POL00448530
POL00448530
Forensics and Integrity
Services — Whistleblowing
Assurance Review
Appendices
July 2022
Confidential
=
EY
Building a better
working world
oo i om © 8 &
Industry
Understanding Why EY & insights &
of your needs credentials best practices
Approach &
Proposed team methodology Commercials Dependencies
CVs —Delivery team
» Spencer is a partner in the Financial Crime and Forensics practice specialising in the Financial
Services sector.
‘Spencer joined EY in January 2022 having worked in the banking Industry since 2006, prior to
which he was at PwC for five years in their Gobal Risk Management Solutions practice.
Spencer has worked in Front Office roles for Barclays and JPMorgan, as well as within Finance,
Operations and Technology divisions whilst at Deutsche Bank. Additionally Spencer spent time in
3rd Line whilst at these three institutions executing and leading Audits and investigations.
Professional Experience
» COO for Group CTO for large international bank with budget accountability for c.EUR1.4bn annual spend and responsibility for workforce of c. 9k FTE
> Head of “Change the Bank” (CtB) Portfolio with responsibility for c. EUR 2bn annual spend and accountability for ensuring strong return on investment at divisional portfolio levels and on
aggregation at Group level. Responsibilities include working closely with Group CFO, Group CEO and divisional ClOs, along with regularly reporting to Group Non-Executive Directors and Audit
Committee.
» Divisional Control Officer for Group Operations leading c. 150 FTE covering the design, build and implementation of 1st LOD control frameworks, and subsequent period assurance testing
execution.
» Chief Auditor for Group Operations; leading team of ¢.40 auditors covering middle and bank office processes for Retail Banking, Corporate & Investment Banking and Wealth divisions of an Tier 1
international bank
» Asia Pacific Head of Prime Services Risk for Gobal Investment Bank. Responsibilities included liaising with local regulators, design and sale of margin algorithms to hedge fund clients and
partnering closely with Credit Risk to ensure lending to Hedge Funds remained within risk tolerance.
» European Head of Equities Audit for global investment bank executing audits of Cash Equities, Equity Derivatives and Algorithmic trading
» Delivered whistleblowing framework review for Gobal bank in support of Statutory Audits
Rachel is a forensic investigations and financial crime compliance partner with 24 years
experience specialising in working with retail, commercial and private banks, asset management
firms and insurance companies.
She has successfully led multi-disciplinary teams working on some of the largest FS regulatory
investigations conducted in recent years
Rachel has worked with global banks on high profile whistieblowing incidents and investigations
including allegations against senior management.
Investigations
> Reviewed the operations of investigations teams at two universal banks based in Switzerland to assess their investigation methodology and internal escalation of issues. Our review highlighted
several areas of improvement including the centralisation of investigations
» Rachel founded and runs a quarterly meeting of the Heads of Investigation at 8 major banks with operations in London. The purpose of this group is to discuss emerging trends and share best
practice
Whistleblowing
» Qurrently working with a global bank based in Europe to review their whistleblowing programme. This work includes meeting with the bank quarterly to review the report the Board on
whistleblowing , understand trends that need investigating, reviewing investigation trends and benchmarking their whistleblowing process against peers. This work is being done to respond to.
regulator criticism and has been ongoing for two years
» Investigated high-profile whistleblowing allegations at a UK governmental department. The allegations included fraud and unethical behaviour of civil servants. The evidence
gathered enabled the department to establish the veracity of the allegations and take appropriate actions. The allegations and our work was reported in the media
Industry
Understanding Why EY & insights & Approach & .
of yourneeds I credentials I best practices I Proposed teamI methodology I Commercials
Dependencies
POL00448530
POL00448530
POL00448530
POL00448530
CVs —Delivery team
» Abbie isan Assistant Director in the Financial Crime and Forensics practice specialising in the
Financial Services sector
» Prior to joining EY Abbie spent 4 years at a large UK bank; she worked in the Litigation &
Investigations team, leading, planning, executing and delivering large and complex investigations
into sensitive and high profile matters, focusing on financial crime and regulatory compliance.
® Abbie has been able to apply her experience in project management and investigations to
proactive financial crime prevention and compliance work.
Whistleblowing
» Abbie managed and delivered a substantial investigation into multiple financial crime allegations (including Sanctions and ABC) at a UK branch of an overseas financial institution. She performed deep
dives of customer files to compare against policies, procedures and regulation and conducted multiple interviews with subjects of investigations whilst ensuring confidentiality and anonymity of the
reporters were protected. Abbie presented results of the sampling and communications review in written reports to the client.
Investigations
» Alarge retail bank needed to respond to multi-jurisdictional regulators’ questions in relation to a high profile financial crime matter. Abbie managed senior stakeholders, internal and external advisors
and delivered the project to regulatory deadlines. Abbie analysed bank accounts, SWIFT transactions in order to identify proceeds of crime and bribery and corruption and reviewed CDD and KYC
documents for compliance with internal policies and regulation. She also identified and provided advice on strengthening the policies and control frameworks in line with regulation.
» Abbie conducted a review of a financial institution's financial crime (AML, CTF, Sanctions, ABC, ATE) framework, which included mapping of risk assessment and policies and procedures to regulations
for a sensitive transaction. She conducted a risk based sampling exercise to test the due diligence collected by the information in their onboarding process. She presented results of the review ina
report to the client and made constructive recommendations for areas where their framework (such as policies, procedures and framework could be improved
Framework review
» Abbie was seconded to the Gobal Financial Crimes team of a large investment bank to support with implementation of their international financial crimes framework. She worked with senior
executives in developing their Financial Crime project plan and supported and the Giobal Financial Crimes team in delivering their financial crime framework by performing multi-jurisdictional
regulatory mapping, policy and procedure gap analysis and remediation recommendations, drafting of framework documentation and formalised procedures for reporting and escalation mechanisms
Michelle is an Assistant Director in the Forensic & Integrity Services practice, specialising in
financial services and public sector entities.
Prior to joining the practice in 2011 she gained six years of audit experience with EY across a
wide range of industries and clients, including listed and private companies.
She is experienced in the review and gap analysis of anti-fraud, whistleblowing and ABC policies
and procedures, investigations of transactional behaviour and specific allegations of fraud,
corruption or misconduct
—
Whistleblowing
» Supported a large UK retail and commercial bank with the implementation of enhancements to their whistleblowing framework, including assessments of policies and procedures, skills and capabilities
of investigators, colleague treatment and communications, Provided detailed current state summaries, assessments against market practice and recommendations for next steps to stakeholders
Reviewed the audit client response to a whistleblowing allegation in the retail sector. This review included interviews with the whistleblowing committee and investigation team, as well as a review of
underlying document submissions to form a view of the investigation process and any risk exposure. Recommendations for process improvements were provided
Investigations
» Performed an investigation into misuse of client funds in the legal sector. This review comprised the forensic imaging of the employee's office and a detailed general ledger review of client accounts
to establish the validity of payments made. Findings were provided to the client in a summary report to enable them to take further action
Conducted a shadow investigation to assess an audit client’s investigation into financial system integrity following a large scale cyber attack. Our procedures concentrated on the validity of the
ledgers and trial balances to allow the audit team to gain comfort over reported numbers. We also performed procedures to identify any fraudulent payments made during a period of disruption
Performed an investigation into alleged inappropriate gifts and entertainments provided by a regional office to public officials in the insurance sector. This investigation included a review of the fund
flows of all policies that could be linked to key individuals, as well as review of policy documentation and payment authorisations.
Industry A ne
Understanding} Why EY & insights & pproacl :
of yourneeds I credentials I best practices I ProposedteamI methodology I Commercials I Dependencies
POL00448530
POL00448530
CVs — Delivery team 3
Tom isa manager in the Financial Services Forensics team,
He joined EY in 2014 and has both Forensics and Audit experience, working with broker dealers,
private, retail, and investment banks, private equity and leasing firms.
Tom has experience working on whistleblowing framework, transaction monitoring program, and
internal fraud strategy reviews, as well as developing financial crime and product risk
assessments,
Investigations
> Holds quarterly calls with the Head of Investigations at a large UK bank to discuss investigation updates and trends, covering control deficiencies and planned control enhancements
> Performed transaction analysis as part of a controls assessment and root cause analysis to support a major fraud investigation at a large UK bank
> Conducted shadow investigation of a financial firms response to a major cyber incident
Whistleblowing
> Worked on whistleblowing framework reviews for a number of FTSE 100 banks. This included reviewing policies and procedures against regulation and peers, building QA checklists, reviewing
training completeness and Mi depth, as well as performing investigation case file reviews.
> Worked on the implementation phase of a FTSE 100 bank's whistleblowing enhancement project, including policies and procedures updates, developing a communications plan and protection
program for employees facing detrimental treatment, and intranet site refresh.
> Works in the whistleblowing solution team and provides training to EY teams (Financial Services, and UKI Forensics teams, and the Financial Services FinCrime team),
Evan is an Manager within the EY Financial Crime and Forensics team with over 7 years of
experience working with clients across the financial services sector.
G RO » Evan has experience delivering whistleblowing framework reviews following extensive periods on
secondment within an in-house conduct function
Evan isa trained investigator and has worked on high profile investigations both domestically and
internationally
Whistleblowing
> Evan has recently completed a Gobal and UK based whistleblowing maturity assessment where the resulting recommendations were received by senior stakeholders in the organisation
> These whistleblowing assessments reviewed the current state of the organisation's whistleblowing infrastructure, resourcing, communications, and culture. The review also explored the
investigation processes and documentation to understand where potential improvements could be implemented
> As part of his secondment to a large UK retail bank, Evan worked within the conduct function to help implement and understand how different stakeholders in the whistleblowing ecosystem
interacted, and where processes and procedures required enhancement or additional support
Investigations
> As part of his secondment, Evan was also responsible for assessing the quality of conduct investigations coming from the bank's whistleblowing infrastructure. This work involved performing
comprehensive reviews of case handling across the investigative life-cycle, and understanding the impact this had on colleagues impacted by the process.
Evan was also responsible for conducting whistleblowing investigations where the existing internal investigations teams were conflicted or unable to perform them.
Work on the secondment assisted in uplifting the bank's whistleblowing policies, procedures, and supporting investigative processes.
Evan performed the forensic investigation and governance review for one of seven state owned entities in a West African country as part of a mandate from international financiers.
His work included investigating key balance sheet and income statement accounts for public leakages, reviewing bank accounts to quantify losses over a seven year period and evaluating
weaknesses in the existing control environment
vvvy
Industry
Understanding Why EY & insights & Approach &
of yourneeds I credentials I best practices I Proposed teamI methodology
Commercials I Dependencies
POL00448530
POL00448530
CVs —Delivery team
Tom isa manager in the Financial Services Forensics team,
He joined EY in 2014 and has both Forensics and Audit experience, working with broker dealers,
private, retail, and investment banks, private equity and leasing firms.
Tom has experience working on whistleblowing framework, transaction monitoring program, and
internal fraud strategy reviews, as well as developing financial crime and product risk
assessments,
Investigations
> Holds quarterly calls with the Head of Investigations at a large UK bank to discuss investigation updates and trends, covering control deficiencies and planned control enhancements
> Performed transaction analysis as part of a controls assessment and root cause analysis to support a major fraud investigation at a large UK bank
> Conducted shadow investigation of a financial firms response to a major cyber incident
Whistleblowing
»
Worked on whistleblowing framework reviews for a number of FTSE 100 banks. This included reviewing policies and procedures against regulation and peers, building QA checklists, reviewing
training completeness and Mi depth, as well as performing investigation case file reviews.
Worked on the implementation phase of a FTSE 100 bank’s whistleblowing enhancement project, including policies and procedures updates, developing a communications plan and protection
program for employees facing detrimental treatment, and intranet site refresh.
» Works in the whistleblowing solution team and provides training to EY teams (Financial Services, and UKI Forensics teams, and the Financial Services FinCrime team).
Prior to joining EY in January 2022, Sophie worked for a global investment bank and previously
worked for a US-headquartered investigations firm.
Sophie has experience working on AML and sanctions assessments, conducting risk assessments
and performing integrity due diligence investigations.
Investigations
> Evaluated Whistleblower concerns and allegations to determine materiality and the Bank's responses to these allegations and participated in interviews,
> Identified and evaluated potential regulatory breaches in the Bank's procedures during the course of the Bank's internal investigations,
» Conducted ABC investigations as well as pre-transactional and M&A integrity due diligence with a focus on sanctions, reputational and litigation risk, primarily in Latin America and sub-Saharan
Africa
Framework review
> Worked closely with a leading international payment provider to establish a standardized MLRO Framework for the EMEA markets, based on current regulations and industry best practice.
Conducted document review to determine CSA and conduct a maturity assessment against peersEngaged on a shadow investigation following Whistleblower allegations of potential mis-selling of
financial products at a leading European bank.
Developed and implemented a sanctions Quality Assurance function for a global bank, including writing accompanying policies, procedures and operating manuals.
> Assisted with coordinating the EMEA Global Risk Assessment for a global bank, in order to identify and assess the Bank’s inherent and residual risk.
v
Industry A ne
Understanding] Why EY & insights & pproacl :
of yourneeds I credentials I best practices I ProposedteamI methodology I Commercials I Dependencies
Additional credentials
Cl Project summary and objectives
UK headquartered
financial institution
0
Multinational grocery and 0
general merchandise
retailer
A major UK retail bank
0
POL00448530
POL00448530
(7 Waiue deliveredto the client _
Our client identified the assessment and enhancement of its whistleblowing a
framework as a key priority in preparation for forthcoming regulations.
We reviewed the bank's existing activities and interviewed a number of key
stakeholders including branch visits to speak to frontline employees, consultation
with unions, and engagement with senior stakeholders and the responsible NED.
Following this, our client asked for our further assistance in improving the
management information reported to senior executives and the audit committee.
We worked with the bank to understand stakeholders needs, and developed user- 0
friendly management information dashboards, to allow stakeholders to easily
identify key risk areas and trends.
EY provided subject matter expertise, fieldwork resource and project management
support during a Group Internal Audit review of our client's whistleblowing
framework. Triggered by a direct request from the Chair of the Audit Committee,
the audit had high prominence from the start
We reviewed the client's existing internal guidance relating to whistleblowing , and
subsequently highlighted gaps and provided recommendations for improvement in
the documentation a
EY and client teams performed fieldwork testing simultaneously in eight
countries/regions, reporting into the central EY project management team. We
have subsequently been involved in the remediation efforts being driven by the
client to address the audit findings.
During the first year audit for the bank, we assisted both the audit team and our 0
client by assessing the existing whistleblowing framework and understanding the
control environment. Our client had a whistleblowing framework in place but was
seeking to improve its effectiveness and ensure compliance with the new
whistleblowing regulations. a
‘The bank has over 90,000 employees globally and a complex structure in a high
risk environment. We completed a thorough assessment of the whistleblowing
framework by reviewing policy documentation, training materials and other
publications; conducting interviews and walk-throughs; assisting in the
identification of controls; testing a sample of whistleblowing cases; and assessing
employees’ understanding of the whistleblowing process by conducting brief
interviews with staff at a selection of branch locations.
BQ,
Industry
insights &
best practices
Why EY &
of your needs credentials
Proposed team
We provided our client with an assessment of each element of the whistleblowing
framework against the EY maturity model, to indicate how the bank compared to leading
practice, allowing them to prioritise initiatives for improvement.
We were able to provide valuable insights from our experience of current leading practice
that were relevant to the bank, and give practical recommendations to help them further
enhance the whistleblowing framework,
Our client valued our practical recommendations and have requested us to re-assess the
framework following implementation of our recommendations.
Our team displayed sound judgement and knowledge of best practice in relation to the
creation and operation of whistleblowing frameworks beyond a central whistleblowing
line
We worked alongside the Internal Audit team to upskill them in the technical area of
whistleblowing and we received positive feedback on our support to the team
EY assisted the client's Internal Audit team to provide deliverables of a high standard
which stood up to testing when challenged by senior stakeholders within the business.
We completed a maturity model assessment and benchmarked our client against other
businesses using our past experience and the results from our UK&I whistleblowing Survey
2016
Our client used the results of our assessment to implement changes to the whistleblowing
framework both to comply with the new regulations and to enhance the effectiveness of
the process overall
Dy
Approach &
methodology Dependencies
Commercials
Additional credentials
Client Project summary and objectives
A global healthcare data
broker
A global shipping container &
port management
organisation
AUK financial management /
restructuring company,
focussed on the
transportation industry
A Software Development
company
1
1
0
a
EY were engaged to manage & deliver a number of investigative work streams which were
focussed on identifying proprietary data, which was being sold on a Chinese black market
website,
A number of disparate systems were analysed for log data which would lead to the
identification of the criminal seller. The resultant logs were correlated against other data
sources gathered during the course of the investigation and used to support the wider
investigative effort
EY teams in China, the US & the UK were engaged collaboratively on this project.
EY were engaged to investigate the possibility of a malicious backdoor being built into
container port management software.
EY were able to put a team of multilingual, multi disciplined cyber investigators on the
ground within 36 hrs of the initial request and commence technical interviews with the
client’s developers, working in conjunction with the client’s legal team.
EY were requested to perform some incident response activities following an apparent
mandate fraud, involving CEO Phishing attack which resulted in the loss of over £500, 000.
EY were able to quickly identify the compromised systems and perform both triage and
remediation activities.
Additionally EY were able to identify a number of activities that the attacker had
undertaken, including the registration of a number of domain names, which were
subsequently used in the fraud
EY were also able to assist with engagement with both law enforcement agencies and the
clients legal team
The client's internal Audit function had limited visibility over the whistleblowing process and
activities, and requested EY to perform a review of the company’s whistleblowing policy and
proThe client’s Internal Audit function had limited visibility over the whistleblowing process
and activities, and requested EY to perform a review of the company's whistleblowing policy
and processes, and to propose and conduct audit testing steps.
EY reviewed the policies and procedures, and identified gaps and deviations from leading
practice. After an initial review of the policies was conducted, the Head of Internal Audit
requested EY SME's assistance to conduct the audit of the process. EY reported significant
gaps with leading practice and issued detailed and actionable recommendations.
Why EY &
credentials
insights &
best practices
POL00448530
POL00448530
__ Value delivered to the client
1
i
Proposed teamI methodology
EY identified an number of types of data from a number of different client
platforms which were being sold openly on the black market
Additionally EY’s investigation identified a number of gaps and
inconsistencies in the clients log coverage, system integration and
investigation process errors.
A number of recommendations to improve the clients infrastructure and
investigations approach were made.
Through direct interviews and technical analysis, EY were able to determine
the reason for the presence of specific code, the requestors identity and the
longer term strategies for dealing with the code reviews.
EY were able to make a number of recommendations regarding secure code &
application development processes, which would reduce the risk from any
future code development processes.
EY were able to provide guidance through the incident, as well ason site
triage, analysis and remediation
The client benefitted from EY's Cyber Threat Intelligence capabilities as well
as our extensive information security experience
Pragmatic guidance regarding security policy & procedure was delivered in
direct relation to the phishing attack.
Criminal intelligence was developed by EY and submitted to the relevant law
enforcement agencies.
Asa result of EY's review, the client's Legal and Compliance stakeholders -
who are in charge of operating the whistleblowing process -were provided
with a specific view on the issues that were affecting the whistleblowing
framework and how to remediate (a 99)
‘The Head of Internal Audit increased her engagement with the Legal and
Compliance stakeholders and improved her visibility over the issues being
reported.
\
Dy
Approach &
Commercials I Dependencies
POL00448530
POL00448530
Slide 7
A20 cred provided by UK! from the German team
Author, 30/06/2022
POL00448530
POL00448530
Additional credentials
Client Project summary and objectives ‘ : (Value deliveredtothe client
FCA Enforcement 1 Emst & Young were appointed as lead investigators under S168 of the Financial This was a high profile and highly sensitive investigation with interest from the highest
investigation into the past Services and Markets Act to investigate an individual at the bank where there were levels of the FCA. Due to the sensitivity, strategic importance and scale of the investigation
governance and lending circumstances suggesting that the FCA Principles 5, 6 and 7 had been breached. it was critical to have a high level of partner and specialist involvement
practices at a large UK
headquartered financial ' Our work included 1 The project was managed through four worksteams (corporate governance, accounting
institution 1 Evidence gathering - We helped draft formal document and information requests and risk management, loans and impairments and rights issues) each lead by a Partner
submitted to the bank. We reviewed and analysed over 5,000 documents and with the relevant expertise. The team was cross-divisional and comprised more than 20
conducted over 20 interviews with senior management people with the relevant industry experience, technical and investigation skills and
1 Multi-disciplinary analysis - We deployed a team with experience of financial and knowledge of FCA processes.
regulatory investigations, including knowledge of the FCA Enforcement process,
drafting regulatory notices, preserving the integrity of data, interviewing under the
Financial Services and Markets Act and large scale project co-ordination. The team
also had expertise in forensic accounting, statistical analysis, policy analysis, data
analytics, loan portfolio modelling, and the UK Listing Rules.
1 Regulatory reporting - our report was used as the evidential basis for the FA's
Investigation Report and Final Notice against the individual 1 As Appointed Investigators, key individuals stayed involved with the investigation after the
original scope of the work had been completed, conducted further interviews and analysis
and presented the findings to the FCA senior management and the Regulatory Decisions
Committee hearings (RDC),
There was dedicated Project Management who directed and oversaw all workstreams and
had responsibility for co-ordinating and reporting the findings to the FCA. The team
worked closely with the FCA Enforcement team to manage the process of an FCA
investigation of an unprecedented scale and had regular meetings with the FCA and with
the bank to discuss the information required and the key findings.
1 The final notice issued by the FCA resulted in the largest penalty imposed on a senior
executive in the UK.
EN
I b-
Industry ~ ne
Understan Why EY & insights & pproacl : :
of yourneeds I credentials I best practices I Proposed teamI methodology Commercials I Dependencies
EY I Assurance I Tax I Transactions I Advisory
About EY
EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality
services we deliver help build trust and confidence in the capital markets and in economies the
world over. We develop outstanding leaders who team to deliver on our promises to all of our
stakeholders. In so doing, we play a critical role in building a better working world for our people,
for our clients and for our communities.
EY refers to the global organization, and may refer to one or more, of the member firms of
Ernst & Young Global Limited, each of which is a separate legal entity. Emst & Young Global
Limited, a UK company limited by guarantee, does not provide services to clients, For more
information about our organization, please visit ey.com
Ernst & Young LLP
The UK firm Ernst & Young LLP is a limited iabilty partnership registered in England and Wales with registered number 0300001
and is a member frm of Ernst & Young Global Limited,
Ermst & Young LLP, 1 More London Place, London, SE1 2AF
©2017 Emst & Young LLP. Published in the UK.
All Rights Reserved.
ey.com
Click to add text
Click to add text
Click to add text
POL00448530
POL00448530