Regulatory Alerts2012-06-05
Detailed rules and procedures for encouraging banks to finance small and medium-sized companies and enterprises
1. The company must maintain and promote an environment of integrity, transparency, efficiency and effectiveness to foster a corporate culture that is committed to the prevention, detection and reporting of fraudulent activities, and ensure compliance with the law and regulatory requirements. 2. The candidate for the position of Chief Compliance Officer (CCO) must be a person who has the qualifications, skills, experience, and professional integrity necessary for this role, as outlined below. 3. The CCO shall report to the Minister of Justice, and they will: - Be accountable and responsible for designing, implementing, monitoring, and updating policies and procedures related to preventing, detecting, and reporting fraudulent activities. 4. To ensure effective oversight by the CCO, a Compliance Office (CCO Office) shall be established within the organization, which includes: - An appropriate office space to conduct their duties effectively and efficiently. 5. The Board of Directors (BoD) will have an Oversight Committee (OVC), which shall oversee the CCO Office's performance and effectiveness in fulfilling its obligations and responsibilities. 6. The company shall allocate sufficient resources, including human capital, to support and facilitate the proper functioning, operation, and execution of the CCO Office. 7. A dedicated department or division named "Anti-Fraud Department/Division" (AFFD) shall be established within the organization to carry out its responsibilities in preventing, detecting, and reporting fraudulent activities. The AFFD will: - Maintain, implement, monitor, evaluate, review, and continuously update all policies, procedures, protocols, standards, and practices related to preventing, detecting, and reporting fraudulent activities. - Conduct comprehensive risk assessments and evaluations, including identifying, assessing, quantifying, and prioritizing the associated risks, as well as formulating, implementing, monitoring, updating, reviewing, and continuously refining all appropriate action plans, countermeasures, mitigation strategies, and remediation measures to address them effectively and efficiently. - Regularly and consistently conduct independent internal investigations and audits to identify, assess, quantify, prioritize, investigate, analyze, evaluate, review, and update any suspicious, unusual, abnormal, or potentially fraudulent activities, transactions, occurrences, events, issues, or incidents that may pose potential threats or risks to the company's interests, reputation, legal compliance, operations, stakeholders, shareholders, customers, clients, suppliers, vendors, partners, and other relevant parties, as well as to promptly report them to the appropriate authorities. - Regularly and consistently update, maintain, implement, monitor, evaluate, review, and continuously refine all policies, procedures, protocols, standards, and practices related to preventing, detecting, and reporting fraudulent activities, based on any lessons learned, best practices identified, and continuous improvements achieved from other similar organizations and entities both within and outside the Kingdom of Saudi Arabia (KSA). - Regularly and consistently maintain, update, monitor, evaluate, review, and continuously refine all policies, procedures, protocols, standards, and practices related to preventing, detecting, and reporting fraudulent activities, based on any new threats or risks that may emerge in the future. 8. The AFFD shall work closely with and report regularly and consistently to the CCO Office regarding the performance, effectiveness, and accomplishments achieved in carrying out its responsibilities and obligations. 9. The AFFD shall work closely with and report regularly and consistently to the CCO and the Oversight Committee (OVC) regarding the performance, effectiveness, and accomplishments achieved in implementing, monitoring, evaluating, reviewing, and continuously updating all policies, procedures, protocols, standards, and practices related to preventing, detecting, and reporting fraudulent activities. 10. The AFFD shall work closely with and report regularly and consistently to the CCO and the Oversight Committee (OVC) regarding any identified suspicious, unusual, abnormal, or potentially fraudulent activities, transactions, occurrences, events, issues, or incidents that may pose potential threats or risks to the company's interests, reputation, legal compliance, operations, stakeholders, shareholders, customers, clients, suppliers, vendors, partners, and other relevant parties. 11. The CCO shall be responsible for overseeing, reviewing, evaluating, monitoring, updating, and continuously refining all policies, procedures, protocols, standards, and practices related to preventing, detecting, and reporting fraudulent activities throughout the entire organization.