Promise Internal Fraud Detection Prevention and Reporting Policy

Document Reference: PM-FDP-001 Version: v1.3 Owner: Compliance Team — Promise Money Next Review Date: [To be confirmed]

---

Promise Internal Fraud Detection and Prevention Policy

Background

This policy is to facilitate the development of controls which will aid in detection and prevention of fraud against Promise Solutions and its lenders and partners. It is the intention of Promise Solutions to promote consistent behavior within the firm by providing guidelines and assigning responsibility for the development of controls and conduct of investigations.

Scope of Policy

This policy applies to any fraud, or suspected fraud, involving employees, shareholders, consultants, vendors, contractors, Lenders, Brokers and outside agencies doing business with employees of such agencies, and/ or any other parties with a business relationship with Promise Solutions.

Any investigative activity required will be conducted without regard to the suspected wrongdoer’s length of service, position/title, or relationship with Promise Solutions.

Policy

Management is responsible for the detection and prevention of fraud, misappropriations, and other inappropriate conduct. Fraud is defined as the intentional, false representation or concealment of a material fact for the purpose of inducing another to act upon it to his or her injury. Each member of the management team will be familiar with the types of improprieties that might occur within his or her area of responsibility, and be alert for any indication of irregularity.

Any fraud that is detected or suspected must be reported immediately to the Managing Director, who coordinates all investigations with a senior member of the management team and other affected areas, both internal and external

Actions Constituting Fraud

The terms defalcations, misappropriation, and other fiscal wrongdoings refer to, but are not limited to:

Any dishonest or fraudulent act

Forgery or alteration of any document or account

Forgery or alteration of Cheques, Bank Drafts, or any other financial document

Misappropriation of funds, securities, supplies, or other assets

Impropriety in the handling or reporting of money or financial transactions

Profiteering as a result of insider knowledge of company activities

Disclosing confidential and proprietary information to outside parties

Disclosing to other persons securities activities engaged in or contemplated by Promise Solutions

Accepting or seeking anything of material value from contractors, vendors or persons providing services/materials to the company.

Exception: Gifts less than £100 in value (please refer to the Promise Bribery Act Policy and Procedures)

Destruction, removal or inappropriate use of records, furniture, fixtures, and or equipment; and/or

Any similar or related inappropriate conduct

Other Inappropriate Conduct

Suspected improprieties concerning an employee’s moral, ethical, or behavioral conduct, should be resolved by departmental management and HR.

Please refer to the following policies;

Promise Disciplinary Procedure

Promise Code of Ethics

Promise Behavior At Work

Promise Whistle-Blowing

Promise Bribery Act Policy

Promise Anti-Money Laundering Policy

Promise Data Protection Policy

Promise Conflict of Interest Policy

If there is any question as to whether an action constitutes fraud, contact your Line Manager or a Director of Promise Solutions

Mitigation of Fraud

Promise Solutions have put in place systems and controls to detect, prevent and mitigate potential fraudulent activity as follows;

New staff are rigorously put through our recruitment and on-boarding process which includes where necessary, Credit Checks, CRB checks, hold the relevant qualification and experience to fulfill their roles

Staff are given the full suite of policies that affect their employment with Promise Solutions

Staff are provided with training to identify, report any fraudulent activity

All calls are recorded to assist in any investigations

Due Diligence and an FCA register check of all Brokers that submit business to Promise Solutions are carried out at the first point of registration and each time a new application is received. A register of Brokers that are considered a risk is also kept for reference

Due Diligence on Lenders on panel is carried out with the necessary checks

Advisers/case managers are prohibited to have any involvement on cases for friends and family (refer to Conflicts of Interest Policy)

Case Managers processing cases for the Adviser are rotated regularly

File Completion checks are carried out on all files by the Compliance Team

Monitoring of cases throughout the process are carried out by the Compliance Team

Any change to the company’s standard fee structure is signed off by a manager and recorded

Lender commissions are paid direct to Promise Solutions and not to the individuals

Ring fenced Accounts department processes all payments

Any payments made are set up and authorised by separate members of the Accounts department and Directors

All invoices are signed off by the Managing Director

A full list of System Access of internal and external systems is completed for each staff member and audited 6 monthly. Staff members are asked to keep this up to date

When members of staff leave the business all system access is removed, the respective lenders are also notified to prevent any system abuse

Investigation Responsibilities

The Managing Director has the primary responsibility for the investigation of all suspected fraudulent acts as defined in the policy. If the investigation substantiates that fraudulent activities have occurred, the Managing Director will issue reports to the appropriate director and Compliance.

Decisions to take further actions such as prosecution, referring the matter to the appropriate law enforcement and or regulatory agencies will be made upon discussion with the senior management team.

Confidentiality

The Managing Director treats all information received confidentially. Any employee who suspects dishonest or fraudulent activity will notify the Managing Director or Director immediately, and should not attempt to personally conduct investigations or interviews/interrogations related to any suspected fraudulent act (see Reporting Procedure below)

Investigation results will not be disclosed or discussed with anyone other than those who have a legitimate need to know. This is important in order to avoid damaging the reputations of the person(s) suspected but subsequently found innocent of wrongful conduct and to protect Promise Solutions from potential claims.

Authorisation for Investigating Suspected Fraud

Members of Law Enforcement or person(s) will have:

Free unrestricted access to all Promise Solutions records and premises whether owned or rented;

AND

The authority to examine, copy, and/or remove all or any portion of the contents of files, desks, cabinets, and other storage facilities on the premises without prior knowledge or consent of any individual who may use or have custody of any such items or facilities when it is within the scope of their investigation

Reporting Procedures

Great care must be taken in the investigation of suspected improprieties or wrongdoings so as to avoid mistaken accusations or alerting suspected individuals that an investigation is underway.

An employee who discovers or suspects fraudulent activity will contact the Managing Director immediately. The employee or other complainant may remain anonymous. All enquiries concerning the activity under investigation from the suspected individual, his or her legal representative, or any other inquirer should be directed to the appropriate law enforcement body responsible for the investigation. No information concerning the status of an investigation will be given out. The proper response to any inquiries is “I am not at liberty to discuss this matter.” Under no circumstances should any reference be made to the “allegation,” “the crime,” “the fraud,” “the forgery,” “the misappropriation,” or any other specific reference.

The reporting individual should be informed of the following:

Do not contact the suspected individual in an effort to determine facts or demand restitution.

Do not discuss the case, facts, suspicions, or allegations with anyone unless specifically asked to do so by the Managing Director or a Director.

Termination

If an investigation results in a recommendation to terminate an individual's employment, the recommendation will be reviewed by HR and by external sources (if necessary), before any such action is taken. The Managing Director does not have the authority to terminate an employee, instead must follow the established Disciplinary process.

The decision to terminate an employee is made by the employee’s senior management.

Administration

The Compliance Manager is responsible for the administration, revision, interpretation and application of this policy. The policy will be reviewed annually and revised as needed.