FSA fines BNP Paribas £350,000 for weak anti-fraud controls

Between February 2002 and March 2005, through a series of 13 transactions, a senior employee fraudulently transferred £1.4 million out of several clients' accounts. Most of the transactions involved forged signatures and instructions, and false changes of clients' addresses.

The FSA found a lack of an independent before-the-event check on significant transfers of money from client accounts at BNPP, and that in the case of large transactions, no form of independent risk-based review or challenge process was in place either before or after the transactions took place.

In addition, the regulator charged that a number of the fraudulent transactions were not independently reviewed by senior management prior to payment, and the forged instructions were seen only by the dishonest employee, since local procedures were not clear on senior review requirements.

Basic authorisation and signatory checks were also found to have not been conducted by the middle office in respect of internal transfers, and the information provided in the report to support reviews of substantial transactions were not adequately detailed to enhance the effectiveness of the report in identifying unusual or suspicious transactions.

This is the first time a private bank has been fined for weaknesses in its anti-fraud systems by the UK regulator. FSA director of enforcement Margaret Cole said: "This is a warning to other firms that we are raising our game in this area and expect them to follow suit. We will not hesitate to take action against any firm found wanting".