Navigating the Changes: ISO 37001:2016/Amd 1:2024 Explained

In today’s business landscape, where integrity, sustainability, and compliance are paramount, ISO 37001:2016 stands out as a crucial standard for promoting anti-bribery management systems. Positioned at the heart of ethics and due diligence, this standard transcends compliance; it embodies a commitment to fostering transparency and accountability in the fight against corruption. With environmental responsibility becoming increasingly vital, the upcoming Amendment 1:2024 is particularly relevant. This amendment aims to align the standard with the urgent need for climate action, risk management, and carbon footprint reduction, emphasising the role of businesses in fostering a more ethical and sustainable world.

This article explores the specifics of ISO 37001:2016 and its forthcoming amendment, explaining why this standard and its update are essential for modern business strategies that prioritise sustainability and integrity. We’ll break down Amendment 1 to show how it addresses climate action changes and highlights the growing importance of environmental considerations in corporate governance. Additionally, we’ll offer strategic implementation tips for organisations looking to adopt the updated standards, emphasising the role of due diligence, ethics, and compliance in mitigating risks and promoting a sustainable business model. By reading this, you’ll gain a roadmap for navigating the updated ISO 37001:2016/Amd 1:2024 landscape, marking a significant step toward integrating climate considerations into business ethics and integrity.

Understanding ISO 37001 and Its Importance

What is ISO 37001?

ISO 37001, introduced by the International Organisation for Standardisation in October 2016, is a comprehensive anti-bribery management system (ABMS) standard. It outlines a series of policies and procedures to help organisations prevent, identify, and address bribery. This includes implementing an anti-bribery policy, appointing a compliance officer, conducting training, performing risk assessments, due diligence on projects and business associates, and instituting financial and commercial controls.

The Role of Anti-Bribery Management Systems

The significance of ISO 37001 extends beyond mere compliance. It represents a global effort to eliminate bribery and corruption, some of the most destructive challenges worldwide. By providing a universally recognised framework, ISO 37001 helps organisations cultivate a culture of integrity, transparency, and trust. This framework combats the turnover of over a trillion dollars of illicit funds annually and reinforces the credibility of institutions and businesses by ensuring fair operations free from bribery.

Global Adoption and Impact

The impact of ISO 37001 is evident in its adoption by various governments and leading corporations worldwide. For instance, the governments of Singapore and Peru have adopted this standard for their anti-bribery systems. Additionally, it has influenced the “Shenzhen Standard,” an official anti-bribery standard in Shenzhen, China. Companies like Microsoft and Walmart aim to obtain ISO 37001 certification, showcasing its broad influence and recognition as a crucial tool in fighting corruption. This widespread adoption highlights the standard’s versatility and applicability across different sectors and organisational sizes, making it a key instrument in promoting ethical business practices globally.

Unpacking Amendment 1: Climate Action Changes

Overview of Amendment 1: 2024

The ISO and the International Accreditation Forum (IAF) have introduced amendments to 31 Annex SL management system standards, including ISO 37001:2016, to incorporate climate change considerations. Effective from February 2024, this initiative aims to align business operations with international climate agreements and emphasise the importance of climate change in organisational management systems.

Key Changes and Additions

Two significant changes are included in the ISO 37001:2016 amendment. First, organisations must assess whether climate change is relevant to their operations (Clause 4.1). Second, they must consider climate change-related requirements of interested parties (Clause 4.2). These additions underscore the need for sustainability clauses in contracts with cloud service providers and a broader commitment to reducing carbon footprints and addressing climate impacts.

Implications for Existing ISO 37001 Certifications

Organisations with ISO 37001 certifications must now integrate climate change considerations into their anti-bribery management systems. This involves reviewing internal and external issues, including climate change, and adjusting policies, procedures, and processes accordingly. The amendments require immediate implementation and will be assessed by auditors without a transition period. Failure to incorporate these changes could result in non-conformities during audits, stressing the importance of systematically considering climate change in organisational analyses and risk assessments.

Strategic Implementation of ISO 37001 Amendment 1

Preparing for the Transition

To navigate the transition to ISO 37001:2016/Amd 1:2024, organisations should review their current management systems to identify necessary adjustments in light of the new climate action changes. This includes assessing the relevance of climate change to their operations and integrating sustainability clauses into contracts with cloud service providers. The transition requires demonstrating conformance to the updated standards, ensuring climate change considerations are embedded in anti-bribery management systems.

Best Practices for Integrating Climate Action

Integrating climate action into anti-bribery management involves assessing internal and external issues related to climate change and adapting policies, procedures, and processes. Organisations should determine whether climate change is a relevant issue and integrate climate-related requirements into their management systems. This includes evaluating the impact of climate change on business context and considering the climate change-related requirements of interested parties. By doing so, organisations can enhance resilience and adaptability to climate-related risks.


The enhancements introduced by ISO 37001:2016/Amd 1:2024 not only reinforce the global commitment to anti-bribery management systems but also integrate climate action into corporate governance. Including climate considerations represents a progressive step toward aligning business operations with environmental goals, ensuring resilience and competitiveness in a changing global landscape. By prioritising sustainability and integrity, organisations can mitigate risks and contribute to a more ethical and sustainable world.

Navigating the complexities of these standards requires expert guidance. Engaging with seasoned professionals like CRI Group is essential for a smooth transition and certification process. Their expertise ensures that your organisation meets the updated ISO 37001:2016/Amd 1:2024 requirements and enhances overall performance and credibility. By fostering transparency, accountability, and environmental stewardship, businesses can comply with international standards and drive meaningful change.

CRI Group’s Services:

  • Comprehensive risk assessments
  • Anti-bribery policy formulation
  • Compliance officer training and appointment
  • Detailed due diligence on projects and business associates
  • Implementation of financial and commercial controls
  • Guidance on integrating climate change considerations into management systems
  • Audit support to ensure adherence to updated ISO 37001 standards

ABAC Group’s Services:

  • Training and certification for ISO 37001 compliance
  • Tailored risk management solutions
  • Anti-bribery and anti-corruption consulting
  • Investigative research services
  • Compliance and ethics program development
  • Third-party risk management
  • Whistleblowing hotline services
  • Due diligence and background checks

By leveraging these services, your organisation can achieve compliance and strengthen its commitment to ethical and sustainable business practices.

Significance of Due Diligence in Economic Crime & Corporate Transparency Act Compliance

The Importance of Due Diligence in Demonstrating Compliance with The Economic Crime and Corporate Transparency Act

Corporate fraud in the UK has been a growing concern, with statistics reflecting the extent of the issue. According to a report, the financial cost of fraud to UK businesses was estimated at over £130 billion per year.  The scale of corporate fraud underlines the necessity for stringent measures like those introduced in the Economic Crime and Corporate Transparency Act. The Act’s provisions aim to curb these activities by enhancing the accountability and transparency of companies, thus creating a more challenging environment for perpetrators of corporate fraud. 

With the implementation of this legislation, due diligence becomes a critical tool for businesses to detect and prevent fraud, ensuring compliance with the new legal requirements and safeguarding the economic landscape of the UK.  In this article, we will explore the intricacies of the Act, highlight the pivotal role of due diligence in combatting corporate fraud, and outline essential measures that companies must adopt to align with the new legislative mandates, thereby safeguarding the UK’s economic integrity.



The Economic Crime and Corporate Transparency Act was developed by the UK government in response to escalating concerns over economic crime, particularly fraud, money laundering, and corruption, which were increasingly undermining the integrity of the UK’s financial and corporate sectors. Prompted by a series of high-profile scandals and the growing sophistication of criminal activities exploiting the global financial system, the Act was formulated to address these challenges head-on.

It aimed to enhance transparency, strengthen the legal framework, and provide regulatory bodies with the necessary tools to combat these crimes effectively. Spearheaded by the Home Office and the Department for Business, Energy & Industrial Strategy, the legislation reflects a concerted effort to safeguard the UK’s reputation as a fair and secure place for conducting business, ensuring that the country’s economic foundations remain robust against the backdrop of international financial crimes.


Key Provisions of The Economic Crime and Corporate Transparency Act

The Economic Crime and Corporate Transparency Act introduces several key provisions aimed at combating economic crime in the UK:

  • Identity Verification Requirements – Directors, PSCs, and those filing documents at Companies House will need to verify their identity, making it harder to make anonymous filings and improving the reliability of data provided by Companies House​​.

  • Serious Fraud Office (SFO) PowersThe Act reforms and extends the SFO’s pre-investigative powers, allowing it to compel information provision in suspected cases of fraud, bribery, or corruption. This extension applies to all potential SFO cases, enhancing the agency’s capabilities to tackle economic crimes.

  • Companies House Powers – New powers have been granted to Companies House to query and challenge potentially fraudulent or suspicious information on its register. The Act also mandates identity verification for people with significant control (PSCs) and others involved in company management, enhancing the integrity of the corporate register.

  • Register of Overseas Entities – The Act expands the scope of registrable beneficial owners and increases the information requirements for foreign entities owning UK land, addressing criticisms of previous legislation and aiming to prevent misuse of corporate structures for hiding illicit wealth.

  • Company Formation Changes – The Act mandates more stringent requirements for company formation, including full name disclosure of subscribers, lawful purpose declaration, and identity verification of proposed officers and PSCs. These measures aim to prevent misuse of corporate entities and enhance transparency​​.

  • Crypto-Related Enforcement – The Act enhances the powers of law enforcement agencies to deal with crypto-related criminal activities. It extends the confiscation and civil recovery regime to include cryptoassets, facilitating easier seizure, freezing, and recovery of assets linked to illicit activities.

These provisions reflect a comprehensive approach to enhancing corporate transparency, combating economic crime, and ensuring a fair business environment in the UK.


Penalties and Repercussions For Non-Compliance

The Act imposes stringent penalties and repercussions for non-compliance:

  • Legal and Financial Penalties – Companies and individuals failing to comply with the Act can face significant fines, legal penalties, and criminal charges.

  • Reputational DamageNon-compliance can also result in severe reputational damage, affecting the business operations and financial standing of the involved entities.

  • Increased Scrutiny and Regulation – Non-compliant companies may be subject to increased scrutiny and regulatory oversight, impacting their operational capabilities and market reputation.

These provisions collectively aim to create a more transparent and accountable corporate environment in the UK, reducing the risk of economic crimes and promoting fair business practices.


The Central Role of Due Diligence

Due diligence is a comprehensive assessment process used by businesses to evaluate the risks associated with potential partners, investments, or transactions. It involves gathering and analyzing detailed information about a business entity, its operations, financial performance, legal standing, and compliance with relevant regulations. Due diligence helps identify potential red flags or risks, such as financial discrepancies, legal issues, or reputational concerns, enabling companies to make informed decisions and mitigate risks.

In-depth investigations during the due diligence process are crucial for uncovering hidden risks that might not be apparent from surface-level analysis. For example, in the case of Volkswagen’s emissions scandal in 2015, due diligence processes that thoroughly investigated the company’s compliance with environmental regulations could have identified discrepancies in emission levels, potentially avoiding significant financial and reputational damage. This incident underscores the importance of rigorous due diligence in evaluating potential business partners’ and investments’ integrity and compliance, highlighting how thorough investigations can protect companies from unforeseen risks and liabilities.

Due diligence becomes even more pivotal in the context of the Economic Crime and Corporate Transparency Act, as it mandates businesses to conduct thorough investigations into their corporate dealings to ensure compliance with enhanced transparency and anti-fraud measures. The Act requires companies to verify the identities of their directors and beneficial owners and to maintain accurate records of their financial transactions and corporate structures. Failure to conduct adequate due diligence could lead to non-compliance with the Act, exposing companies to legal and financial penalties, including fines, criminal charges, and reputational damage.

For instance, in the context of the Act, thorough due diligence would involve scrutinizing the backgrounds of potential partners or investment opportunities to ensure they do not have a history of involvement in economic crimes such as money laundering or fraud. Companies must now ensure that their due diligence processes are robust enough to detect any potential risks that could lead to non-compliance with the new legal requirements. This could include enhanced scrutiny of financial transactions, more rigorous background checks on corporate entities, and ongoing monitoring to ensure continued compliance. Therefore, due diligence is not just a tool for assessing business risks but also a critical compliance requirement under the Act, helping companies to navigate the complexities of the regulatory landscape and avoid the severe consequences of non-compliance.


Steps for Effective Due Diligence

To conduct effective due diligence, businesses can follow these steps as a guide:

  • Define Objectives and Scope – Clearly outline the purpose and goals of the due diligence process. Determine the specific areas of focus, such as financial health, legal compliance, market position, or operational efficiency, to tailor the investigation to the needs of the business transaction or partnership.

  • Collect InformationGather comprehensive data on the target entity. This includes financial statements, legal records, business plans, operational details, and information on key personnel. Public records, company filings, and market research can provide valuable insights.

  • Conduct Financial Analysis – Review the financial data of the target entity to assess its financial stability, profitability, and growth prospects. Analyze balance sheets, income statements, cash flow statements, and financial projections to identify any financial risks or anomalies.

  • Evaluate Legal and Regulatory Compliance – Investigate the legal standing of the entity, including any past or ongoing legal disputes, compliance with industry regulations, and adherence to licensing requirements. This step is crucial to identify potential legal liabilities and regulatory risks.

  • Assess Operational Capabilities – Examine the operational aspects of the entity, including its business model, supply chain, production processes, and technology infrastructure. Understanding the operational strengths and weaknesses can reveal risks and opportunities.

  • Perform Risk Assessment – Identify and evaluate the risks associated with the investment or partnership. This includes financial risks, legal risks, market risks, operational risks, and reputational risks. Assessing these risks helps in making an informed decision.
  • Verify Information – Cross-check and verify the collected information through independent sources. This may include background checks, reference checks, site visits, and third-party audits to ensure the accuracy and reliability of the data.

  • Prepare Due Diligence Report – Compile the findings into a detailed due diligence report. The report should provide a comprehensive analysis of the target entity, highlighting key findings, risks, opportunities, and recommendations for the business decision.

  • Make Informed Decisions – Use the insights gained from the due diligence process to make informed business decisions. The due diligence report should serve as a basis for negotiating terms, structuring the deal, or deciding whether to proceed with the transaction or partnership.
  • Monitor and Review – After completing the transaction or establishing the partnership, continue to monitor the entity’s performance and compliance. Regular reviews can help manage risks and ensure that the business arrangement’s objectives are being met.

By following these steps, businesses can conduct thorough due diligence, which is essential for mitigating risks, ensuring compliance with the Economic Crime and Corporate Transparency Act, and making informed decisions.


Demonstrating Compliance through Due Diligence

Demonstrating compliance through due diligence is a multi-faceted process that involves thorough documentation, third-party verification, external audits, and comprehensive employee training. Here’s how businesses can approach each aspect to ensure adherence to the Economic Crime and Corporate Transparency Act:


Documentation plays a crucial role in proving compliance with the Act. Businesses should maintain detailed records of their due diligence processes, including background checks, financial audits, risk assessments, and the decision-making process for transactions or partnerships. For example, if a company is investigating a potential investment, it should document each step of the due diligence process, including financial analyses, legal checks, and compliance reviews. This documentation is evidence of due diligence and helps proactively identify and mitigate risks.

Third-Party Verification and External Audits

Third-party verification and external audits provide an additional layer of assurance in the due diligence process. Companies can validate their compliance efforts with an unbiased perspective by involving independent entities to verify the accuracy of financial statements or the legitimacy of business operations. For instance, engaging a reputable audit firm to conduct an annual audit of the company’s financial transactions can uncover discrepancies that internal checks might miss and demonstrate to regulators that the company is serious about maintaining transparency and adhering to legal requirements.

Employee Training and Awareness Programs

Employee training and awareness programs are critical in ensuring that all staff members understand the importance of compliance and the specific requirements of the Economic Crime and Corporate Transparency Act. These programs should educate employees about the risks of economic crime, the importance of due diligence, and their roles in maintaining compliance. For instance, a financial services firm might conduct regular training sessions for its analysts and managers to update them on the latest regulatory changes, teach them how to spot signs of money laundering or fraud, and train them in conducting thorough due diligence on new clients or transactions.


Case Study: Successes and Failures

A notable example of a company that effectively used due diligence to demonstrate compliance is Rolls-Royce. In its dealings with corruption and bribery allegations, Rolls-Royce conducted extensive internal investigations and cooperated with authorities, leading to a Deferred Prosecution Agreement (DPA) in 2017. Their proactive approach in conducting thorough due diligence and compliance checks helped mitigate the legal consequences and demonstrated their commitment to rectifying the compliance failures.

Unilever has effectively used due diligence to ensure compliance with environmental and ethical standards in its supply chain. By conducting thorough investigations into their suppliers’ practices, Unilever has managed to uphold high standards of corporate responsibility and demonstrate compliance with UK’s stringent regulations on sustainability and ethical sourcing.


Lessons from Inadequate Due Diligence

  • The BHS Collapse – The downfall of British retailer BHS highlighted the consequences of inadequate due diligence. In 2015, BHS was sold for just £1 to a consortium with no retail experience and questionable financial stability. The lack of thorough due diligence in evaluating the buyer’s ability to manage BHS led to its collapse and the loss of 11,000 jobs. This case underscores the critical need for comprehensive due diligence in business transactions to avoid significant financial and reputational damage.

  • Tesco’s Overstatement Scandal  – In 2014, Tesco, one of the UK’s largest retailers, faced a serious financial scandal due to inadequate due diligence. The company overstated its profits by £129 million due to recognized income on deals before it was earned. The failure in due diligence to accurately audit and verify financial statements led to hefty fines and severe damage to Tesco’s reputation, highlighting the importance of thorough financial due diligence.

These examples emphasize that effective due diligence is crucial for demonstrating compliance and ensuring business integrity, while failures in conducting due diligence can lead to severe consequences, including financial loss, legal penalties, and reputational damage.


Recommendations for Companies

For companies looking to enhance their due diligence processes, here are some recommendations:

Invest in Due Diligence Tools and Software

Companies should invest in advanced tools and software that streamline the due diligence process. These technologies can automate data collection and analysis, track regulatory requirement changes, and provide real-time alerts on potential risks. For example, due diligence platforms like LexisNexis and Thomson Reuters offer comprehensive solutions for screening, monitoring, and analyzing business relationships and transactions.

Collaborate with Experts and Consultants

Engaging with experts and consultants who specialize in due diligence and compliance can provide companies with specialized insights and guidance. These professionals have the expertise to conduct in-depth investigations, interpret complex legal requirements, and provide tailored advice on risk management strategies. Consulting firms like CRI Group™ offer specialized services in due diligence and compliance, leveraging their global networks and expertise to assist companies in navigating the complexities of regulatory environments.

Foster a Culture of Integrity and Transparency

Building a culture of integrity and transparency within the organization is crucial. This involves establishing clear ethical guidelines, promoting open communication, and encouraging employees to report potential issues without fear of retaliation. Companies should conduct regular training sessions to educate employees on legal requirements, ethical standards, and the importance of due diligence in mitigating risks. Creating an environment where ethical behavior is valued and rewarded can help prevent compliance issues and reinforce the company’s reputation as a trustworthy and responsible business entity.

By implementing these recommendations, companies can strengthen their due diligence processes, ensure compliance with regulatory requirements, and protect themselves against the risks of financial crime and legal violations.



The evolving economic crime landscape underscores businesses’ need to remain vigilant and proactive in their due diligence efforts. As economic crimes become more sophisticated and far-reaching, particularly in the digital realm, companies must adapt to these changes with comprehensive due diligence practices. This vigilance is not merely about compliance with laws like the Economic Crime and Corporate Transparency Act but also about safeguarding the business from potential financial and reputational damage. Proactive due diligence allows businesses to stay ahead of potential threats, ensuring long-term stability and integrity in an increasingly complex and interconnected global market.

Moreover, the long-term benefits of proactive due diligence extend beyond mere compliance. They encompass the fostering of a culture of transparency and ethical business practices, which can significantly enhance a company’s reputation and trustworthiness in the eyes of stakeholders, including customers, partners, and investors. In the long run, this proactive approach to due diligence can lead to more sustainable business growth, as it not only detects and mitigates risks early but also positions the company as a responsible entity committed to ethical practices and legal compliance. Thus, investing in effective due diligence processes is not just a regulatory requirement but a strategic business imperative that can yield substantial dividends in terms of risk management, corporate reputation, and operational excellence.


The Removal of the UAE from the FATF’s grey list in February 2024

The UAE’s Victory – A New Dawn in Regulatory Compliance and Investment Opportunities

In a landmark achievement for the United Arab Emirates (UAE), the Financial Action Task Force (FATF), the global watchdog for anti-money laundering and counter-terrorist financing, has officially removed the UAE from its “grey list” as of February 23, 2024. This decision is a testament to the UAE’s steadfast commitment and rigorous efforts in implementing robust financial crime prevention measures. The move underscores the UAE’s enhanced regulatory framework and reaffirms its status as a reputable and secure global financial hub.


The Journey to Compliance

The UAE’s journey began in March 2022 when FATF placed the country on its “grey list” due to perceived strategic deficiencies in its systems. This listing led to increased monitoring and scrutiny, posing a challenge to the UAE’s reputation as a secure and attractive jurisdiction for trade and investment. In response, the UAE embarked on a comprehensive overhaul of its compliance framework. This initiative aimed to address the identified shortcomings and enhance the country’s reputation as a secure and attractive jurisdiction for trade and investment.

Key measures taken by the UAE include:

  • In February 2021, the UAE Cabinet approved the formation of the Executive Office of Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) office to oversee the implementation of the UAE’s National AML/CFT Strategy and National Action Plan. The office is responsible for coordinating AML/CFT efforts within the UAE and improving international cooperation on these issues. It also works to enhance the UAE’s AML/CFT framework and legislation in coordination with relevant stakeholders​​​​.

  • The UAE established specialized money laundering courts to prosecute financial crimes, including money laundering. This move is part of the country’s efforts to build an effective framework to combat money laundering and terrorist financing​​.

  • The UAE Central Bank periodically issues guidance to financial institutions and designated non-financial businesses and professions (DNFBPs) on how to comply with AML/CFT laws and regulations. This includes guidance on suspicious activity/transaction reporting​​.
  • In October 2018, the UAE promulgated a new AML/CFT law to strengthen its regulatory framework against financial crimes. The law defines money laundering offenses and stipulates penalties for such crimes​​​​.

These measures demonstrate the UAE’s commitment to addressing the strategic deficiencies identified by FATF and enhancing its AML/CFT framework. The removal of the UAE from the FATF’s grey list in February 2024 is a testament to the effectiveness of these efforts and is expected to boost investor confidence and attract foreign investment​​.


A Symbol of Confidence

The UAE’s removal from the grey list is more than just a symbolic victory. It signifies a renewed confidence in the country’s regulatory environment, promising to attract greater foreign investment, reduce compliance costs, and lower borrowing expenses. This development is particularly significant as the UAE continues to position itself as a regional leader in technology and innovation.

Comply with Confidence - with the help of CRI Group's services


Opportunities for Businesses and Investors

With the UAE’s removal from the FATF grey list, businesses have several opportunities to explore and expand:

  • Enhanced Investor Confidence – The delisting signals to investors that the UAE is committed to maintaining a transparent and robust financial system, which can attract more foreign investment.

  • Improved International RelationsThe UAE’s efforts to strengthen its AML/CFT framework can lead to better relations with other countries, opening up new avenues for international trade and collaboration.

  • Access to Global Markets – Businesses in the UAE may find it easier to access global markets as the delisting reduces the perception of risk associated with financial transactions involving the UAE.

  • Lower Compliance Costs – With the removal from the grey list, companies might experience reduced compliance costs and fewer hurdles in conducting cross-border financial transactions.

  • Strengthened Financial Sector – The measures taken by the UAE to address FATF’s concerns can lead to a more robust and resilient financial sector, benefiting businesses operating in the region.

  • Attractive Destination for FDI – The UAE’s enhanced reputation as a compliant and secure financial hub can attract more foreign direct investment, boosting the economy and creating opportunities for local businesses.

  • Competitive Advantage – Companies that proactively adhere to the highest standards of compliance and due diligence can gain a competitive advantage, as they are perceived as trustworthy and reliable partners.

  • Innovation and Growth – The improved regulatory environment can encourage innovation and growth, as businesses can focus on expanding their operations without the overhang of being in a jurisdiction under increased monitoring.

To make the most of these opportunities, businesses should continue to invest in compliance, due diligence, and risk management practices, ensuring they remain aligned with international standards and best practices.


CRI Group™ – Your Partner in Building a Trusted Future

CRI Group™ is well-positioned to assist organizations in leveraging these opportunities while adhering to the highest standards of integrity and regulatory compliance. CRI Group offers a broad range of services to help businesses manage risks and ensure compliance, including:

Employee Background Checks:

Critical for hiring qualified, honest, and hard-working employees, CRI Group™’s employee background checks services, also known as EmploySmart™ are an integral part of thriving in the business community​​.


Vital for confirming the legitimacy of potential business partners and reducing risks associated with professional relationships. This level of due diligence ensures that working with outside parties will ultimately achieve an organization’s strategic and financial goals​​.

CRI Group™ provides Due Diligence service to secure your business

Third-Party Risk Management:

CRI Group‘s exclusive 3PRM™ services help organizations proactively mitigate risks from third-party affiliations, protecting them from liability, brand damage, and harm to the business​​.

Investigative Solutions:

CRI Group‘s team of experts can safeguard businesses from unseen threats such as employee fraud, compliance issues, third-party risk factors, and other concerns that can quickly and severely impact any organization​​​​.

Fraud Risk Investigations:

CRI Group‘s investigators and Certified Fraud Examiners are trained to recognize the patterns of fraud and can help uncover the trail of fraud, leading to a quick and successful resolution​​.

AML Advisory Services:

CRI Group helps organizations meet stakeholder expectations and safeguard their corporate reputation and competitive positioning with an effective AML framework​​.


CRI Group™ is well-positioned to assist businesses in capitalizing on the new opportunities presented by the UAE’s removal from the FATF grey list. With its comprehensive expertise in risk management, due diligence, and compliance, along with its global coverage and experienced team, CRI Group™ is a preferred partner for organizations seeking to navigate the complexities of the current regulatory environment effectively.

The recent grey list case verdict underscores the importance of robust compliance measures, and CRI Group™ offers the necessary tools and services to help businesses meet these standards and thrive in a more secure and transparent market. For more information, contact us at


UAE Imposes Fines on Non-Compliant Corporations: Is Your Business At Risk?

UAE Businesses Beware: AED 22.6 Million in Fines for Non-Compliance with Anti-Money Laundering and Terrorism Financing Regulations!

That’s right, the UAE’s Ministry of Economy has cracked down on 29 companies operating in the designated non-financial business or professions (DNFBP) sector for failing to comply with AML/CFT legislation. Violations ranged from a lack of internal policies and procedures to check customer databases against terrorism lists to failure to identify financial crime risks in their fields of work.

The message is clear – compliance with these regulations is no longer a choice, but a requirement. Businesses operating in the DNFBP sector must prioritize AML/CFT programs, including regular risk assessments, robust internal controls, and employee training.

Importance of AML/CFT compliance

The importance of anti-money laundering (AML) compliance cannot be overstated, especially within the UAE’s landscape, where the government is cracking down on non-compliant corporations. A robust AML compliance policy can not only protect against money laundering and terrorist financing but can also prevent fraud. Here are five key reasons why AML compliance is critical for businesses operating in the UAE.

Threat Evolution:

Criminal methods have become more sophisticated and complex, making them difficult to detect. Lone-wolf terrorists, cyber-enabled criminals, and e-commerce criminals are trending types of criminals in the UAE. It’s essential for businesses to stay ahead of these threats by complying with AML regulations.

Reputational Risk:

A crisis in Anti Money Laundering compliance can severely harm a company’s reputation and negatively affect customer trust. Companies that have been investigated or fined for non-compliance may need to appear more trustworthy to customers, leading to a loss of business. Protect your reputation by implementing a robust AML compliance program.

Poor Client Experience:

Non-compliance with AML regulations can increase the potential risk of fraud. A successful fraud attack can also affect the customers of a company. Don’t put your clients at risk – ensure that your business is fully compliant with AML regulations.

Regulatory Action:

The UAE has strict AML regulations that require financial institutions and businesses to comply with customer due diligence, transaction monitoring, and reporting of suspicious activities. Failure to comply can result in hefty fines and penalties imposed by regulatory authorities. Non-compliant businesses may face severe legal consequences, including criminal liability for individuals within the organization.

Financial Crime Persistence:

Enforcing AML regulations is crucial as financial crimes remain a persistent issue in the UAE. Money laundering enables criminal organizations to disguise the origin of their illegal proceeds, which can lead to economic instability, funding of terrorism, and loss of public trust in the financial system. Stay ahead of the game and maintain the integrity of your business by complying with AML regulations.

Penalties and Consequences

The UAE’s Ministry of Economy is intensifying field inspections and providing awareness and training support to DNFBP companies to ensure compliance with AML/CFT legislation and international standards issued by the Financial Action Task Force (FATF). With further punitive measures on the horizon, it’s more important than ever for businesses to stay ahead of the curve and ensure that they are fully compliant with AML/CFT regulations.

The penalties for non-compliance with Anti-Money Laundering (AML) and Combating the Financing of Terrorism (CFT) regulations are severe, and businesses must take them seriously. Failure to comply with AML/CFT laws can result in heavy fines, damage to reputation, and even criminal prosecution.

The consequences of non-compliance are not to be taken lightly. Heavy fines can severely impact a business’s bottom line, while damage to reputation can harm its ability to attract and retain customers. In some cases, non-compliance can even result in criminal prosecution. The risks are too great to ignore, and businesses must take the necessary steps to protect themselves.

Stay Ahead of the Curve: Protect Your Business with Robust AML Compliance

Are you concerned about the potential risks of money laundering and terrorist financing within your organization? Compliance with AML regulations is critical to protect your business and maintain the financial system’s integrity. At CRI Group™, we understand the importance of Anti-Money Laundering (AML) compliance and offer advisory services to analyze your systems and develop effective solutions to combat money laundering. Our unmatched investigative capabilities and worldwide presence make us uniquely qualified to resolve regulatory concerns and help businesses ensure compliance with AML/CFT regulations.

If you operate in the financial sector, complying with AML regulations is essential. Failure to comply can result in fines, reputational damage, and even criminal prosecution. That’s why we recommend registering with our anti money laundering services to ensure you’re following regulations for the prevention of money laundering.

At CRI Group™, our vast Anti-Corruption and Compliance network offers the protection you need when making critical bottom-line decisions. Leave it to our experts to help you with AML compliance and provide the protection you need to combat money laundering. With our 360-degree analysis of your challenges, we can ensure that your business is fully compliant with AML/CFT regulations, reducing the risk of fines and reputational damage. Here’s how CRI Group™ Group can help:

In-Depth AML Risk Assessment:

Our team of experts will undertake a comprehensive AML risk assessment to analyze the vulnerabilities and potential threats within your organization’s operations. The assessment will incorporate an evaluation of your existing AML policies, procedures, controls, and the nature of your company’s products, services, customers, and geographic locations. Our analysis and evaluation will help in identifying potential risks and emerging trends that are necessary for effective AML risk management.

GAP Analysis for the Scope of ISO 37301 Compliance Management System:

Our team of consultants will perform a detailed GAP analysis of your organization to ensure compliance with the ISO 37301 standard. We will evaluate your current system and processes, identify shortcomings, and present recommendations to help your company fill the existing gaps. Our analysis will facilitate the understanding of the roles, responsibilities, and competencies required for compliance with the standard.

Provision of AML Framework:

We will provide a comprehensive framework to guide your organization in establishing and maintaining an effective AML compliance program. This framework will include policies, procedures, and protocols for risk assessment, customer due diligence, transaction monitoring, and reporting. Our team will work closely with your staff to implement this framework for compliance with relevant laws, regulations, and industry best practices.

Global Sanction Screening & Third-Party Risk Management:

Our screening services will help identify, assess, and mitigate the potential risks associated with third-party relationships. With our global database, we can monitor a wide range of regulatory lists and relevant databases, providing you with peace of mind that your company’s dealings with third parties will not put your organization at risk of non-compliance with AML regulations.

Money Laundering Reporting Officer (MLRO):

Our team will assist your organization in the appointment of an MLRO. This officer will be tasked with overseeing your company’s AML policy and reporting matters to relevant regulators. We’ll help you identify a qualified MLRO who possesses the experience and knowledge required for carrying out this crucial duty effectively.

Policy Statement:

We will work with you to develop a clear and concise policy statement outlining your organization’s commitment to AML compliance. Our policy statement will outline the roles and responsibilities of all parties involved in the implementation of the AML policy, including the board of directors, senior management, employees, and applicable third parties/vendors. This statement will provide clarity on the compliance requirements, enhancing risk awareness and making it easier for employees to comply with AML legislation.

Identifying Financing Terrorism:

Our experts will assist you in identifying potential risks associated with financing terrorism. By conducting risk assessments and due diligence checks, we can help identify unusual transactions that could be linked to terrorist financing. Our team will help in the implementation of preventive and control measures, ensuring that your organization is always one step ahead of potential risks.

Corporate Principles – An Ethical & Integrated Business Approach:

We’ll help develop corporate principles that emphasize an ethical and integrated approach to doing business. Our team will work with you to identify fundamental values that your company stands for, and ensure that these are integrated into your operations. We’ll also help with the development of programs to encourage ethical behavior and integrity in your workforce. These corporate principles will help to build a positive reputation while displaying governance and a strong ethical culture.

Industries We Serve

At CRI Group™, we are committed to helping businesses across a wide range of industries to stay compliant with AML/CFT regulations. Our services are tailored to meet the specific needs of each industry, including:

  • Automotive: Whether you’re a car manufacturer, dealer or supplier, our AML services can help you mitigate risks and ensure compliance with AML regulations.
  • Aviation: Airlines, airports and other aviation companies face unique AML risks that require specialized solutions. Our experts can help you detect and prevent money laundering and terrorist financing activities.
  • Finance & Professional Services: Banks, financial institutions, law firms and accounting firms all require robust AML compliance programs to protect their clients and reputation. We provide tailored solutions to meet the needs of each business.
  • IT & Telecommunications: With the rise of online transactions, the IT and telecommunications industry faces new challenges in preventing money laundering and terrorist financing. Our AML solutions can help you stay ahead of the curve.
  • Insurance: The insurance industry is vulnerable to money laundering and fraudulent activities. Our AML services can help you detect and prevent these risks, ensuring the integrity of the insurance system.
  • Property: The real estate industry is also vulnerable to money laundering and terrorist financing. Our AML solutions can help property developers, agents, and managers detect and prevent these risks.
  • Pharmaceutical & Healthcare: The pharmaceutical and healthcare industry faces a range of financial crime risks, including money laundering and bribery. Our AML services can help you ensure compliance and mitigate these risks.
  • Oil, Gas & Energy: The oil, gas and energy industry is subject to unique risks that require specialized AML solutions. Our experts can help you detect and prevent money laundering and terrorist financing activities.

No matter what industry your business operates in, compliance with AML/CFT regulations is crucial. With CRI Group’s industry-specific solutions, you can rest assured that your business is fully protected against the risks of financial crime.

Don’t let your business fall prey to the threat of money laundering and financial crimes. Trust CRI Group™ to provide you with the expert advisory services and protection you need to ensure compliance and success in the financial sector. Contact CRI Group™ Group for Anti-Money Laundering (AML) Advisory service today and take the necessary steps to ensure compliance with AML regulations.

CRI celebrates the 2022 International Anti-Corruption Day

The world today is plagued with some of the biggest issues of all time. The plague of corruption is intertwined in most of them, threatening the prosperity and stability of many countries. Corruption negatively impacts several aspects of society and is intertwined with conflict and instability jeopardising social and economic development and undermining democratic institutions and the rule of law.

Corruption fuels conflict and hampers peace by undermining the rule of law, and facilitating the illegal use of resources for armed conflict or illicit substances like drugs.

The United Nations designated 9 December as International Anti-Corruption Day, to raise awareness of corruption and of the role of the United Nations Convention against Corruption in combating and preventing it. The Convention entered into force in December 2005.

The 2022 International Anti-Corruption Day (IACD) looks at driving home the crucial link between anti-corruption and peace, security, and development. Tackling this crime is the right and responsibility of everyone, and this is possible only through cooperation and the involvement of all people and institutions in play, says the United Nations.

The Corruption Perceptions Index (CPI), published annually by the non-governmental organisation Transparency International ranked 180 countries “on a scale from 100 (very clean) to 0 (highly corrupt)” based on the situation between 1 May 2020 and 30 April 2021. As per the CPI, DenmarkNew ZealandFinlandSingapore, and Sweden are perceived as the least corrupt nations in the world, ranking consistently high among international financial transparency, while the most apparently corrupt are SyriaSomalia, and South Sudan.

Some staggering stats on corruption

  • Here are some interesting statistics from to blow your socks off:
  • £100 billion of dirty money passes through UK systems and services every year.
  • 87,000 land titles in England and Wales are owned by opaque corporate structures that hide the true owners.
  • 76% think wealthy individuals often use their influence on Government for their own interests.
  • Just 52 people made a sixth of all declared UK political donations between 2001 and 2016.
  • £1.27 billion is lost annually to fraud, bribery and corruption in the NHS.

And some more stats for you on the Anti-Corruption Day:

  • The annual costs of international corruption is estimated to amount to a staggering $3.6 trillion in the form of bribes and stolen money.
  • Corruption often impacts the poorest in societies the most. In Paraguay, the poorest households are forced to pay nearly 13% of their income in bribes – twice as much as the richest households.
  • Airbus was fined £3.6 billion in February 2020 by courts in the UK, US and France for slush funds, “success payments” and lavish hospitality.
  • £820 million of this fine was paid in the UK. This is more than double the total of fines paid in respect of all criminal conduct in England and Wales in 2018.

And even more statistics on corruption:

  • Corruption in the health sector kills an estimated 140,000 children a year.
  • Up to 25% of public procurement funds are lost to corruption each year.
  • Governments are spending $7.5 trillion a year on providing healthcare globally. But corruption means that $500billion (7%) of that money is lost.
  • The World Health Organisation estimates $370billion would be enough to give everyone on the planet access to healthcare.
  • Every year, pharmaceutical companies, universities and other research groups conduct around 20,000 clinical trials involving over two million patients worldwide, at an estimated cost of over US$60 billion.
  • An estimated US$85 billion in medical research funding is being wasted every year as trials that cost millions to run fail to contribute to medical progress because their results are not reported.

As you can see from these statistics, corruption is a problem worldwide, costing both huge amounts of money and precious lives. Corruption and bribery can impact any organisation and cause severe harm to businesses, including causing financial loss, dire legal consequences, brand damage, damage to an organisation’s reputation and impeding sustainable development. The only way to get beyond this menace is through international collaboration.

Please make use of this opportunity to educate yourself better and your personnel to work towards a more transparent corporate model while seamlessly integrating it into your day-to-day lives. Ethical business always begins from within, and CRI Group is more than happy to help you through this. 

Matters surrounding risk management and compliance can be daunting, so why not contact CRI Group™? Our experts have years of experience and have been trained to provide your business with bespoke advice that fits your organisations’ needs. Implement preventative measures in your workplace today and guide your team to an ethical and correct way of working on this Anti-Corruption Day. 


Who is CRI Group™?

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceTPRMDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group™ launched the Anti-Bribery Anti-Corruption (ABAC™) Center of Excellence – an independent certification body that provides education and certification services for individuals and organisations on a wide range of disciplines and ISO standards, including ISO 31000:2018 Risk Management- GuidelinesISO 37000:2021 Governance of OrganisationsISO 37002:2021 Whistleblowing Management SystemISO 37301:2021 (formerly ISO 19600) Compliance Management system (CMS)Anti-Money Laundering (AML); and ISO 37001:2016 Anti-Bribery Management Systems ABMS. ABAC® offers a complete suite of solutions designed to help organisations mitigate the internal and external risks associated with operating in multi-jurisdiction and multi-cultural environments while assisting in developing frameworks for strategic compliance programs. Contact ABAC™ for more on ISO Certification and training.

CRI® Group’s DueDiligence360™ involves a review of all relevant information pertaining to virtually any business on the planet to ascertain past business dealings, criminal records, executive stability and suspect associations to ensure your organisation is protected from internal threats and outside risks.

CRI® Group’s exclusive 3PRM-Certified™ solution provides Third-Party Risk Management while ensuring compliance with FCPA, UK Bribery Act, Anti-Bribery and Anti-Corruption, and other global, regional and local regulations.

CRI® Group’s EmploySmart™ — a pre-employment background screening process, can boost your fraud prevention efforts and provide a “boots on the ground” approach to extensive background checking.


Contact CRI Group™ today to learn more about preventing and detecting corruption.

Supply Chain Due Diligence Act: New Risk Management & Reporting Duties for German Businesses

This article looks at the Supply Chain Due Diligence Act (LkSG) that applies to companies operating or trading in Germany and will enter into force on 1 January 2023.

The new German law, known as the Supply Chain Due Diligence Act (LkSG, short for Lieferkettensorgfaltspflichtengesetz in German) imposes due diligence obligations on environmental protection and on human rights, with all businesses having to introduce iterative and ongoing, or in certain circumstances ad hoc, due diligence processes specified by the Act.

Identification and management of an organisation’s supply chain and the risks that come with it require the implementation of due diligence processes.

The term “supply chain” refers to all products/services of a business, including all manufacturing and services, in Germany and/or abroad, from the extraction of raw materials to their delivery to the end customer.

Furthermore, due diligence processes should implement the following criteria: 

  • type and scope of the business activities of the company subject to the due diligence obligations,
  • the ability of the company subject to the due diligence obligations to exert influence (so-called leverage),
  • typically expected severity of the violation, and
  • type of contribution by the company subject to the due diligence obligations to cause a violation.

More details can be had in our FREE Supply Chain Due Diligence Act (LkSG) eBook.

Who is Affected by the Supply Chain Due Diligence Act?

  • As of 1 January 2023: Companies with at least 3,000 employees that have their head office, administrative seat or statutory seat in Germany OR companies that have a branch in Germany and usually employ at least 3,000 employees in this branch;
  • As of 1 January 2024: Companies with at least 1,000 employees that have their head office, administrative seat or statutory seat in Germany OR companies that have a branch in Germany and usually employ at least 1,000 employees in this branch.

From 2024, the law will apply to businesses with more than 1,000 employees.

Even if companies with fewer employees are not addressees of the Supply Chain Act, they may still be indirectly affected. This is because the companies directly affected would be obliged to enforce compliance to the best of their ability with human rights in their supply chain. The measures necessary for this can have a direct impact on their suppliers, for example, through the implementation of a code of conduct. In addition, the directly affected companies will often be dependent on the active support of their suppliers and thus have this support be contractually assured, e.g. in the form of reporting obligations as part of their risk analysis.


Due Diligence Investigations: Mitigate Critical Risks

At CRI®, we provide corporate reporting and due diligence services wherever you are. Use our DueDiligence360™ reports to help you comply with anti-money laundering, anti-bribery, and anti-corruption regulations ahead of a merger, acquisition, or joint venture. You can also use them for third-party risk assessment, onboarding decision-making, and identifying beneficial ownership structures.

Due Diligence helps you Identify key risk issues clearly and concisely using accurate information in a well-structured and transparent report format. Our comprehensive range of reports includes specialised reports that support specific compliance requirements. Protect your reputation and the risk of financial damage and regulator action using our detailed reports. They enhance your knowledge and understanding of the customer, supplier, and third-party risk, helping you avoid those involved with financial crime.

The CRI® Group invites you to schedule a quick appointment with them to discuss in more detail how conducting due diligence and compliance can help you and your organisation.

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceTPRMDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider.

We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.


How to Protect Your IP with Brand Protection Investigations?

Intellectual Property (IP) is an exclusive right of the brand owner. This property includes intangible creations of the brand owners’ human intellect; therefore, the brand owners are lawful copyright or trademark owners. However, when unscrupulous individuals indulge in manufacturing and distributing counterfeit products of well-known brands, the result is the loss of sales, a tarnished brand image and erosion of brand loyalty, not to mention the ill effects of consumption by the consumer and the loss of revenue to the government. This is when Brand protection services are crucial to business integrity.

Counterfeiting threatens the fabric of national economies, endangers safety and frequently kills. It devalues corporate reputations, hinders investment, funds terrorism, and costs hundreds of thousands of people their livelihood annually. Companies and organizations face IP-related risks from a multitude of sources, namely:

  • From within the organization itself;
  • From entities in the ecosystem of the organization;
  • From competitors;
  • From independent 3rd parties; and/or
  • From illegal entities.

It is important to consider the risks to your intellectual property and take the steps necessary to protect your brand. Because of the potential complexity of IP investigations you should consider consulting experts. Investigators who are specially trained to protect the brand equity and customer loyalty you’ve built by providing professional assistance in the areas of:

  • Trade Secret Breaches
  • Data Breaches & IP Leaks
  • Theft of Proprietary Customer Data
  • Copyright Abuse
  • Unauthorized Use of Trademarks
  • Counterfeit & Pirated Products
  • Threats to Brand Integrity & Reputation
  • Brand Imitation & Product Copying
  • Global Counterfeiting Investigations

Getting help

Brand protection services can:

  • Research and investigate the legal aspects of copyright, trademark and patent claims
  • Identify the company and/or individuals that have breached your IP rights
  • Perform background and financial investigations on subjects involved in IP infringement
  • Pinpoint the source and location of the manufacturer in counterfeit product claims
  • Establish new delivery channels for the trade of your products

As an integral member of the ICC Counterfeiting Intelligence Bureau, CRI Group is certified to advise and assist organizations with intellectual property investigations involving grey market and product counterfeiting crimes.

CRI Group utilizes various techniques, analytics, and global technology to investigate intellectual property infringements, including the use of international Counterfeiting Seizure Maps and International Anti-Counterfeiting Directories. Our strategic partnerships with IP firms worldwide ensure that leads are identified and investigated and claims are settled expeditiously.


CRI Group Intellectual Property (IP) Investigations:

  • Trademark Investigations
  • Intellectual Property Acquisition Services
  • Patent Investigations
  • Brand, Media and Internet Monitoring Services
  • Anti-Counterfeiting Programs
  • Brand Integrity Programs
  • Copyright Abuse Investigations
  • Cyber Surveillance
  • Litigation Support

 CRI is an ideal partner to be the eyes and ears of brands across markets, offline and online. Our multidisciplinary experts regularly review and scan the online marketplaces to keep a close eye on fake products. From online surveillance to supply chain audits and real-time market surveys, brands will find CRI the ideal long-term partner to keep a close eye on all markets. You, meanwhile, can focus on running the business and building your brand.

CRI Group invites you to schedule a quick appointment with us to discuss in more detail how our Brand Protection Solutions can help you and your organization. 


About CRI Group

For short, Corporate Research and Investigations Limited, or CRI Group, has protected businesses from fraud, bribery, and corruption since 1990. Globally, we are a leading Compliance and Risk Management company licensed and incorporated entity of the Dubai International Financial Center (DIFC) and Qatar Financial Center (QFC). CRI protects businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. Based in London, United Kingdom, CRI is a global company with experts and resources in key regional marketplaces across the Asia Pacific, South Asia, the Middle East, North Africa, Europe, and North and South America. Our global team can support your organization anywhere in the world.


WEBINAR | Do you Know the Importance of the Whistleblowing Standard?

Whistleblowing is integral to an ethical and moral working environment and over the years, there have been many instances that have led to the loss of reputation, monetary gain and expansion for many corporations. A whistleblower who is someone who informs, reports or discloses on an individual or organisation transmission of any illicit activity which may harm the interests of stakeholders; it should be noted that whistleblowing has also emerged in the mainstream corporate culture and the essential roles in leading today‘s modern corporations to enforce effective whistleblowing policy within their compounds of governance.

However, despite the importance of implementing a whistleblowing framework, many organisations choose to overlook it or not invest as much time into implementing the framework into everyday working life and this can have dire consequences for the organisation against its competitors, there may be a loss of financial gains and as well as a corrupt ethical moral code spreading amongst the employees. Infamous corporate governance cases, such as Enron and WorldCom, have enticed the spotlight of corporate citizens to the issue of poor, yet ineffective, sound governance practices in corporate strategies; as a result, the momentum of implementing and performing sound governance practices by the world national bodies, government agencies, and business community has been triggered which is why we at CRI Group™ are pleased to celebrate Fraud Awareness Week which will take place from November 14-20th 2021. In the lead up to Fraud Awareness week, we want to discuss how exactly should you go about addressing a situation surrounding Whistleblowing. 

What is Fraud Awareness Week?

International Fraud Awareness Week, or Fraud Week, was founded by the Association of Certified Fraud Examiners (ACFE) in 2000 as a committed point in time to increase recognition of fraud. The week-long campaign encourages corporate leaders alongside employees to proactively take action to curtail the influence of fraud by advocating for anti-fraud awareness and additional training. Corporations and entities are urged to enrol as Official Supporters prior to International Fraud Awareness Week, and to host training prospects, disseminate anti-fraud material or otherwise promote anti-fraud pursuits during the course of the week.

Zafar Anjum, founder and CEO of CRI Group™ says that “Fraud Week reminds us that awareness is any organisation’s first line of defence against fraud and corruption, as properly trained employees will have a better opportunity to recognise the red flags of fraud, and a better understanding of their organisation’s zero-tolerance policy toward such behaviour”.

We are proud to announce that our sister brand ABAC™ Center of Excellence will be hosting a free webinar on Friday 29th October 2021 in honour of Fraud Awareness Week to discuss how to implement and successfully carry out the duties of a whistleblower. However, be quick to sign up as seats for the webinar are limited to 30 participants. 



At both brands, we aim to use our events as a means of educating corporations as well as opening the path to receiving tailored advice which is beneficial to each and every individual corporation in the long run. In this specific webinar, we intend to discuss the following:

  • Definition of whistleblowingc
  • The benefits of encouraging whistleblowers in the workplace
  • Laws to promote and protect whistleblowers in Malaysia
  • Issues concerning whistleblowing in Malaysia
  • Can whistleblowers help to improve corporate governance?
  • Whistleblowing and sound governance
  • The need for whistleblowing policy in the workplace
  • Suggestions to formulate internal whistleblowing policies for companies
  • Strengthen whistleblowing mechanism by adopting ISO 37002:2021

CRI Group™ believes that knowledge is power which is why we want to open up such a discussion of a topic relating to whistleblowing in the workplace and how adopting ISO 37002:2021 Whistleblowing Management Systems can help to enhance an organisations whistleblowing mechanism. Our aim is to educate, equip and support the world’s leading organisations with the latest best-in-practice risk and performance assessments, systems improvement and standards certification.

Be sure to take advantage of this free opportunity to educate yourself from the leading sources and to have any of your queries and confusions answered by our speakers this Friday, October 29th 2021, 10 am – 12 pm Malaysia Time. 


Fraud Prevention Strategy: Build One in Five Simple Steps

Fraud Prevention Strategy: The 5 Simple Steps

A fraud prevention strategy is one of the key policies that can aid an organization in safeguarding itself against reprimands of the matter. One of the greatest encounters a fraud auditor can confront is the mission of persuading management that the peril of fraud exists across all aspects of corporate culture – regardless of whether it is from internal factors or external factors. Fraud cannot ever be eradicated from the corporation as collusion is adept in continually conquering routine organizational regulations.

What is the strategy?

The objective of a Fraud Prevention Strategy is to identify a high-level proposal on how an organization should implement its fraud prevention policy in the presence of its internal and external influences. The strategy forms the most important part of the fraud deterrence strategy; thus, the policy an organization chooses to implement must be straightforward and pragmatic.

Combating fraud requires a distinct and refreshing methodology that entails including all three facets of the fraud cycle:

  • Fraud deterrence and prevention
  • Fraud detection
  • Fraud investigation

Preferably, with the fraud cycle in mind, every enterprise ought to put together a distinctly specified fraud prevention strategy that integrates the following:

  • Determine the proper culture with the proposed policy: having protocols and policies in place for dealing with fraud will help you establish a good grounding for identifying it.
  • Counteract and detect: To detect fraud, you need to have effective systems and processes in place covering all aspects of your business.
  • Investigation of any occurrences in which fraud occurs.
  • Review and monitor policies and occasions in which fraud has transpired regularly to ensure that fraud levels stay below the goal amount.
  • Learn from previous occurrences and update training procedures.
  • Risk management covers all types of risk, from corporate and social responsibility compliance to performance measurement. 

To learn more about third-party risk management, why not check out our 3PRM brochure.

What should be established in a fraud prevention strategy:

1. Whistleblowing policy

Whistleblowing is the act of exposing information about misconduct in the workplace and is a crucial element in any prevention strategy. When whistle-blower hotlines are implemented and sustained correctly, they can substantially decrease an organization’s exposure to fraud by permitting for prior detection and thus savings in the form of reduced fraud losses from the prior detection.

2. Identify the risks:

The risk of fraud is not solely based on an employee’s background but also a myriad of other factors. Most notably, it is important to be able to identify risks by nature of items (some examples include size and valueease of resale and cash), nature of the control environment (including separation of dutiessafeguards, complexity, turnover and related party transactions) and pressures ( i.e., level of dissatisfaction – if the workforce is unhappy with the company, they will be more inclined to engage in fraud, expectations and guarantees). Identifying these risks is the first step in figuring out how to counteract them, thus preventing fraud.

3. Implement effective controls:

When it comes to implementation, organizations need to ensure that they complete the action plan and then refer it to an appropriate person – in most instances. This is from HR and other figures in leadership to management of employees. It is then up to the subordinates to assist them with implementing the strategy, reviewing the strategy, or delegating it to the employees.

Most policies implement:

  • Making employees aware of emergency procedures
  • Making employees aware of the location of first aid stations
  • Educating employees on the location and obvious danger and workplace hazards
  • Examine health and safety workplace responsibilities; wear the necessary protective clothing or equipment, participate and have input to management report incidents or mishaps as considered essential by management.

4. Increase awareness of the risks:

It must not be presumed that staff members have an innate perception of the risks of fraud or that they have any understanding of the scope of risks that encircle them. This means that it is incredibly important to stimulate a risk-conscious culture within an organization.

Some examples of methods to increase such awareness include:

  • Performing risk audits and engaging as many individuals as possible in the organization in the risk auditing procedure
  • Benchmarking – studying “best practices” from other organizations that have executed risk management.
  • Sending organization personnel to attend industry seminars on fraud prevention as well as risk management

5. Plan for the worst:

It might sound pessimistic, but it is always best to prepare yourself and your employees for the worst-case scenario. Unfortunately, as hard as we try to minimize fraud, it cannot, be fully eradicated. If it appears too good to be true, it most likely is. It is good practice to meticulously probe all agreements, prospects, transactions, data and documents.

Want to know more about recruiting the right people for your organization? Visit our page on Background Screening services or view our EmploySmart brochure.

Crucial components that a proper fraud prevention strategy accomplishes:

It is easy to infer that fraud can leak into all aspects of corporate culture and can destroy an organization from within. Despite this issue, several organizations opt not to implement a fraud prevention strategy – it is primarily implied that this is ascribed to the absence of knowledge circulating on the benefits of such a strategy. However, the rewards reaped from this type of policy is beneficial to corporations eventually and can reap the rewards such as:

  • Lower consequential loss pertaining to fraud
  • Lesser/no legal and investigative costs relating to fraud
  • Lesser/no regulatory fines paid in the occurrence of fraud
  • Better time management can be used to enrich employees’ knowledge and experience at the organization.
  • Reduced insurance premiums
  • Lower turnover of key staff and customers
  • The lessened cost of/capability to increase new finance

Overall, the process of preventing fraud can be an extensive one, but one whose benefits outweigh the onerous course. Protect your organization from liability, business interruption and brand damage by partnering with the CRI® Group. Our 3PRM solution address various specific areas, including:

  • Third-Party Integrity Due Diligence & Screening: ensures global compliance, provides adequate monitoring & protection against potential litigation;
  • 3PRM Enhanced Background Checks: uncovers derogatory information within the public & private record resources through risk-based background checks, including investigative research into suppliers & individuals, ultimate-beneficial owners;
  • ISO 37001 Anti-Bribery Management System: CRI® Group’s independent and accredited Certification Body can examine your Anti-Bribery & Anti-Corruption procedures & issue an accredited Certification; and
  • ISO 37301 Compliance Management System: CRI® Group’s independent certification body helps companies worldwide to increase & measure their efforts against regulatory compliance risks.

If you still have any questions surrounding fraud prevention, why not contact CRI®? Our experts have years of experience and have been trained to provide your business with bespoke advice that fits your organizations’ needs.


Don’t hesitate to prevent fraud in your workplace today.

About us…

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS102000:2013 and BS7858:2019 Certifications is an HRO certified provider and partner with Oracle.

In 2016, CRI Group™ launched the Anti-Bribery Anti-Corruption (ABAC™) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC™ operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organizations. Contact ABAC™ for more on ISO Certification and training.



Time to get ISO 37001:2016 Certified – The Process, Part 2

Shifting a light on anti-Bribery and anti-corruption methods, our sister brand ABAC™ Centre of Excellence tells us how key is ISO 37001:2016 Anti-Bribery Management System Certification is for public, private, and non-profit organisations across the globe and explains the process behind certification. At CRI™, we believe it is important as it provides a key layer against threats of bribery, corruption, fraud and other security concerns. It also sets an organisation apart from its peers as a model for ethical behaviour and compliance.

In a recent guest blog, ABAC™ Centre of Excellence discussed the first part of getting ISO 37001:2016 certified. ABAC™ covered the initial engagement and the first four steps, including the audit confirmation, pre-assessment, and stage one and two audit processes. Today our sister brand ABAC™ will discuss the rest of the certification process and the path to getting your organisation better protected and fully compliant in addition to CRI Group’s corporate due diligence services.

Step 5: Follow up Audit (optional)

If a major non-conformity is raised or remains outstanding from Stage 1, an additional visit will need to be booked. For major non-conformity raised during Stage 2, a revisit will be required within 30 days of submitting the CAP to confirm the implementation of an effective CAP.

Step 6: Awarding of Certificate

If the organisation is compliant with the standard conditions, a recommendation for certification will be made.

  • For minor non-conformities: This will not delay the certificate if an organisation has a CAP. The certificate is granted within 04 weeks from the time of CAP submission.
  • For major non-conformities, the organisation must submit and implement CAP within 180 days maximum. Once the auditor has verified the CAP, the certificate is granted within six weeks (from the time of CAP submission by the Client). However, all major non-conformities will need to be addressed before a certificate can be published.

Step 7: Continual improvement and surveillance audits

Surveillance is planned over three years and will ensure that the organisation complies with the standard.

Step 8: Re-certification Audit

The registration period is three years from the date on the certificate. After the initial registration period, renewing your Anti-Bribery Management System Certification is relatively seamless. Once the second surveillance visit has been completed, you will be sent a registration renewal/re-certification proposal detailing the process and associated costs and assessment days for the next three years. A re-certification audit will require Stage 1 and Stage 2 audit. The depth of the audit and time required would be determined as per your performance (during the certification period) and any planned changes to your system. It’s that easy. Now is the time to move forward with ISO 37001:2016 certification.

What comes next? 

For assistance in developing and implementing an Anti-Bribery Management System, go to, contact ABAC™. today or get a FREE QUOTE!

In 2016, CRI Group™ launched Anti-Bribery Anti-Corruption (ABAC™) Center of Excellence – an independent certification body that provides education and certification services for individuals and organisations on a wide range of disciplines and ISO standards, including ISO 31000:2018 Risk Management- GuidelinesISO 37000:2021 Governance of OrganisationsISO 37002:2021 Whistleblowing Management System, ISO 37301:2021 (formerly ISO 19600) Compliance Management systemAnti-Money Laundering (AML) and ISO 37001:2016 Anti-Bribery Management Systems


Who is CRI Group™?

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.