Sometimes business owners or management have an outsized sense of business risks for a particular threat. For example, some companies place extreme emphasis on guarding their intellectual property (IP), when in actuality the incidence of IP theft for their industry might be low. Other times, however, their priorities are firmly in line with the threat posed by the risk. According to a recent study, this is exactly the case when it comes to leaks of internal information, data theft, and reputational damage due to third-party relationships (Global Fraud Risk Report 2019/20).

This report is based on a survey of 588 senior executives from 13 countries and regions and 10 industries. It provides valuable insight into what types of threats are keeping business leaders awake at night. “The broadening of the risk landscape is visible in the types of significant incidents our survey respondents report experiencing in the last 12 months and in the priority levels they assign to various risk mitigations,” the report states. “The most frequently cited incident is leaks of internal information, reported by 39 percent. But this perennial challenge now coexists with risks from relatively recent threats, such as data theft, and even newer threats, such as adversarial social media activity.”

business risks

Business information leaks occur when confidential information is revealed to unauthorized persons or parties. This happens with alarming frequency, as recent news stories illustrate. Headlines include “Stunning iPhone 12 video shows Apple’s leaked prototype design with no notch” (BGR, 2020); “New Leaks Show Business and Politics Behind Tiktok Content Management” (China Digital Times, 2020); “DOJ charges Defense Intelligence Agency employee for leaking highly classified information to the media” (Business Insider, 2019). There can be direct and/or indirect negative repercussions from an information leak at your business. It can affect product rollouts, or give you a disadvantage in a competitive market; among other effects. At CRI Group, our experts work with companies to develop policies that provide zero-tolerance for information leaks, and put controls in place (such as secure communications and data systems) to prevent such leaks from occurring in the first place.

Data theft

Perhaps the fastest-growing scourge of businesses since the beginning of this century. Massive data breaches have cause major distrust among consumers worldwide, and have led directly to identity theft and financial crimes such as theft of credit, illegitimate loans and other schemes. Data theft involves stealing computer-based information from an unknowing victim, usually a company with a large customer or client base. This usually results in the sale or sharing or private information. Most recently, a data breach reportedly exposed more than 200 million Americans: “Data Breach Exposes 200 million Americans: What You Need To Know” (Screen Rant, 2020). In another case, a major cruise operator saw its customers’ information exposed: “Norwegian Cruise Line Suffers Data Breach” (infosecurity, 2020).

For any company that is entrusted with customers’ or members’ private information, especially personally identifying information (PII), data theft can be a devastating crime. Beyond lawsuits and financial damage caused by such a disaster, rebuilding the company’s reputation (and earning back customers’ trust) is an uphill battle that might take years or more. That’s why CRI Group recommends that every business, regardless of size or industry, make protecting customer data one of its highest priorities. Today, leading technology can help make data more secure. But even the most secure system is dependent upon a properly trained workforce that follows all of the protocols to achieve effective data protection.

Reputational damage due to third-party relationship

Another serious business risk to any organisation that partners with other companies, suppliers or contractors. Even worse, they can be completely outside of your control. Here are examples of some of the risks: A business partner is embroiled in behind-the-scenes legal battles; a supplier makes procurement decisions involving the inappropriate influence of government officials who receive kickbacks; a partner falsely claims to have experience in an industry, and cannot deliver on its contractual promises. CRI Group’s integrity due diligence experts have helped clients avoid those very scenarios. Our investigators employ a proven, multi-faceted research approach which involves a global array of databases, courts and public record searches, local contacts, industry and media resources, and in-depth web-based research.

As the report states, “The last decade has seen cybercrime evolve from an IT issue to a boardroom concern, mirroring the digital transformation of the global economy on the macro level and of business operations on the micro level. The more the business world integrates digital elements, the more likely it is that computer systems have or will become a pathway for crime.” Now, more than ever, it is important for business leaders to be proactive in managing these modern business risks. Fraudsters and those who steal information are evolving their methods every day. Depend on the experts to help you stay one step ahead.

Lets Talk!

If you have any further questions or interest in implementing compliance solutions, please contact us.

About us…

Based in London, CRI® Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI® Group also holds BS102000:2013 and BS7858:2019 Certifications is an HRO certified provider and partner with Oracle.

In 2016, CRI® Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI® Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.


Zafar I. Anjum is Group Chief Executive Officer of CRI® Group (, a global supplier of investigative, forensic accounting, business due to diligence and employee background screening services for some of the world’s leading business organisations. Headquartered in London (with a significant presence throughout the region) and licensed by the Dubai International Financial Centre-DIFC, the Qatar Financial Center – QFC, and the Abu Dhabi Global Market-ADGM, CRI® Group safeguard businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. CRI® Group maintains offices in UAE, Pakistan, Qatar, Singapore, Malaysia, Brazil, China, the USA, and the United Kingdom.

Contact CRI® Group to learn more about its 3PRM-Certified™ third-party risk management strategy program and discover an effective and proactive approach to mitigating the risks associated with corruption, bribery, financial crimes and other dangerous risks posed by third-party partnerships.


Zafar Anjum, MSc, MS, CFE, CII, MICA, Int. Dip. (Fin. Crime) | CRI® Group Chief Executive Officer

37th Floor, 1 Canada Square, Canary Wharf, London, E14 5AA United Kingdom

t: +44 207 8681415 | m: +44 7588 454959 | e: