Risk Management: Preventing fraud. ¿What are the central securities depositories doing to mitigate this risk? Santiago de Chile, April 4, 2014

1 ©2014 KPMG Advisory Services Ltda., sociedad colombiana de responsabilidad limitada y firma miembro de la red de firmas miembro independientes de KPMG afiliadas a KPMG International Cooperative (“KPMG International”), una entidad suiza. Derechos reservados. Tanto KPMG como el logotipo de KPMG son marcas comerciales registradas de KPMG International Cooperative (“KPMG International”), una entidad suiza. Content I.Contextualization 1.¿What is fraud? 2.¿Who is the typical fraudster? 3.Cost of the fraud II.Risk of fraud in the industry 1.Kinds of fraud the industry is facing 2.Industry-specific risk III.Mitigating these risks 1.Fraud management system 2.Prevention, detection and response mechanisms

2 ©2014 KPMG Advisory Services Ltda., sociedad colombiana de responsabilidad limitada y firma miembro de la red de firmas miembro independientes de KPMG afiliadas a KPMG International Cooperative (“KPMG International”), una entidad suiza. Derechos reservados. Tanto KPMG como el logotipo de KPMG son marcas comerciales registradas de KPMG International Cooperative (“KPMG International”), una entidad suiza. ¿What is fraud? Generally, fraud is described as a deliberate act of abuse of trust, taking advantage of swindles, it is done for profit without the consent of the concerned company.

3 ©2014 KPMG Advisory Services Ltda., sociedad colombiana de responsabilidad limitada y firma miembro de la red de firmas miembro independientes de KPMG afiliadas a KPMG International Cooperative (“KPMG International”), una entidad suiza. Derechos reservados. Tanto KPMG como el logotipo de KPMG son marcas comerciales registradas de KPMG International Cooperative (“KPMG International”), una entidad suiza. Profile of the typical banking and financial sector fraudster

4 ©2014 KPMG Advisory Services Ltda., sociedad colombiana de responsabilidad limitada y firma miembro de la red de firmas miembro independientes de KPMG afiliadas a KPMG International Cooperative (“KPMG International”), una entidad suiza. Derechos reservados. Tanto KPMG como el logotipo de KPMG son marcas comerciales registradas de KPMG International Cooperative (“KPMG International”), una entidad suiza. Economic damage caused by fraudulent activities The damage caused by financial fraud amount to 3.5 trillion USD globally. The main reason of impact in the financial industry is given by:

5 ©2014 KPMG Advisory Services Ltda., sociedad colombiana de responsabilidad limitada y firma miembro de la red de firmas miembro independientes de KPMG afiliadas a KPMG International Cooperative (“KPMG International”), una entidad suiza. Derechos reservados. Tanto KPMG como el logotipo de KPMG son marcas comerciales registradas de KPMG International Cooperative (“KPMG International”), una entidad suiza.. Most common kinds of fraud Typically, in the financial industry fraud committed by:

6 ©2014 KPMG Advisory Services Ltda., sociedad colombiana de responsabilidad limitada y firma miembro de la red de firmas miembro independientes de KPMG afiliadas a KPMG International Cooperative (“KPMG International”), una entidad suiza. Derechos reservados. Tanto KPMG como el logotipo de KPMG son marcas comerciales registradas de KPMG International Cooperative (“KPMG International”), una entidad suiza. Irregularities related to theft of money using invoices Robbing money using invoices False sales and/or non-registered sales. Sales of the investors securities hiding or altering the true records. Payment alteration and/or non-registered payments. Dividend payments made to third parties unidentified. Alteration and/or submission of false information. The lack of detection mechanisms for false information, allows the third party investors accounts to be violated. Lack of integrity of the information stored in the database. The lack of integrity in the data, leads the information in databases to be inaccurate, incorrect and easily lost.

7 ©2014 KPMG Advisory Services Ltda., sociedad colombiana de responsabilidad limitada y firma miembro de la red de firmas miembro independientes de KPMG afiliadas a KPMG International Cooperative (“KPMG International”), una entidad suiza. Derechos reservados. Tanto KPMG como el logotipo de KPMG son marcas comerciales registradas de KPMG International Cooperative (“KPMG International”), una entidad suiza. Irregularities related to fraudulent disbursements Fraudulent Disbursements Alteration and/or duplication of investors accounts. This kind of illicit fact is used to make double, parallel or bartered payments. Lack of control over unidentified investors. The lack of controls over unidentified investors, allows the investors accounts to be easier to perpetuate. Alteration of beneficiaries. Changes the beneficiary information in order to make securities' sales, or third party payments Lack of communication and/or control with the emitter. A non-approved dividend payments by the issuer, generating erroneous payments or benefiting a third party.

8 ©2014 KPMG Advisory Services Ltda., sociedad colombiana de responsabilidad limitada y firma miembro de la red de firmas miembro independientes de KPMG afiliadas a KPMG International Cooperative (“KPMG International”), una entidad suiza. Derechos reservados. Tanto KPMG como el logotipo de KPMG son marcas comerciales registradas de KPMG International Cooperative (“KPMG International”), una entidad suiza. Irregularities related to cybercrime Cybercrime Unauthorized access (Social engineering & Hacking). The lack of strong controls allows the access to confidential information. Identity theft. Investors’ identity theft in order to generate payments to a third party. Intercept information. Through controls penetration or social engineering. Websites’ identity theft. Phishing - Computer Abuse in order to acquire sensitive information from third parties.

9 ©2014 KPMG Advisory Services Ltda., sociedad colombiana de responsabilidad limitada y firma miembro de la red de firmas miembro independientes de KPMG afiliadas a KPMG International Cooperative (“KPMG International”), una entidad suiza. Derechos reservados. Tanto KPMG como el logotipo de KPMG son marcas comerciales registradas de KPMG International Cooperative (“KPMG International”), una entidad suiza. Companies in the financial industry that has a fraud risk management program

10 ©2014 KPMG Advisory Services Ltda., sociedad colombiana de responsabilidad limitada y firma miembro de la red de firmas miembro independientes de KPMG afiliadas a KPMG International Cooperative (“KPMG International”), una entidad suiza. Derechos reservados. Tanto KPMG como el logotipo de KPMG son marcas comerciales registradas de KPMG International Cooperative (“KPMG International”), una entidad suiza. Mitigating the fraud risk Fraud risk management program: PreventionDetectionResponse Supervised by: Board of Directors / Audit Committee, control and compliance areas (Risk Management and Internal Audit) Fraud Risk Assessment Company network firewalls Due Diligence of employees and third parties Anti-corruption policies and manuals Training the internal audit team Anonymous reporting mechanisms (line ethics) Audit supervision and control areas Proactive Data Analysis (DA) Data mining of critical business Monitoring routines Internal investigation protocols Fraud risk matrix for all the organization Corrective actions protocol

Thanks Arturo del Castillo Partner KPMG Advisory Services Ltd. Tel: