Employee Background Checks: A Requisite for all Businesses

Employee Background Check Concepts

Employee Background check concepts are inescapable for your organisation if you are looking to minimise risks surrounding a bad hire. The concept of an employee background check has become one of the most significant phases in the recruitment process.

The escalating figure of crime scenes and fraudulence incidents is a key justification why organisations take up this step as aside from the rising crime rates, organisations are also becoming hyperaware of their employee turnover rate, employee burnout, employee retention, etc. Employee Background Checks are a highly effective method of ensuring that organisations are recruiting the finest. What are the key concepts of conducting an employee background check and why is it substantial for corporations of all sizes and statures?

Concepts of Employee Background Check

In wake of the digital development, it is fair to say that the recruitment process has become quite demanding, and an employee needs to cross numerous phases to at the right time reach the finishing point. The Employee Background Check is quite a time-consuming concept as employers strive to have the greatest pick from the numerous candidates who have come up for the recruitment process. After the interview sessions are over, it needs some time to let the employee know about their joining since this is the time when most organisations go through the employee background check procedure. Some companies opt to perform this procedure in-house while some others hire external service providers to conduct a comprehensive check of the employee’s academic, professional, and even social presence. After the employer is gratified with the check, the employee is offered an appointment letter to join them.

CRI Group’s EmploySmart™ can be tailored into specific screening packages to meet the requirements of each specific position within your organisation. Ensure a safe work environment for all. Download our EmploySmart brochure or get a free quote.

Significance of The Employee Background Check and its Advantages

Organisations carry out such checks due to a myriad of reasons, some of these include:

1. Knowing the validity of the resume

Many candidates tend to embellish their experiences on their resumes and make use of such methods to obtain their desired job through such falsified recognitions. If a candidate does obtain their role through this method, they will not be able to handle the position well making this a complicated situation for the employee and the employer concurrently. Therefore, it is incredibly valuable to know what the candidate has falsified on their resume. An appropriate and comprehensive verification of the employee’s background can unveil all such truths in front of the employer. After knowing the true details, employers can make a judgment that will be more beneficial for the organisation as well as the employee.

2. Knowing about the nature of the candidate

Like the falsified details on the resume, candidates also tend to wear somewhat of the false mask of confidence on their faces while attending the interview. It is tricky to distinguish and judge a person in a conversation of a few minutes. If it is a career profile where the pressure is going to be intense, it is crucial to know whether the candidate can handle such pressure or not. Knowing the authentic behaviour and personality aids in evading bad hires. The experts of the verification check get you an appropriate note about the personality, nature, and behaviour of the candidate to determine whether they can match up to the demands of the needed position.

3. Knowing experiences at the past offices

Candidates produce diplomatic answers about their past experiences when a question is thrown at them about said experiences. Many of the experts suggest cracking this during the interview session as the employers must verify the factual scenario at the previous offices. It may turn out that the candidate had a terrible record at the last office, or it may also happen that the employer had fired the candidate from the last job. There can be a few things that can happen. You can of course offer the candidate a chance to clarify, but it is imperative to get the verification done before this.

4. Knowing criminal experience and legal support

Having an employee background check is also about having an awareness of any criminal experience a candidate could have potentially had. It can be unsafe for the organisation to hire an employee with such a background and place them amid unharmful employees. It is just as vital to know whether the candidate has legal support or not. If yes, it should be checked whether the candidate has misused the support in the past or not. If the candidate has misused the support in the form of a lawsuit or so in the past, they do the same for your organisation too.

What to include in Employee Background Check?

  • History of employment: Verify the reference given by the candidate as it confirms their behavioural and working patterns with previous employers. This way, their overall performance, commitment, and proclivities can be assessed.
  • Criminal background: It is essential to determine that the candidate does not have a criminal history. It is inevitable, principally for the profiles related to defence or trust.
  • Credit history: Knowing the credit rating of your candidate is also important as this reveals the integrity of the employees. This can be done by completing an employee background check for the credit history.
  • Terror Watch List: For the businesses running in countries like the USA, checking the Terror Watch List of their candidates is especially critical. Again, it is a necessity for security positions.
  • Checking Social Security: Organisations should check the legitimacy of Social Security Number. Proper background checks of distinct names, aliases, date of birth, history of addresses, etc. This way, it can be found out if the candidate has been living with other names or anything else questionable which is not accessible in criminal records.
  • Checking public/court records: This is done to check if the candidate has been or is implicated in any sort of court proceedings or not. This is incredibly significant in picking the right candidate that can offer comprehensive devotion to the job profile you are proposing to extend.
  • Reference checks: There are two types of reference Employee Background Checks: personal and employment. Both facilitate in confirming the integrity, reliability, steadiness, and personality of the employee.
  • Checking Sex Offender Registry: Sex Offender Registry check must be an integral part of the employee background check as you must not endanger other employees or consumers, especially in roles surrounding children and other susceptible individuals, by hiring a sexual predator.
  • Education check: This sort of background check is carried out to determine the authenticity of the various credentials provided by the candidate you are planning to recruit.
  • Driving Records: If your candidate is required to drive a company-owned vehicle, then checking driving records and license is essential for you.
  • Record of Military Service: You need to pay attention to some key measures while hiring a candidate with a military service record. That is why checking the military service records of your candidates is also important.
  • Compensation Record: Checking the candidate’s compensation claims from past employers is also significant before hiring an employee.

Measures to take for Employee Background Checks

Having a proper flow chart of different steps

  • Organisations must have a consistent policy for the employee background check, and for this, responsible authorities should know about the different steps they need to follow for background verification. A flow chart of all the steps is often used for this measure as they are easily comprehensible across the board. 

Legal Assistance to understand the role of Local Laws in Employee Background Check

  • An assortment of confidential data is involved in the background check which is why taking legal Assistance will help avoid many sorts of legal complications.

Opt for FCRA Compliant Employee Background Check

  • As FCRA (Fair Credit Reporting Act) determine what you can and cannot do in your employee background check proceedings and govern all the background checks, organisations must ensure that they follow FCRA’s rules and regulation.

In case of any mistake or misunderstanding, allow a candidate to Clear Up that.

  • There are instances in which the data an employer has received can be incorrect; it is important to offer the chance to a candidate to rectify those misunderstandings as it determines a prudent and productive practice.

Being aware of the difference b/w Investigative Consumer Reports and Reference Checks

  • If you reject a candidate because of the Investigative Consumer Report, the candidate needs to be provided with a copy of that report. However, if the information was obtained via reference check, such as asking past employers, you need not give such details to the candidate.

Academic references Checking

  • Academic circles and experience are easily exaggerated and manipulated areas in recruitment and can be problematic and at times difficult to identify. Therefore, the prospective employer ought to start their reference check from this point. Undeniably, there is no need whatsoever to employ an applicant who is not honest regarding their academic qualification as they would not be productive and are likely to have ill motives. Consequently, they could be a liability to your organisation. This kind of candidate cannot be trusted at all, and therefore there is no need why the employer should. However, it would be to think such an individual for their interest in your organisation, but never should one hire them.

Call current and former supervisors.

  • At times, it can prove difficult to extract any information about an applicant due to some legal handles and the fear of being sued for character defamation or even libel where the information which would be given might be negative, especially from either the current or former employers of your prospective candidate. However, it is worthwhile to find out as the data available at your disposal allows for sound and appropriate decisions to be made for the benefit of both the organisation and other members of staff.

Checking one’s network of associates

  • Undeniably, for those who have been in the personnel management department, it is most likely that they have a vibrant network of associates, friend colleagues and family members who would be willing to share information about a prospective employee. It is therefore essential and significant to gather information from them. It would not be surprising that one might even get more information from such people.

Browse online sites

  • With the use of the internet and using several search engines or numerous social sites, one is likely to find crucial and critical information that would go a long way in facilitating the employer get sufficient data about either the applicant or the organisation that they have worked or claim to have worked for.
  • This information might range from positive to negative, thereby allowing the employer to make the right decision. Undoubtedly, the internet is a sure and free source of data that any prospective employer should employ in doing a background check.

In conducting employee background checks, there are some golden rules that one needs to observe to avoid any legal and challenges in executing the duties of their human resources and making the background check most effective and efficient. These do and don’ts include but are not limited to:

Do’s

  • Having a consistent background checks policy and detailing how the policy should be used.
  • Getting legal advice on how to conduct background checks under the local legal framework.
  • Giving the applicants a chance to clear up any faults or misconstructions appearing on their documentations and during the interview process is inconsistent with your background check.
  • Employing the services of background check services compliant with the legal frameworks of your region
  • Understanding the difference between background checks vis-à-vis investigative consumer reports.

Don’ts

  • Avoid making decisions on using the background checks on an applicant-by-applicant basis.
  • Avoid the assumption that some parts of the background check process routine
  • Avoid making decisions without letting the applicant a chance to respond.
  • Avoid assuming that any companies seeking information about an individual are legally compliant.
  • Avoid requesting information about the character or personal and private of an individual while verifying the historical employment facts.

Fundamentally, employee background checks are not too viewed superficially as they play an important role in ensuring that neither the employer nor the organisation encounter loss or legal handles in exercising their mandate and role. Consequently, by attracting competency and matching the skills with the tasks, employers ensure that their organisations remain profitable and are sustainably produced and competitive in their respective fields.

Finally, the most critical information that these background checks elicit are vital and are diversified in range and scope depending on the tasks to be performed and are as follows:

Criminal Records

Indeed, background checks are instrumental in providing information about the individual, which would inevitably be vital, especially where the candidate is required to handle or maintain important levels of trust, confidentiality, and security. Consequently, this kind and level of reliability would not be forthcoming from a criminal record person.

Social Security Validation

Apart from and the individual being tax compliant, background checks guarantee the legitimacy of the applicant’s social security number. The Social Security Validation facilitates in and discovering of all the names, as well as aliases and any variations thereof, dates of birth in addition to the history addresses associated with the applicant.

This limits the incidents of the employer contracting an individual who has a criminal record or does not have any legal status of seeking and getting employed in that country or region. Further still, it provided information on whether the candidate has ever lived in unrevealed places or under other pseudonyms that could divulge unlawful records that wouldn’t have otherwise been established.

Address History

Address History background checks help in tracing prior addresses where the applicant could have resided and facilitated the establishment of where else the applicant could have lived, making it easier in the verification of their true identity and may form the basis of further interview questions as well as getting to know the candidate better.

Terror Watch List

With the prevalent threat of terrorism and the global danger posed by terrorists, a thorough background check is more likely to establish if your potential employee could have been involved in terror acts or whether they are in any country or even states terror watch list. Although this was explicitly imperative for security jobs, it has been deemed necessary in almost every profession due to the changing dynamics and tactics employed by terrorists and other criminal syndicates in the twenty-first century.

Sex Offender and human trafficking Registry Check

With the ever-increasing levels of human trafficking, child pornography, organ harvesting, paedophilia and sexually related abuse globally, it is paramount that for positions dealing with minors, the marginalised and the most vulnerable through background checks are a necessity rather than just an option to ascertain the credibility of the applicant to avert and reduce the prevalence of the vices above.

Necessities for conducting Employee Background Checks

  • You need to have your full name, date of birth, and Social Security Number for doing a background check.
  • If you want to check credit reports, military records, and school transcripts, you need the candidate’s permission.
  • If you hire an outside company to do the background check, you need to take the candidate’s permission.
  • If the candidate denies the permission, you will be entitled to take the candidate out of consideration for that job profile.

Are There Any Disadvantages?

One of the major disadvantages that you can see is the wastage of time and money. The organisation invests large sums of money in conducting such investigations, and most of the time, the person turns out to be a genuine one and with the time it takes to conduct these checks, the candidate may think that the organisation is not interested and hence, they may join some other organisation in this period.

Judging a candidate on their background deeds may not always prove to be fruitful either. It may happen that a candidate got trapped in a criminal, offence and in an actual sense, they are a gem of a person. But when you do not know the candidate personally, you will focus on the verification reports and let a genuine person go.

Opting for an employee background check depends on the type of your business and the kind of job profile you are going to hire that candidate. Getting an employee background check has become eminent today because there have been so many instances each day.  They are getting the verification done to get the employer the satisfaction that they are selecting a genuine person and will not hamper the reputation and environment of the company.

If there is still any uncertainty in your mind about conducting employee background checks, why not reach out to us? CRI Group has experts across the globe from all backgrounds who are trained to provide you with specialised, expert advice fit for your business needs. Get in touch today!

GET IN TOUCH

What is Business Intelligence? Investigative Operations vs Intelligence Operations

What is Business Intelligence?

What is Business Intelligence? How are Investigative operations are compared to Intelligence operations? Business Intelligence (BI) is a phrase coined for the analytical procedures an organisation commences. Business Intelligence is known to be a successful method of conducting market research as it merges data derivative from the peripheral environment (i.e., market and industry) in which an organisation operates with data from the core environment of the organisation as fiscal and controls data. When combined, this data can deliver a complete image of any business decisions a firm can make as a means of benefit to themselves; this ranges from operational decisions such as product positioning to strategic decisions such as pricing.

What is Counted as Business Intelligence Solutions?

Business Intelligence (BI) Solutions can take on numerous forms and structures in today’s complex corporate environment. BI solution investigates everything from assets to the exterior disputes facing an organisation. It can also appraise an organisation’s employees to ensure that the organisation’s integrity, reputation, and bottom-line profits are safeguarded from any malice and illicit activities.

CRI Group™ Takes Two Approaches to BI Solutions:

  • Intelligence operations (via market research and analysis): we focus on researching the future and potential growth of your business – i.e. determine the commercial viability and potential for success in the market, analyse consumer behaviour and business trends in that market, etc.
  • Investigative operations (via commercial investigations): we focus on the status of your business – i.e. location of assets, financial information, identification of unmet needs of any market, gauge brand awareness and identity in the market, etc.)

Why not check out our BI solutions brochure to know more about our approach.

What are Intelligence Operations?

Investigation and Evaluation facilities are constructed to aid clients during the business intelligence procedure. Intelligence operations are highly acclaimed for organisations of all industries as the service aids the preliminary phases of detecting the necessary components for a suitable corporate policy to the closing phases of execution. At CRI Group™ we know that data is your greatest advantage when performing enterprise on several degrees.

Our market research will collect the statistics mandatory to make significant corporate decisions; everything varying from registering into other markets or industries to associating or partnering with other organisations (i.e., Mergers and Acquisitions) is covered in our BI Solutions. CRI Group™ is proficient in understanding and transmitting this data in a way that allows you to implement it into your corporate development; our experts are trained to the highest degree and understand how to get the proper data promptly.

CRI™’s methodology is to assist the organisation in tracing corporate movements and market changes which in turn, will aid in steering them through the practice of successfully conveying their brand in the larger market to then be able to market their goods and services accordingly. With representatives in nations across the globe, CRI Group™ is distinctively situated to assist you in traversing cultural and regulatory environments to maximise your market potential in the regions you seek to trade.

Gaining insight into how your brand reputation affects potential buyers and understanding what motivates the market to purchase will enable you to establish effective marketing programs that impact your audiences and build brand loyalty among buyers.

What are Investigative Operations?

It is no secret that every industry has its issues. Some matters, however, such as Employee Theft, Company Fraud, rivalry, continuous malingering, or Industrial Espionage, can start on a moderately trivial scale but as time advances, the culprit becomes brasher in their endeavours (typically due to an absence of discovery) instigating the situation to develop out of control and start being detrimental your commerce.

As an organisation, you have every right to be involved with the internal activities of your firm hence, carrying out commercial investigations on your employees as a means of curtailing threats is not out of the question. Our team of experts can support you to do this in a manner that is equally as ethical as it is providing as it delivers you the data you so greatly pursue.

Commercial investigations can be achieved for any form of an enterprise including commercial, industrial, legal, and public sector corporations. Our team hail from a range of diverse backgrounds, including military and fraud investigators which is why CRI Group™ is so adaptable in its approach to help you with intelligence and investigative operations.

A little bit overwhelmed and wanting to learn more? Get in touch and let us know how we can help!

GET IN TOUCH

 

Who is CRI Group™?

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background Screening, Business Intelligence, Due Diligence and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

Inadequate Due Diligence Hit Space-Transport SPAC Momentus $8 Million SEC Fine

Inadequate Due Diligence Hit SPAC Momentus $8 Million SEC Fine

Inadequate due diligence hit SPAC Momentus $8 million SEC fine after misleading investors. The Securities and Exchange Commission (SEC) has charged the Momentus particular purpose acquisition company (SPAC), its sponsor SRC-NI, the sponsor’s CEO Brian Kabot, the company, and founder Mikhail Kokorich – which involved in a $1.2 billion space-transport SPAC for defrauding investors and obscuring the CEO’s status as a US national security risk.

The Fraud Claimed

The SPAC, Stable Road Acquisition Corp, had sought to merge with Momentus, a private start-up, to take it public. Momentus’s key offering was a “microwave electro-thermal water plasma thruster,” a way of zapping water vapour to propel a spacecraft, intending to transport satellites into space.

But Momentus’s propulsion tech failed to show results, according to SEC filings. A test mission fell well short of the company’s benchmarks, and a former Momentus employee said that the test yielded “no data to suggest that that thruster would deliver an impulse of any commercial significance.”

According to the SEC’s settled order, Kokorich and Momentus, an early-stage space transportation company, repeatedly told investors that it had “successfully tested” its propulsion technology in space when, in fact, the company’s only in-space test had failed to achieve its primary mission objectives or demonstrate the technology’s commercial viability.

The order finds that Momentus and Kokorich also misrepresented the extent to which national security concerns involving Kokorich undermined Momentus’s ability to secure required governmental licenses essential to its operations.

Join our mailing list and get exclusive industrial insights for subscriber-only!

The Compliance Issue: Inadequate Due Diligence

The SEC’s settled order finds that Stable Road repeated Momentus’s misleading statements in public filings associated with the proposed merger and failed its due diligence obligations to investors.

According to the order, while Stable Road claimed to have conducted extensive due diligence of Momentus, it never reviewed Momentus’s in-space test results or received sufficient documents relevant to assessing the national security risks posed by Kokorich.

The order finds that Kabot participated in Stable Road’s inadequate due diligence and filed its inaccurate registration statements and proxy solicitations. The SEC’s complaint against Kokorich includes factual allegations that are consistent with the findings in the order.

“This case illustrates risks inherent to SPAC transactions, as those who stand to earn significant profits from a SPAC merger may conduct inadequate due diligence and mislead investors. Stable Road, a SPAC, and its merger target, Momentus, both misled the investing public. The fact that Momentus lied to Stable Road does not absolve Stable Road of its failure to undertake adequate due diligence to protect shareholders. Today’s actions will prevent the wrongdoers from benefitting at the expense of investors and help to better align the incentives of parties to a SPAC transaction with those of investors relying on truthful information to make investment decisions.

SEC Chair Gary Gensler

The Litigation Against Momentus, Stable Road, and Kabot

Associate Director of the SEC’s Division of Enforcement, Anita B, mentioned in her statement that Momentus’s former CEO alleged to have engaged in fraud by misrepresenting the viability of the company’s technology and his status as a national security threat, inducing shareholders to approve a merger in which he stood to obtain shares worth upwards of $200 million.

The SEC’s order finds that Momentus violated scienter-based antifraud provisions of the federal securities laws and caused sure of Stable Road’s violations. It also considers that Stable Road violated negligence-based antifraud provisions of the US federal securities laws as well as specific reporting and proxy solicitation provisions.

The order finds that Kabot violated provisions of the federal securities laws related to proxy solicitations. Kabot and SRC-NI caused Stable Road’s violation of Section 17(a)(3) of the Securities Act of 1933. Without admitting or denying the SEC’s findings, Momentus, Stable Road, Kabot, and SRC-NI consented to an order requiring them to cease from future violations. Momentus, Stable Road, and Kabot will pay civil penalties of $7 million, $1 million, and $40,000, respectively.

Inadequate due diligence hit SPAC Momentus $8 million SEC fine. Source: US Securities and Exchange Commission 

What do you actually know about the integrity of the 3rd party and their way of doing business? Do they adhere to (inter)national regulations on anti-bribery and anti-corruption? Is it possible that there is a liability risk?

Due diligence on potential business partners when adding a new vendor or even hiring a new employee is vital to confirm the legitimacy and reduce the risks associated with such professional relationships. Global integrity DueDiligence360TM investigations provide your business with the critical information it needs in making sound decisions regarding mergers and acquisitions, strategic partnerships, and the selection of vendors, suppliers, and employees. It will ensure that working with an, i.e. potential trade partner will ultimately achieve your organisation’s strategic and financial goals.

At CRI Group, we specialise in Integrity Due Diligence, working as trusted partners to businesses and institutions worldwide. Our people work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates. CRI’s unique identity and vision evolved from our fundamental desire to support our clients and their candidates. Safeguard your business and its integrity with DueDiligence360™.

Our DueDiligence360™ expose vulnerabilities and threats that can cause serious damage to your organisation and can significantly reduce business. CRI Group is trusted by the world’s largest corporations and consultancies – outsource your due diligence to an experienced provider, and you will only ever have to look forward, never back.

CRI Group investigators employ a proven, multi-faceted research approach that involves a global array of databases, courts and public record searches, local contacts, industry and media resources, and in-depth web-based research. Our resources include:

  • International business verification
  • Individual business interest search
  • Personal profile on individual subjects
  • Company profile on corporate entities
  • Historical ownership analysis
  • Identification of subsidiaries & connected parties
  • Global/national criminality & regulatory records checks
  • Politically Exposed Person database
  • International digital media research
  • Company background analysis
  • Industry reputational assessment
  • FCPA, UK Anti-Bribery & corruption risk databases
  • Global terrorism checks
  • Global financial regulatory authorities checks
  • Money laundering risk database
  • Financial reports
  • Asset tracing
  • Country-specific databases that include litigation checks, law enforcement agencies & capital market, regulators

Protect your reputation and the risk of financial damage and regulator action using our detailed reports. They enhance your knowledge and understanding of the customer, supplier, and third-party risk, helping you avoid those involved with financial crime.

DueDiligence360™ from CRI Group™

WHAT DO YOU ACTUALLY KNOW ABOUT THE INTEGRITY OF THE PARTY & THEIR WAY OF DOING BUSINESS? DOES OR DID THIS PARTY ADHERE TO (INTER)NATIONAL REGULATIONS ON ANTI-CORRUPTION & ANTI-BRIBERY? IS IT POSSIBLE THAT THERE IS A LIABILITY RISK?

At CRI Group, we specialise in Integrity Due Diligence, working as trusted partners to businesses and institutions across the world. Our people work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates.

CRI’s unique identity and vision evolved from our fundamental desire to support our clients and their candidates. Safeguard your business and its integrity with DueDiligence360™.

Our DueDiligence360™ expose vulnerabilities and threats that can cause serious damage to your organisation and can significantly reduce business. CRI Group is trusted by the world’s largest corporations and consultancies – outsource your due diligence to an experienced provider and you will only ever have to look forward, never back. Clients who partner with us benefit from our:

Expertise
CRI Group has one of the largest, most experienced and best-trained integrity due diligence teams in the world.

Global scope
Our multi-lingual teams have conducted assignments on thousands of subjects in over 80 countries, and we’re committed to maintaining and constantly evolving our global network.

Flexibility
Our DueDiligence360TM service is flexible and can apply different levels of scrutiny to the subjects of our assignments, according to client needs and the nature of the project.

 

To Check or Not to Check?

Background Checks: To Check or Not to Check?

Background checks don’t tend to make international news. They are the low-key diligent step in most well-managed recruitment processes to comfort employers that the person they are hiring is everything they seem – and nothing more.

That’s why the background checks of Belle Gibson, a super influencer who lied about having cancer, and Brett Kavanaugh, a nominee to the US Supreme Court, tend to make news headlines for who can you trust if not those in direct line of the public eye?

The Story of Belle Gibson & Brett Kavanaugh

Belle Gibson was a Melbourne “wellness” who rose to fame after sharing her story on Instagram of her terminal brain cancer and how she controls it through the power of healthy eating. Gibson claimed to have kept her cancer under control by turning away conventional medicinal practices and instead of following what she termed a “wellness” diet, a diet consisting of avocados, berries, no alcohol and so on.

Sounds impressive, right? To rid yourself of an incurable disease simply through eating better? Think again – it is too good to be true. The influencers lie caused untold damage, including turning a 44-year-old mother away from her chemotherapy in hopes of attaining Ms Gibson’s lifestyle.

But the reason why this lie broke headlines is because of what followed; a book deal with Penguin Books publishing company and an Apple app titled ‘The Whole Pantry’. It was evident that neither the tech giants nor the publishers thought to verify her assertions, thus leading to a $320,000 fine and a lot more emotional damage for the individual’s that Ms Gibson had provided false hope.

Context is everything, of course, and this job-for-life is one of the more crucial public office positions in the United States. Mr Kavanaugh had undergone six separate background checks during his career before the latest, which the FBI recently completed on behalf of the White House. Each of these will have been meticulous and thorough, right down to interviews with neighbours and acquaintances.

But you don’t have to be entrusted with national security clearance to pose a real risk to your employer. All staff members are in a position of trust, and even the humblest labourers or office workers will have privileged access to property – whether physical or intellectual. And this is not a theoretical risk – it’s a truism that employees or contractors cause the vast majority of security breaches.

The Compliance Perspective

Interviewing the ex-wives and sports coaches of factory and desk clerks is overkill and not economic. And that is where professional background checking comes in. It allows low hassle, cost-effective and fast checking for all recruits and employees to ensure everyone is what they claim to be, from the CEO to the company mascot.

Such checks will cover everything required to give HR directors and governing boards peace of mind: from criminal record checks and right-to-work documentation to education and qualification verifications and employment records.

A properly systematised process, supported by local intelligence, is essential to keeping costs low without compromising quality or effectiveness.

CRI Group is one of the few providers with a truly global reach and more than thirty years of experience in the sector. Our proven process means that we have one of the fastest turnaround times in the industry – typically just 3-5 days. Meanwhile, our more than 175 investigatory experts on the ground across the US, Europe, the Middle East and Asia, ensure we can navigate local customs, processes and regulations, no matter where your employees are based.

 

About CRI Group

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider.

We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds B.S. 102000:2013 and B.S. 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched the Anti-Bribery Anti-Corruption (ABAC) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification.

ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s international team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC for more on ISO Certification and training.

 

 

John Wood Group to Pay $177 Million to Settle Bribery Charges Inherited Through its Merger

John Wood Group Bribery Probe Trace Back to its Merger with Amec Foster Wheeler Plc.

John Wood Group Plc has agreed to pay $177 million to settle the UK led bribery and corruption probe into a British engineering firm it acquired in 2017. The settlement is part of a so-called deferred prosecution agreement with the Serious Fraud Office and the US Department of Justice concerning Amec Foster Wheeler Plc.

The UK agreement is still subject to court approval. As part of the deal, the company can avoid prosecution for three years if it cooperates in the continuing bribery probe. Wood Group’s payment is one of the largest ever obtained in the UK led bribery and corruption case. The biggest was a $1.2 billion settlement with Airbus SE that also involved the US and French authorities.

In 2017, the SFO opened an investigation into Amec’s use of third parties to gain contracts, just weeks after Shareholders approved wood Group’s proposed acquisition. The DOJ said the probe concerned a scheme to pay bribes to officials in Brazil for a $190 million contract to design a gas-to-chemicals complex.

As part of the deal announced, at least $10.1 million will settle charges brought by the US Securities and Exchange Commission. The DOJ said it would get about $18.4 million to resolve its criminal charges in the Brazil bribery probe. Amounts to be paid to the UK and Brazil are yet to be made public.

Wood Group announced that it was close to a settlement. It originally said it expected a deal for $186 million, with about $60 million paid in the first half of 2021 and the rest over three years. The company also agreed to pay $10 million to Scottish authorities earlier this year to settle the case.

“The investigations brought to light unacceptable, albeit historical, behaviour that I condemn in the strongest terms,” Wood Group Chief Executive Officer Robin Watson said in a statement. “Although we inherited these issues through acquisition, we took full responsibility in addressing them, as any responsible business would.”

The company has “cooperated fully with the authorities” and “taken steps to improve further our ethics and compliance program from an already strong foundation,” Watson said. “I’m pleased that, subject to final court approval in the UK, we have been able to resolve these issues and can now look to the future.”

The agreement comes amid criticism of the SFO and its inability to prosecute individuals after securing settlements with companies. Earlier this year, the SFO dropped its probe into former Airbus directors and was dealt a humiliating setback after its trial against two former Serco Group Plc directors fell apart because it failed to disclose evidence.

In May 2021, the SFO opened one of its biggest investigations into suspected fraud and money laundering concerning GFG Alliance and its financing agreements with Greensill Capital. It was after months of intense pressure from lawmakers to investigate Sanjeev Gupta’s empire.

John Wood Group bribery probe.

Source: Financial Crimes News

Join our mailing list and get exclusive industrial insights for subscriber-only!

The Importance of Due Diligence in Merger and Acquisition to Avoid a Similar Incident Happened like in John Wood Group.

Due diligence is understood as the reasonable steps taken to satisfy legal requirements in the conduct of business relations. That allows you to reduce risks – including risks arising from the FCPA (Foreign Corrupt Practices Act) and the UKBA (UK Bribery Act), to make informed decisions and to pursue takeovers or mergers with more confidence.

Unlike other kinds of control (audits, market analysis, etc.), it must be completely independent and rely as little on information provided by the researched subject. The other important difference lies in the methodology: commercial or financial due diligence analyses available information, investigative type provides reliable and pertinent, but raw, information.

Due diligence on potential business partners when adding a new vendor or hiring a new employee is vital to confirm the legitimacy and reduce the risks associated with such professional relationships. Global integrity due diligence investigations provides your business with the critical information it needs to make sound decisions regarding mergers and acquisitions, strategic partnerships, and the selection of vendors, suppliers, and employees.

It will ensure that working with an, i.e. potential trade partner will ultimately achieve your organisation’s strategic and financial goals. CRI Group investigators employ a proven, multi-faceted research approach that involves a global array of databases, courts and public record searches, local contacts, industry and media resources, and in-depth web-based research. Our resources include:

  • International business verification

  • Individual business interest search

  • Personal profile on individual subjects

  • Company profile on corporate entities

  • Historical ownership analysis

  • Identification of subsidiaries & connected parties

  • Global/national criminality & regulatory records checks

  • Politically Exposed Person database

  • International digital media research

  • Company background analysis

  • Industry reputational assessment

  • FCPA, UK Anti-Bribery & corruption risk databases

  • Global terrorism checks

  • Global financial regulatory authorities checks

  • Money laundering risk database

  • Financial reports

  • Asset tracing

  • Country-specific databases that include litigation checks, law enforcement agencies & capital market regulators

DueDiligence360™ from CRI Group™

WHAT DO YOU ACTUALLY KNOW ABOUT THE INTEGRITY OF THE PARTY & THEIR WAY OF DOING BUSINESS? DOES OR DID THIS PARTY ADHERE TO (INTER)NATIONAL REGULATIONS ON ANTI-CORRUPTION & ANTI-BRIBERY? IS IT POSSIBLE THAT THERE IS A LIABILITY RISK?

At CRI Group™, we specialise in Integrity Due Diligence, working as trusted partners to businesses and institutions across the world. Our people work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates.

CRI’s unique identity and vision evolved from our fundamental desire to support our clients and their candidates. Safeguard your business and its integrity with DueDiligence360™.

Our DueDiligence360™ expose vulnerabilities and threats that can cause serious damage to your organisation and can significantly reduce business. CRI Group is trusted by the world’s largest corporations and consultancies – outsource your due diligence to an experienced provider and you will only ever have to look forward, never back. Clients who partner with us benefit from our:

Expertise
CRI Group™ has one of the largest, most experienced and best-trained integrity due diligence teams in the world.

Global scope
Our multi-lingual teams have conducted assignments on thousands of subjects in over 80 countries, and we’re committed to maintaining and constantly evolving our global network.

Flexibility
Our DueDiligence360TM service is flexible and can apply different levels of scrutiny to the subjects of our assignments, according to client needs and the nature of the project.

DueDiligence360™ from CRI Group™

WHAT DO YOU ACTUALLY KNOW ABOUT THE INTEGRITY OF THE PARTY & THEIR WAY OF DOING BUSINESS? DOES OR DID THIS PARTY ADHERE TO (INTER)NATIONAL REGULATIONS ON ANTI-CORRUPTION & ANTI-BRIBERY? IS IT POSSIBLE THAT THERE IS A LIABILITY RISK?

At CRI Group™, we specialise in Integrity Due Diligence, working as trusted partners to businesses and institutions across the world. Our people work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates.

CRI’s unique identity and vision evolved from our fundamental desire to support our clients and their candidates. Safeguard your business and its integrity with DueDiligence360™.

Our DueDiligence360™ expose vulnerabilities and threats that can cause serious damage to your organisation and can significantly reduce business. CRI Group is trusted by the world’s largest corporations and consultancies – outsource your due diligence to an experienced provider and you will only ever have to look forward, never back. Clients who partner with us benefit from our:

Expertise
CRI Group™ has one of the largest, most experienced and best-trained integrity due diligence teams in the world.

Global scope
Our multi-lingual teams have conducted assignments on thousands of subjects in over 80 countries, and we’re committed to maintaining and constantly evolving our global network.

Flexibility
Our DueDiligence360TM service is flexible and can apply different levels of scrutiny to the subjects of our assignments, according to client needs and the nature of the project.

Procurement Risks: The 5 common Risks Every Organisation Needs to Know!

Procurement Risks: Your Lack of Due Diligence can Lead to Harm

Procurement risks: lack of due diligence can lead to harm. Procurement is one of the most critical areas of any organisation, large or small. Procurement officers secure the materials and goods that a business needs to be productive and successful. They ensure the best possible price, quality, delivery efficiency, and other important considerations.

Unfortunately, due to the very nature of dealing with third-party suppliers/vendors, procurement also requires an elevated level of risk management. As many high-profile cases have shown, supply-line problems can cause financial and reputational damage, sometimes on a grand scale.

The infamous horse meat scandal in the UK presents a classic scenario of the damage from risky third-party associations. Widely known international corporations, including Burger King and others, were forced to cut ties with a meat supplier after facing financial and reputational harm from the news that some of the supplier’s products were tainted with horseflesh.

The revelations of tainted meat resulted in international news headlines, waves of criticism from consumers and food products pulled from shelves and freezers in response to the uproar. As damaging as it was, the crisis helped illustrate why due diligence became more important as supply chains expanded and became more complex, especially among international organisations.

The procurement risks: How to minimise them?

The following are some priorities every organisation should have to minimise procurement risks in their procuring process:

Risk #1 – Know who your suppliers are

Due diligence is as vital in procurement as in any other business area, in some cases, more so. Third-Party Risk Management (3PRM™) services help organisations proactively mitigate risks from third-party affiliations, protecting organisations from liability, brand damage, and harm to the business. As part of this service, experts check supplier backgrounds to verify their financial viability, quality control, compliance standards and – most importantly – any prior legal or criminal action. Taking this step before you engage with a supplier or vendor can save some severe headaches down the road. Get our 3PRMTM and DueDiligence360TM brochures to learn more about our tailored investigative solutions.

Risk #2 – Consider your organisation’s reputation

The horsemeat scandal showed how quickly and drastically it can damage a well-respected organisation’s reputation and brand. Your procurement team should know that while the bottom line is essential, nothing is more critical than protecting the image and brand of the company. Cutting due diligence corners to secure the lowest price is not only unwise – it should be strictly against company policy.

Risk #3 – Find sustainable lines of supply

Seek out suppliers with long, successful backgrounds in their business. Find economically sound and socially conscious companies, using fair labour practices and promoting sustainable resources. It harmed the organisation when it discovered that a supplier was using child labour or other unethical or illegal methods to produce their goods. Implement a code of conduct with expectations for your contractors, suppliers and vendors, and review them regularly to ensure they follow your guidelines.

Risk #4 – Have backup suppliers in place

What happens when your primary vendor is suddenly out of compliance? Or folds up completely? If your production chain grinds to a halt, the damage can be severe and lasting to your organisation’s financial and reputational health. Ensure your procurement team has conducted due diligence on backup suppliers that you can turn to in a crisis. Spending a little more to keep the production lines open will be a small price to pay compared to seeing your business come to a standstill.

Risk #5 – Conduct a thorough risk assessment

Any organisation that hasn’t prepared a risk assessment of its procurement process should immediately do so. How else will you know what red flags or gaps make your organisation susceptible to fraud, waste, risk to reputation, or all of the above? Third-party risk management experts can help you develop and put in place an effective third-party risk assessment plan that keeps your organisation protected and minimises your exposure to unseen or unknown trouble spots.

Every organisation needs a successful and efficient procurement process. It also needs to be safe from the inherent risks with connections to third parties, including suppliers, vendors and contractors. When it comes to procurement, let CRI Group™ help you put proper risk management processes in place so you don’t have to worry about your supply chain putting you in tomorrow’s headlines.

Who is CRI Group™?

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider.

We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

 

5 Reasons To Run Employee Screening

Being HR professional, we have to deal with rigorous recruitment cycles, and for this, we must meet with several candidates before closing the vacancy. Every HR person has their style of evaluating the candidates, but one thing that needs to be kept in mind before making the final hiring decision is to “Never judge a book by its cover” (Stonehouse, 2017), since at times we might overlook some critical points, perhaps due to a fancy resume or qualification. Every HR professional should consider a crucial step before taking a candidate on board: run employee screening.

According to Business Week – 16% of executive resumes contain false academic claims and/or material omissions relating to educational experience. The U.S. Department of Labor estimates that the average cost of a bad hiring decision can equal 30% of the first year’s potential earnings. If you are an HR professional and reading this article, then I can assure you that other HR professionals must be thinking, “is it worth investing additional time and money in pre-employment background screening service?” Let me tell you the key benefits that you can gain from conducting pre-employment background screening services:

1. Better Compliance: It Keeps You Out of Legal Issues

Let’s suppose one of your employees commits fraud in your company, and after investigations, you came to know that the employee did the same with previous employers. At this point, you will regret not conducting their background check, as if you had conducted their employment and criminal check, then you wouldn’t have hired them in the first place.

2. Ensures Credibility When Performing Sensitive Tasks

In addition to legal issues, some background checks can verify a candidate’s creditability in performing their on-job duties. For instance, when a candidate is being hired for the accounts department where petty cash and the company’s account handling are their primary responsibilities, their employment check may come across that his previous employment has concluded due to mishandling of accounts.

3. Safer Work Environment: Keep Employees and Clients Safe

Conducting Background checks can also convey a message throughout the company’s stakeholders, especially its clients, that all employees hired in the company have gone through rigorous checks. Therefore, the data shared by the clients are in safe hands, thus increasing the overall integrity of the company and its staff.

4. Verifies Education and Certification

The increase in the number of fake degrees has amplified the importance of pre-employment check of educations. Therefore, all degrees and certificates of the applicant under consideration should be verified. The outcome of verification is not just about checking an applicant’s honesty but also verifying the legal status of the degrees and their issuing authorities.

5. Stronger Hires, More Savings: It Gives an Overall Picture of the Applicants

Apart from the interviews, pre-employment background checks can help the interviewer to make their hiring decision accordingly. For instance, candidates may have successfully cleared the interview process, but in their employment checks, the company found that they had resigned from their services after they were accused of sexual harassment by colleagues. Irrespective of how competent a candidate is for the vacancy, such red flags regarding the candidate’s behaviour can completely change the hiring decision and safeguard the company from future issues.

It is indeed worth spending extra time and money on pre-employment background screening because making a wrong hiring decision can not only increase recruitment cost and time but may also incur the cost of damage that employee has given to the company, whether in the form of litigation’s or damaging the company’s goodwill.

5 Reasons To Run Employee Screening
5 Reasons To Run Employee Screening
5 Reasons To Run Employee Screening
5 Reasons To Run Employee Screening
5 Reasons To Run Employee Screening

 

So, If Your Company is not Conducting Background Screening! Think Again!

Being in HR, you might be creating liability for the company by making the wrong hiring decision. It’s never too late to correct your actions, so contact us, and we can provide our employment background screening services. As it is rightly said, I quote, “better safe than sorry” (Bateson, 2008). 

CRI Group™, based in London, works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management and Due Diligence solutions provider. We have the largest proprietary network of background screening analysts and Investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

References

  1. Bateson, J., 2008. Building Hope: Leadership in the Nonprofit World. United States Of America: Greenwood Publishing Group.
  2. Stonehouse, R. A., 2017. You’re Hired! Job Search Strategies That Work. 1st ed. s.l.:eBookIt.com.

 

 

Q&A on How Corporate Fraud and Corruption Affect Businesses in the UAE 2021

CRI Group™ and its ABAC™ Center of Excellence were featured in Financier Worldwide’s InDepth Feature: Corporate fraud and corruption 2021. In this edition, CRI Group’s CEO Zafar Anjum and ABAC Group’s Scheme Manager Huma Khalid talk about how corporate fraud and corruption affect businesses not only in the UK and UAE, but across the globe, and provide solutions and insights for businesses to become better protected from corporate fraud, bribery and corruption.

Q. To What Extent have you seen a Notable Rise in the Level of Corporate Fraud, Bribery and Corruption Uncovered in the UAE?

A. The United Arab Emirates (UAE) remains the least corrupt country in the Middle East and North Africa region. It was perhaps fitting that the United Nations (UN) held its anti-corruption conference in the UAE just over a year ago. At the conference, delegates drafted anti-corruption resolutions and discussed asset recovery, international cooperation, and other topics in preparation for an upcoming special session of the UN General Assembly against corruption. Of course, there is still much work to be done. Fraud, bribery and money laundering are still problems in the UAE that require a united focus to overcome. Of special concern is the real estate sector, which some have called a haven for stashing and laundering cash. In some cases, these funds are linked to terrorist financing, raising the alarm beyond just the balance sheet for typical financial or corporate fraud.

Q. Have there been any Legal and Regulatory Changes Implemented in the UAE Designed to Combat Fraud and Corruption? What Penalties do Companies Face for Failure to Comply?

A. The recent Anti-Commercial Fraud Law in the UAE strengthened rules around counterfeiting and intellectual property (IP) theft, among other areas. In addition, lawmakers and regulators are applying an anti-fraud focus to other laws. A perfect example is the UAE’s Insolvency Law 2020. The Ministry of Finance announced that penalties will be imposed on those who fraudulently abuse the law. This could include making a fake claim or a sham debt against a debtor or illegally increasing a debt amount. Such offences are punishable by jail time and fines. An awareness campaign by the UAE Banks Federation (UBF), the Central Bank of the UAE (CBUAE), Abu Dhabi Police, and Dubai Police was the first such collaboration in the UAE and it comes as both corporate and consumer fraud have increased. Companies are expected to protect their stakeholders’ investments, and failure to do so can lead to regulatory and legal punishments.

Q. In your Opinion, do Regulators in the UAE have Sufficient Resources to Enforce the law in this area? Are they Making Inroads?

A. There are at least two daunting tasks facing regulators in the UAE at present: detecting and preventing money laundering and stemming the growing threat of cyber crime. While these problems are not unique to the UAE, they do require significant investment and increased investigation and enforcement efforts. Recent reports allege that illicit funds flow through ‘free trade zones’ and into real estate deals, such as luxurious properties in Dubai and other locations. The laws are in place to punish such crimes, but more inroads will need to be made to bring this under control in a country that largely succeeds at fighting fraud in other areas. Cyber crime is also a constant challenge that has been exacerbated by the COVID-19 pandemic. Many fraudsters have sought to take advantage of companies having to transition to different employment models, such as remote working. Fraud fighters are working hard to stay ahead of the curve in this regard.

Q. If a Company Finds itself Subject to a Government Investigation or Dawn Raid, How Should it Respond?

A. If a company finds itself under investigation, one of the first things it must do is mandate down the chain of command that employees cooperate fully with investigators. Any efforts to the contrary may be considered obstruction, and lead to more punishments or a higher likelihood of penalties at the end. In contrast, engaging in a good-faith effort to assist an investigation may weigh in the company’s favour.

Questions will arise, such as: Was this a surprise? What are the facts of the case? How did this occur? Legal counsel must be engaged immediately, but it is also important to speak with compliance officers, risk management, executives and the board in a transparent way to help the company move forward. Communicate a zero-tolerance policy toward fraud, and if employees are proven to have engaged in such behaviour, they should be terminated and prosecuted.

Q. What Role are Whistleblowers Playing in the Fight Against Corporate Fraud and Corruption? How Important is it to Train Staff to Identify and Report Potentially Fraudulent Activity?

A. Some business leaders falsely believe that audits, account reconciliation and other procedures offer the best protection against fraud. They are important functions, but they are not the most effective detection method. Fraud is often uncovered by tips, according to the ACFE’s Report to the Nations on Occupational Fraud and Abuse. Employees are truly the front line of defence for companies, and the first to throw up warning flags about unethical behaviour. The question is whether companies listen to their employees. And is there an easy, anonymous way for employees to submit tips, without fear of retaliation? Companies should educate employees about the red flags of fraud, and then make sure they know they can and should report it.

Q. What Advice can you Offer to Companies on Conducting an Internal Investigation to Follow up on Suspicions of Fraud or Corruption?

A. If the company does not have an experienced team of anti-fraud professionals on staff, it is crucial to enlist the help of an outside firm with experts who specialise in this area. There are mistakes companies make at the beginning of an investigation that can haunt them later. For example, most countries, including the UAE, have laws that govern the proper collecting and handling of evidence. With most evidence in a digital format, following the right protocols is more important than ever. There are also important guidelines for interviewing witnesses and those suspected of fraud which, when disregarded, could lead to a failed investigation. The bottom line is: do not go it alone – get expert professional help. And if criminal conduct is discovered, contact the authorities.

Q. What General Steps can Companies take to Proactively Prevent Corruption and Fraud within their Organisation?

A. Preventing and detecting fraud starts with a company’s employees, so training and communication are key. First, employees must be trained on what constitutes fraud, bribery and corruption, how to recognise it, and how to report it. Second, the company must communicate that fraud will not be tolerated on any level, and those who commit fraud will be terminated and prosecuted if they are found to have broken the law. Companies should also have anti-corruption and anti-fraud controls in place, including an employee code of conduct, regular and surprise audits, and a fraud reporting system available to employees, contractors and even customers. Achieving certification in internationally recognised standards, such as ISO 37001 ABMS, is a good practice too. When it comes to fraud and corruption, an ounce of prevention is worth a pound of cure. Being proactive is truly the only practical option for protecting the business and its assets.

 

Meet HUMA KHALID,  Scheme Manager

Huma Khalid, as scheme manager, is responsible for leading ABAC. Ms Khalid’s responsibilities include planning and overseeing all aspects of the ABAC programme, which include certification and training. Additionally, she oversees the compliance department for the implementation, management and internal audit of CRI Group’s and ABAC compliance programmes

ABAC™ Center of Excellence Limited | t: +44 (0)777 652 4355 | e: huma.k@abacgroup.com

About CRI Group™

CRI GROUP™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international risk management, employee background screening, business intelligence, due diligence, compliance solutions and other professional investigative research solutions provider. CRI Group™ has the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Its global presence ensures that no matter how international your operations are, the company has the network needed to provide you with all you need, wherever you happen to be. For more on our Risk Management solutions just check out our brochure:

View Risk Management Solutions Brochure

Corporate Fraud and Corruption: Affect on UK Businesses in the 2021

CRI Group™ and its ABAC Center of Excellence were featured in Financier Worldwide’s InDepth Feature: Corporate fraud and corruption 2021. In this edition, CRI Group’s CEO Zafar Anjum and ABAC’s Scheme Manager Huma Khalid talk about how corporate fraud and corruption affect businesses not only in the UK and UAE, but across the globe, and provide solutions and insights for businesses to become better protected from corporate fraud, bribery and corruption.

Q. To what extent have you seen a notable rise in the level of corporate fraud, bribery and corruption uncovered in the UK?

A. The COVID-19 pandemic has created increased opportunities for fraud worldwide. The UK is not immune, unfortunately, and such a disruptive event as the pandemic increases the likelihood that normal safeguards and risk management controls can be bypassed and subverted. There has been an increase in reported fraud and corruption cases over the past year. A survey of fraud experts by the Association of Certified Fraud Examiners (ACFE) in August 2020 showed that 77 percent were seeing an increase in fraud. Perhaps not surprisingly, cyber fraud is the fastest-growing problem area, but there has also been an uptick in unemployment fraud. This is bad news in the UK, where fraud is our most common crime, costing the country £190bn annually, according to the Royal United Services Institute (RUSI).

Q. Have there been any legal and regulatory changes implemented in the UK designed to combat fraud and corruption? What penalties do companies face for failure to comply?

A. There is proposed legislation, supported by the secretary of state of the UK’s Department of Business, Energy and Industrial Strategy, that would increase accountability for corporations that produce falsified financial statements. This includes a provision that would require company directors to personally sign off on their corporation’s financial statements, under penalty of fines and possible prison time. Under the Sarbanes-Oxley Act in the US, the penalty for falsely certifying such statements is steep: up to 20 years in prison and up to $5m in fines, and the UK is looking at similar measures to step up its fight against fraud and corruption. The UK also recently approved the formation of an audit, reporting and governance authority (ARGA) that should come into force within the next two or three years. Accordingly, the UK is taking a stronger stance against fraud going forward.

Q. In your opinion, do regulators in the UK have sufficient resources to enforce the law in this area? Are they making inroads?

A. Combatting fraud is never straightforward. When looking at progress in detecting and preventing fraud, it sometimes feels like a question of whether the glass is half full or half empty. For example, the Serious Fraud Office (SFO) brought 13 fraud defendants to trial in 2019 and 2020, with a 95 percent fouryear success rate by case. Many of these represent large frauds, and they are meaningful wins, but how many more fraudsters are out there undiscovered? Other bodies, including Her Majesty’s Revenue and Customs (HMRC), among others, also have key roles to play in investigating fraud, but a considerable amount of fraud is still investigated and prosecuted at the local level. It is important for leaders in the UK to know what resources law enforcement have and where they need training and support in the fight against fraud.

Q. If a company finds itself subject to a government investigation or dawn raid, how should it respond?

A. Any investigation, and especially a raid, can be an incredibly stressful time for a company and its employees. The important thing is to not panic – the investigators have a job to do, and the sooner they get to the truth of the situation, the better for everyone. Companies should direct their management and their employees to cooperate fully, while also engaging legal counsel to properly protect the corporation from future litigation. If fraud is detected, it is a criminal matter and the company should make a good faith effort to work with prosecutors and regulators, while making sure to document all control measures and prior steps taken to manage fraud risk. Having a track record of meeting compliance requirements and having proper internal controls in place at the time fraud occurs could have a mitigating effect in terms of potential prosecution and penalties down the road.

Q. What role are whistleblowers playing in the fight against corporate fraud and corruption? How important is it to train staff to identify and report potentially fraudulent activity?

A. Employees are a company’s first line of defence against fraud and corruption. But training them to recognise the red flags of fraud is only half of the process. The company must also implement a reporting system that is anonymous and easy to use, so that employees are encouraged to report any suspicions. Then, the company must follow through and fully investigate any reports that do come in. If it does not, whistleblowers will believe that combatting fraud and corruption is not a corporate priority, and the tips will stop coming in. How important are those tips? According to the ACFE, they are by far the highest detection method for fraud, well above audits and other means. The company should communicate that a whistleblower hotline or online reporting system is available, and that there is a zero-tolerance policy for any type of retaliation against whistleblowers. Over time, the tips will come in.

Q. What advice can you offer to companies on conducting an internal investigation to follow up on suspicions of fraud or corruption?

A. Investigations can be challenging, and they require expertise. For example, there are rules for collecting and handling evidence, including physical evidence and witness statements, that must be followed for such evidence to be admissible in court. There are also laws in the UK dealing with privacy and the rights of the accused. The bottom line is that a company already dealing with a potentially costly and damaging fraud scenario should not risk adding more legal trouble through a faulty investigation. Hire experts who deal with corporate crime and specialise in fraud and corruption cases. Like any other area of expertise, they will have the knowledge and resources to help proceed with an investigation and lead it to the most favourable outcome for your company. If you already have anti-fraud professionals on staff, let them take the lead, but provide outside resources as needed.

Q. What general steps can companies take to proactively prevent corruption and fraud within their organisation?

A. A fraud prevention strategy has many different elements, and the sooner companies implement them, the sooner they can begin to work together in a proactive way to prevent fraud. Mandating employee training, such as ISO 37001 ABMS, having an ethical code of conduct signed by every member of staff, providing regular and surprise audits, and implementing a fraud reporting system are all effective ways to help prevent and detect fraud and corruption. None of these methods is strong enough on its own to properly protect organisations. But together, they can be very effective. It is also important to set a ‘tone at the top’, from ownership, directors and management on down, that fraud will not be tolerated. Anti-fraud controls only work if the company sees them through and thoroughly investigates every report. When fraud is confirmed, any perpetrators should be terminated and potentially prosecuted, sending a message of zerotolerance.

 

Meet HUMA KHALID,  Scheme Manager

Huma Khalid, as scheme manager, is responsible for leading ABAC. Ms Khalid’s responsibilities include planning and overseeing all aspects of the ABAC programme, which include certification and training. Additionally, she oversees the compliance department for the implementation, management and internal audit of CRI Group’s and ABAC compliance programmes

ABAC Center of Excellence Limited | t: +44 (0)777 652 4355 | e: huma.k@abacgroup.com

 

About CRI Group™

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business IntelligenceDue Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group™ launched Anti-Bribery Anti-Corruption (ABAC™) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC™ operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC™ for more on ISO Certification and training.

 

Cyber Security: How to Maintain GDPR Compliance?

The European Union’s (EU) General Data Protection Regulation (GDPR) came into force in 2018. The GDPR was a response to massive worldwide data breaches that were undermining the trust and security of private citizens whose personal information was at stake. As this data was exposed by both hackers and, in some cases, simply through poor security measures, governments of the EU felt it was time to create a strong piece of governance to bolster protection. While the initial rollout of GDPR held some uncertainty and unknowns for organisations subject to its guidelines, there is now a much clearer picture of how its standards apply. The punishments for being caught out of compliance can be severe: Violators of the GDPR may be fined up to €20 million or up to 4 percent of the annual worldwide turnover of the preceding financial year in case of an enterprise, whichever is greater.

Cybersecurity is a Priority for the Management

Even with extremely high fines and stringent requirements, GDPR violations and data breaches have been skyrocketing across the world. In 2020, the overall increase of fraudulent activities has been detected, based on ACFE’s “Fraud in the Wake of COVID-19: Benchmarking Report”: 77% of survey participants have seen an increase in the overall level of fraud as of August, compared to 68% who had observed an increase in May. Earlier we wrote how the COVID-19 crisis triggered fraudulent activities and what can businesses do to support anti-fraud movements in their organisations and to strengthen their immunity to fraud. However, cyber-attacks are on the rise – the survey by the gov.uk continues to show that cybersecurity breaches are a serious threat to all types of businesses and charities. 39% of businesses and 26% of charities reported having cybersecurity breaches or attacks in the last 12 months. Like previous years, this is higher among medium businesses (65%), large businesses (64%) and high-income charities (51%).

The study suggests that the risk level is potentially higher than ever under COVID-19 and that businesses are finding it harder to administer cybersecurity measures during the pandemic: 35% of businesses compared to 40% last year are now deploying security monitoring tools. This reduction suggests that these organisations might simply be less aware than before of the breaches and attacks their staff are facing.

However, among those that have identified breaches or attacks, around 27% of businesses experience them at least once a week. The most common by far are phishing attacks (83%, and 79% in charities), followed by impersonation (for 27% and 23%). Based on a survey by the gov.uk, despite COVID-19 stretching many organisation’s cybersecurity teams to their limits, cybersecurity remains a priority for management boards. But it has not necessarily become a higher priority under the pandemic. Three-quarters (77%) of businesses say cybersecurity is a high priority for their directors or senior managers, while seven in ten charities (68%) say this of their trustees.

The Most Notable Data Breaches

In the climate where organisations are putting more emphasis on strengthening their online security systems, there is no shortage of data breaches or GDPR violations. Our experts have noticed and shortlisted a few most notable cases in any order for you to be aware:

1. Booking.com

The very recent case, when travel booking website Booking.com has been hit with a  €475,000 ($560,000) fine after failing to report a data breach within the time period mandated by the GDPR. It happened back in 2018 when telephone scammers targeted 40 employees at various hotels in the United Arab Emirates (UAE). The hackers were able to get login creations for the booking system and to access the personal details of more than 4000 customers who booked hotel rooms via booking.com. The scammers exposed the credit card details of 283 customers, and in 97 cases the CVV code was also compromised. Based on GDPR, the data breach must be reported within 72 hours. Booking.com was late for 22 days (!) to report the breach to the Dutch Data Protection Authority and was issued a fine in April 2021, as reported by Forbes.

2. Twitter

Another company that was late to report the security flaw is Twitter – it was discovered in December 2018 but the social media giant did not report it to Ireland’s Data Protection Commission (DPC) until the following month. As a result, Twitter has been told to pay a €450,000 GDPR fine by Ireland’s data regulator for failing to report a 2018 data breach in the legally required timeframe. The DPC also determined that Twitter failed to adequately document the breach, another requirement under GDPR.

3. Vodafone

The firm that has been warned or fined smaller amounts on at least 50 occasions between January 2018 and February 2020, is in the news again: the Spanish data protection authority has fined Vodafone €8.15 million (approximately £7 million) for aggressive telemarketing tactics and repeated data protection failures. The fine was issued as a result of an investigation that was prompted by hundreds of complaints, with the regulator discovering a system that held up to 4.5 million contact lists purchased from third parties without user consent.

4. Facebook

And another social media giant – Facebook. Ireland’s data protection watchdog is demanding answers from Facebook over the release of records on 533 million people that appeared to stem from the social media site. As reported in April 2021, a spokesman for the Data Protection Commission (DPC) – which regulates Facebook in the European Union – said “a dataset, appearing to be sourced from Facebook, has appeared on a hacking website this weekend for free and contains records of 533 million individuals.”

5. H&M

The Data Protection Authority of Hamburg, Germany, fined clothing retailer H&M €35,258,707.95 — the second-largest GDPR fine ever imposed. H&M’s GDPR violations involved the internal monitoring of employees. After employees took vacation or sick leave, they were required to attend a return-to-work meeting. Some of these meetings were recorded and accessible to over 50 H&M managers. It has violated the GDPR’s principle of data minimisation — don’t process personal information, particularly sensitive data about people’s health and beliefs, unless you need to for a specific purpose.

6. Google

The biggest penalty (€50 million) was issued to Google for its alleged failure to provide notice in an easily accessible form, using clear and plain language, when users configure their Android mobile devices and create Google accounts, and obtain users’ valid consent to process their personal data for ad personalisation purposes. 

COMPLIANCE & ETHICS HOTLINES, REPORT NOW

How to Maintain GDPR Compliance

What can we learn from these case studies? Maintaining GDPR compliance is a complex process, and requires a lot of diligent work. At CRI Group, we recommend looking at it as a part of your risk management strategies, together with your compliance policies and procedures.

To help you with maintaining compliance with GDPR, our integrity due diligence experts created the following top 10 GDPR best practices for any business or entity that deals with collecting, storing or using personal information:

1. Employ a Data Protection Officer (DPO)

It is a GDPR requirement that entities who carry out regular and systematic monitoring of individuals on a large scale, or large-scale processing of certain special categories of data, have an assigned DPO. It is also recommended, however, for all other entities to help ensure data security. While the GDPR does not specifically list the necessary training or qualifications of a DPO, the regulation does require the DPO to have “expert knowledge of data protection law and practices” (Digital Guardian, 2019). Implement thorough background screening processes and make sure they are trained and qualified to be your DPO.

2. Train Your Employees

Ensure that all personnel are aware of the GDPR and your organisation’s commitment to compliance. Make sure that all leaders, and especially key personnel charged with collecting, handling or storing data, understand their responsibilities under GDPR. Make date protection training a regular part of your employee curriculum.

3. Confirm the Legality of Your Data Collection

GDPR requires that you have a legal basis to collect personal data. For most businesses, the following are the most likely to be applicable:

  • The information is necessary to perform a contract between the organisation and the individual;
  • You have a legal obligation to process the data (such as a court order);
  • The organisation has a legitimate interest in collecting and processing the data – in other words, there needs to be a relationship and business reason to collect the date (it cannot be random);
  • The individual has provided direct consent to the processing of the data.

4. Maintain thorough Records

For larger organisations (more than 250 employees), GDPR requires that records of data collection and processing be maintained. Again, this is also a best practice for smaller organisations, as well. It can help establish that the organisation is dutifully complying with the data protection principles in GDPR. Take inventory and make a record of the data you have collected and are storing to date. Create a detailed matrix to understand what types of data you are holding, where/how it is collected, how and where it is held, and whether it is still needed. Based on this information, you can also develop a data-retention policy to govern how long personal data is kept and stored. Keeping data on file longer than needed is a liability, and serves no business purpose.

5. Establish Consent Policies for Data

For some of your records, consent is your lawful basis for holding it. Under GDPR, it is no longer acceptable to assume consent in your collected data, or treat silence as consent. Create clear and unambiguous consent forms for your data collection that demonstrate adherence to GDPR principles. And remember, under GDPR, you must make it a simple process for an individual to withdraw their consent at any time.

6. Perform Due Diligence on Third-Parties

Under GDPR, your organisation is responsible if third-party partners collect, store or manage data for your organisation. You must ensure their compliance with GDPR as if it is your own since they are responsible for your data. This is the time to update your contracts with them to include compliance measures, as needed. It is also important that you review their control systems and their data handling processes. They must be comprehensive and meet all of the GDPR requirements to keep data secure. CRI Group’s third-party risk management experts can help you conduct effective reviews of your partners and their processes.

7. Be Responsive

Under GDPR, your organisation must respond to requests from individuals whose data you have collected and/or are storing. These requests are spelt out as individuals rights in regards to their personal data and they include the following:

  • Right to be informed about what data is collected and why;
  • Right of access to data that has been collected;
  • Right to rectification/correction of inaccurate data;
  • Right to erasure of data (“right to be forgotten”);
  • Right to restrict processing of personal data;
  • Right to data portability;
  • Right to object to use of data; and
  • Right not to be subject to automated decision making, including profiling.

Have a process in place to timely respond to requests and provide data when requested in order to stay in compliance.

8. Have Written Policies in Place

Develop your internal policies in regards to GDPR and how you protect personal data, and communicate them across your organisation. Take special note to spell out policies on data retention, cross-border processing of data, and how you collect and handle data for persons under the age of 16, as GDPR has special requirements in regards to children’s data.

9. Conduct Risk Assessments

GDPR requires Data Protection Impact Assessments in certain cases. These assessments measure your organisation’s ability to protect personal data and risks associated with that protection. If your data processing is considered high-risk, uses new technology, or deals in large-scale processing of data in certain categories, the assessments are required – but for any organisation, they are recommended. Data protection experts at an outside firm like CRI Group™ can help you prepare robust risk assessments and follow-up plans to address their results.

10. Be Prepared for a Breach

A worst-case scenario in data security is a breach that exposes personal information. Under the steps above, your organisation should be well-positioned to prevent or limit any breach to your data security. However, you should always have a contingency plan in place to immediately respond to a breach should it occur. Understand that GDPR requires that the applicable EU data protection supervisory authority be notified within 72 hours of a breach. Gone are the days where a company can announce it weeks or even months after the fact. Be ready to notify the affected individuals that their data has been compromised, so that they can take the appropriate steps to respond.

Organisations don’t like to think about the impact of a data breach – but major cases have pushed governments to act in the public’s interest. Perhaps nowhere is this more true than in the EU, where the GDPR is now the governing policy for organisations that deal with individuals’ personal data. By being proactive with the steps above, your organisation can be better prepared and maintain compliance with the GDPR. Most importantly, you will have the confidence and trust of your consumers through effective best practices in handling and protecting their data. CRI Group’s experts are here to help. Contact us today so that we can walk you through the steps of GDPR compliance. If you have any further questions or interest in implementing compliance solutions, please contact us.

Stay Updated on the Go

Sign up for risk management, compliance, corporate and background investigations, business intelligence and due diligence related news, solutions, events and publications.