The FAIS General Code of Conduct sets out that financial services providers (FSPs) must at all times have resources and processes which eliminate the risk of clients, staff and product suppliers suffering financial loss through theft, fraud or other irregular activities. FSPs must therefore implement processes, policies and formal monitoring methods that protect all parties against fraudulent and dishonest behaviour.
FSPs can reduce their risk by:
- Training staff
An FSP is made up of people who will pose a risk to clients and other stakeholders of the FSP if they are not informed and up-to-date on industry matters. It is therefore the duty of the FSP to train its staff on what is wrong and right behaviour from a legislative as well as ethical perspective.
In an FSP it is the Key Individual who is ultimately responsible for monitoring the activities of the FSP which includes the actions and behaviours of its staff and representatives. The focus must, therefore, be on monitoring all persons involved in the business including representatives, administration staff, claims support staff, data capturers, office managers and IT consultants, as all of these roles include people who have access to client information and sensitive business information. The FSP must train their staff to be conscious of their behaviour and to apply the principles of treating customers fairly at all times, as there may be instances where staff execute duties that they do not realise poses a risk to the business and/or its clients.
- Proactively detecting issues
Rather than adopting a ‘wait and see’ or ‘reactive’ strategy, FSPs should take proactive steps to prevent and detect internal fraud, errors or irregularities. An important consideration for all FSPs would be to consider how it will proactively detect poor administration, errors, fraudulent acts, irregular activities or culpable omissions within the business, and how it will respond to such incidents. An FSP must, therefore, have the required processes, resources and internal control structures in place, that will reduce the possibility of these incidents occurring and also sets out the process that will be followed in the event of detection. This should include procedures to inform any affected parties, the specific actions to be taken in relation to the incident as well as the internal disciplinary process to be followed.
Here are some of the everyday duties that FSPs should proactively and continuously monitor:
- Collection of funds/premiums from clients – monitoring that the correct amounts are collected from the correct bank account to the FSP’s bank account and that funds are not being allocated or redirected to other/incorrect accounts;
- Processing application forms – monitoring that application forms are completed correctly and submitted with the correct information of the client;
- Processing client documentation – monitoring that the client’s banking details or beneficiary details are not suspiciously amended after the client signed the completed form;
- Processing investment withdrawal requests – verifying that the request is authentic and comes from the client and that the correct withdrawal information is submitted to the product provider;
- Processing claims – ensuring that claims are processed within the correct timelines and that the correct information is submitted with the client’s consent;
- Inserting dates after the document was signed – a client must not be requested to sign a blank or incomplete document;
- Using Tippex to ‘correct’ mistakes – it should be a rule that no Tippex should be in the office and that a line should be drawn through the mistake with the client and staff member’s initials directly next to the deletion and correction. The use of Tippex is seen as suspicious behaviour as it eliminates the evidence of the original information and is also considered as fraudulent conduct by SAICA auditors and SARS which will trigger audits and further investigations;
- Providing vendors or contractors with access to information – instituting limitations on the extent that vendors, consultants and contractors have access to the FSP’s systems and client information.
Treating Customers Fairly Outcome 1 states that FSPs must ensure that ‘Customers are confident that they are dealing with firms where the fair treatment of customers is central to the firm culture’. For clients to be treated fairly, it is important that every facet within the business including control processes and day-to-day duties displays the ethos of honesty and that clients’ interests are protected.
FSPs must ensure that all persons within the business is in a position to prevent mistakes. Proactively monitoring everyday duties, such as those shared above, and implementing internal control processes will aid in reducing risks in the business. This, in turn, will drive the right behaviours amongst employees, ensuring a culture of fair treatment of clients and ultimately promoting organisational success.