Guidance Document on Combating Fraud and Corruption for Banks Operating in Iraq 2024

Republic Of Iraq CENTRAL BANK OF IRAQ NO: [Number] DATE: [Date] Guidance Document on Combating Fraud and Corruption for Banks Operating in Iraq 2024

CBI Head Office : Al-Rasheed St. Baghdad - Iraq Tel: 5165171 Telephone Exchange With 4 Line P.O Box: 64 Fax : 0096418166802 E-Mail : cbi@cbi.iq

The Central Bank of Iraq hereby issues this Guidance Document to establish a unified regulatory framework for combating fraud and corruption within all banking institutions operating in Iraq. This guidance outlines the core principles, risk management obligations, internal control standards, reporting mechanisms, and supervisory expectations applicable to licensed banks. It aims to enhance corporate governance, ensure financial integrity, mitigate operational and reputational risks, and align banking practices with national legislation and international standards.

1. Purpose and Scope This guidance applies to all commercial, investment, and specialized banks licensed by the Central Bank of Iraq. It covers all banking activities, including retail, corporate, treasury, trade finance, and investment operations.

2. Definitions

• Fraud: Any intentional act of deception by an employee, customer, or third party resulting in financial loss or misrepresentation.
• Corruption: The abuse of entrusted power for private gain, including bribery, embezzlement, and conflict of interest.
• Internal Control: Processes designed to provide reasonable assurance regarding the achievement of objectives in operational effectiveness, financial reporting reliability, and regulatory compliance.
• Compliance Function: The independent unit responsible for monitoring adherence to laws, regulations, and internal policies.

3. Governance and Oversight The Board of Directors shall establish a dedicated Fraud and Corruption Risk Committee, define clear roles for senior management, and ensure adequate resource allocation. The Board must approve the bank’s fraud/corruption risk appetite statement, review periodic risk assessments, and oversee the implementation of corrective actions.

4. Risk Assessment and Identification Banks shall conduct periodic risk assessments to identify high-risk areas, including lending, treasury operations, trade finance, related-party transactions, and cash handling. Risk indicators shall be quantified, mapped to business units, and integrated into the overall enterprise risk management framework.

5. Internal Controls and Preventive Measures Banks must implement robust internal controls, including segregation of duties, authorization limits, dual verification processes, and system access controls. Whistleblower mechanisms shall be established to encourage reporting of suspicious activities without fear of retaliation. Employee background checks and code of conduct policies shall be enforced across all levels.

6. Detection, Investigation, and Reporting Suspicious transactions and potential fraud/corruption incidents shall be detected through continuous monitoring, data analytics, and internal audit reviews. Material cases must be reported to the Central Bank of Iraq within prescribed timelines. Internal investigations shall be conducted by qualified personnel, with findings documented and escalated to the Board when necessary.

7. Compliance and Supervision The Central Bank of Iraq shall supervise compliance through on-site inspections, off-site monitoring, and periodic reporting. Banks must submit annual compliance reports, risk assessment matrices, and incident logs. The Central Bank reserves the right to issue directives, conduct targeted audits, and require remedial actions for non-compliance.

8. Training and Awareness Continuous training programs shall be implemented for employees, management, and board members on fraud/corruption risks, ethical conduct, regulatory updates, and emerging threats. Training records shall be maintained and reviewed by the compliance function.

9. Sanctions and Remedial Actions Breaches of this guidance may result in corrective measures, financial penalties, license suspensions, or management accountability. The Central Bank of Iraq may impose administrative sanctions based on the severity, frequency, and impact of non-compliance.

10. Appendices Standardized reporting templates, risk assessment matrices, compliance checklists, and incident classification guidelines are provided as appendices to this guidance document.