Risk Assessment Breakdown: Identification, Analysis, and Evaluation

Risk management is a full-time, ongoing endeavour for organisations in today’s business world, and it poses constant challenges. Unfortunately, fraud, bribery and corruption are major factors affecting businesses and agencies of all sizes and industries. Being proactive against these risks can mean the difference between success and ruin. Whatever your reasons or motivations might be, if your organisation’s objective is to have an effective risk assessment management strategy in place. This article discusses the importance of Risk Assessment. There are two important building blocks that form the core of risk management:

• Risk assessment
• Risk treatment

Each of these stages can stand on their own – in this article we will go into detail about best practices for identifying risks, how to analyse them in terms of probability and severity, and how they can be evaluated in terms of the company’s risk appetite.

What is Risk Assessment?

Risk assessment is the overall process of identification, analysis and evaluation of any given risk. It can be a systematic examination of a task, job or process that a risk professional carries out at work for the purpose of identifying significant hazards. For example, the risk of someone being harmed and deciding what further control measures to take to reduce the risk to an acceptable level. The process will vary between organisations, but it should start with identification of hazards, analysis of who and what might be harmed, evaluation of the risk, documentation of the risks, taking action and review. Your organisation should conduct a risk assessment systematically, interactively and collaboratively, drawing on the knowledge and views of stakeholders. It should use the best available information, supplemented by a further inquiry as necessary.

Risk assessment breaks down into:

• Step 1: Identification
• Step 2: Analysis
• Step 3: Evaluation

Business Intelligence (BI) Solutions can help during this stage. BI take many shapes and forms in today’s complex business environment. Budgets are stretched and the challenges facing a business and its employees can sometimes lead to issues that start off small, but then lead to wider spread problems which can affect the very fabric of your organisation and damage both your credibility, reputation and bottom line profits. CRI Group™ takes two approaches to BI solutions:

• Intelligence operations (via market research and analysis): we focus on researching the future and potential growth of your business – i.e. determine the commercial viability and potential for success in the market, analyse consumer behaviour and business trends in that market, etc.
• Investigative operations (via commercial investigations): we focus on the current status of your business – i.e. location of assets, financial information, identification of unmet needs of any market, gauge brand awareness and identity in the market, etc.)

CHECK OUT OUR BI SOLUTIONS  or  DOWNLOAD BROCHURE

Risk Identification

The purpose of risk identification is to find, recognise and describe risks that might help or prevent an organisation achieving its objectives. Relevant, appropriate and up-to-date information is important in identifying risks. The organisation can use a range of techniques for identifying uncertainties that may affect one or more objectives. The following factors, and the relationship between these factors, should be considered:

• Tangible and intangible sources of risk;
• Causes and events;
• Threats and opportunities;
• Vulnerabilities and capabilities;
• Changes in the external and internal context;
• Indicators of emerging risks;
• The nature and value of assets and resources;
• Consequences and their impact on objectives;
• Limitations of knowledge and reliability of information;
• Time-related factors;
• Biases, assumptions and beliefs of those involved.

Your organisation should identify risks, whether or not your sources are under your control. Consideration should be given that there may be more than one type of outcome, which may result in a variety of tangible or intangible consequences.

Risk Analysis

Risk analysis allows you to understand the nature of risk, its characteristics and level. Because an event can have multiple causes and consequences and can affect multiple objectives a risk analysis should involve a detailed consideration of uncertainties such as risk sources, consequences, likelihood, events, scenarios, controls and their effectiveness.

Risk analysis can be undertaken with varying degrees of detail and complexity, depending on the purpose of the analysis, the availability and reliability of the information, and the resources available. Analysis techniques can be qualitative, quantitative or a combination of both, depending on the circumstances and intended use. Risk analysis should consider factors such as:

• The likelihood of events and consequences;
• The nature and magnitude of consequences;
• Complexity and connectivity;
• Time-related factors and volatility;
• The effectiveness of existing controls;
• Sensitivity and confidence levels.

A risk analysis is likely to be influenced by a wide range of variables, from any divergence of opinions, biases to perceptions of risk, from judgements, quality of the information used to the assumptions and exclusions made and any limitations of the techniques and how they are executed. These influences should be considered any risk analysis, documented and communicated to any decision-makers involved in the process.

It is important to remember that any highly uncertain event can be difficult to quantify, and this is an issue. If you find yourself in such a situation, using a combination of techniques generally provides greater insight. Risk analysis provides input to risk evaluation, to decisions on whether risk needs to be treated and how, and on the most appropriate risk treatment strategy and methods. The results provide insight for decisions, where choices are being made, and the options involve different types and levels of risk.

Risk Evaluation

Risk evaluation can support your decisions. Risk evaluation involves comparing the results of the risk analysis with the established risk criteria to determine where additional action is required. This can lead to a decision to:

• Do nothing further;
• Consider risk treatment options;
• Undertake further analysis to better understand the risk;
• Maintain existing controls;
• Reconsider objectives.

Any decisions should take into account the wider context and the actual and perceived consequences to external and internal stakeholders. The outcome of risk evaluation should be recorded, communicated and then validated at appropriate levels of the organisation.

Who should do Risk Assessments?

Well, by law, every employer must conduct risk assessments. Risk assessments should always be carried out by a professional who is familiar to risk, a person who is experienced and competent to do so.  Competence can be expressed as a combination of knowledge, awareness, training, and experience. Remember competence does not mean you have to know everything about everything, competence also means knowing when you know enough or when you should call in further expert help.

But we all like to think that all of our employees will be trustworthy, but this is not always the case. There have been many instances in which an employee has been dishonest about their job history, qualifications or even criminal history. A dishonest employee could be unqualified for the position, possibly endangering others on the job. Or they might be a fraud risk, willing to bend the truth in other ways in order to enrich or advance themselves on your dime. No organisation can afford to have employees or staff who aren’t what they claim to be. Even a seemingly innocent embellishment can indicate more background problems under the surface, and the potential for future problems down the road so remember, trust your employees but, verify them too. 

CHECK OUT OUR EMPLOYEE BACKGROUND SCREENING SOLUTIONS  or  DOWNLOAD BROCHURE

Risk Assessment and ISO 31000 Certification with ABAC™

While the team at CRI® do not deliver any training or certification on ISO 31000, our partner ABAC™ Center of Excellence do. ISO 31000 can provide the principles, framework and a process for managing risk. ISO 31000 is not a certifiable standard; the standard is a set of guidelines which provide guidance for internal or external audit programmes. However we recommend taking ISO 31000 Awareness training, this will enable you to fully understand Risk Management activities and mitigate risk. 

ISO 31000 was developed by hundreds of experts in risk mitigation, from thirty countries. This international effort produced a standard that is worldwide and represents best practices and leading operations for risk management. Organisations can trust that they are following a tested, robust standard to increase success. The standard converts risk management into a set of “friendly” and actionable – and straightforward to implement – guidelines, regardless of the size, nature, or location of a business. 

The training helps establish an ethical culture by educating your personnel on the following:

• What constitutes fraud, corruption, and bribery, and why these are so damaging to business
• How to identify red flags of fraud, corruption, and bribery
• The process for reporting fraudulent and unethical acts
• The organization’s zero-tolerance attitude toward unethical behaviour and willingness to terminate employees for breaches, and prosecute unethical acts
• The serious ramifications for committing fraud or bribery, the legal consequences, and the negative impact on one’s career

The ISO certifications helps us at ABAC™ to provide appropriate anti-bribery training to personnel across various industries. This standard helps to assess bribery risks, perform the appropriate due diligence required for your business and to take reasonable and proportionate steps to ensure that controlled organizations and business associates have implemented appropriate anti-bribery controls.

> Find out more about ISO 31000 Risk Management and other standards now!

Other Solutions

While CRI™ may not offer the ISO certification, we do offer other services. We specialise in solutions regarding compliance, working as trusted partners to businesses and institutions across the globe. Our experts work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates. CRI’s unique identity and vision evolved from our fundamental desire to support our clients and their candidates, thus creating the DueDiligence360™.

The DueDiligence360^TM reports to help organisations comply with anti-money laundering, anti-bribery, and anti-corruption regulations. This service also proves beneficial ahead of a merger, acquisition, or joint venture as it can be used for a third-party risk assessment, onboarding decision-making, and identifying beneficial ownership structures. Identifying key risk issues clearly and concisely helps enhance your knowledge and understanding of the customer, supplier, and third-party risk, helping you avoid those involved with financial crime.

Why not consider our background investigative solutions? Employee Background Checks can aid in reducing the risk of hiring an employee who does not live up to their supposed skill set and could cause irrevocable damage. Firms spend years, thousands, even millions to brand their products and services – it only takes one bad hire to cause loss of capital and reputation. It can go as far as bringing a business to fail – especially if the employee holds malice towards the organisation. EmploySmart™ is CRI’s own solution aiming to expose vulnerabilities and threats within your organisation. Much like the ISO certification, our EmploySmart™ is a risk management measure which can be used to significantly reduce business and financial crime, fraud and malpractice within your workplace.

Our solutions are also certified by the British Standard Institute BSI for the scope of BS 7858:2019 Screening of individuals working in a secure environment, Code of practice (the only BS 7858 certified background screening services provider in the UAE and across the Middle East); and BS 102000:2018 Code of practice for the provision of investigative services.

Another risk management solution to consider from CRI® is our Third-Party Risk Management solution (TPRM),  also known as 3PRM™. In wake of the global pandemic, the 3PRM™ was developed in a bid to aid organisations to accurately determine the legal compliance, financial viability, and integrity levels of external parties, vendors, and customers who seek to be affiliated with and represent the business.

The 3PRM-Certified™ program consists of gap analysis and investigative due diligence on the targeted above parties.  This highly thorough program reveals anti-corruption, compliance and risk management discrepancies associated with the international regulatory framework helping your business to flourish at any scale. Find out more about CRI Group’s Solutions here.

If you’re unsure of what solution may be best for you and your business, how about connecting with one of our experts for a free consultation? Receive tailored advice from the top analysts and investigators across the globe.

CONTACT US

About CRI Group™

Based in London, CRI™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI™ launched Anti-Bribery Anti-Corruption (ABAC™) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC™ operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI® Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC™ for more on ISO Certification and training.

Filed under: All Industries, Anti-Bribery Anti-Corruption Solution, Background Investigation, Compliance Solution, Due Diligence, ISO 37001, Resources, Third-Party Risk Management by admin
No Comments »

WEBINAR | Breaking Down The ISO 37001 Audit Process

CRI Group’s ABAC™ will be hosting a paid webinar on the 30th of September exploring the Pitfalls Most Organisations Often Commit – the importance of implementing Anti-Bribery Management System (ABMS). Being a part of the solution means being able to share our expert knowledge on what would be best for your organisation.

Registration Expired

Filed under: Anti-Bribery Anti-Corruption Solution, Compliance Solution, ISO 37001, Resources by admin
No Comments »

Why Financial Services Firms Need ISO 37001 ABMS?

When Société Générale, a global financial services institution based in France, agreed to pay a combined total penalty of more than $860 million for an alleged bribery and corruption scheme, it served as a warning shot to financial firms worldwide that a culture of enforcement has arrived. Société Générale was accused of paying bribes to officials in Libya and committing violations in manipulating the London InterBank Offered Rate (LIBOR), one of the world’s leading benchmark interest rates. Together with other regulatory penalties faced by the financial services giant, the total amount to be paid exceeds $1 billion. (The United States Department of Justice, 2018)

Bribery and corruption often go together with money laundering – and, as such, the financial sector faces new Anti-Money Laundering (AML) rules and legislation that is strict and increasingly enforced. Remaining in compliance through implementing proper prevention controls is a must. Failing to do so can mean a loss of business, trust and reputation: Banking giant Citibank was fined $70 million in the US for failing to address shortcomings in its anti-money laundering policies. We at CRI intend on being apart of the solution. Therefore, CRI Group’s ABAC™ will be hosting a webinar on the 30th of September exploring the Pitfalls Most Organisations Often Commit – the importance of implementing Anti-Bribery Management System (ABMS). Being a part of the solution means sharing our knowledge so society is one step closer to an ethical reality.

Registration Expired

In the US alone, more than 100 bribery investigations were in progress at the end of last year, with the financial services industry facing the most investigations. (Wall Street Journal, 2019)

Having layers of safeguards in place is required both from a legal and compliance standpoint. One of the most critical layers is an effective anti-bribery management system (ABMS).

Prevent Corruption and Promote Compliance

There is a solution that financial services organisations can implement to take a proactive stance against bribery and corruption: The ISO 37001:2016 Anti-Bribery Management System standard. ISO 37001 ABMS is designed to help global organisations implement an anti-bribery management system (ABMS), as the standard specifies a series of measures required by the organisation to prevent, detect and address bribery, and provides guidance relative to that implementation.

For financial services firms, this is a critical layer of protection that provides both anti-bribery controls and a system for compliance with various anti-corruption legislation, such as the FCPA and UK Bribery Act. The UK Bribery Act’s adequate procedures requirement dictates that all companies need to have ongoing monitoring, training, surveillance and risk assessments – ISO 37001 ABMS is designed to fulfil these criteria and more.

CRI Group’s ABAC™ Certification Services is accredited to offer independent ISO 37001 certification to ensure that an organisation is in compliance with the standard, which is recognised and practised in more than 160 countries worldwide. CRI Group’s auditors and analysts work with financial services organisations to develop measures that integrate with existing management processes and controls, and include:

• Adopting an anti-bribery policy
• Establishing buy-in and leadership from management
• Training personnel in charge of overseeing compliance
• Communicating the policy and program to all personnel and business associates
• Providing bribery and corruption risk assessments
• Conducting due diligence on projects, business associates and other third-party affiliations
• Implementing financial and commercial controls
• Developing reporting and investigation procedures

Our paid webinar will have a rundown of the following:

• What are the core Bribery and Corruption Risks for Financial Institution?
• How to protect financial institutions and corporations from bribery and corruption risk
• Reparations from bribery that could affect the businesses, clients, and employees
• Successful regulations to mitigate risk for bribery and corruption.
• What can be done if bribery is detected?
• Internationally recognised solutions laid forth by ISO 37001: Anti-Bribery Management System that gives businesses effective controls to mitigate risk
• Components of risk management at a financial institution

We will also be exploring how the implementation of such a standard aids in examining and dealing fittingly with any actual or suspected bribery within the corporation and also how to implement appropriate financial, procurement and other commercial controls so as to help prevent the risk of bribery in financial services as these organisations face unique challenges.

Register Here (Expired)

Among them are maintaining proper internal procedures as they relate to bribery and AML regulations. These measures can be logistically challenging, especially in the auditing process – but keeping accurate books and records is a key provision of the UK Bribery Act. ISO 37001 ABMS standard makes this a key provision in cultivating proper due diligence and reporting procedures.

Another major challenge involves monitoring third-party risk. The due diligence practices and risk assessments implemented through ISO 37001 ABMS are critical in this area. Financial services firms, more than any other sector, must conduct effective vetting and ongoing monitoring of third-parties. This goes beyond “on-boarding” and relates to how companies continually assess risk from outside partners – including brokerage firms, introducers, agents, joint-venture relationships, even clients – as borrowers, for example, represent a major risk on the balance sheet.

Some financial services companies do not properly score or assign risk profiles to third-party partners, and this can represent a major weak point in efforts to prevent bribery, corruption and money laundering. Regulators understand this, too. That’s why ISO 37001 ABMS dictates thorough and comprehensive due diligence in regards to all third-parties and especially in the case of mergers and acquisitions.

Once certified, an organisation must continue surveillance and undergo a recertification audit over three years to ensure that the organisation still complies with the ISO 37001:2016 ABMS standard. During this time, any changes to processes, the addition of new partners and expansion/acquisition of new assets or energy contracts, etc. are carefully reviewed.

Long-lasting Benefits of Certification

ISO 37001 ABMS provides a strong framework for addressing and isolating risk factors, and the benefits of certification are far-reaching, impacting not just the primary organisation but also influencing contractors, clients, and raising the profile of the company as an ethical entity that is a good trading partner. By achieving ISO 37001:2016 ABMS certification, a financial services firm will:

• Ensure that the organisation is implementing a viable anti-bribery management system utilising widely accepted controls and systems.
• Assure management, investors, business associates, personnel and other stakeholders that the organisation is actively pursuing internationally recognised and accepted processes to prevent bribery and corruption.
• If needed, provide acceptable evidence to prosecutors or courts that the organisation has taken reasonable steps to prevent bribery and corruption.

Cases like Société Générale are not isolated, but more and more, we are seeing companies punished for not taking proper preventative action with a robust anti-bribery management system (ABMS). Financial services firms need to be aware and stay in front of increased anti-bribery and corruption legislation given that such regulations have, in most cases, achieved a global reach. For ownership and management, the stakes are especially high – accountability now includes criminal liability for organisation personnel as individuals, beyond (and in addition to) liabilities faced by the organisation. This trend will only continue as governments, and their publics become increasingly intolerant of fraud, bribery and corruption. Significant media coverage and the real and perceived threat to governments’ economies contribute to this changing landscape of public opinion.

As the ISO 37001 International standard document states, “Conformity with (ISO 37001) cannot provide assurance that no bribery has occurred or will occur in relation to the organisation, as it is not possible to eliminate the risk of bribery. However, (the standard) can help the organisation implement reasonable and proportionate measures designed to prevent, detect and respond to bribery”. With this in mind, It’s important to note that ISO 37001 certification, on its own, is not a “safe harbour” from prosecution should bribery or corruption be discovered. Significantly, ISO certification is, as the above explains, a potential mitigating piece of evidence to regulators or even prosecutors and the courts that the entity has taken meaningful steps in its efforts to prevent bribery and corruption.

Financial Services Firms Need ISO 37001 ABMS

It is critical that any financial services organisation have a proper, comprehensive strategy to prevent and detect bribery and corruption, and remain in compliance with all regulations – on the local, regional, and international levels. The ISO 37001 ABMS standard is an established, tried and tested program to address those issues head-on through a comprehensive program of training and certification. The training process is tailored to the organisation while still following the developed curriculum and documented best practices. Due diligence procedures and risk assessments are applied in a thorough, comprehensive manner. Certification requires the demonstration that processes have been implemented effectively, with follow-up evaluations.

Worldwide developments in laws and regulations have demonstrated that there isn’t time to wait to implement controls and compliance procedures – the next investigation and/or prosecution may be too late. The harm caused by bribery and corruption to an entity’s reputation, investments and business can be far-reaching and long-lasting.

This paid webinar will be running from the following times on Thursday the 30th of September;

• 08:00 to 10:00 GMT
• 15:00 to 17:00 MYT
• 12:00 to 14:00 GST

Your turnout with come with a certificate of Attendance (COA) as well as a complimentary webinar ABMS Awareness for 2 Pax per company. While you’re there, why not attain a Continuing Professional Development (CPD) certificate and stay on top of your industry?

Register your place for this webinar here and find out how to tackle the issue of bribery and corruption in your workplace before it has time to manifest itself into a greater issue. Finance is the greatest asset to the economy after all.

Complete Registration (Expired)

Filed under: Anti-Bribery Anti-Corruption Solution, Compliance Solution, Due Diligence, Finance & Professional services Industry, ISO 37001, Resources by admin
No Comments »

ISO 37001 Solutions for All Industries (Part 3)

In part 1, we discussed how ISO 37001 ABMS can help companies across a wide range of industries, including automotive, aviation and insurance. In part 2, we looked at how pharma and healthcare, property, IT and telecommunications organisations can benefit from Anti-Bribery solutions as well. In this final part, we will explore some aspects of how companies from the financial, oil and energy industries could implement ABAC solutions.

Finance

Bribery and corruption are among the top fraud concerns for all financial organisations. These include banks & financial institutions, real estate lenders, business credit and finance companies, commercial investment corporations, asset-based lenders, debt financing firms, acquisition capital firms and others. Having safeguarding processes in place is required both from a legal and compliance standpoint and from the position of being a trusted, secure financial institution. The financial sector includes new Anti-Money Laundering (AML) rules and legislation, and these regulations are strict and increasingly enforced. As such, remaining in compliance through implementing proper prevention controls is a must.

In one high-profile case, between 2006 and 2013, JPMorgan Chase and its subsidiary, JP Morgan Securities (Asia Pacific) Limited (JPM-APAC) took on about 100 Chinese interns and full-time employees who ended up at the centre of a bribery case spread over two continents and worth hundreds of millions of dollars. In order to win business from members of the Chinese government and state-owned companies, JPM-APAC allegedly targeted their children, offering them high-ranking and well-paid positions in the business in order to curry favour with their parents. JP Morgan fell into trouble for allegedly violating the Foreign Corrupt Practices Act (FCPA), and the DoJ called the scheme ‘bribery by any other name’ – alleging that it had threatened national security. In November 2016, the bank was ordered to pay $264 million to settle the claims against it – $130m to the SEC for violations of the FCPA, $72m to the US Justice Department and $61.9m to the Federal Reserve Board of Governors.

CRI Group™ investigates: Pharma corruption case included CFO

ISO 37001 in Oil, Gas and Energy Industries

The oil and energy sector is a massive portion of the world’s economy, dealing mainly in petroleum – including upstream (exploration, development and production of crude oil or natural gas) and downstream (oil tankers, refiners, retailers and consumers) pipeline. The need to prospect, discover, and realise oil and energy production in various (and often far-flung) locations lends to the vulnerability to fraud – but geographic considerations aren’t the only risk factors.  Perhaps even more impactful is the complexity of business relationships required to operate in the industry – relationships with governments, contractors, regulators, investors/venture partners, equipment suppliers and other parties. Every such interaction and dealing can be considered susceptible to bribery and corruption where cutting corners may be considered profitable or even perceived to be “business as usual.”

An infamous example is the case of Petrobras. In December 2017, the world’s largest builder of offshore rigs agreed to pay $422 million in penalties after entering a guilty plea for bribery charges connected with the Petroleo Brasileiro (Petrobras) scandal. Keppel Offshore & Marine Ltd. made illicit payments to both Petrobras officials and government representatives for more than a decade, between 2001 and 2014 (Reuters, 2017). The sweeping multimillion-dollar bribery scandal that rocked Petrobras led to numerous investor lawsuits and the downfall of disgraced government officials. It also served as the embodiment of the huge risk of bribery and corruption that confronts the entire oil and energy sector. See “Oil and Energy Companies Look to ISO 37001.”

Long-lasting Benefits of Certification of ISO 37001

ISO 37001 provides a strong framework for addressing and isolating risk factors in all industries. The benefits of certification are far-reaching, impacting not just the primary organisation but also influencing contractors, clients, and raising the profile of the company as an ethical entity that is a good trading partner. Even more effective, ABAC™ tailors IS0 37001 to the specific needs of the client.

By achieving ISO 37001:2016 certification, an organisation will ensure that it is implementing a viable anti-bribery management system utilising widely accepted controls and systems. It will also assure management, investors, business associates, personnel and other stakeholders that the organisation is actively pursuing internationally recognised and accepted processes to prevent bribery and corruption. Today, companies cannot afford to be reactive to threats of bribery and corruption. By achieving ISO 37001 Anti-Bribery Management System certification today, an organisation will remain in compliance and better positioned to address risks head-on.

Stay updated 

Stay tuned for Part 2 or follow us on LinkedIn, Facebook or Twitter for more industry news and insights.

Sign up for risk management, compliance, corporate and background investigations, business intelligence and due diligence related news, solutions, events and publications.

Who is CRI Group?

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

Filed under: All Industries, Anti-Bribery Anti-Corruption Solution, Compliance Solution, ISO 37001, Resources by admin
No Comments »

Cyber Security: How to Maintain GDPR Compliance?

The European Union’s (EU) General Data Protection Regulation (GDPR) came into force in 2018. The GDPR was a response to massive worldwide data breaches that were undermining the trust and security of private citizens whose personal information was at stake. As this data was exposed by both hackers and, in some cases, simply through poor security measures, governments of the EU felt it was time to create a strong piece of governance to bolster protection. While the initial rollout of GDPR held some uncertainty and unknowns for organisations subject to its guidelines, there is now a much clearer picture of how its standards apply. The punishments for being caught out of compliance can be severe: Violators of the GDPR may be fined up to €20 million or up to 4 percent of the annual worldwide turnover of the preceding financial year in case of an enterprise, whichever is greater.

Cybersecurity is a Priority for the Management

Even with extremely high fines and stringent requirements, GDPR violations and data breaches have been skyrocketing across the world. In 2020, the overall increase of fraudulent activities has been detected, based on ACFE’s “Fraud in the Wake of COVID-19: Benchmarking Report”: 77% of survey participants have seen an increase in the overall level of fraud as of August, compared to 68% who had observed an increase in May. Earlier we wrote how the COVID-19 crisis triggered fraudulent activities and what can businesses do to support anti-fraud movements in their organisations and to strengthen their immunity to fraud. However, cyber-attacks are on the rise – the survey by the gov.uk continues to show that cybersecurity breaches are a serious threat to all types of businesses and charities. 39% of businesses and 26% of charities reported having cybersecurity breaches or attacks in the last 12 months. Like previous years, this is higher among medium businesses (65%), large businesses (64%) and high-income charities (51%).

The study suggests that the risk level is potentially higher than ever under COVID-19 and that businesses are finding it harder to administer cybersecurity measures during the pandemic: 35% of businesses compared to 40% last year are now deploying security monitoring tools. This reduction suggests that these organisations might simply be less aware than before of the breaches and attacks their staff are facing.

However, among those that have identified breaches or attacks, around 27% of businesses experience them at least once a week. The most common by far are phishing attacks (83%, and 79% in charities), followed by impersonation (for 27% and 23%). Based on a survey by the gov.uk, despite COVID-19 stretching many organisation’s cybersecurity teams to their limits, cybersecurity remains a priority for management boards. But it has not necessarily become a higher priority under the pandemic. Three-quarters (77%) of businesses say cybersecurity is a high priority for their directors or senior managers, while seven in ten charities (68%) say this of their trustees.

The Most Notable Data Breaches

In the climate where organisations are putting more emphasis on strengthening their online security systems, there is no shortage of data breaches or GDPR violations. Our experts have noticed and shortlisted a few most notable cases in any order for you to be aware:

1. Booking.com

The very recent case, when travel booking website Booking.com has been hit with a  €475,000 ($560,000) fine after failing to report a data breach within the time period mandated by the GDPR. It happened back in 2018 when telephone scammers targeted 40 employees at various hotels in the United Arab Emirates (UAE). The hackers were able to get login creations for the booking system and to access the personal details of more than 4000 customers who booked hotel rooms via booking.com. The scammers exposed the credit card details of 283 customers, and in 97 cases the CVV code was also compromised. Based on GDPR, the data breach must be reported within 72 hours. Booking.com was late for 22 days (!) to report the breach to the Dutch Data Protection Authority and was issued a fine in April 2021, as reported by Forbes.

2. Twitter

Another company that was late to report the security flaw is Twitter – it was discovered in December 2018 but the social media giant did not report it to Ireland’s Data Protection Commission (DPC) until the following month. As a result, Twitter has been told to pay a €450,000 GDPR fine by Ireland’s data regulator for failing to report a 2018 data breach in the legally required timeframe. The DPC also determined that Twitter failed to adequately document the breach, another requirement under GDPR.

3. Vodafone

The firm that has been warned or fined smaller amounts on at least 50 occasions between January 2018 and February 2020, is in the news again: the Spanish data protection authority has fined Vodafone €8.15 million (approximately £7 million) for aggressive telemarketing tactics and repeated data protection failures. The fine was issued as a result of an investigation that was prompted by hundreds of complaints, with the regulator discovering a system that held up to 4.5 million contact lists purchased from third parties without user consent.

4. Facebook

And another social media giant – Facebook. Ireland’s data protection watchdog is demanding answers from Facebook over the release of records on 533 million people that appeared to stem from the social media site. As reported in April 2021, a spokesman for the Data Protection Commission (DPC) – which regulates Facebook in the European Union – said “a dataset, appearing to be sourced from Facebook, has appeared on a hacking website this weekend for free and contains records of 533 million individuals.”

5. H&M

The Data Protection Authority of Hamburg, Germany, fined clothing retailer H&M €35,258,707.95 — the second-largest GDPR fine ever imposed. H&M’s GDPR violations involved the internal monitoring of employees. After employees took vacation or sick leave, they were required to attend a return-to-work meeting. Some of these meetings were recorded and accessible to over 50 H&M managers. It has violated the GDPR’s principle of data minimisation — don’t process personal information, particularly sensitive data about people’s health and beliefs, unless you need to for a specific purpose.

6. Google

The biggest penalty (€50 million) was issued to Google for its alleged failure to provide notice in an easily accessible form, using clear and plain language, when users configure their Android mobile devices and create Google accounts, and obtain users’ valid consent to process their personal data for ad personalisation purposes. 

COMPLIANCE & ETHICS HOTLINES, REPORT NOW

How to Maintain GDPR Compliance

What can we learn from these case studies? Maintaining GDPR compliance is a complex process, and requires a lot of diligent work. At CRI Group, we recommend looking at it as a part of your risk management strategies, together with your compliance policies and procedures.

To help you with maintaining compliance with GDPR, our integrity due diligence experts created the following top 10 GDPR best practices for any business or entity that deals with collecting, storing or using personal information:

1. Employ a Data Protection Officer (DPO)

It is a GDPR requirement that entities who carry out regular and systematic monitoring of individuals on a large scale, or large-scale processing of certain special categories of data, have an assigned DPO. It is also recommended, however, for all other entities to help ensure data security. While the GDPR does not specifically list the necessary training or qualifications of a DPO, the regulation does require the DPO to have “expert knowledge of data protection law and practices” (Digital Guardian, 2019). Implement thorough background screening processes and make sure they are trained and qualified to be your DPO.

2. Train Your Employees

Ensure that all personnel are aware of the GDPR and your organisation’s commitment to compliance. Make sure that all leaders, and especially key personnel charged with collecting, handling or storing data, understand their responsibilities under GDPR. Make date protection training a regular part of your employee curriculum.

3. Confirm the Legality of Your Data Collection

GDPR requires that you have a legal basis to collect personal data. For most businesses, the following are the most likely to be applicable:

• The information is necessary to perform a contract between the organisation and the individual;
• You have a legal obligation to process the data (such as a court order);
• The organisation has a legitimate interest in collecting and processing the data – in other words, there needs to be a relationship and business reason to collect the date (it cannot be random);
• The individual has provided direct consent to the processing of the data.

4. Maintain thorough Records

For larger organisations (more than 250 employees), GDPR requires that records of data collection and processing be maintained. Again, this is also a best practice for smaller organisations, as well. It can help establish that the organisation is dutifully complying with the data protection principles in GDPR. Take inventory and make a record of the data you have collected and are storing to date. Create a detailed matrix to understand what types of data you are holding, where/how it is collected, how and where it is held, and whether it is still needed. Based on this information, you can also develop a data-retention policy to govern how long personal data is kept and stored. Keeping data on file longer than needed is a liability, and serves no business purpose.

5. Establish Consent Policies for Data

For some of your records, consent is your lawful basis for holding it. Under GDPR, it is no longer acceptable to assume consent in your collected data, or treat silence as consent. Create clear and unambiguous consent forms for your data collection that demonstrate adherence to GDPR principles. And remember, under GDPR, you must make it a simple process for an individual to withdraw their consent at any time.

6. Perform Due Diligence on Third-Parties

Under GDPR, your organisation is responsible if third-party partners collect, store or manage data for your organisation. You must ensure their compliance with GDPR as if it is your own since they are responsible for your data. This is the time to update your contracts with them to include compliance measures, as needed. It is also important that you review their control systems and their data handling processes. They must be comprehensive and meet all of the GDPR requirements to keep data secure. CRI Group’s third-party risk management experts can help you conduct effective reviews of your partners and their processes.

7. Be Responsive

Under GDPR, your organisation must respond to requests from individuals whose data you have collected and/or are storing. These requests are spelt out as individuals rights in regards to their personal data and they include the following:

• Right to be informed about what data is collected and why;
• Right of access to data that has been collected;
• Right to rectification/correction of inaccurate data;
• Right to erasure of data (“right to be forgotten”);
• Right to restrict processing of personal data;
• Right to data portability;
• Right to object to use of data; and
• Right not to be subject to automated decision making, including profiling.

Have a process in place to timely respond to requests and provide data when requested in order to stay in compliance.

8. Have Written Policies in Place

Develop your internal policies in regards to GDPR and how you protect personal data, and communicate them across your organisation. Take special note to spell out policies on data retention, cross-border processing of data, and how you collect and handle data for persons under the age of 16, as GDPR has special requirements in regards to children’s data.

9. Conduct Risk Assessments

GDPR requires Data Protection Impact Assessments in certain cases. These assessments measure your organisation’s ability to protect personal data and risks associated with that protection. If your data processing is considered high-risk, uses new technology, or deals in large-scale processing of data in certain categories, the assessments are required – but for any organisation, they are recommended. Data protection experts at an outside firm like CRI Group™ can help you prepare robust risk assessments and follow-up plans to address their results.

10. Be Prepared for a Breach

A worst-case scenario in data security is a breach that exposes personal information. Under the steps above, your organisation should be well-positioned to prevent or limit any breach to your data security. However, you should always have a contingency plan in place to immediately respond to a breach should it occur. Understand that GDPR requires that the applicable EU data protection supervisory authority be notified within 72 hours of a breach. Gone are the days where a company can announce it weeks or even months after the fact. Be ready to notify the affected individuals that their data has been compromised, so that they can take the appropriate steps to respond.

Organisations don’t like to think about the impact of a data breach – but major cases have pushed governments to act in the public’s interest. Perhaps nowhere is this more true than in the EU, where the GDPR is now the governing policy for organisations that deal with individuals’ personal data. By being proactive with the steps above, your organisation can be better prepared and maintain compliance with the GDPR. Most importantly, you will have the confidence and trust of your consumers through effective best practices in handling and protecting their data. CRI Group’s experts are here to help. Contact us today so that we can walk you through the steps of GDPR compliance. If you have any further questions or interest in implementing compliance solutions, please contact us.

Stay Updated on the Go

Sign up for risk management, compliance, corporate and background investigations, business intelligence and due diligence related news, solutions, events and publications.

Filed under: All Industries, Compliance Solution, Industry Insights, Resources, United Kingdom, London by admin
No Comments »

Q&A: Corporate Fraud & Corruption in the UK 2021

The United Kingdom scores 77 out of 100 on Transparency International’s (TI)  2020 Corruption Perceptions Index (CPI), as is one of the 25 least corrupt countries across the globe. However, it all seems great on the surface as corporate fraud and corruption cases have been noticeable in various industries across the UK. TI reports that corrupt actors enjoy their illicit gains by “buying luxury property in the world’s most sought-after cities, like London”. Based on the article “CPI 2020: Trouble in the top 25 countries”, “While the UK (77) is the first G20 country to launch a public register of beneficial ownership, a loophole in the law allows foreign companies to purchase real estate anonymously. This is particularly problematic as research shows that over 75 per cent of properties subject to criminal investigations between 2004 and 2015 used offshore anonymous companies to hide their owners’ identities. The UK government committed to closing this loophole by introducing a register of beneficial ownership for property, but it has yet to be implemented. The necessary legislation has been subject to significant delays. In the meantime, rich businesspeople linked to autocratic regimes are allegedly purchasing property via shell companies, such as billionaire and daughter of former President of Angola, Isabel de Santos.”

To discuss the situation of corporate fraud and corruption, CRI Group™ and its ABAC™ Center of Excellence were invited to share the expert views in the special InDepth Feature by Financier Worldwide “Corporate fraud and corruption 2021”. In this edition, CRI Group’s CEO Zafar Anjum and ABAC®’s Scheme Manager Huma Khalid talk about how corporate fraud and corruption affect businesses not only in the UK, but across the globe, and provide solutions and insights for businesses to become better protected from corporate fraud, bribery and corruption. Read on the answers to the below questions:

• To what extent have you seen a notable rise in the level of corporate fraud, bribery and corruption uncovered in your country of focus?
• Have there been any legal and regulatory changes implemented in your country of focus designed to combat fraud and corruption? What penalties do companies face for failure to comply?
• In your opinion, do regulators in your region have sufficient resources to enforce the law in this area? Are they making inroads?
• If a company finds itself subject to a government investigation or dawn raid, how should it respond?
• What role are whistleblowers playing in the fight against corporate fraud and corruption? How important is it to train staff to identify and report potentially fraudulent activity?
• What advice can you offer to companies on conducting an internal investigation to follow up on suspicions of fraud or corruption?
• What general steps can companies take to proactively prevent corruption and fraud within their organisation?

Q: To what extent have you seen a notable rise in the level of corporate fraud, bribery and corruption uncovered in your country of focus?

A: The COVID-19 pandemic has created increased opportunities for fraud worldwide. The UK is not immune, unfortunately, and such a disruptive event as the pandemic increases the likelihood that normal safeguards and risk management controls can be bypassed and subverted. There has been an increase in reported fraud and corruption cases over the past year. A survey of fraud experts by the Association of Certified Fraud Examiners (ACFE) in August 2020 showed that 77 percent were seeing an increase in fraud. Perhaps not surprisingly, cyber fraud is the fastest-growing problem area, but there has also been an uptick in unemployment fraud. This is bad news in the UK, where fraud is our most common crime, costing the country £190bn annually, according to the Royal United Services Institute (RUSI).

Q: Have there been any legal and regulatory changes implemented in your country of focus designed to combat fraud and corruption? What penalties do companies face for failure to comply?

 A: There is proposed legislation, supported by the secretary of state of the UK’s Department of Business, Energy and Industrial Strategy, that would increase accountability for corporations that produce falsified financial statements. This includes a provision that would require company directors to personally sign off on their corporation’s financial statements, under penalty of fines and possible prison time. Under the Sarbanes-Oxley Act in the US, the penalty for falsely certifying such statements is steep: up to 20 years in prison and up to $5m in fines, and the UK is looking at similar measures to step up its fight against fraud and corruption. The UK also recently approved the formation of an audit, reporting and governance authority (ARGA) that should come into force within the next two or three years. Accordingly, the UK is taking a stronger stance against fraud going forward.

STAY UPDATED: Sign up for risk management, compliance, corporate and background investigations, business intelligence and due diligence related news, solutions, events and publications

 Q: In your opinion, do regulators in your region have sufficient resources to enforce the law in this area? Are they making inroads?

A: Combatting fraud is never straightforward. When looking at progress in detecting and preventing fraud, it sometimes feels like a question of whether the glass is half full or half empty. For example, the Serious Fraud Office (SFO) brought 13 fraud defendants to trial in 2019 and 2020, with a 95 percent four-year success rate by case. Many of these represent large frauds, and they are meaningful wins, but how many more fraudsters are out there undiscovered? Other bodies, including Her Majesty’s Revenue and Customs (HMRC), among others, also have key roles to play in investigating fraud, but a considerable amount of fraud is still investigated and prosecuted at the local level. It is important for leaders in the UK to know what resources law enforcement have and where they need training and support in the fight against fraud.

Q: If a company finds itself subject to a government investigation or dawn raid, how should it respond?

A: Any investigation, and especially a raid, can be an incredibly stressful time for a company and its employees. The important thing is to not panic – the investigators have a job to do, and the sooner they get to the truth of the situation, the better for everyone. Companies should direct their management and their employees to cooperate fully, while also engaging legal counsel to properly protect the corporation from future litigation. If fraud is detected, it is a criminal matter and the company should make a good faith effort to work with prosecutors and regulators, while making sure to document all control measures and prior steps taken to manage fraud risk. Having a track record of meeting compliance requirements and having proper internal controls in place at the time fraud occurs could have a mitigating effect in terms of potential prosecution and penalties down the road. View the reprint of the interview, covering not only the UK but also the United Arab Emirates.

Q: What role are whistleblowers playing in the fight against corporate fraud and corruption? How important is it to train staff to identify and report potentially fraudulent activity?

A: Employees are a company’s first line of defence against fraud and corruption. But training them to recognise the red flags of fraud is only half of the process. The company must also implement a reporting system that is anonymous and easy to use, so that employees are encouraged to report any suspicions. Then, the company must follow through and fully investigate any reports that do come in. If they do not, whistleblowers will believe that combatting fraud and corruption is not a corporate priority, and the tips will stop coming in. How important are those tips? According to the ACFE, they are by far the highest detection method for fraud, well above audits and other means. The company should communicate that a whistleblower hotline or online reporting system is available, and that there is a zero-tolerance policy for any type of retaliation against whistleblowers. Over time, the tips will come in.

Q: What advice can you offer to companies on conducting an internal investigation to follow up on suspicions of fraud or corruption? 

A: Investigations can be challenging, and they require expertise. For example, there are rules for collecting and handling evidence, including physical evidence and witness statements, that must be followed for such evidence to be admissible in court. There are also laws in the UK dealing with privacy and the rights of the accused. The bottom line is that a company already dealing with a potentially costly and damaging fraud scenario should not risk adding more legal trouble through a faulty investigation. Hire experts who deal with corporate crime and specialise in fraud and corruption cases. Like any other area of expertise, they will have the knowledge and resources to help proceed with an investigation and lead it to the most favourable outcome for your company. If you already have anti-fraud professionals on staff, let them take the lead, but provide outside resources as needed.

Q: What general steps can companies take to proactively prevent corruption and fraud within their organisation? 

A: A fraud prevention strategy has many different elements, and the sooner companies implement them, the sooner they can begin to work together in a proactive way to prevent fraud. Mandating employee training, such as ISO 37001 ABMS, having an ethical code of conduct signed by every member of staff, providing regular and surprise audits, and implementing a fraud reporting system are all effective ways to help prevent and detect fraud and corruption. None of these methods is strong enough on its own to properly protect organisations. But together, they can be very effective. It is also important to set a ‘tone at the top’, from ownership, directors and management on down, that fraud will not be tolerated. Anti-fraud controls only work if the company sees them through and thoroughly investigates every report. When fraud is confirmed, any perpetrators should be terminated and potentially prosecuted, sending a message of zero-tolerance.

Find out more about the ISO 37001 training

CONTACT INFORMATION

Zafar Anjum, MSc, MS, CFE, CII, MICA, Int. Dip. (Fin. Crime) | CRI Group™ Chief Executive Officer
37th Floor, 1 Canada Square, Canary Wharf, London, E14 5AA United Kingdom
t: +44 207 8681415 | m: +44 7588 454959 | e: zanjum@crigroup.com

Source & Credits

The original version of the Q&A was published on Financier Worldwide’s InDepth Feature: Corporate Fraud & Corruption 2021. Download the reprint here.

Filed under: Anti-Bribery Anti-Corruption Solution, Compliance Solution, Investigative Solution, Resources, Third-Party Risk Management by admin
No Comments »

CPI 2020 Overview: Middle East & Asia

The newly published Transparency International’s Corruption Perception Index (CPI 2020) has ranked 180 countries and territories by their perceived levels of public sector corruption. This index uses a scale of 0 to 100, where 0 is highly corrupt and 100 is very clean. CPI 2020 identified that despite progress, most countries still struggle to stop corruption effectively – more than 2/3 of countries score below 50 on CPI, with an average score of just 43. That proves the need to implement more stringent anti-bribery anti-corruption measures worldwide.

In this article, which was originally published on ABAC™ Center’s of Excellence website, we will look at how the Asia Pacific, the Middle East and Pakistan scored in the CPI 2020 and discuss solutions to tackle bribery in these regions.

Asia Pacific

Transparency International identified that with an average score of 45, the Asia Pacific region is still struggling to combat corruption despite continuous efforts. Region’s top leader New Zealand (88) is followed by Singapore (85), Australia (77) and Hong Kong (77). Conversely, Cambodia (21), Afghanistan (19) and North Korea (18) ranked lowest in the region. Malaysia, the country which introduced more stringent measures to fight bribery and corruption, proves that it takes time to see improvements. The country has moved down to 51 points compared to 53 points in 2019. Accordingly, the ranking also moved down to 57 in comparison with 51 in 2019. “Although a drop in the score appears statistically insignificant, the government must be cognizant that our rank falling 6 steps means that compared to other countries we are not improving as well as other countries in our efforts to fight corruption” – said Transparency International Malaysia in a statement. TI-M added: “The Government after coming into power in early 2020 committed to continue with the agenda to fight corruption and among them were to gazette the enforcement date of 1 June 2020 for the Corporate Liability and continue with the National Anti-Corruption Plan (NACP) initiated by the previous Government which is commendable. The NACP (National Anti-Corruption Plan) is a comprehensive plan but the government must ensure the implementation is effective and the Chief Secretary to the government should be empowered to lead the implementation and be made accountable”.

In our published whitepaper “South Asia grapples with anti-bribery compliance”, which overviews anti-bribery, anti-corruption and ISO 37001 solutions in Malaysia and entire in South Asia, we wrote that South Asia has a troubled record when it comes to preventing bribery and corruption, as well as enforcing compliance. Recent cases and statistics show that the problem persists in most countries in the region. Both government officials and private sector business leaders are struggling to adopt policies, control methods and best practices to help reduce bribery and corruption on their watch. High profile cases such as the 1MDB scandal in Malaysia and, more recently, the alleged Meikarta township case in Indonesia underscore this point. The investigations that were triggered by these cases demonstrate, however, that regulators are serious about addressing the threat of bribery and corruption as more than just a legal issue, but as a societal one, as well. In response, organizations that are committed to being in compliance are adopting the ISO 37001 – Anti-Bribery Management Systems standard as a comprehensive approach to mitigating risk and demonstrating ‘adequate procedures’ taken to prevent bribery and corruption.”

READ ARTICLE

Middle East

Transparency International identified that with an average score of 39, the Middle East and North Africa region is still perceived as highly corrupt, with little progress made towards controlling corruption. Even though the United Arab Emirates (71) and Qatar (63) are best performing in the region, UAE is still appearing in headlines with bribery and corruption scandals.

In the article “CPI 2020: Trouble in the top 25 countries” Transparency.org wrote: “The United Arab Emirates has been heavily criticised by the Financial Action Task Force (FATF) for its inadequate anti-money laundering framework. The country’s chaotic approach to registering companies makes it incredibly difficult for law enforcement to detect who is behind a suspicious company when thirty-nine different registries operate across the seven Emirates.

The UAE’s booming construction and real estate sector accounts for a fifth of the Emirates’ GDP, but remains vulnerable to money laundering because of complex and opaque ownership structures”.

Recently CRI® Group was featured in Financier Worldwide’s InDepth Feature: Anti-Money Laundering 2021 publication and shared the view about the unfortunate situation of money laundering in this region: “When it comes to money laundering, a recent report from Carnegie Endowment found that there is a steady stream of illicit funds from corruption and crime flowing into the UAE. This should be alarming to organisations and regulators alike. The perpetrators take advantage of ‘free trade zones’ and often the money is funnelled through real estate deals, especially in luxurious properties in Dubai, for instance. This might be facilitated by foreign mobsters, gold smugglers, and even warlords. These are high-level criminal operations that can pose a risk to any legitimate organisation operating in the UAE and the Middle East as a whole”. In this edition, CRI® Group’s CEO Zafar Anjum and ABAC®’s Scheme Manager Huma Khalid talked about the Anti-Money Laundering solutions and financial crime impact on businesses not only in UAE but across the globe: “Money laundering still represents a gap in enforcement, and organisations should not wait for government action to put their own AML frameworks in place. Like many countries around the world, the UAE is experiencing an uptick of fraud and financial crimes during the COVID-19 pandemic”. Read the full interview here.

Pakistan

As published in the press release, Pakistan’s CPI 2020 score “has lowered to 31/100 from 32/100 in 2019 and rank to 124/180 from 120/180 in 2019. This is despite NAB’s extraordinary efforts who claims to have recovered Rs363 billion in the last two years, and Public Accounts Committee claims to have recovered Rs. 300 billion over the previous two years”.

TI Pakistan recently reported that “A total of 95 corrupt persons were convicted and fined worth billion of rupees by various accountability courts during the last three years due to the vigorous persuasion of National Accountability Bureau, Rawalpindi“. The comment was made by the Director General NAB, Irfan Naeem Mangi Monday. These efforts, of course, plays a significant role in fighting bribery and corruption, however, Pakistan is still appearing in the headlines. Recently, Transparency International Pakistan has found the Federal Board of Revenue (FBR) involved in prima facia violating procurement rules for IT-based solutions and causing Rs13.5 billion losses to exchequer.

As the expert in AML and risk management solutions, CRI Group™ was interviewed in the Annual Review (2018): Pakistan Corporate Fraud & Corruption, published by Financier Worldwide Magazine and highlighted that Corporate fraud and corruption in Pakistan are widespread (Rose-Ackerman, 1997, p. 4), particularly in the government and police forces. There is a need to reform accountability and anti-corruption policies in Pakistan. 

Rising fraud risks have driven companies to establish the right steps to prevent fraud and corruption from surfacing. Following through with a focused trajectory ultimately also ensures failsafe protections are put in place, which will guard against scandals or negative publicity, while minimizing risk exposure. There is quite a notable empirical rise in the frequency of companies conducting background screenings to nip corruption in the bud. Though checks can vary in nature, enforcing internal controls by implementing ISO strategies can bring pivotal change to a company’s strategy. Risk management is an essential part of minimizing the costs that can arise in the long term due to losses and falling prey to fraudulent practices in the corporate realm. This can be implemented through a resilient management system that has been designed to specifically target any loopholes and any roadblocks, the impact of which can often be greater than anticipated, rattling the company and causing harm that could lead to lawsuits, unanticipated monetary and financial losses and hefty fines imposed by regulatory authorities, from which the company may never recover.

READ THE Q&A NOW

Demonstrating Adequate Procedures to Prevent Bribery and Corruption 

ISO has developed a standard – ISO 37001:2016 ABMS – to help organisations promote an ethical business culture. “Designed to help your organisation implement an anti-bribery management system (ABMS), and/or enhance the controls you currently have. It helps to reduce the risk of bribery [and corruption] occurring and can demonstrate to your stakeholders that you have put in place internationally recognised good-practice anti-bribery [and anti-corruption] controls”.

Consider ISO 37001:2016 ABMS as one of the invaluable tools of your Third-Party Risk Management Strategy. Combined with due diligence, background screening, business intelligence and compliance solutions, ISO 37001 certification and training can lift your risk management process and help your business mitigate risks from third-party affiliations, protecting your organisation from liability, brand damage and harm to the business. Learn more about 3PRM™ program as a flexible and responsive tool to the various risk domains that are most important to your business.

ABAC™ – Aiming for a Higher Standard

At CRI Group’s ABAC™ Center of Excellence Limited, we are affiliated with leading certification and accreditation bodies around the world. These affiliations and accreditations help demonstrate the high level of experience and knowledge we provide in anti-bribery, risk and compliance management to our clients on a daily basis.

That’s why ABAC™ has achieved essential accreditations from the United Kingdom Accreditation Service (UKAS), Emirates International Accreditation Center (EIAC) and membership in the Association of British Certification Bodies (ABCB). ABAC® is also a member of the “Partner in Corporate Governance” programme with the Malaysian Institute of Corporate Governance (MICG) and a Corporate Member of Transparency International Malaysia (TI-M).

ABAC™ was established in 2016 by CRI Group™, a global leader in risk, compliance and anti-bribery management systems. ABAC™ was launched to provide certification and online training in anti-bribery and anti-corruption risk management and compliance for organisations worldwide. CRI Group™ and ABAC™ CEO Zafar I. Anjum, CFE, said that ABAC™ is proud to be accredited by, and affiliated with, international accreditation bodies. “Our engagement with high-profile bodies like EIAC, ABCB and UKAS demonstrates the effectiveness of our ISO 37001:2016 Anti-Bribery Management System certification and training, along with our ISO 37302, ISO 31000 certifications and other programs,” Anjum said. Visit abacgroup.com to find out more about anti-bribery, anti-corruption, risk and compliance management solutions.

CRI Group™ invites you to schedule a quick appointment with us to discuss in more detail how conducting due diligence and compliance can help you and your organisation. 

Meet our CEO

Zafar I. Anjum is Group Chief Executive Officer of CRI Group™ (www.crigroup.com), a global supplier of investigative, forensic accounting, business due to diligence and employee background screening services for some of the world’s leading business organisations. Headquartered in London (with a significant presence throughout the region) and licensed by the Dubai International Financial Centre-DIFC, the Qatar Financial Center – QFC, and the Abu Dhabi Global Market-ADGM, CRI Group™ safeguard businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. Based in London, CRI Group™ maintains offices in UAE, Pakistan, Qatar, Singapore, Malaysia, Brazil, China, Turkey and the USA.

Filed under: Anti-Bribery Anti-Corruption Solution, Compliance Solution, Resources by admin
No Comments »

Protecting Your Company from the Global Corruption Pandemic

Who is CRI® Group?

Based in London, CRI® Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, TPRM, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI® Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI® Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body that provides education and certification services for individuals and organizations on a wide range of disciplines and ISO standards, including ISO 31000:2018 Risk Management- Guidelines; ISO 37000:2021 Governance of Organisations; ISO 37002:2021 Whistleblowing Management System; ISO 37301:2021 (formerly ISO 19600) Compliance Management system (CMS); Anti-Money Laundering (AML); and ISO 37001:2016 Anti-Bribery Management Systems ABMS. ABAC® offers a complete suite of solutions designed to help organizations mitigate the internal and external risks associated with operating in multi-jurisdiction and multi-cultural environments while assisting in developing frameworks for strategic compliance programs. Contact ABAC® for more on ISO Certification and training.

Filed under: Anti-Bribery Anti-Corruption Solution, Compliance Solution, Resources by admin
No Comments »

Q&A: Corporate Fraud and Corruption in UAE

The United Arab Emirates (UAE) is the 21 least corrupt nation out of 180 countries, according to the 2019 Corruption Perceptions Index reported by Transparency International.  However, UAE corporate fraud and corruption still prevails as UAE is just one of many enablers of global corruption, crime, and illicit financial flows. Addressing the emirate’s role presents anti-corruption practitioners, law enforcement agencies, and policymakers with incredibly complex challenges. Read the answers to the following questions:

• To what extent are boards and senior executives in UAE taking proactive steps to reduce incidences of fraud and corruption from surfacing within their company?
• Have there been any significant legal and regulatory developments relevant to corporate fraud and corruption in the UAE over the past 12-18 months?
• When suspicions of fraud or corruption arise within a firm, what steps should be taken to evaluate and resolve the potential problem?
• Do you believe companies are paying enough attention to employee awareness, such as training staff to identify and report potential fraud and misconduct?
• How has the renewed focus on encouraging and protecting whistleblowers changed the way companies manage and respond to reports of potential wrongdoing?
• And much more…

Q. To what extent are boards and senior executives in UAE taking proactive steps to reduce incidences of fraud and corruption from surfacing within their company?

Anjum: High-profile corruption scandals have driven home the seriousness of fraud and corruption, and the turmoil that can engulf a company because of it. Organisations in the United Arab Emirates (UAE), and in the Middle East region as a whole, understand that being proactive against risk can be a matter of survival, especially in a competitive environment, but it is more than that. Today, being forward-thinking and proactive when it comes to fraud and corruption can actually foster organisational growth. Business grows an average of 3 per cent faster where corruption is low, according to the World Bank. And more organisations are engaging in trusted certifications like ISO 37001 for anti-bribery management because having that certification tells customers, vendors, third parties and employees that the company places a high priority on fraud training and prevention.

Q. Have there been any significant legal and regulatory developments relevant to corporate fraud and corruption in the UAE over the past 12-18 months?

Anjum: In January 2017, UAE president Shaikh Khalifa Bin Zayed Al Nahyan approved the highly anticipated Anti-Commercial Fraud Law, which strengthens protections of intellectual property rights (IPR) and imposes stricter penalties on counterfeiters. Counterfeiting and adulterated goods, along with intellectual property (IP) theft, are severe problems in the Middle East, propagated by unscrupulous inland and free zone traders. And while fraud and corruption still plague the region, the UAE continues to lead the Middle East in Transparency International’s latest Corruption Perception Index for its strides in addressing fraud risk and areas of concern, including bribery and corruption. With that said, experts have noted that businesses and governments in the UAE, and the Middle East, on the whole, face increasing threats of cybercrime, with a need for continuously updated laws and regulations to keep pace with this ever-evolving fraud threat.

Q. When suspicions of fraud or corruption arise within a firm, what steps should be taken to evaluate and resolve the potential problem?

Anjum: Fraud allegations, from bribery to embezzlement, should be treated as a very serious issue. When suspicion arises at an organisation, business leaders and the board should bring in expert help. Professional investigators have years of training in evidence collection and interviewing, and their role is to establish the facts of the case. The key to a proper investigation is to not approach it with a preconceived notion of how it will conclude. It is critical to remember that companies do not get a second chance when conducting a fraud investigation. It has to be done right the first time to reach a successful conclusion.

Q. Do you believe companies are paying enough attention to employee awareness, such as training staff to identify and report potential fraud and misconduct?

Anjum: Employees are the eyes and ears of your company, and the first line of defence against fraud and corruption. Many organisations are getting the message and making employee training and awareness of key parts of their fraud prevention programme. One key way to do this is by engaging in ISO 37001, which certifies that an organisation has implemented reasonable and proportionate measures to prevent bribery. The certification process involves a training module for employees. It stresses the importance that such training should continue as mandatory for all staff, and be provided on an annual basis – if not more frequently. If employees do not know what constitutes fraud, or how to recognise it, organisations face a heightened risk of being victimised.

Q. How has the renewed focus on encouraging and protecting whistleblowers changed the way companies manage and respond to reports of potential wrongdoing?

Anjum: Statistics from the Association of Certified Fraud Examiners (ACFE) show that most fraud is discovered by tips, which often come from employees, vendors and others connected to the organisation in some way, and the only way to get those tips is to provide a culture that supports and encourages whistleblowers. That is why having an anonymous reporting system, and communicating it to employees is a critical part of any fraud and risk prevention strategy. But for it to work, employees have to know what type of behaviour should be reported. This is where a training protocol like ISO 37001 comes in. It provides a curriculum that helps employees recognise the red flags of fraud, and also communicates how they can report fraud when they see it.

Q. Could you outline the main fraud and corruption risks that can emerge from third-party relationships? In your opinion, do firms pay sufficient attention to due diligence at the outset of a new business relationship?

Anjum: Many companies pay lip service to due diligence, but when an opportunity arises to make a major move, such as a merger, acquisition or new partnership, the interest of growing the business trumps a more cautious approach. This may be changing, however, as more organisations in the UAE and elsewhere put established due diligence procedures in place that cannot be circumvented by overeager business leaders. This is important because the risks are great.

Q. What advice can you offer to companies on implementing and maintaining a robust fraud and corruption risk management process, with appropriate internal controls?

Anjum: Begin with a thorough fraud risk assessment that examines every area of your organisation. This should be conducted by experts and used to gauge your overall threat level, as well as help you create a plan for moving forward by exposing a weakness that could lead to fraud risk and compliance issues. When creating your fraud and corruption risk management process, be sure to include hiring procedures, including thorough background checks, due diligence for any new mergers, acquisitions and partnerships, regular schedule audits and implement an anonymous reporting system. Build-in review processes that track the effectiveness of your controls, including how tips were handled and ultimately resolved. Finally, try to think like a fraudster. Consider any way that an employee, vendor or even customer might try to take advantage of your organisation. You might be surprised at what you find.

Speak up – report any illegal, unethical, or improper behaviour

If you find yourself in an ethical dilemma or suspect inappropriate or illegal conduct, and you feel uncomfortable reporting through normal channels of communication, or wish to raise the issue anonymously, use CRI® Group’s Compliance Hotline. The Compliance Hotline is a secure and confidential reporting channel managed by an independent provider. When reporting a concern in good faith, you will be protected by CRI® Group’s Non-Retaliation Policy.

Meet our CEO

Zafar I. Anjum, is Group Chief Executive Officer of CRI® Group, a global supplier of investigative, forensic accounting, business due diligence and employee background screening services for some of the world’s leading business organisations.  Headquartered in London (with significant presence throughout the region) and licensed by the Dubai International Financial Centre-DIFC, the Qatar Financial Center-QFC, and the Abu Dhabi Global Market-ADGM, CRI Group safeguards businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. CRI® Group maintains offices in UAE, Pakistan, Qatar, Singapore, Turkey Malaysia, Brazil, China, USA, and the United Kingdom.

Contact CRI® Group to learn more about its 3PRM-Certified™ third-party risk management strategy program and discover an effective and proactive approach to mitigating the risks associated with corruption, bribery, financial crimes and other dangerous risks posed by third-party partnerships.

CONTACT INFORMATION

Zafar Anjum, MSc, MS, CFE, CII, MICA, Int. Dip. (Fin. Crime) | CRI® Group Chief Executive Officer

37th Floor, 1 Canada Square, Canary Wharf, London, E14 5AA United Kingdom

t: +44 207 8681415 | m: +44 7588 454959 | e: zanjum@crigroup.com

About CRI® Group

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI® Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI® Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI® Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

Download 2018 annual reviews by Mr. Zafar Anjum, CEO, and Ms. Fatima Farrukh, Compliance professional at CRI® Group.

Click here to download the review of UAE (Mr. Zafar Anjum, CEO at CRI® Group)
Click here to download the review of UK (Mr. Zafar Anjum, CEO at CRI® Group)
Click here to download the review of Pakistan (Ms. Fatima Farrukh, Compliance professional at CRI Group)

CRI® Group was included in the 2018 Annual Review: UAE Corporate Fraud & Corruption, published by Financier Worldwide Magazine. The above is an updated version of the Financier Worldwide reprint.

Filed under: Compliance Solution, Middle East, Resources by admin
No Comments »

Q&A: Corporate Fraud and Corruption in UK is Growing, FAST!

Corporate fraud and corruption is growing in United Kingdom (UK). In a devastating article, Oliver Bullough proved that UK is quickly becoming the money-laundering capital of the world. In addition, the most recent The Guardian article “If you think the UK isn’t corrupt, you haven’t looked hard enough” by George Monbiot highlighted that billions of pounds of COVID-19 contracts issued by the government without competition, have reportedly cost taxpayers £800 for every protective overall delivered, and appear to have been issued to dormant companies, with several of them have benefited from this largesse are closely linked to senior figures in the government.  Read more about the situation in UK in the answers to the following questions:

• To what extent are boards and senior executives in UK taking proactive steps to reduce incidences of fraud and corruption from surfacing within their company?
• Have there been any significant legal and regulatory developments relevant to corporate fraud and corruption in UK over the past 12-18 months?
• When suspicions of fraud or corruption arise within a firm, what steps should be taken to evaluate and resolve the potential problem?
• Do you believe companies are paying enough attention to employee awareness, such as training staff to identify and report potential fraud and misconduct?
• How has the renewed focus on encouraging and protecting whistleblowers changed the way companies manage and respond to reports of potential wrongdoing?
• and much more…

Q. To what extent are boards and senior executives in your region taking proactive steps to reduce incidences of fraud and corruption from surfacing within their company?

Anjum: Business leaders in the UK recognise that being proactive against fraud and corruption is about more than just protecting the business – which is critical – but it is also a key component of growing and connecting to more opportunities. According to the World Bank, business grows an average of 3 percent faster where corruption is low. One way for organisations to demonstrate their commitment to preventing bribery and corruption is to engage in ISO 37001 certification. We expect to see more UK companies seeking certification and we expect this trend to increase as organisations look to set themselves apart from their competitors.

Q. Have there been any significant legal and regulatory developments relevant to corporate fraud and corruption in UK?

Anjum: Perhaps the biggest development, by extension, was the official beginning of the Brexit process and its potential impact on how the region continues to enforce and regulate against bribery and corruption. While the UK has a solid record thus far in combating fraud, the Organisation for Economic Co-operation and Development (OECD) recently warned that pressure from businesses to weaken bribery laws, coupled with an inability of the government to focus on non-Brexit issues, have increased the risks that bribery and corruption could increase.

The civil society group Corruption Watch has voiced similar complaints and has noted with concern new settlements that allow companies to resolve investigations with just a fine and an apology. The Serious Fraud Office (SFO) is tasked with policing this volatile landscape, and does so at a time when it has just appointed an interim director, pending the appointment of a new permanent director.

The shifting economic conditions surrounding Brexit have raised uncertainty and vulnerability. Learn how the “Brexit Poses New Bribery & Corruption Challenges” with this ebook. READ MORE!

Q. When suspicions of fraud or corruption arise within a firm, what steps should be taken to evaluate and resolve the potential problem?

Anjum: Any allegation of fraud, including bribery and other forms of corruption, is very serious and requires expert handling. Only those trained in investigative techniques, including thorny issues such as evidence collection and the interviewing of witnesses and suspects, should be engaged to help establish the facts of the case.

To be clear, not all suspicions lead to fraud – trained investigators understand this, and will approach any allegations from an objective, fact-finding point of view. One critical thing to remember is that companies do not get a chance for a ‘do over’ if they bungle an investigation.

Q. Do you believe companies are paying enough attention to employee awareness, such as training staff to identify and report potential fraud and misconduct?

Anjum: We definitely see awareness of fraud and corruption moving in the right direction among business leaders and their employees. This is evident when companies engage in certification courses such as ISO 37001, which certifies that an organisation has implemented reasonable and proportionate measures to prevent bribery.

Q. How has the renewed focus on encouraging and protecting whistleblowers changed the way companies manage and respond to reports of potential wrongdoing?

Anjum: In the UK, there is a strong emphasis on encouraging and protecting corporate whistleblowers because the statistics show that fraud is most often uncovered by tips. Employees truly are the first line of defence against corruption. This change in approach and attitude has exposed two issues that need attention, however.

First, the worker needs to understand what constitutes fraudulent behaviour – otherwise, how will he or she know what to report? That is where a training protocol like ISO 37001 comes in, with a curriculum to help educate a company’s workforce on the red flags of fraud and how to identify it. Second, employees must know how to report fraud.

A hotline or other reporting system is useless if the company does not properly communicate how to engage it – or that it exists at all.

Q. Could you outline the main fraud and corruption risks that can emerge from third-party relationships? In your opinion, do firms pay sufficient attention to due diligence at the outset of a new business relationship?

Anjum: Many business leaders have learned the hard way that new partnerships require more than just handshakes, optimism and a basic level of fact-checking. To be protected, an organisation should engage an expert due diligence firm before undertaking any merger, acquisition, partnership or other third-party engagement.

Some of the risks of inadequate due diligence include merging with an international business embroiled in several behind-the-scenes legal battles, discovering your new partner is a credit risk, has claimed bankruptcy or is faced with debtor filings, learning that your new overseas contractor has none of the industry experience it claimed, affiliating with a partner that is rife with conflicts of interests and, worst of all, having your own organisation’s reputation damaged or destroyed through the actions of a third-party.

Q. What advice can you offer to companies on implementing and maintaining a robust fraud and corruption risk management process, with appropriate internal controls?

Anjum: No matter your location, industry or the size of your organisation, having a fraud and corruption risk management process is a must.

Step one is to establish a zero-tolerance stance against fraud. This is done by communicating the right ‘tone at the top’ across the entire organisation, spelling out the leadership’s stance against corruption. An ethical code of conduct should be adopted and signed by all employees from top to bottom, and the organisation’s hiring policies should include thorough pre-and-post employment background screenings.

The organisation should engage in ISO 37001 certification to ensure that employees are trained to recognise and report bribery and other types of fraud, and that proper controls and compliance procedures are in place to limit the company’s exposure and risk. Finally, the company should conduct regular audits, and encourage whistleblowing through an anonymous reporting system.

At CRI Group™ we use our extensive knowledge and expertise in creating stable and secure networks across challenging global markets. for organisations needing large project management, security, safeguard testing and real time compliance applications, CRI Group™ is the assurance expert of choice for industry professionals.

Speak up – report any illegal, unethical, or improper behaviour

If you find yourself in an ethical dilemma or suspect inappropriate or illegal conduct, and you feel uncomfortable reporting through normal channels of communication, or wish to raise the issue anonymously, use CRI Group’s Compliance Hotline. The Compliance Hotline is a secure and confidential reporting channel managed by an independent provider. When reporting a concern in good faith, you will be protected by CRI Group’s Non-Retaliation Policy.

About CRI Group™

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group™ launched Anti-Bribery Anti-Corruption (ABAC™) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC™ operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC™ for more on ISO Certification and training.

Meet our CEO

Zafar I. Anjum, is Group Chief Executive Officer of CRI® Group (www.crigroup.com), a global supplier of investigative, forensic accounting, business due diligence and employee background screening services for some of the world’s leading business organisations.  Headquartered in London (with significant presence throughout the region) and licensed by the Dubai International Financial Centre-DIFC, the Qatar Financial Center-QFC, and the Abu Dhabi Global Market-ADGM, CRI® Group safeguards businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. CRI Group maintains offices in UAE, Pakistan, Qatar, Singapore, Malaysia, Brazil, China, USA, and the United Kingdom.

Contact CRI Group™ to learn more about its 3PRM-Certified™ third-party risk management strategy program and discover an effective and proactive approach to mitigating the risks associated with corruption, bribery, financial crimes and other dangerous risks posed by third-party partnerships.

CONTACT INFORMATION

Zafar Anjum, MSc, MS, CFE, CII, MICA, Int. Dip. (Fin. Crime) | CRI Group™ Chief Executive Officer, 37th Floor, 1 Canada Square, Canary Wharf, London, E14 5AA United Kingdom

t: +44 207 8681415 | m: +44 7588 454959 | e: zanjum@crigroup.com

Download 2018 annual reviews by CRI Group™:

• Click here to download the review of UAE (Mr. Zafar Anjum, CEO at CRI Group™)
• Click here to download the review of UK (Mr. Zafar Anjum, CEO at CRI Group™)
• Click here to download the review of Pakistan (Ms. Fatima Farrukh, Compliance professional at CRI Group™)
• Download the Financier Worldwide 2018 reprint about the situation in the UK.

Filed under: Compliance Solution, Resources, United Kingdom, London by admin
No Comments »