Appian Asset Management ('Appian'), an Irish based and owned asset manager, has been fined 443,000 by the Central Bank for breaches of regulation regimes covering client asset protection, anti-money laundering, and fitness and probity. This was the first imposition of a sanction by the Central Bank where there has been a loss of client funds from cyber-fraud as a direct result of the firm's regulatory breaches
The breaches, which have been admitted by Appian, led to the loss of 650,000 of a client's funds as a result of cyber-fraud. The Central Bank, following an investigation, stated that Appian's failures were in the following areas:
it had defective controls to protect client assets against fraud; it had inadequate policies and procedures to monitor transactions, detect and report money laundering and provide its staff with appropriate training; and it failed to ensure that an employee, performing a role that might expose Appian to financial, consumer or regulatory risk, was fit for that role. These failures led to the success of a fraudster who, posing as the real client over a two month period, requested the liquidation of 650,000 of the client's assets to be paid into two third party UK accounts.
The Central Bank found that Appian had processed the request despite the presence of a number of red flags, signalling potential fraud and money laundering. For example, the e-mail correspondence from the fraudster contained a number of spelling and grammatical errors which were not consistent with the profile of the real client, that of a competent businessperson. The fraudster induced Appian to pay the proceeds of the redemption in to two separate corporate accounts outside of...