Sunday, 6 February 2011

Are we doing enough to reduce identity theft and fraud?

In the past few years, there has been an increase in identity theft reported by various organisations. The economy and the society have to bear billions of pounds of losses caused by identity (ID) theft. According to the Home Office, ID frauds cost the UK economy nearly £1.7 billion a year. Although FSA, Home Office and other fraud prevention organisations like CIFAS are taking proactive measures in reducing fraud, the question is, are private sector organisations doing enough to combat fraud?

In 2008, more than 16.5 million people were placed at risk when their identities were lost or stolen by the financial services firms, reported by Computer Weekly.

Last year (2010), CIFAS, the not for profit association dedicated to prevention of fraud in UK identified and protected over 89,000 victims of identity theft. This has increased over nine-fold from 9,000 cases reported in 1999.

Almost every other retail business has an online presence. If you don’t have an online presence, you may be missing a business opportunity, which entices businesses to create ecommerce sites without realising the responsibility to the consumer it brings with it. Stealing an identity for professional criminals is easy, all you have to do is to go through someone’s paper waste and recover bills and invoices. Unless you live in Knightsbridge or South Kensington where due to the high rate of identity theft, residents take extra precautions in shredding every single invoice, people are generally laid back in how they dispose of important documents.

On the street, it is very easy to obtain official documents illegally. Consider opening a bank account and if you are a foreign student or just moved to UK you may have very little to none identity footprint. So how could you be eligible for a credit card, or bank account or even a mobile phone? The answer is to manufacture an identity through illegal means. Small and medium size financial organisations are aware of this and are most vulnerable but most use manual application forms while demanding paper based proof of identity documents from customers. Paper based procedures open the door for organised fraudsters and criminals to cheat the system. SMEs also tend to use manual identity verification sources to run identity and sanction checks which are time consuming. With high volumes, employees have to dedicate their time to running these checks instead of doing more productive work which causes pressure and often results in compromises in decision making. Simply put, more sophisticated systems are needed to solve these problems.

Similar problems exist for local authorities as most are suffering from project and hiring freezes. Council employees are under pressure to complete their work obligations because of shortage of staff. With increasing unemployment and layoffs, citizens are forced to claim benefits which further creates a strain on the council’s budget. Most councils rely on paper based procedures which like the SMEs in financial and retail sector, open room for the organised fraudsters to operate in.

Tabaq Software's Fraud Prevention Solution is an automated online electronic ID authentication solution developed on top of the jComply GRC platform. The solution offers a risk based approach to identity authentication by directly integrating with data providers such as Experian, Complinet, World Check, MK Denial, FSA, UK Companies House, FOA and more. The paper based forms are replaced by workflow based online forms which run automatic checks with the subscribed data sources while maintaining a full audit trail to prove compliance. With email notifications and alerts, employees are equipped with a system that enhances productivity, efficiency and reduces the cost of compliance.

To learn more about this system and how you can benefit from it, please email or call Sultan Noori at 01344 668400.

Sunday, 24 October 2010

Why should businesses move to Electronic ID Verification?

Most businesses today still rely on manual application processing and identity verification. On the other hand, identity theft is on the high. There are more online businesses than ever before selling goods. From the consumer’s perspective, an average consumer is very aware of the identity theft and majority are apprehensive about disclosing confidential information to businesses online. Online retailers, especially the small to medium size businesses have little investment or understanding of the risks associated with identity theft. This is because the retailers outsource the credit card processing to third parties thereby transferring the risk to someone else. Or have they really transferred the risk?

Most small and medium size financial institutions rely on paper based applications with applicants required to submit paper documents (passport, utility bills, etc.) as proof of identity. There is a difference in perspective as applicants generally do not feel comfortable in submitting paper based documents. Delay in submitting the paper documents can cause the business a new customer. Paper based procedures also open the doors for fraudsters to submit forged documents.

All of the above mentioned practices, beliefs and difference is perspectives create a market place that is ripe for the identity thief and intelligent fraudster.

The solution is to move the paper based application forms to digital workflow based forms with electronic verification of identity. The workflow based forms provide cost savings in paper and human resource and also fulfils compliance requirements. The electronic verification of ID eliminates the need for paper documents for customer due diligence. It eliminates the risk of a fraudster submitting forged documents and fast tracks the process of identity verification.

If you require help with converting a manual paper application form to an electronic workflow based form or integrating with electronic ID verification, Tabaq Software has the solution for you. Tabaq has successfully converted paper based procedures into workflow based procedures and also partner with identity management providers to provide a completely integration solution.

To get more information on electronic ID verification and workflow based forms, email

Tuesday, 10 August 2010

A Complete Compliance Solution to KYC

One of a number of ways jComply can support clients in meeting their FSA requirements is with KYC. But what should KYC cover?

Whilst surfing the web for KYC solutions I am inundated with solutions to support anti money laundering, this is certainly a part of the issue but by no means the entire solution.

What Does Know Your Customer - KYC Mean?

A standard form in the investment industry that ensures investment advisers know detailed information about their clients' risk tolerance, investment knowledge and financial position.

KYC forms protect both clients and investment advisers. Clients are protected by having their investment advisor know what investments best suit their personal situations. Investment advisers are protected by knowing what they can and can not include in their client's portfolio.

So protection covers both sides of the desk. On the one hand, the financial institution needs to understand the client not just for their own corporate governance but just as importantly to understand the clients needs too.

Many of our financial clients have turned to jComply to support the management of their policies and procedures. Take a look at the client reference at

Here, our client began to use jComply to support training of staff in policies and procedures however, by working with Tabaq's post sale consultancy team a number of further usages have been prescribed.

An area that was expressed as a concern during a recent visit to Central Markets had been with client suitability. A paper based fact find is currently carried out with the prospective client over the telephone, with a suitably qualified interviewer.

Depending on the outcome of the questionnaire a decision is taken as to the suitability of the applicant to be a client. This could be granted immediately, referred to a more senior manager or lead to a decline.

Some training is available to support the claim of the applicant that they are suitably aware of the derivatives and spread betting market.

By developing an electronic fact find form within jComply, the current paper based system could be improved.
The e-form system will ensure that all mandatory sections are completed satisfactorily, the e-form itself would be version controlled, a full auditable and time/date stamped version is recorded and stored within jComply and all answers could be linked back to a weighted response, signalled as red amber or green to highlight suitability by way of corporate standards rather than an interviewers own subjective interpretation.

Leading on from the fact find, the question library could be extended to an application section, where applicants are given a password to enter into the training section to understand derivatives and spread betting and of course eventually take an examination.

This would identify all acceptable clients to an external auditor through the auditing features within jComply.

All of these actions are achievable within the standard version of jComply and the e-forms module.

The deliverables are obvious and include:
• A complete reduction of paper.
• Increased security of client data.
• All applications are controlled within the secure environment of jComply.
• Subjectivity is reduced assessing the suitability of a client for certain types of trading.
• The applicant is taken through a thought provoking, self assessment that will encourage fair trading all round.
• Accessibility through a secure web link enables access through a secure log in from anywhere.
• eMail notification and time nagging features ensure an application is carried out in an appropriate timescale, convenient to both client and broker.
• Integration into existing Customer Relationship data base ensures consistency of client information.
• Workflow to senior managers for exceptions only, reducing none relevant applications.
• Automatic notification that supporting application information has been sent such as age consent forms.
• An efficient and effective way to demonstrate client due dilligence.

Of course, anti money laundering is still important an as such we have designed an additional e-form to cater for AML reporting thus improving the way the client carries out SAR's ( suspicious activity reporting). Once again the inbuilt workflow and security area within jComply provides an excellent method of achieving SAR's regulations for front line workers.

Certainly this solution has driven down the cost of governance at our client and will do so whilst improving the effectiveness of the FSA compliance process.

For more information or a demonstration visit
or email
Or telephone 01344 668400

Monday, 9 August 2010

What are the benefits of BPM in Compliance?

Business Process Management has been around for some time. However it has often confused potential customers rather than making it easy for people to adopt BPM to reap the rewards of process automation.

What is BPM?

Business Process Management is a management approach to improve the business processes in order to make them more efficient, effective and agile or quick to change as and when needed. Technology based BPM systems or suites have enhanced the concept by providing GUI design environments which even the non-technical people can use to design or model their business processes. This has tremendously increased the application of BPM to a wide range of business processes. Especially the processes that require large volume of transactions, or complex collaboration and integration with disparate systems, or rules based decision making, or transactions that require full audit trail for compliance are best suited for BPM.

There are a number of BPM technologies out there, from high priced third party software to open source BPM suites. Open source solutions tend to offer the best of both worlds. Not only they are free to use but open source solutions like jBPM and Process Maker come with GUI development environments and plug-ins to make the life of a business analyst real easy.

How can BPM benefit compliance?

Business process improvement is continuously ranked as the top business priority by business managers, according to a recent survey. There are many options for improving the business processes – ranging from complete process re-engineering to adopting new process management methodologies, such as Lean Six Sigma, or adding new capabilities to existing system. An investment in the right BPM suite can enable an organisation to embark on a sustainable business process improvement programme.

Mikel Harry, one of the founders of the Six Sigma methodology, has documented the economic impact of focusing on process improvement. Using the base measure of his methodology – Sigma, Dr. Harry provides a tangible example of how companies like GE have benefited from a commitment to process improvement:

With just a one-sigma shift, companies will experience a 20 percent margin improvement, a 12 to 18 percent increase in capacity, a 12 percent reduction in the number of employees, as well as a 10 to 30 percent capital reduction.
(Source: Six Sigma: The Breakthrough Management Strategy, Mikel Harry, Richard Schroeder)

The core benefits of BPM include efficiency, effectiveness and agility. The first benefit seen of a business improvement is that of improved efficiency. For example, Darlington Borough Council realised savings of 1,000 hours when they moved their manual accident and incident reporting (including manual data entry to MS Access database) to jComply Accident and Incident Management Module.

As the efficiencies are realised, the organisation focuses on making the process more effective. Often inconsistencies and loop holes are realised when the new processes are implemented. For example, in a healthcare organisation, patient pathway was reduced to 18 weeks (nearly 25%) as a result of cancelling the repetition of tasks performed in two different departments.

One of the most useful benefits of BPM is that organisations can continue to change and adapt their business processes to the changing business needs. Agility is a well known concept in a more technical arena of Service Oriented Architecture (SOA). Some of our customers change their processes a few times a year. The cost on the process change so insignificant, it is easily superseded by increase in efficiency, effectiveness and conformance to regulations.

Merging BPM with Compliance

jComply BPM is a compliance application based on a Business Process Management Suite. jComply has all the features of an enterprise compliance application such as policy and procedure management, version control, reusable question library, eLearning, audit trail, scheduling, escalation and reporting. Combining the compliance features with BPM Suite, has powered jComply with workflow based task management and real time notifications to produce solutions such as the following:

• Accident and Incident Management

• Know Your Customer forms including Client Fact Find and Customer Due Diligence

• Health and Safety checklist and reporting

• Risk Assessment form

• Supply chain procedure management

To learn more about jComply, visit or email or call +44 1344 668400.

Wednesday, 21 July 2010

Supporting RIDDOR.

The Reporting of Injuries, Diseases and Dangerous Occurrences Regulations 1995 (RIDDOR), place a legal duty on:
· employers;
· self-employed people;
· people in control of premises;
to report work-related deaths, major injuries or over-three-day injuries, work related diseases, and dangerous occurrences (near miss accidents).

There is a well established web page available within the HSE web site at where a Health and Safety Officer within a company or organisation can report such matters to comply with legislation.

THE BIG PROBLEM FOR THE HEALTH & SAFETY OFFICER IS...... How do you get that information reported back from staff within your organisation to the Health & Safety Officer for him or her to report back to HSE?

This was certainly a headache for a number of our jComply clients until, working with a Health and Safety Officer from one of our local authority clients, Tabaq Software developed an e-form module to support the reporting process.

The e-form module utilises the workflow and reporting features already built into jComply as well as the user security facilities that can identify who has used the e-form and can restrict usability at various stages of the workflow.

The health and safety reports that are included within the e-forms module are Accident Reporting, Incident Reporting, Near Miss Reports/ Hazard Report Form and a Health and Safety Check list

The benefits are tremendous and include:
ü A full audit and reporting process for accident and incident internal reporting.
ü eMail notification and time nagging for users and managers to act on.
ü All mandatory fields are forced for completion.
ü All incidents are now stored and archived within jComply and are easily searchable for later retrieval.
ü Additional reports can be produced for line managers and outside agencies as PDF’s automatically.
ü Overall time saving for health and safety officer when administering the process.

For more information email

Tuesday, 1 June 2010

FSA get tough on AML

It was interesting to read on our partner site that a company was recently subject to fines by the FSA on the topic of anti money laundering.

The interest from my perspective on this article was that the company had not been subject to any misdemeanour themselves, but had failed to provide adequate processes and control within their company to possibly prevent an incident occurring.

The lack of control of process had also lead to questionable levels of competence with regard to staff.

Only by developing formal policies and procedures, in line with the business and reviewing these on a regular basis to ensure the such policies are still fit for purpose and finally, communicating these to the appropriate personnel can a company expect to meet its regulatory obligations.

We are seeing more and more examples of this type of prosecution from compliance regulators and not just in financial areas. Those responsible for managing compliance within their firms should insist that proper control processes are in place. Certainly in this day and age this should lead to some form of integrated system.

It was also interesting to read within the article that both the company and the senior manager responsible for the policy process had been fined in this matter. There is no excuse for organisations, large or small not to control these matters and there are some excellent solutions within the market place to support such control.

Tabaq Software have developed and market jComply, a web based policy and procedure management application.

In addition to the core application we have developed a number of add on modules to enhance the product to meet certain industry specific needs, this includes working with quality partners such as Complyport to ensure our clients staff are full trained in up to date material such as AML and TCF.

As a professionally developed, web based application jComply is available as a traditional client owned tool or as a Software as a Service (SAAS) solution which is proving very useful for our smaller clients.

Complimented with our FSA training content from Complyport, Tabaq Software continue to provide our financial and insurance clients with complete competitive corporate governance solutions. For further details or for a product demonstration contact

Wednesday, 21 April 2010


Gartner predicts that the Software-as-a-Service (SaaS) market eclipsed $820 million in sales in 2008, up from $643 million in 2007, and will continue to grow at a compound annual rate of more than 30 percent for the next three years. What is driving more and more companies worldwide towards SaaS?

Whether it's a Fortune 500 company or one man band running a brokerage house the days of downloading and installing the latest version of an anti-virus to your PC are over. With the ever increasing usage of mobile devices, social networking sites as well as dependency on user-generated content for business purposes, analysts say the breadth and depth of gaping security holes grows faster and more insidious by the hour. This combined with the fact that companies can only control up to a certain extend what their employees are downloading or installing on their individual PCs makes a company’s entire network vulnerable to hackers. Given this scenario its easy to understand why more and more companies are turning towards Software-as-a-Service (SaaS). Information Security is one of the driving reasons why companies feel the need to turn towards a more secure solution such as SaaS.

Besides security, another major reason for companies’ shift towards SaaS is controlling operation costs. To be in sync with today’s highly competitive environment companies need to invest time and money in the latest software and technologies relevant to their businesses. But due to the operation cost of hiring and training of IT staff, investing in hardware and software, most companies lack behind. In such a situation SaaS seems to be the obvious solution. Through SaaS the companies get access to the latest technologies without disturbing their operational costs.

Companies such as Tabaq Software are offering specialised solutions in SaaS. jComply, a complete policies and procedures management system by Tabaq is available as Software-as-a-Service. jComply SaaS is cost effective, faster to deploy, requires no initial capital outlay and is scalable.
For more information on jComply SaaS visit