ANTI-FRAUD POLICY
Approved by the Board on February 2, 2023

I. Introduction

The Board of Directors of MMG Bank Corporation, together with Senior Management, is responsible for promoting among their directors, executives, employees, clients and suppliers, the highest standards of ethical conduct.
Being aware that unethical behavior and acts of fraud may adversely affect the image of the Bank and therefore achievement of the vision and goals set forth by its stockholders, the Board of Directors has established an Antifraud Policy clearly stating the position of the Board in respect to fraud, the actions that are considered fraud, who is responsible for preventing, detecting and investigation fraud, as well as the procedure to lodge a fraud report.

II. Anti-Fraud Policy

Senior Management is responsible for the management, prevention and detection of fraud risk. Each member of the Bank should be alert to actions occurring within their area of responsibility and should be alert to any indications of fraud.

Any person who suspects or has knowledge or indications of the commission or possible commission of fraud must report it immediately, through any of the reporting mechanisms established for this purpose.

Fraud investigations will be coordinated with the Legal Department and affected areas.

III. Scope

The Anti-Fraud Policy applies to any event that involves the commission or possible commission of fraud, whether by any shareholder, director, executive or collaborator of the bank, as well as by any supplier or third party that has some type of business or contractual relationship with the Bank. This policy also includes the misuse of entrusted power for private gain through corruption and bribery.

IV. Actions Constituting Fraud

For the purposes of the Anti-Fraud Policy, fraud is defined as any act carried out by one or more persons with the purpose of appropriating, taking advantage of, or taking possession of someone else’s property, whether material or intangible, in an improper manner, to the detriment of another and generally due to the lack of knowledge or malice of the affected party.

Among the acts that are considered fraud, and not the only ones, are the following:

  • Any dishonest or fraudulent act.
  • Falsification or alteration of any information, signature, figure or content or of any document, whether of the Bank, its customers, suppliers or third parties.
  • Forging or altering checks, money orders, or any other financial document.
  • Misappropriation of assets of any kind, including money and securities, owned by the Bank or by third parties that are on deposit or in the custody of the Bank.
  • Improper or unauthorized use of the Bank’s or third parties’ assets that are deposited or in the custody of the Bank.
  • Misuse and/or unauthorized disclosure of confidential information of the Bank and/or its customers.
  • Misappropriation of commissions payable to the bank or generated by the employee as a result of the exercise of his/her functions in the bank.
  • Improper handling of money, cash reports, or financial transactions.
  • Obtain benefits or remuneration in any form resulting from the improper use or unauthorized disclosure of confidential information or intellectual property rights of the Bank or its clients.
  • Unauthorized disclosure of transactions that the bank conducts or contemplates.
  • Accept or request anything of material value from contractors, vendors, or persons who provide services/materials to the bank. Exception: Gifts with a value of less than $50.00.
  • Destruction, disposal, or improper use of records, furniture, objects, and equipment; and/or Any similar or related conduct.
  • Offering, promising, giving, or accepting an improper pecuniary gain or any other advantage for or to:
    • A public worker at the national level, local or international.
    • A political party, party official, or candidate; and
    • A director, officer, employee, or representative of a private company; to obtain or retain a business or other improper advantage.
  • Facilitation Payments
  • Conflict of Interest
  • Donations for Profit
  • Political contributions
  • Handling of funds from corruption

V. Other Inappropriate Conduct

The Anti-Fraud Policy also seeks to prevent conduct or acts that are contrary to morality and good manners.

Any questions as to whether or not an action constitutes fraud, the Internal Audit Manager should be contacted for guidance.

Suspicion of behaviors that go against morality or ethics on the part of the shareholders, directors, executives and collaborators of the bank, must be reported to the Human Resources department who will carry out the corresponding actions.

VI. Whistleblowing System

The Whistleblowing System is the channel through which members of the bank, its customers, suppliers or third parties can anonymously report any fraudulent conduct.

VII. Responsible for the investigation

Great care must be taken in the investigation of suspected fraud to avoid misleading accusations or alerting the suspect that an investigation is underway.

The Internal Audit Manager will be responsible for receiving complaints and will conduct investigations of reported facts that according to the definition of the policy constitute fraud.

Investigations will be conducted regardless of the suspect’s years of service, position/title, or relationship to the bank.

If investigations show fraud, the Internal Audit Manager will issue a report and present it to the Audit Committee.

Decisions to process or refer the results of the investigation to the appropriate law enforcement and/or regulatory agencies for an independent investigation will be made in conjunction with the Bank’s Legal Counsel and Senior Management.

Note: Reports related to the commission of the crime of Money Laundering and Terrorist Financing or the commission of fraud by a client will be handled by the Compliance Department and the Legal area, following the methodology and process of internal investigations established in the Compliance Manual.

VIII. Confidentiality

Those involved in the investigation process will treat all information received confidentially and will ensure that the anonymity of those who have submitted any report is protected.

The results of the investigation will not be disclosed or discussed with anyone who does not have a legitimate need to know. This is important to avoid damage to the reputations of people who have been found innocent in the course of the investigation and to protect the bank from potential civil liability.

IX. Report Procedure

Any person who suspects dishonest or fraudulent activity shall immediately notify the Audit Manager via the email address ‘denuncias@mmgbank.com’ or through the Whistleblowing System published on the www.mmgbank.com bank website. Only the Internal Audit Manager will be authorized to receive reports made through this channel.

Persons who make the report must at no time:

  • Contact the suspect in an effort to determine facts or request restitution.
  • Discuss the case, fact, suspicion, or allegation with anyone unless requested by the Internal Audit Manager.

Any inquiries regarding the activity or person under investigation should be directed to the Internal Audit Manager. No information regarding the status of the investigation may be provided without the proper authorization of the Internal Audit Manager. The appropriate answer to any question is, “I am not at liberty to discuss this subject.” Under no circumstances should reference be made to “allegation,” “crime,” “fraud,” “forgery,” “misappropriation,” or any other specific reference.

X. Investigation and Response Procedures

The Internal Audit Manager will confirm receipt of the report whenever possible and will immediately notify the bank’s Senior Management of the receipt of the report, provided that the report does not involve Senior Management.

The Internal Audit Manager will develop a strategy for the investigation of the report in consultation with any other area of the bank as appropriate.

When a report is received about an act or conduct that has not been provided for in the Anti-Fraud Policy, the Internal Audit Manager will determine which other authority of the bank will be responsible for dealing with such report.

The Internal Audit Manager will also inform to the Chair of the Audit Committee all reports received and recommended strategies for investigation. The Chair of the Audit Committee may provide support in directing and advising on the conduct of the investigation.

XI. Investigation Faculties

The Internal Audit Manager and his/her team will have:

  • Free and unlimited access to all the records and premises of the bank, whether owned or rented.
  • The faculty to examine, copy, and/or remove all or any part of the files, desks, cabinets, and other storage facilities of the premises without the prior knowledge or consent of any person who may use or have custody of any such items or facilities when within the framework of the investigation.

XII. Presumption of Good Faith

When a person files a complaint about the commission or possible commission of a fraudulent act, it shall be presumed that he or she does so in good faith and on the basis of real evidence or evidence.

If, after a complaint has been filed, it is proven that the complainant acted in a malicious manner and based on false facts, in order to harm the accused, Senior Management will have the right to apply the measures and sanctions that the law provides for such acts.

XIII. Absence of Reprisals

A person who reports the commission or possible commission of a fraudulent act may not be subject to reprisals, threats, discriminatory measures or sanctions of any kind. However, when it is proven that the report acted in a malicious manner and based on false facts, in order to harm the accused, Senior Management will have the right to apply the measures and sanctions that the law provides for such acts.

Anonymous complaint forms