Fraud Policy

FRAUD POLICY

This document outlines the Fraud policy and Procedure related to Virtual Route Distribution USA accounts. “We”, “our”, and “us” refer to Virtual Route Distribution USA. “You”, “your”, and “customers” refer to the account holder.

Purpose of this Document

This policy details how the Virtual Route Distribution USA will approach identifying the fraud risks that it faces, when delivering its payment service, and implementing the necessary controls to mitigate them.

Review of Policy

This policy will be reviewed regularly, at least once a year, and amended as considered necessary by the Virtual Route Distribution USA’s Management Body in the event of changing circumstances or regulations.

Risk Assessment

All Fraud risks will be identified using a fraud risk assessment, which has been appended to this document.

The risk assessment will provide details of the following:
Details of Internal and External Fraud risks Virtual Route Distribution USA faces.
The controls in place to mitigate those risks.
The policies that have been developed to implement the controls.
Details of how the policies are monitored.

Fraud Risks

Virtual Route Distribution USA has identified the following risks relating to fraud:

Internal Fraud
Employees acting in a fraudulent manner, resulting in either:
• Financial loss, from either the company or a customer
• Identity fraud, resulting in a customer’s data being compromised

External Fraud
External threats have been identified in the following areas:
• Clients acting fraudulently
• Fraudsters posing as potential clients
• Email fraud; emails from 3rd parties purporting to be clients/staff
• Cheque fraud

Controls to mitigate the risks

Virtual Route Distribution USA has implemented the following controls, which will mitigate the risks identified above:

Controls for Internal Fraud
Virtual Route Distribution USA has implemented the following controls:
• Identity checks as part of the employment process, which will include a DBS check
• Data visibility restriction by department, which is governed by an Access Rights Policy
• Access to internal systems and trading platforms governed by an Access Rights Policy
• VRD USA also uses proactive anti-cyber fraud mailers to our client base to promote awareness and vigilance

Specific Policies to implement the controls
The following policies have been implemented by the Virtual Route Distribution USA, which will enable these controls to be implemented:
• Access Right Policy

Controls for External Fraud
Virtual Route Distribution USA has implemented the following controls in relation to the external fraud risks
• KYC checks during onboarding
• As part of this policy, Virtual Route Distribution USA has made the decision not to accept cheques or Cash deposit
• Staff training to be aware of fraud trends
• Operational process to confirm all new beneficiary details with clients to avoid client email fraud/interception – see appendix 2

Specific Policies to implement the controls
The following additional policies and checks have been implemented by the Virtual Route Distribution USA, which will enable these controls to be implemented:
• AML Policies and Procedures
• Daily checks to prevent cheques from being paid into our client accounts

Issue Monitoring and Resolution

The controls outlined in this policy have been designed to prevent a fraud related issue from occurring. Where an issue does occur, details of how it will be monitored and resolved are outlined in the Operational and Security Incident Reporting Process.

Compliance Monitoring

This policy will be monitored through the compliance monitoring plan.

Breaches of Fraud Policy

Any breaches of the Fraud policy will be recorded on Virtual Route Distribution USA’s breach log in conjunction with its Regulatory Breach policy.