Personal Due Diligence, Tips You Need to Know

Personal Due Diligence In Everyday Transactions

In the business world, due diligence refers to the investigation and steps were taken by organisations to satisfy all legal requirements before buying or selling products/ services or entering into a contract or a financial arrangement with another party. An Integrity Due Diligence allows an organisation to reduce risks – including risks arising from the FCPA (Foreign Corrupt Practices Act) and the UKBA (U.K. Bribery Act), to make informed decisions and pursue takeovers or mergers with more confidence. Due diligence is vital to prevent many types of fraud. While in some cases, it is also up to the consumer to do their own personal due diligence. Due diligence sounds complicated, but it is merely the process of doing your homework before you make a significant commitment.

Most of us practice personal due diligence even though we may not think of it that way (i.e. research on the internet before making a purchase or deciding what restaurant to go to). In this process, we are doing our “due diligence” to get the best deal. The level of proper due diligence should be proportionate to the level of commitment involved and your specific status. So when buying a house, the due diligence ought to be more extensive (i.e. a family with children may want to check out the rating of the schools in the area). Another personal area to conduct due diligence involves a new job offer (i.e., the organisation known to treat its employees well). These areas involve a significant amount of due diligence on your part before accepting a new position at a new company.

Due Diligence Makes Trust Possible

In the U.K., the lack of clarity from the Government has already caused problems. Many landlords are averse to letting their properties to non-UK nationals if they are in breach of the Right to Rent rules post-Brexit. The Government is under increased pressure to give clear guidance on post-Brexit Right to Work and Right to Rent checks. Whether you are renting a property, having home renovations done, buying insurance, getting a mortgage, or even entering a new romantic relationship, you can use due diligence to protect yourself. Due diligence can prevent potential fraud and some other types of scams.

The following are tips on how to avoid fraud:

  • Know who you are dealing with, ask questions and verify the information;
  • Check with the governing body for licensing and insurance requirements;
  • Scammers pressure you to act immediately. Don’t sign anything you don’t understand;
  • Don’t sign anything for large amounts of money without having it reviewed by your lawyer;
  • Scammers say there’s a problem or a prize. Do not give out your personal information without verifying who is getting it;
  • Be cautious if you are asked to make up-front payments;
  • Get company information, including name and address and ensure that a written contract backs all verbal promises;
  • Have a contract in place for things like construction work;
  • Never give an unsolicited caller access to your computer;
  • Do not give out a credit card or online account details over the phone unless you made the call and the number you are calling came from a trusted source;
  • Scammers tell you to pay in a specific way. Never wire money unless you’re absolutely confident that you’re sending it to someone you know;
  • Be suspicious of any calls from supposedly distressed relatives who don’t give their names. After hanging up, try calling the family member with the phone numbers you have to see if they actually need help;
  • Scammers pretend to be from an organisation you know. Be suspicious of any calls from a supposed government agency or other businesses demanding payments; and
  • Landlords should check references (in some cases, a police criminal record check), credit reports, and employment information of potential tenants.

Online Fraud is on the rise

In a time of crisis, we often see the best in people. Even before COVID-19 was officially classified by the World Health Organisation (WHO) as a global pandemic, citizens and government leaders alike praised the selfless sacrifice of doctors, nurses, first responders and others putting themselves in harm’s way to help treat and limit the spread of the disease. Unfortunately, a crisis can also bring out the worst in some people; fraudsters prey on fear and confusion.

The research shows that online fraud is on the increase too. Fraudsters are using the surge in online activity to target unsuspecting consumers. Online retailer sectors saw rising transaction volumes in March 2020 compared to the previous year, with 97% in Home products and furnishings, 136% in DIY products, 163% in garden essentials, and 26.6% in electronics.

Online Due Diligence Tips:

  • Change online passwords regularly and make them secure (don’t use standard information about yourself);
  • Don’t post personal info such as date of birth or mailing address on social media sites;
  • Have the most current firewall and anti-virus software on your computer;
  • Don’t send financial or any other type of personal information by email or text;
  • When purchasing online, make sure the site is secure. It should begin with HTTPS;
  • Don’t open links that appear in an email asking you to start a financial transaction. Go directly to the organisation’s website;
  • Don’t download software programs or apps from an unsecured source; and
  • Don’t use unsecured WiFi (such as in a coffee shop) if the device you are using has personal information on it.
Due Diligence 360

Don’t fall prey to unscrupulous business dealings and outside threats. At CRI Group, we specialise in Integrity Due Diligence, working as trusted partners to businesses and institutions worldwide. Our people work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates.

Our DueDiligence360™ expose vulnerabilities and threats that can cause serious damage to your organisation and can significantly reduce business. The world’s largest corporations trust CRI Group and consultancies – outsource your due diligence to an experienced provider, and you will only ever have to look forward, never back.

About CRI Group

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 37301:2021 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

Speak Up | Report Illegal, Unethical or Improper Behaviour

Ethics and Compliance Hotline is an anonymous reporting mechanism that facilitates reporting of possible illegal, unethical, or improper conduct when the normal channels of communication have proven ineffective or are impractical under the circumstances. At CRI Group, we are committed to having an open dialogue on ethical dilemmas regardless. We want to introduce a new Ethics & Compliance Hotline. This hotline is available to all employees and clients, contractors, vendors, and others in a business relationship with CRI Group and ABAC Group.

If you find yourself in an ethical dilemma or suspect inappropriate or illegal conduct, and you feel uncomfortable reporting through normal channels of communication, or wish to raise the issue anonymously, use CRI Group’s Compliance Hotline in below mentioned ways or provide us with your complaint online on the form below. The Compliance Hotline is a secure and confidential reporting channel managed by an independent provider. When reporting a concern in good faith, you will be protected by CRI Group’s Non-Retaliation Policy.

What Can You Report?

Feel free to report any known or suspected noncompliant behaviour or violations with any regulatory mandates and/or local policies, including but not limited to:

  • Ethical standards Violations

  • Violation of laws and Company Policy and internal control

  • Risk and Safety

  • Theft, embezzlement or misappropriate of assets and fraud

  • Bribery and corruption

  • Employee Rights, Employee Relation, Work Environment

  • Privacy laws or security of personal information

  • Discrimination

  • The dispute related to Supervisor, H.R. and other Departments

  • Physical and Verbal Harassment on Workplace

  • Issues related to job responsibilities

  • The report related to a suspicious activity being a witness

  • Unfair dismissals

Our Compliance Hotline is accessible by both phone and online. If you make a report directly by telephone, you will speak with the Compliance Department directly. If you submit a report online, the system will guide you through the reporting process, and a PIN generated automatically once you complete the report.

BS 7858:2019 | The new way to mitigate employee risk during COVID-19

Mitigate employee risk during COVID-19 with BS 7858:2019

The far-reaching impact of the COVID-19 outbreak has affected virtually every business and economic sector worldwide. Depending on the global region, the far-reaching implications have hampered (on various levels) the ability to conduct proper and thorough background screening investigations. In the United Kingdom and the United Arab Emirates, the countrywide lockdowns forced leaders to close sites and send their workforce home. Many have to learn how to manged people working from home (WFH) or remotely for the first time. The previous concerns about productivity, privacy and protecting sensitive information only grew more with the practice of WFH. They highlighted the vital importance of pre-employment background screening and background investigations. BS 7858:2019: the revised standard for screening individuals working in secure environments offers a complete solution.

Unfortunately, conducting such investigations in a reliable and timely manner has brought its struggles. The closure of public information sources has dramatically impacted accessing public records to verify previous employment, education and criminal charges. Drug screening tests have been delayed or postponed until such companies are permitted to reopen their doors for business. On the applicant side, it’s been widely reported that individuals are concerned (and rightly so) about participating in face-to-face interviews. Applicants are concerned with leaving their homes to do a drug test and, ultimately, returning to a work environment that may or may not appear healthy, protected and safe.

Recruitment fraud and how BS 7858:2019 provide the solutions

Investigators themselves have hesitations about venturing into the field to complete their assignments, which in many countries may require a high degree of boots-on-the-ground research and in-person interaction. Fortunately, the background screening industry is resilient. It is steadily working around these obstacles to ensure that workplaces are safeguarded, workers, customers and property are protected, and sensitive information doesn’t fall into rogue hands. This is particularly important in those sectors that rely heavily on vetting personnel working in secure environments responsible for people, property, data and critical systems. And it’s important for the mere fact that a trending increase in recruitment fraud is creating additional challenges for already over-burdened employers. Last year recruitment fraud cost £23 billion in the UK alone.

The recent update of the BS7858:2019 standard, “Screening of Individuals Working in a Secure Environment – Code of Practice,” emphasizes the risk assessment of secure environment workers. The code focuses on the need for tighter controls over the pre-employment screening – and periodic re-screening – of individuals, who in their positions could potentially benefit from illicit personal gain, become compromised, or take advantage of other opportunities for creating breaches of confidentiality, trust or safety.

Written by the British Standards Institute, which is recognised as the UK’s national standards body, BS7858:2019 lays out the scope of “obtaining personal background information to enable organisations to make an informed decision, based on risk, on employing an individual in a secure environment.” Those workers include business owners, directors, partners, silent partners and shareholders holding more than 10% of the business; managers, area managers, department managers, screening managers and staff; installers and service crew; security personnel; and office supervisors and staff with access to customer and system records.

The amended guidelines of the standard put the onus on the organisation’s top management to demonstrate that they are focused on the aspects of the business where the most risk lies and the particular personnel roles involved within those risks areas. This is particularly important because, as the standard states, the “organisation retains ultimate responsibility for an outsourced screening process and is required to review the completed screening file.” Risks assessment includes examining certain roles that involve financial tasks, data security, management of goods, property risks or any number of “people risks” such as roles with direct access to vulnerable adults and children.

To that end, management is charged with ensuring that the organisation has proper and adequate resources and infrastructure to manage the adequate vetting of high-risk personnel. Management is tasked with the response and that there is a firm commitment at the top level to manage and support the coordination required to execute the screening process. Finally, management is tasked with ensuring that such responsibilities are appropriately assigned and communicated throughout the organisation. The guideline also eliminates its original text in 2012, a requirement to produce character references as part of the screening process. This decision was based on the supposition that such references are now deemed potentially weak and difficult to verify. 

Price of a bad hire

The price of a bad hire has far-reaching consequences for any business, including productivity loss, decreased employee morale, risks to employee safety and increased exposure to costly negligent hiring claims and potentially devastating litigation. The premise behind the standard is to safeguard employers from harmful or fraudulent hires. Cases of organisations that forego conducting due diligence on a new hire – especially a hire with high-risk exposure – often end badly for those organisations.

The revised BS7858:2019 standard enables organisations to demonstrate a commitment to safeguarding their businesses, employees, customers and information utilising widely accepted methods that focus on risk assessment and top-down management involvement in the company’s employment policies and practices. In establishing policies and practices around the standard, organisations can show that they place a high value on hiring individuals who possess integrity. Organisations can then task them with responsibilities designed to keep their co-workers, customers and information safe from the negative forces that have become more prevalent in today’s ever-changing COVID-19 world.

Playbook | Everything About BS 7858:2019

The price of a bad hire has far-reaching consequences for any business, including productivity loss, decreased employee morale, risks to employee safety and increased exposure to costly negligent hiring claims and potentially devastating litigation. The premise behind the standard is to safeguard employers from bad or fraudulent hires. Cases of organisations that forego conducting due diligence on a new hire – especially a hire with high-risk exposure – often end badly for those organisations.

At CRI Group, we know how important is your background screening to your company’s success and to give you an idea of what is new, we have produced this playbook detailing the differences between the BS7858:2012 standard and the new BS7858:2019 standard.

E-Book | Employee Screening During COVID-19

Managing people through COVID-19

The COVID-19 pandemic is undeniable affecting the world. And the situation is changing at an hourly rate as we go into a second global lockdown. Businesses have to adapt quickly to survive, i.e. cutting steps in their hiring process, and no one knows how this will play out. However, there are ways you can mitigate the impact, learn how from this free ebook.

Taken as a whole, this ebook is the perfect primer for any HR professional, business leader and companies looking to avoid employee background screening risks. It provides the tools and knowledge needed to effectively stay ahead of COVID-19. Read the answers to the following questions:

  • Does a candidate have to give consent to process a background check/screening?

  • How long does it take to conduct a background check?

  • When should I conduct pre-employment checks?

  • How often should I screen employees?

  • How to collect references and what to ask?

  • How much does it cost to conduct background checks?

  • What is the difference between employment history verification and employment reference?

FAQ E-Book | All About Background Checks

The price of a bad hire has far-reaching consequences for any business, including productivity loss, Get answers to frequently asked questions about background checks/screening cost, guidelines, check references etc.

Taken as a whole, it is the perfect primer for any HR professional, business leader and companies looking to avoid employee background screening risks. It provides the tools and knowledge needed to make the right decisions. This eBook is a compilation of all of the background screening related questions you ever needed answers to:

  • Does a candidate have to give consent to process a background check/screening?

  • How long does it take to conduct a background check?

  • When should I conduct pre-employment checks?

  • How often should I screen employees?

  • How to collect references and what to ask?

  • How much does it cost to conduct background checks?

  • What is the difference between employment history verification and employment reference?

  • How do I check on entitlement to work?

  • How to conduct identity checks?

  • What will a financial regulatory check show?

  • Is it possible to identify conflict of interest during checks?

  • What is a bankruptcy check?

  • What about directorships and shareholding search?

  • Can I have access to a criminal watch list?

  • Anti-money laundering check?

  • Can we conduct FACIS (fraud and abuse control information system) searches?

CRI Group | BS7984:2008 Accredited Company

BS7984:2008 accredited companies, such as CRI Group highlight to their clients that their security personnel are staff that can be trusted and relied upon to complete a high-quality job as the screening process highlights the level of conduct that they have presented in the past. This reassures the safety of the people, goods and property that they have been hired to protect.

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

If you have any further questions or interest in implementing compliance solutions, please contact us. CRI Group has safeguarded businesses from any risks, providing investigations such as insurance fraudemployee background screeninginvestigative due diligencebusiness intelligencethird-party risk management, forensic accounting, compliance and other professional investigative research services.

In 2016, the CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 19600:2014 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. Contact ABAC® for more on ISO Certification and training.

About the Author

Zafar I. Anjum is Group Chief Executive Officer of Corporate Research and Investigations Limited “CRI Group” (www.crigroup.com), a global supplier of investigative, forensic accounting, integrity due to diligence and employee background screening services for some of the world’s leading business organisations.

Headquartered in London (with a significant presence throughout the region) and licensed by the Dubai International Financial Centre-DIFC, the Qatar Financial Center-QFC, and the Abu Dhabi Global Market-ADGM, CRI Group safeguards businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. CRI Group maintains offices in UAE, Pakistan, Qatar, Singapore, Malaysia, Brazil, China, the USA, and the United Kingdom.

Zafar Anjum, MSc, MS, LLM, CFE, CII, MABI, MICA, Int. Dip. (Fin. Crime), Int. Dip. (GRC)
CRI Group Chief Executive Officer

37th Floor, 1 Canada Square,
Canary Wharf, London, E14 5AA,
United Kingdom

t: +44 207 8681415
m: +44 7588 454959
e: zanjum@crigroup.com

Q&A: Corporate fraud & corruption in the UK 2021

The United Kingdom scores 77 out of 100 on Transparency International’s (TI)  2020 Corruption Perceptions Index (CPI), as is one of the 25 least corrupt countries across the globe. However, it all seems great on the surface as corporate fraud and corruption cases have been noticeable in various industries across the UK. TI reports that corrupt actors enjoy their illicit gains by “buying luxury property in the world’s most sought-after cities, like London”. Based on the article “CPI 2020: Trouble in the top 25 countries”, “While the UK (77) is the first G20 country to launch a public register of beneficial ownership, a loophole in the law allows foreign companies to purchase real estate anonymously. This is particularly problematic as research shows that over 75 per cent of properties subject to criminal investigations between 2004 and 2015 used offshore anonymous companies to hide their owners’ identities. The UK government committed to closing this loophole by introducing a register of beneficial ownership for property, but it has yet to be implemented. The necessary legislation has been subject to significant delays. In the meantime, rich businesspeople linked to autocratic regimes are allegedly purchasing property via shell companies, such as billionaire and daughter of former President of Angola, Isabel de Santos.”

To discuss the situation of corporate fraud and corruption, CRI Group and its ABAC® Center of Excellence were invited to share the expert views in the special InDepth Feature by Financier Worldwide “Corporate fraud and corruption 2021”. In this edition, CRI Group’s CEO Zafar Anjum and ABAC®’s Scheme Manager Huma Khalid talk about how corporate fraud and corruption affect businesses not only in the UK, but across the globe, and provide solutions and insights for businesses to become better protected from corporate fraud, bribery and corruption. Read on the answers to the below questions:

  • To what extent have you seen a notable rise in the level of corporate fraud, bribery and corruption uncovered in your country of focus?
  • Have there been any legal and regulatory changes implemented in your country of focus designed to combat fraud and corruption? What penalties do companies face for failure to comply?
  • In your opinion, do regulators in your region have sufficient resources to enforce the law in this area? Are they making inroads?
  • If a company finds itself subject to a government investigation or dawn raid, how should it respond?
  • What role are whistleblowers playing in the fight against corporate fraud and corruption? How important is it to train staff to identify and report potentially fraudulent activity?
  • What advice can you offer to companies on conducting an internal investigation to follow up on suspicions of fraud or corruption?
  • What general steps can companies take to proactively prevent corruption and fraud within their organisation?

Q: To what extent have you seen a notable rise in the level of corporate fraud, bribery and corruption uncovered in your country of focus?

A: The COVID-19 pandemic has created increased opportunities for fraud worldwide. The UK is not immune, unfortunately, and such a disruptive event as the pandemic increases the likelihood that normal safeguards and risk management controls can be bypassed and subverted. There has been an increase in reported fraud and corruption cases over the past year. A survey of fraud experts by the Association of Certified Fraud Examiners (ACFE) in August 2020 showed that 77 percent were seeing an increase in fraud. Perhaps not surprisingly, cyber fraud is the fastest-growing problem area, but there has also been an uptick in unemployment fraud. This is bad news in the UK, where fraud is our most common crime, costing the country £190bn annually, according to the Royal United Services Institute (RUSI).

Q: Have there been any legal and regulatory changes implemented in your country of focus designed to combat fraud and corruption? What penalties do companies face for failure to comply?

 A: There is proposed legislation, supported by the secretary of state of the UK’s Department of Business, Energy and Industrial Strategy, that would increase accountability for corporations that produce falsified financial statements. This includes a provision that would require company directors to personally sign off on their corporation’s financial statements, under penalty of fines and possible prison time. Under the Sarbanes-Oxley Act in the US, the penalty for falsely certifying such statements is steep: up to 20 years in prison and up to $5m in fines, and the UK is looking at similar measures to step up its fight against fraud and corruption. The UK also recently approved the formation of an audit, reporting and governance authority (ARGA) that should come into force within the next two or three years. Accordingly, the UK is taking a stronger stance against fraud going forward.

> STAY UPDATED: Sign up for risk management, compliance, corporate and background investigations, business intelligence and due diligence related news, solutions, events and publications

 Q: In your opinion, do regulators in your region have sufficient resources to enforce the law in this area? Are they making inroads?

A: Combatting fraud is never straightforward. When looking at progress in detecting and preventing fraud, it sometimes feels like a question of whether the glass is half full or half empty. For example, the Serious Fraud Office (SFO) brought 13 fraud defendants to trial in 2019 and 2020, with a 95 percent four-year success rate by case. Many of these represent large frauds, and they are meaningful wins, but how many more fraudsters are out there undiscovered? Other bodies, including Her Majesty’s Revenue and Customs (HMRC), among others, also have key roles to play in investigating fraud, but a considerable amount of fraud is still investigated and prosecuted at the local level. It is important for leaders in the UK to know what resources law enforcement have and where they need training and support in the fight against fraud.

Q: If a company finds itself subject to a government investigation or dawn raid, how should it respond?

A: Any investigation, and especially a raid, can be an incredibly stressful time for a company and its employees. The important thing is to not panic – the investigators have a job to do, and the sooner they get to the truth of the situation, the better for everyone. Companies should direct their management and their employees to cooperate fully, while also engaging legal counsel to properly protect the corporation from future litigation. If fraud is detected, it is a criminal matter and the company should make a good faith effort to work with prosecutors and regulators, while making sure to document all control measures and prior steps taken to manage fraud risk. Having a track record of meeting compliance requirements and having proper internal controls in place at the time fraud occurs could have a mitigating effect in terms of potential prosecution and penalties down the road. View the reprint of the interview, covering not only the UK but also the United Arab Emirates.

Q: What role are whistleblowers playing in the fight against corporate fraud and corruption? How important is it to train staff to identify and report potentially fraudulent activity?

A: Employees are a company’s first line of defence against fraud and corruption. But training them to recognise the red flags of fraud is only half of the process. The company must also implement a reporting system that is anonymous and easy to use, so that employees are encouraged to report any suspicions. Then, the company must follow through and fully investigate any reports that do come in. If they do not, whistleblowers will believe that combatting fraud and corruption is not a corporate priority, and the tips will stop coming in. How important are those tips? According to the ACFE, they are by far the highest detection method for fraud, well above audits and other means. The company should communicate that a whistleblower hotline or online reporting system is available, and that there is a zero-tolerance policy for any type of retaliation against whistleblowers. Over time, the tips will come in.

Q: What advice can you offer to companies on conducting an internal investigation to follow up on suspicions of fraud or corruption? 

A: Investigations can be challenging, and they require expertise. For example, there are rules for collecting and handling evidence, including physical evidence and witness statements, that must be followed for such evidence to be admissible in court. There are also laws in the UK dealing with privacy and the rights of the accused. The bottom line is that a company already dealing with a potentially costly and damaging fraud scenario should not risk adding more legal trouble through a faulty investigation. Hire experts who deal with corporate crime and specialise in fraud and corruption cases. Like any other area of expertise, they will have the knowledge and resources to help proceed with an investigation and lead it to the most favourable outcome for your company. If you already have anti-fraud professionals on staff, let them take the lead, but provide outside resources as needed.

Q: What general steps can companies take to proactively prevent corruption and fraud within their organisation? 

A: A fraud prevention strategy has many different elements, and the sooner companies implement them, the sooner they can begin to work together in a proactive way to prevent fraud. Mandating employee training, such as ISO 37001 ABMS, having an ethical code of conduct signed by every member of staff, providing regular and surprise audits, and implementing a fraud reporting system are all effective ways to help prevent and detect fraud and corruption. None of these methods is strong enough on its own to properly protect organisations. But together, they can be very effective. It is also important to set a ‘tone at the top’, from ownership, directors and management on down, that fraud will not be tolerated. Anti-fraud controls only work if the company sees them through and thoroughly investigates every report. When fraud is confirmed, any perpetrators should be terminated and potentially prosecuted, sending a message of zero-tolerance.

> Find out more about the ISO 37001 training

About CRI Group

]Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, the CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 19600:2014 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.[/accordion_son][accordion_son title=”Meet our CEO” clr=”#ffffff” bgclr=”#1e73be”]Zafar I. Anjum, is the Group Chief Executive Officer of CRI Group (www.crigroup.com), a global supplier of investigative, forensic accounting, business due diligence and employee background screening services for some of the world’s leading business organisations.  Headquartered in London (with significant presence throughout the region) and licensed by the Dubai International Financial Centre-DIFC, the Qatar Financial Center-QFC, and the Abu Dhabi Global Market-ADGM, CRI Group safeguards businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. CRI Group maintains offices in UAE, Pakistan, Qatar, Singapore, Malaysia, Brazil, China, the USA, and the United Kingdom.

Contact CRI Group to learn more about its 3PRM-Certified™ third-party risk management strategy program and discover an effective and proactive approach to mitigating the risks associated with corruption, bribery, financial crimes and other dangerous risks posed by third-party partnerships.

 

CONTACT INFORMATION

Zafar Anjum, MSc, MS, CFE, CII, MICA, Int. Dip. (Fin. Crime) | CRI Group Chief Executive Officer
37th Floor, 1 Canada Square, Canary Wharf, London, E14 5AA United Kingdom
t: +44 207 8681415 | m: +44 7588 454959 | e: zanjum@crigroup.com

 

Source & Credits

The original version of the Q&A was published on Financier Worldwide’s InDepth Feature: Corporate Fraud & Corruption 2021Download the reprint here.

 

The consequences of inadequate due diligence

Running worldwide businesses requires effectively recognising, analysing and managing risks and ensuring compliance. We have identified that many organisations having third-party relationships conduct inadequate due diligence that might posses significant risks. In this article, we look at the possible risks and the best practices for conducting adequate due diligence and third-party risk management effectively such as:

  1. Planning
  2. Documentation
  3. Culture

Continuous risk management

Operating a global business today requires efficiently managing a network of third-party partners that supply product components, run operations in foreign markets, operate call centres, or act as outside consultants or agents.

The vast array of capabilities and specialised skill sets of a well-maintained third-party network makes operations easier for both the organisation and its customers.  But many organisations, from small businesses to multi-national corporations, can rarely afford the time and effort required in-house to manage these often complex third-party relationships.

Because of this, the risk of unethical business practices, bribery and other business corruption potentially increases if inadequate due diligence is conducted on third-party partners. The ramifications of a scandal related to a third-party partner can easily take down an organisation, resulting in such risks as a damaged reputation and brand devaluation, regulatory violations, legal proceedings and possible fines and jail terms for directors. Therefore, the only way to fully protect the corporation’s assets is through a strong and viable third-party risk management program.

Building a third-party risk management program is not a passive process. It requires time and effort continually, as the risks associated with third-party partnerships constantly evolve.

> Explore Third-Party Risk Management Solutions

Consider the recent events, during which the legislators of three separate nations signed new compliance regulations and standards into law. Without a doubt, if your organisation’s third-party risk management program is unable to quickly adjust to these new regulations (or is not designed to anticipate future legislative movements) your organisation is truly at risk.

Cutting Corners Not Worth the Risk: Adequate Due Diligence

Still, far too many organisations are willing to tempt fate by cutting corners on developing and implementing their third-party risk management program. Certainly, building a strong risk management program requires a significant investment of time and resources (both internally and from the outside). Still, the consequences of not doing it right could be dramatically severe.

One way organisations attempt to cut corners is by relying on outdated or stagnant tools to monitor, detect and prevent risks. Almost always, hiring outside industry professionals with proven track records of successful due diligence experience is necessary.

Relying too heavily on “desktop” due diligence is another dangerous shortcut. Desktop due diligence is an important initial step of the investigative process, involving background checks, lien searches, regulatory filing investigations and environmental reports. And while it is a vital component of any effective due diligence program, it’s not nearly enough to thoroughly evaluate a third-party.

Truly understanding a potential partner’s business requires a considerable amount of time spent face-to-face with the outside organisation’s leadership, operations management and even current customers. This “boots on the ground” process will detect potential risks, which are often hidden from a distance, and undetectable via web-based discovery tools.

The “boots on the ground” approach also help to establish a relational dynamic required for ongoing negotiations and provides a clear insight into two of the fastest-growing issues in third-party risk management:  Bribery and Labor Management.

Bribery As a Compliance Issue

Anti-bribery and anti-corruption compliance is a fast-moving target. New anti-bribery laws and regulations are being decreed around the world at a relentless pace. Complicating matters further, many countries may have laws in place but lack the ability to enforce them adequately. When this is the case, the responsibility falls to your organisation’s adequate due diligence program to ensure detection and protection.

High profile investigations in recent years have contributed to the rapid emergence of bribery and corruption as a societal issue. Never before has such a contrast been drawn so dramatically on a global stage between those that engage in bribery and those that suffer as a result. Any organisation that finds itself mixed up in a scandal involving bribery has more than a legal mess to contend with. It has a long battle to win back the trust of its shareholders, employees, customers and the public.

Conducting sufficient and adequate due diligence surrounded by such varying factors is work that must be conducted in person. Gaining insight into a potential partner’s company culture requires a level of immersion with the organisation’s leadership, management and staff. When it comes to evaluating bribery risk, some warning signs can only be discovered on-site.

This e-book explores some critical questions being posed to business leaders today: Has your organisation implemented reasonable and proportionate measures to prevent bribery? How will you know if your anti-bribery and anti-corruption controls are effective? Are you aware of the latest best practices in preventing bribery? Download our eBook to find out! READ NOW

Labour Matters and Compliance

From overtime issues and under-age workers to unsafe working conditions and improperly documented accidents, labour compliance represents a major component of any strong third-party risk management program.

Once again, inadequate attention to risks related to labour compliance can bring on considerable penalties. Understanding which industries, geographic regions, and management structures elevate the organisation’s risk is key to operate an adequate due diligence program efficiently. This understanding is nearly impossible to guarantee via ‘desktop’ due diligence. Spending the necessary time in person is the only way to ensure a potential supplier is properly compensating and managing employees while providing a safe workplace environment.

Make no mistake, even if your agreement with a third-party partner places the responsibility of payroll issues firmly upon the vendor, your organisation — as a joint employer — can still be held accountable in many countries. After all, the labour being conducted at your partner’s facility benefits your organisation’s bottom line.

What are the best practices?

The demands of identifying and measuring third-party risk, monitoring those potential risks on an ongoing basis, and making recommendations based on empirical research are best met by a dedicated team of outside professionals.  And while no two organisations are alike in terms of risk profiles, several factors have become consistent in building a strong, effective and adequate due diligence program:

1. Planning: Without a well thought out plan outlining ongoing monitoring efforts with assigned roles and responsibilities, measures to mitigate risk will be haphazard at best and dormant at worst. With a thoroughly established, management-advocated program that identifies specific risk factors for each affiliation, a process for addressing red flags, and an established mechanism for continual revision, the organization will remain vigilant in its efforts to protect itself from liability.

2. Documentation: Due diligence efforts are only as good as the information and data gathered and secured. Meticulous documentation and reporting enable the organisation to recognise trends, communicate analyses, and sustain efforts during any future personnel changes. Effective risk management programs feature established guidelines for capturing data, contracts and research with uniformity.

3. Culture: An organisation where leadership, management and workforce do not take the third-party risk seriously will never be adequately protected from risk. Successful organisations in this respect dedicate themselves to building a culture in which every employee feels personally invested in the operation’s risk management. Employees must feel empowered and encouraged to report red flags. Passive engagement is simply not enough.

Done correctly, third-party risk management can effectively save the organisation from risk, liability, and other perils often associated with outside entities wanting to engage and transact with your business.

A TPRM customised solution that best suits your needs

CRI Group’s own exclusive, expert-developed 3PRM™ services help you proactively mitigate risks from third-party affiliations, protecting your organisation from liability, brand damage and harm to the business. Whether your organisation has a large, well-established third-party program, is in the early stages of development, or is anywhere in between, the 3PRM™ solution can improve the health of your program and future-proof your entire business in many forms.

Our 3PRM™ solution streamlines the third-party risk management process through scalability, and efficiencies – from third-party risk identification to assessment what sets us apart is that our 3PRM™ solution includes:

  • Due Diligence
  • Screening & Background Checks
  • Regulatory Compliance
  • Business Intelligence: Information Management
  • Investigations: i.e. IP, Fraud, Conflict of Interest, etc
  • Anti-bribery & Anti-Corruption (ABAC) Compliance
  • Employee auditing training & education
  • Monitoring & reporting

Where should TPRM sit within an organisation?

TPRM can sit within various business units depending on your organisation’s structure. Many organisations involve multiple departments such as procurement, information security, operational risk and compliance to provide input to manage the risks related to engaging third parties. Depending on your business’ internal structure, you may choose to apply a centralised, mixed or decentralised model when focus on TPRM. At CRI Group we observed a trend with many of our clients implementing a centralised model when managing their third-party relationships, given the required input from their multiple business lines. A centralised model allows you as an organisation to track common risks across departments and identify emerging trends that may require a response from more than one department.

Risk management goes beyond TPRM

CRI Group provides the knowledge required to navigate unfamiliar markets and mitigate third party risk by assessing the backgrounds, integrity and character of those with whom you do business. Our 3PRM-Certified™ program is therefore key for managing an organisation’s third party risk levels. However, this is only one of the several vital steps towards a robust risk management strategy implementation.

Risk management is the identification, evaluation, and prioritisation of risks (defined in ISO 31000 as the effect of uncertainty on objectives) followed by coordinated and economical application of resources to minimise, monitor, and control the probability or impact of unfortunate events or to maximise the realisation of opportunities. Risks can come from various sources including your employees.

Getting Started with ISO 31000 Risk Management? Learn more with our “ISO 31000 Playbook”

 

At CRI Group, we understand that managing compliance and risk activities might be a daunting task. That’s why we present you with the insights library where you can dive deep into these topics to make your job easier. If you can’t find what you are looking for, just get in touch – we would love to have a chat!

 

Who is CRI Group?

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 37301:2021 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

 

Meet our CEO and Author

Zafar I. Anjum is Group Chief Executive Officer of CRI Group (www.crigroup.com), a global supplier of investigative, forensic accounting, business due diligence and employee background screening services for some of the world’s leading business organisations. Headquartered in London (with a significant presence throughout the region) and licensed by the Dubai International Financial Centre-DIFC, the Qatar Financial Center-QFC, and the Abu Dhabi Global Market-ADGM, CRI Group safeguards businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. CRI Group maintains offices in UAE, Pakistan, Qatar, Singapore, Malaysia, Brazil, China, USA, and the United Kingdom.

Contact us to learn more about the third-party risk management strategy program and discover an effective and proactive approach to mitigating the risks associated with corruption, bribery, financial crimes and other dangerous risks posed by third-party partnerships.

CONTACT INFORMATION

Zafar Anjum, MSc, MS, CFE, CII, MICA, Int. Dip. (Fin. Crime) | CRI Group Chief Executive Officer
t: +44 207 8681415 | m: +44 7588 454959
e: zanjum@crigroup.com

Risk assessment breakdown: Identification, Analysis, Evaluation

Whatever your reasons or motivations might be, if your organisation’s objective is to have an effective risk management strategy in place, then ISO 31000 can provide the principles, framework and a process for managing risk. ISO 31000 is not a certifiable standard; the standard is a set of guidelines which provide guidance for internal or external audit programmes. However we recommend taking ISO 31000 Awareness training, this will enable you to fully understand Risk Management activities and mitigate risk.  According to ISO 31000, there are two important building blocks that form the core of risk management:

  • Risk assessment
  • Risk treatment

Under ISO 31000, each of these stages has a whole section of its own – they go into detail about best practices for identifying risks, how to analyse them in terms of probability and severity, and how they can be evaluated in terms of the company’s risk appetite. This article discusses the importance of Risk Assessment.

Risk management is a full-time, ongoing endeavour for organisations in today’s business world, and it poses constant challenges. Unfortunately, fraud, bribery and corruption are major factors affecting businesses and agencies of all sizes and industries. Being proactive against these risks can mean the difference between success and ruin. Our “Risk Management & ABMS Playbook” provides tools, checklists, case studies, FAQs and other resources to help you lead your organisation into better preparedness and compliance. READ MORE NOW!

What is Risk Assessment?

Risk assessment is the overall process of identification, analysis and evaluation of any given risk. It can be a systematic examination of a task, job or process that a risk professional carries out at work for the purpose of identifying significant hazards. For example, the risk of someone being harmed and deciding what further control measures to take to reduce the risk to an acceptable level. The process will vary between organisations, but it should start with identification of hazards, analysis of who and what might be harmed, evaluation of the risk, documentation of the risks, taking action and review. Your organisation should conduct a risk assessment systematically, interactively and collaboratively, drawing on the knowledge and views of stakeholders. It should use the best available information, supplemented by a further inquiry as necessary.

Risk assessment breaks down into:

  • Step 1: Identification
  • Step 2: Analysis
  • Step 3: Evaluation

Risk Identification

The purpose of risk identification is to find, recognise and describe risks that might help or prevent an organisation achieving its objectives. Relevant, appropriate and up-to-date information is important in identifying risks. The organisation can use a range of techniques for identifying uncertainties that may affect one or more objectives. The following factors, and the relationship between these factors, should be considered:

  • Tangible and intangible sources of risk;
  • Causes and events;
  • Threats and opportunities;
  • Vulnerabilities and capabilities;
  • Changes in the external and internal context;
  • Indicators of emerging risks;
  • The nature and value of assets and resources;
  • Consequences and their impact on objectives;
  • Limitations of knowledge and reliability of information;
  • Time-related factors;
  • Biases, assumptions and beliefs of those involved.

Your organisation should identify risks, whether or not your sources are under your control. Consideration should be given that there may be more than one type of outcome, which may result in a variety of tangible or intangible consequences.

> At CRI Group we are working on new ISO 31000 Awareness training course. Show your interest and sign up for more updates HERE!

Risk analysis

Risk analysis allows you to understand the nature of risk, its characteristics and level. Because an event can have multiple causes and consequences and can affect multiple objectives a risk analysis should involve a detailed consideration of uncertainties such as risk sources, consequences, likelihood, events, scenarios, controls and their effectiveness.

Risk analysis can be undertaken with varying degrees of detail and complexity, depending on the purpose of the analysis, the availability and reliability of the information, and the resources available. Analysis techniques can be qualitative, quantitative or a combination of both, depending on the circumstances and intended use. Risk analysis should consider factors such as:

  • The likelihood of events and consequences;
  • The nature and magnitude of consequences;
  • Complexity and connectivity;
  • Time-related factors and volatility;
  • The effectiveness of existing controls;
  • Sensitivity and confidence levels.

A risk analysis is likely to be influenced by a wide range of variables, from any divergence of opinions, biases to perceptions of risk, from judgements, quality of the information used to the assumptions and exclusions made and any limitations of the techniques and how they are executed. These influences should be considered any risk analysis, documented and communicated to any decision-makers involved in the process.

It is important to remember that any highly uncertain event can be difficult to quantify, and this is an issue. If you find yourself in such a situation, using a combination of techniques generally provides greater insight. Risk analysis provides input to risk evaluation, to decisions on whether risk needs to be treated and how, and on the most appropriate risk treatment strategy and methods. The results provide insight for decisions, where choices are being made, and the options involve different types and levels of risk.

Risk evaluation

Risk evaluation can support your decisions. Risk evaluation involves comparing the results of the risk analysis with the established risk criteria to determine where additional action is required. This can lead to a decision to:

  • Do nothing further;
  • Consider risk treatment options;
  • Undertake further analysis to better understand the risk;
  • Maintain existing controls;
  • Reconsider objectives.

Any decisions should take into account the wider context and the actual and perceived consequences to external and internal stakeholders. The outcome of risk evaluation should be recorded, communicated and then validated at appropriate levels of the organisation.

Who should do risk assessments?

Well, by law, every employer must conduct risk assessments. Risk assessments should always be carried out by a professional who is familiar to risk, a person who is experienced and competent to do so.  Competence can be expressed as a combination of knowledge, awareness, training, and experience. Remember competence does not mean you have to know everything about everything, competence also means knowing when you know enough or when you should call in further expert help. 

 

Risk Assessment and ISO 31000

ISO 31000 was developed by hundreds of experts in risk mitigation, from thirty countries. This international effort produced a standard that is worldwide and represents best practices and leading operations for risk management. Organisations can trust that they are following a tested, robust standard to increase success. The standard converts risk management into a set of “friendly” and actionable – and straightforward to implement – guidelines, regardless of the size, nature, or location of a business.

> Find out more about ISO 31000 Risk Management and other standards now!

[/vc_column_text][accordion_father][accordion_son title=”About CRI Group” clr=”#ffffff” bgclr=”#1e73be”]Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business IntelligenceDue Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 19600:2014 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.[/accordion_son][/accordion_father][vc_empty_space][/vc_column][/vc_row]

BS7858:2019: everything you need to know and more!

The recent update of the BS7858 standard, “Screening of Individuals Working in a Secure Environment – Code of Practice,” places emphasis on the risk assessment of secure environment workers. The code focuses on the need for tighter controls over the pre-employment screening – and periodic re-screening – of individuals, who in their positions could potentially benefit from illicit personal gain, become compromised, or take advantage of other opportunities for creating breaches of confidentiality, trust or safety.

What is BS7858?

BS7858 stands for “Screening of Individuals Working in a Secure Environment – Code of Practice,” The BS7858 is a code of practice released by BSI (British Standards Institution), a business standards company which supports companies in achieving excellence within their field, and continuously boosting performance. Introduced in 2013, the standard was updated in September 2019 and is now considered to be the industry standard for all screening in employment, despite its original intention for use in security environments only. This code was meant to provide a critical security standard that guided employers on the screening process for security staff before offering full employment. However, the new update has widened the scope of this code.

This British Standard helps employers to screen personnel before they employ them. It gives best-practice recommendations, sets the standard for the  screening of staff in an environment where the safety of people, goods or property is essential. This includes data security, sensitive and service contracts and confidential records. It can also be applied to situations where security screening is in the public’s interest. It sets out all the requirements to conduct a screening process. It covers ancillary staff, acquisitions and transfers, and the security conditions of contractors and subcontractors. It also looks at information relating to the Rehabilitation of Offenders and Data Protection Acts. CRI Group is the first and only investigative research company in the Middle East to receive the certifications BS7858:2019 and BS102000:2013, Code of Practice for the Provision of Investigative Services from internationally recognised training and certification body BSI. 

Change of scope

The change of scope is possibly the biggest change of the standard. In the old document, the standard concerned the security sector only. However, the scope has been amended to allow organisations in all environments to adopt the standard when employee screening. And due to the current pandemic, this update is more significant than ever. There is a specific section of the standard that relates to risk management which states: “An integral part of risk management is to provide a structured process for organisations to identify how objectives might be affected. It is used to analyse the risk in terms of consequences and their probabilities before the organisation decides what further action is required”.

BS 7858:2019 lays out the scope of “obtaining personal background information to enable organisations to make an informed decision, based on risk, on employing an individual in a secure environment.” Those workers include business owners, directors, partners, silent partners and shareholders holding more than 10% of the business; managers, area managers, department managers, screening managers and staff; installers and service crew; security personnel; and office supervisors and staff with access to customer and system records.

The amended guidelines of the standard put the onus on the organisation’s top management to demonstrate that they are focused on the aspects of the business where the most risk lies, and the particular personnel roles that are involved within those risks areas. This is particularly important because, as the standard states, the “organisation retains ultimate responsibility for an outsourced screening process and is required to review the completed screening file.” Risks assessment includes examining specific roles that involve financial tasks, data security, management of goods, property risks or any number of “people risks” such as roles with direct access to vulnerable adults and children.

To that end, management is charged with ensuring that the organisation has proper and adequate resources and infrastructure in place to manage the adequate vetting of high-risk personnel. Management is tasked with the response and that there is a firm commitment at the top level to manage and support the coordination required to execute the screening process. Finally, management is tasked with ensuring that such responsibilities are correctly assigned and communicated throughout the organisation. The guideline also eliminates from its original text in 2012, a requirement to produce character references as part of the screening process. This decision was based on the supposition that such references are now deemed as potentially weak and difficult to verify. Managing risk effectively is essential to ensure businesses succeed and thrive in an environment of constant uncertainty. ISO 31000 aims to simplify risk management into a set of clearly understandable and actionable guidelines, that should be straightforward to implement, regardless of the size, nature, or location of a business.

BS7858:2019, a new way to mitigate employee risk during COVID-19

The far-reaching impact of the COVID-19 outbreak has affected virtually every business and economic sector worldwide, and depending on the global region, has hampered (on various levels) the ability to conduct proper and thorough background screening investigations. In the United Kingdom and the United Arab Emirates, the countrywide lockdowns forced leaders to close sites and send their workforce home. Many are having to learn how to manged people working from home (WFH) or remotely for the first time. The previous concerns about productivity, privacy and protecting sensitive information only grew more with the practice of WFH. They highlighted the vital importance of pre-employment background screening and background investigations. BS 7858:2019: the revised Standard for screening individuals working in secure environments offers a complete solution.

The revised BS7858 standard enables organisations to demonstrate a commitment to safeguarding their businesses, employees, customers and information utilising widely accepted methods that focus on risk assessment and top-down management involvement in the company’s employment policies and practices. In establishing policies and procedures around the standard, organisations can show that they place a high value on hiring individuals who possess integrity. Organisations can then task them with responsibilities designed to keep their co-workers, customers and information safe from the opposing forces that have become more prevalent in today’s ever-changing COVID-19 world. Find out more on how you can mitigate employee risk during this pandemic with BS7858:2019.

Playbook BS7858:2019, everything you need to know and more!

The price of a bad hire has far-reaching consequences for any business, including productivity loss, decreased employee morale, risks to employee safety and increased exposure to costly negligent hiring claims and potentially devastating litigation. The premise behind the standard is to safeguard employers from harmful or fraudulent hires.

Cases of organisations that forego conducting due diligence on a new hire – especially a hire with high-risk exposure – often end badly for those organisations. At CRI Group we know how important is your background screening to your company’s success and to give you an idea of what is new we have produced this playbook detailing the differences between BS7858:2012 standard and the new BS7858:2019 standard.

BS 7858:2019 playbook: everything you need to know and more!

Download FREE BS7858 playbook

Managing your people through COVID-19

The COVID-19 pandemic is undeniable affecting the world. And the situation is changing at an hourly rate as we go into a second global lockdown. Businesses are having to adapt quickly to survive, i.e. cutting steps in their hiring process, and no-one knows how this will play out. However, there are ways you can mitigate the impact, learn how with this FREE ebook.

Taken as a whole, this ebook is the perfect primer for any HR professional, business leader and companies looking to avoid employee background screening risks. It provides the tools and knowledge needed to stay ahead of COVID-19 effectively. Read the answers to the following questions:

  • How to turn the tide’ on coronavirus crisis?;
  • COVID-19 Action point checklist;
  • Background Screening: Essential Checks;
  • 6 steps for good practice in connection with COVID-19;
  • 11 Steps to Reduce Personnel Costs;
  • COVID-19 General advice;
  • How to remove any danger to your business during COVID-19;
  • … and more!
COVID-19 background screening and all you need to know | eBook | MockUp

Download your FREE playbook 

 

 

Frequently asked questions about background checks

Get answers to frequently asked questions about background checks / screening cost,  guidelines, check references etc.

This eBook is a compilation of all of the background screening related questions you ever needed answers to:

  • Does a candidate have to give consent to process a background check / screening?
  • How long does it take to conduct a background check?
  • When should I conduct pre-employment checks?
  • How often should I screen employees?
  • How to collect references and what to ask?
  • How much does it cost to conduct background checks?
  • What is the difference between employment history verification and employment reference?
  • How do I check on entitlement to work?
  • How to conduct identity checks?
  • What will a financial regulatory check show?
  • Is it possible to identify a conflict of interest during checks?
  • What is a bankruptcy check?
  • What about directorships and shareholding search?
  • Can I have access to a criminal watch list?
  • Anti-money laundering check?
  • Can we conduct FACIS (fraud and abuse control information system) searches?
  • … and MORE!
 

FAQ employee background screening | eBook | MockUp

Taken as a whole, is the perfect primer for any HR professional, business leader and companies looking to avoid employee background screening risks. It provides the tools and knowledge needed to make the right decisions.

DOWNLOAD THE EBOOK


Let’s Talk!

BS7984:2008 accredited companies (such CRI Group) highlight to their clients that their security personnel are staff that can be trusted and relied upon to complete a high-quality job as the screening process highlights the level of conduct that they have presented in the past. This reassures the safety of the people, goods and property that they have been hired to protect. If you have any further questions or interest in implementing compliance solutions, please contact us.

About the Author

Zafar I. Anjum, is Group Chief Executive Officer of Corporate Research and Investigations Limited “CRI Group” (www.crigroup.com), a global supplier of investigative, forensic accounting, integrity due diligence and employee background screening services for some of the world’s leading business organizations. Headquartered in London (with a significant presence throughout the region) and licensed by the Dubai International Financial Centre-DIFC, the Qatar Financial Center-QFC, and the Abu Dhabi Global Market-ADGM, CRI Group safeguards businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. CRI Group maintains offices in UAE, Pakistan, Qatar, Singapore, Malaysia, Brazil, China, USA, and the United Kingdom.

Zafar Anjum, MSc, MS, LLM, CFE, CII, MABI, MICA, Int. Dip. (Fin. Crime), Int. Dip. (GRC)
CRI Group Chief Executive Officer
37th Floor, 1 Canada Square, Canary Wharf, London, E14 5AA, United Kingdom
t: +44 207 8681415 | m: +44 7588 454959 | e: zanjum@crigroup.com

Who is CRI Group?

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business IntelligenceDue Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 19600:2014 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

Don’t let the dominoes fall (ever) with our new TPRM certification…

CRI Group is launching a third-party compliance verification and certification program – 3PRM-Certified™ – across the Middle East, Europe and Asian region. This Third-Party Risk Management (TPRM) program can help organisations establish the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with their business.

Third-party relationships are critical in business today, and include partnerships with suppliers, distributors, consultants, agents and other contractors. While such affiliations are essential to the success of your organisation, the consequences of inadequate due diligence cannot be overestimated. The risk of data breaches and supply chain disruptions continue to rise with COVID-19, so does the need for an effective TPRM programs. Whether you’re a TPRM professional looking for a certification to advance your skillset, or the leader of your organisation considering how to better equip your team with the best knowledge and skills, 3PRM-Certified™ program is a all  in solution.

> Read more on “How Risk Management and Due Diligence Interlock?”

CRI Group’s exclusive 3PRM-Certified™ solution provides the very best in third-party risk management. Our 3PRM-Certified™ program provides a proactive approach to mitigating risks from third-party affiliations, protecting the organisation from liability, brand damage and harm to business.

The 3PRM-Certified™ program includes a focus on the following:

  • Providing third-party risk assessments
  • Meeting contracting requirements
  • Conducting due diligence
  • Identifying potential fraud risks
  • Providing management oversight

Utilising a network of trained professionals positioned across five continents, CRI Group’s 3PRM services utilise one of the largest multi-national fraud investigation teams the industry has to offer. The 3PRM-Certified™ program is especially critical when your business is performing pre-merger and acquisition research and pre-IPO due diligence, engages new clients, employs, contracts or retains foreign business partners and requires a consistent and audit-worthy Anti-Money Laundering (AML) and anti-corruption compliance program.

> Learn more about TRM with our 3PRM-Certified™ brochure!

Your BUSINESS SUCCESS depends on assessing the ongoing behaviour, performance and risk that each  third-party relationship represents to your company. Being 3PRM-Certified™ is especially critical when your business:

  • Performs pre-merger & acquisition research
  • Conducts due diligence
  • Engages new clients
  • Employs, contracts or retains foreign business partners
  • Requires a consistent & audit-worthy anti money laundering & anti-corruption compliance program

When implementing 3PRM-Certified™ program you can focus on:

  • Providing third-party risk assessments
  • Meeting contracting requirements
  • Conducting integrity due diligence
  • Providing management oversight

And avoid:

  • Merging with an international business embroiled in behind-the-scenes legal battles
  • Getting caught up in making procurement decisions involving the inappropriate influence of government officials who were slated to receive kickbacks
  • Partnering with organisations that are potential credit risks, have claimed bankruptcy, have dissolved stated companies or are faced with debtor filings
  • Awarding work to an overseas contractor with absolutely no prior experience
  • Affiliating with a contracting company owned by a politician with significant influence on future awards

A TPRM customised solution that best suits your needs

CRI Group’s own exclusive, expert-developed 3PRM™ services help you proactively mitigate risks from third-party affiliations, protecting your organisation from liability, brand damage and harm to the business. Whether your organisation has a large, well-established third-party program, is in the early stages of development, or is anywhere in between, 3PRM™ solution can improve the health of your program and future-proof your entire business in many forms.

Our 3PRM™ solution streamlines the third-party risk management process through scalability, and efficiencies – from third-party risk identification to assessment what sets us apart is that our 3PRM™ solution includes:

  • Due Diligence
  • Screening & Background Checks
  • Regulatory Compliance
  • Business Intelligence: Information Management
  • Investigations: i.e. IP, Fraud, Conflict of Interest, etc
  • Anti-bribery & Anti-Corruption (ABAC) Compliance
  • Employee auditing training & education
  • Monitoring & reporting

Where should TPRM sit within an organisation?

TPRM can sit within various business units depending on your organisation’s structure. Many organisations involve multiple departments such as procurement, information security, operational risk and compliance to provide input to manage the risks related to engaging third parties. Depending on your business’ internal structure, you may choose to apply a centralised, mixed or decentralised model when focus on TPRM. At CRI Group we observed a trend with many of our clients implementing a centralised model when managing their third-party relationships, given the required input from their multiple business lines. A centralised model allows you as an organisation to track common risks across departments and identify emerging trends that may require a response from more than one department.

Risk management goes beyond TPRM

CRI Group provides the knowledge required to navigate unfamiliar markets and mitigate third party risk by assessing the backgrounds, integrity and character of those with whom you do business. Our 3PRM-Certified™ program is therefore key for managing an organisation’s third party risk levels. However this is only one of the several vital steps towards a robust risk management strategy implementation.

Risk management is the identification, evaluation, and prioritisation of risks (defined in ISO 31000 as the effect of uncertainty on objectives) followed by coordinated and economical application of resources to minimise, monitor, and control the probability or impact of unfortunate events or to maximise the realisation of opportunities. Risks can come from various sources including your employees.

Getting Started with ISO 31000 Risk Management? Learn more with our “ISO 31000 Playbook”

 

[/vc_column_text][/vc_column][/vc_row][accordion_father][accordion_son title=”About CRI Group” clr=”#ffffff” bgclr=”#1e73be”]Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 19600:2014 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.[/accordion_son][accordion_son title=”Prove that your business is ethical with a Gap Analysis (FREE)” clr=”#ffffff” bgclr=”#1e73be”]

Prove that your business is ethical. Complete our FREE Highest Ethical Business Assessment (HEBA) and evaluate your current Corporate Compliance Program. Find out if your organisation’s compliance program is in the line with worldwide Compliance, Business Ethics, Anti-Bribery and Anti-Corruption Frameworks. Let ABAC® experts prepare a complimentary gap analysis of your compliance program to evaluate if it meets “adequate procedures” requirements under UK Bribery Act, DOJ’s Evaluation of Corporate Compliance Programs Guidance and Malaysian Anti-Corruption Commission.

The HEBA survey is designed to evaluate your compliance with the adequate procedures to prevent bribery and corruption across the organisation. This survey is monitored and evaluated by qualified ABAC® professionals with Business Ethics, Legal and Compliance background. The questions are open-ended to encourage a qualitative analysis of your Compliance Program and to facilitate the gap analysis process.

The survey takes around 10 minutes to complete. TAKE THE SURVEY NOW!

[/accordion_son][/accordion_father]

HAVE YOU READ…

[/vc_column_text][vc_basic_grid post_type=”post” max_items=”3″ style=”pagination” items_per_page=”3″ item=”234″ grid_id=”vc_gid:1603815149232-a4f495c8-ceab-6″ taxonomies=”43″][vc_basic_grid post_type=”case-study” max_items=”12″ style=”pagination” items_per_page=”3″ item=”234″ grid_id=”vc_gid:1603815149237-9fb9d64b-3313-0″][vc_empty_space][/vc_column][/vc_row]

#InTheNews: the role of Risk Management in Banking & AI

SEC’s Office of Compliance Inspections and Examinations Issues COVID-19 Risk Alert

Lexology reported that “On August 12, 2020, the SEC’s Office of Compliance Inspections and Examinations (OCIE), issued a risk alert highlighting COVID-19 compliance risks and considerations for broker-dealers and investment advisers. The risk alert highlights six categories of compliance risk: Protection of investors’ assets, Supervision of personnel, Practices relating to fees, expenses, and financial transactions, Investment fraud, Business continuity, and Protection of investor and other sensitive information. Through its exams, operations and outreach efforts with SEC registrants, OCIE has observed the impacts of COVID-19 on registrants and their resulting operational resiliency challenges.” The US Securities and Exchange Commission reported that “market volatility related to COVID-19 may have heightened the risks of misconduct in various areas that the staff believe merit additional attention. This risk alert has been issued with an aim to inform firms and the public generally of these findings.

The Hong Kong Money Authority (HKMA)’s Guidance for banks on Climate Risk Practices

“The Hong Kong Money Authority (HKMA) has recently consulted selected Authorised institutions (AIs) about their approach to climate risk management in the four areas. Some of the key measures adopted by these AIs which are subsidiaries of international banks are noted and have been used as practical guidance in the White Paper”. The HKMA whitepaper explained that using risk management, “AIs are expected to incorporate climate risk considerations into their existing risk management framework.” The HKMA noted, “that advanced AIs aimed to develop a voluntary, consistent climate-related financial risk disclosure framework for firms to report information to stakeholders”[/vc_column_text][/vc_column][/vc_row][vc_hoverbox image=”8369″ primary_title=”Stay updated on the go” hover_title=”Subscribe for our newsletter” hover_btn_title=”Keep me updated” hover_add_button=”true” hover_btn_link=”url:https%3A%2F%2Fwww.crigroup.com%2Fnewsletter-subscription%2F||target:%20_blank|”]Sign up for risk management, compliance, corporate and background investigations, business intelligence and due diligence related news, solutions, events and publications.[/vc_hoverbox][/vc_column][/vc_row]

Risk and Compliance Management

CRI Group’s ABAC® Center of Excellence helps businesses ensuring compliance and managing risks by offering to achieve certifications for internationally recognised standards such as ISO 31000 and ISO 19600.
ISO 31000:2018 Risk Management provides principles, framework and a process for managing risk. Public, private and community enterprises can all benefit from ISO 31000:2018 because it covers most business activities, including research, planning, management and communications. Implementing ISO 31000:2018 can help organisations increase the likelihood of achieving objectives, improve the identification of opportunities and threats and effectively allocate and use resources for risk treatment.
ISO 19600 is a widely-accepted standard that provides guidance for establishing, developing, implementing, evaluating, maintaining and improving an organisation’s compliance management program. It covers all compliance-related issues including anti-trust, fraud, misconduct, export control, anti-money laundering, and other unexpected risks which might affect your business. The standard acts as a global benchmark for effective and responsive compliance management program, based on the good governance and transparency principles. The guidelines set forth by the standard are applicable to all types and sizes of organisations and aren’t restricted by industry, risk exposure or geographic reach.

Third-Party Risk Management

CRI Group’s own exclusive, expert-developed 3PRM™ services help you proactively mitigate risks from third-party affiliations, protecting your organisation from liability, brand damage and harm to the business. Whether your organisation has a large, well-established third-party program, is in the early stages of development, or is anywhere in between, 3PRM™ solution can improve the health of your program and future-proof your entire business in many forms. Our 3PRM™ solution streamlines the third-party risk management process through scalability, and efficiencies – from third-party risk identification to assessment what sets us apart is that our 3PRM™ solution includes:
From cybersecurity to anti-bribery, our solution is flexible and responsive to the various risk domains that are most important to your business. With a network of trained professionals positioned across five continents, CRI Group’s 3PRM™ services utilise one of the largest multi-national fraud investigation teams the industry has to offer.

Who is CRI Group?

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 19600:2014 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

ICC launches an Anti-corruption Third Party Due Diligence guide for small and medium size entities

International Chamber of Commerce (ICC) has launched an Anti-corruption Third Party Due Diligence guide for small and medium size entities. SMEs are often on the receiving end of burdensome due diligence procedures of large multi-national companies. These requirements can be overwhelming and often companies feel they do not have sufficient resources to meet them. This Guide aims to address these concerns and inspire Small and Medium size Enterprises (SMEs) to engage in due diligence by creating achievable and manageable due diligence goals. Following the Guide a company can:

  • Know and have confidence in their counterparties;
  • Through such knowledge and confidence meet the conditions for responsible investment;
  • Avoid prosecution/reputational/financial damage from being implicated in an anti-corruption issue;
  • Develop an ethical brand;
  • Provide assurance to business partners, in particular larger organisations that they are an ethical
    company.

SMEs must also develop robust anti-corruption ethics and compliance procedures to ensure they minimise the risk of corruption and adhere to international anti-corruption standards. Understandably, many SMEs are overwhelmed by the extensive international anti-corruption legislation and the complex ethics and compliance procedures in place in larger, multi-national companies. However, ethics and compliance does not necessarily need to be on a grand scale and supported by a dedicated legal department. There are manageable ways in which smaller companies can protect themselves by better managing corruption risks. A key element to a simple but effective ethics and compliance programme is due diligence. This is the focus of this Guide which sets out what due diligence is, why it is necessary, when it is necessary and how it can be implemented to protect a company from the risk of corruption as much as possible.

It provides practical advice on how SMEs can cost-effectively conduct due diligence on third parties they engage to perform services on their behalf. It focuses on corruption risks associated with engaging third party suppliers, contractors and consultants in an international and domestic setting and how those risks can be managed. This tool will also assist SMEs create an effective due diligence procedure that fits into an overall ethics and compliance programme. For SMEs that do not have any ethics and compliance procedures in place, it can be considered a good starting point. The Guide can be used by any SME, of any size (even very small companies) or industry and it can be adapted so that the due diligence programme is tailored to the specifics needs and industry in which the company operates.

ICC is the institutional representative of more than 45 million companies in over 100 countries. Through a unique mix of advocacy, solutions and standard setting, ICC promotes international trade, responsible business conduct and a global approach to regulation, in addition to providing market-leading dispute resolution services. ICC members include many of the world’s leading companies, SMEs, business associations and local chambers of commerce. Read more about ICC here!

Adoption of this Guide by SMEs will provide reassurance to prospective customers and can be used as evidence of an overall compliance commitment; the commercial benefits of which should not be underestimated.

> GET THE DOCUMENT HERE

 

This guide is also available in:

[/vc_column_text][vc_empty_space][accordion_father][accordion_son title=”Speak up – report any illegal, unethical, or improper behaviour” clr=”#ffffff” bgclr=”#1e73be”]Ethics and Compliance Hotline is an anonymous reporting mechanism that facilitates reporting of possible illegal, unethical, or improper conduct when the normal channels of communication have proven ineffective, or are impractical under the circumstances. At CRI Group, we are committed to having an open dialogue on ethical dilemmas regardless.

REPORT HERE!

We would like to introduce a new Ethics & Compliance Hotline. This hotline is available to all employees, as well as clients, contractors, vendors and others in a business relationship with CRI Group and ABAC Group. If you find yourself in an ethical dilemma or suspect inappropriate or illegal conduct, and you feel uncomfortable reporting through normal channels of communication, or wish to raise the issue anonymously, use CRI Group’s Compliance Hotline in below mentioned ways or provide us with your complaint online on the form below. The Compliance Hotline is a secure and confidential reporting channel managed by an independent provider. When reporting a concern in good faith, you will be protected by CRI Group’s Non-Retaliation Policy.

READ MORE!

[/accordion_son][accordion_son title=”Prove that your business is ethical.” clr=”#ffffff” bgclr=”#1e73be”]Complete ABAC® FREE Highest Ethical Business Assessment (HEBA) and evaluate your current Corporate Compliance Program. Find out if your organisation’s compliance program is in the line with worldwide Compliance, Business Ethics, Anti-Bribery and Anti-Corruption Frameworks. Let ABAC® (powered by CRI Group) experts prepare a complimentary gap analysis of your compliance program to evaluate if it meets “adequate procedures” requirements under UK Bribery Act, DOJ’s Evaluation of Corporate Compliance Programs Guidance and Malaysian Anti-Corruption Commission.

The HEBA survey is designed to evaluate your compliance with the adequate procedures to prevent bribery and corruption across the organisation. This survey is monitored and evaluated by qualified ABAC® professionals with Business Ethics, Legal and Compliance background. The questions are open-ended to encourage a qualitative analysis of your Compliance Program and to facilitate the gap analysis process.

The survey takes around 10 minutes to complete. TAKE THE SURVEY NOW!

[/accordion_son][accordion_son title=”About CRI Group” clr=”#ffffff” bgclr=”#1e73be”]Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business IntelligenceDue Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 19600:2014 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.[/accordion_son][/accordion_father]

Have you read…

[/vc_column_text][vc_basic_grid post_type=”post” max_items=”12″ style=”pagination” items_per_page=”3″ item=”234″ initial_loading_animation=”none” grid_id=”vc_gid:1605689308060-9e4edd68-a073-0″ taxonomies=”41, 43″][/vc_column][/vc_row]

Third-party risk: how to survive in a brave new world?

The Current Business Climate Requires a Review and Reassessment of Your Organisation’s Third-Party Relationships.We won’t soon forget the year 2020 and the myriad ways worldwide business was derailed over a microscopic virus that caused a global pandemic. From layoffs and shutdowns to shortages and closures, the long-term effects of the pandemic have yet to be determined. But one thing is certain: The disruption to the global supply chain has wreaked havoc in virtually every business sector. third party risk management

Automobile manufacturing in Korea has been suspended due to a lack of parts from China. The fashion industry in the United States is struggling over sourcing as garment producers in Asia reduce output. U.K. aerospace manufacturer Rolls-Royce has announced it is cutting 9,000 jobs as a result of the coronavirus. And sharp declines in consumer demand have adversely affected global manufacturers who in turn are idling production to curb losses.

> Learn more! Find out how anti-bribery and anti-corruption management plays an important part in your third-party risk management strategy. This FREE ebook analyses the performance of Rolls-Royce in terms of ABAC policies within the scope of the ISO 37001 provisions.

Global sourcing has been greatly impacted as suppliers have ceased operations, and multinational organisations have had to scramble to locate replacement supply sources. This gloomy picture has been made all the more daunting as opportunists, bad actors and other sanctioned, restricted or unreputable parties have set up operations to take advantage of unsuspecting and desperate businesses by producing inferior goods, missing contractual deadlines, or operating in ways that could raise flags in the areas of ethical conduct, business integrity or jurisdictional compliance. As such, multinational companies need to be on high alert for such nefarious outside operations, lest they put their reputations, stakeholders, directors and bottom lines at risk.

Now is the time to identify alternative supply scenarios and re-evaluate contractual terms and performance metrics with those parties in the sourcing network. And to accomplish this, a risk-based approach to diligence, screening and vetting present and potential third-party suppliers is more important now than ever before.

> Risk Management and Anti-bribery Anti-corruption Playbook > Get your guide for risk prevention, detection and compliance

What are the risks?

Threats are increasing on several levels for organisations that rely on outside third parties, such as agents, brokers, vendors and suppliers.  While depleted inventories, idle production, inferior products and delayed delivery have greatly impacted the marketplace worldwide, multinational businesses are feeling the brunt of these pandemic-induced supply chain disruptions on a greater scale:

  • Organisations are suffering financial loss as the supply chain falters;
  • Companies are losing customers because of poor-quality products and services from third parties;
  • Organisations are opening the doors to litigation by working with third parties that may be engaging in bad labour practices or forcing workers to produce in unsafe work conditions;
  • Company data systems are being exposed and breached because of poor security practices by third parties;
  • Companies are experiencing a greater level of supply chain issues due to poor disaster recovery procedures enacted by third-parties;
  • Organisations and boards are increasingly being exposed to litigation because of relationships with outside providers that may have violated contractual terms, potentially resulting in regulatory exposure;
  • Such organisations are being targeted by story-hungry media sources determined to expose the company to a global audience.

The result of these increased risks can be highly problematic:

  • Business litigation has skyrocketed;
  • Corporate reputations are negatively impacted on a larger scale;
  • Organisations have had to continually review, reassess and adapt risk management frameworks to adjust and acclimate to an ever-changing global business environment;
  • Board members are becoming increasingly subjected to intense scrutiny from outside watchdogs and critics;
  • Unfortunately, a highly educated market responds to the above scenarios accordingly with their pocketbooks.

From supply and production disruptions to regional compliance issues and bad media exposure, multinational corporations are facing increased scrutiny working with unscrupulous third-party partners.  Thus, the intense need to remain vigilant in conducting due diligence and vetting those outside affiliations.

 

Don’t let the dominoes fall, ever, with our 3PRM certification…

CRI Group’s third-party compliance verification and certification program – 3PRM-Certified™ – can help organisations establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. Third-party relationships are critical in business today, and include partnerships with suppliers, distributors, consultants, agents and other contractors. While such affiliations are essential to the success of your organisation, the consequences of inadequate due diligence cannot be overestimated. As the risk for data breaches and supply chain disruption continues to rise with COVID-19, so does the need for an effective third-party risk management (TPRM) programs. Whether you’re a TPRM professional looking for a certification to advance your skillset, or the leader of your organisation considering how to better equip your team with the best knowledge and skills, 3PRM-Certified™ program is a all-in solution.

> When is it time to conduct third-party screening?

CRI Group’s exclusive 3PRM-Certified™ solution provides the very best in third-party risk management. Our 3PRM-Certified™ program provides a proactive approach to mitigating risks from third-party affiliations, protecting the organisation from liability, brand damage and harm to business. The 3PRM-Certified™ program includes a focus on the following:

  • Providing third-party risk assessments
  • Meeting contracting requirements
  • Conducting due diligence
  • Identifying potential fraud risks
  • Providing management oversight

Utilising a network of trained professionals positioned across five continents, CRI Group’s 3PRM services utilise one of the largest multi-national fraud investigation teams the industry has to offer. The 3PRM-Certified™ program is especially critical when your business is performing pre-merger and acquisition research and pre-IPO due diligence, engages new clients, employs, contracts or retains foreign business partners and requires a consistent and audit-worthy AML and anti-corruption compliance program.

 

Subscribe to our monthly newsletter now!

Sign up for risk management, compliance, corporate and background investigations, business intelligence and due diligence related news, solutions, events and publications.

 

Who is CRI Group?

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

Prove that your business is ethical with a Gap Analysis (FREE) 

Evaluation of Corporate Compliance Programs – Highest Ethical Business Assessment: Evaluating Adequate Compliance, Business Ethics, Anti-Bribery and Anti-Corruption Framework
Prove that your business is ethical. Complete our FREE Highest Ethical Business Assessment (HEBA) and evaluate your current Corporate Compliance Program. Find out if your organisation’s compliance program is in the line with worldwide Compliance, Business Ethics, Anti-Bribery and Anti-Corruption Frameworks. Let ABAC® experts prepare a complimentary gap analysis of your compliance program to evaluate if it meets “adequate procedures” requirements under UK Bribery Act, DOJ’s Evaluation of Corporate Compliance Programs Guidance and Malaysian Anti-Corruption Commission. The HEBA survey is designed to evaluate your compliance with adequate procedures to prevent bribery and corruption across the organisation. This survey is monitored and evaluated by qualified ABAC® professionals with Business Ethics, Legal and Compliance background. The questions are open-ended to encourage a qualitative analysis of your Compliance Program and to facilitate the gap analysis process. The survey takes around 10 minutes to complete.

 

Meet our CEO and Author

Zafar I. Anjum is Group Chief Executive Officer of CRI Group (www.crigroup.com), a global supplier of investigative, forensic accounting, business due diligence and employee background screening services for some of the world’s leading business organisations.  Headquartered in London (with a significant presence throughout the region) and licensed by the Dubai International Financial Centre-DIFC, the Qatar Financial Center-QFC, and the Abu Dhabi Global Market-ADGM, CRI Group safeguards businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. CRI Group maintains offices in UAE, Pakistan, Qatar, Singapore, Malaysia, Brazil, China, USA, and the United Kingdom. Contact us to learn more about the third-party risk management strategy program and discover an effective and proactive approach to mitigating the risks associated with corruption, bribery, financial crimes and other dangerous risks posed by third-party partnerships.CONTACT INFORMATIONZafar Anjum, MSc, MS, CFE, CII, MICA, Int. Dip. (Fin. Crime) | CRI Group Chief Executive Officer
t: +44 207 8681415 | m: +44 7588 454959
e: zanjum@crigroup.com

Stay updated 

Follow us on LinkedInFacebook or Twitter for more industry news and insights.