BNP Paribas Corporate & Institutional Banking
Madrid, Community of Madrid, Spain
hace 5 días

DATE : March 2020


The present document defines the missions, overall roles andresponsibilities of RISK ORC CIB Anti-Fraud from Lisbon, acting as the 2ndLine of Defence dedicated to fraud risk management for BNP Paribas Corporate& Institutional Banking (CIB).

Group globalframework for Fraud risk management

  • Fraud,whether internal or external, is an operational risk that follows the global frameworkfor operational risk management.
  • As per the Group procedure on Operational Risk managementframework 1 ,
  • Fraud prevention and protection are firstmanaged by operating entities as first line of defence. Operating entities haveto identify internal and external fraud risks within their scope, assess theserisks and define and operate a control framework, consistently with Groupguidelines, applicable regulations and their own risk environment.

    The second line of defence on fraud risk isperformed under the aegis of RISK. Chief Risk Officers, acting through the RISKORC stream, are the second line of defence on fraud risk management along theorganizational setup defined for operational risk.

    They are responsible for :

  • Challenging the first line fraud risk managementactivities & the control framework developed in the entities under theiroversight
  • Testing whether the risk mitigation framework operates asexpected, and in some case operates directly some controls through independenttesting,
  • Defining the fraud alert management and investigationframework
  • Operating the fraud alert management and investigationframework for the part assigned to the second line of defence.
  • Providing their Senior Management, their Board and localsupervisors with an independent view on the fraud risk profile of their entity.
  • Within the deconcentrated RISK ORC teams, anExpert on Fraud prevention - protection should be appointed, that should be thereferent for all the above matters and be specifically in charge of the fraudalert management and the investigations .

    Context RISKORC CIB Anti-Fraud (versus Compliance)

    Anti-Fraud team wastransferred from Compliance to RISK, October 1st 2016.

  • Compliance remains responsible for its sovereign themesand processes, as defined in level 2 procedure1 andreferred in the table below.
  • Surveillanceof Compliance risks and e-communication (FOCS within LOD1) are out of the scope.RISK organizes the proper information ofCompliance on money laundering matters coming from fraud events or suspicionsit may be aware of.
  • Vice versa, Compliance may alert RISK on any case of fraud,actual or suspicious, it may detect through its own processes.

  • Compliance manages the global whistleblowing process andrelies on RISK expertise for instructing any case with a fraud suspicion it ismade aware of.
  • Compliance themes / processes Legal themes / processes

    Financial security (fighting against money laundering and terrorism financing, respect of embargoes & financial sanctions)

    Legal watch

    Anti-bribery and corruption

    Legal advices including on contracts

    Protection of the interests of clients

    Litigation management

    Market integrity (market manipulation, insider trading, conflict of interest)

    Legal risk management framework

    Professional ethics

    Referral of external legal counsel

    Compliance with regulations related to personal data protection

    Regulatory compliance with tax laws with extra territorial reach (FATCA, AEOI)

    Regulatory compliance towards banking laws with extra territorial reach (Volcker rule, French banking law)

    Scope of RISKORC CIB Anti-Fraud

    Organizational scope

  • RISK ORC CIB Anti-Fraudactivities cover Global Markets through traders’ unauthorized activitiesthrough Abnormal Trade Pattern (ATP) surveillance,
  • Coverage of CIB CorporateBanking and CIB functions have been integrated since Q3 2017.
  • Surveillance of ALMTtrading activity has been integrated in ATP framework in July 2017.
  • BP2S Anti-Fraudteam integrates the Anti-Fraud network as Risk correspondents.
  • Monitored risks

  • RISK ORC CIB AF covers mainlyrogue trading, social engineering, security (data leakage when related to fraudor fraud attempts) and payments risks (client payments and Bank Paymentsystem).
  • RISK ORC CIBAnti-Fraud mandate and activities

    In line with Groupguidelines, RISK ORC CIB Anti-Fraud mandate encompasses a three-fold coremission :

  • Be the global / local expertise centre on fraud riskmanagement for CIB activities,
  • Coordinate the Anti-Fraud network (globally or locally),
  • Be the single entry point for anti-fraud issues(internally and externally)
  • CIB anti-Fraud mandate applicableto all regions is articulated around five pillars :

    1. Awareness : animation,training

    2. Protection : prevention,detection

    3. Reaction : investigation,remediation

    4. Information

    5. Coordinationwith RISK ORC CIB network

    1. Awareness

    To enhance BNPP CIB fraud risk awareness toBusinesses, CIB Anti-Fraud is responsible for :

  • Developing and animating internal communication andawareness campaigns in coordination with the Group, related to Anti-Fraudprinciples, fraud mechanisms and losses impacts
  • Participating in seminars and professional associationsrelated to Anti-Fraud
  • Participating in fraud risk training programs design andanimating trainings
  • Building and animating an Anti-Fraud community aiming atreinforcing global fraud awareness among Business Lines and Regions
  • 2. Protection

    CIB Anti-Fraud is responsible for assessingprinciples that apply to systems and processes within BNPP CIB to enable fraud prevention and detection .


    CIB Anti-Fraud is responsible for :

  • Providing methodological advisory to prevent fraudincidents from occurring
  • Challenging 1st Line of Defence Control Plan and localframework through dedicated on-site reviews (independent testing realisedannually).
  • Performing thematic reviews (independent testing realisedannually).
  • Designing and implementing the Anti-Fraud 2nd Line ofDefence Control Plan(see controls details in Appendix), coordinated byCIB Anti-Fraud Transversal team (Paris), and run annually.
  • Detection

    CIB Anti-Fraud is responsible for :

  • Cross-checking different sources of data to identifysuspicious schemes
  • Performing ad-hoc fraud risk assessment, data-mining andmodelling in case of suspicion
  • Performing controls to detect fraud and suspiciousevents, with the support of industrialised and dedicated tools (See Appendix onATP Radars)
  • Developing and maintaining internal and external watch toenhance existing known fraud patterns and mechanisms
  • Contributing to improve surveillance framework workingwith the 1st Line of Defence to set-up alerts criteria
  • 3. Reaction

    The reaction role is articulated around investigation and remediation .


    CIB Anti-Fraud is part of the CIB’s fraudresponse plan, and is responsible for conducting investigation processes and identifiesweaknesses


    CIB Anti-Fraud can participate in theremediation phase through advisory.

    The objective is to improve processes,systems and control environment to prevent occurred fraud schemes fromhappening again.

    4. Information

    CIB Anti-Fraud, and in particular the globalHead of CIB Anti-Fraud team is a referred single entry point for :

  • External information on CIB Anti-Fraud risk matters withregulators
  • Internal information on CIB Anti-Fraud risk matterswithin the Group
  • 5. Coordination with RIKS ORC CIB network

    RISK ORC CIB Anti-Fraud leverages on RISK ORCCIB network to further develop awareness, prevention and remediationactivities.

    RISK ORC CIB remains responsible for thefollow-up of remediation actions.


  • RISK generalistprofil
  • Withexperience in RISK Management, audit or consulting. An experience in antifraudfield would be a plus
  • Degree : Master (Bac+ 5, Grandes Ecoles)

    Goodknowledge of :

  • CIBmetiers, products and processes
  • Financial instruments and associated risks
  • Payment systemsused by CIB and associated risks
  • IT Risks
  • Regulatory contexts
  • Languages : English and French (fluent)

  • Pack office MS

  • Excellent relationship capabilities
  • Capability to work in autonomy, in agile mode
  • Entrepreneurial spirit, dynamism, curiosity andvolontarism
  • Capability to deliver key messages to different level of management : synthesisand restitution abilities
  • Capability to challenge stakeholders in a constructive mindset
  • Collaborative spirit
  • Analytical and synthetic spirit
  • Goodcommunication
  • 1 Organizational framework andgovernance for Operational Risk Management & Permanent Control Framework

    Reportar esta oferta

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Mi Correo Electrónico
    Al hacer clic en la opción "Continuar", doy mi consentimiento para que neuvoo procese mis datos de conformidad con lo establecido en su Política de privacidad . Puedo darme de baja o retirar mi autorización en cualquier momento.
    Formulario de postulación