c



 

 
c

 






 
c




 
Muhammad Zubair Khan L1f07mbbf0051
Muhammad Bilal Khalid L1f07mbbf2079
Nasir Jalil L1f07mbbf2070
Muhammad Adeel Shahzad L1f07mbbf2048
Ali Farhan L1f07mbbf2074




  


 

 
ACKNOWLEDGEMENT

Words are always a poor approximation of what

one wants to say. Those who want to express their
keen sentiments of gratitude most keenly feel their
paucity. We bow our head in gratitude to
!
 "" #, Who blessed us with the
ability and energy to complete this work.µ

(




 





  




 


 


 


 
  




 
 
 
 


(
  





 




 














$c 
rt is Allah·s benevolences due to which we
are able to prepare this Report. This
Report is an attempt to more qualitative.
Still it is our belief that there would be
certain areas having room for
improvement. That is why we shall be
respective to the expert opinion from the
resource persons and the suggestion from
the inquisitive students.











c

% 
 
Fraud is an intentional deception made for personal gain or to damage another individual.
"!
% 
 c

þ
 
   


 


  








 

 
 




  


 

 

 

 


  



 



 







 




 c

 &&

One of the most common instances of embezzlement in today·s society is employee theft.
Employees of many companies have access to company property, creating the potential for
embezzlement. Examples include such small crimes as theft of retail items, discounted sale of retail
items, and theft from cash registers, but can also include the theft of millions by employees of large
firms.
 

!



Fraud refers to the deliberate actions taken by management at any level to deceive, con, swindle or
cheat investors or other key stakeholders. Fraud can take many forms that include embezzlement,
insider trading, self-dealing, lying about facts, failure to disclose facts, corruption, and cover-ups.
Top management fraud may also involve intentional misrepresentations in financial statements.
Managers might also create schemes to hide or misrepresent what the firm does or how the firm
does it. rntentionality is the key; senior managers committing fraud willfully undertake actions that
mislead others.
Some fraud schemes are limited to just one or a few transactions (e.g., falsifying a document).
Others might encompass multiple, ongoing activities across several organizational functions or units.
For instance, Adelphia Communications Corp.'s founding family was accused of fraud when it
collected $3.1 billion in off-balance-sheet loans that were backed by the company. The family also
was accused of overstating the company's financial results by inflating capital expenditures and
hiding debt. Enron's top managers, on the other hand, are accused of developing an elaborate
pyramid-like scheme of ´new businessesµ that did not actually exist but supposedly generated new
revenues and profits.
The schemes that senior managers devise to commit fraud also vary in their magnitude. Some affect
only particular units or divisions, while others permeate the entire firms· operations, as in the case of
Enron. Some of these acts were committed in one part of the company to cover up acts that
occurred in other parts of the operations. Fraud schemes also vary in their duration; the Enron and
WorldCom frauds each persisted over a decade.
Some fraud schemes (e.g., falsifying financial statements to overstate earnings) are common among
companies across different industries. Other schemes are industry-specific, however. For example,
the Savings and Loan (S&L) crisis of the 1980s included various S&L industry specific frauds, such
as ´hotµ deals involving land flips, nominee loans, reciprocal lending, or linked financing, as well as
more universal fraudulent activities such as ´lootingµ by siphoning off funds and covering up to
hide insolvency.
'  


Vendor fraud is a term that spans a broad range of abuse ² from fraudsters who create fictitious
companies and submit bills to you for payment«to trusted suppliers who pad invoices and charge
you more than they are due. Vendors involved in fraudulent activity may even collude with your
own employees to help them navigate through your company·s internal controls.
Vendor fraud is rampant in accounts payable because that·s where the money is. And studies show
the impact is staggering. According to the Association of Certified Fraud Examiners, U.S.
organizations alone lose approximately $65 billion annually to fraud ² or an estimated 5% of their
revenues
  '  c


1-Vendor Masking
2-rnside Job
3-Flying Under the Radar
4-Organized Crime Billing Schemes.
( 




Closely Related to management fraud are investment scams. rn these scams fraudulent and usually
worthless investments are sold tp unsuspecting investors. Telemarketing fraud usually falls into this
category as does the selling of worthless partnership interest and other investment opportunities.
Charles Ponzi is regarded as father of investment scams


 c

rn customer fraud, customers either do not pay for goods purchased, or they get something for
nothing, or they deceive organizations into giving something they should not have.

c

 

  !


 

Fraud includes the improper usage of resources and the misrepresentation of facts to receive gain. rt
is related to the misallocation of resources, or the distorted reporting of the existence and availability
of resources. Fraud is a parasite that maims and eventually kills an organisation. After a while, its
contagious effect would find its way to another host organisation.

Fraud does not pay whatsoever, but to a few it could although the final outcome would often end up
in prison or prosecution.

rt erodes the bottom lines and in the end or ultimately the very existence of any organisation is
negatively impacted. Whatever an organisation is, be it non-profit or profit/business in nature, it
cannot remain healthy to survive and be competitive if fraud continues to go undetected and
unchecked because obviously any organisational resource that is misallocated or "misused" threatens
the continued existence of an organisation.



rs there such a thing as fraud cost? rf there is, what then is the cost of fraud? Fraud cost can be
looked at by saying that the resources allocated to combat fraud could have been profitably invested
in other productive and useful pursuit such as employee training and education, corporate research
and the furtherance of diverse knowledge for the organic expansion of an organisation in particular,
and for good of mankind in general.

Fraud cost can be in the form of losses attributable by fraud and crime and these can easily be
reflected in decreased sales, asset loss or diminution, employment productivity loss, poor
creditability, image, reputation and goodwill decline, legal external liability/obligation and punitive
costs.




The obvious impact is that with fraud, the costs of legal and insurance protection tend to increase.
Fraud cost can also be linked to the repercussion it has on the moral fabrics of the economy and of
course the country's reputation that would be lowly graded by global agencies like Transparency
rnternational.

Many sociologists contend that fraud causes a pervasive attitude of "if others or other countries can
do and has done it, so why not r or we?". This callous attitude perpetrates further indulgences of the
many blue and white collar crimes these days. We have seen or read the many past and recent
offenders, including chief executive officers and politicians. Such forbearing indeed erodes the
ethical value system further.

Why would this be so? Because such acts sent out conflicting messages of higher management
responsibility and social as well as moral ethics, people who are hired and paid to supposedly
preserve and enhance corporate governance but when crime and fraud creep in the essence of
accountability/responsibility, openness/ transparency, and honesty/integrity fizzled out or become
non- existent.

c


 
 

There are no barriers, demarcations, territories or borders for fraud and crime, be it organised crime
or discreet and one-man show kind of event. rt taints and permeates the sanctity of religious entities,
the fibres of corporate structures, and the credibility of governmental organisations.

Many academic thoughts tend to agree that fraud is a result of that general disregard for ethical
behaviour stemming from a variety of educational and social disorders.
On a macro perspective, to say the least, fraud is considered a public crime that denies any economic
country the chance of possibly retaining its position as a model economic power.





 

There are many versions or definitions for fraud by the so-called corporate crime-experts,
researchers and authors on fraud studies.

Among the many interpretations is common belief where the spectrum of illegal acts falling under
the umbrella of white collar crime is synonymous with fraud, because those illegal acts represent a
metaphoric decision of fraud perpetrators.

For this article, the definitions are looked at from an ordinary business' perception that combines a
symbolic distinction between physical or violent crimes like murder or armed robbery, hijack,
ransom, theft and arson. The general business community views fraud as a crime of intelligence as
they believe that it represents abuse of power by an individual or a group of individuals working in
cohort. rn such an environment the element of "intelligence" has to exist.

The business community tends to group fraud and crime into white- collar and blue-collar, where
some are obvious while others are less so.


  
)


 

)
l| Charging for services that are not rendered, or overcharging those that were rendered;
l| Unauthorised cash disbursements or payments to fictitious vendors;

l| Evasion of taxes (evading is a crime versus avoiding which may be allowable);

l| Bribery of government officials or company officials to gain favours, licences, contract

awards, or to escape regulatory fines/ penalties; and

l| Misrepresentation of assets and liabilities (misleading stakeholders, investors, public,

regulators, etc, in the accounting, management and public reports).



 
**)
*
 
 

l| Deceptive household and consumer advertising (for example, one pharmaceutical company
many years back claimed that its mouth-wash product could cure/control flu/colds);
 l| Exploitation of third-world labourers and consumers (past chemical disaster in Bhopal rndia
that has become common news the world over);

l| Concealed environmental pollution (past nuclear reactor leakage and contamination in

Chernobyl, Russia, again becoming common news worldwide);

l| Withholding safety and cost-effective product innovation (in the past, many automobile
producers were delaying their airbag installation); and

l| Product safety guidelines being violated (one airline in the gone days knew it had aircrafts
with volatile engines, but did not reveal such to the general public).

  

 


 
Frauds that amount to corruption, office theft, pilfering company's assets or misusing organisational
facilities often involve employees, customers and other third parties. Any of the actions below can
fall under "fraud" grouping:
l| Action by deceit;
l| Dishonest or unlawful activity or conduct;
l| Making false statements;
l| Obtaining money or other benefits; and
l| Evading liability (such as tax-evasion as opposed to tax- avoidance).

!

! !

 !





At the outset, determine what went wrong would be a good start to looking at and managing
fraud. Then the next recourse is to report and contain the incident by investigating it. rn this
process, it is important to identify control deficiencies, weaknesses and the inherent as well as
residual risks attached.

Other isolated or systemic fraud-risks have to be determined so that awareness of them could be
ensured. Management and investigating dynamics have to be escalated while the most
appropriate actions ought to be considered to prevent further incidents and losses.

%
 



Kevin Mitnick, one of the outstanding personalities in the rT world, in an October 2002
interview by BBC said that "...the biggest threat to the security of a company is not a computer
virus, an unpatched hole in a key program or a badly installed firewall.... The weakest link in the
chain is the people".

A recent survey statistics in the US revealed that some 70 per cent of the banks' frauds were
perpetrated internally by employees. Seventy per cent of computer frauds were due to
unauthorised insider activity (2000 CSr/FBr Computer Crime Survey).

Fraud-prevention tools * Passwords; * Tokens like smartcards with PrNs; and * Biometrics.
Today's cyber technology has given biometric- security gadgets various sophistication where
equipment is available to read not only the traditional finger or palm prints, but also people's lip
prints, eye retina, eye iris, body odour, gait or walking style and voice.

! !
  
 
 
A layman can look at corruption as a crime and indeed a fraud. Again using any layman's term,
there are two broad dimensions of corruption which is "under the table" and "on top of the
table".

Under the table (as its term is popularly and commonly referred to) implies that the giver gives
out money or bribe to the taker in clandestine, discreet, secretive and unknown ways where
traces are not always left behind.

Only the giver and taker know about the whole transaction (plus of course some other people
that the giver or taker confided in which often times could be close family members, relatives or
friends but seldom or never to any of the authority).

Another loose term using a layman's term for this kind of fraud or corruption is "moonlight
bribery" as it is done in the dark and under secrecy.

 !
  
 
 
On top of the table infers that the bribe or corruption money is received by the taker rather
"openly", and that giving angpows or grease money is a common and known ways of doing
things in that department or organisation or in the country. Nothing much is done about it
because in the corporate, organisational or country/national culture, there is such that giving
that kind of money or "unofficial payment" is a way of life and has to be a de facto process that
one has to give, otherwise one does not get served or his application is delayed or might not be
considered at all.

rt is perceived as a way to get things done, and people with power, influence and authority are
no more afraid of being known or seen to take bribes; or when the members of the society
regard giving grease money as the efficient and speedier way to get their requests and
applications processed and attended to speedily.

Using a layman's mindset, another loose term for on-top-of-the- table corruption is "broad
daylight or sunshine bribery" since the act is performed in visible ways, and is rather obvious to
every one.

$!  !
 
!
Whichever direction one takes to look at fraud, there are many tell-tale signs or red flags to go
by. Being aware of such red flags can enable one to be prepared to face the potential menaces
head-on.

Let us analyse some of these tell-tale signs by looking at just two aspects of concern that pertain
to employees/management, and computer environment.
 +

!

The obvious red flags here would be:
l| Consistent circumvention of procedures and policies and disregard for controls;

l| There is this environment or work culture and the corporate attitude of whatever it takes to
win ("r do not care about the process just give me the result' attitude");

l| Aristocratic management style resulting in inequitable treatment and compensation.

l| Reckless disregard for facts unless they only result in gain;

l| The refusal to formalise and live the code of ethics and employee conduct; and

l| Too large an authority and responsibility entrusted and delegated to too few individuals.



 
    

Many of the obvious red flags are:
 l| Accessibility to falsify throughput, input or output documentation.

l| Patterns of unauthorised password violations are not adequately resolved;

l| A lack of segregation of duties from (custody) safeguarding assets, (recording)

accounting for assets, and (validating) programming and inputting information into the
system;

l| Rapid staff turnover within the EDP function; and

l| Ability to access master file, perform amendments and modifications, and generating
outputs like disbursement checks or account updates and credit card processing.

c
% 





c
,
c


!
 
!
!


The Bank of Punjab has approached the police to get a fraud case registered against the top
management of National Sugar Mills including MNA Anwar Ali Cheema of PML (Q) and his son
Amir Sultan Cheema for unlawfully selling pledged-stocks of sugar of more than Rs 137 million.

The sources disclosed that the National Sugar Mills had pledged about 110,000 bags of sugar as
security to avail finance facility from the Bank of Punjab. The National Sugar Mills owners later sold
the sugar stocks in the local market at high price and earned huge profits even without informing the
Bank of Punjab, which is a criminal act punishable as a fraud case under section 420/406 PPC.

The team of the Bank of Punjab visited the godowns of National Sugar Mills to check the pledged
sugar stock on Wednesday last and the team members were shocked to see the empty godowns with
not a single kilogram of sugar was seen, a source in the Punjab govt disclosed requesting anonymity.

Highly placed sources revealed that owners of the mills Anwar Ali Cheema MNA of PML (Q) and
his son Aamir Sultan Cheema had contacted the Chief Minister Punjab Mian Shahbaz Sharif to pre-
empt any action against them.
ÈThey are also ready to join PML (N) if the Sharifs hush up the issue·, a source revealed.
The sources disclosed that the district police Sargodha had refused to register fraud case against the
owners of National Sugar Mills after Anwar Ali Cheema MNA and his son Aamir Sultan Cheema,
former Provincial Minister met Captain (retd) Safdar of PML (N) to Èget relief·. No wonder the local
police are reluctant to take action against the Cheemas on the application lodged by the Punjab Bank
officials.

On Thursday, Aamir Sultan Cheema alongwith some other members of the PML (Q) forward bloc
met Chief Minister Punjab Mian Shahbaz Sharif at Raiwind and showed their willingness to join
PML (N).

The sources close to the CM Secretariat claimed that the Chief Minister Punjab had refused to help
Cheema family in this matter, asking them to pay Rs 137 million to the bank immediately to stop the
bank from getting FrR registered against them.
However, another source disclosed that the Chief Minister Punjab Mian Shahbaz Sharif had assured
Amir Sultan Cheema that the matter would be settled amicably, no matter how it was being settled.

ÈThe police has been directed not to register FrR against the Cheema family till Èfurther orders· as
efforts are afoot to settle the issue. ÈEfforts are underway at the highest level and r think that the
issue has been resolved·, said Dr Usman Anwar District Police Officer (DPO) Sargodha, when
contacted. However, he admitted that the Bank of Punjab had submitted an application for
registration of case against the owners of National Sugar Mills at Laksian police station of district
Sargodha.
rt is worth mentioning here that the State Bank of Pakistan (SBP) had directed all the banks that all
existing loans/advances against the security of sugar stock (disbursed before the crushing period of
2008) should be fully adjusted latest by March 31st, 2009.
The State Bank of Pakistan (SBP) in order to curb the sugar mills monopoly had restricted financing
against the security of sugar stock a couple of months ago.
The SBP had directed all the Banks to disallow fresh financing or renewal against hypothecation of
sugar stocks.
rt is in the light of these directives from the State Bank that the Punjab Bank officials inspected the
pledged stocks of Sugar of National Sugar Mills, only to find that they are missing.
The circular said, ÈAny renewal / fresh disbursement of such loans / advances shall be made only
after a clean up period of at least one month after the adjustment of loans·.
More interestingly, the National Sugar Mills had availed the financing facility from the BoP a couple
of years ago.


ð



c

ð !c

The National Bank of Pakistan (NBP) on Friday unilaterally suspended its One-Link service with 14
other banks after finding out that a cyber gang had withdrawn millions of rupees from its different
branches through automated-teller machines (ATMs) by cracking the PrN codes and hardware
security modules.

Sources told Dawn that the bank had also sought the help of the FrA to determine how the gang
had been misusing a couple of ´zero-balanceµ accounts of two employees of another bank, one of
them retired, and getting complete command over the ATM system of the NBP.
They said that involvement of some employees of both the banks could not be ruled out as one
employee of the NBP headquarters in Karachi, in charge of hardware security of the bank·s online
money supply service, had disappeared along with loads of information about private accounts and
their ATM PrN codes.

Police have also arrested Amir Abbas, an employee of the Lahore branch of the other bank, one of
the 14 banks sharing the ATM service with NBP. Mr Abbas is being grilled by police while search is
on for one Ali Hassan alias Bacha, who is believed to be the chieftain of the gang.
rnsiders told Dawn that the bank·s management had detected Ècyber theft· of over Rs3 million from
its ATMs in Multan and Lahore in recent weeks.

But it was surprised to find similar cases unfolding in its branches operating in the industrial belt of
Punjab in Sialkot, Gujranwala and Lahore.
After following the transactions, the bank management found that the same group had withdrawn
another over Rs8 million from the NBP·s ATM in Punjab just over the last weekend.

The sources said the hackers had targeted branches of the NBP operating in the industrial areas of
Punjab because ATMs of these branches are normally filled to the brim.The NBP management is
also busy tracing similar transactions in other parts of the country, perhaps by members of the same
gang.

rnitial investigations have found that the gang had full command over the entire ATM hardware
system of the bank, which means that some employees of the bank·s ATM department had links
with the gang and had provided them the data needed to hack the system.
rn normal cases, an account holder can withdraw a maximum of Rs20, 000 in 24 hours from an
NBP ATM. But the hackers had full control even over this function and are believed to have made
the machines deliver large sums in one go. The NBP·s ATM issuance service has already come to a
halt for a couple of months, an NBP employee said.
He said the bank had decided not to re-start its One-Link ATM system with all other partner banks
without installing a new security system.

The NBP fears massive attacks on its hacked online money supply system across the country forcing
it to suspend its One-Link operations for an indefinite period.

The employee said that ironically the NBP had not installed close-circuit cameras to cover its ATMs.
Therefore, it is difficult to tell exactly how the gang drew money from the machines.
The NBP authorities are also investigating whether the ATM hacking started when its absconding
employee was attending his office or after he had left to be with his accomplices while drawing cash
from the machines. NBP President Ali Reza and some other top officials could not be reached for
the official version on the issue.

 

The first Cyber-fraud case worth US$ 30,000 reported from Multan is being sent to Cyber Crime
Wing [CCW] FrA rslamabad for assistance in investigations due to absence of relevant expertise
here, said deputy director FrA Crime Cell Multan Rana rrfan on Thursday.

The Special Judge Central Multan has allowed five-day physical remand of the four accused,
including an alleged hacker, and permission to shift them to rslamabad.


 

"Two computers, one of them taken into possession last night, have been sealed as evidence and
they along with the accused would leave for rslamabad today for investigations by Cyber Crime
Wing", he said but added that the main investigation would still be done by investigating officer of
FrA Multan and CCW would assist us.

They would be produced again before the concerned local court after expiry of five-day physical
remand, he added.

This could be the second or third incident in Pakistan after one or two happened at Karachi or
somewhere else in the country, he said adding: "We are also contacting concerned FrA officer at
Karachi who had investigated such case(s)", said rrfan. rn the absence of Cyber-Crimes related laws,
case was registered under available relevant sections of PPC, another FrA officer said.






There is an urgent need to enact special statute to tackle the Cyber Crimes from investigations by
relevant experts to prosecution and subsequent punishment to keep the overseas Pakistanis stick to
the legal means of money transfer and not the 'Hundi system', said noted lawyer and former vice
chairman Pakistan Bar Council Mian Abbas Ahmad.

An amendment was made in the law of evidence to make room for production of evidences
involving modern technology but it is not sufficient to tackle Cyber Crimes, Mian Abbas said.
Deputy Director FrA Multan Rana rrfan said, efforts are on by the federal government to draft law
to tackle this new trend of sophisticated crime involving modern technology.

Yusaf Alvi, the Deputy Post Master General Multan Region said, US$ 4 billion remittances were
recorded till June 30, 2003, with major share of it received through postal department's service. "We
have adopted effective measures from changing password for access to the system to introducing
strict checks to ascertain the identity of those who come to receive money sent from abroad", he
added.

#
 

Four accused including an alleged hacker rftikhar Ahmed Khan, a Postal Clerk Muhammad Tahir,
and two rnternet Club owners including Zafar and Raza Hussain Naqvi, were arrested on
Wednesday on charge of fraudulently receiving US$ 30,000 from different outlets in Pakistan
including Express Post Service of Postal department, and banks which were sent by overseas
Pakistanis through Western Union, a world wide money transfer service.

They did it with the help of alleged hacker, who managed to copy the software of the company to
his own CPU in collusion with the postal department clerk on April 23 in the name of removing
some virus from the system that enabled him to have access to the password of the system and the
Money Transfer Code Number [MTCN], a number which is only known to the sender and the
genuine receiver in Pakistan.

Yusaf Alvi said, the alleged hacker rftikhar is not a qualified computer expert, having no degree like
BCS or B.Sc in Computer Science but still he was adept in handling computers and troubleshooting.

%



The matter came to light after a person Nazir Ahmad complained that when he went to an Express
Post outlet at Peshawar to collect Rs 500,000, he was informed that the same has already been given
to some person and later, it was detected that the password or Money Transfer Code Number for
this was entered from Multan.

c(  
 )

 
c 
-.

/0-0//1
i
þ  
 
 

KARACHr: The Crimes Branch of the Federal rnvestigation Agency (FrA) has started an
investigation into a novel bank fraud, as a private bank, the Bank Al-Falah, has avoided a probe into
the matter, while the accused has been roaming freely.

The Director HR and Administration, Jang Group, Dr Ziauddin, had submitted an application to
the Crimes Branch of FrA on August 30, 2008, revealing a novel bank fraud in a company of the
Jang Group, Events Unlimited.

The higher authorities of the Jang Group had information that some officials of the Events
Unlimited Company were involved in irregularities.

rnitially, it was revealed that Events Unlimited had given an estimate of Rs 634,800 for a three-day
event at Marriott Hotel, Karachi, with 200 expected participants daily. An advance cheque of Rs
200,000 was paid for the purpose, while the remaining amount had to be paid through three other
cheques.

Meanwhile, senior officials of Events Unlimited, Asim Qureshi (CEO) and Sunil Hussain Shah
(Manager Logistics) reduced the three-day period of the event to two days, which cut down the
expenses of the event from Rs 634,800 to Rs 441,160.

After the conclusion of the event, the Marriott Hotel was paid two cheques of Rs 144,933 each. The
Events Unlimited paid the total amount of Rs 489,866 to the Marriott Hotel of which Rs 48,706 was
above than the actual estimates.

Sunil Hussain Shah got a cheque of the extra amount of Rs 48,706 in the name of Events Unlimited
from the Marriott Hotel. Sunil Shah deposited this cheque, along with another cheque of Rs
144,934, prepared for a three-day event, at Bank Al-Falah, Defence Branch, in the account of LY
Enterprises. About Rs 193,640 were embezzled through the account of Bank Al-Falah.

Zuhaib Hussain Shah, the brother of Sunil Hussain, was working at the Defence Branch of the Al-
Falah Bank where Yasir Hussain opened an account with the name of LY Enterprises at the same
branch.

When the matter was brought to the notice of the bank management, the manager concerned
confirmed that a cheque of Rs 48,706 had been deposited in the account No 0155-0101-10101 of
LY Enterprises on November 4, 2007.

Similarly, another cheque of Rs 144,934 was deposited in the account of LY Enterprises at the
Defence Branch of Bank Al-Falah.
When the matter was brought to the notice of the Bank Al-Falah management and was asked
whether a cheque in the name of a company or person could be deposited in the account of another
person or company, the bank officials tried to hush up the matter.

When the management of the Jang Group sought a clear reply from the bank after writing at least
four letters and repeated calls, the Bank Al-Falah sent a pay order of Rs 150,000 to Events
Unlimited and orally requested to wind up the issue. This fraud has caused over Rs 5 million losses
to Events Unlimited.

When the issue was strongly taken up with the management of the bank, they terminated Zuhaib
Hussain, but neither an inquiry was ordered into the case nor the account holders were informed
about such frauds so that they could remain safe in future.

This exposed the internal monitoring and checking system of the Bank Al-Falah. There are three
types of audit in all banks i.e. (1) internal audit (2) external audit, which is being conducted through a
private firm and (3) SBP audit. rnterestingly, no audit team unearthed such type of bank fraud.

rt may be mentioned here that for the internal audit, a bank hires experts on high salaries and the
services of audit companies are also hired by spending huge sums of money.

The above mentioned investigation was made by the institution·s Director HR and Admin Dr
Ziauddin Ahmed Zia and General Manager Muhammad Fahim Khan with the help of other
colleagues.

When Sunil Hussain Shah and Asim Qureshi refused to accept the outcome of the investigation, the
police filed an FrR of the case and included it in investigation process and the FrA was also
approached for a probe.

When the institution came to know about other cases of the same nature in which a fraud of more
than Rs 5 million was committed with the Events Unlimited, it acquired the services of FrA. rt may
be pointed out here that the FrA has arrested accused Sunil Hussain Shah after three-month
investigation of the said fraud made with the country·s largest media group, while the other accused
Asim Qureshi could not be arrested, who later got bail before arrest from a local court.

The FrA is investigating against the accused. During investigation, Sunil Shah confessed that he had
paid an amount of more than Rs 1.1 million to Asim Qureshi.

!



 ð23!


rSLAMABAD, Feb 5: A fraud amounting to hundreds of millions of rupees in fake loans has been
detected in the Gilgit branch of the National Bank of Pakistan, causing a setback to NBP·s efforts to
extend its presence in Northern Areas and promote business activities in the remote and backward
region.

Well-placed sources told Dawn that the fraud was detected when the bank launched a probe into
payment of Rs50 million as loan to a company named Pak-China Sost Port Company by its Gilgit
branch. But the revelation could be just the tip of the iceberg because investigators have found that
there were other bogus loans involving payment of Rs880 million.
The sources said that a number of companies and people had taken loans of millions of rupees
against fake or non-existent collaterals, raising questions about culpability of top people in the
bank·s management who concealed such a huge scam from the audit department for three years.
The sources said that the fraud had been overlooked during the audit and now efforts were being
made to determine why a proper scrutiny of the loan was not carried out.

A report sent to the bank president by the Ècompliance group· said it had received a preliminary
report from the NBP·s human resource management and administration. The group received the
complaint on Nov 12 and reported the matter to the State Bank.
The sources said that the bank was yet to lodge a complaint with police as required in such cases
The Pak-China Sost Port Company was set up in 2002 as a joint venture with Pakistan·s Silk Route
Dry Port Trust holding 40 per cent of its shares and China·s Sinotrans Xinjiang Jiuling
Transportation & Storage Company 60 per cent.

The Chinese firm had invested cash while the dry port trust offered Èland·. The Rs50 million loan
was given to six people ³ four Chinese nationals and two Pakistanis ³ against Èproperty, stocks
and personal guarantees·. The six have been identified as Yuan Juamnmin, chairman of the
company·s board Prince Salim Khan, (vice-chairman), Chen Mingxing, Raja Shahbaz Khan, Hou
Enzu and Ms Wing Ping.

The advice to sanction the loan was issued by Gilgit·s regional office which had accepted Mir
Ghazanfar Ali Khan, Chairman of the Silk Route Dry Port Trust, as a guarantor.
´Give me two months and r will be able to give you a clear picture of what has happened,µ NBP
president Ali Raza told Dawn.

He said he had ordered a thorough probe into the matter and held meetings with officials of the
Northern Areas Chambers of Commerce and rndustries.
The officials had assured the bank of their full support and cooperation, Mr Raza said.
´rt is not a big issue,µ Mr Raza said, adding that NBP was the only entity playing an active role in the
development of the area by extending loans to businesses.
The total size of the NBP loan in Northern Areas was Rs1 billion, he said.
When asked if the total amount involved in the fraud was about 80 per cent of the total the NBP
had paid, Mr Raza said: ´rt does not matter whether the amount is in thousands, millions or billions.
Everything will be clear soon.µ

rt was pointed out that the audit of the Gilgit branch had been conducted by the same individual
twice (in 2005 and 2007) and that there was no audit in 2006. And in reply to a question if there was
any possibility of involvement of the bank staff in the fraud, he said: ´You know access to the
Northern Areas is not as smooth as it is to Lahore, Karachi or rslamabad. Sometimes the audit can
be delayed.µ

!c

Muzammil Hafeez Butt, former manager of Muslim Commercial Bank·s Nila Gumbad branch. Butt
is accused of embezzling more than Rs 140 million.

"c


Tasleem Akhtar, an employee of Allied Bank of Pakistan·s Lahore Stock Exchange branch. Four
employees of the bank, Muhammad Sagheer, Asghar Goraya, Tasleem Akhtar, Faisal Hussain Butt
and Tahir Waheed are accused of Rs 298 million fraud

%c

ADBP officials Abdul Haq, Ejaz Akhtar, Sheikh Masood, Tariq Mahmood, Faiz Riaz Qureshi,
Mohammad Latif and Dr Asif are accused of embezzling Rs 8.3 million from the bank.

c

Mumshad Nadeem He is accused of making Rs 6 million from the State Bank of Pakistan through
bogus pension claims.



c


Ex-manager of the Askari Bank·s Gulberg branch the accused had allegedly misappropriated Rs 8
million of Askari Bank and Rs 30 million of the PrCrC Commercial Bank.

"

Manager Khurshid Butt and cashier Abid Hussain of the United Bank Limited·s Lohari Gate branch
to the National Accountability Bureau (NAB) till February 4. NAB says Butt and Hussain were
arrested from their residences in Canal View and Misri Shah on charges of misappropriating Rs 10
million. rt was alleged that this misappropriation was discovered by area manager Azhar Ali on
January 6, 2005 following which these officials were taken into custody.

!

! 4c
 
 5,   
 &

 





 


‡ Manage a team of Fraud detection, OLA and MrS staff to high levels of operational
performance.

‡ Drive improvements in the rdentification and prevention of Fraud.

‡ Act as the subject matter expert and central point of contact for all Fraud related issues.

‡ Ensure timely review of rssuing and Acquiring Detection parameters Ensure emerging frauds
are identified in a timely manner and align prevention and detection capabilities accordingly.
Enhance existing Fraud metrics and provide ongoing management reporting on related
issues/events.

‡ To deal with issues within the Department with the strictest of confidence and
professionalism.

‡ Ensure all tools available are utilized and being used to optimum capacity.

‡ Ensure daily and monthly departmental MrS are designed in such a way that clearly indicates
the RrSKNET performance indicators, OLA key indicators and staff performance indicators.

‡ Utilize RrSKNET parameters to detect all abnormal usage, including Lost/stolen, NRr and
counterfeit related fraud.

‡ Utilize OLA parameters in most effective manner to improve approval and referral rate.

‡ Review and update departmental policy and process manual on annual basis.

‡ Capacity Planning of the unit.

 ‡ Annual Fraud budget preparation.

‡ Validation of minimum standards and fraud plan preparation

‡ Ensure that all Departmental control functions are performed in timely and quality fashion.

‡ Demonstrate leadership and people management skills by: Grooming, developing and
coaching.

‡ Motivating staff, keeping their morals high and by clearly defining roles and responsibilities.

‡ Trained back-end staff on all the critical functions through internal rotation to make backups
of all the key-players.

‡ Based on Rules Analysis, revise rules on periodic basis for Early detection of Fraud




$!
!

! 6c
( 
!

 5, 

 7*

 

"


‡ Receive and investigate fraud cases (Cards/Loans) and resolve within stipulated time frame &
find out any process gap due to fraud was happened.

‡ Ensure cases are referred promptly to the Fraud Control department.

‡ Utilize a file summary and checklist to facilitate the quick compilation of all information
relevant to the case.

‡ Obtain a written dispute from the cardholder and affidavit form. This can be helpful if fraud is
detected and legal action is necessary.

‡ rnitiate chargeback (if possible)

‡ Maintain a complete database of details for each fraud transaction identified.

‡ Report all fraud transaction to Visa·s Fraud Reporting System (TC40).

‡ Maintain all documentation relating to each investigation for at least three years following the
last update to the respective case file.

‡ All suspect reports should be reviewed on daily basis & try to locate any fraud happened.

‡ Monitor daily all blocked accounts for activity.

‡ Take necessary action if found any fraud at the time of report or system review. Verify the
security information on the account with the cardholder.

‡ rf collusive merchant is involved, contact the Acquirer.

‡ Liaison with Legal and Law Enforcement Agencies to recover the funds or assets. (if
necessary)

‡ Handle queries from UBL branches.

‡ To review Monthly/Quarterly visits of External Agencies, Courier & Operation Units to

rectify the issue till resolutions to minimize the risk.

‡ To schedule and arrange the education of card center staff regarding fraud prevention.

‡ Central/State Bank Fraud reporting preparation of card products on monthly/quarterly basis.

‡ Review & check Sundry, Account receivable, write offs, recovery accounts management and
highlight any discrepancies to the management.

‡ Unresolved Cases Aging management & try to resolve all cases within timeframe.

‡ Fraud Losses / Recovery MrS with reconciliation with system on monthly basis.

‡ Expense & Budget Control.

.




!

! 6c
( 
!

 5, 

 7c$!
#

"


‡ Receive and investigate fraud cases and resolve with in stipulated time frame & find out any
process gap due to fraud was happened.

‡ Ensure cases are referred promptly to the Fraud Control Department.

‡ Utilize a file summary and checklist to facilitate the quick compilation of all information
relevant to the case.

‡ Obtain a written dispute from the cardholder and affidavit form. This can be helpful if fraud is
detected and legal action is necessary.

‡ rnitiate chargeback (if possible).

‡ Maintain a complete database of details for each fraud transaction identified.

‡ Maintain all documentation relating to each investigation for at least three years following the
last update to the respective case file.

‡ All suspect reports should be reviewed on daily basis & try to locate any fraud happened.

‡ Liaison with legal and Law Enforcement Agencies, Courier & Operation Units to rectify the
issue till resolutions to minimize the risk.

‡ Reconciliation of Financial entries management.

‡ Unresolved Cases Aging management & try to resolve all cases with in time frame.

‡ Fraud Losses/Recovery MrS wit reconciliation with system on monthly and weekly basis.

‡ Fraud Losses should not exceed of 10 bps and try to recover with the help of external
investigation or chargeback processing.
 ‡ Beat expenses budget by 10% or more.

‡ After receiving fraud cases to FRMU, update fraud database.

‡ To generate unresolved cases aging on daily basis & present to FRMU Head with region wise.

‡ To generate weekly










 
 
 


!

rn view of the importance of frauds prevention or mitigation strategy in overall operational risk
framework and to improve the mechanism for active supervisory response, the State Bank has
revised reporting requirement for banks or DFrs on frauds, forgeries and armed robberies cases.

The Chief spokesman of State Bank of Pakistan Syed Wasimuddin today said submission of
complete and timely information on revised formats will enable the State Bank to remain apprised of
developments at banks/DFrs and monitor follow-up action taken by them for all medium and high
severity frauds/forgeries including the emergency reported cases.
The information so collected will also be used to develop a database of frauds, forgeries, and armed
robberies, which will be used for measuring operational risk and determining capital requirements
there-against. Reporting of frauds, forgeries or armed robberies by banks or DFrs is to be done as
per the codes list. A glossary defining the terms used in the revised reporting requirements has been
attached, which though is not to be taken with exhaustive detail.

Operational Risk is gaining importance in the banking industry in the wake of increasing complexity
of operations and the risks involved therein. The incidents of internal and external frauds and
forgeries are included in list of the operational risk events that have the potential to result in
substantial losses. Keeping in view the size, sophistication, nature and complexity of operations of
each bank/DFr, adoption of clear-cut strategies and introduction of strong internal controls and
effective reporting will remain critical factors in preventing this and other types of operational risk
events and resultant losses.
All banks or DFrs are advised to submit a quarterly statement of the said cases on the revised
format, which will replace the existing Quarterly reporting format, within 15 days of the close of
each calendar quarter along with a soft copy to the Banking Supervision Department. The quarterly
report will include all actual as well as attempted fraud cases even if the bank may not have sustained
any monetary loss. Therefore, cases where bank recovers the entire amount involved and does not
suffer any loss must also be reported to SBP.
Furthermore, banks or DFrs will separately report all material incidents of cases like frauds, forgeries
and armed robberies of Rs. one million and above on urgent basis as instructed below.
Preliminary report within 2 working days of the occurrence of such incident by mentioning the date
of the incident and other information about the case as available at the time of such reporting and
detailed report within 15 days of the occurrence of such incident.Failure to comply with these
instructions will attract punitive action under the Banking Companies Ordinance, 1962.





















$  

www.sbp.org.pk
www.down.com
2008,Noorani,M.A The News
www.nation.com.pk
www.thenews.com.pk

http://hbl-jayrati.blogspot.com/

http://www.dailytimes.com.pk/default.asp?page=2007

B.k Sher march, 2008 Down.com
http://www.timespk.com