Classification | CONFIDENTIAL

Dombivli Nagari Sahakari Bank Ltd. (Multi-State) - Information Technology and Information
Security Policy

Internal Process and Standard Operating Procedure

Fraud and Risk Management
Purpose:
Fraud risk management is a holistic and proactive fraud mitigation approach that is
embedded within an organization. A successful strategy requires robust internal controls
plus investment in anti-fraud technology. It also needs to consider the current and future
fraud landscape.
In context to this, bank has in place a FRM application which generates an alerts through a
check of business logics called as rule sets and analysis the suspicious behavior into the
different domain/modules for the CBS. This helps the internal team, to take a necessary
action against the alert raise and proactively safeguard the CBS internal, outbound and
inbound transactions.
FRM team adapt and follow standard process, which will work to identify the generated
alert is either a genuine or fraud. The process also used a reporting mechanism which takes
care of probable risk mitigate into the generated suspicious alert. The are They also
observe and maintain the recursive analysis to enhance the process operationally as well as
technically to control the future fraud types.
Scope:
The scope and objective of this SOP is:
1) Define the process performed by the FRM team on daily basis.
2) Define the actions on each level of FRM analysis.
3) Define the escalation of the alert in case of fraud detected.
4) Define the internal reporting process.
5) Define the process for analysis and security to enhance FRM application for current
and future fraud types.
Frequency:
 Working on alert generated by system on slot basis.
 Review on actions taken for alerts generated by system weekly basis.
 Reporting of actions to Board respective members on monthly basis.
 Functional and technical review on quarterly basis.
 SOP review of FRM team’s member once in a year.
 FRM drill half-yearly basis.
Classification | CONFIDENTIAL

Dombivli Nagari Sahakari Bank Ltd. (Multi-State) - Information Technology and Information
Security Policy

Responsibilities:
FRM Dept:
- Keep a 24*7*365 watch on the FRM system and its alert generated during each and
every slot.
- Take actions on alerts generated by system.
- Confirm the suspicious alert/activity either genuine or fraud.
- Record proper evidences and remarks on the observation for the alerts generated
by system.
- Follow the standard procedures when a fraud is detected.
- Escalate the observation of alerts as per the Escalation matrix.
- Review the rule set as per the decided frequency.
- Report IT team on any technical issues found in FRM application.
- Share the observation and requirement to IT team.
IT Dept:
 Involve in Review meeting to fulfill the functional requirement.
 Provide technical support on day to day operations or on any observation received
from FRM Team.
 Provide support in Drill
 Follow standard process in implementation/changes of business logic in FRM
application.

Procedures:
1. Daily observation and actions on Slots generated by system

 Slots are generated and displayed inside the FRM application. Check each and
every alerts as per the business logic implemented in rule set.
 Perform details analysis for the generated alerts by checking CBS transaction
and other related settings
 Call customer if the suspicious behavior found.
 Identify the stage of alert.

Stage:
a) Suspicious
b) Genuine
Classification | CONFIDENTIAL

Dombivli Nagari Sahakari Bank Ltd. (Multi-State) - Information Technology and Information
Security Policy

c) Fraud
 Take proper action as per the above stage.
 Record the actions and capture the evidences.

2. Process and policy for the analysis and actions on alerts:

There are three types of tagging maintain in FRM Application
 Green – No suspicious behavior for the rule set.
 Yellow – Some suspicious behavior for rule set but required manual checking.
 Red – logic of rule set is breached. Need immediate action.
**FRM Team must follow steps mentioned in process no 1 for all type of tag
generated by system:
3. Actions on alerts generated by system:
a. Red tags:

 FRM team will report the FRM escalation matrix and IT escalation matrix
immediately for the further actions.
 Only one call attempt is made to escalation matrix person. In case of
person unavailability, moved to next escalation matrix.
 The last escalation will be CEO.

b. Yellow Tag:

 We adopt the confidence checking for every alerts generated by the

system.
 FRM team should execute the confidence check on alerts generated by the
system.
 Check the transaction in CBS.
 Check the behavior of transaction for past 6 to 1 year.
 Call the customer. (3 Attempts)
 If the transaction found as fraud, debit freeze account and escalated case
to FRM team Dept Head for further action
 If call is not attended by customer, FRM team will keep watch on account
for next 24 hour. Calling attempt will be made on every hour. If Customer
is unavailable account is debit freeze and customer is communicated for
the action by email/or letter.
Classification | CONFIDENTIAL

Dombivli Nagari Sahakari Bank Ltd. (Multi-State) - Information Technology and Information
Security Policy

c. Green Tag:

 FRM team will record the attendance/checking of the alert in system.

4. Review on actions (Weekly) :

 Extract report for alerts.

 Conduct meeting with internal staff and dept head to discuss on actions
taken on review.
 Accept/close any unclosed cases generated during a week
 Take actions as per the FRM team requirement.

5. Reporting of actions to Risk committee/board (Monthly):

 Present the report to Risk committee and board member.

 Discuss the actions or deferment needs if any.

6. Functional and technical review(Quarterly):

 Conduct meeting with IT team to discuss function and technical challenges

 Discuss on downtime or system unavailability points
 Discuss on existing and new rule set.
 Discuss on previous MOM and track development in it

7. Review of FRM teams member:

 Internal review of FRM team members by Dept Head/ Relevant team head.
 Purpose of the review should include operational issue, technical issue and
personal life.
 Report the review observation to CEO/Risk committee.

8. FRM drill
- FRM drill to be carried out on yearly basis.
- IT team will implement a fake scenario in system which lead to alert generation
- Actions taken by FRM team will be recorded.
Classification | CONFIDENTIAL

Dombivli Nagari Sahakari Bank Ltd. (Multi-State) - Information Technology and Information
Security Policy

Version Control:
Sr Version Title Version No Date
No
1. Fraud and Risk Management Process 1.0
Document

Approval Block
Approvals Title Signature/Date
Prepared By

Review By

Approved By