep checks locked up, have a “voided check” procedure and never sign blank checks. Review all disbursements regularly;
  • Segregation of duties for employees. Divide activities so one employee doesn’t have too much control over an area or duty. Separate important accounting and account payable functions. Small business owners and managers should review every payroll check personally. The person who has custody of the checks should never have check signing authority. The person opening the mail should not record the receivables and reconcile the accounts;
  • Proper authorisation of transactions, ensuring that employees aren’t exceeding their authority;
  • Independent checks on performance by using audits, surprise check-ups, inventory counts or other procedures to verify compliance with policies and procedures, as well as accuracy;
  • Instilled anonymous reporting mechanism such as an employee fraud hotline;
  • Small-business owners should control who first receives the bank statements and other sensitive documents. Consider a separate post office box for the purpose of receiving bank statements, customer receipts or any other sensitive documents;
  • All account reconciliations and general ledger balances should have an independent review by a person outside the responsibility area such as an outside accountant. This allows for reviews, better ensuring nothing is amiss and providing a deterrent for fraudulent activities;
  • Conduct annual audits to motivate all bookkeeping-related staff to keep things honest because they can never be sure what questions an auditor is going to ask or what documents an auditor may request to review.
Possible threats
Check / measures

Fictitious vendors
circleRun checks to uncover post office boxes used as addresses and to find any matches between vendor and employee addresses and/or phone numbers
circleBe alert for vendors with similar sounding names or more than one vendor with the same address and phone number

Altered invoices
circleSearch for duplicates
circleCheck for invoice amounts not matching contracts or purchase order amounts

Fixed bidding
circleSummarize contract amount by vendor and compare vendor summaries for several years to determine if a single vendor is winning most bids
circleCalculate days between close for bids and contract submission date by vendor to see if the last bidder consistently wins the contract

Goods not received
circleSearch for purchase quantities that do not agree with contract quantities
circleCheck if inventory levels are changing appropriate to supposed delivery of goods

Duplicate invoices
circleReview for duplicate invoice numbers, duplicate date, and invoice amounts

Inflated prices
circleCompare prices across vendors to see if prices from a particular vendor are unreasonably high

Excess quantities purchased
circleReview for unexplained increases in inventory
circleDetermine if purchase quantities of raw materials are appropriate for production level
circleCheck to see if increases in quantities ordered compare similarly to previous contracts or years or when compared to other plants

Duplicate payments
circleSearch for identical invoice numbers and payments amounts
circleCheck for repeated requests for refunds for invoices paid twice

Carbon copies
circleSearch for duplicates within all company checks cashed; conduct a second search for gaps in check numbers

Duplicate serial numbers
circleDetermine if high value equipment a company already owns is being repurchased by checking serial numbers for duplicates and involvement of same personnel in purchasing and shipping processes

Payroll fraud
circleFind out if a terminated employee is still on payroll by comparing the date of termination with the pay period covered by the pay check and extract all pay transactions for departure date less than date of current pay period

Accounts payable
circleReveal transactions not matching contract amounts by linking accounts payable files to contract and inventory files and examining contract date, price, ordered quantity, inventory receipt quantity, invoice quantity, and payment amount by contract
Card Fraud Prevention Mechanisms

The Company will be using third party card issuing vendor. This means it will not be able to implement custom solutions. The vendor who will be working with us should have at least:
  • 3D secure transactions;
  • Fraud prevention system;
  • Fraud prevention checks:
Possible threats
Check / measures

Fraudsters try to find out the expiry date and possibly also the CVV for the card number known to them
Reduction of the maximum number of authorisation interrogations per card number and a free choice of time period (0-1440 mins.).

Fraudsters try, through series testing of various card numbers, to check their validity
Reduction of the maximum number of authorisation interrogations per client IP address and a free choice of time period (0-1440 mins.).

Damage to the merchant through high-value improper purchases.
Reduction of the maximum amount per credit card and a free choice of time period (0-1440 mins.).

Repeated improper use of a card number.
Blacklist – exclusion of individual card numbers or whole card number fields (BIN). Once card numbers are reported as blocked, they are filed on our blacklist. Before each transaction is transmitted to the finance company, it is matched to our blacklist. If the system finds a corresponding entry, the transaction is immediately rejected.

Improper use of fraud-susceptible BIN ranges (card number fields).
White list with selection of countries (on the basis of the BIN). Via the Web interface from Data trans the merchant can include or exclude countries. Customers from regions at risk – from experience, orders from crisis regions have an increased risk. Data trans Allows you to reduce this risk by not accepting orders from customers from such regions (IP addresses, card number).

Use of stolen or self-generated card numbers, whose actual country of origin is not known to the fraudster.
Validation of the country of origin of the card on the basis of the ISO Country Code. The customer also states the country of origin of the card. The transaction is the only authorised if the country was correctly stated. For Visa, Mastercard and American Express.
Legal Information & Disclaimers
Who is B2Broker?
What kind of services does B2Broker provide?
No investment advice
No public offer
No offering to buy a cryptocurrency or any financial instrument
Limitation of liability regarding content on the Website
Our Offices
Where our multinational team is situated.
Locations
About Us
We are experts in IT and software development in the FinTech industry, offering a range of market-leading solutions
Learn more