GDPR vs. UK-GDPR; the laws Post Brexit

The General Data Protection Regulation (GDPR) is a regulation in EU law that was implemented on the 25th of May 2018 and concentrates on data protection and confidentiality in the European Union and the European Economic Area; alongside this, the GDPR is also used to address the transmission of personal data outside the EU and EEA areas. The EU Commission announced on 28 June 2021 that adequacy judgments for the UK have been passed, so what does that mean for the GDPR rules?

The Brexit transition phase concluded on the 31st of December 2020 and as a component of the new trade agreement, the EU has come to an agreement to postpone the transmission limitations for at least four months, which can then be stretched out to six months (recognised as the bridge). The European Commission published its draft decisions on the 19th of February 2021  regarding the UK’s adequacy under the EU’s General Data Protection Regulation (EU GDPR) and Law Enforcement Directive (LED). In both cases, the European Commission has found the UK to be adequate which implies that much of the data can resume the stream from the EU and the EEA devoid of the need for supplementary precautions. Nevertheless, it is vital to take note of the fundamental reality that the adequacy decisions do not cover data conveyed to the UK for the principles of immigration control, or where the UK immigration immunity is appropriate. For this nature of data, distinct regulations are employed, and the EEA dispatcher wants to set other transfer safeguards in place. September 2021 saw WhatsApp being handed the second highest fine under EU GDPR (General Data Protection Regulation) rules and the biggest fine ever from the Irish Data Protection Commission due to their lack of understanding towards the new GDPR laws – had they done their due diligence, they may have been able to avert such a hefty fine. Our Due diligence 360° services provide the specialised intelligence needed by global financial institutions and multinational corporations to guarantee complete compliance with anti-money laundering (AML) regulations and legislations.

Find out more about compliance below or download our free brochure.

FIND OUT MORE or DOWNLOAD THE BROCHURE

The draft decisions will at this point be deemed by the European Data Protection Board (EDPB) and a committee of the 27 EU Member Governments.  If the committee accepts the draft decisions, then the European Commission can formally adopt them as legal adequacy decisions.  If adequacy decisions are not implemented at the end of the bridge and allocations from the European Economic Area (EEA) to the UK will require compliance with EU GDPR transfer constraints.

What is the UK-GDPR?

The United Kingdom General Data Protection Regulation (UK-GDPR) is the UK’s national data privacy law that is the proxy for the EU’s GDPR after Brexit; it is fundamentally the equivalent to the EU’s GDPR but altered to accommodate national regions of regulation. The UK-GDPR will regulate personal data and demand the same legal grounds for managing personal data.

The GDPR is indeed still retained in domestic law as the UK GDPR, although the UK has the freedom to maintain the framework under evaluation. The ‘UK GDPR’ as it’s known as, rests adjacent to a revised edition of the DPA 2018. It is also essential to note that the fundamental ethics, constitutional rights, and responsibilities remain as they were but that there are connotations for the regulations on transmissions of individual data between the UK and the EEA.

The UK GDPR also pertains to regulators and processors established out of the UK if their managing pursuits correlate to:

  • presenting commodities or services to persons in the UK; or
  • supervising the conduct of persons taking place in the UK.

Similarly, there are also outcomes for UK regulators who have an institution in the EEA, have consumers in the EEA, or observe individuals in the EEA. The EU GDPR still pertains to this handling as data can still flow freely from the EEA because the EU have adopted adequacy decisions about the UK, but the European data protection mandates has altered the way you can interact. CRI® Group’s own exclusive, expert-developed 3PRM™ services help you proactively mitigate risks from third-party affiliations, protecting your organisation from liability, brand damage, and harm to the business. Whether your organisation has a large, well-established third-party program, is in the early stages of development, or is anywhere in between, the 3PRM™ solution can improve the health of your program and future-proof your entire business in many forms.

Find out more about 3PRM™ below or download our free brochure.

FIND OUT MORE or DOWNLOAD THE BROCHURE

Which rules apply?

Whilst the adequacy judgments stay in order, the UK GDPR is still valid and is expected to remain so until the 27th of June 2025. The EU Commission will be supervising advancements in the UK on a constant basis to guarantee that the UK will continue to deliver a comparable degree of data protection. The Commission is still able to revise, postpone, or rescind the decisions if concerns cannot be settled. EU data subjects or an EU data protection authority can also instigate a lawful dispute regarding the decisions in which the Court of Justice of the European union would then have to determine whether the UK did essentially deliver comparable security.

In the absenteeism of an EU GDPR adequacy decision, the Frozen GDPR would be valid to subjective data of the basis of if:

  • it was administered in the UK under the EU GDPR before 01 January 2021; or
  • it’s being administered in the UK on the basis of the Withdrawal Agreement

Conversely, the UK-GDPR does increase on -and diverge from- the EU GDPR in noteworthy approaches that will make modifications to the legal environment of data protection in the UK.

UK-GDPR expands and changes the European GDPR

The areas increased on by the UK-GDPR are:

  • National security
  • Intelligence services
  • Immigration

These regions, are per definition, are outside the scope of the European GDPR the three of them are deemed to be extra-national regulation from the EU devoid of powers to govern affairs of national confidence in constituent nations. Nevertheless, the UK-GDPR sets out specific concessions by which the customary welfare of personal data can be circumvented, e.g., when in matters of national security or in matters of immigration. It also applies the same requirements for collection and processing of personal data to the intelligence services. A further significant change is that the Information Commissioner, who was the leading data protection authority in the UK today, became the primary director, monitor and enforcer of the UK-GDPR.

Are you post-Brexit GDPR compliant? 

The UK-GDR would now entail your organisation’s site or application to request for the user’s approval prior to accumulating and managing data via cookies. It involves that your organisation not amassing more data than is truly mandatory and to also make it as straightforward for your users to rescind authority to the application of data as it is to give it. Transparency is key in the UK-GDPR and requires clarification of how long data is stored and how you will be processing users’ personal data.

Let’s Talk!

It’s always great to have a helping hand when it comes to compliance and risk management – especially with all the new changes expected to take place ahead of securing the integrity and morality across corporate culture. Take a proactive stance with the highest level of expertise as a part of your essential corporate strategy. Contact us today to learn more about our full range of services to help your organisation stay protected.

GET IN TOUCH

5 Reasons To Run Employee Screening

Being HR professional, we have to deal with rigorous recruitment cycles, and for this, we must meet with several candidates before closing the vacancy. Every HR person has their style of evaluating the candidates, but one thing that needs to be kept in mind before making the final hiring decision is to “Never judge a book by its cover” (Stonehouse, 2017), since at times we might overlook some critical points, perhaps due to a fancy resume or qualification. Every HR professional should consider a crucial step before taking a candidate on board: run employee screening.

According to Business Week – 16% of executive resumes contain false academic claims and/or material omissions relating to educational experience. The U.S. Department of Labor estimates that the average cost of a bad hiring decision can equal 30% of the first year’s potential earnings.If you are an HR professional and reading this article, then I can assure you that other HR professionals must be thinking, “is it worth investing additional time and money in pre-employment background screening service?” Let me tell you the key benefits that you can gain from conducting pre-employment background screening services:

1. Better Compliance: it keeps you out of legal issues

Let’s suppose one of your employees commits fraud in your company, and after investigations, you came to know that the employee did the same with previous employers. At this point, you will regret not conducting their background check, as if you had conducted their employment and criminal check, then you wouldn’t have hired them in the first place.

2. Ensures credibility when performing sensitive tasks

In addition to legal issues, some background checks can verify a candidate’s creditability in performing their on-job duties. For instance, when a candidate is being hired for the accounts department where petty cash and the company’s account handling are their primary responsibilities, their employment check may come across that his previous employment has concluded due to mishandling of accounts.

3. Safer Work Environment: keep employees and clients safe

Conducting Background checks can also convey a message throughout the company’s stakeholders, especially its clients, that all employees hired in the company have gone through rigorous checks. Therefore, the data shared by the clients are in safe hands, thus increasing the overall integrity of the company and its staff.

4. Verifies education and certification

The increase in the number of fake degrees has amplified the importance of pre-employment check of educations. Therefore, all degrees and certificates of the applicant under consideration should be verified. The outcome of verification is not just about checking an applicant’s honesty but also verifying the legal status of the degrees and their issuing authorities.

5. Stronger hires, more savings: it gives an overall picture of the applicants

Apart from the interviews, pre-employment background checks can help the interviewer to make their hiring decision accordingly. For instance, candidates may have successfully cleared the interview process, but in their employment checks, the company found that they had resigned from their services after they were accused of sexual harassment by colleagues. Irrespective of how competent a candidate is for the vacancy, such red flags regarding the candidate’s behaviour can completely change the hiring decision and safeguard the company from future issues.

It is indeed worth spending extra time and money on pre-employment background screening because making a wrong hiring decision can not only increase recruitment cost and time but may also incur the cost of damage that employee has given to the company, whether in the form of litigation’s or damaging the company’s goodwill.

5 Reasons To Run Employee Screening
5 Reasons To Run Employee Screening
5 Reasons To Run Employee Screening
5 Reasons To Run Employee Screening
5 Reasons To Run Employee Screening

 

So, if your company is not conducting background screening! Think Again!

Being in HR, you might be creating liability for the company by making the wrong hiring decision. It’s never too late to correct your actions, so contact us, and we can provide our employment background screening services. As it is rightly said, I quote, “better safe than sorry” (Bateson, 2008). 

CRI Group, based in London, works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management and Due Diligence solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

References

  1. Bateson, J., 2008. Building Hope: Leadership in the Nonprofit World. United States Of America: Greenwood Publishing Group.
  2. Stonehouse, R. A., 2017. You’re Hired! Job Search Strategies That Work. 1st ed. s.l.:eBookIt.com.

 

 

CRI® Group celebrates International Anti-Corruption Day

Wednesday the 9th of December marks the International Anti-Corruption day since the passage of the United Nations Convention Against Corruption on 31st October 2003. Based on AntiCorruptionDay.org, as the world is recovering from COVID-19 pandemic, this year “the campaign for International Anti-Corruption Day will therefore focus on measures to reduce the risks of mismanagement and corruption without compromising the speed and flexibility demanded by the health crisis, while ensuring an inclusive recovery. This year’s motto “RECOVER with INTEGRITY” focuses on recovery through corruption mitigation and emphasizes that inclusive COVID-19 recovery can only be achieved with integrity.”

International Anti-Corruption Day

 

Bribery and corruption stories 2020

Even with much of the world under partial lockdown during the COVID-19 pandemic, there’s been no shortage of bribery and corruption cases. Each of these stories makes it clear that organisations must have proper controls in place to prevent bribery and corruption. ISO 37001 Anti-Bribery Management Systems standard provides a comprehensive approach to mitigating bribery and corruption risk. In no particular order, we collated some of the top bribery and corruption stories we’ve seen so far in 2020. Click here to read the full list. 

Airbus

In February, French-based Airbus agreed to pay a record $4 billion in fines for alleged bribery and corruption spanning at least 15 years. The company reached a plea bargain with prosecutors in Britain, France and the United States. According to prosecution documents, Airbus used a global network of agents or middlemen for corrupt transactions, included payouts disguised as commissions to push airplane sales.

“Fallout from the Airbus bribery scandal reverberated around the world on Monday as the head of one of its top buyers temporarily stood down and investigations were launched in countries aggrieved at being dragged into the increasingly political row.” (Reuters, 2020)

Novartis

While the investigation into suspected corruption at Novartis began seven years ago, it appears that 2020 is the year the company can finally close this damaging chapter in its history. The resolution comes at a steep cost. The Swiss-based pharmaceutical company will pay a staggering $1.3 billion in a settlement for kickbacks, bribery and price-fixing.

“The latest settlements cover two different cases. In the first, federal prosecutors claim Novartis used ‘tens of thousands of’ speaker programs and events — some entailing exorbitant meals — as disguise to provide bribes to doctors. The goal, according to prosecutors, was to encourage doctors to prescribe its drugs, including Lotrel, Valturna, Starlix, Tekturna, Tekamlo, Diovan and Exforge.” (Fierce Pharma, 2020)

Ohio House Speaker Larry Householder

While political corruption is nothing new, his constituents were nevertheless shocked when Ohio House Speaker Larry Householder was arrested, along with four alleged co-conspirators, as part of a $60 million racketeering and bribery investigation. The alleged scheme is being described as one of the biggest public corruption cases in Ohio, U.S. history.

“All the charges are tied to what federal prosecutors said was a criminal enterprise dedicated to securing a bailout for two nuclear power plants in northern Ohio owned by FirstEnergy Solutions of Akron. The bailout is expected to cost the state’s utility ratepayers $1 billion.” (Cincinnati Enquirer, 2020)

Alexion Pharmaceuticals

Charged by the SEC with violating the FCPA by bribing officials in Turkey and Russia, Alexion Pharmaceuticals will pay $21.4 million to resolve an investigation that began in 2015. The Connecticut, U.S.- based company was also accused of failing to keep accurate financial records at subsidiaries in Brazil and Colombia.

“In Turkey and Russia, Alexion paid government officials and doctors at state-connected hospitals to promote use of its blood-disease drug, Soliris. Alexion retained a consultant in Turkey from 2010 to 2015 with ties to health officials. Alexion Turkey paid the consultant over $1.3 million for ‘consulting fees and purported expense reimbursements,’ the SEC said. … In Russia, Alexion paid doctors at government hospitals over $1 million from 2011 to 2015 to increase Soliris prescriptions. … The bribery resulted in Alexion being ‘unjustly enriched’ by about $6.6 million in Turkey and $7.5 million in Russia, the SEC said.” (FCPA Blog, 2020)

> Read the full list of bribery and corruption cases in 2020

Prosecution of corruption is like a dose of painkillers. It can help with the symptoms, but it won’t solve the problem. On the other hand, the anti-bribery management system is comparable to a healthy diet. No one is excited about it but some of us are more determined to choose an apple instead of cake. International Anti-Corruption Day is the best time for organisations of all sizes and industries take steps now to ensure that they don’t end up on a future list of top bribery and corruption scandals. Earlier this year, we published a series of articles how ISO 37001 standard could be implemented into the different industries – the first part of the article focused on automotive, aviation, insurance industries, while the second edition examined how pharma and healthcare, property, IT and telecommunications, food and beverage industries might benefit from ISO 37001 certification too.

 

CRI Group’s continuous fight against bribery and corruption risks

At CRI Group we understand, that corruption and bribery affect any organisation, large or small, public or not-for-profit. It has the potential to cause severe harm to your business, including financial loss, dire legal consequences, damage to your brand, company’s reputation and sustainable development. Therefore anti-bribery needs to be managed correctly and effectively. ISO developed ISO 37001:2016 ABMS standard helps organisations promote an ethical business culture. “Designed to help your organisation implement an anti-bribery management system (ABMS), and/or enhance the controls you currently have. It helps to reduce the risk of bribery [and corruption] occurring and can demonstrate to your stakeholders that you have put in place internationally recognised good-practice anti-bribery [and anti-corruption] controls”.

The first step of demonstrating your organisation’s commitment to implementing an effective anti-bribery management system solutions is to commit to ISO 37001 solutions. In order to offer you ISO 37001 training and/or certification, CRI Group launched an Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence. ABAC® offers a complete suite of services and solutions designed to educate, equip & support the world’s leading business organisations with the latest best-in-practice risk & performance assessments, systems improvement & standards certification. ABAC® programs protect your organisation from damaging litigation & safeguard your business in the global marketplace by providing certification & training not only in ISO 37001 Anti-Bribery Management Systems but also in other internationally recognised ISO standards such as ISO 37301 Compliance Management Systemss and ISO 31000 Risk Management Systems implementation.

ABAC® offers ISO 37001 Introductory, Internal Auditor and Lead Auditor training to upskill the teams and organisations who want to show a proactive way of demonstrating your organisation’s commitment to ethical sustainability. Your employees will be able to recognise any form of corruption, and report it. Our trainers are the best in the business. They’re passionate about sharing their knowledge with you and/or your employees. ABAC® trusted experts have years of hands-on and business experience – they bring the subject matter to life with relevant and contemporary examples.

Companies should take a zero-tolerance attitude towards corruption and put policies in place covering issues such as gifts, supply chains and whistle-blowers, in order to promote a fair and just environment. In business terms, integrity pays: the world’s most ethical companies prove a clear correlation between ethical business practices and improved financial performance.

Recently, ABAC® also launched ISO 31000 Risk management e-training – even though this course is for risk management in general, ISO 31000 implementation and training give businesses a broader view of all risks associated with their organisations and how to overcome them. ISO 31000 training is focused on improving your and/or your team’s skills in implementing ISO 31000 Risk Management which will help organisations see both the positive opportunities and negative consequences associated with all types of risk, and allow for more informed, and thus more effective, decision making, namely in the allocation of resources.

> Learn more about ISO 31000 training

Expand Your Third-Party Risk Management Strategies

CRI Group is launching a third-party compliance verification and certification program – 3PRM-Certified™ – across the Middle East, Europe and the Asian region. This Third-Party Risk Management (TPRM) program can help organisations establish the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with their business.

Third-party relationships are critical in business today and include partnerships with suppliers, distributors, consultants, agents and other contractors. While such affiliations are essential to the success of your organisation, the consequences of inadequate due diligence cannot be overestimated. The risk of data breaches and supply chain disruptions continue to rise with COVID-19, so does the need for an effective TPRM program. Whether you’re a TPRM professional looking for a certification to advance your skillset, or the leader of your organisation considering how to better equip your team with the best knowledge and skills, the 3PRM-Certified™ program is an all-in solution.

Support International Anti-Corruption Day – consider ISO 37001, ISO 31000 and ISO 19600 as invaluable tools of your Third-Party Risk Management Strategy. Combined with due diligencebackground screeningbusiness intelligence and compliance solutions, ISO standard certifications and training can lift your overall risk management process and help your business mitigate risks from third-party affiliations, protecting your organisation from liability, brand damage and harm to the business.

Read more about the 3PRM-Certified™ program

 

Supporting International Anti-Corruption Day 2020

Find below CRI Group’s resources helping you to know more about bribery and corruption risk. It does not wait and can happen anytime – we encourage you to think about anti-bribery and anti-corruption not only on International Anti-Corruption Day 2020 but all year round. Explore our other resources, or sign up for risk management, compliance, anti-bribery and anti-corruption related news, solutions, events and publications in your inbox. We will be happy to hear from you if you have any questions at all – contact us today or get a quote for any anti-bribery, anti-corruption, risk or compliance management solutions through our ABAC® Center of Excellence. Explore our recourses and expert insights in the Q&A sessions now:

Q&A: Corporate Fraud and Corruption in Pakistan

Q&A: Corporate Fraud and Corruption in the UK is growing, FAST!

Q&A session with our CEO: the United Arab Emirates fighting Fraud and corruption

Prove that your business is ethical
ABAC® published the free Highest Ethical Business Assessment (HEBA) to evaluate businesses’ current Corporate Compliance Programs. Find out if your organisation’s compliance program is in the line with worldwide Compliance, Business Ethics, Anti-Bribery and Anti-Corruption Frameworks. Let ABAC® experts prepare a complimentary gap analysis – the HEBA survey is designed to evaluate your compliance with adequate procedures to prevent bribery and corruption across the organisation. This survey is monitored and evaluated by qualified ABAC® professionals with Business Ethics, Legal and Compliance background. The questions are open-ended to encourage a qualitative analysis of your Compliance Program and to facilitate the gap analysis process.

TAKE THE SURVEY HERE!

Who is CRI Group?

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

CRI® proud Official Supporter of International Fraud Awareness Week 2021

International Fraud Awareness Week, November 14-20 – and CRI® Group is once again a proud Official Supporter of this global movement. Fraud Week was created to reduce the impact of fraud and corruption by promoting anti-fraud awareness and education.

Fraud statistics

Fraud is still increasingly common. Even when it comes to hiring employees, companies must be vigilant. CRI® Group’s investigative team found that providing incorrect employment details is the most common red flag, as it was uncovered in about 4.5 per cent of background screenings. This is followed by providing incorrect education degree details as well as having adverse media (unfavourable news or online mentions), both at 2.33 per cent. Most employers would probably say that when it comes to educational background, the only thing worse than providing incorrect degree information would be outright claiming a fake degree – which occurred in nearly 2 per cent of cases.

Read more in our article “Background Screening Red flags: Numbers Don’t Lie”.

In another survey conducted by CRI® Group, which analysed how COVID-19 has impacted human resources and its functions, it was revealed that companies understand the fraud risk factor during the pandemic: nearly 77 per cent of HR professionals accept that there is a risk that employees can initiate fraudulent activity because of the work-from-home arrangement.

Also, the shocking number of survey participants highlighted that they have encountered employee fraud in their career. Luckily, most companies do conduct background screening of some type. In fact, 85 per cent do so, which is important because many companies have learned that trust can be misplaced. While an overwhelming 92 per cent said they trust their employees with confidential data, background screening can help verify that your employees aren’t hiding anything in their backgrounds that might put your company at risk.

Read more about the survey, as it provides valuable information for companies, employees, and human resources professionals and teams who serve them. It also sheds light on the critical need for increased employee background screening and data protection during a tumultuous time.

Some other stats to note (the following come from the ACFE):

  • The average fraud lasts 18 months before it is discovered. The longer a fraud lasts, the greater the financial damage (schemes that last for several years can cause hundreds of thousands of dollars).
  • The most common detection method for fraud is tips. And organisations that have reporting hotlines are much more likely to detect fraud through tips than organisations without hotlines.

All of the above indicates that the fraud issue is real and organisations must take actions to prevent the fraud risks for their organisations and even careers. For CRI® Group, the goal is to help business leaders think about fraud and corruption this week and take steps to minimise it year-round. So, what is your organisation doing for Fraud Week?

Get involved in the Internal Fraud Awareness Week

Join CRI® Group and ACFE in the fight against fraud. ACFE provides a great set of the following tools to go a step further in your role and to start discussions amongst peers, co-workers, executives and stakeholders in your community about how important fraud prevention is to society as a whole:

  • Post on social media using new badges and informative images with the tag #fraudweek
  • Add the new Official Fraud Week Supporter badge to your email signature.
  • Invite a ACFE to talk to your employees and co-workers virtually on how to avoid common mistakes when preventing fraud.
  • Download the free Fraud Week logo to share on materials or websites.
  • Involve your local chamber of commerce or city council to spread tips on fraud prevention for small businesses.
  • Host a talk or seminar for your co-workers or community on regularly staying aware of fraud prevention best practices.
  • Perform a fraud check-up for your organisation and present your findings to executives, as well as a proactive plan for how to remedy weak spots in your current controls.

How does CRI® Group fight fraud?

CRI® proudly celebrates International Fraud awareness week and highlights that this occasion (called Fraud Week, for short) is an important effort to put a spotlight on fraud, help educate people about its perils and build a fraud-free future.

“Fraud Week reminds us that awareness is any organisation’s first line of defence against fraud and corruption, as properly trained employees will have a better opportunity to recognise the red flags of fraud, and a better understanding of their organisation’s zero-tolerance policy toward such behaviour”, Zafar Anjum, founder and CEO of CRI® Group says.

“Fraud is everybody’s problem, and it cannot be prevented and detected if employees aren’t provided with the information they need to combat it. Providing a robust anti-fraud training program increases your company’s protection from risks of fraud and unethical behaviour. An ounce of prevention is worth more than a pound of cure.”

For CRI®, though, helping organisations prevent and detect fraud is a year-round commitment. That’s why Fraud Week is a great time to reflect on CRI® Group’s recent efforts in the fight against fraud, and to also look ahead to activities on the near horizon. Below are just a few of the highlights.

Does your organisation have a training program in place that addresses fraud, bribery and corruption? And, if so, how robust is your training? How often is it administered? And how do you know it’s working?

These are important questions, especially considering the fact that we know most fraud is discovered internally through employee tips. A recent case study is a perfect illustration of that.

Case study: Conflicts of interest

A major pharmaceutical company’s security department received conflict of interest complaints that reportedly involved a range of employees, from sales personnel on up to the chief financial officer (CFO).  The company engaged CRI® Group to conduct an integrity due diligence and conflict of interest investigation in order to uncover unethical practices, including bribery and corruption, by senior employees.

CRI® Group’s investigators quickly launched a risk assessment of the company’s third-party relationships, which included several interviews with identified vendors and suppliers to help ascertain the engagement process and associated risks.

Investigators found one of the vendors used letterhead that lacked a physical address, and the only contact information listed was a single cell phone number. Site visits, background checks and interviews helped determine that the suspicious vendor was not a company at all – but a single person, and he was none other than the brother-in-law of the client company’s CFO. Worse still was the fact that this obvious fraud was being conducted right under the noses of the company’s procurement and finance professionals.

CRI® Group investigators discovered that the individual’s residence was being utilised as a warehouse to help facilitate the fraud. Comprehensive litigation records check with local and regional courts found that the subject was previously convicted in federal court and spent three years in prison for the charges of selling counterfeit products, physician samples and expired medicines; further regulatory checks found that his pharmacist license had been cancelled.

The fraud had continued for five years. However, the one thing that saved the company from further financial harm was the fact that employees had stepped forward to report unethical behaviour. If not for their action, the fraud could have continued indefinitely.

Fraud Week reminds us that awareness is any organisation’s first line of defence against fraud and corruption, as properly trained employees will have a better opportunity to recognise the red flags of fraud, and a better understanding of their organisation’s zero-tolerance policy toward such behaviour.

CRI® Group’s Certification body, ABAC® Center of Excellence provides employee training as part of the curriculum for a participating organisation. In fact, ISO 37001:2016 certifies that your organisation has implemented reasonable and proportionate measures to prevent bribery, and these measures involve training, top-level leadership, bribery risk assessment, due diligence adequacy, financial and commercial controls, reporting, audit and investigation.

Some key things to remember:

  • Anti-fraud training should be mandatory. This includes managers and executives, who should also receive special training regarding their position of responsibility.
  • Anti-fraud training should be an element of new employee orientation. After that, it should be provided to all employees on an annual basis, if not more frequently.
  • Training might be presented live (in-class), on video or online in an interactive format. The live class is preferred, as it allows questions and personal engagement. However, in today’s business world, some employees work remotely and an online format may be more feasible.

Fraud is everybody’s problem, and it cannot be prevented and detected if employees aren’t provided with the information they need to combat it. Providing a robust anti-fraud training program increases your company’s protection from risks of fraud and unethical behaviour. An ounce of prevention is worth more than a pound of cure.

Learn more about how CRI® Group and the ABAC® Center of Excellence can help you have a well-trained workforce serving as your front line of defence against fraud, bribery and corruption.

CRI® Group is here to help and create a fraud-free future. Contact us today to learn more about our ABAC® training and certification opportunities, our EmploySmart background checking process, our investigative services and other offerings.

About us…

Based in London, CRI® Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI® Group also holds BS102000:2013 and BS7858:2019 Certifications is an HRO certified provider and partner with Oracle.

In 2016, CRI® Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI® Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

 

MEET THE CEO

Zafar I. Anjum is Group Chief Executive Officer of CRI® Group (www.crigroup.com), a global supplier of investigative, forensic accounting, business due to diligence and employee background screening services for some of the world’s leading business organisations. Headquartered in London (with a significant presence throughout the region) and licensed by the Dubai International Financial Centre-DIFC, the Qatar Financial Center – QFC, and the Abu Dhabi Global Market-ADGM, CRI® Group safeguard businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. CRI® Group maintains offices in UAE, Pakistan, Qatar, Singapore, Malaysia, Brazil, China, the USA, and the United Kingdom.

Contact CRI® Group to learn more about its 3PRM-Certified™ third-party risk management strategy program and discover an effective and proactive approach to mitigating the risks associated with corruption, bribery, financial crimes and other dangerous risks posed by third-party partnerships.

CONTACT INFORMATION

Zafar Anjum, MSc, MS, CFE, CII, MICA, Int. Dip. (Fin. Crime) | CRI® Group Chief Executive Officer

37th Floor, 1 Canada Square, Canary Wharf, London, E14 5AA United Kingdom

t: +44 207 8681415 | m: +44 7588 454959 | e: zanjum@crigroup.com