Risk assessment breakdown: Identification, Analysis, Evaluation

Risk management is a full-time, ongoing endeavour for organisations in today’s business world, and it poses constant challenges. Unfortunately, fraud, bribery and corruption are major factors affecting businesses and agencies of all sizes and industries. Being proactive against these risks can mean the difference between success and ruin. Whatever your reasons or motivations might be, if your organisation’s objective is to have an effective risk assessment management strategy in place. This article discusses the importance of Risk Assessment. There are two important building blocks that form the core of risk management:

  • Risk assessment
  • Risk treatment

Each of these stages can stand on their own – in this article we will go into detail about best practices for identifying risks, how to analyse them in terms of probability and severity, and how they can be evaluated in terms of the company’s risk appetite.

What is Risk Assessment?

Risk assessment is the overall process of identification, analysis and evaluation of any given risk. It can be a systematic examination of a task, job or process that a risk professional carries out at work for the purpose of identifying significant hazards. For example, the risk of someone being harmed and deciding what further control measures to take to reduce the risk to an acceptable level. The process will vary between organisations, but it should start with identification of hazards, analysis of who and what might be harmed, evaluation of the risk, documentation of the risks, taking action and review. Your organisation should conduct a risk assessment systematically, interactively and collaboratively, drawing on the knowledge and views of stakeholders. It should use the best available information, supplemented by a further inquiry as necessary.

Risk assessment breaks down into:

  • Step 1: Identification
  • Step 2: Analysis
  • Step 3: Evaluation

Business Intelligence (BI) Solutions can help during this stage. BI take many shapes and forms in today’s complex business environment. Budgets are stretched and the challenges facing a business and its employees can sometimes lead to issues that start off small, but then lead to wider spread problems which can affect the very fabric of your organisation and damage both your credibility, reputation and bottom line profits. CRI® Group takes two approaches to BI solutions:

  • Intelligence operations (via market research and analysis): we focus on researching the future and potential growth of your business – i.e. determine the commercial viability and potential for success in the market, analyse consumer behaviour and business trends in that market, etc.
  • Investigative operations (via commercial investigations): we focus on the current status of your business – i.e. location of assets, financial information, identification of unmet needs of any market, gauge brand awareness and identity in the market, etc.)

CHECK OUT OUR BI SOLUTIONS  or  DOWNLOAD BROCHURE

 

Risk Identification

The purpose of risk identification is to find, recognise and describe risks that might help or prevent an organisation achieving its objectives. Relevant, appropriate and up-to-date information is important in identifying risks. The organisation can use a range of techniques for identifying uncertainties that may affect one or more objectives. The following factors, and the relationship between these factors, should be considered:

  • Tangible and intangible sources of risk;
  • Causes and events;
  • Threats and opportunities;
  • Vulnerabilities and capabilities;
  • Changes in the external and internal context;
  • Indicators of emerging risks;
  • The nature and value of assets and resources;
  • Consequences and their impact on objectives;
  • Limitations of knowledge and reliability of information;
  • Time-related factors;
  • Biases, assumptions and beliefs of those involved.

Your organisation should identify risks, whether or not your sources are under your control. Consideration should be given that there may be more than one type of outcome, which may result in a variety of tangible or intangible consequences.

Risk analysis

Risk analysis allows you to understand the nature of risk, its characteristics and level. Because an event can have multiple causes and consequences and can affect multiple objectives a risk analysis should involve a detailed consideration of uncertainties such as risk sources, consequences, likelihood, events, scenarios, controls and their effectiveness.

Risk analysis can be undertaken with varying degrees of detail and complexity, depending on the purpose of the analysis, the availability and reliability of the information, and the resources available. Analysis techniques can be qualitative, quantitative or a combination of both, depending on the circumstances and intended use. Risk analysis should consider factors such as:

  • The likelihood of events and consequences;
  • The nature and magnitude of consequences;
  • Complexity and connectivity;
  • Time-related factors and volatility;
  • The effectiveness of existing controls;
  • Sensitivity and confidence levels.

A risk analysis is likely to be influenced by a wide range of variables, from any divergence of opinions, biases to perceptions of risk, from judgements, quality of the information used to the assumptions and exclusions made and any limitations of the techniques and how they are executed. These influences should be considered any risk analysis, documented and communicated to any decision-makers involved in the process.

It is important to remember that any highly uncertain event can be difficult to quantify, and this is an issue. If you find yourself in such a situation, using a combination of techniques generally provides greater insight. Risk analysis provides input to risk evaluation, to decisions on whether risk needs to be treated and how, and on the most appropriate risk treatment strategy and methods. The results provide insight for decisions, where choices are being made, and the options involve different types and levels of risk.

Risk evaluation

Risk evaluation can support your decisions. Risk evaluation involves comparing the results of the risk analysis with the established risk criteria to determine where additional action is required. This can lead to a decision to:

  • Do nothing further;
  • Consider risk treatment options;
  • Undertake further analysis to better understand the risk;
  • Maintain existing controls;
  • Reconsider objectives.

Any decisions should take into account the wider context and the actual and perceived consequences to external and internal stakeholders. The outcome of risk evaluation should be recorded, communicated and then validated at appropriate levels of the organisation.

Who should do risk assessments?

Well, by law, every employer must conduct risk assessments. Risk assessments should always be carried out by a professional who is familiar to risk, a person who is experienced and competent to do so.  Competence can be expressed as a combination of knowledge, awareness, training, and experience. Remember competence does not mean you have to know everything about everything, competence also means knowing when you know enough or when you should call in further expert help.

But we all like to think that all of our employees will be trustworthy, but this is not always the case. There have been many instances in which an employee has been dishonest about their job history, qualifications or even criminal history. A dishonest employee could be unqualified for the position, possibly endangering others on the job. Or they might be a fraud risk, willing to bend the truth in other ways in order to enrich or advance themselves on your dime. No organisation can afford to have employees or staff who aren’t what they claim to be. Even a seemingly innocent embellishment can indicate more background problems under the surface, and the potential for future problems down the road so remember, trust your employees but, verify them too. 

CHECK OUT OUR EMPLOYEE BACKGROUND SCREENING SOLUTIONS  or  DOWNLOAD BROCHURE

Risk Assessment and ISO 31000 certification with ABAC®

While the team at CRI® do not deliver any training or certification on ISO 31000, our partner ABAC® Center of Excellence do. ISO 31000 can provide the principles, framework and a process for managing risk. ISO 31000 is not a certifiable standard; the standard is a set of guidelines which provide guidance for internal or external audit programmes. However we recommend taking ISO 31000 Awareness training, this will enable you to fully understand Risk Management activities and mitigate risk. 

ISO 31000 was developed by hundreds of experts in risk mitigation, from thirty countries. This international effort produced a standard that is worldwide and represents best practices and leading operations for risk management. Organisations can trust that they are following a tested, robust standard to increase success. The standard converts risk management into a set of “friendly” and actionable – and straightforward to implement – guidelines, regardless of the size, nature, or location of a business. 

The training helps establish an ethical culture by educating your personnel on the following:

  • What constitutes fraud, corruption, and bribery, and why these are so damaging to business
  • How to identify red flags of fraud, corruption, and bribery
  • The process for reporting fraudulent and unethical acts
  • The organization’s zero-tolerance attitude toward unethical behaviour and willingness to terminate employees for breaches, and prosecute unethical acts
  • The serious ramifications for committing fraud or bribery, the legal consequences, and the negative impact on one’s career

The ISO certifications helps us at ABAC® to provide appropriate anti-bribery training to personnel across various industries. This standard helps to assess bribery risks, perform the appropriate due diligence required for your business and to take reasonable and proportionate steps to ensure that controlled organizations and business associates have implemented appropriate anti-bribery controls.

> Find out more about ISO 31000 Risk Management and other standards now!

Other Solutions

While CRI® may not offer the ISO certification, we do offer other services. We specialise in solutions regarding compliance, working as trusted partners to businesses and institutions across the globe. Our experts work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates. CRI’s unique identity and vision evolved from our fundamental desire to support our clients and their candidates, thus creating the DueDiligence360™.

The DueDiligence360TM reports to help organisations comply with anti-money launderinganti-bribery, and anti-corruption regulations. This service also proves beneficial ahead of a merger, acquisition, or joint venture as it can be used for a third-party risk assessment, onboarding decision-making, and identifying beneficial ownership structures. Identifying key risk issues clearly and concisely helps enhance your knowledge and understanding of the customer, supplier, and third-party risk, helping you avoid those involved with financial crime.

Why not consider our background investigative solutions? Employee Background Checks can aid in reducing the risk of hiring an employee who does not live up to their supposed skill set and could cause irrevocable damage. Firms spend years, thousands, even millions to brand their products and services – it only takes one bad hire to cause loss of capital and reputation. It can go as far as bringing a business to fail – especially if the employee holds malice towards the organisation. EmploySmart™ is CRI’s own solution aiming to expose vulnerabilities and threats within your organisation. Much like the ISO certification, our EmploySmart™ is a risk management measure which can be used to significantly reduce business and financial crime, fraud and malpractice within your workplace.

Our solutions are also certified by the British Standard Institute BSI for the scope of BS 7858:2019 Screening of individuals working in a secure environment, Code of practice (the only BS 7858 certified background screening services provider in the UAE and across the Middle East); and BS 102000:2018 Code of practice for the provision of investigative services.

Another risk management solution to consider from CRI® is our Third-Party Risk Management solution (TPRM),  also known as 3PRM™. In wake of the global pandemic, the 3PRM™ was developed in a bid to aid organisations to accurately determine the legal compliance, financial viability, and integrity levels of external parties, vendors, and customers who seek to be affiliated with and represent the business.

The 3PRM-Certified™ program consists of gap analysis and investigative due diligence on the targeted above parties.  This highly thorough program reveals anti-corruption, compliance and risk management discrepancies associated with the international regulatory framework helping your business to flourish at any scale. Find out more about CRI Group’s Solutions here.

If you’re unsure of what solution may be best for you and your business, how about connecting with one of our experts for a free consultation? Receive tailored advice from the top analysts and investigators across the globe.

CONTACT US

About CRI® Group

Based in London, CRI® works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business IntelligenceDue Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI® also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI® launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 19600:2014 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI® Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

Why Financial Services Firms Need ISO 37001 ABMS?

When Société Générale, a global financial services institution based in France, agreed to pay a combined total penalty of more than $860 million for an alleged bribery and corruption scheme, it served as a warning shot to financial firms worldwide that a culture of enforcement has arrived. Société Générale was accused of paying bribes to officials in Libya and committing violations in manipulating the London InterBank Offered Rate (LIBOR), one of the world’s leading benchmark interest rates. Together with other regulatory penalties faced by the financial services giant, the total amount to be paid exceeds $1 billion. (The United States Department of Justice, 2018)

Bribery and corruption often go together with money laundering – and, as such, the financial sector faces new Anti-Money Laundering (AML) rules and legislation that is strict and increasingly enforced. Remaining in compliance through implementing proper prevention controls is a must. Failing to do so can mean a loss of business, trust and reputation: Banking giant Citibank was fined $70 million in the US for failing to address shortcomings in its anti-money laundering policies. We at CRI intend on being apart of the solution. Therefore, CRI Group’s ABAC will be hosting a webinar on the 30th of September exploring the Pitfalls Most Organisations Often Commit – the importance of implementing Anti-Bribery Management System (ABMS). Being a part of the solution means sharing our knowledge so society is one step closer to an ethical reality.

Register Here 

In the US alone, more than 100 bribery investigations were in progress at the end of last year, with the financial services industry facing the most investigations. (Wall Street Journal, 2019)

Having layers of safeguards in place is required both from a legal and compliance standpoint. One of the most critical layers is an effective anti-bribery management system (ABMS).

Prevent corruption and promote compliance

There is a solution that financial services organisations can implement to take a proactive stance against bribery and corruption: The ISO 37001:2016 Anti-Bribery Management System standard. ISO 37001 ABMS is designed to help global organisations implement an anti-bribery management system (ABMS), as the standard specifies a series of measures required by the organisation to prevent, detect and address bribery, and provides guidance relative to that implementation.

For financial services firms, this is a critical layer of protection that provides both anti-bribery controls and a system for compliance with various anti-corruption legislation, such as the FCPA and UK Bribery Act. The UK Bribery Act’s adequate procedures requirement dictates that all companies need to have ongoing monitoring, training, surveillance and risk assessments – ISO 37001 ABMS is designed to fulfil these criteria and more.

CRI Group’s ABAC Certification Services is accredited to offer independent ISO 37001 certification to ensure that an organisation is in compliance with the standard, which is recognised and practised in more than 160 countries worldwide. CRI Group’s auditors and analysts work with financial services organisations to develop measures that integrate with existing management processes and controls, and include:

  • Adopting an anti-bribery policy
  • Establishing buy-in and leadership from management
  • Training personnel in charge of overseeing compliance
  • Communicating the policy and program to all personnel and business associates
  • Providing bribery and corruption risk assessments
  • Conducting due diligence on projects, business associates and other third-party affiliations
  • Implementing financial and commercial controls
  • Developing reporting and investigation procedures

Our paid webinar will have a rundown of the following:

  • What are the core Bribery and Corruption Risks for Financial Institution?
  • How to protect financial institutions and corporations from bribery and corruption risk
  • Reparations from bribery that could affect the businesses, clients, and employees
  • Successful regulations to mitigate risk for bribery and corruption.
  • What can be done if bribery is detected?
  • Internationally recognised solutions laid forth by ISO 37001: Anti-Bribery Management System that gives businesses effective controls to mitigate risk
  • Components of risk management at a financial institution

We will also be exploring how the implementation of such a standard aids in examining and dealing fittingly with any actual or suspected bribery within the corporation and also how to implement appropriate financial, procurement and other commercial controls so as to help prevent the risk of bribery in financial services as these organisations face unique challenges.

Register Here 

Among them are maintaining proper internal procedures as they relate to bribery and AML regulations. These measures can be logistically challenging, especially in the auditing process – but keeping accurate books and records is a key provision of the UK Bribery Act. ISO 37001 ABMS standard makes this a key provision in cultivating proper due diligence and reporting procedures.

Another major challenge involves monitoring third-party risk. The due diligence practices and risk assessments implemented through ISO 37001 ABMS are critical in this area. Financial services firms, more than any other sector, must conduct effective vetting and ongoing monitoring of third-parties. This goes beyond “on-boarding” and relates to how companies continually assess risk from outside partners – including brokerage firms, introducers, agents, joint-venture relationships, even clients – as borrowers, for example, represent a major risk on the balance sheet.

Some financial services companies do not properly score or assign risk profiles to third-party partners, and this can represent a major weak point in efforts to prevent bribery, corruption and money laundering. Regulators understand this, too. That’s why ISO 37001 ABMS dictates thorough and comprehensive due diligence in regards to all third-parties and especially in the case of mergers and acquisitions.

Once certified, an organisation must continue surveillance and undergo a recertification audit over three years to ensure that the organisation still complies with the ISO 37001:2016 ABMS standard. During this time, any changes to processes, the addition of new partners and expansion/acquisition of new assets or energy contracts, etc. are carefully reviewed.

Long-lasting benefits of certification

ISO 37001 ABMS provides a strong framework for addressing and isolating risk factors, and the benefits of certification are far-reaching, impacting not just the primary organisation but also influencing contractors, clients, and raising the profile of the company as an ethical entity that is a good trading partner. By achieving ISO 37001:2016 ABMS certification, a financial services firm will:

  • Ensure that the organisation is implementing a viable anti-bribery management system utilising widely accepted controls and systems.
  • Assure management, investors, business associates, personnel and other stakeholders that the organisation is actively pursuing internationally recognised and accepted processes to prevent bribery and corruption.
  • If needed, provide acceptable evidence to prosecutors or courts that the organisation has taken reasonable steps to prevent bribery and corruption.

Cases like Société Générale are not isolated, but more and more, we are seeing companies punished for not taking proper preventative action with a robust anti-bribery management system (ABMS). Financial services firms need to be aware and stay in front of increased anti-bribery and corruption legislation given that such regulations have, in most cases, achieved a global reach. For ownership and management, the stakes are especially high – accountability now includes criminal liability for organisation personnel as individuals, beyond (and in addition to) liabilities faced by the organisation. This trend will only continue as governments, and their publics become increasingly intolerant of fraud, bribery and corruption. Significant media coverage and the real and perceived threat to governments’ economies contribute to this changing landscape of public opinion.

As the ISO 37001 International standard document states, “Conformity with (ISO 37001) cannot provide assurance that no bribery has occurred or will occur in relation to the organisation, as it is not possible to eliminate the risk of bribery. However, (the standard) can help the organisation implement reasonable and proportionate measures designed to prevent, detect and respond to bribery”. With this in mind, It’s important to note that ISO 37001 certification, on its own, is not a “safe harbour” from prosecution should bribery or corruption be discovered. Significantly, ISO certification is, as the above explains, a potential mitigating piece of evidence to regulators or even prosecutors and the courts that the entity has taken meaningful steps in its efforts to prevent bribery and corruption.

Financial Services Firms Need ISO 37001 ABMS

It is critical that any financial services organisation have a proper, comprehensive strategy to prevent and detect bribery and corruption, and remain in compliance with all regulations – on the local, regional, and international levels. The ISO 37001 ABMS standard is an established, tried and tested program to address those issues head-on through a comprehensive program of training and certification. The training process is tailored to the organisation while still following the developed curriculum and documented best practices. Due diligence procedures and risk assessments are applied in a thorough, comprehensive manner. Certification requires the demonstration that processes have been implemented effectively, with follow-up evaluations.

Worldwide developments in laws and regulations have demonstrated that there isn’t time to wait to implement controls and compliance procedures – the next investigation and/or prosecution may be too late. The harm caused by bribery and corruption to an entity’s reputation, investments and business can be far-reaching and long-lasting.

This paid webinar will be running from the following times on Thursday the 30th of September;

  • 08:00 to 10:00 GMT
  • 15:00 to 17:00 MYT
  • 12:00 to 14:00 GST

Your turnout with come with a certificate of Attendance (COA) as well as a complimentary webinar ABMS Awareness for 2 Pax per company. While you’re there, why not attain a Continuing Professional Development (CPD) certificate and stay on top of your industry?

Register your place for this webinar here and find out how to tackle the issue of bribery and corruption in your workplace before it has time to manifest itself into a greater issue. Finance is the greatest asset to the economy after all.

Complete Registration 

 

Who is CRI Group?

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business IntelligenceDue Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 19600:2014 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

Inadequate due diligence hit Space-transport SPAC Momentus $8 million SEC fine

Home | All Solutions | Due diligence

Inadequate due diligence hit SPAC Momentus $8 million SEC fine

Inadequate due diligence hit SPAC Momentus $8 million SEC fine after misleading investors. The Securities and Exchange Commission (SEC) has charged the Momentus particular purpose acquisition company (SPAC), its sponsor SRC-NI, the sponsor’s CEO Brian Kabot, the company, and founder Mikhail Kokorich – which involved in a $1.2 billion space-transport SPAC for defrauding investors and obscuring the CEO’s status as a US national security risk.

The Fraud Claimed

The SPAC, Stable Road Acquisition Corp, had sought to merge with Momentus, a private start-up, to take it public. Momentus’s key offering was a “microwave electro-thermal water plasma thruster,” a way of zapping water vapour to propel a spacecraft, intending to transport satellites into space.

But Momentus’s propulsion tech failed to show results, according to SEC filings. A test mission fell well short of the company’s benchmarks, and a former Momentus employee said that the test yielded “no data to suggest that that thruster would deliver an impulse of any commercial significance.”

According to the SEC’s settled order, Kokorich and Momentus, an early-stage space transportation company, repeatedly told investors that it had “successfully tested” its propulsion technology in space when, in fact, the company’s only in-space test had failed to achieve its primary mission objectives or demonstrate the technology’s commercial viability.

The order finds that Momentus and Kokorich also misrepresented the extent to which national security concerns involving Kokorich undermined Momentus’s ability to secure required governmental licenses essential to its operations.

Join our mailing list and get exclusive industrial insights for subscriber-only!

The compliance issue: Inadequate due diligence

The SEC’s settled order finds that Stable Road repeated Momentus’s misleading statements in public filings associated with the proposed merger and failed its due diligence obligations to investors.

According to the order, while Stable Road claimed to have conducted extensive due diligence of Momentus, it never reviewed Momentus’s in-space test results or received sufficient documents relevant to assessing the national security risks posed by Kokorich.

The order finds that Kabot participated in Stable Road’s inadequate due diligence and filed its inaccurate registration statements and proxy solicitations. The SEC’s complaint against Kokorich includes factual allegations that are consistent with the findings in the order.

“This case illustrates risks inherent to SPAC transactions, as those who stand to earn significant profits from a SPAC merger may conduct inadequate due diligence and mislead investors. Stable Road, a SPAC, and its merger target, Momentus, both misled the investing public. The fact that Momentus lied to Stable Road does not absolve Stable Road of its failure to undertake adequate due diligence to protect shareholders. Today’s actions will prevent the wrongdoers from benefitting at the expense of investors and help to better align the incentives of parties to a SPAC transaction with those of investors relying on truthful information to make investment decisions.

SEC Chair Gary Gensler

The litigation against Momentus, Stable Road, and Kabot

Associate Director of the SEC’s Division of Enforcement, Anita B, mentioned in her statement that Momentus’s former CEO alleged to have engaged in fraud by misrepresenting the viability of the company’s technology and his status as a national security threat, inducing shareholders to approve a merger in which he stood to obtain shares worth upwards of $200 million.

The SEC’s order finds that Momentus violated scienter-based antifraud provisions of the federal securities laws and caused sure of Stable Road’s violations. It also considers that Stable Road violated negligence-based antifraud provisions of the US federal securities laws as well as specific reporting and proxy solicitation provisions.

The order finds that Kabot violated provisions of the federal securities laws related to proxy solicitations. Kabot and SRC-NI caused Stable Road’s violation of Section 17(a)(3) of the Securities Act of 1933. Without admitting or denying the SEC’s findings, Momentus, Stable Road, Kabot, and SRC-NI consented to an order requiring them to cease from future violations. Momentus, Stable Road, and Kabot will pay civil penalties of $7 million, $1 million, and $40,000, respectively.

Inadequate due diligence hit SPAC Momentus $8 million SEC fine. Source: US Securities and Exchange Commission 

What do you actually know about the integrity of the 3rd party and their way of doing business? Do they adhere to (inter)national regulations on anti-bribery and anti-corruption? Is it possible that there is a liability risk?

Due diligence on potential business partners when adding a new vendor or even hiring a new employee is vital to confirm the legitimacy and reduce the risks associated with such professional relationships. Global integrity DueDiligence360TM investigations provide your business with the critical information it needs in making sound decisions regarding mergers and acquisitions, strategic partnerships, and the selection of vendors, suppliers, and employees. It will ensure that working with an, i.e. potential trade partner will ultimately achieve your organisation’s strategic and financial goals.

At CRI Group, we specialise in Integrity Due Diligence, working as trusted partners to businesses and institutions worldwide. Our people work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates. CRI’s unique identity and vision evolved from our fundamental desire to support our clients and their candidates. Safeguard your business and its integrity with DueDiligence360™.

Our DueDiligence360™ expose vulnerabilities and threats that can cause serious damage to your organisation and can significantly reduce business. CRI Group is trusted by the world’s largest corporations and consultancies – outsource your due diligence to an experienced provider, and you will only ever have to look forward, never back.

CRI Group investigators employ a proven, multi-faceted research approach that involves a global array of databases, courts and public record searches, local contacts, industry and media resources, and in-depth web-based research. Our resources include:

  • International business verification
  • Individual business interest search
  • Personal profile on individual subjects
  • Company profile on corporate entities
  • Historical ownership analysis
  • Identification of subsidiaries & connected parties
  • Global/national criminality & regulatory records checks
  • Politically Exposed Person database
  • International digital media research
  • Company background analysis
  • Industry reputational assessment
  • FCPA, UK Anti-Bribery & corruption risk databases
  • Global terrorism checks
  • Global financial regulatory authorities checks
  • Money laundering risk database
  • Financial reports
  • Asset tracing
  • Country-specific databases that include litigation checks, law enforcement agencies & capital market, regulators

Protect your reputation and the risk of financial damage and regulator action using our detailed reports. They enhance your knowledge and understanding of the customer, supplier, and third-party risk, helping you avoid those involved with financial crime.

DueDiligence360™ from CRI Group

WHAT DO YOU ACTUALLY KNOW ABOUT THE INTEGRITY OF THE PARTY & THEIR WAY OF DOING BUSINESS? DOES OR DID THIS PARTY ADHERE TO (INTER)NATIONAL REGULATIONS ON ANTI-CORRUPTION & ANTI-BRIBERY? IS IT POSSIBLE THAT THERE IS A LIABILITY RISK?

At CRI Group, we specialise in Integrity Due Diligence, working as trusted partners to businesses and institutions across the world. Our people work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates.

CRI’s unique identity and vision evolved from our fundamental desire to support our clients and their candidates. Safeguard your business and its integrity with DueDiligence360™.

Our DueDiligence360™ expose vulnerabilities and threats that can cause serious damage to your organisation and can significantly reduce business. CRI Group is trusted by the world’s largest corporations and consultancies – outsource your due diligence to an experienced provider and you will only ever have to look forward, never back. Clients who partner with us benefit from our:

Expertise
CRI Group has one of the largest, most experienced and best-trained integrity due diligence teams in the world.

Global scope
Our multi-lingual teams have conducted assignments on thousands of subjects in over 80 countries, and we’re committed to maintaining and constantly evolving our global network.

Flexibility
Our DueDiligence360TM service is flexible and can apply different levels of scrutiny to the subjects of our assignments, according to client needs and the nature of the project.

About CRI Group

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, the CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001 Anti-Bribery Management SystemsISO 37301 Compliance Management Systems and ISO 31000 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations.

How to Identify and Prevent Employee Fraud?

In 2017 the major European ABB conglomerate admitted that an employee took advantage of serious management failings to disappear with $103 million of the firm’s cash. According to CNN business, ABB CEO Ulrich Spiesshofer and Chief Financial Officer Eric Elzvik admitted that the organisations managers had failed to maintain sufficient segregation of duties in the treasury unit of its subsidiary in South Korea and did not provide enough oversight of local treasury activities.

To top it all off, ABB also failed to keep the signature seals of the South Korean unit secure which as a result, has lead the company became “bound to unauthorised financial contracts, resulting in undetected financial obligations.” 

Organisations rely on the honesty and integrity of their employees, however employee fraud does unfortunately cost companies vast sums of money. Employee fraud is a reality across all sectors – no matter how credible a job applicant is and how stringent your hiring process is – your business is at risk.

Tips on Identifying and Preventing Employee Fraud

When you trust your employees, it is difficult to think the worst of them, even when there are red flags – circumstances or patterns that are out of the ordinary – alerting you to the contrary. If you have suspicions of employee fraud, it is recommended to hire a forensic accountant to help you detect fraud, understand your circumstances, and put together evidence to target and confront the employee without tipping them off.

The good news is that you can plan and train your team to prevent this from taking place; the best thing you can do for your business is to learn how to recognise the warning signs of employee fraud and have robust procedures in place to minimise the risks and opportunities for fraud. Employee fraud covers a wide range of fraudulent activities in the workplace and can vary in seriousness including embezzlement.

Embezzlement involves an employee who transfers company funds into their bank account. One example of an act of embezzlement is deliberately writing cheques in the employees’ name or diverting company assets without authorisation, e.g. customers unknowingly pay into an employee-controlled bank account, not the business’. This is serious fraudulent behaviour, but employees usually get away with it without raising any suspicion by creating non-existent suppliers and fake employees or using counterfeit credit notes to hide/disguise misappropriated monies.

An easy way to spot this type of financial fraud is to scour through the bank statements and financial records of your organisation and check for irregular activities or patterns of unusual and unauthorised transactions.

Another common sign of embezzlement is when either an employee or a manager/director begins to enjoy a lavish lifestyle that is obviously beyond their means, e.g. holidays, cars, clothes/jewellery. In the case that you suspect an employee or director might be embezzling funds from within your company, it is essential to be discreet in your employee fraud investigation to prevent the employee from covering their tracks and disposing of substantial evidence.

Other Common Types of Employee Fraud

  • Commission fraud – inflating sales figures to gain a more significant commission than deserved.
  • Petty fraud – for example, embellishing an expense claim or taking office supplies.
  • Money laundering – hiding the origin of illegally obtained money and washing it through your business.
  • Insider Trading – making a profit by using valuable information that is unavailable to the public to their advantage, for example, confidential information that could impact the prices of shares, securities, goods/commodities.
  • Manipulation of accounts – false information on sales, purchases or stock can be used to perpetrate fraud for personal financial gain, e.g. overstated trading profits to receive cash/share bonuses, or get a promotion, creating false trading accounts or stock/fixed asset write-offs to obtain goods.

What can you do (as an employer) to minimise employee fraud?

The most effective way to minimise employee fraud as an employer is to implement robust management procedures and employee background screening; the implementation of these preventative measures will ensure staff are adequately investigated and monitored and consider the possibilities for collusion between employees – including a conflict of interest. Paying attention to only the procedures within your accounts department is not sufficient. The same procedures can help you across your operations, including sales and procurement.

Minimise the chances of employee fraud with the following procedures:

  • Separation of employee responsibilities such as placing orders, recording invoices and collecting debts.
  • Requiring purchase or payment authorisation by more than one person.
  • Compare actual to budgeted expenditure for unexpected patterns.
  • Examine bank reconciliations thoroughly.
  • Scrutinise cancelled cheques and cheques made out to employees or unusual vendors.
  • Review supplier invoices for significant amounts, pricing or volumes.
  • Verify credit notes and write-offs with receiving records.
  • Install and monitor CCTV to deter theft of stock or equipment.

Fraud Triangle

An American criminologist, Donald R Cressey, devised a theory that involved three aspects that trigger fraud. Understanding these triggers will help you prevent fraud:

  • Opportunity – the lack of internal controls or reporting structure/oversight increase the chance of fraud.
  • Rationalisation – the fraudster will rationalise the continued deception, which increases slowly, perhaps over a few years, becoming an entitlement, i.e. I deserve this. This offers the chance to stop some employee fraud early if robust detection procedures are in place.
  • Pressure – overwhelming pressure, be it business factors such as company targets to meet or personal pressures, such as gambling or financial problems.

Implement Pre-employment and Post-employment employee screening now!

Preventing financial loss is crucial for your business’s survival and expansion, which is why it’s essential to know and understand its obvious signs. Use the list above as a guide to protecting your organisation.

To detect employee fraud professionally and thoroughly, it is recommended you seek the expertise of a skilled employee fraud accountant as early as possible. They can help you investigate your employees by reviewing your bank statements and financial documents and advise you whether an employee is committing fraud and to what extent. A forensic accountant’s report will also give you the evidence you need to take the necessary action against your employee and act as a deterrent to others.

For a free and confidential chat to discuss how we can help your business, contact us. 

 

About CRI Group

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 19600:2014 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

Review and Reassess Your Organisation’s Third-Party Relationships

The global pandemic is rattling economies worldwide, disrupting supply chains, interrupting production, wreaking havoc on industry sectors and shuttering businesses; this is ultimately having an impact on the third-party relationships businesses have. 

It’s highly probable that, at some point, organisations that affiliate with outside providers will eventually have to deal with any number of operational interruptions resulting from a third-party relationships related issue. And while the risks involved in partnering with outsiders haven’t changed over time, the potential level of liability has been ratcheted up several notches.

International Borders have been ripped down. Technology has improved the way businesses communicate. Easy access to data and information enables the media to report on business news before a business can adequately respond. Consequently, the markets are quick to react based on this 24/7 on-demand news cycle.

The result of this increased liability can be highly problematic:

  • Business litigation has skyrocketed.
  • Corporate reputations are negatively impacted due to the fallout from the current global pandemic.
  • Risk management frameworks are continually evolving to acclimate to changing business environments.
  • Board members are becoming increasingly subjected to intense scrutiny from outside critics.

THE CHALLENGE: The Global Business Climate is Changing. So Are Your Third-Party Partners.

  • Organisations suffer financial loss as the supply chain falters and loses customers because of poor-quality service from a third-party.
  • Company data systems are exposed and breached because of poor security practices by third-parties.
  • Companies are experiencing supply chain issues due to poor disaster recovery procedures by third-parties.
  • Organisations are increasingly being exposed to litigation because of relationships with an outside provider that significantly violated contractual terms, potentially resulting in regulatory exposure.

THE SOLUTION: 3PRM:  A Third-Party Certification Program; Qualify Your Partners.  Protect Your Organisation.

Corporate Research and Investigations Limited (CRI Group) is pleased to announce the rollout of its 3PRM-Certified™ program, specifically designed for organisations across the Middle East, Europe and Asian regions. 

This highly specialised Third-Party Risk Management assessment and certification program was developed to help organisations accurately determine the legal compliance, financial viability, and integrity levels of outside partners, suppliers, and customers who seek to affiliate with and represent your business.

The 3PRM-Certified™ program consists of gap analysis and investigative due diligence on targeted third-party partners, suppliers and agents seeking to affiliate with your organisation.  This highly thorough program can reveal any anti-corruption, compliance and risk management deficiencies associated with the international regulatory framework.

CRI Group employs a network of locally qualified, subject-specific auditors, investigators, certified fraud examiners and industry-specific professionals across the Middle East, European and Asian regions who can provide expert counsel in offering 3PRM-Certified™ strategies as an effective preemptive measure. 

OUTCOMES – IDENTIFYING RED FLAGS

  • Undisclosed third-party transactions
  • Material misrepresentations or ommissions
  • Unreported financial liabilities
  • Criminal or regulatory sanctions
  • Prior bribe or corruption allegations
  • Undisclosed legal or bankruptcy proceedings
  • Politically Exposed Persons (PEPs)

RESULT: A highly educated market responds immediately with their pocketbooks.

CRI Group’s 3PRM™ Third-Party Risk Management Strategy™ Can Safeguard Your Organisation Against: Has your organisation adequately vetted its third-party relationships lately?  Contact CRI Group to learn more about our 3PRM-Certified™ third-party risk management strategy program and discover an effective and proactive approach to mitigating the risks associated with corruption, bribery, financial crimes and other dangerous threats posed by third-party partnerships.

We Look Forward to Assisting You.

GET A QUOTE

our feel free to reach out to our CEO, Zafar I. Anjum, MSc, MS, LLM CFE, CIS, MICA, Int. Dip. (Fin. Crime), Int. Dip. (GRC), MBCI, CII Int. Dip. (AML) | e: zanjum@crigroup.com | t:+44 7588 454959

Who is CRI Group?

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider.

We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 37301:2021 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification.

ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. Contact ABAC® for more on ISO Certification and training.

 

UK solicitor sentenced to four years in prison over £2.3m fraud

UK solicitor, Andrew Davies defrauding his firm £2.3m jailed

A former senior partner, the UK solicitor, has been jailed for four years after defrauding his firm out of a total of £2.3m. Andrew Davies, 59, paid personal invoices to himself from the business and under-declared £1.1m in stamp duty land tax to HM Revenue and Customs (HMRC) for over nine years.

Davies pleaded guilty to one count of fraud by false representation at Reading Crown Court in 2019 and was sentenced to four years imprisonment in January this year. As a senior partner at the firm, Andrew Davies managed to defraud it out of the money by paying personal invoices to himself from the business account.

The 59-year-old also under-declared £1.1m in Stamp Duty Land Tax to HMRC over nine years, over-declaring tax to clients and then taking money from the solicitor’s firms account for himself, both defrauding the company he worked for and HMRC at the same time.

Davies also raised invoices to pay over £1.6 million to his friend Stephen Allan, who worked as a property developer and was a firm client. The 62-year-old from Bishop’s Stortford was convicted at Reading Crown Court on one count of money laundering and jailed for three years.

In a statement, police mentioned the convictions and sentencing of a solicitor’s firm in Berkshire defrauded out of £2.3m between 2010 and 2017.

Allan then made smaller payments into Davies’ account and also pocketed around £400,000 himself. The solicitor extracted funds from the firm’s client account, paying it to Allan in transactions described as ‘fees’, but there was no known work for this.

Davies of The Street, West Clandon, Guildford, and Allan of Thornberry Road, Bishops Stortford, Hertfordshire, were charged by police officers in August 2019.

The statement did not name the firm, but a Solicitors Regulation Authority notice has previously stated that Davies worked for Reading firm Pitmans LLP, which has since become part of another practice. Davies has already been struck by the Solicitors’ Disciplinary Tribunal and ordered to pay £17,000 in costs.

Investigating officer Detective Constable Katie Taylor of Thames Valley Police’s Economic Crime Unit said: ‘In this case, a solicitor trusted to safeguard client funds abused this position and systematically defrauded his firm of large sums of money for his benefit.

‘He then used a corrupt relationship to launder the proceeds of his crime through a property developer. These professional enablers of organised crime represent a significant risk, and we hope that the conviction and sentence, in this case, will act as a deterrent to others.’

Source: Financial Crime News & The Law Society Gazette

 

Get exclusive insights curated for subscriber-only when you join our mailing list.

About CRI Group

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, the CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001 Anti-Bribery Management SystemsISO 37301 Compliance Management Systems and ISO 31000 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations.

You suspect employee fraud. Now what?

When any type of fraud, including employee fraud, is discovered, it’s usually by surprise. That’s because most of us aren’t used to looking for criminal behaviour inside our own organisation. We trust…
Read More

New European Parliament corporate due diligence and corporate accountability

 

Corporate due diligence and corporate accountability, ending an era of voluntary policing. A new EU mandate places liability on companies unable to assess and mitigate unethical third-party behaviour. New legislation requires companies operating in the EU to ‘identify, address and remedy their impact on human rights and the environment throughout their global value chains.’

Situation Analysis:

  • In 2017, nearly 25 million people categorised as victims of forced labour. International Labour Organization, 2017 report
  • From 2000-2012, nearly 25% of all tropical deforestation was due to illegal agro-conversion for export markets. 2019 study

Global economies have significantly benefited from an increase in cross-border and international business partnerships, which has led to a substantial expansion of the global value chain. Subsequently, more and more companies are being exposed to potential liability by unscrupulous third-party providers in their supply chain pipeline with little respect for business ethics, human rights or the environment.

There is a growing concern worldwide of the many supply chain businesses linked to severe abuses, including exploitative working conditions, modern slavery and child labour, toxic pollution, rampant destruction of rainforests and a general disregard for corporate governance.

For decades, companies have voluntarily monitored supply chain partners for bad behaviour, but this self-policing has limited. But now, the European Union Parliament has presented mandates for EU businesses – under penalties of law – to carry out due diligence to identify, prevent, mitigate and account for actual or potential human rights violations and negative environmental impacts in their operations and supply chain. 

“We live in a world where businesses with the wherewithal can still shift their adverse social and environmental impact to the most vulnerable people and places on the planet.” Lara Ianthe Wolters, Member, European Parliament

The Challenge: You are Liable for the Conduct of Your Partners; lack of due diligence will get you into trouble

The legislation requires companies operating in the EU to identify, address and remedy their impact on human rights (including social, trade union and labour rights), the environment (contributing to climate change or deforestation) and good governance (such as corruption and bribery) throughout their value chain.

This is akin to saying that if a company fails to conduct due diligence on a third-party partner that engages in slave labour, pollutes the environment, manipulates the price or violates jurisdictional regulations, that company is essentially complicit in the partnering company’s illegal behaviour. It may be held liable in a court of law.

Aside from legal and monetary penalties, the company further risks a tarnished reputation in the market and a devaluation of its brand.

It’s crucial for businesses utilising global supply chain partners to conduct due diligence and assess the potential risks that a third party may pose to your organisation, particularly when addressing risks associated with environmental damage and human rights violations.

The Solution: Identify unethical behaviour and protect your organisation with 3PRM, Corporate Due Diligence and Risk Management

CRI Group developed a highly specialised assessment solution for Corporate Due Diligence and Third-Party Risk Management to assist organisations in accurately identifying, preventing, mitigating and addressing actual and potential adverse impacts of affiliating with global partners and complies with all EU mandates.

From enhanced due diligence to identify non-compliance of the regulatory framework and damaging environmental allegations to investigating company (or stakeholder) human rights violations related to labour laws, child labour or human trafficking, CRI Group experts help determine the legal compliance, financial viability, and integrity levels of outside partners and suppliers affiliated with your company’s value chain.

Outcomes

Recent studies have demonstrated a positive correlation between the extent to which companies implement environmental, social and good governance policies, and their overall economic performance, all while contributing to a more stable global marketplace. Such responsible business conduct:

  • Enhances protection for workers
  • Improves access to justice for victims
  • Safeguards the environment
  • Ensures fair products for consumers

Further, apart from general compliance with EU mandates, such organisations enjoy a wealth of intangible benefits, including:

  • Reduced overall liability risks
  • Improved stakeholder protection
  • Lower costs resulting from conflicts
  • Improved company transparency
  • More profound knowledge of the value chain
  • Enhanced reputation in the market 
  • Improved social standards for workers

“The global pandemic has demonstrated that resilient global supply chains that protect both the people and planet will be crucial to companies and economic recovery in the future.” Transparency International EU

CRI Group’s corporate due diligence and accountability solutions can help your organisation comply with a growing list of global regulations and mandates related to human rights and the environment while acting as an integral part of your business decision-making and risk management systems. 

Are you prepared to conduct a due diligence assessment on your global partners? Contact CRI Group to learn more about our Corporate Due Diligence and Accountability solutions and stay one step ahead of the pending EU mandates. We look forward to assisting you.

Zafar I. Anjum | MSc, MS, LLM CFE, CIS, MICA, Int. Dip. (Fin. Crime), Int. Dip. (GRC), MBCI, CII Int. Dip. (AML)

Group Chief Executive Officer, Corporate Research and Investigations Limited

e: zanjum@crigroup.com | t:+44 7588 454959

Our enhanced Integrity Due Diligence services will ensure that working with an, i.e. potential trade partner will ultimately achieve your organisation’s strategic and financial goals. To find out more about each level of due diligence, contact CRI Group HERE!

About CRI Group

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider.

We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 37301:2021 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification.

ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. Contact ABAC® for more on ISO Certification and training.

John Wood Group to pay $177 million to settle bribery charges inherited through its merger

John Wood Group bribery probe trace back to its merger with Amec Foster Wheeler Plc.

John Wood Group Plc has agreed to pay $177 million to settle the UK led bribery and corruption probe into a British engineering firm it acquired in 2017. The settlement is part of a so-called deferred prosecution agreement with the Serious Fraud Office and the US Department of Justice concerning Amec Foster Wheeler Plc.

The UK agreement is still subject to court approval. As part of the deal, the company can avoid prosecution for three years if it cooperates in the continuing bribery probe. Wood Group’s payment is one of the largest ever obtained in the UK led bribery and corruption case. The biggest was a $1.2 billion settlement with Airbus SE that also involved the US and French authorities.

In 2017, the SFO opened an investigation into Amec’s use of third parties to gain contracts, just weeks after Shareholders approved wood Group’s proposed acquisition. The DOJ said the probe concerned a scheme to pay bribes to officials in Brazil for a $190 million contract to design a gas-to-chemicals complex.

As part of the deal announced, at least $10.1 million will settle charges brought by the US Securities and Exchange Commission. The DOJ said it would get about $18.4 million to resolve its criminal charges in the Brazil bribery probe. Amounts to be paid to the UK and Brazil are yet to be made public.

Wood Group announced that it was close to a settlement. It originally said it expected a deal for $186 million, with about $60 million paid in the first half of 2021 and the rest over three years. The company also agreed to pay $10 million to Scottish authorities earlier this year to settle the case.

“The investigations brought to light unacceptable, albeit historical, behaviour that I condemn in the strongest terms,” Wood Group Chief Executive Officer Robin Watson said in a statement. “Although we inherited these issues through acquisition, we took full responsibility in addressing them, as any responsible business would.”

The company has “cooperated fully with the authorities” and “taken steps to improve further our ethics and compliance program from an already strong foundation,” Watson said. “I’m pleased that, subject to final court approval in the UK, we have been able to resolve these issues and can now look to the future.”

The agreement comes amid criticism of the SFO and its inability to prosecute individuals after securing settlements with companies. Earlier this year, the SFO dropped its probe into former Airbus directors and was dealt a humiliating setback after its trial against two former Serco Group Plc directors fell apart because it failed to disclose evidence.

In May 2021, the SFO opened one of its biggest investigations into suspected fraud and money laundering concerning GFG Alliance and its financing agreements with Greensill Capital. It was after months of intense pressure from lawmakers to investigate Sanjeev Gupta’s empire.

John Wood Group bribery probe

Source: Financial Crimes News

Join our mailing list and get exclusive industrial insights for subscriber-only!

The importance of due diligence in merger and acquisition to avoid a similar incident happened like in John Wood Group.

Due diligence is understood as the reasonable steps taken to satisfy legal requirements in the conduct of business relations. That allows you to reduce risks – including risks arising from the FCPA (Foreign Corrupt Practices Act) and the UKBA (UK Bribery Act), to make informed decisions and to pursue takeovers or mergers with more confidence.

Unlike other kinds of control (audits, market analysis, etc.), it must be completely independent and rely as little on information provided by the researched subject. The other important difference lies in the methodology: commercial or financial due diligence analyses available information, investigative type provides reliable and pertinent, but raw, information.

Due diligence on potential business partners when adding a new vendor or hiring a new employee is vital to confirm the legitimacy and reduce the risks associated with such professional relationships. Global integrity due diligence investigations provides your business with the critical information it needs to make sound decisions regarding mergers and acquisitions, strategic partnerships, and the selection of vendors, suppliers, and employees.

It will ensure that working with an, i.e. potential trade partner will ultimately achieve your organisation’s strategic and financial goals. CRI Group investigators employ a proven, multi-faceted research approach that involves a global array of databases, courts and public record searches, local contacts, industry and media resources, and in-depth web-based research. Our resources include:

  • International business verification

  • Individual business interest search

  • Personal profile on individual subjects

  • Company profile on corporate entities

  • Historical ownership analysis

  • Identification of subsidiaries & connected parties

  • Global/national criminality & regulatory records checks

  • Politically Exposed Person database

  • International digital media research

  • Company background analysis

  • Industry reputational assessment

  • FCPA, UK Anti-Bribery & corruption risk databases

  • Global terrorism checks

  • Global financial regulatory authorities checks

  • Money laundering risk database

  • Financial reports

  • Asset tracing

  • Country-specific databases that include litigation checks, law enforcement agencies & capital market regulators

DueDiligence360™ from CRI Group

WHAT DO YOU ACTUALLY KNOW ABOUT THE INTEGRITY OF THE PARTY & THEIR WAY OF DOING BUSINESS? DOES OR DID THIS PARTY ADHERE TO (INTER)NATIONAL REGULATIONS ON ANTI-CORRUPTION & ANTI-BRIBERY? IS IT POSSIBLE THAT THERE IS A LIABILITY RISK?

At CRI Group, we specialise in Integrity Due Diligence, working as trusted partners to businesses and institutions across the world. Our people work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates.

CRI’s unique identity and vision evolved from our fundamental desire to support our clients and their candidates. Safeguard your business and its integrity with DueDiligence360™.

Our DueDiligence360™ expose vulnerabilities and threats that can cause serious damage to your organisation and can significantly reduce business. CRI Group is trusted by the world’s largest corporations and consultancies – outsource your due diligence to an experienced provider and you will only ever have to look forward, never back. Clients who partner with us benefit from our:

Expertise
CRI Group has one of the largest, most experienced and best-trained integrity due diligence teams in the world.

Global scope
Our multi-lingual teams have conducted assignments on thousands of subjects in over 80 countries, and we’re committed to maintaining and constantly evolving our global network.

Flexibility
Our DueDiligence360TM service is flexible and can apply different levels of scrutiny to the subjects of our assignments, according to client needs and the nature of the project.

About CRI Group

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, the CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001 Anti-Bribery Management SystemsISO 37301 Compliance Management Systems and ISO 31000 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations.

Looking for a Service Provider Due Diligence Checklist?

There are many risks implicit in doing business, and CEO’s and risk management officers face many internal and external threats. Most organisations face preventable risks; however, the burden of identifying risks can be too much, especially when dealing with third-party providers.

Most service providers offerings are often part of organisations’ core functions (i.e. internet-related services or cloud services); they have access to sensitive information, including your clients’ client details (PII), their financial data such as credit cards (PCI), or trade secrets; that impacts your data security or privacy programs; a worrying source of risk and, often than not, they drive up your cost. 

According to Ponemon Institute’s Cost of a Data Breach Report 2020, organisations spend £2.9 million ($3.86 million) recovering from security incidents. And third-party breaches cost $370,000 more than in-house breaches. Third-party breaches do happen, and many organisations aren’t prepared. In fact, Protiviti’s 2019 Vendor Risk Management Benchmark Study found that only 4 in 10 organisations have a fully mature vendor risk management process in place. 

It’s critical to follow a well-defined and comprehensive due diligence process when it comes to service providers. Having a services provider due diligence checklist allows you to see what obligations, liabilities, or any types of risks you’re assuming. 

What Is a Due Diligence Checklist?

A due diligence checklist is an organised way to analyse a service provider you want to work with. Following this checklist, you can learn about the Service Provider liabilities, benefits, and potential problems. Due diligence checklists are usually arranged in a basic format. However, they can be changed to fit different industries and professional relationships. A due diligence checklist can also be used for:

  • Preparing an audited financial statement or annual report
  • A public or private financing transaction
  • Bank financing
  • A joint venture
  • An initial public offering (IPO)
  • General risk management.

However, we developed a complete due diligence checklist for you to use on your service providers for this article. There are six core areas to consider when doing your due diligence vetting a service provider:

  1. General company information
  2. Financial review
  3. Reputational Risk
  4. Insurance
  5. Information Security Technical Review
  6. Policy Review

The questions could change based on your requirements or the company, industry, size, or region. The more you know about potential vendors, the easier it is to assess their risk. Let’s take a look!

1. Build an inventory of your service providers:

  • List the providers of significant core functions
  • List any smaller providers who might be working with individual departments

2. Rank each service provider based on risk by asking the following questions:

  • What service does this organisation provide?
  • Who owns the relationship with this provider?
  • Is this provider tied to your organisation’s most critical business operations?
  • What data do they have access to?

3. Collect information on each service provider, including basic information:

  • A business charter or articles of incorporation (or similar corporate charter)
  • Business location, and proof of location.
  • Business license: confirm that the company is legitimate
  • Overview of company structure
  • Information about executives and board members
  • Financial information: is the service provider financially solvent? Would you want to partner with a company that may not be in business next year? 
  • Insurance: gather information on general liability insurance, cyber insurance, or insurance-specific capabilities.

4. General risk information:

  • Is the service provider on any watch lists?
  • Any Lawsuits?
  • Any negative news coverage?
  • Any significant complaints or negative reviews from consumers?
  • Is the site physically secure?
  • Policy Review

Cyber risk Information:

  • Security rating
  • Assessment questionnaire
  • Retrieve the IT system outline
  • Any assets exposed to the open Internet?
  • Any cases of data breaches?

Final risk analysis:

  • Calculate your risk: Risk = Likelihood of a Data Breach X Impact of a Data Breach/Cost
  • Set a risk rating of high, medium, or low
  • Compare the above information with your risk appetite and determine whether your organisation should pursue a relationship with the service provider

How can CRI Group help you manage and respond to risks?

Managing third-party risk can be difficult. The work isn’t done when you understand the risks associated with doing working with third-party providers. With CRI Group, organisations can make the process simpler and gain a window into their service providers’ risk. 

Due diligence on potential business partners when adding a new vendor or hiring a new employee is vital to confirm the legitimacy and reduce the risks associated with such professional relationships. 

Our global integrity DueDiligence360 investigations provide your business with the critical information it needs in making sound decisions regarding mergers and acquisitions, strategic partnerships, and the selection of vendors, suppliers, and employees. And we offer different levels of due diligence to fit your needs:

  • Level I Basic: Basic due diligence
  • Level I Essential: Essential due Diligence
  • Level II EDD Enhanced Integrity Due Diligence
  • Level II EDD Plus Enhanced Integrity Due Diligence

Our Enhanced Integrity Due Diligence services will ensure that working with an, i.e. potential trade partner will ultimately achieve your organisation’s strategic and financial goals. To find out more about each level of due diligence, contact CRI Group HERE!

Who is CRI Group?

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider.

We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 37301:2021 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification.

ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. Contact ABAC® for more on ISO Certification and training.

5 Procurement risks: your lack of due diligence can lead harm

Procurement risks: your lack of due diligence can lead to harm

Procurement risks: lack of due diligence can lead to harm. Procurement is one of the most critical areas of any organisation, large or small. Procurement officers secure the materials and goods that a business needs to be productive and successful. They do so while ensuring the best possible price, quality, delivery efficiency, and other important considerations.

Unfortunately, due to the very nature of dealing with third-party suppliers/vendors, procurement also requires a high level of risk management. As many high-profile cases have shown, supply-line problems can cause financial and reputational damage, sometimes on a grand scale.

The infamous horse meat scandal in the UK presents a classic scenario of the damage from risky third-party associations. Widely known international corporations, including Burger King and others, were forced to cut ties with a meat supplier after facing financial and reputational harm from the news that some of the supplier’s products were tainted with horseflesh.

The revelations of tainted meat resulted in international news headlines, waves of criticism from consumers and food products pulled from shelves and freezers in response to the uproar. As damaging as it was, the crisis helped illustrate why due diligence is becoming more important as supply chains expand and become more complex, especially among international organisations.

The following are some priorities every organisation should have to minimise risk in the procurement process:

Risk #1 – Know who your suppliers are

Due diligence is as vital in procurement as in any other business area; in some cases, more so. Third-Party Risk Management (3PRM™) services help organisations proactively mitigate risks from third-party affiliations, protecting organisations from liability, brand damage, and harm to the business. As part of this service, experts check supplier backgrounds to verify their financial viability, quality control, compliance standards and – most importantly – any prior legal or criminal action. Taking this step before you engage with a supplier or vendor can save some severe headaches down the road.

VIEW 3PRMTM BROCHURE

VIEW DUEDILIGENCE360TM BROCHURE

 

Risk #2 – Consider your organisation’s reputation

The horsemeat scandal showed how quickly and drastically it can damage a well-respected organisation’s reputation and brand. Your procurement team should know that while the bottom line is essential, nothing is more critical than protecting the image and brand of the company. Cutting due diligence corners to secure the lowest price is not only unwise – it should be strictly against company policy.

Risk #3 – Find sustainable lines of supply

Seek out suppliers with long, successful backgrounds in their business. Find companies that are economically sound and socially conscious, using fair labour practices and promoting sustainable resources. It harmed the organisation when it discovered that a supplier was using child labour or other unethical or illegal methods to produce their goods. Implement a code of conduct with expectations for your contractors, suppliers and vendors, and review them regularly to ensure they follow your guidelines.

Risk #4 – Have backup suppliers in place

What happens when your primary vendor is suddenly out of compliance? Or folds up completely? If your production chain grinds to a halt, the damage can be severe and lasting to both your organisation’s financial and reputational health. Ensure your procurement team has conducted due diligence on backup suppliers that you can turn to in a crisis. Spending a little more to keep the production lines open will be a small price to pay compared to seeing your business come to a standstill.

Risk #5 – Conduct a thorough risk assessment

Any organisation that hasn’t prepared a risk assessment of its procurement process should immediately do so. How else will you know what red flags or gaps make your organisation susceptible to fraud, waste, risk to reputation, or all of the above? Third-party risk management experts can help you develop and put in place an effective third-party risk assessment plan that keeps your organisation protected and minimises your exposure to unseen or unknown trouble spots.

Every organisation needs a successful and efficient procurement process. It also needs to be safe from the inherent risks with connections to third parties, including suppliers, vendors and contractors. When it comes to procurement, let CRI Group help you put proper risk management processes in place so you don’t have to worry about your supply chain putting you in tomorrow’s headlines.

 

Who is CRI Group?

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider.

We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 19600:2014 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification.

ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s international team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.