With the EU Due Diligence Legislation in play, the concept of mandatory human rights due diligence for companies is gaining momentum among governments and businesses in Europe. So how does this legislation matter? In terms of working conditions in India, for example, a government report found that:
A sizeable number of workers in India earn less than half of the accepted minimum wage
71% do not have a written employment contract
54% do not get paid leave
Nearly 80% of these in urban areas work well beyond the eight-hour workday (48-hour week).
The tragic collapse of the Rana Plaza factory in Bangladesh in 2013, which claimed the lives of over 1,000 people, confirmed for European lawmakers the need to establish a strict liability regime for corporate supply chains, says a report by Dr Daniel Sharma on dlapiper.com
The EU Due Diligence Legislation imposes liabilities on companies that procure their products through supply chains from India and South Asia and sell them in Europe. The aim is to establish sanctions under public law and establish complaint procedures for affected parties.
Navigating Human Rights Due Diligence requirements
Let us take a look at how companies with supply chains to India and South Asia can safely navigate this new regulatory landscape at the EU level:
A good start would be to conduct an independent risk analysis of the company’s value chains, looking at the risk of potential human rights or environmental violations. Needless to say, this risk analysis must be conducted by independent third parties with knowledge of systems in India and South Asia.
Companies should create a compliance structure and screening mechanism taking into account the cultural diversity of India and South Asia and ensuring that suppliers comply with the due diligence obligations.
Companies must conduct a risk analysis of their value chains annually to verify that the due diligence mechanisms installed concerning their value chains are working and conduct an effective analysis of their preventive grievance mechanisms.
Preventive measures need to be adopted for factors identified within the company’s value chain during the required risk analysis. This should be done by preparing agreements in which the suppliers are also required to comply with due diligence requirements relating to human rights, labour and environmental standards.
Issuance of a policy statement regarding respect for human rights and the use of transparent and public reporting processes will also make the system robust for both the company as well as their suppliers.
Random checks of the aforementioned requirements at regular intervals should also be part of effective supplier management, and suppliers can be asked to ensure that compliance standards are also observed in the downstream value chains.
Implementing the above will allow companies to safely navigate European supply chain legislation without exposing themselves to sanctions or penalties.
We can help with Human Rights Due Diligence
The CRI Group has developed a highly specialised assessment solution for Corporate Due Diligence to assist organisations in accurately identifying, preventing, mitigating and addressing actual and potential adverse impacts of affiliating with global partners and complying with all EU mandates.
From enhanced due diligence to identify non-compliance with the regulatory framework and damaging environmental allegations to investigating company (or stakeholder) human rights violations related to labour laws, child labour or human trafficking, CRI Group experts help determine the legal compliance, financial viability, and integrity levels of outside partners and suppliers affiliated with your company’s value chain.
We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications and is an HRO-certified provider and partners with Oracle.
ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. Contact ABAC® for more on ISO Certification and training.
The most popular type of fraud is misappropriation of assets, including theft of cash and inventories. The motivation to commit fraud include a lack of understanding about fraud behaviour, opportunity to commit fraud and lifestyle and financial pressure.
The motivation for employee to commit fraud stems from three conditions:
Let us look at this case from 2019 which resulted in the conviction of a UK solicitor for fraud.
UK solicitor, Andrew Davies jailed for defrauding his firm of £2.3m
A former senior partner, the UK solicitor, has been jailed for four years after defrauding his firm out of a total of £2.3m. Andrew Davies, 59, paid personal invoices to himself from the business and under-declared £1.1m in stamp duty land tax to HM Revenue and Customs (HMRC) for over nine years.
Davies pleaded guilty to one count of fraud by false representation at Reading Crown Court in 2019 and was sentenced to four years imprisonment in January this year. As a senior partner at the firm, Andrew Davies managed to defraud it out of the money by paying personal invoices to himself from the business account.
The 59-year-old also under-declared £1.1m in Stamp Duty Land Tax to HMRC over nine years, over-declaring tax to clients and then taking money from the solicitor’s firms account for himself, both defrauding the company he worked for and HMRC at the same time.
Davies also raised invoices to pay over £1.6 million to his friend Stephen Allan, who worked as a property developer and was a firm client. The 62-year-old from Bishop’s Stortford was convicted at Reading Crown Court on one count of money laundering and jailed for three years.
In a statement, police mentioned the convictions and sentencing of a solicitor’s firm in Berkshire defrauded out of £2.3m between 2010 and 2017.
Allan then made smaller payments into Davies’ account and also pocketed around £400,000 himself. The solicitor extracted funds from the firm’s client account, paying it to Allan in transactions described as ‘fees’, but there was no known work for this.
Davies of The Street, West Clandon, Guildford, and Allan of Thornberry Road, Bishops Stortford, Hertfordshire, was charged by police officers in August 2019.
The statement did not name the firm, but a Solicitors Regulation Authority notice has previously stated that Davies worked for Reading firm Pitmans LLP, which has since become part of another practice. Davies has already been struck by the Solicitors’ Disciplinary Tribunal and ordered to pay £17,000 in costs.
Investigating officer Detective Constable Katie Taylor of Thames Valley Police’s Economic Crime Unit said: ‘In this case, a solicitor trusted to safeguard client funds abused this position and systematically defrauded his firm of large sums of money for his benefit.
‘He then used a corrupt relationship to launder the proceeds of his crime through a property developer. These professional enablers of organised crime represent a significant risk, and we hope that the conviction and sentence, in this case, will act as a deterrent to others.’
Employee background check and employment history check is vital to avoid horror stories and taboo tales within HR, your business, or your brand. Simply investing in sufficient employment screening services can save you time, money and heartbreak.
Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.
There is growing momentum among governments all over the world that calls for Mandatory Due Diligence. This requires companies to undertake human rights and environmental due diligence. We now have the French Duty of Vigilance Law and the adoption in 2021 of new laws in Germany and Norway to the publication of a proposal for an EU-wide law in 2022, all moving in this direction. Major investors and companies are also speaking out in favour of such legislation, according to business-humanrights.org
Corporates will not be allowed anymore to focus on short-term benefits at the expense of long-term sustainable value creation. Environmental and social interests will also need to be fully woven into business strategies of the corporates.
Improving commitment to Mandatory Due Diligence
Corporates are bound to get in line with human rights due diligence guidelines, as prescribed by the UN Guiding Principles on Business and Human Rights. Yet very few actually comply with the standards and nearly half of the biggest companies in the world analysed in the latest Corporate Human Rights Benchmark could not produce any proof of mitigating human rights issues in their supply chains.
The KnowTheChain benchmarks showed companies scoring a poor 29% for their human rights due diligence efforts — something that mandatory human rights and environmental due diligence laws seek to address.
For these laws should to be effective, a few important factors need to be factored in, such as a due diligence obligation for businesses across their global value chains; an effective and safe stakeholder engagement; mandatory requirements that go beyond routine check and audits, a thorough look at irresponsible business models and purchasing practices, and strong civil liability enforcement.
The CRI Group has developed a highly specialised assessment solution for Corporate Due Diligence and Third-Party Risk Management to assist organisations in accurately identifying, preventing, mitigating and addressing actual and potential adverse impacts of affiliating with global partners and complies with all EU mandates.
From enhanced due diligence to identify non-compliance of the regulatory framework and damaging environmental allegations to investigating company (or stakeholder) human rights violations related to labour laws, child labour or human trafficking, CRI Group experts help determine the legal compliance, financial viability, and integrity levels of outside partners and suppliers affiliated with your company’s value chain.
The Benefits of Compliance
Recent studies have demonstrated a positive correlation between the extent to which companies implement environmental, social and good governance policies, and their overall economic performance, all while contributing to a more stable global marketplace. Such responsible business conduct will:
Enhance protection for workers
Improve access to justice for victims
Safeguard the environment
Ensure fair products for consumers
Further, apart from general compliance with EU mandates, such organisations will benefit from:
Reduced overall liability risks
Improved stakeholder protection
Lower costs resulting from conflicts
Improved company transparency
More profound knowledge of the value chain
Enhanced reputation in the market &
Improved social standards for workers
CRI Group’s corporate due diligence and accountability solutions can help your organisation comply with a growing list of global regulations and mandates related to human rights and the environment while acting as an integral part of your business decision-making and risk management systems.
Contact the CRI Group to learn more about our Corporate Due Diligence and Accountability solutions and stay one step ahead of the pending EU mandates. We look forward to assisting you.
We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.
ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. Contact ABAC® for more on ISO Certification and training.
‘Remote work & other trends shaping workplace cultures’ with Nilofar A. Gardezi
Free Webinar | 31 August 2022 | 7 am – 8 am GMT
CRI® Group hosted a free webinar on August 31st. Our intention was to be able to provide resources on workplace cultures in organisations around the globe that will aid them in expansion and an positive employee environment. Take advantage of this free recording on employee wellness, remote work, pre-employment screening and workplace cultures.
The live training session was conducted by senior certified HR professional and member of CRI’s expert team, Nilofar A. Gardezi.
Workplace trends are dictating major shifts and becoming new norms in the workplace. These trends are expected to grow in the coming years. Examples of this include hybrid work, employee wellness, and ongoing education. Adapting to workplace trends will help employers improve company culture, boost employee retention and defeat workplace complacency. This will help companies stay competitive within the industry and remain relevant in the wider world.
With over nine years of experience in HR, Nilofar A. Gardezi is a HRBP & an Associate Director with the CRI Group. She is a gold-certified Trainer from DWE with a Certification in Psychology and serves as a Certified Professional Counsellor. She has worked with renowned organisations like Attock Group, British Council and Standard Chartered Bank.
Get answers to frequently asked questions about background checks / screening cost, guidelines, check references etc. This eBook is a compilation of all of the background screening related questions you ever needed answers to:
Does a candidate have to give consent to process a background check / screening?
How long does it take to conduct a background check?
When should I conduct pre-employment checks?
How often should I screen employees?
How to collect references and what to ask?
How much does it cost to conduct a background checks?
What is he difference between employment history verification and employment reference?
How do I check on entitlement to work?
How to conduct identity checks?
What will a financial regulatory check show?
Is it possible to identify conflict of interest during checks?
What is a bankruptcy check?
What about directorships and shareholding search?
Can I have access to a criminal watch list?
Anti-money laundering check?
Can we conduct FACIS (fraud and abuse control information system) searches?
… and MORE!
Taken as a whole, is the perfect primer for any HR professional, business leader and companies looking to avoid employee background screening risks. It provides the tools and knowledge needed to make the right decisions.
The CRI® Group has been safeguarding businesses from fraud, bribery and corruption since 1990. We are a global company based in London, United Kingdom. Our experts and resources are located in key regional marketplaces. These are across the Asia Pacific, South Asia, the Middle East, North Africa, Europe, North and South America. Our global team can support your organisation anywhere in the world. For more details about the CRI® Group or to schedule a meeting with us, click here.
Background Investigations: One-on-one interview with Zafar Anjum
Having dedicated his career to a background investigation, fraud prevention, protective integrity, security and compliance, Zafar Anjum is a distinguished and highly respected professional in his field. As Group Chief Executive Officer (CEO) at Corporate Research and Investigations Limited (CRI Group), he uses his extensive knowledge and expertise in creating stable and secure networks across challenging global markets. For organisations needing comprehensive project management, security, safeguard testing, background investigations and real-time compliance applications, Anjum is the assurance expert of choice for industry professionals.
Q: To what extent have you seen an increase in corporate fraud in recent years? What are some of the common themes and underlying causes?
Anjum: Fraud always seems to be increasing. No matter how sophisticated our attempts to prevent it become, perpetrators are always adapting with new methods. According to the 2020 Association of Certified Fraud Examiners (ACFE) Report to the nations, asset misappropriation is the leading type of occupational fraud. It makes up 86% of fraud cases and causes a median loss of $100,000. On the other spectrum, financial statement fraud schemes are the least common (10% of cases) but are the most costly, causing a median loss of $954,000. A typical fraud case can last 14 months before detection and cause a loss of $8,300 per month – a whopping 5% of an organisations revenue is lost to fraud each year. There are various factors at play here, but it starts with ‘tone at the top’. Basically, corporate culture often sets the tone for how strict or lax an organisation prevents or detects fraud. Combine a lax approach with a country or jurisdiction where corruption is still prevalent, even considered ‘business as usual, and there will likely be a fraud.
Q: Could you outline the benefits of using background investigations to reduce potential fraud? Under what circumstances is it prudent to undertake a background investigation?
Anjum: It should be a priority to conduct thorough background investigations when engaging in a merger or acquisition, an initial public offering (IPO), engaging suppliers, contractors or new clients – your client relationships can affect your organisation’s reputation and your ability – to name a few situations. This can help you avoid becoming entangled with third parties that have hidden fraud and other legal issues. It will also make you aware of a potential partner who has credit risk, has claimed bankruptcy or is faced with debtor filings, for example. In one case, a company was seeking to engage a new supplier for medical supplies and equipment. A background investigation revealed that the warehouse’s physical location – claimed by this ‘supplier’ did not exist. The company’s principal had previously been charged with a ‘criminal breach of trust’. Three other civil damages claims against the principal were discovered, with millions claimed in liabilities.
Q: What are some of the best practice approaches to conducting a background investigation?
Anjum: One of the most important aspects of thorough background investigations is having a ‘boots on the ground approach. Online database searches can only take you so far. When conducting due diligence on entities or individuals, red flags that pop up often warrant further checking before they can be truly weighed as part of the decision process. For example, if you are considering partnering with another company and providing information for their physical location, do you have agents who can visit that location to make sure it is legitimate? Investigations sometimes discover that purported ‘headquarters’ is actually an abandoned home or vacant lot. Also, if certain credentials are claimed, you need to make phone calls or possibly a visit to the school or accrediting bodies to verify them. These are the important details that help you with facts that help guide your decisions.
Q: What kinds of legal or regulatory issues might complicate a background investigation?
Anjum: Privacy laws are probably the most important issue, and they need to be carefully understood and followed for every jurisdiction. In the UK, for example, the pandemic has created new data privacy issues, but prudent organisations are constantly evaluating their data protection strategies under the General Data Protection Regulation (GDPR). When it comes to background investigations, similar privacy considerations apply. You might want to check an individuals’ financial or credit history – relevant information if they own a business you seek to partner with or acquire, or if you are considering them for a high-level position at your organisation. Accessing such information is permitted in some jurisdictions and restricted by law in others. The last thing you want is to end up in court for violating someone’s privacy. It is best to engage a professional due diligence background screening firm. They will be trained and up-to-date on the laws governing your background investigations, plus they will have access to resources that most companies do not have.
Q: To what extent are background investigations more challenging in a cross-border or multi-jurisdictional context? How can these additional challenges be overcome or avoided?
Anjum: This goes back to the importance of having investigators in various locations, your ‘boots on the ground’, in your approach to due diligence. The world is much smaller these days as organisations seek to expand across international borders. And the COVID-19 is teaching leaders invaluable lessons in business efficiencies and future strategy. This can lead to obvious challenges – both following the laws and regulations in various jurisdictions and overcoming language and cultural barriers. That is why it is important to have access to locally-based agents – including certified fraud examiners and similarly credentialed professionals – to help with your checks, whether investigating a potential third-party partner or an individual being considered for employment. Another advantage is to have a set, written policy and process for conducting background investigations that you can reference and rely upon when undertaking key business decisions. In this way, your organisation is less susceptible to someone convincing you to bypass proper due diligence simply because it might seem logistically difficult to conduct an overseas investigation.
Q: Once the background investigation results are collated, what are the key points to analysing?
Anjum: If red flags are uncovered, the best way to further investigate is to understand discrepancies. For example, suppose you are conducting background screening on a potential employee, and something comes up in their criminal record, rather than eliminating them from consideration. In that case, you should ensure that there was no error in your background check, investigate the discrepancy, gather all relevant information, and ask the person to explain what you found and why they did not disclose it. They might have an explanation that affects your decision process. In other words, do not overlook potential talent. According to Nacro, more than 11 million people in the UK have a criminal record – that’s 1 in 3 men – however, just over half of these had been convicted on only one occasion, and 85% were convicted before they were 30 years old. Not all of those have a prison record, however. Most convictions are for motoring offences, such as speeding or unpaid tickets.
Q: What essential advice would you offer to companies on developing internal policies and processes to combat fraud? should intensive background investigations form part of their standard procedures?
Anjum: Intensive background investigations should be a part of an organisation’s standard procedures. It should be part of a greater risk management plan, be set forth as written policy that owners and directors approve, and be reviewed and understood by management and other relevant personnel. Engage risk management professionals when developing your policies and procedures. They can help tailor a plan based o your organisation. Key questions to address should include; who will implement the plan, how an investigation is conducted, who evaluates and reports the results, etc. Sometimes organisations put forth a thorough, excellent programme for background investigations and then, six months or a year later, nobody is following it. The key to success is following through with it and ensuring your entire organisation understands the process and why it is so important. The security of your company depends on effective risk management.
The security of your company depends on effective risk management
Background investigations are critical to any company’s success because working with qualified, honest and hard-working employees and other businesses is integral to thriving in the business community. What you don’t know can hurt you, and the simple act of one bad decision can result in an unprecedented loss for your company.
From vendor and third-party screening to employment screening, CRI Group recommends background investigations as critical proactive measures to help keep your business safe. An effective background screening investigation will help screen for bad apples that can cause havoc down the road. Because we maintain a diverse talent base comprised of multilingual and multi-cultural professionals, CRI can traverse obstacles that often impede international background investigations. That’s why we are frequently contracted by our competitors to conduct background investigations in geographic regions not serviced or accessible by larger investigative firms.
Meet our CEO
Zafar I. Anjum is Group Chief Executive Officer of CRI Group (www.crigroup.com), a global supplier of investigative, forensic accounting, business due to diligence and employee background screening services for some of the world’s leading businesses organisations. Headquartered in London (with a significant presence throughout the region) and licensed by the Dubai International Financial Centre-DIFC, the Qatar Financial Center-QFC, and the Abu Dhabi Global Market-ADGM, CRI Group safeguards businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. CRI Group maintains offices in UAE, Pakistan, Qatar, Singapore, Malaysia, Brazil, China, the USA, and the United Kingdom.
Contact CRI Group to learn more about its 3PRM-Certified™ third-party risk management strategy program and discover an effective and proactive approach to mitigating the risks associated with corruption, bribery, financial crimes and other dangerous risks posed by third-party partnerships.
For decades, pre-employment background screening has been helping organisations hire the right candidates for the right roles. These checks hold good till a candidate gets on board. But what if one of your existing employees commits a crime, revokes their license, or loses work authorisation? Continuous Background Screening (otherwise called rolling background checks or continuous monitoring) can help you mitigate any risks. Let’s look at what continuous background screening is and how it transforms the background check for employment industry.
What is continuous real-time pre employment screening?
Global enterprises generally take the approach of conducting background verifications on candidates to ascertain the data that they present at the interview. One-time background verifications help organisations check candidate data while hiring but not after that. New forward-looking entrants have been disrupting the background screening industry with this trend. The continuous background screening process is a systematic technique and is not completely new. Companies can perform real-time background checks on employees to identify internal threats and flag them immediately when found. It is a post-hire employment screening process that applies to any specific part (or all) of your workforce.
Staying informed about the employees’ background is as important, or conceivably, more important than verifying the candidates’ data when they initially apply. Certain regulated industries have been performing some form of continuous background check of employees as it is a mandate – but most of them are not real-time. The best examples include high-risk industries like transportation, healthcare, and finance. But with the advent of rapidly evolving technology, real-time background screening that uses online record databases and digital platforms has allowed taking a proactive approach toward risk mitigation.
Now let’s take a deeper look at how this works. CRI® Group looks for any change in candidates’ background data. It identifies them so that organisations can stay away from possible risks. When the background screening software detects an employee’s data change, it notifies the employee and begins verification. Furthermore, the tool will allow candidates disqualified due to criminal violations to resurface after an allowed time frame. This will empower employers to give a second chance to the employees and perform a more comprehensive pre employment background check on them.
The Alarm Bell
Continuous background screening still has a paramount need to comply with regulatory policies. In addition to being compliant with global regulations, organisations must adhere to the state and local laws that pertain to disclosure and authorisation requirements and adverse action processes. It is recommended to follow the rules of the Equal Employment Opportunity Commission (EEOC) and Federal Trade Commission (FTC) when any issues arise due to removing an employee based on the screening results.
The regulations demand the employer to get written consent from the employees before a background verification starts. Employers should take immense care to make the consent clear enough, failing which a new notice and fresh consent need to be provided the next time. But, even though the federal law (FCRA) accepts such practices, the state or local law might not (Californian laws, for instance).
HR teams need to be prepared for the worst – when an employee refuses to authorise a background verification stating it as a privacy intrusion. Hence, designing a screening program that adheres to global and local compliance is key.
CRI® Group can help companies nip bad employees in the bud, thus ensuring the brand image is not affected by bad hires. Yet, surprisingly, an SHRM study states that only 4% of 6500 HR professionals said that their companies performed rolling background checks.
Employers should revisit their screening programs and incorporate technology-powered techniques like real-time screening, so they do not go blind in the interim.
Get in touch with us to learn more about how you can leverage employment screening services and proactively mitigate risks in real time. CRI® Group is happy to assist you.
Who is CRI® Group?
Based in London, CRI® Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, TPRM, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI® Group also holds B.S. 102000:2013 and B.S. 7858:2012 Certifications and is an HRO certified provider and partners with Oracle.
Running a business takes hard work and while success – customers, revenue and satisfaction – is the ultimate goal, all businesses come with risks which could stop you from achieving your goals. That’s why business risk management is key to building confidence in both your internal and external stakeholders – people want to be assured that each business decision is properly vetted before being made, that losses are minimised and successes maximised. A robust business risk management plan puts in place procedures that can help you identify, pre-empt, and avoid potential threats – or at the very least minimise their impact. Here are seven types of business risk you may want to address in your company.
1- Economic Risk
The economy is constantly changing as the markets fluctuate. It’s important to watch changes and trends to identify and plan for an economic downturn. Some positive changes are good for the economy, which lead to booming purchase environments, while negative events can reduce sales. To counteract economic risk, save as much money as possible to maintain a steady cash flow. Also, operate with a lean budget with low overhead through all economic cycles as part of your business plan.
2- Compliance Risk
Business owners face an abundance of laws and regulations to comply with. For example, recent data protection and payment processing compliance could impact how you handle certain aspects of your operation. Staying well versed in applicable laws from federal agencies like the Occupational Safety and Health Administration (OSHA), the Environmental Protection Agency (EPA), and state and local agencies can help minimise compliance risks. If you rely on all your income from one or two clients, your financial risk could be significant if one or both no longer use your services. Start marketing your services to diversify your base so losing one won’t devastate your bottom line. Non-compliance may result in significant fines and penalties. Remain vigilant in tracking compliance by joining an industry organisation, regularly reviewing government agency information and seeking assistance from consultants specialising in compliance. For more on data compliance, read: “GDPR, Everything You Need to Know” and “GDPR: A 21st Century approach to Compliance.”
3- Security and Fraud Risk
As more customers use online and mobile channels to share personal data, there are also greater opportunities for hacking. News stories about data breaches, identity theft and payment fraud illustrate how this type of risk is growing for businesses. Not only does this risk impact trust and reputation, but a company is also financially liable for any data breaches or fraud. To achieve effective enterprise risk management, focus on security solutions, fraud detection tools and employee and customer education about how to detect any potential issues.
4- Financial Risk
This business risk may involve credit extended to customers or your company’s debt load. Interest rate fluctuations can also be a threat. Adjusting your business plan will help you avoid harming cash flow or creating an unexpected loss. Keep debt to a minimum and create a plan to start lowering that debt load as soon as possible. If you rely on all your income from one or two clients, your financial risk could be significant if one or both no longer use your services. Start marketing your services to diversify your base so losing one won’t devastate your bottom line.
5- Reputation Risk
There has always been the risk that an unhappy customer, product failure, negative press or lawsuit can adversely impact a company’s brand reputation. However, social media has amplified the speed and scope of reputation risk. One negative tweet or bad review can decrease your customer following and cause revenue to plummet. To prepare for this risk, leverage reputation management strategies to regularly monitor what others say about the company online and offline. Be ready to respond to those comments and help address any concerns immediately. Keep quality top of mind to avoid lawsuits and product failures that can damage your company’s reputation.
6- Operational Risk
This business risk can happen internally, externally or involve a combination of factors. Something could unexpectedly happen that causes you to lose business continuity. That unexpected event could be a natural disaster or fire that damages or destroys your physical business. Or, it might involve a server outage caused by technical problems, people, or a power cut. Many operational risks are also people-related. An employee might make mistakes that cost time and money. Learn more about the” Top Risk Management Concerns and The Need for Leadership During COVID-19.”
Whether a people or process failure, these operational risks can adversely impact your business in terms of money, time and reputation. Address these potential operational risks through training and a business continuity plan. Both tactics provide a way to think about what could go wrong and establish a backup system or proactive measures to ensure operations aren’t affected. Investigative operations (via commercial investigations) focus on the current status of your business – i.e. location of assets, financial information, identification of unmet needs of any market, gauge brand awareness and identity in the market, etc.) For example, more businesses are using cloud storage to protect company data and rely on remote team members to maintain operations. Automating more processes also helps to reduce people’s failures. Learn more about it HERE!
7- Competition (or Comfort) Risk
While a business may be aware that there is always some competition in their industry, it’s easy to miss out on what businesses offer that may appeal to your customers. In this case, the business risk involves a company leader becoming so comfortable with their success and the status quo that they don’t look for ways to pivot or make continual improvements. The increasing competition combined with an unwillingness to change may result in a loss of customers. Enterprise risk management means a company must continually reassess their performance, refine its strategy, and maintain strong, interactive relationships with its audience and customers. Additionally, it’s important to keep an eye on the competition by regularly researching how they use online and social media channels.
Business Intelligence is most effective when it combines data derived from the market in which your business operates (external) with data from within, such as financial and operations data (internal). When combined, this data can provide a complete picture so that you can make any business decision, from operational to strategic, such as product positioning or pricing. Learn more about it HERE!
Accept, But Plan
Although you will never be able to eliminate business risk, proactively planning for it can help. Awareness is key in helping you save money and time while protecting the trust, reputation, and customer base you’ve worked so hard to achieve.
Who is CRI® Group?
Based in London, CRI® Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI® Group also holds BS 102000:2013 and BS 7858:2012 Certifications and is an HRO-certified provider and partner with Oracle.
A thorough understanding of its financial crime risks is key if a firm is to apply proportionate systems and controls. The following are self-assessment questions to help you implement an efficient risk assessment to mitigate the risk behind finance crime.
What are the main financial crime risks to the business?
How does your firm seek to understand the financial crime risks it faces?
When did the firm last update its risk assessment?
How do you identify new or emerging financial crime risks?
Is there evidence that risk is considered and recorded systematically, updated assessments, and appropriate sign-off?
Who challenges risk assessments and how? Is this process sufficiently rigorous and well-documented?
How do procedures on the ground adapt to emerging risks? (For example, how quickly are policy manuals updated and procedures amended?)
Examples of good practice:
A comprehensive risk assessment.
Risk assessment is a continuous process based on the best information available from internal and external sources.
The firm assesses where risks are greater and concentrates its resources accordingly.
The firm actively considers the impact of crime on customers.
The firm considers financial crime risk when designing new products and services.
Examples of poor practice:
Risk assessment is a one-off exercise.
Efforts to understand risk are piecemeal and lack coordination.
Risk assessments are incomplete.
The firm targets financial crimes that affect the bottom line (e.g. fraud against the firm) but neglects those where third parties suffer (e.g. fraud against customers)
Using An External Services Provider to Conduct Your Financial Crime Risk Assessment
Aside from it often being difficult to schedule time for this type of review or know where to start, there is considerable benefit in having an independent, objective review of the financial crime risks your business faces. Corporate Research and Investigations Limited (CRI® Group) has a wealth of knowledge in Financial Crime and can help you identify risks and exposures that might otherwise be missed, thereby enabling appropriate procedures to be put in place.
To engage CRI® Group to conduct your Financial Crime Risk Assessment, contact the CRI® team. CRI® has a dedicated team of experienced compliance consultants who can provide expert assurance and peace of mind. Get in touch to see how we can help your organisation.
About CRI® Group
CRI® Group has protected businesses from fraud, bribery and corruption since 1990. We are a leading Compliance and Risk Management company licensed and incorporated entity of the Dubai International Financial Center (DIFC) and Qatar Financial Center (QFC). CRI® protects businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business.
Based in London, CRI® Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. Our global team can support your organisation anywhere in the world. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI® Group also holds BS 102000:2013 and BS 7858:2012 Certifications and is an HRO-certified provider and partner with Oracle.
Corporate compliance should be an essential part of your business operations, regardless of size or industry. How does your business manage compliance and mitigate risk? Taking preventative measures can feel like a hassle up front. Still, it can save you untold organizational costs in the long run.
Corporate compliance violations can result in fines, penalties, lawsuits, loss of reputation, and more. Keep your business from learning the lesson the hard way. Start developing a compliance program today. This article will define compliance, what it means for your business, and how to create a successful compliance program.
What is Compliance in Business?
The definition of compliance is “the action of complying with a command,” or “the state of meeting rules or standards.” In the corporate world, it’s defined as the process of making sure your company and employees follow all laws, regulations, standards, and ethical practices that apply to your organization and industry.
Corporate compliance covers both internal policies and procedures and federal and state laws. Enforcing compliance helps your company prevent and detect rules violations, protecting your organization from fines and lawsuits. The compliance process should be ongoing. Many organizations consistently and accurately govern their compliance policies over time.
The Purpose of a Corporate Compliance Program
The purpose is to protect your business. It’s as simple as that. But the return on investment could be significant, helping you avoid waste, fraud, abuse, discrimination, and other practices that disrupt operations and put your company at risk.
Your corporate compliance program needs to be integrated with all compliance efforts enterprise-wide, from managing external regulations and internal policies to comprehensive employee training. By ensuring all departments and staff are working together to maintain standards, you can mitigate the risk of significant failures and violations.
An effective program improves communication between leadership and staff. It should include a process for creating, updating, distributing, and tracking compliance policies. After all, employees can’t be held responsible for rules and regulations they don’t know exists. But once they understand expectations, your staff can stay focused on your organization’s broader goals and help operations run smoothly. What’s more, when employees are adequately trained on compliance requirements, they are more likely to recognize and report illegal or unethical activity.
Maintaining compliance equips your employees to do their jobs well, reach their career goals, and keep customers happy. In turn, your company can achieve its goals and grow faster.
In the unfortunate event that your organization faces a lawsuit, your corporate compliance program will help in court.
As one report from Rutgers School of Law explained, “An organization that has made a robust effort to prevent and detect violations of the law by its employees and others acting for it will be treated less harshly than one that was indifferent to complying with the law.”
How to Create a Successful Corporate Compliance Program
Very few businesses can afford to procrastinate on a corporate compliance program. Don’t let hindsight be 20/20 for your organization. Have the foresight to take action today.
Your program should be carefully planned and implemented, with coinciding training programs to guarantee personnel are well-versed in all areas of compliance. Here are a few steps to establish or refine your corporate compliance program:
Your corporate compliance program won’t run itself. One person should be assigned the responsibility of managing the program day-to-day.
Depending on the size of your organization, you could have one compliance officer or several. Regardless, those in charge of the compliance program must have the authority to enforce the rules and hold staff at all levels accountable.
They also need direct access to its governing body, including senior management or the board of directors.
Access to senior management and authority to enforce rules is essential when potential compliance issues arise, empowering your officers to respond quickly. But communication goes both ways. The governing body needs to regularly assess the corporate compliance program’s effectiveness.
Corporate compliance fosters a workplace culture that values integrity and ethical conduct. This starts at the top. Your leaders need to follow the rules for the program to work. They should encourage ethical behavior and openly talk about the importance of compliance.
Company leaders should encourage employee input, emphasizing that they won’t be punished for reporting unlawful or unethical behavior.
The Department of Justice created a checklist for evaluating corporate compliance programs and suggested asking the following questions:
How have senior leaders encouraged or discouraged the type of misconduct in question through their words and actions?
What concrete actions have they taken to demonstrate leadership in the company’s compliance and remediation efforts?
How does the company monitor its senior leadership’s behavior? How has senior leadership modelled proper behavior to subordinates?
Conduct Risk Assessments
Corporate compliance is about managing risk. To build an effective program, you need to know what compliance areas pose the highest risks to your organization. Once you have identified these areas, you can focus your resources on addressing them.
Federal and state regulations, as well as industry standards, are continually evolving. To avoid the risk of non-compliance, it’s essential to conduct regular assessments. The Association of Corporate Counsel (ACC) suggests conducting a risk assessment once a year.
A formal assessment process, like this one recommended by the ACC, can help your organization be proactive about preventing corporate compliance violations:
Industry enforcement trends
Compliance policies in each risk area
Establish and Maintain Your Code of Conduct, Policies, and Standards
Your corporate compliance program needs a well-defined code of conduct. Why? Because it can help define your program’s purpose and set expectations for behaviour.
The code of conduct acts as a foundation and should explain the following key points:
Who is responsible for managing the program
How employees should report misconduct
Disciplinary measures for violating the code of conduct
Your corporate policies should build on top of that foundation by providing guidelines for specific areas of compliance. For example, they may address common corporate compliance violations:
Conflicts of interest
The list goes on. But the exact areas you need to address will depend on your industry.
Once risk areas have been identified and policies created, you should establish procedures to help employees carry out policies correctly. Creating step-by-step guidelines makes it easier to follow procedures and identify non-compliance.
Risk areas in specific industries may require additional standards. For example, the Foreign Corrupt Practices Act may require you to keep detailed protocols for screening third-party business partners.
Properly Train All Employees
Compliance policies and standards are useless if employees don’t follow them. After establishing the policies and procedures for your corporate compliance program, you need to disseminate them to every member of your staff.
Ensure company officers, employees, and third-party vendors read and sign off on all compliance policies and procedures.
All employees and relevant vendors should be trained on laws, regulations, corporate policies, and prohibited conduct. Depending on the size of your organisation, you may want to conduct training tailored to specific employees in high-risk areas.
The ACC recommends that you track, document, and follow up on training. By implementing a compliance policy and training management tool, you can accomplish this and automate many of your manual processes. The right software lets you distribute policies, conduct online training, create custom tests, and more.
Improve Your Compliance
Creating or revising your compliance policies and training takes a lot of work. It’s an ongoing process requiring consistent monitoring and updates. But don’t wait until an incident has occurred to take action. If you and your compliance officers are already busy and time-constrained, finding the right time to implement a new program can be hard. The trick is finding a compliance management solution that fits your organization.
If you’re ready to take control of compliance, and protect your business from risk, learn more about CRI® Group compliance solutions and discover how we can help your corporate compliance program.
CRI® Group’s compliance solutions are tailored to your organization’s needs, helping assure compliance in all areas and keeping you one step ahead of regulatory requirements.
Money laundering is a serious global issue, and recent legislation is aimed at requiring organizations to follow strict anti-money laundering protocols.
Our Due diligence 360° services provide the specialized intelligence needed by global financial institutions and multinational corporations to guarantee complete compliance with anti-money laundering (AML) regulations and legislations.
Manage your third-party risks confidently with customized 3PRM™ solutions for your organization or get certified. CRI® Group’s own exclusive, expert-developed 3PRM™ services help you proactively mitigate risks from third-party affiliations, protecting your organization from liability, brand damage and harm to the business.
Whether your organization has a large, well-established third-party program, is in the early stages of development, or is anywhere in between, 3PRM™ solution can improve the health of your program and future-proof your entire business in many forms.
We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be.
CRI® Group also holds B.S. 102000:2013 and B.S. 7858:2012 Certifications; is an HRO certified provider and partner of Oracle.
May 17th of 2022 marks the 32nd anniversary of the establishment of Corporate Research and Investigations (CRI® Group). Yay, for us! From the very beginning, the CRI® Group has been dedicated to safeguarding organisations and helping businesses by establishing the legal compliance, financial viability and integrity levels of outside partners, suppliers and customers seeking affiliation. And we would like to thank all of you who have supported us over the last 32 years.
We were then, and continue to be, passionate about helping businesses fight bribery and corruption while promoting transparent business relations. CRI® Group always stands ready to assist clients on every level and has achieved many significant accomplishments within the past year alone. From engaging in new partnerships, adding new clients to a new AML advisory service, and even opening two new offices, CRI® Group has been busy expanding our reach to help more organisations prevent fraud, bribery, corruption, and other business risks.
Expanding the Global Reach With New Office Locations
In November 2021, CRI® proudly announced the opening of its office in Turkey and, in February 2022, the opening of its Estonia office. Zafar Anjum, Group CEO at CRI®, said: “The ability to effectively pre-empt fraud and corruption by mitigating internal and external risks to prevent these issues can save corporations from immense potential losses and reputation damage. Our services such as DueDiligence360™,3PRM™ andEmploySmart™ can significantly help organisations deal with bribery and corruption, third-party risk management, noncompliance with the regional and international regulatory framework and malpractice. CRI® Group’s expertise will enhance Turkey’s diverse pool of business support services.”
“Today’s business climate dictates an increasing demand of international business organisations for proactive measures designed to reduce bribery and corruption, particularly in the financial, government and multi-national business sectors,” Anjum further said. “CRI® Group’s worldwide network of multi-disciplined subject specialists and analysts, which now include Estonia, helps organisations prevent and deter bribery and corruption, third-party malfeasance, threats and corruption risks while ensuring our clients conform to the local and international regulatory framework. The establishment of our offices in Turkey gives us the platform to expand further and enhance the level of support we offer to the international business community.”
Dynamic New Industry Events, including our own ABAC Summit
In March, CRI® Group was delighted to take its place at the Trade Winds, the largest annual U.S. government trade mission organised by the U.S. Commercial Service. Trade Winds was a great opportunity to have meaningful conversations with many of you. Our 3PRMTM solution address various specific areas, including conversations on how to protect your organisation from liability, business interruption and brand damage by partnering with the CRI® Group.
Third-Party Integrity Due Diligence and Screening: ensures global compliance, provides adequate monitoring and protection against potential litigation;
3PRM Enhanced Background Checks: uncovers derogatory information within the public and private record resources through risk-based background checks, including investigative research into suppliers and individuals, ultimate-beneficial owners;
ISO 37001 Anti-Bribery Management System: CRI® Group’s independent and accredited Certification Body can examine your Anti-Bribery and Anti-Corruption procedures and issue an accredited Certification; and
ISO 37301 Compliance Management System: CRI® Group’s independent certification body helps companies worldwide to increase and measure their efforts against regulatory compliance risks.
This weekend, we attended FutureFest, Pakistan’s largest tech conference & Expo. CRI® Group was able to talk with many of you about your goals and challenges in staying better protected from fraud and corruption. If you missed the event, don’t despair, CRI® Group invites you to schedule a quick appointment with us to discuss how conducting due diligence and compliance can help you and your organisation. The role or size of the third party is not as important as the nature of the relationship they have with your business. Think of your third-party access to your sensitive data or your property!
After two years of having to put our ABAC summit on hold because of the pandemic, we are very excited to finally announce our “2022 Anti-bribery, anti-corruption (ABAC) Summit.” In association with the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence, our Summit embraces the theme of “Managing your Organisation Governance, Anti-bribery, Whistleblowing, Compliance & Risks Effectively.” This must-attend event for anyone working in anti-bribery and anti-corruption, due diligence, risk management, and anti-fraud such as CEOs, CFOs, Chief Legal Officers, Chief Compliance Officers, In-house Counsels, Compliance Managers, Lawyers and Auditors, Heads of Procurement and Other officers responsible for Compliance and Anti-Corruption. You can check out the full schedule here.
The ABAC Summit will bring together some of the greatest minds in the fight against corruption, with a lineup of expert speakers that share their experiences, knowledge and best practices with an attentive audience, including members from MACC, the Prime Minister of Malaysia Office and the U.S. Embassy in Malaysia. Intending to redefine the anti-bribery culture within organisations in the country, the conference and workshops bring together Foreign Consulates, high-profile enforcement authorities, faculty speakers, delegates from top 500 Forbes and public limited companies, and media in a single forum to discuss effective internal controls, ethics, compliance measures and best practices for preventing and detecting bribery within organisations. The event aims to provide guidance and training that enables business sectors to fight malpractices.
Finally, we are delighted to unveil our place at the 2022 ACC (Association of Corporate Counsel) annual conference as a sponsor and exhibitor. The ACC Annual Meeting at Las Vegas on October 23-26 is convened each year, emphasising law, legislature, training, and compliance associated topics in correlation to Third-Party Risk Management and ISO certification (ISO 37001 Anti-Bribery Management System and ISO 37301 Compliance Management System).
The ACC Annual Meeting is the world’s largest gathering of corporate counsel and will include more than 30 sessions led by industry-leading specialists and counsel. It is standard for the Exhibition Hall to be packed with industry affiliates and experts showcasing their goods and services and is an excellent prospect for you to educate yourself about the most recent industry manufactured goods and services that can be used to enrich your organisation’s stance on conducting due diligence and compliance. Every attendee is guaranteed to leave this conference equipped with significant data and resources to advance their corporate objectives.
If you are attending 2022 ACC, please come by and visit with us. CRI® Group would love to talk about your goals and challenges in helping your company stay better protected from fraud and corruption.
New Webinars that Help Spread Knowledge About Bribery and Corruption Risks
With businesses continuing to turn to online learning opportunities, CRI® hosted several webinars, including the upcoming “Compliance and Adequate Due Diligence for Third-Party Risk Managements” with the speaker, Samia El Kadiri, a renowned Consultant, Author and Trainer (6σGB | IRCA- QMS Lead Auditor | TOT | Auditor | Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence). A webinar on building a Culture of Compliance and Trust Through ISO 37301:2021 CMS: Compliance adequate Due Diligence for Third-Party Risk Management – corporate compliance program.
In February, our CEO was invited to speak at The Fraud Outlook 2022 Webinar hosted by the Fraud Advisory Panel. A webinar took a forward look at some of the current and emerging global fraud threats and what they mean for practitioners. It will provide a timely update on the current fraud landscape in Europe, the U.S., the Middle East and Asia, key insights into anticipated fraud trends over the next 12 to 18 months and the implications for counter fraud professionals and businesses.
New Anti-Money Laundering (AML) services
We launched new Anti-money laundering (AML) advisory services that help analyse systems and develop effective solutions that reduce your company’s risk of falling prey to employee, supplier or outside corporate and financial crimes. An effective AML framework is a testament to your organisation’s position against crime. Our unmatched investigative capabilities, worldwide presence and a long-standing reputation for independence and integrity make us uniquely qualified to resolve regulatory concerns.
Our vast Anti-Corruption and Compliance network provides the protection you need when making critical bottom-line decisions crucial to your organisation’s success. Leave it to experts. Ensure you have the 360-degrees analysis of your challenges – get in touch with the experienced CRI® Group’s AML team for a bespoke quote.
As a global business entity with a range of subsidiary partner operations that cross several distinct business sectors (including but not limited to telecommunication, financial services, petrochemicals, energy production/distribution, chemicals, fertilisers and food), your organisation needs to recognise that it is targeted by hostile entities seeking to take advantage of your market presence.
One of the critical challenges is corporate finance’s control and movement and ensuring that effective Anti-Money Laundering (AML Framework) procedures and practices are in place. Refusal to accept the risks and your organisation is openly exposed to:
Exploitation from the theft of money & other assets.
You need to comply with national, regional, and international legislative frameworks such as:
Section 453 of the 2017 Companies Act (Pakistan); and
U.K.’s Proceeds of Crime Act (POCA) 2000).
More fundamentally, money that is unknowingly, unwittingly or (in the case of fraud and corruption) even consciously ‘laundered’ through the organisation could ultimately support, finance and promote international terrorism and the drugs trade.
A money-laundering prevention program is an essential element among institutions’ measures to protect their operations and promote trust among their clients and partners. CRI® Group works with clients to design, implement, and refine comprehensive AML policies and procedures and establish an overarching compliance strategy and culture, including firm-wide training on AML compliance that reflects the latest regulatory and enforcement trends and industry best practices.
As global corporate citizens aware of their responsibilities, any international organisation must comprehensively address these concerns and implement policies, procedures, and associated risk assessment mechanisms.
CRI® Group: A Brief History
Reflecting on the beginning of our company’s story, our CEO, Zafar I. Anjum, said: “While working on one insurance fraud case, I realised that whereas the justice system deals with most types of crime, fraud itself mandates investigation by an external specialist agency in fraud detection however such organisations were sorely lacking. In addition to a distinct lack of counter fraud education in the general population, which aided those committing fraud greatly. Even where individuals were aware that they were being defrauded, they lacked the knowledge of how to resolve disputes between themselves and the defrauder effectively”.
Mr Zafar Anjum raised the firm to a new level in 2006 when he incorporated the U.K. company in 2006, and Corporate Research and Investigations LLC DIFC was incorporated in 2008 in UAE. Today, CRI® Group is a leader in employee background screening services, investigative due diligence, third-party risk management services and Anti-bribery Management Systems.
Today, the company is a global firm with experts and resources located in key regional marketplaces across the Asia Pacific, South Asia, the Middle East, North Africa, North America and Europe. The company’s success and growth continue; CRI® Group always stands ready to assist organisations and has achieved many significant accomplishments within the past year alone. From expanding service capabilities to launching podcasts and webinars every month, CRI® Group has been busy helping businesses overcome risk management challenges. We collated a few of our achievements below.
Thank you for your past support, and we look forward to continuing to work with you. Check out our eBook of Why Partner with CRI® Group. CRI® Group invites you to schedule a quick appointment with us to discuss how our risk management solutions can help you and your organisation.