Investor Presentaiton
SBERBANK
170 YEARS. BY YOUR SIDE
ANNUAL REPORT
IMPROVING PRODUCT AND SERVICE QUALITY
170
corporate social responsibility >>
Infringements
Bank insider
BANK EMPLOYEE INFRINGEMENTS UNCOVERED IN 2011
schemes providing
unrecoverable loans using false
documents
Two incidents of customer
privacy violation and loss of
customer data due to the fault of
employees
Area
Response
Criminal charges filed against five employees identified as the result of an
inspection
The Prosecutor's Citation and the order of the respective federal supervisory
service (Roskomnadzor) regarding the incidents were executed; to prevent
similar incidents in the future, preventative steps were taken at all regional
banks
KEY MEASURES TO MINIMISE FRAUD RISKS
Ensuring customer security on
the Sberbank Online service
Preventing illegitimate
appropriation of customer.
money
Measures implemented
Implemented a new Sberbank Online security concept
Introduced a system of cumulative daily transaction limits
Introduced measures to reduce the visibility of financial products in
customers' personal areas
Ran a large-scale campaign (text messaging, press releases, web
publications) to educate customers about measures to prevent fraud
Resolved to install passport verification equipment for customers. Prepared
guidelines on how to identify forged personal identification documents
Approved the Action Plan on Preventing Fraud in Remote Banking Systems
We track all attempts at cash machine and card fraud and take timely
measures to counteract them. In 2011, we detected more than 700
incidents of skimming or similar equipment being installed at the
Bank's cash machines and criminal charges were filed.
The Bank uses the most advanced information security solutions to
minimise fraud risks. This was confirmed by the following:
An annual audit of the Bank's IT services management system,
including information security management, which confirmed
compliance with the requirements of the ISO/IEC 20000 interna-
tional standard;
Confirmation of the Bank's compliance with MasterCard's Logical
Security Requirements and Physical Security Standards;
-A successful audit of the Bank's compliance with mandatory per-
sonal data security legal requirements.
The Bank is currently implementing a system of measures necessary
for PCI-DSS certification.
The key developments in the field of anti-money laundering and
counter-terrorism financing (AML/CTF) in the reporting year were:
―The launch of a project to deploy an AML-class system, allowing
for extended analysis of customer transactions and timely iden-
tification of hidden connections between participants in money
laundering, illegal capital export or large-scale money transfer
schemes;
Enhancement of AC Back-Office three-tier architecture so as to en-
able effective analysis of retail customers' transactions for AML/
CTF purposes;
- Development of a unified distance learning course for managers
at customer service outlets and bank tellers;
A series of videoconferences with representatives from state fi-
nancial monitoring bodies in order to develop a common approach
towards identifying suspicious operations and transactions sub-
ject to mandatory control.
The Bank is currently implementing
a system of measures necessary for
PCI-DSS certification
In 2011, incidents of corruption were identified among both the
Bank's employees and its business partners. Given that combatting
corruption is one of the key elements of our corporate responsibility,
we carry out thorough investigations into such incidents and the
circumstances leading up to them, and take appropriate action based
on the results of investigations.
INCIDENTS OF CORRUPTION IN THE BANK'S
OPERATIONS IN 2011
Total number of employees dismissed or reprimanded for corruption
Number of contracts with business partners not prolonged due to corruption-related infringements
8
1
170 YEARS. IT'S JUST THE BEGINNING
WWW.SBERBANK.RU
171
^
corporate social responsibility
2011View entire presentation