Mark Your Calendars for the GOV HR Summit this October 9th & 10th!
We are thrilled to announce …
Read MoreThe Global Business Climate is Changing. So Are Your Third-Party Partners
The current business climate requires a review and reassessment of your organization’s third-party relationships. The global pandemic is rattling economies worldwide, disrupting supply chains, interrupting production, wreaking havoc on industry sectors and shuttering businesses.
It’s highly probable that, at some point, organizations that affiliate with outside providers will eventually have to deal with any number of operational interruptions resulting from a third-party related issue. And while the risks involved in partnering with outsiders haven’t changed over time, the potential level of liability has been ratcheted up several notches.
International Borders have been ripped down. Technology has improved the way businesses communicate. Easy access to data and information enables the media to report on business news before a business can adequately respond. Consequently, the markets quickly react based on this 24/7 on-demand news cycle.
The result of this increased liability can be highly problematic:
- Business litigation has skyrocketed.
- Due to the fallout from the current global pandemic, corporate reputations are negatively impacted.
- Risk management frameworks are continually evolving to acclimate to changing business environments.
- Board members are becoming increasingly subjected to intense scrutiny from outside critics.
THE CHALLENGE: A highly educated market responds immediately with their pocketbooks
- Organizations suffer financial loss as the supply chain falters and loses customers because of poor-quality service from a third party.
- Company data systems are exposed and breached because of poor security practices by third parties.
- Companies are experiencing supply chain issues due to poor disaster recovery procedures by third parties.
- Organizations are increasingly being exposed to litigation because of relationships with an outside provider that significantly violated contractual terms, potentially resulting in regulatory exposure.
THE OUTCOMES: Identifying Red Flags
- Inadequate Compliance Framework
- Human Rights Violations
- Environmental Negative Impact
- Inadequate Governance Policies
- Undisclosed third-party transactions
- Material misrepresentations or omissions
- Unreported financial liabilities
- Criminal or regulatory sanctions
- Prior bribe or corruption allegations
- Undisclosed legal or bankruptcy proceedings
- Politically Exposed Persons (PEPs)
THE SOLUTION: Qualify Your Partners. Protect Your Organization
Corporate Research and Investigations Limited (CRI Group™) is pleased to announce the rollout of its 3PRM-Certified™ a third-party certification program, specifically designed for organizations across the Middle East, Europe and Asian regions. CRI Group’s 3PRM-Certified™ Risk Management Program Presents an Effective Strategy to Vet Outside Partnerships.
This highly specialized Third-Party Risk Management assessment and certification program was developed to help organizations accurately determine the legal compliance, financial viability, and integrity levels of outside partners, suppliers, and customers who seek to affiliate with and represent your business.
CRI Group’s 3PRM-Certified™ third-party risk management strategy can safeguard your organization against:
- Business Interruption;
- Brand Damage;
- Corporate Liability; and
- Director Liability.
The 3PRM-Certified™ program consists of gap analysis investigative due diligence on targeted third-party partners, suppliers and agents seeking to affiliate with your organization. This comprehensive program can reveal any Anti-Corruption, Compliance and Risk Management deficiencies associated with the international regulatory framework. The International Standards Organization ISO achieves another milestone to launch ISO 37000:2021 Governance of organizations, ISO 37002:2021 Whistleblowing Management systems in-line with ISO 37301 Compliance Management Systems to demonstrate effective corporate compliance and Environmental, Social, and Governance.
CRI Group™ employs a network of locally qualified, subject-specific auditors, investigators, certified fraud examiners and industry-specific professionals across the Middle East, European and Asian regions who can provide expert counsel in offering 3PRM-Certified™ strategies as an effective preemptive measure.
3PRM™ Gap Analysis can also be combined with a accredited certification by CRI Group’s independent certification body “ABAC™ Center of Excellence Limited” for the scope of:
- ISO 37000:2021 Governance of organizations;
- ISO 37002:2021 Whistleblowing Management Systems;
- ISO 37301 Compliance Management Systems; and
- ISO 37001 Anti-Bribery Management System certification to demonstrate effective corporate compliance and Environmental, Social, and Governance.
Has your organization adequately vetted its third-party relationships lately? Contact CRI Group™ to learn more about our 3PRM-Certified™ third-party risk management strategy program and discover a practical and proactive approach to mitigating the risks associated with corruption, bribery, financial crimes and other dangerous threats posed by third-party partnerships. We invite you to schedule a quick appointment with us to discuss you third-party risk management strategy needs.
Let’s Talk!
Don’t leave TPRM to chance. Take a proactive stance with the highest level of TPRM as a part of your essential corporate strategy. Contact us today to learn more about our full range of services to help your organization stay protected.
Who is CRI Group™?
Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.
In 2016, CRI Group™ launched the Anti-Bribery Anti-Corruption (ABAC™) Center of Excellence – an independent certification body that provides education and certification services for individuals and organisations on a wide range of disciplines and ISO standards, including ISO 31000:2018 Risk Management- Guidelines; ISO 37000:2021 Governance of Organisations; ISO 37002:2021 Whistleblowing Management System; ISO 37301:2021 (formerly ISO 19600) Compliance Management system (CMS); Anti-Money Laundering (AML); and ISO 37001:2016 Anti-Bribery Management Systems ABMS. ABAC™ offers a complete suite of solutions designed to help organisations mitigate the internal and external risks associated with operating in multi-jurisdiction and multi-cultural environments while assisting in developing frameworks for strategic compliance programs. Contact ABAC™ for more on ISO Certification and training.
Meet the CEO
Zafar I. Anjum is Group Chief Executive Officer of CRI Group™ (www.crigroup.com), a global supplier of investigative, forensic accounting, business due to diligence and employee background screening services for some of the world’s leading business organizations. Headquartered in London (with a significant presence throughout the region) and licensed by the Dubai International Financial Centre-DIFC, the Qatar Financial Center – QFC, and the Abu Dhabi Global Market-ADGM, CRI Group™ safeguard businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. Based in London, CRI Group™ maintains offices in UAE, Pakistan, Qatar, Singapore, Malaysia, Brazil, China, Turkey and the USA.
Contact CRI Group™ to learn more about its 3PRM-Certified™ third-party risk management strategy program and discover an effective and proactive approach to mitigating the risks associated with corruption, bribery, financial crimes and other dangerous risks posed by third-party partnerships.
CONTACT INFORMATION
Zafar Anjum, MSc, MS, CFE, CII, MICA, Int. Dip. (Fin. Crime) | CRI® Group Chief Executive Officer
37th Floor, 1 Canada Square, Canary Wharf, London, E14 5AA United Kingdom
t: +44 207 8681415 | m: +44 7588 454959 | e: zanjum@crigroup.com
2021 CPI Overview is Out Now!
The newly published Transparency International’s Corruption Perception Index (CPI 2021) is out. This year’s Corruption Perceptions Index (CPI) reveals that corruption levels are at a worldwide standstill. The CPI ranks 180 countries and territories around the world by their perceived levels of public sector corruption. The results are given on a scale of 0 (highly corrupt) to 100 (very clean). This year, the global average remains unchanged for the tenth year in a row, at just 43 out of a possible 100 points. Despite multiple commitments, 131 countries have made no significant progress against corruption in the last decade. Two-thirds of countries score below 50, indicating that they have serious corruption problems, while 27 countries are at their lowest score ever. That proves the need to implement more stringent anti-bribery anti-corruption measures worldwide. In this article, we discuss solutions to tackle bribery in these regions.
What’s Happening Around the World?
At the top of the CPI, countries in Western Europe and the European Union continue to wrestle with transparency and accountability in their response to COVID-19, threatening the region’s clean image. In parts of Asia Pacific, the Americas, Eastern Europe and Central Asia, increasing restrictions on accountability measures and basic civil freedoms allow corruption to go unchecked. Even historically high-performing countries are showing signs of decline.
In the Middle East and North Africa, the interests of a powerful few continue to dominate the political and private sphere, and the limitations placed on civil and political freedoms are blocking any significant progress. In Sub-Saharan Africa, armed conflict, violent transitions of power and increasing terrorist threats combined with poor enforcement of anti-corruption commitments rob citizens of their basic rights and services. Download the 2021 Transparency International Corruption Perception Index and compare with last years (2020) corruption wins, scandals and predictions for each region (Asia Pacific, the Middle East and Pakistan).
Trouble at the Top, COVID-19 and Human Rights
The current business climate requires a review and reassessment of your organization’s third-party relationships. The global pandemic is rattling economies worldwide, disrupting supply chains, interrupting production, wreaking havoc on industry sectors and shuttering businesses.
It’s highly probable that, at some point, organizations that affiliate with outside providers will eventually have to deal with any number of operational interruptions resulting from a third-party related issue. And while the risks involved in partnering with outsiders haven’t changed over time, the potential level of liability has been ratcheted up several notches.
International Borders have been ripped down. Technology has improved the way businesses communicate. Easy access to data and information enables the media to report on business news before a business can adequately respond. Consequently, the markets quickly react based on this 24/7 on-demand news cycle.
The result of this increased liability can be highly problematic:
- Business litigation has skyrocketed.
- Due to the fallout from the current global pandemic, corporate reputations are negatively impacted.
- Risk management frameworks are continually evolving to acclimate to changing business environments.
- Board members are becoming increasingly subjected to intense scrutiny from outside critics.
THE CHALLENGE: A highly educated market responds immediately with their pocketbooks
- Organizations suffer financial loss as the supply chain falters and loses customers because of poor-quality service from a third party.
- Company data systems are exposed and breached because of poor security practices by third parties.
- Companies are experiencing supply chain issues due to poor disaster recovery procedures by third parties.
- Organizations are increasingly being exposed to litigation because of relationships with an outside provider that significantly violated contractual terms, potentially resulting in regulatory exposure.
THE OUTCOMES: Identifying Red Flags
- Inadequate Compliance Framework
- Human Rights Violations
- Environmental Negative Impact
- Inadequate Governance Policies
- Undisclosed third-party transactions
- Material misrepresentations or omissions
- Unreported financial liabilities
- Criminal or regulatory sanctions
- Prior bribe or corruption allegations
- Undisclosed legal or bankruptcy proceedings
- Politically Exposed Persons (PEPs)
THE SOLUTION: Qualify Your Partners. Protect Your Organisation
Corporate Research and Investigations Limited (CRI Group™) is pleased to announce the rollout of its 3PRM-Certified™ a third-party certification program, specifically designed for organisations across the Middle East, Europe and Asian regions. CRI Group’s 3PRM-Certified™ Risk Management Program Presents an Effective Strategy to Vet Outside Partnerships.
This highly specialised Third-Party Risk Management assessment and certification program was developed to help organisations accurately determine the legal compliance, financial viability, and integrity levels of outside partners, suppliers, and customers who seek to affiliate with and represent your business.
CRI Group’s 3PRM-Certified™ third-party risk management strategy can safeguard your organisation against:
- Business Interruption;
- Brand Damage;
- Corporate Liability; and
- Director Liability.
The 3PRM-Certified™ program consists of gap analysis investigative due diligence on targeted third-party partners, suppliers and agents seeking to affiliate with your organisation. This comprehensive program can reveal any Anti-Corruption, Compliance and Risk Management deficiencies associated with the international regulatory framework. The International Standards Organisation ISO achieves another milestone to launch ISO 37000:2021 Governance of organisations, ISO 37002:2021 Whistleblowing Management systems in-line with ISO 37301 Compliance Management Systems to demonstrate effective corporate compliance and Environmental, Social, and Governance.
CRI® Group employs a network of locally qualified, subject-specific auditors, investigators, certified fraud examiners and industry-specific professionals across the Middle East, European and Asian regions who can provide expert counsel in offering 3PRM-Certified™ strategies as an effective preemptive measure.
3PRM™ Gap Analysis can also be combined with a accredited certification by CRI® Group’s independent certification body “ABAC™ Center of Excellence Limited” for the scope of:
- ISO 37000:2021 Governance of organisations;
- ISO 37002:2021 Whistleblowing Management Systems;
- ISO 37301 Compliance Management Systems; and
- ISO 37001 Anti-Bribery Management System certification to demonstrate effective corporate compliance and Environmental, Social, and Governance.
Has your organisation adequately vetted its third-party relationships lately? Contact CRI® Group to learn more about our 3PRM-Certified™ third-party risk management strategy program and discover a practical and proactive approach to mitigating the risks associated with corruption, bribery, financial crimes and other dangerous threats posed by third-party partnerships. We invite you to schedule a quick appointment with us to discuss you third-party risk management strategy needs.
Let’s Talk!
Don’t leave TPRM to chance. Take a proactive stance with the highest level of TPRM as a part of your essential corporate strategy. Contact us today to learn more about our full range of services to help your organisation stay protected.
Who is CRI Group™?
Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.
In 2016, CRI Group™ launched Anti-Bribery Anti-Corruption (ABAC™) Center of Excellence – an independent certification body that provides education and certification services for individuals and organisations on a wide range of disciplines and ISO standards, including ISO 31000:2018 Risk Management- Guidelines; ISO 37000:2021 Governance of Organisations; ISO 37002:2021 Whistleblowing Management System; ISO 37301:2021 (formerly ISO 19600) Compliance Management system (CMS); Anti-Money Laundering (AML); and ISO 37001:2016 Anti-Bribery Management Systems ABMS. ABAC™ offers a complete suite of solutions designed to help organisations mitigate the internal and external risks associated with operating in multi-jurisdiction and multi-cultural environments while assisting in developing frameworks for strategic compliance programs. Contact ABAC™ for more on ISO Certification and training.
Financial Crime Policies and Procedures: examples of Good and Poor Practice
The principal catalyst of economic crime (also known as financial crime) is monetary gain. However, economic crime has a devasting effect on individuals and communities. When associated with organised crime and terrorist financing, it threatens laws, democratic processes, and fundamental human freedoms, impoverishing states and distorting free trade and competition.
Not a victimless crime
Because of the well-publicised financial scandals that marked the aftermath of the tech bubble in 2002 and the housing bubble in 2008, most recently, the 2018 Patisserie Valerie scandal, which was once considered a merely poor business practice (i.e. widespread reckless investment) is now considered criminal. We saw how the vast losses associated with these high-level financial fraud scandals undermined social-security systems and destabilised economic systems. Today there is a growing consensus on the need to improve the global framework for fighting financial crime and regain the public’s trust. And financial crime prevention policies and procedures are critical.
Walk the walk with a robust code of conduct
The failure of self-regulation by most companies involved in the scandals only highlighted how important organisations have prevention policies and procedures in place. These policies fall under the “Ethical Code of Conduct” A code of conduct sets the standards for how an organisation ought to behave and guides its workforce in the decision-making. A robust Code of Conduct and other internal rules and guidelines serve as the foundation for a successful free of fraud organisation. Read more on “Ethical code of conduct and what should be covered?”
By having a robust code of conduct, organisations can demonstrate their commitment to complying with all applicable laws and regulations. With a well-established set of global policies, the organisation can achieve robust and consistent compliance standards. Rather than assume that ethical rules “go without saying,” every organisation should spell out what they expect of their employees when it comes to ethical behaviour. At CRI Group™, we counsel business leaders that every organisation should have a written, carefully considered ethical code of conduct as part of their fraud prevention strategy. CRI Group’s Certification program through the ABAC™ Center of Excellence includes developing an ethical code of conduct as part of clients’ training and development phase.
CONTACT CRI™ FOR MORE INFORMATION
Successful Organisations Adopt a Risk-Based Approach when Doing Business
A company must have up-to-date policies and procedures appropriate to its business. These policies should provide a uniform set of risk management principles and mandatory standards. These should be readily accessible, effective and understood by all relevant workforce.
Self-assessment questions:
- How often are your organisation’s policies and procedures reviewed, and at what level of seniority?
- How does it mitigate the financial crime risks it identifies?
- What steps does the organisation take to ensure that relevant policies and procedures reflect new risks or external events? How quickly are any necessary changes made?
- What steps does the organisation take to ensure that staff understand its policies and procedures?
- How do you ensure that policies and procedures are disseminated and applied throughout the business?
Examples of good practice
- There is clear documentation of the company’s approach to complying with its legal and regulatory requirements concerning financial crime;
- Policies and procedures are regularly reviewed and updated; and
- Internal audit or another independent party monitors the effectiveness of policies, procedures, systems and controls.
Examples of poor practice
- No written policies and procedures;
- Does not tailor externally produced policies and procedures to suit its business;
- Takes inadequate steps to communicate policies and procedures to relevant staff;
- Fails to review policies and procedures in light of events;
- Fails to check whether policies and practices are applied consistently and effectively; and
- Has not considered whether its policies and practices are consistent with its obligations under legislation that forbids discrimination.
An Investigative Study Into Causal Factors of the Perpetration of Transnational Financial Crimes
As the global impact of transnational financial crime increases to unprecedented levels, attention has turned to the need to fully understand the motivations that lead to the perpetration of such crimes. CRI® Group has recently published an ebook that provides insightful looks into today’s issues at the forefront of fraud and corruption. They range from deep dives into the U.S., U.K. and other anti-fraud and anti-corruption laws worldwide to close examinations of actual fraud cases that hold lessons for all of us. This ebook provides an in-depth study of transnational financial crimes and the national laws and regulations. Laws in the U.S. and the U.K., in particular, are compared and examined in terms of effectiveness in preventing financial crimes. The comparative study focuses on corporate fraud. “The Catalysts for Economic Crime” pursues the question of how weaknesses in national laws can be considered “a core causal factor in the perpetration of transnational financial crimes.” We invite you to download this ebook and increase your knowledge of fraud, corruption, proper compliance, risk assessments, due diligence, etc.
Download your FREE “The Catalysts for Economic Crime” ebook here!
At CRI® Group, we are always ready to assist you to effectively manage your organisation in an efficient and risk-free manner that best suits your needs. Our experience base, skilled workforce, technical resources, networking capabilities, internal flexibility and global offices maximise our solution efficacy. Explore our broad range of risk management solutions for your business.
CRI Group’s investigators and Certified Fraud Examiners understand fraud patterns and are trained to recognise the elements of fraud characteristics and where they might come into play at any organisation. Through this knowledge, we can help you uncover the trail of fraud and help bring about a quick and successful resolution.
Having global coverage, CRI™ works directly with the key personnel to lead and conduct fraud investigations, including, if needed, your internal board of directors, audit committee, ethics and compliance officers, general and in-house counsel, corporate security, human resources, and C-level executives.
VIEW OUR RISK MANAGEMENT SOLUTIONS BROCHURE
Fraud Prevention Strategy: Build One in Five Simple Steps
Fraud Prevention Strategy: The 5 Simple Steps
A fraud prevention strategy is one of the key policies that can aid an organization in safeguarding itself against reprimands of the matter. One of the greatest encounters a fraud auditor can confront is the mission of persuading management that the peril of fraud exists across all aspects of corporate culture – regardless of whether it is from internal factors or external factors. Fraud cannot ever be eradicated from the corporation as collusion is adept in continually conquering routine organizational regulations.
What is the strategy?
The objective of a Fraud Prevention Strategy is to identify a high-level proposal on how an organization should implement its fraud prevention policy in the presence of its internal and external influences. The strategy forms the most important part of the fraud deterrence strategy; thus, the policy an organization chooses to implement must be straightforward and pragmatic.
Combating fraud requires a distinct and refreshing methodology that entails including all three facets of the fraud cycle:
- Fraud deterrence and prevention
- Fraud detection
- Fraud investigation
Preferably, with the fraud cycle in mind, every enterprise ought to put together a distinctly specified fraud prevention strategy that integrates the following:
- Determine the proper culture with the proposed policy: having protocols and policies in place for dealing with fraud will help you establish a good grounding for identifying it.
- Counteract and detect: To detect fraud, you need to have effective systems and processes in place covering all aspects of your business.
- Investigation of any occurrences in which fraud occurs.
- Review and monitor policies and occasions in which fraud has transpired regularly to ensure that fraud levels stay below the goal amount.
- Learn from previous occurrences and update training procedures.
- Risk management covers all types of risk, from corporate and social responsibility compliance to performance measurement.
To learn more about third-party risk management, why not check out our 3PRM brochure.
What should be established in a fraud prevention strategy:
1. Whistleblowing policy
Whistleblowing is the act of exposing information about misconduct in the workplace and is a crucial element in any prevention strategy. When whistle-blower hotlines are implemented and sustained correctly, they can substantially decrease an organization’s exposure to fraud by permitting for prior detection and thus savings in the form of reduced fraud losses from the prior detection.
2. Identify the risks:
The risk of fraud is not solely based on an employee’s background but also a myriad of other factors. Most notably, it is important to be able to identify risks by nature of items (some examples include size and value, ease of resale and cash), nature of the control environment (including separation of duties, safeguards, complexity, turnover and related party transactions) and pressures ( i.e., level of dissatisfaction – if the workforce is unhappy with the company, they will be more inclined to engage in fraud, expectations and guarantees). Identifying these risks is the first step in figuring out how to counteract them, thus preventing fraud.
3. Implement effective controls:
When it comes to implementation, organizations need to ensure that they complete the action plan and then refer it to an appropriate person – in most instances. This is from HR and other figures in leadership to management of employees. It is then up to the subordinates to assist them with implementing the strategy, reviewing the strategy, or delegating it to the employees.
Most policies implement:
- Making employees aware of emergency procedures
- Making employees aware of the location of first aid stations
- Educating employees on the location and obvious danger and workplace hazards
- Examine health and safety workplace responsibilities; wear the necessary protective clothing or equipment, participate and have input to management report incidents or mishaps as considered essential by management.
4. Increase awareness of the risks:
It must not be presumed that staff members have an innate perception of the risks of fraud or that they have any understanding of the scope of risks that encircle them. This means that it is incredibly important to stimulate a risk-conscious culture within an organization.
Some examples of methods to increase such awareness include:
- Performing risk audits and engaging as many individuals as possible in the organization in the risk auditing procedure
- Benchmarking – studying “best practices” from other organizations that have executed risk management.
- Sending organization personnel to attend industry seminars on fraud prevention as well as risk management
5. Plan for the worst:
It might sound pessimistic, but it is always best to prepare yourself and your employees for the worst-case scenario. Unfortunately, as hard as we try to minimize fraud, it cannot, be fully eradicated. If it appears too good to be true, it most likely is. It is good practice to meticulously probe all agreements, prospects, transactions, data and documents.
Want to know more about recruiting the right people for your organization? Visit our page on Background Screening services or view our EmploySmart brochure.
Crucial components that a proper fraud prevention strategy accomplishes:
It is easy to infer that fraud can leak into all aspects of corporate culture and can destroy an organization from within. Despite this issue, several organizations opt not to implement a fraud prevention strategy – it is primarily implied that this is ascribed to the absence of knowledge circulating on the benefits of such a strategy. However, the rewards reaped from this type of policy is beneficial to corporations eventually and can reap the rewards such as:
- Lower consequential loss pertaining to fraud
- Lesser/no legal and investigative costs relating to fraud
- Lesser/no regulatory fines paid in the occurrence of fraud
- Better time management can be used to enrich employees’ knowledge and experience at the organization.
- Reduced insurance premiums
- Lower turnover of key staff and customers
- The lessened cost of/capability to increase new finance
Overall, the process of preventing fraud can be an extensive one, but one whose benefits outweigh the onerous course. Protect your organization from liability, business interruption and brand damage by partnering with the CRI® Group. Our 3PRM solution address various specific areas, including:
- Third-Party Integrity Due Diligence & Screening: ensures global compliance, provides adequate monitoring & protection against potential litigation;
- 3PRM Enhanced Background Checks: uncovers derogatory information within the public & private record resources through risk-based background checks, including investigative research into suppliers & individuals, ultimate-beneficial owners;
- ISO 37001 Anti-Bribery Management System: CRI® Group’s independent and accredited Certification Body can examine your Anti-Bribery & Anti-Corruption procedures & issue an accredited Certification; and
- ISO 37301 Compliance Management System: CRI® Group’s independent certification body helps companies worldwide to increase & measure their efforts against regulatory compliance risks.
If you still have any questions surrounding fraud prevention, why not contact CRI®? Our experts have years of experience and have been trained to provide your business with bespoke advice that fits your organizations’ needs.
Don’t hesitate to prevent fraud in your workplace today.
About us…
Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS102000:2013 and BS7858:2019 Certifications is an HRO certified provider and partner with Oracle.
In 2016, CRI Group™ launched the Anti-Bribery Anti-Corruption (ABAC™) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC™ operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organizations. Contact ABAC™ for more on ISO Certification and training.
Risk Assessment Breakdown: Identification, Analysis, and Evaluation
Risk management is a full-time, ongoing endeavour for organisations in today’s business world, and it poses constant challenges. Unfortunately, fraud, bribery and corruption are major factors affecting businesses and agencies of all sizes and industries. Being proactive against these risks can mean the difference between success and ruin. Whatever your reasons or motivations might be, if your organisation’s objective is to have an effective risk assessment management strategy in place. This article discusses the importance of Risk Assessment. There are two important building blocks that form the core of risk management:
- Risk assessment
- Risk treatment
Each of these stages can stand on their own – in this article we will go into detail about best practices for identifying risks, how to analyse them in terms of probability and severity, and how they can be evaluated in terms of the company’s risk appetite.
What is Risk Assessment?
Risk assessment is the overall process of identification, analysis and evaluation of any given risk. It can be a systematic examination of a task, job or process that a risk professional carries out at work for the purpose of identifying significant hazards. For example, the risk of someone being harmed and deciding what further control measures to take to reduce the risk to an acceptable level. The process will vary between organisations, but it should start with identification of hazards, analysis of who and what might be harmed, evaluation of the risk, documentation of the risks, taking action and review. Your organisation should conduct a risk assessment systematically, interactively and collaboratively, drawing on the knowledge and views of stakeholders. It should use the best available information, supplemented by a further inquiry as necessary.
Risk assessment breaks down into:
- Step 1: Identification
- Step 2: Analysis
- Step 3: Evaluation
Business Intelligence (BI) Solutions can help during this stage. BI take many shapes and forms in today’s complex business environment. Budgets are stretched and the challenges facing a business and its employees can sometimes lead to issues that start off small, but then lead to wider spread problems which can affect the very fabric of your organisation and damage both your credibility, reputation and bottom line profits. CRI Group™ takes two approaches to BI solutions:
- Intelligence operations (via market research and analysis): we focus on researching the future and potential growth of your business – i.e. determine the commercial viability and potential for success in the market, analyse consumer behaviour and business trends in that market, etc.
- Investigative operations (via commercial investigations): we focus on the current status of your business – i.e. location of assets, financial information, identification of unmet needs of any market, gauge brand awareness and identity in the market, etc.)
CHECK OUT OUR BI SOLUTIONS or DOWNLOAD BROCHURE
Risk Identification
The purpose of risk identification is to find, recognise and describe risks that might help or prevent an organisation achieving its objectives. Relevant, appropriate and up-to-date information is important in identifying risks. The organisation can use a range of techniques for identifying uncertainties that may affect one or more objectives. The following factors, and the relationship between these factors, should be considered:
- Tangible and intangible sources of risk;
- Causes and events;
- Threats and opportunities;
- Vulnerabilities and capabilities;
- Changes in the external and internal context;
- Indicators of emerging risks;
- The nature and value of assets and resources;
- Consequences and their impact on objectives;
- Limitations of knowledge and reliability of information;
- Time-related factors;
- Biases, assumptions and beliefs of those involved.
Your organisation should identify risks, whether or not your sources are under your control. Consideration should be given that there may be more than one type of outcome, which may result in a variety of tangible or intangible consequences.
Risk Analysis
Risk analysis allows you to understand the nature of risk, its characteristics and level. Because an event can have multiple causes and consequences and can affect multiple objectives a risk analysis should involve a detailed consideration of uncertainties such as risk sources, consequences, likelihood, events, scenarios, controls and their effectiveness.
Risk analysis can be undertaken with varying degrees of detail and complexity, depending on the purpose of the analysis, the availability and reliability of the information, and the resources available. Analysis techniques can be qualitative, quantitative or a combination of both, depending on the circumstances and intended use. Risk analysis should consider factors such as:
- The likelihood of events and consequences;
- The nature and magnitude of consequences;
- Complexity and connectivity;
- Time-related factors and volatility;
- The effectiveness of existing controls;
- Sensitivity and confidence levels.
A risk analysis is likely to be influenced by a wide range of variables, from any divergence of opinions, biases to perceptions of risk, from judgements, quality of the information used to the assumptions and exclusions made and any limitations of the techniques and how they are executed. These influences should be considered any risk analysis, documented and communicated to any decision-makers involved in the process.
It is important to remember that any highly uncertain event can be difficult to quantify, and this is an issue. If you find yourself in such a situation, using a combination of techniques generally provides greater insight. Risk analysis provides input to risk evaluation, to decisions on whether risk needs to be treated and how, and on the most appropriate risk treatment strategy and methods. The results provide insight for decisions, where choices are being made, and the options involve different types and levels of risk.
Risk Evaluation
Risk evaluation can support your decisions. Risk evaluation involves comparing the results of the risk analysis with the established risk criteria to determine where additional action is required. This can lead to a decision to:
- Do nothing further;
- Consider risk treatment options;
- Undertake further analysis to better understand the risk;
- Maintain existing controls;
- Reconsider objectives.
Any decisions should take into account the wider context and the actual and perceived consequences to external and internal stakeholders. The outcome of risk evaluation should be recorded, communicated and then validated at appropriate levels of the organisation.
Who should do Risk Assessments?
Well, by law, every employer must conduct risk assessments. Risk assessments should always be carried out by a professional who is familiar to risk, a person who is experienced and competent to do so. Competence can be expressed as a combination of knowledge, awareness, training, and experience. Remember competence does not mean you have to know everything about everything, competence also means knowing when you know enough or when you should call in further expert help.
But we all like to think that all of our employees will be trustworthy, but this is not always the case. There have been many instances in which an employee has been dishonest about their job history, qualifications or even criminal history. A dishonest employee could be unqualified for the position, possibly endangering others on the job. Or they might be a fraud risk, willing to bend the truth in other ways in order to enrich or advance themselves on your dime. No organisation can afford to have employees or staff who aren’t what they claim to be. Even a seemingly innocent embellishment can indicate more background problems under the surface, and the potential for future problems down the road so remember, trust your employees but, verify them too.
CHECK OUT OUR EMPLOYEE BACKGROUND SCREENING SOLUTIONS or DOWNLOAD BROCHURE
Risk Assessment and ISO 31000 Certification with ABAC™
While the team at CRI® do not deliver any training or certification on ISO 31000, our partner ABAC™ Center of Excellence do. ISO 31000 can provide the principles, framework and a process for managing risk. ISO 31000 is not a certifiable standard; the standard is a set of guidelines which provide guidance for internal or external audit programmes. However we recommend taking ISO 31000 Awareness training, this will enable you to fully understand Risk Management activities and mitigate risk.
ISO 31000 was developed by hundreds of experts in risk mitigation, from thirty countries. This international effort produced a standard that is worldwide and represents best practices and leading operations for risk management. Organisations can trust that they are following a tested, robust standard to increase success. The standard converts risk management into a set of “friendly” and actionable – and straightforward to implement – guidelines, regardless of the size, nature, or location of a business.
The training helps establish an ethical culture by educating your personnel on the following:
- What constitutes fraud, corruption, and bribery, and why these are so damaging to business
- How to identify red flags of fraud, corruption, and bribery
- The process for reporting fraudulent and unethical acts
- The organization’s zero-tolerance attitude toward unethical behaviour and willingness to terminate employees for breaches, and prosecute unethical acts
- The serious ramifications for committing fraud or bribery, the legal consequences, and the negative impact on one’s career
The ISO certifications helps us at ABAC™ to provide appropriate anti-bribery training to personnel across various industries. This standard helps to assess bribery risks, perform the appropriate due diligence required for your business and to take reasonable and proportionate steps to ensure that controlled organizations and business associates have implemented appropriate anti-bribery controls.
> Find out more about ISO 31000 Risk Management and other standards now!
Other Solutions
While CRI™ may not offer the ISO certification, we do offer other services. We specialise in solutions regarding compliance, working as trusted partners to businesses and institutions across the globe. Our experts work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates. CRI’s unique identity and vision evolved from our fundamental desire to support our clients and their candidates, thus creating the DueDiligence360™.
The DueDiligence360TM reports to help organisations comply with anti-money laundering, anti-bribery, and anti-corruption regulations. This service also proves beneficial ahead of a merger, acquisition, or joint venture as it can be used for a third-party risk assessment, onboarding decision-making, and identifying beneficial ownership structures. Identifying key risk issues clearly and concisely helps enhance your knowledge and understanding of the customer, supplier, and third-party risk, helping you avoid those involved with financial crime.
Why not consider our background investigative solutions? Employee Background Checks can aid in reducing the risk of hiring an employee who does not live up to their supposed skill set and could cause irrevocable damage. Firms spend years, thousands, even millions to brand their products and services – it only takes one bad hire to cause loss of capital and reputation. It can go as far as bringing a business to fail – especially if the employee holds malice towards the organisation. EmploySmart™ is CRI’s own solution aiming to expose vulnerabilities and threats within your organisation. Much like the ISO certification, our EmploySmart™ is a risk management measure which can be used to significantly reduce business and financial crime, fraud and malpractice within your workplace.
Our solutions are also certified by the British Standard Institute BSI for the scope of BS 7858:2019 Screening of individuals working in a secure environment, Code of practice (the only BS 7858 certified background screening services provider in the UAE and across the Middle East); and BS 102000:2018 Code of practice for the provision of investigative services.
Another risk management solution to consider from CRI® is our Third-Party Risk Management solution (TPRM), also known as 3PRM™. In wake of the global pandemic, the 3PRM™ was developed in a bid to aid organisations to accurately determine the legal compliance, financial viability, and integrity levels of external parties, vendors, and customers who seek to be affiliated with and represent the business.
The 3PRM-Certified™ program consists of gap analysis and investigative due diligence on the targeted above parties. This highly thorough program reveals anti-corruption, compliance and risk management discrepancies associated with the international regulatory framework helping your business to flourish at any scale. Find out more about CRI Group’s Solutions here.
If you’re unsure of what solution may be best for you and your business, how about connecting with one of our experts for a free consultation? Receive tailored advice from the top analysts and investigators across the globe.
About CRI Group™
Based in London, CRI™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.
In 2016, CRI™ launched Anti-Bribery Anti-Corruption (ABAC™) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC™ operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI® Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC™ for more on ISO Certification and training.
Inadequate Due Diligence Hit Space-Transport SPAC Momentus $8 Million SEC Fine
Inadequate Due Diligence Hit SPAC Momentus $8 Million SEC Fine
Inadequate due diligence hit SPAC Momentus $8 million SEC fine after misleading investors. The Securities and Exchange Commission (SEC) has charged the Momentus particular purpose acquisition company (SPAC), its sponsor SRC-NI, the sponsor’s CEO Brian Kabot, the company, and founder Mikhail Kokorich – which involved in a $1.2 billion space-transport SPAC for defrauding investors and obscuring the CEO’s status as a US national security risk.
The Fraud Claimed
The SPAC, Stable Road Acquisition Corp, had sought to merge with Momentus, a private start-up, to take it public. Momentus’s key offering was a “microwave electro-thermal water plasma thruster,” a way of zapping water vapour to propel a spacecraft, intending to transport satellites into space.
But Momentus’s propulsion tech failed to show results, according to SEC filings. A test mission fell well short of the company’s benchmarks, and a former Momentus employee said that the test yielded “no data to suggest that that thruster would deliver an impulse of any commercial significance.”
According to the SEC’s settled order, Kokorich and Momentus, an early-stage space transportation company, repeatedly told investors that it had “successfully tested” its propulsion technology in space when, in fact, the company’s only in-space test had failed to achieve its primary mission objectives or demonstrate the technology’s commercial viability.
The order finds that Momentus and Kokorich also misrepresented the extent to which national security concerns involving Kokorich undermined Momentus’s ability to secure required governmental licenses essential to its operations.
Join our mailing list and get exclusive industrial insights for subscriber-only!
The Compliance Issue: Inadequate Due Diligence
The SEC’s settled order finds that Stable Road repeated Momentus’s misleading statements in public filings associated with the proposed merger and failed its due diligence obligations to investors.
According to the order, while Stable Road claimed to have conducted extensive due diligence of Momentus, it never reviewed Momentus’s in-space test results or received sufficient documents relevant to assessing the national security risks posed by Kokorich.
The order finds that Kabot participated in Stable Road’s inadequate due diligence and filed its inaccurate registration statements and proxy solicitations. The SEC’s complaint against Kokorich includes factual allegations that are consistent with the findings in the order.
“This case illustrates risks inherent to SPAC transactions, as those who stand to earn significant profits from a SPAC merger may conduct inadequate due diligence and mislead investors. Stable Road, a SPAC, and its merger target, Momentus, both misled the investing public. The fact that Momentus lied to Stable Road does not absolve Stable Road of its failure to undertake adequate due diligence to protect shareholders. Today’s actions will prevent the wrongdoers from benefitting at the expense of investors and help to better align the incentives of parties to a SPAC transaction with those of investors relying on truthful information to make investment decisions.
SEC Chair Gary Gensler
The Litigation Against Momentus, Stable Road, and Kabot
Associate Director of the SEC’s Division of Enforcement, Anita B, mentioned in her statement that Momentus’s former CEO alleged to have engaged in fraud by misrepresenting the viability of the company’s technology and his status as a national security threat, inducing shareholders to approve a merger in which he stood to obtain shares worth upwards of $200 million.
The SEC’s order finds that Momentus violated scienter-based antifraud provisions of the federal securities laws and caused sure of Stable Road’s violations. It also considers that Stable Road violated negligence-based antifraud provisions of the US federal securities laws as well as specific reporting and proxy solicitation provisions.
The order finds that Kabot violated provisions of the federal securities laws related to proxy solicitations. Kabot and SRC-NI caused Stable Road’s violation of Section 17(a)(3) of the Securities Act of 1933. Without admitting or denying the SEC’s findings, Momentus, Stable Road, Kabot, and SRC-NI consented to an order requiring them to cease from future violations. Momentus, Stable Road, and Kabot will pay civil penalties of $7 million, $1 million, and $40,000, respectively.
Inadequate due diligence hit SPAC Momentus $8 million SEC fine. Source: US Securities and Exchange Commission
What do you actually know about the integrity of the 3rd party and their way of doing business? Do they adhere to (inter)national regulations on anti-bribery and anti-corruption? Is it possible that there is a liability risk?
Due diligence on potential business partners when adding a new vendor or even hiring a new employee is vital to confirm the legitimacy and reduce the risks associated with such professional relationships. Global integrity DueDiligence360TM investigations provide your business with the critical information it needs in making sound decisions regarding mergers and acquisitions, strategic partnerships, and the selection of vendors, suppliers, and employees. It will ensure that working with an, i.e. potential trade partner will ultimately achieve your organisation’s strategic and financial goals.
At CRI Group, we specialise in Integrity Due Diligence, working as trusted partners to businesses and institutions worldwide. Our people work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates. CRI’s unique identity and vision evolved from our fundamental desire to support our clients and their candidates. Safeguard your business and its integrity with DueDiligence360™.
Our DueDiligence360™ expose vulnerabilities and threats that can cause serious damage to your organisation and can significantly reduce business. CRI Group is trusted by the world’s largest corporations and consultancies – outsource your due diligence to an experienced provider, and you will only ever have to look forward, never back.
CRI Group investigators employ a proven, multi-faceted research approach that involves a global array of databases, courts and public record searches, local contacts, industry and media resources, and in-depth web-based research. Our resources include:
|
|
Protect your reputation and the risk of financial damage and regulator action using our detailed reports. They enhance your knowledge and understanding of the customer, supplier, and third-party risk, helping you avoid those involved with financial crime.
DueDiligence360™ from CRI Group™
WHAT DO YOU ACTUALLY KNOW ABOUT THE INTEGRITY OF THE PARTY & THEIR WAY OF DOING BUSINESS? DOES OR DID THIS PARTY ADHERE TO (INTER)NATIONAL REGULATIONS ON ANTI-CORRUPTION & ANTI-BRIBERY? IS IT POSSIBLE THAT THERE IS A LIABILITY RISK?
At CRI Group™ , we specialise in Integrity Due Diligence, working as trusted partners to businesses and institutions across the world. Our people work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates.
CRI’s unique identity and vision evolved from our fundamental desire to support our clients and their candidates. Safeguard your business and its integrity with DueDiligence360™.
Our DueDiligence360™ expose vulnerabilities and threats that can cause serious damage to your organisation and can significantly reduce business. CRI Group™ is trusted by the world’s largest corporations and consultancies – outsource your due diligence to an experienced provider and you will only ever have to look forward, never back. Clients who partner with us benefit from our:
Expertise
CRI Group™ has one of the largest, most experienced and best-trained integrity due diligence teams in the world.
Global scope
Our multi-lingual teams have conducted assignments on thousands of subjects in over 80 countries, and we’re committed to maintaining and constantly evolving our global network.
Flexibility
Our DueDiligence360TM service is flexible and can apply different levels of scrutiny to the subjects of our assignments, according to client needs and the nature of the project.
John Wood Group to Pay $177 Million to Settle Bribery Charges Inherited Through its Merger
John Wood Group Bribery Probe Trace Back to its Merger with Amec Foster Wheeler Plc.
John Wood Group Plc has agreed to pay $177 million to settle the UK led bribery and corruption probe into a British engineering firm it acquired in 2017. The settlement is part of a so-called deferred prosecution agreement with the Serious Fraud Office and the US Department of Justice concerning Amec Foster Wheeler Plc.
The UK agreement is still subject to court approval. As part of the deal, the company can avoid prosecution for three years if it cooperates in the continuing bribery probe. Wood Group’s payment is one of the largest ever obtained in the UK led bribery and corruption case. The biggest was a $1.2 billion settlement with Airbus SE that also involved the US and French authorities.
In 2017, the SFO opened an investigation into Amec’s use of third parties to gain contracts, just weeks after Shareholders approved wood Group’s proposed acquisition. The DOJ said the probe concerned a scheme to pay bribes to officials in Brazil for a $190 million contract to design a gas-to-chemicals complex.
As part of the deal announced, at least $10.1 million will settle charges brought by the US Securities and Exchange Commission. The DOJ said it would get about $18.4 million to resolve its criminal charges in the Brazil bribery probe. Amounts to be paid to the UK and Brazil are yet to be made public.
Wood Group announced that it was close to a settlement. It originally said it expected a deal for $186 million, with about $60 million paid in the first half of 2021 and the rest over three years. The company also agreed to pay $10 million to Scottish authorities earlier this year to settle the case.
“The investigations brought to light unacceptable, albeit historical, behaviour that I condemn in the strongest terms,” Wood Group Chief Executive Officer Robin Watson said in a statement. “Although we inherited these issues through acquisition, we took full responsibility in addressing them, as any responsible business would.”
The company has “cooperated fully with the authorities” and “taken steps to improve further our ethics and compliance program from an already strong foundation,” Watson said. “I’m pleased that, subject to final court approval in the UK, we have been able to resolve these issues and can now look to the future.”
The agreement comes amid criticism of the SFO and its inability to prosecute individuals after securing settlements with companies. Earlier this year, the SFO dropped its probe into former Airbus directors and was dealt a humiliating setback after its trial against two former Serco Group Plc directors fell apart because it failed to disclose evidence.
In May 2021, the SFO opened one of its biggest investigations into suspected fraud and money laundering concerning GFG Alliance and its financing agreements with Greensill Capital. It was after months of intense pressure from lawmakers to investigate Sanjeev Gupta’s empire.
John Wood Group bribery probe.
Source: Financial Crimes News
Join our mailing list and get exclusive industrial insights for subscriber-only!
The Importance of Due Diligence in Merger and Acquisition to Avoid a Similar Incident Happened like in John Wood Group.
Due diligence is understood as the reasonable steps taken to satisfy legal requirements in the conduct of business relations. That allows you to reduce risks – including risks arising from the FCPA (Foreign Corrupt Practices Act) and the UKBA (UK Bribery Act), to make informed decisions and to pursue takeovers or mergers with more confidence.
Unlike other kinds of control (audits, market analysis, etc.), it must be completely independent and rely as little on information provided by the researched subject. The other important difference lies in the methodology: commercial or financial due diligence analyses available information, investigative type provides reliable and pertinent, but raw, information.
Due diligence on potential business partners when adding a new vendor or hiring a new employee is vital to confirm the legitimacy and reduce the risks associated with such professional relationships. Global integrity due diligence investigations provides your business with the critical information it needs to make sound decisions regarding mergers and acquisitions, strategic partnerships, and the selection of vendors, suppliers, and employees.
It will ensure that working with an, i.e. potential trade partner will ultimately achieve your organisation’s strategic and financial goals. CRI Group investigators employ a proven, multi-faceted research approach that involves a global array of databases, courts and public record searches, local contacts, industry and media resources, and in-depth web-based research. Our resources include:
-
International business verification
-
Individual business interest search
-
Personal profile on individual subjects
-
Company profile on corporate entities
-
Historical ownership analysis
-
Identification of subsidiaries & connected parties
-
Global/national criminality & regulatory records checks
-
Politically Exposed Person database
-
International digital media research
-
Company background analysis
-
Industry reputational assessment
-
FCPA, UK Anti-Bribery & corruption risk databases
-
Global terrorism checks
-
Global financial regulatory authorities checks
-
Money laundering risk database
-
Financial reports
-
Asset tracing
-
Country-specific databases that include litigation checks, law enforcement agencies & capital market regulators
DueDiligence360™ from CRI Group™
WHAT DO YOU ACTUALLY KNOW ABOUT THE INTEGRITY OF THE PARTY & THEIR WAY OF DOING BUSINESS? DOES OR DID THIS PARTY ADHERE TO (INTER)NATIONAL REGULATIONS ON ANTI-CORRUPTION & ANTI-BRIBERY? IS IT POSSIBLE THAT THERE IS A LIABILITY RISK?
At CRI Group™, we specialise in Integrity Due Diligence, working as trusted partners to businesses and institutions across the world. Our people work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates.
CRI’s unique identity and vision evolved from our fundamental desire to support our clients and their candidates. Safeguard your business and its integrity with DueDiligence360™.
Our DueDiligence360™ expose vulnerabilities and threats that can cause serious damage to your organisation and can significantly reduce business. CRI Group is trusted by the world’s largest corporations and consultancies – outsource your due diligence to an experienced provider and you will only ever have to look forward, never back. Clients who partner with us benefit from our:
Expertise
CRI Group™ has one of the largest, most experienced and best-trained integrity due diligence teams in the world.
Global scope
Our multi-lingual teams have conducted assignments on thousands of subjects in over 80 countries, and we’re committed to maintaining and constantly evolving our global network.
Flexibility
Our DueDiligence360TM service is flexible and can apply different levels of scrutiny to the subjects of our assignments, according to client needs and the nature of the project.
DueDiligence360™ from CRI Group™
WHAT DO YOU ACTUALLY KNOW ABOUT THE INTEGRITY OF THE PARTY & THEIR WAY OF DOING BUSINESS? DOES OR DID THIS PARTY ADHERE TO (INTER)NATIONAL REGULATIONS ON ANTI-CORRUPTION & ANTI-BRIBERY? IS IT POSSIBLE THAT THERE IS A LIABILITY RISK?
At CRI Group™, we specialise in Integrity Due Diligence, working as trusted partners to businesses and institutions across the world. Our people work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates.
CRI’s unique identity and vision evolved from our fundamental desire to support our clients and their candidates. Safeguard your business and its integrity with DueDiligence360™.
Our DueDiligence360™ expose vulnerabilities and threats that can cause serious damage to your organisation and can significantly reduce business. CRI Group is trusted by the world’s largest corporations and consultancies – outsource your due diligence to an experienced provider and you will only ever have to look forward, never back. Clients who partner with us benefit from our:
Expertise
CRI Group™ has one of the largest, most experienced and best-trained integrity due diligence teams in the world.
Global scope
Our multi-lingual teams have conducted assignments on thousands of subjects in over 80 countries, and we’re committed to maintaining and constantly evolving our global network.
Flexibility
Our DueDiligence360TM service is flexible and can apply different levels of scrutiny to the subjects of our assignments, according to client needs and the nature of the project.
Procurement Risks: The 5 common Risks Every Organisation Needs to Know!
Procurement Risks: Your Lack of Due Diligence can Lead to Harm
Procurement risks: lack of due diligence can lead to harm. Procurement is one of the most critical areas of any organisation, large or small. Procurement officers secure the materials and goods that a business needs to be productive and successful. They ensure the best possible price, quality, delivery efficiency, and other important considerations.
Unfortunately, due to the very nature of dealing with third-party suppliers/vendors, procurement also requires an elevated level of risk management. As many high-profile cases have shown, supply-line problems can cause financial and reputational damage, sometimes on a grand scale.
The infamous horse meat scandal in the UK presents a classic scenario of the damage from risky third-party associations. Widely known international corporations, including Burger King and others, were forced to cut ties with a meat supplier after facing financial and reputational harm from the news that some of the supplier’s products were tainted with horseflesh.
The revelations of tainted meat resulted in international news headlines, waves of criticism from consumers and food products pulled from shelves and freezers in response to the uproar. As damaging as it was, the crisis helped illustrate why due diligence became more important as supply chains expanded and became more complex, especially among international organisations.
The procurement risks: How to minimise them?
The following are some priorities every organisation should have to minimise procurement risks in their procuring process:
Risk #1 – Know who your suppliers are
Due diligence is as vital in procurement as in any other business area, in some cases, more so. Third-Party Risk Management (3PRM™) services help organisations proactively mitigate risks from third-party affiliations, protecting organisations from liability, brand damage, and harm to the business. As part of this service, experts check supplier backgrounds to verify their financial viability, quality control, compliance standards and – most importantly – any prior legal or criminal action. Taking this step before you engage with a supplier or vendor can save some severe headaches down the road. Get our 3PRMTM and DueDiligence360TM brochures to learn more about our tailored investigative solutions.
Risk #2 – Consider your organisation’s reputation
The horsemeat scandal showed how quickly and drastically it can damage a well-respected organisation’s reputation and brand. Your procurement team should know that while the bottom line is essential, nothing is more critical than protecting the image and brand of the company. Cutting due diligence corners to secure the lowest price is not only unwise – it should be strictly against company policy.
Risk #3 – Find sustainable lines of supply
Seek out suppliers with long, successful backgrounds in their business. Find economically sound and socially conscious companies, using fair labour practices and promoting sustainable resources. It harmed the organisation when it discovered that a supplier was using child labour or other unethical or illegal methods to produce their goods. Implement a code of conduct with expectations for your contractors, suppliers and vendors, and review them regularly to ensure they follow your guidelines.
Risk #4 – Have backup suppliers in place
What happens when your primary vendor is suddenly out of compliance? Or folds up completely? If your production chain grinds to a halt, the damage can be severe and lasting to your organisation’s financial and reputational health. Ensure your procurement team has conducted due diligence on backup suppliers that you can turn to in a crisis. Spending a little more to keep the production lines open will be a small price to pay compared to seeing your business come to a standstill.
Risk #5 – Conduct a thorough risk assessment
Any organisation that hasn’t prepared a risk assessment of its procurement process should immediately do so. How else will you know what red flags or gaps make your organisation susceptible to fraud, waste, risk to reputation, or all of the above? Third-party risk management experts can help you develop and put in place an effective third-party risk assessment plan that keeps your organisation protected and minimises your exposure to unseen or unknown trouble spots.
Every organisation needs a successful and efficient procurement process. It also needs to be safe from the inherent risks with connections to third parties, including suppliers, vendors and contractors. When it comes to procurement, let CRI Group™ help you put proper risk management processes in place so you don’t have to worry about your supply chain putting you in tomorrow’s headlines.
Who is CRI Group™?
Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider.
We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.
BS 7858:2019 | The New Way to Mitigate Employee Risk During COVID-19
BS 7858:2019 Standard: A New Way to Mitigate Employee Risk During COVID-19
BS 7858:2019 Standard is the revised standard for screening individuals working in secure environments. The far-reaching impact of the COVID-19 outbreak has affected virtually every business and economic sector worldwide. Depending on the global region, the far-reaching implications have hampered (on various levels) the ability to conduct proper and thorough background screening investigations.
In the United Kingdom and the United Arab Emirates, the countrywide lockdowns forced leaders to close sites and send their workforce home. Many have to learn how to manged people working from home (WFH) or remotely for the first time. The previous concerns about productivity, privacy and protecting sensitive information only grew more with the practice of WFH.
They highlighted the vital importance of pre-employment background screening and background investigations. BS 7858:2019 Standard for screening individuals working in secure environments offers a complete solution.
Unfortunately, conducting such investigations in a reliable and timely manner has brought its struggles. The closure of public information sources has dramatically impacted accessing public records to verify previous employment, education and criminal charges.
Drug screening tests have been delayed or postponed until such companies are permitted to reopen their doors for business. On the applicant side, it’s been widely reported that individuals are concerned (and rightly so) about participating in face-to-face interviews. Applicants are concerned with leaving their homes to do a drug test and, ultimately, returning to a work environment that may or may not appear healthy, protected and safe.
Recruitment Fraud and How BS 7858:2019 Standard Provide the Solutions
Investigators themselves have hesitations about venturing into the field to complete their assignments, which may require a high degree of boots-on-the-ground research and in-person interaction in many countries. Fortunately, the background screening industry is resilient.
It is steadily working around these obstacles to ensure that workplaces are safeguarded, workers, customers and property are protected, and sensitive information doesn’t fall into rogue hands. This is particularly important in those sectors that rely heavily on vetting personnel working in secure environments responsible for people, property, data and critical systems.
It’s important for the mere fact that a trending increase in recruitment fraud is creating additional challenges for already over-burdened employers. Last year recruitment fraud cost £23 billion in the UK alone.
The BS7858:2019 Standard
The recent update of the BS7858:2019 standard, “Screening of Individuals Working in a Secure Environment – Code of Practice,” emphasizes the risk assessment of secure environment workers. The code focuses on the need for tighter controls over the pre-employment screening – and periodic re-screening – of individuals, who in their positions, could potentially benefit from illicit personal gain, become compromised, or take advantage of other opportunities for creating breaches of confidentiality, trust or safety.
Written by the British Standards Institute, which is recognized as the UK’s national standards body, BS7858:2019 lays out the scope of “obtaining personal background information to enable organizations to make an informed decision, based on risk, on employing an individual in a secure environment.”
Those workers include business owners, directors, partners, silent partners and shareholders holding more than 10% of the business; managers, area managers, department managers, screening managers and staff; installers and service crew; security personnel; and office supervisors and staff with access to customer and system records.
The amended guidelines of the standard put the onus on the organization’s top management to demonstrate that they are focused on the aspects of the business where the most risk lies and the particular personnel roles involved within those risks areas.
This is particularly important because, as the standard states, the “organization retains ultimate responsibility for an outsourced screening process and is required to review the completed screening file.” Risks assessment includes examining certain roles that involve financial tasks, data security, goods management, property risks or any number of “people risks” such as roles with direct access to vulnerable adults and children.
To that end, management ensures that the organization has proper and adequate resources and infrastructure to manage the adequate vetting of high-risk personnel. Management is tasked with the response and that there is a firm commitment at the top level to manage and support the coordination required to execute the screening process.
Finally, management is tasked with ensuring that such responsibilities are appropriately assigned and communicated throughout the organization. The guideline also eliminates its original text in 2012, a requirement to produce character references as part of the screening process. This decision was based on the supposition that such references are now deemed potentially weak and difficult to verify.
Price of a Bad Hire
The price of a bad hire has far-reaching consequences for any business, including productivity loss, decreased employee morale, risks to employee safety, increased exposure to costly negligent hiring claims, and potentially devastating litigation. The premise behind the standard is to safeguard employers from harmful or fraudulent hires. Cases of organizations that forego conducting due diligence on a new hire – especially a hire with high-risk exposure – often end badly for those organizations.
The revised BS7858:2019 standard enables organizations to demonstrate a commitment to safeguarding their businesses, employees, customers and information utilizing widely accepted methods that focus on risk assessment and top-down management involvement in the company’s employment policies and practices. In establishing standards and practices, organizations can show that they place a high value on hiring individuals who possess integrity. Organizations can then task them with responsibilities designed to keep their co-workers, customers and information safe from the negative forces that have become more prevalent in today’s ever-changing COVID-19 world.
Playbook | Everything About BS 7858:2019 Standard
The price of a bad hire has far-reaching consequences for any business, including productivity loss, decreased employee morale, risks to employee safety, increased exposure to costly negligent hiring claims, and potentially devastating litigation. The premise behind the standard is to safeguard employers from bad or fraudulent hires. Cases of organizations that forego conducting due diligence on a new hire – especially a hire with high-risk exposure – often end badly for those organizations.
At CRI® Group, we know how important is your background screening to your company’s success and to give you an idea of what is new, we have produced this playbook detailing the differences between the BS7858:2012 standard and the new BS7858:2019 standard.
Managing People through COVID-19
The COVID-19 pandemic is undeniable, affecting the world. And the situation is changing at an hourly rate as we go into a second global lockdown. Businesses have to adapt quickly to survive, i.e. cutting steps in their hiring process, and no one knows how this will play out. However, there are ways you can mitigate the impact, learn how from this free ebook.
Taken as a whole, this ebook is the perfect primer for any HR professional, business leader and company looking to avoid employee background screening risks. It provides the tools and knowledge needed to stay ahead of COVID-19 effectively. Read the answers to the following questions:
- Does a candidate have to give consent to process a background check/screening?
- How long does it take to conduct a background check?
- When should I conduct pre-employment checks?
- How often should I screen employees?
- How to collect references, and what to ask?
- How much does it cost to conduct background checks?
- What is the difference between employment history verification and employment reference?
FAQ E-Book | All About Background Checks
The price of a bad hire has far-reaching consequences for any business, including productivity loss, Get answers to frequently asked questions about background checks/screening cost, guidelines, check references etc.
Taken as a whole, it is the perfect primer for any HR professional, business leader and company looking to avoid employee background screening risks. It provides the tools and knowledge needed to make the right decisions. This eBook is a compilation of all of the background screening related questions you ever needed answers to:
- Does a candidate have to give consent to process a background check/screening?
- How long does it take to conduct a background check?
- When should I conduct pre-employment checks?
- How often should I screen employees?
- How to collect references, and what to ask?
- How much does it cost to conduct background checks?
- What is the difference between employment history verification and employment reference?
- How do I check on entitlement to work?
- How to conduct identity checks?
- What will a financial regulatory check show?
- Is it possible to identify conflict of interest during checks?
- What is a bankruptcy check?
- What about directorships and shareholding search?
- Can I have access to a criminal watch list?
- Anti-money laundering check?
- Can we conduct FACIS (fraud and abuse control information system) searches?
CRI Group™ | BS7984:2008 Accredited Company
Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS102000:2013 and BS7858:2019 Certifications is an HRO certified provider and partner with Oracle.
Q&A: Corporate Fraud & Corruption in the UK 2021
The United Kingdom scores 77 out of 100 on Transparency International’s (TI) 2020 Corruption Perceptions Index (CPI), as is one of the 25 least corrupt countries across the globe. However, it all seems great on the surface as corporate fraud and corruption cases have been noticeable in various industries across the UK. TI reports that corrupt actors enjoy their illicit gains by “buying luxury property in the world’s most sought-after cities, like London”. Based on the article “CPI 2020: Trouble in the top 25 countries”, “While the UK (77) is the first G20 country to launch a public register of beneficial ownership, a loophole in the law allows foreign companies to purchase real estate anonymously. This is particularly problematic as research shows that over 75 per cent of properties subject to criminal investigations between 2004 and 2015 used offshore anonymous companies to hide their owners’ identities. The UK government committed to closing this loophole by introducing a register of beneficial ownership for property, but it has yet to be implemented. The necessary legislation has been subject to significant delays. In the meantime, rich businesspeople linked to autocratic regimes are allegedly purchasing property via shell companies, such as billionaire and daughter of former President of Angola, Isabel de Santos.”
To discuss the situation of corporate fraud and corruption, CRI Group™ and its ABAC™ Center of Excellence were invited to share the expert views in the special InDepth Feature by Financier Worldwide “Corporate fraud and corruption 2021”. In this edition, CRI Group’s CEO Zafar Anjum and ABAC®’s Scheme Manager Huma Khalid talk about how corporate fraud and corruption affect businesses not only in the UK, but across the globe, and provide solutions and insights for businesses to become better protected from corporate fraud, bribery and corruption. Read on the answers to the below questions:
- To what extent have you seen a notable rise in the level of corporate fraud, bribery and corruption uncovered in your country of focus?
- Have there been any legal and regulatory changes implemented in your country of focus designed to combat fraud and corruption? What penalties do companies face for failure to comply?
- In your opinion, do regulators in your region have sufficient resources to enforce the law in this area? Are they making inroads?
- If a company finds itself subject to a government investigation or dawn raid, how should it respond?
- What role are whistleblowers playing in the fight against corporate fraud and corruption? How important is it to train staff to identify and report potentially fraudulent activity?
- What advice can you offer to companies on conducting an internal investigation to follow up on suspicions of fraud or corruption?
- What general steps can companies take to proactively prevent corruption and fraud within their organisation?
Q: To what extent have you seen a notable rise in the level of corporate fraud, bribery and corruption uncovered in your country of focus?
A: The COVID-19 pandemic has created increased opportunities for fraud worldwide. The UK is not immune, unfortunately, and such a disruptive event as the pandemic increases the likelihood that normal safeguards and risk management controls can be bypassed and subverted. There has been an increase in reported fraud and corruption cases over the past year. A survey of fraud experts by the Association of Certified Fraud Examiners (ACFE) in August 2020 showed that 77 percent were seeing an increase in fraud. Perhaps not surprisingly, cyber fraud is the fastest-growing problem area, but there has also been an uptick in unemployment fraud. This is bad news in the UK, where fraud is our most common crime, costing the country £190bn annually, according to the Royal United Services Institute (RUSI).
Q: Have there been any legal and regulatory changes implemented in your country of focus designed to combat fraud and corruption? What penalties do companies face for failure to comply?
A: There is proposed legislation, supported by the secretary of state of the UK’s Department of Business, Energy and Industrial Strategy, that would increase accountability for corporations that produce falsified financial statements. This includes a provision that would require company directors to personally sign off on their corporation’s financial statements, under penalty of fines and possible prison time. Under the Sarbanes-Oxley Act in the US, the penalty for falsely certifying such statements is steep: up to 20 years in prison and up to $5m in fines, and the UK is looking at similar measures to step up its fight against fraud and corruption. The UK also recently approved the formation of an audit, reporting and governance authority (ARGA) that should come into force within the next two or three years. Accordingly, the UK is taking a stronger stance against fraud going forward.
Q: In your opinion, do regulators in your region have sufficient resources to enforce the law in this area? Are they making inroads?
A: Combatting fraud is never straightforward. When looking at progress in detecting and preventing fraud, it sometimes feels like a question of whether the glass is half full or half empty. For example, the Serious Fraud Office (SFO) brought 13 fraud defendants to trial in 2019 and 2020, with a 95 percent four-year success rate by case. Many of these represent large frauds, and they are meaningful wins, but how many more fraudsters are out there undiscovered? Other bodies, including Her Majesty’s Revenue and Customs (HMRC), among others, also have key roles to play in investigating fraud, but a considerable amount of fraud is still investigated and prosecuted at the local level. It is important for leaders in the UK to know what resources law enforcement have and where they need training and support in the fight against fraud.
Q: If a company finds itself subject to a government investigation or dawn raid, how should it respond?
A: Any investigation, and especially a raid, can be an incredibly stressful time for a company and its employees. The important thing is to not panic – the investigators have a job to do, and the sooner they get to the truth of the situation, the better for everyone. Companies should direct their management and their employees to cooperate fully, while also engaging legal counsel to properly protect the corporation from future litigation. If fraud is detected, it is a criminal matter and the company should make a good faith effort to work with prosecutors and regulators, while making sure to document all control measures and prior steps taken to manage fraud risk. Having a track record of meeting compliance requirements and having proper internal controls in place at the time fraud occurs could have a mitigating effect in terms of potential prosecution and penalties down the road. View the reprint of the interview, covering not only the UK but also the United Arab Emirates.
Q: What role are whistleblowers playing in the fight against corporate fraud and corruption? How important is it to train staff to identify and report potentially fraudulent activity?
A: Employees are a company’s first line of defence against fraud and corruption. But training them to recognise the red flags of fraud is only half of the process. The company must also implement a reporting system that is anonymous and easy to use, so that employees are encouraged to report any suspicions. Then, the company must follow through and fully investigate any reports that do come in. If they do not, whistleblowers will believe that combatting fraud and corruption is not a corporate priority, and the tips will stop coming in. How important are those tips? According to the ACFE, they are by far the highest detection method for fraud, well above audits and other means. The company should communicate that a whistleblower hotline or online reporting system is available, and that there is a zero-tolerance policy for any type of retaliation against whistleblowers. Over time, the tips will come in.
Q: What advice can you offer to companies on conducting an internal investigation to follow up on suspicions of fraud or corruption?
A: Investigations can be challenging, and they require expertise. For example, there are rules for collecting and handling evidence, including physical evidence and witness statements, that must be followed for such evidence to be admissible in court. There are also laws in the UK dealing with privacy and the rights of the accused. The bottom line is that a company already dealing with a potentially costly and damaging fraud scenario should not risk adding more legal trouble through a faulty investigation. Hire experts who deal with corporate crime and specialise in fraud and corruption cases. Like any other area of expertise, they will have the knowledge and resources to help proceed with an investigation and lead it to the most favourable outcome for your company. If you already have anti-fraud professionals on staff, let them take the lead, but provide outside resources as needed.
Q: What general steps can companies take to proactively prevent corruption and fraud within their organisation?
A: A fraud prevention strategy has many different elements, and the sooner companies implement them, the sooner they can begin to work together in a proactive way to prevent fraud. Mandating employee training, such as ISO 37001 ABMS, having an ethical code of conduct signed by every member of staff, providing regular and surprise audits, and implementing a fraud reporting system are all effective ways to help prevent and detect fraud and corruption. None of these methods is strong enough on its own to properly protect organisations. But together, they can be very effective. It is also important to set a ‘tone at the top’, from ownership, directors and management on down, that fraud will not be tolerated. Anti-fraud controls only work if the company sees them through and thoroughly investigates every report. When fraud is confirmed, any perpetrators should be terminated and potentially prosecuted, sending a message of zero-tolerance.
Find out more about the ISO 37001 training
CONTACT INFORMATION
Zafar Anjum, MSc, MS, CFE, CII, MICA, Int. Dip. (Fin. Crime) | CRI Group™ Chief Executive Officer
37th Floor, 1 Canada Square, Canary Wharf, London, E14 5AA United Kingdom
t: +44 207 8681415 | m: +44 7588 454959 | e: zanjum@crigroup.com
Source & Credits
The original version of the Q&A was published on Financier Worldwide’s InDepth Feature: Corporate Fraud & Corruption 2021. Download the reprint here.
CONTACT US
Headquarter: +44 7588 454959
Local: +971 800 274552
Email: info@crigroup.com
Headquarter: 454959 7588 44
Local: 274552 800 971
Email: info@crigroup.com
NEWSLETTER SUBSCRIPTION