Barclays 2008 Annual Report Download - page 136

Download and view the complete annual report

Please find page 136 of the 2008 Barclays annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 330

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
  • 325
  • 326
  • 327
  • 328
  • 329
  • 330

134 Barclays PLC Annual Report 2008 |Find out more at www.barclays.com/annualreport08
Risk management
Financial crime risk management
Fraud risk and security risk
Fraud risk
The Group establishes and operates a fraud risk framework which
measures overall fraud risk exposure and controls. Together with the
Group-wide policies and reporting, this structure directs how fraud is
managed.
GFCM is responsible for delivering the overall Group Fraud Strategy
by providing oversight to Group and business units in the management
of fraud risk.
The Group Fraud Strategy is designed to:
– Contain existing risks through effective measurement, monitoring and
robust anti-fraud systems, in line with the expansion of the bank
– Identify emerging threats in order that effective fraud controls are
embedded across the Group along with increased capability to
manage risk
– Identify and manage fraud incidents, ensuring regulatory and legal
conformance, appropriate escalation and resolution of control issues
to prevent further loss
– Share fraud trends, intelligence and knowledge across the Group and
between government bodies, law enforcement agencies, financial
institutions and other key stakeholders
GFCM assesses fraud risk across existing and emerging products,
channels, and jurisdictions. It has embedded a robust fraud reporting
framework which tracks current exposure to identify risk and ensure
adequate risk management capability and controls.
The Groups business units identify their appetite for fraud loss which
informs and determines the overall fraud plan. Objectives are set around
these plans and performance is monitored through reporting and
oversight via appropriate Governance Committees at both business unit
and Group level.
Barclays undertakes regular benchmarking performance reviews
with relevant peer groups and maintains a conduit to ensure a two-way
exchange of information and intelligence at government, trade and
industry levels.
The Barclays Group Fraud Risk profile is tracked regularly through the
review and challenge of the net losses and key risk metrics; these are then
viewed against the overall Fraud Risk Profile (at the Fraud Risk Oversight
Committee).
Aggregated fraud data is reported monthly to senior management.
The performance of the business in combating fraud losses is measured
against plan in line with the Principal Risk Policy. Key Risk Indicators are
embedded in order that overall exposure can be established. As a result
of this process, fraud can be measured and appropriate action taken to
minimise or track significant issues.
Barclays overall reported fraud losses increased in 2008 in line with
industry trends. Whilst industry and proprietary initiatives (online and
Chip/PIN) have continued to pay dividends and reduce exposure in some
areas, fraud increased in other areas and in geographies that do not have
Chip and PIN technology.
In 2008, the Group implemented a new global fraud application
system aimed at preventing first-party fraud.
Compromised customer details continue to be a significant threat
globally. GFCM continues to work closely with industry and other
associated bodies to:
– Protect any customer whose details may be compromised
– Develop a standard approach for dealing with accounts that may be
impacted by any data compromise or security breach
– Reassure customers and provide points of contact for help and
guidance.
Security risk
GFCM manages security risk. Its fundamental objective is to allow Barclays
to operate in a safe and secure manner in all existing and potential future
markets.
In pursuit of this objective, the security risk team gathers and shares
current threat assessments across business areas, using intelligence from
security and government agencies and in-country teams. It ensures that
suitable policies and control systems are in place to protect Group
business and high-risk personnel.
Barclays has developed and continues to improve a robust Group-
wide people-screening process to protect the Group from those people
who want to harm the organisation, by either joining as staff members or
becoming involved with its operations.
Security risk is regularly reported by the businesses and reviewed via
the Security Risk Management Committee, whose objectives are to:
– Consider the latest management information and security threat
assessments
– Drive forward mitigating action to protect the Group from potential
threats
– Provide guidance to the design and effectiveness of the overall Barclays
Security Risk framework
– Ensure all security risk workstreams have been effectively integrated
and implemented
– Monitor corporate security profiles against the agreed plan, tracking
issues in order that remedial action can be taken