Common Fraud in the Pharmaceutical Industry reported by whistleblowers

Pharmaceutical Fraud

Pharmaceutical fraud involves activities that result in false claims to insurers or programs such as Medicare in the US or equivalent state programs for financial gain to a pharmaceutical company. Several different schemes are used to defraud the health care system, which is particular to the pharmaceutical industry. These include:

  • Good Manufacturing Practice (GMP) Violations,
  • Off Label Marketing,
  • Best Price Fraud,
  • CME Fraud,
  • Medicaid Price Reporting, and
  • Manufactured Compound Drugs.

The pharmaceutical industry is regularly found to be engaging in fraud of many types, and it appears as though each year, the number of pharmaceutical fraud is on the rise. Each year big pharma giants end up spending billions of dollars in paying for fraud, misrepresentation of data and other such corruption allegations levelled out against them. In the last years, global pharma giants have paid fines to the tune of $11 billion for criminal wrongdoing, including withholding safety data and promoting drugs for use, beyond any licensed condition; GlaxoSmithKline paid a $3 billion settlement, Pfizer $2.3 billion settlement, and Merck $650 million settlement. Damages from fraud can be recovered using the False Claims Act, most commonly under the qui tam provisions, which rewards an individual for being a “whistleblower” or relator (law).

July of 2021 saw Bolton pharmacist David “Jason” Rutland pleading guilty to conspiracy to solicit and pay kickbacks and bribes in a $182.5m fraud case in which Rutland himself pocketed $13.3m. This conspiracy is noted as the state’s largest health care/pharmaceutical fraud to date. It is estimated that more than $515 million in fraudulent prescription billings were made to TRICARE, Medicare, Medicaid, and private health care benefit providers in Mississippi.

In the US, whistleblowers are uniquely positioned to report this fraud to the government under the False Claims Act.

Common Fraud in the Pharmaceutical Industry Includes:

  • Unlawful Kickbacks
  • Clinical trials manipulation/fraud against the Food and Drug Administration (FDA)
  • Off-label marketing/Food Drug and Cosmetic Act (FDCA) violation
  • Failure to comply with Current Good Manufacturing Practices (CGMP) requirements
  • Compounded drug fraud
  • Illegal drug-switching
  • Misuse of the 340B drug discount program
  • Medicaid best price fraud
  • Medicare Part D Fraud
  • Fraud by Pharmacy Benefit Managers (PBMs)

Understanding the most common types of pharmaceutical industry fraud reported by whistleblowers

Unlawful Kickbacks

The pharmaceutical industry influences doctors’ prescribing habits, especially in the US. Drug manufacturers and distributors may pay unlawful kickbacks to physicians or others in the form of sham “consulting fees,” luxury vacations, and expensive meals in exchange for increased prescriptions of the company’s drugs.

Clinical trials manipulation/fraud against the Food and Drug Administration (FDA)

Drug manufacturers must obtain FDA approval before marketing a new drug. The FDA approves new drugs proven safe, effective, and properly labelled following extensive preclinical and clinical testing and analysis, which results in a wealth of data regarding the drug’s safety, efficacy, pharmacology and toxicology. The FDA relies on the accuracy of the data that drug manufacturers submit in New Drug Applications (NDAs). Pharmaceutical companies that make false statements to the FDA, omit relevant data in NDAs, or otherwise misrepresent the safety or efficacy of drugs in clinical trials can be subject to False Claims Act (FCA) liability. The same is true of drug companies that pay researchers to falsify clinical trial data.

Off-label marketing/Food Drug and Cosmetic Act (FDCA) violation

Pharmaceutical companies may not promote their drugs for uses, doses, or populations not specifically approved by the FDA as safe and effective. Such “off-label” marketing and promotion violates the FCA. This could include, for example, if a drug is approved for use in treating severe psychiatric disorders, and the drug company’s sales representatives promote it for widespread use in calming elderly patients in nursing homes.

Failure to comply with Current Good Manufacturing Practices (CGMP) requirements

Drug and medical device manufacturers are subject to strict FDA manufacturing rules known as the Current Good Manufacturing Practice (CGMP) regulations. The CGMP exists to ensure manufactured drugs’ identity, strength, quality, and purity and protect consumers from tainted, ineffective, and harmful drugs. Government-funded healthcare programs pay for prescription drugs on the premise that CGMP regulations have manufactured the drugs. If they are not, it can be a violation of the False Claims Act. This could include, for example, a pharmaceutical company’s manufacturing facility using dirty equipment to make drugs, or using equipment that does not accurately measure the type or amount of the active ingredients incorporated into a drug, and then selling these tainted drugs to patients covered by Government-funded health care programs.

Compounded drug fraud

Compounding pharmacies prepare medications tailored to meet the needs of individual patients by mixing drugs or changing the route of administration. Compounding pharmacies can violate the FCA by making large batches of drugs—known as mass-compounding—rather than providing the required individualised service, “compounding” drugs that are already commercially available, or inflating the number of particular medications used in the mixture to increase the cost. Compounded drugs are primarily regulated by the states, meaning efficacy and safety need not be proven to the FDA.

Illegal drug-switching

As a general rule, pharmacies must fill patients’ prescriptions as written by the ordering physician. Putting aside situations where a generic drug may be substituted for a name-brand drug, pharmacists may not simply replace one drug for another or dispense a liquid form of a drug when a pill or tablet was prescribed. Billing government insurers for medications that have been so manipulated can violate the False Claims Act.

Misuse of the 340B drug discount program

The federally mandated 340B drug discount program requires most drug companies to provide hefty discounts — typically 20 to 50 per cent — to hospitals and clinics that treat low-income and uninsured patients. Pharmaceutical companies are required to cap outpatient drug prices at a statutorily defined “ceiling price” equal to the Average Manufacturer Price (AMP) reduced by the rebate percentage or Unit Rebate Amount (URA). Manufacturers submit both the AMP and URA to the Centers for Medicare and Medicaid Services (CMS) quarterly and can defraud the government by misrepresenting these figures, overcharging 340B entities, and/or not providing rebates to which 340B entities are entitled.

Medicaid best price fraud

To obtain Medicaid coverage of their drugs, pharmaceutical companies generally must promise to give state Medicaid programs the lowest price made available to almost any buyer of the drug. To provide this price, pharmaceutical companies report their “best price” on a drug—often calculated based on the drug’s “average wholesale price” or “average manufacturer price”—and payback to Medicaid in rebates any amount the programs paid more than this price. Pharmaceutical companies can defraud Medicaid and violate the False Claims Act by manipulating their “best price” to reduce the amount of money they must return to state Medicaid programs.

Medicare Part D Fraud

Implemented in 2006, Medicare Part D, also referred to as the Medicare Prescription Drug Program, provides drug coverage for tens of millions of elderly and disabled Americans. Under the program, private insurance companies—referred to as Part D Sponsors—offer prescription drugs to eligible beneficiaries directly or through pharmacy benefit managers (so-called “PBMs”) and then submit claims to Medicare for the drugs’ cost. Fraud can occur under Medicare Part D in many ways, including:

Some of the more common types of fraud occurring under the Medicare Part D program include:

  • Billing for drugs not provided.
  • Billing for drugs not covered by Medicare.
  • Billing for brand name drugs when generic drugs are provided instead.
  • Billing for drugs—especially opioids and other controlled substances—diverted for illegitimate purposes.
  • Billing for expired drugs.
  • Billing for drugs dispensed without a prescription or with a falsified prescription.
  • Billing for drugs dispensed with prescriptions from unauthorized, excluded, or non-existent healthcare providers.
  • Billing for drugs provided in quantities that exceed approved limits.

Fraud by Pharmacy Benefit Managers (PBMs)

PBMs are an increasingly common target of fraud investigations. PBMs are third-party administrators of prescription drug programs for, among others, Medicare Part D plans. PBMs contract with health plans to provide pharmaceuticals at low prices, which PBMs keep low through negotiation, generic substitution, manufacturer rebates, cost-sharing, formularies, and other methods. PBMs commit fraud by failing to pass savings from rebate arrangements and subsidies to clients, developing forms that favour more expensive drugs, and improperly switching drugs to generic or different brand name drugs instead of prescribed drugs. Drug manufacturers commit fraud by, for example, providing price concessions on certain drugs in exchange for a PBM’s favourable coverage of the manufacturer’s drug.

About CRI Group

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider.

We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001 Anti-Bribery Management SystemsISO 37301 Compliance Management Systems and ISO 31000 Risk Management, providing training and certification.

ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

 

 

How Risky is Non-Compliance to your Business?

How risky is non-compliance to your business?

How risky is non-compliance to your business? Last year we saw our fair share of AML (anti-money laundering) failures and violations, resulting in eye-watering FCA and HMRC fines. According to Ponemon Institute and security company GlobalScape recent report, the annual cost of non-compliance to businesses now runs an average of $14.8 million, a 45 per cent increase since 2011.

Meanwhile, the range can be anywhere from $2.2 million to $39.2 million. On the other hand, the cost of compliance was found to average $5.5 million, up 43 per cent from 2011. In recent years, adhering to the laws and standards and monitoring the compliance of business processes has evolved as a major concern for business owners.

Staying compliant with ever-evolving regulations has become an ‘obvious’ business imperative, and failing to adhere to these regulations can put organisations in a fix. Before we dive into the risks of falling into the ‘non-compliant dungeon, let’s understand what corporate compliance is. Operating in a multiplicity of countries inevitably also means having to comply with any local regulations.

VIEW RISK MANAGEMENT BROCHURE

 

What is Corporate Compliance?

Compliance at the corporate level involves adhering to a wide range of rules, regulations, laws, and standards designed to protect every aspect of your business. Right from obeying safety guidelines to following the standards for paying wages, an organisation must comply with all the local, state, and federal laws at all times.

Monitoring not only refers to continuously observing possible compliance violations but also includes predicting their occurrence. Since the concept of business process compliance is vast, approaches related to process monitoring are hard to identify. Monitoring the compliance of business processes with relevant regulations, constraints, and rules during runtime has evolved as a major concern in practice.

The cost of non-compliance and monetary fines have been continuously increasing in the past few years. However, business owners are becoming impatient, as these consequences would affect the organisation in many ways. Increased complexity, enforced business changes, and individuals being held personally accountable are all set to continue because of continuous compliance failures.

Why is Compliance crucial?

The following are six fundamental reasons why an organisation should implement statutory compliance.

  • Reason No. 1: is required by Law – All registered companies are mandatorily obligated by the law to follow statutory regulations and comply with them.
  • Reason No. 2: surprise audits – Non-compliance also invites unnecessary inspection and audits, leading to a waste of time and money.
  • Reason No. 3: the financial penalties are high – Failing to adhere to statutory compliance will lead to hefty fines and indirect losses to organisations.
  • Reason No.4: potential imprisonment for everyone involved – Severe cases of non-compliance could result in imprisonment of the organisation’s CEO/Directors/Board members.
  • Reason No.5: Brand Value and Market Reputation – Payment of fines and imprisonment can destroy a company’s brand name in the market it thrives in.
  • Reason No.6: the organisation can be forced to a shutdown – In cases that exhibit perilous non-compliance, authorities can even order companies to cease operations.

Several examples in the global business environment show the repercussions of non-compliance. Look at the following cases:

  • Amazon found guilty of breaching Dangerous Goods Regulations
  • Thames Water was ordered to pay record £20 million for river pollution
  • Google Is Fined $57 Million Under Europe’s Data Privacy Law
  • Westpac accused of 23 million breaches by money-laundering watchdog
  • Italy’s civil aviation authority ENAC threatens to ban Ryanair over alleged non-compliance

The biggest fine so far was the £102m imposed on Standard Chartered for “poor AML controls”, which saw “breaches in two higher risk areas of its business.” This is the second-largest financial penalty for AML failures ever imposed by the FCA.

Improve Your Compliance

A comprehensive compliance solution:

  • Reduces business risks
  • Helps to expedite global expansion
  • Enhances control and visibility
  • Enables the elimination of business risks

After all, when it comes to non-compliance issues, ignorance of the law is no defence. As they say – “Being Compliance is not a choice, but a mandate” the regulatory environment is only going to get fiercer day by day, and companies that miss staying abreast of the global legal amendments might regret big-time.

The UAE, for example, has cracked down on their Ultimate Beneficial Owner compliance requirements – a requirement that costs roughly DH15  but results in a penalty of Dh15,000 up to Dh100,000 if businesses fail to comply.  The Ultimate Beneficial Owner requirement was set up to prevent illicit activities such as money laundering or financing of terrorism.

The requirement reveals anyone who has direct or indirect control of an organisation and requires all such information to set up or renew business licenses to the UAE Government. It’s great to see so many new procedures being put in place that can help you safeguard your business. Are you interested to know how your organisation can excel in global compliance?

Topic: how risky non-compliance to business

 

About CRI Group

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider.

We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001 Anti-Bribery Management SystemsISO 37301 Compliance Management Systems and ISO 31000 Risk Management, providing training and certification.

ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

 

 

Inadequate due diligence hit Space-transport SPAC Momentus $8 million SEC fine

Home | GLOBAL

Inadequate due diligence hit SPAC Momentus $8 million SEC fine

Inadequate due diligence hit SPAC Momentus $8 million SEC fine after misleading investors. The Securities and Exchange Commission (SEC) has charged the Momentus particular purpose acquisition company (SPAC), its sponsor SRC-NI, the sponsor’s CEO Brian Kabot, the company, and founder Mikhail Kokorich – which involved in a $1.2 billion space-transport SPAC for defrauding investors and obscuring the CEO’s status as a US national security risk.

The Fraud Claimed

The SPAC, Stable Road Acquisition Corp, had sought to merge with Momentus, a private start-up, to take it public. Momentus’s key offering was a “microwave electro-thermal water plasma thruster,” a way of zapping water vapour to propel a spacecraft, intending to transport satellites into space.

But Momentus’s propulsion tech failed to show results, according to SEC filings. A test mission fell well short of the company’s benchmarks, and a former Momentus employee said that the test yielded “no data to suggest that that thruster would deliver an impulse of any commercial significance.”

According to the SEC’s settled order, Kokorich and Momentus, an early-stage space transportation company, repeatedly told investors that it had “successfully tested” its propulsion technology in space when, in fact, the company’s only in-space test had failed to achieve its primary mission objectives or demonstrate the technology’s commercial viability.

The order finds that Momentus and Kokorich also misrepresented the extent to which national security concerns involving Kokorich undermined Momentus’s ability to secure required governmental licenses essential to its operations.

Join our mailing list and get exclusive industrial insights for subscriber-only!

The compliance issue: Inadequate due diligence

The SEC’s settled order finds that Stable Road repeated Momentus’s misleading statements in public filings associated with the proposed merger and failed its due diligence obligations to investors.

According to the order, while Stable Road claimed to have conducted extensive due diligence of Momentus, it never reviewed Momentus’s in-space test results or received sufficient documents relevant to assessing the national security risks posed by Kokorich.

The order finds that Kabot participated in Stable Road’s inadequate due diligence and filed its inaccurate registration statements and proxy solicitations. The SEC’s complaint against Kokorich includes factual allegations that are consistent with the findings in the order.

“This case illustrates risks inherent to SPAC transactions, as those who stand to earn significant profits from a SPAC merger may conduct inadequate due diligence and mislead investors. Stable Road, a SPAC, and its merger target, Momentus, both misled the investing public. The fact that Momentus lied to Stable Road does not absolve Stable Road of its failure to undertake adequate due diligence to protect shareholders. Today’s actions will prevent the wrongdoers from benefitting at the expense of investors and help to better align the incentives of parties to a SPAC transaction with those of investors relying on truthful information to make investment decisions.

SEC Chair Gary Gensler

The litigation against Momentus, Stable Road, and Kabot

Associate Director of the SEC’s Division of Enforcement, Anita B, mentioned in her statement that Momentus’s former CEO alleged to have engaged in fraud by misrepresenting the viability of the company’s technology and his status as a national security threat, inducing shareholders to approve a merger in which he stood to obtain shares worth upwards of $200 million.

The SEC’s order finds that Momentus violated scienter-based antifraud provisions of the federal securities laws and caused sure of Stable Road’s violations. It also considers that Stable Road violated negligence-based antifraud provisions of the US federal securities laws as well as specific reporting and proxy solicitation provisions.

The order finds that Kabot violated provisions of the federal securities laws related to proxy solicitations. Kabot and SRC-NI caused Stable Road’s violation of Section 17(a)(3) of the Securities Act of 1933. Without admitting or denying the SEC’s findings, Momentus, Stable Road, Kabot, and SRC-NI consented to an order requiring them to cease from future violations. Momentus, Stable Road, and Kabot will pay civil penalties of $7 million, $1 million, and $40,000, respectively.

Inadequate due diligence hit SPAC Momentus $8 million SEC fine. Source: US Securities and Exchange Commission 

What do you actually know about the integrity of the 3rd party and their way of doing business? Do they adhere to (inter)national regulations on anti-bribery and anti-corruption? Is it possible that there is a liability risk?

Due diligence on potential business partners when adding a new vendor or even hiring a new employee is vital to confirm the legitimacy and reduce the risks associated with such professional relationships. Global integrity DueDiligence360TM investigations provide your business with the critical information it needs in making sound decisions regarding mergers and acquisitions, strategic partnerships, and the selection of vendors, suppliers, and employees. It will ensure that working with an, i.e. potential trade partner will ultimately achieve your organisation’s strategic and financial goals.

At CRI Group, we specialise in Integrity Due Diligence, working as trusted partners to businesses and institutions worldwide. Our people work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates. CRI’s unique identity and vision evolved from our fundamental desire to support our clients and their candidates. Safeguard your business and its integrity with DueDiligence360™.

Our DueDiligence360™ expose vulnerabilities and threats that can cause serious damage to your organisation and can significantly reduce business. CRI Group is trusted by the world’s largest corporations and consultancies – outsource your due diligence to an experienced provider, and you will only ever have to look forward, never back.

CRI Group investigators employ a proven, multi-faceted research approach that involves a global array of databases, courts and public record searches, local contacts, industry and media resources, and in-depth web-based research. Our resources include:

  • International business verification
  • Individual business interest search
  • Personal profile on individual subjects
  • Company profile on corporate entities
  • Historical ownership analysis
  • Identification of subsidiaries & connected parties
  • Global/national criminality & regulatory records checks
  • Politically Exposed Person database
  • International digital media research
  • Company background analysis
  • Industry reputational assessment
  • FCPA, UK Anti-Bribery & corruption risk databases
  • Global terrorism checks
  • Global financial regulatory authorities checks
  • Money laundering risk database
  • Financial reports
  • Asset tracing
  • Country-specific databases that include litigation checks, law enforcement agencies & capital market, regulators

Protect your reputation and the risk of financial damage and regulator action using our detailed reports. They enhance your knowledge and understanding of the customer, supplier, and third-party risk, helping you avoid those involved with financial crime.

DueDiligence360™ from CRI Group

WHAT DO YOU ACTUALLY KNOW ABOUT THE INTEGRITY OF THE PARTY & THEIR WAY OF DOING BUSINESS? DOES OR DID THIS PARTY ADHERE TO (INTER)NATIONAL REGULATIONS ON ANTI-CORRUPTION & ANTI-BRIBERY? IS IT POSSIBLE THAT THERE IS A LIABILITY RISK?

At CRI Group, we specialise in Integrity Due Diligence, working as trusted partners to businesses and institutions across the world. Our people work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates.

CRI’s unique identity and vision evolved from our fundamental desire to support our clients and their candidates. Safeguard your business and its integrity with DueDiligence360™.

Our DueDiligence360™ expose vulnerabilities and threats that can cause serious damage to your organisation and can significantly reduce business. CRI Group is trusted by the world’s largest corporations and consultancies – outsource your due diligence to an experienced provider and you will only ever have to look forward, never back. Clients who partner with us benefit from our:

Expertise
CRI Group has one of the largest, most experienced and best-trained integrity due diligence teams in the world.

Global scope
Our multi-lingual teams have conducted assignments on thousands of subjects in over 80 countries, and we’re committed to maintaining and constantly evolving our global network.

Flexibility
Our DueDiligence360TM service is flexible and can apply different levels of scrutiny to the subjects of our assignments, according to client needs and the nature of the project.

About CRI Group

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, the CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001 Anti-Bribery Management SystemsISO 37301 Compliance Management Systems and ISO 31000 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations.

John Wood Group to pay $177 million to settle bribery charges inherited through its merger

John Wood Group bribery probe trace back to its merger with Amec Foster Wheeler Plc.

John Wood Group Plc has agreed to pay $177 million to settle the UK led bribery and corruption probe into a British engineering firm it acquired in 2017. The settlement is part of a so-called deferred prosecution agreement with the Serious Fraud Office and the US Department of Justice concerning Amec Foster Wheeler Plc.

The UK agreement is still subject to court approval. As part of the deal, the company can avoid prosecution for three years if it cooperates in the continuing bribery probe. Wood Group’s payment is one of the largest ever obtained in the UK led bribery and corruption case. The biggest was a $1.2 billion settlement with Airbus SE that also involved the US and French authorities.

In 2017, the SFO opened an investigation into Amec’s use of third parties to gain contracts, just weeks after Shareholders approved wood Group’s proposed acquisition. The DOJ said the probe concerned a scheme to pay bribes to officials in Brazil for a $190 million contract to design a gas-to-chemicals complex.

As part of the deal announced, at least $10.1 million will settle charges brought by the US Securities and Exchange Commission. The DOJ said it would get about $18.4 million to resolve its criminal charges in the Brazil bribery probe. Amounts to be paid to the UK and Brazil are yet to be made public.

Wood Group announced that it was close to a settlement. It originally said it expected a deal for $186 million, with about $60 million paid in the first half of 2021 and the rest over three years. The company also agreed to pay $10 million to Scottish authorities earlier this year to settle the case.

“The investigations brought to light unacceptable, albeit historical, behaviour that I condemn in the strongest terms,” Wood Group Chief Executive Officer Robin Watson said in a statement. “Although we inherited these issues through acquisition, we took full responsibility in addressing them, as any responsible business would.”

The company has “cooperated fully with the authorities” and “taken steps to improve further our ethics and compliance program from an already strong foundation,” Watson said. “I’m pleased that, subject to final court approval in the UK, we have been able to resolve these issues and can now look to the future.”

The agreement comes amid criticism of the SFO and its inability to prosecute individuals after securing settlements with companies. Earlier this year, the SFO dropped its probe into former Airbus directors and was dealt a humiliating setback after its trial against two former Serco Group Plc directors fell apart because it failed to disclose evidence.

In May 2021, the SFO opened one of its biggest investigations into suspected fraud and money laundering concerning GFG Alliance and its financing agreements with Greensill Capital. It was after months of intense pressure from lawmakers to investigate Sanjeev Gupta’s empire.

John Wood Group bribery probe

Source: Financial Crimes News

Join our mailing list and get exclusive industrial insights for subscriber-only!

The importance of due diligence in merger and acquisition to avoid a similar incident happened like in John Wood Group.

Due diligence is understood as the reasonable steps taken to satisfy legal requirements in the conduct of business relations. That allows you to reduce risks – including risks arising from the FCPA (Foreign Corrupt Practices Act) and the UKBA (UK Bribery Act), to make informed decisions and to pursue takeovers or mergers with more confidence.

Unlike other kinds of control (audits, market analysis, etc.), it must be completely independent and rely as little on information provided by the researched subject. The other important difference lies in the methodology: commercial or financial due diligence analyses available information, investigative type provides reliable and pertinent, but raw, information.

Due diligence on potential business partners when adding a new vendor or hiring a new employee is vital to confirm the legitimacy and reduce the risks associated with such professional relationships. Global integrity due diligence investigations provides your business with the critical information it needs to make sound decisions regarding mergers and acquisitions, strategic partnerships, and the selection of vendors, suppliers, and employees.

It will ensure that working with an, i.e. potential trade partner will ultimately achieve your organisation’s strategic and financial goals. CRI Group investigators employ a proven, multi-faceted research approach that involves a global array of databases, courts and public record searches, local contacts, industry and media resources, and in-depth web-based research. Our resources include:

  • International business verification

  • Individual business interest search

  • Personal profile on individual subjects

  • Company profile on corporate entities

  • Historical ownership analysis

  • Identification of subsidiaries & connected parties

  • Global/national criminality & regulatory records checks

  • Politically Exposed Person database

  • International digital media research

  • Company background analysis

  • Industry reputational assessment

  • FCPA, UK Anti-Bribery & corruption risk databases

  • Global terrorism checks

  • Global financial regulatory authorities checks

  • Money laundering risk database

  • Financial reports

  • Asset tracing

  • Country-specific databases that include litigation checks, law enforcement agencies & capital market regulators

DueDiligence360™ from CRI Group

WHAT DO YOU ACTUALLY KNOW ABOUT THE INTEGRITY OF THE PARTY & THEIR WAY OF DOING BUSINESS? DOES OR DID THIS PARTY ADHERE TO (INTER)NATIONAL REGULATIONS ON ANTI-CORRUPTION & ANTI-BRIBERY? IS IT POSSIBLE THAT THERE IS A LIABILITY RISK?

At CRI Group, we specialise in Integrity Due Diligence, working as trusted partners to businesses and institutions across the world. Our people work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates.

CRI’s unique identity and vision evolved from our fundamental desire to support our clients and their candidates. Safeguard your business and its integrity with DueDiligence360™.

Our DueDiligence360™ expose vulnerabilities and threats that can cause serious damage to your organisation and can significantly reduce business. CRI Group is trusted by the world’s largest corporations and consultancies – outsource your due diligence to an experienced provider and you will only ever have to look forward, never back. Clients who partner with us benefit from our:

Expertise
CRI Group has one of the largest, most experienced and best-trained integrity due diligence teams in the world.

Global scope
Our multi-lingual teams have conducted assignments on thousands of subjects in over 80 countries, and we’re committed to maintaining and constantly evolving our global network.

Flexibility
Our DueDiligence360TM service is flexible and can apply different levels of scrutiny to the subjects of our assignments, according to client needs and the nature of the project.

About CRI Group

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, the CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001 Anti-Bribery Management SystemsISO 37301 Compliance Management Systems and ISO 31000 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations.

Debugging fears that paralyse fraud prevention

Debug fears for fraud prevention

Even though companies understand the fraud risk factor – nearly 77 per cent of HR professionals accept that there is a risk that employees can initiate fraudulent activity because of the work-from-home arrangement during the pandemic – more often than not, companies do not take action to implement robust fraud prevention processes in place until the organisation is exposed to fraud or appear in the news due to an investigation, incident, or external and (or) internal violation. Based on the article by ACFE, we aim to answer why companies wouldn’t adopt fraud prevention and detection measures proactively. 

The answer is fear. It prevents business leaders from being proactive about fighting fraud. Business analytical tools and systems enable companies to identify red flags quickly, but they do not work as fraud prevention tools. 67 per cent of CRI Group’s background screening survey respondents said they encountered one type of fraud – employee fraud – in their career. It’s alarming to imagine how others have encountered many other types of fraud. And still, companies pay lip service to efforts to fight fraud. So how the fear factor plays into the decision to fight fraud?

Fear of associated expenses

A fraud prevention tool is a cost for which you don’t always recognise an immediate return. Consider it like health or car insurance – when it comes to identifying and preventing risk and potential fraud, returns can be harder to quantify.

There are some concerns about spending money on a system that might or might not identify fraud. And if the system does identify fraudulent activity, companies are now obligated to spend more for the additional investigation and possible litigation. It might not be a significant expense for some large organisations, but the budget is better reinvested toward a company’s bottom line.

When trying to save their expenses, organisations forget that expense fraud is one of the most common forms of occupational fraud: employees fudging on their expense accounts. Earlier this year, Lookers (A London-listed company) warned investors they might be unable to buy and sell its shares from the beginning of July because of potential fraud on its books – confirming a £19m charge to correct books after fraud inquiry. Whether through fictitious charges, fake receipts or invoices, or other improper use of expense funds, an expense account is sometimes seen as a low-risk, high-reward area for committing fraud. It shouldn’t be. Follow these five tips for preventing and detecting expensive fraud.

Fear of technology

Based on ACFE, “companies are concerned that implementing new software technology might increase their exposure to fraud via data breaches. They’re also concerned that technology will replace internal auditors. While data encryption and similar tools can combat the risk of data breaches, addressing personnel concerns are trickier.” Technology is meant to assist but not to replace people. It helps identify the red flags, but human input and investigation are required to determine if fraud is indeed occurring and check the facts. 

Appointing a fraud investigator is a good idea in this case. Fraud investigators are the front line of establishing the facts of suspected fraud or other unethical business behaviour. A fraud investigator’s skillset and wide knowledge of fraud laws, evidence gathering and interviewing make them the go-to expert for investigating insurance fraud, financial fraud, procurement fraud, asset recovery, cyber fraud, healthcare fraud, retail fraud and other areas. In this article about fraud investigators’ role, we explore their key functions, responsibilities and knowledge, and how their skillset helps organisations.

Fear of reputation loss

“Companies might fear their reputations will take a hit if they uncover ongoing fraud schemes. Social media has evolved to become a prevalent form of information sharing, so all it takes is the hint of a rumour, and the damage is done. Employees might post the information — or alleged information — that makes it appear as though a company is attempting to hide something”, based on ACFE. This comes as the company’s advantage to be open with employees in their effort to fight fraud. Employees are less likely to whistleblow in public when they are safe and have internal options to report fraud and discrepancies. The key ways of managing the company’s reputation are being transparent, protecting data, and conducting due diligence. It may sometimes feel like your company’s reputation is out of your control. However, there are steps you can take to help manage your reputation and help steer the conversation. It becomes more difficult when you wait and try to undo later the damage that has already been done. That’s why being proactive in maintaining a positive reputation is the best strategy.

Fighting fraud on the front line is key

Companies must realise that the benefits of fighting fraud far outweigh the fears. Engagement in an early fraud education process acts as a buffer, leading to fewer fraudulent losses. Procurement and payables professionals must implement efficient processes that address red flags and track — early and upfront — non-adherence to mandates. Below is a quick overview of best practices for engaging analytic tools and front-line staff to identify and prevent fraud.

  • Tone at the Top:

Of course, top-level management must be committed to addressing fraud prevention. However, it’s just as important for middle managers to adopt a zero-tolerance policy toward fraud. A lack of integrity can be contagious. If workers see their supervisors’ rubberstamping processes, it gives them little incentive to raise concerns when they find inconsistencies.

Business leaders set the Tone at the Top and create a zero-tolerance approach to fraud with ISO 37001 ABMS

  • Segregation of duties:

No one should be responsible for an entire accounting function. The individual who sets up a vendor or client shouldn’t be the same person who approves invoice payments. It’s vital to have multiple eyes on the process, especially in smaller organisations where segregation of accounting duties might be limited or non-existent.

  • Create a fraud-fighting culture:

The very perception of detection helps prevent fraud. A fraud-prevention overview should be part of new employee orientation. Companies also should sign off on internal codes of ethics that outline the steps and procedures employees can take if they suspect fraud. Tips are consistently, and by far, the most common detection method. According to the Report to the Nations, tips detected more than 40 per cent of all cases. Publicise a hotline number internally and externally for your vendors — one of your employees might even be seeking to collude with a client!

  • Training and process audit:

Perform anti-fraud training for employees annually, at a minimum. Increase your anti-fraud training if you have a substantial number of new employees coming on board. Annual fraud awareness and detection training sends a clear message to employees about your organisation’s high standards and could deter fraudulent activity.

Vet suppliers and clients. If you want to avert various fraudulent schemes, you must understand the red flags to look for when onboarding a supplier or client. Vendor vetting in real-time can mitigate upfront risks and dictate those actions required to prevent fraud from slipping undetected through the system. Vendor portals prove invaluable for vetting suppliers using automated data validation.

  • Take action:

There’s no reason for you to identify or perform analysis if you’re unwilling to take action. Fraud prevention software can help you do more than detect fraud — it can highlight poor processes that might expose you to fraud. For example, you might have a legitimate vendor or client, but software can raise a red flag because of gaps in your setup process. Analyse results, make changes, monitor and constantly learn from your processes.

Don’t let fear take control

It’s our duty to help diminish the fears that impede the fight against fraud. At CRI Group, we know that we can effectively and together use the needed resources to combat them when you acknowledge those fears. We believe that analytics tools and proactive monitoring can turn idle threats into reality.

Our fraud examiners can assist you, don’t allow fear to paralyse you into inaction. Your business is at far greater risk for losses due to fraud than organisations that take advantage of fraud prevention tools to leverage their resources. The larger the organisation, the more complex and multi-faceted the governance and responsibility matrix for fraud detection. Passive detection methods aren’t enough anymore. It’s been proven repeatedly that instilling proactive efforts to discover or reduce fraud will increase the bottom line and enhance a company’s reputation.

Free E-Book | Risk Management & ABMS Playbook

The Risk Management & ABMS Playbook provides tools, checklists, case studies, FAQs and other resources to help you lead your organisation into better preparedness and compliance. Our experts share their own plays to help you reduce risk, thereby preventing and detecting more fraud.

The first section addresses risk management directly: proper third-party due diligence and critical background screening take centre stage for this game plan. Section two tackles bribery and corruption, with tried-and-true measures you can implement to stay better protected and in compliance with strict laws and regulations.

About CRI Group

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 19600:2014 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

Speak up | Report Illegal, Unethical or Improper Behaviour

If you find yourself in an ethical dilemma or suspect inappropriate or illegal conduct, and you feel uncomfortable reporting through normal communication channels or wish to raise the issue anonymously, use CRI Group’s Compliance Hotline. The Compliance Hotline is a secure and confidential reporting channel managed by an independent provider. When reporting a concern in good faith, you will be protected by CRI Group’s Non-Retaliation Policy.

Create a zero-tolerance approach to fraud with ISO 37001 ABMS

Zero tolerance to fraud, how ISO 37001 ABMS can help?

Smart business leaders know that “Tone at the Top” is a critical factor in an organisation’s culture. The behaviour and attitudes exhibited by those at the top of the chainset an example for the rest of the staff to follow. This couldn’t be more true when it comes to ethical standards. If a company is lax and tolerant toward unethical behaviour, it creates a confusing message for employees and actually encourages damaging habits.

When a company creates a zero-tolerance environment for fraud and corruption, the opposite is true: employees understand that ethical behaviour is the norm. Anything outside of those bounds will be punished – perhaps with the loss of their job or even prosecution.

Creating a zero-tolerance approach to fraud doesn’t happen overnight. When your organisation enrols in ISO 37001 ABMS training and certification, the program involves your entire team.

The training helps establish an ethical culture by educating your employees on the following:

  • What constitutes fraud, corruption, and bribery, and why these are so damaging to business
  • How to identify red flags of fraud, corruption and bribery
  • The process for reporting fraudulent and unethical acts
  • The organisation’s zero-tolerance attitude toward unethical behaviour and willingness to terminate employees for breaches and prosecute unethical acts
  • The serious ramifications for committing fraud or bribery, the legal consequences, and the negative impact on one’s career

Employees shouldn’t be expected to follow a code of conduct that they aren’t aware exists. That’s why ISO 37001 ABMS creates a communication plan through which organisation leaders regularly communicate their ethical behaviour expectations to staff.

The anti-fraud and anti-corruption controls established by ISO 37001 ABMS also apply to personnel at all levels of the organisation. When employees see that higher-level executives are subject to the same ethical standards as the individual at the lowest level of the flow chart, they understand that the organisation is serious about its commitment to having an ethical workplace free of fraud, corruption and bribery. That’s Tone at the Top.

ISO 37001 Anti-Bribery Management Systems

Set the tone in your workplace today. Sign your company up for our ABAC®’s ISO 37001:2016 Training and Certification and create a zero-tolerance atmosphere toward fraud, corruption, and bribery to build credibility and help your organisation be ethical and successful.

ISO 37001:2016 Anti-Bribery Management System certification is offered under CRI Group’s ABAC® Centre of Excellence, an independent certification body established to provide certification and training in ISO 37001 Anti-Bribery Management Systems, ISO 37301 Compliance Management System, ISO 31000 Risk Management Systems. ABAC® ISO program specifically tailored to your organisation’s needs and requirements. For assistance in developing and implementing a fraud prevention strategy, contact ABAC® or get a free quote now.

Free Gap Analysis of Highest Ethical Business Assessment (HEBA)

We welcome you to have a free Gap Analysis of Highest Ethical Business Survey – and prove that your business is ethical. Complete our free Highest Ethical Business Assessment (HEBA) and evaluate your current Corporate Compliance Program.

Find out if your organisation’s compliance program aligns with worldwide Compliance, Business Ethics, Anti-Bribery and Anti-Corruption Frameworks. Let ABAC® experts prepare a complimentary gap analysis of your compliance program to evaluate if it meets “adequate procedures” requirements under the UK Bribery Act, DOJ’s Evaluation of Corporate Compliance Programs Guidance and Malaysian Anti-Corruption Commission.

The HEBA survey is designed to evaluate your compliance with adequate procedures to prevent bribery and corruption across the organisation. This survey is monitored and evaluated by qualified ABAC® professionals with Business Ethics, Legal and Compliance background. The questions are open-ended to encourage a qualitative analysis of your Compliance Program and facilitate the gap analysis process.

About CRI Group

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business IntelligenceDue Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

Happy holidays!

On behalf of CRI Group and our ABAC® Center of Excellence, we wish you a very Merry Christmas and a wonderful holiday season! Thank you for your continued support and partnership. We look forward to working with you in the years to come.

Even with the world under partial lockdown during the COVID-19 pandemic, there’s been no shortage of bribery and corruption cases. We invite you to join us in the fight against fraud. Help us by answering questions about what actions you take when fighting bribery in your organisation and operating regions. Participate in our short survey and get the chance to win:

  • Gap Assessment for your organisation (worth USD 4500); or
  • ISO 37001 Anti-Bribery Management System (ABMS) Introductory course (worth USD 175).

[/vc_column_text][vc_btn title=”Participate in the survey now!” link=”url:https%3A%2F%2Fshare.hsforms.com%2F1ocblfbVER7mex8swXWNkIw1hq89%3Futm_campaign%3DNational%2520holidays%26utm_source%3Dhs_email%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-8fW6UaKqK61YMPzWjNhp5VmbpssmIFPD0cFYsJRrjIZedGkK9ODql5qCKi0pEAn9F9dWcY||target:%20_blank|”]

May the New Year be healthy and prosperous to you, your business and people! Stay safe, stay well!

Best wishes,
CRI Group family[/vc_column_text][accordion_father][accordion_son title=”About CRI Group” clr=”#ffffff” bgclr=”#1e73be”]Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 19600:2014 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.[/accordion_son][accordion_son title=”Speak up – report any illegal, unethical, or improper behaviour!” clr=”#ffffff” bgclr=”#1e73be”]

If you find yourself in an ethical dilemma or suspect inappropriate or illegal conduct, and you feel uncomfortable reporting through normal channels of communication, or wish to raise the issue anonymously, use CRI Group’s Compliance Hotline. The Compliance Hotline is a secure and confidential reporting channel managed by an independent provider. When reporting a concern in good faith, you will be protected by CRI Group’s Non-Retaliation Policy. COMPLIANCE HOTLINE

[/accordion_son][/accordion_father]

Have you read…

[/vc_column_text][vc_basic_grid post_type=”post” max_items=”12″ style=”pagination” items_per_page=”3″ item=”234″ grid_id=”vc_gid:1608714142785-f5aad119-0df3-9″ exclude=”9883″][/vc_column][/vc_row]

Any successful ethics and compliance strategy needs 5 key ingredients …

Once upon a time, the idea of business ethics was more of an abstract or philosophical notion that seemed more suited for discussion in a university lecture or at a business conference. Today, however, organisations of all sizes and industries must have concrete ways of addressing ethics and compliance issues as a principal component of their business processes and strategy. 

According to a study by PwC, 98 per cent of senior leaders say they’re committed to compliance and ethics; however, only 67 per cent have a process in place to identify the owners of compliance and ethics-related risks, with only a third having an officer in place for the overall compliance and ethics. Fifty-six per cent of the companies don’t have a chief ethics officer at all, and only 20 per cent have a Board of Directors that formed separate compliance and ethics committees. The study reports that 82 per cent of leaders communicated with employees on ethics, but 46 per cent of this is done in business meetings or by email. You can read the result on the full PwC website.

Business leaders are usually quick to communicate their expectations to employees, especially when it comes to financial goals or tasks that they want to be accomplished. However, what is often lacking is a clear, concise explanation of what the organisation expects regarding ethical behaviour and a compliance framework in place to follow. Today citizens, media, politicians and international bodies across all regions actively condemn abuses of power. And past scandals and their consequences have created a demand for increased regulations, greater transparency, and other rigorous scrutiny measures to be taken. To maintain (or regain) public trust, the ethics and compliance function has been placed at the centre of the strategic core of organisations by effective leaders.

Empower your organisation to mitigate risk!

To ensure a robust compliance and ethics strategy, five critical elements need to be implemented; 1) tone at the top; 2) corporate culture; 3) risk management, 4) a Chief Compliance Officer; and 4) testing and monitoring.

1 – Building Tone at the Top

“Tone at the top” is a term used to describe the ethical atmosphere created at an organisation or workplace by their leaders and their attitudes and behaviours. Tone at the top is vital in determining whether fraud, bribery, or corruption are likely to occur. Because all levels of management set it, it has a trickle-down effect on all employees. If the top leaders show a robust and zero-tolerance approach to fraud, employees are likely to lead by example.

An organisation with a strong ethical culture is usually led by a board of directors and senior management personnel who actively promote a culture of compliance and zero tolerance for fraud and other unethical business behaviour. Effective tone at the top will communicate to the organisation at all levels the expected type of conduct, what is considered unacceptable, and what the consequences will be for transgressions. A zero-tolerance approach should be followed at all times; it is vital in maintaining the culture of ethics and compliance at the organisation; below are some examples of failed tone at the top:

For more scandals, check out our list of the “Top 10 Bribery & Corruption Stories of 2020.

2 – Corporate culture

The prevailing norms, expectations, and recognised acceptable behaviour form the corporate culture of an organisation. By implementing an ethical code of conduct and compliance with all regulations a part of those norms, the organisation will help promote positive behaviour and integrity among its staff. 

You might be making assumptions that your employees know how to conduct themselves ethically when, in fact, this expectation only exists in a grey area in their minds – if at all. Some employees who have engaged in fraud, corruption or other unethical situations have claimed that while they knew their behaviour was wrong, they thought it was implicitly accepted by their bosses and, in some cases, their company on the whole.

Similar to establishing an effective tone at the top, fostering a positive corporate culture hinges on effective communication, and it needs to permeate different layers of the organisation. In other words, sending occasional emails about ethical behaviour isn’t enough to influence the culture at a company. Develop videos, team-building exercises, new employee orientations, and employee appreciation events; these provide opportunities to recognise positive behaviour and reinforce the company’s values. When employees see their colleagues being recognised and rewarded for maintaining a compliant and ethical corporate culture, they are more likely to help cultivate an ethical workplace. When the tone at the top and corporate culture are tied together, everyone understands what is acceptable and expected in being a part of the organisation’s success.

3 – Risk management: perform risk assessments

Risk management is identifying, evaluating, and prioritising risks (defined in ISO 31000 as the effect of uncertainty on objectives) followed by coordinated and economical application of resources to minimise, monitor, and control the probability or impact of unfortunate events to maximise the realisation of opportunities. In other words, before you establish an ethics and compliance framework – first, a risk assessment should be conducted to uncover any vulnerabilities that need to be addressed with new processes. 

Risk assessment breakdown: Identification, Analysis, Evaluation   

This means you need to assess how your business is conducted. So ask yourself:

  • Have the various roles at the company been appropriately allocated, and is there a proper separation of duties?
  • Are employees qualified for their responsibilities?
  • Is the workforce trained to recognise the red flags of unethical behaviour and fraud?

Once the risks are identified, they can be isolated and addressed as part of your organisation’s comprehensive approach to ethics and compliance. The risks should be prioritised:

  • Which ones pose an immediate threat?
  • Could they effectively shut down the business?
  • Do they pose a risk of financial, legal, or reputational risk – or all of the above?

Once prioritised, the identified risks should be assigned to critical members of the organisation. Whatever your reasons or motivations might be, if your organisation’s objective is to have an effective risk management strategy in place, then ISO 31000 can provide the principles, framework and a process for managing risk.

4 – A Chief Compliance Officer (CCO)

The implementation of a robust ethics and compliance strategy can give your organisation a competitive edge. A compliance officer or a CCO plays an essential and crucial role in the implementation. They are tasked with the day-to-day responsibility of overseeing the management of compliance and ethical risks whilst ensuring that the organisation is in compliance with the various regulatory requirements and that employees adhere to internal procedures and policies. Oversight should be provided by the board of directors (or ownership and executives) to ensure that problem areas have been adequately addressed and the organisation is taking a proactive approach to mitigating risk. 

5 – Testing and monitoring

When all the new processes have been implemented (the anti-fraud policy and employee code-of-conduct, anti-bribery and anti-corruption training and policies, allocation of duties and responsibilities, an anonymous reporting -hotline- process for unethical behaviour), a thorough testing and monitoring regimen is critical to ensure the new process is working. 

It is important to remember that having the best processes on paper won’t make a positive difference on its own. You need to monitor how they are being used and their success. A schedule should be in place that promotes frequent, regular check-ups of the ethics and compliance controls, with metrics that show results (i.e. surprise audits). A surprise audit is an effective way to test if any new controls have reduced the flagged irregularities. Before implementing ethics and compliance controls, the risk assessments should have identified risk areas with the new processes to mitigate that risk. Only by testing and testing frequently can the organisation determine if the new controls have the desired effect. If they are not, the company should develop new solutions that specifically robustly target these problem areas – and, in time, test them again.

Addressing ethics and compliance issues at an organisation can be a daunting task. However, with careful preparation, expert help, and a common-sense approach, any organisation can develop or enhance its corporate culture to be proactive in mitigating ethics and compliance risks. The benefits will be obvious – increased productivity, better security, and empowered employees who understand that their organisation values integrity and an ethical work environment.

Create a zero-tolerance approach to fraud with ISO 37001 ABMS

Creating a zero-tolerance approach to fraud doesn’t happen overnight. When your organisation enrols in ISO 37001:2016 ABMS training and certification, the program involves your entire team. The training helps establish an ethical culture by educating your employees on the following:

  • What constitutes fraud, corruption, and bribery, and why these are so damaging to business
  • How to identify red flags of fraud, corruption and bribery
  • The process for reporting fraudulent and unethical acts
  • The organisation’s zero-tolerance attitude toward unethical behaviour and willingness to terminate employees for breaches and prosecute unethical acts
  • The severe ramifications for committing fraud or bribery, the legal consequences, and the negative impact on one’s career

Employees shouldn’t be expected to follow a code of conduct that they aren’t aware exists. That’s why ISO 37001:2016 ABMS creates a communication plan through which organisation leaders regularly communicate their ethical behaviour expectations to the staff periodically. Read more on how to build trust in the workplace with ISO 37001 Certification.

About CRI Group

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 19600:2014 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

Speak up – report any illegal, unethical, or improper behaviour

If you find yourself in an ethical dilemma or suspect inappropriate or illegal conduct, and you feel uncomfortable reporting through normal communication channels or wish to raise the issue anonymously, use CRI Group’s Compliance Hotline. The Compliance Hotline is a secure and confidential reporting channel managed by an independent provider. When reporting a concern in good faith, you will be protected by CRI Group’s Non-Retaliation Policy. COMPLIANCE HOTLINE

Ethics and Compliance Hotline: your frequently asked questions answered…

Ethics hotlines are growing in popularity. In 2017 the South Africa Home Affairs Minister Malusi Gigaba announced over 3,000 officials were found guilty of misconduct related to cases reported via the National Anti-Corruption Hotline (NACH). “The closure rate underscores a commitment by government departments to investigate allegations of corruption as reported through the NACH.” Ethics and compliance hotlines work! Organisations must have an ethics and compliance hotline to help promote the organisation code of conduct and nurture a culture of honesty and accountability. 

> Ethical code of conduct: What should be covered?

Don’t opt out of an ethics hotline

The 2019 Global Business Ethics Survey found that more reports of misconduct were made to direct supervisors (a median of 51 per cent) compared to hotlines (6 per cent). However, it is still crucial to have an Ethics and Compliance Hotline in place. Why? Having ethics and compliance hotline shows employees that the business leaders genuinely want to hear from them, making it a great employee relations tool.

Ethics and compliance hotline is an anonymous reporting mechanism. So when the normal channels of communication fail a hotline can facilitate any flagging. They provide an accessible way for employees to report potential wrongdoing, possibly illegal, unethical, or improper conduct; which means a company can better protect itself from fraud, learn of employee misconduct and proactively mitigate any corruption-related risk. Any organisation, despite industry or size, should be 110% committed to having an open dialogue on ethical dilemmas regardless. 

CRI Group encourages everyone to report any wrongdoing. Everyone must seek to maintain transparency to comply with the code of conduct and compliance regulations. We believe that everyone should have a voice, protect yourself, colleagues and organisations that they work for. If your organisation is considering an ethics and compliance hotline, here are some must-knows.

Who can report? And what can you report?

All individuals – employee, clients, contractors, vendors and others in a business relationship with you or your organisation – have a duty and responsibility to report any known or suspected noncompliant behaviour or violations with any regulatory mandates and/or local policies including but not limited to:

  • Ethical standards violations;
  • Violation of laws and company policy and internal control;
  • Risk and safety;
  • Theft, embezzlement or misappropriate of assets and fraud;
  • Bribery and corruption;
  • Employee rights, employee relation, work environment;
  • Privacy laws or security of personal information;
  • Discrimination;
  • A dispute related to a supervisor, HR and other departments;
  • Physical and verbal harassment on the workplace;
  • Issues related to job responsibilities;
  • The report related to a suspicious activity being a witness; and/or
  • Unfair dismissals.

How to report?

You can report your concern using the Ethics and Compliance hotlines at any time 24/7. And an effective Ethics & Compliance Hotline should allow reporting via phone, email, web-based compliant forms and even walk-ins.

How does it work?

This will depend on your organisation structure, however, if you allow reporting directly by telephone, the caller should speak with the Compliance Department directly. The caller can remain anonymous or may want follow-up in which case(s) he will give contact details. If the individual submits a report online, the system should guide the individual through the reporting process, and a PIN number would be generated automatically once they complete the report. The compliance department specialist who receives the tip is then in charged with validating it. This compliance officer typically receives special training on how to gather enough information to ensure the complaint is credible. The tip is then routed to the right department within the organisation such as audit, legal, or human resources. 

What is the process of the investigation?

The Compliance Department or Committee should then review the report and conduct an investigation. The investigation may include an interview with relevant witnesses, review of records, computers, telephones and other equipment in accordance with relevant personal data regulations. The individual that reported will be able to follow the status of the case and to communicate with the Compliance by giving their case number. However, no party can contact the individual directly if you have chosen to remain anonymous. The investigation conclusions and recommendations are reported to Management.

Can we generate anonymous reporting?

Yes, if the individual wishes to remain anonymous when reporting their concern, they can. However, you should encourage the individual to identify themselves where/when possible as this will enable your organisation to investigate the report more effectively. If they provide their names, your compliance department should protect their confidentiality to the greatest extent possible during the investigation. The organisation should have a Non-Retaliation and Whistleblower Policy to help ease the process.

What is a Non-Retaliation Policy?

While on the surface, hotlines may seem a convenient option to receive employee complaints, tips or concerns, often it’s the process that surrounds the hotline which can determine whether it ultimately succeeds or fails. Areas such as employee relations are particularly challenging when it comes to anonymous tips. An organisation needs to have a whistleblower process in place – this is a critical component of any compliance monitoring system. It enables companies to identify and mitigate potential risks at an early stage before they impact on operations, reputation and ultimately financial performance. 

How can we make sure they deliver a credible report?

When reporting an issue, encourage individuals to ensure that they provide as much relevant information as possible, for example, the names of persons involved in the alleged conduct; potential witnesses; appropriate documentation or data; visual evidence etc. Provide them with forms that allow understanding of what they need to submit a credible report, with the appropriate questions and empty spaces for further feedback, including the ability to upload any initial profs. This will allow your Compliance to effectively follow up on the case.

What makes a successful implementation?

  1. A strong and clear message delivered to employees and stakeholders by a senior individual who champions the overall programme.
  2. A clear understanding of how best to engage with your employees at all levels, and in all countries. Remember to take into account country and cultural differences.
  3. A robust internal process to deal with reported issues as laid out in your code of conduct policy or ethics programme.

Are you addressing corporate compliance?

Prove that your business is ethical. Complete our FREE Highest Ethical Business Assessment (HEBA) and evaluate your current Corporate Compliance Program. Find out if your organisation’s compliance program is in line with worldwide Compliance, Business Ethics, Anti-Bribery and Anti-Corruption Frameworks. Let our experts prepare a complimentary gap analysis of your compliance program to evaluate if it meets “adequate procedures” requirements under UK Bribery Act, DOJ’s Evaluation of Corporate Compliance Programs Guidance and Malaysian Anti-Corruption Commission.

> Find out what’s a Gap Analysis, and why do you need it?

Report with CRI Group!

If you find yourself in an ethical dilemma or suspect inappropriate or illegal conduct, and you feel uncomfortable reporting through normal channels of communication, or wish to raise the issue anonymously use the reporting process in this Code of Conduct, including the Compliance Hotline. The Compliance Hotline is a secure and confidential reporting channel managed by an independent provider. When reporting a concern in good faith, you will be protected by CRI Group Non-Retaliation Policy. 

> REPORT NOW!  CRI will not accept any retaliation or discrimination against any employee or external stakeholder who uses our Compliance Hotline in good faith or participates in an investigation. Any employee who breaches the policy will be subject to disciplinary actions.[/vc_column_text][accordion_father][accordion_son title=”About CRI Group” clr=”#ffffff” bgclr=”#1e73be”]Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business IntelligenceDue Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 19600:2014 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.[/accordion_son][/accordion_father]

Have you read…

[/vc_column_text][vc_basic_grid post_type=”post” max_items=”12″ style=”pagination” items_per_page=”3″ item=”234″ grid_id=”vc_gid:1606475918444-015a294f-712d-7″ taxonomies=”42″][/vc_column][/vc_row]