How Risk Management and Due Diligence Interlock?

These are challenging and complex times. COVID-19 is forcing organisations to adapt quickly and change their business model in the process. In an era of compliance, with many regulations and regional “interpretations”, leaders and organisations need to be careful about how they conduct business, who conducts business in their name and with whom. This demands extraordinary attention to the means and mechanisms used by the organisation.

Due diligence, in legal terms, entails taking reasonable steps to satisfy any legal or regulatory requirement, regardless of size or type of business conducted. Businesses also need to take any of a number of mandated steps to ensure that the organisation remains safe from any unwanted or unauthorised action taken in their behalf. For example, when making an investment such a merger or an acquisition, the organisation needs to take the appropriate action on the proper due diligence necessary to make the most informed decision possible.

Being casual about the due diligence process is a failure to execute the proper level of investigation regarding the assets being purchased or financed or the management team being backed and vetted.

Where Risk Management Comes into Play…

Risk management is the identification, evaluation, and prioritisation of risks (defined in ISO 31000 as the effect of uncertainty on objectives) followed by coordinated and economical application of resources to minimise, monitor, and control the probability or impact of unfortunate events or to maximise the realisation of opportunities. A formal business discipline that relies on the forecasting and evaluation of any risks, along with identification and (where feasible or warranted) implementation of procedures to avoid or minimise their impact.

Using ISO 31000 can help organisations increase the likelihood of achieving objectives, improve the identification of opportunities and threats and effectively allocate and use resources for risk treatment. Learn more with our “ISO 31000 Playbook”

Risks can come from various sources including your employees. From a risk management perspective, the penalties on conducting business that can result from unwanted or unauthorised third-party relationships or any employee unethical business action are very high—making it imperative to perform due diligence when trying to protect your business and brand.

Inadequate due diligence can easily take down an organisation; from damaged reputation to brand devaluation, from regulatory violations to fines and jail terms for directors, the risks are very high.

The risks from losses of such potential magnitude should not be ignored. At such cost, implementing the most stringent and effective controls and protections in place even at a cost STILL makes absolute financial sense. And the only way to fully protect a corporation’s assets, therefore, is through a strong and viable 360 due diligence program.

Learn more about “When is due diligence most critical?”

Managing risk and due diligence should begin with a policy and a plan. Here we will focus on the human element of risk management, specifically background investigations. Organisations need to perform due diligence to make sure that their business is adequately conducted by their employees and through their partners’ and vendors. Such insurance invariably includes regular security audits, ISO certification, pre-employment background checks, TPRM, etc…

There are several incentives to practice due diligence and perform risk management to ensure you conduct business appropriately and comply with all applicable laws and regulations. Anything less is just asking for trouble and losses!

What Can (and Should) Organisations and Risk Professionals Do?

The very first step to mitigating risks and exposures starts with a risk assessment. There are plenty of risk assessment checklists and tools available. If you want to dive deeper into how to start a risk assessment, just read our “Risk assessment breakdown: Identification, Analysis, Evaluation” to learn more. Once risk professionals get a handle on their due diligence processes and other compliance regimes, it’s time to start the entry process into the regulatory life cycle:

Prioritisation and planning
Implementation of a response
Integration of related tools, technologies, audits, processes and procedures to integrate compliance into normal operations

The first steps toward achieving compliances are usually big ones and may require substantial time and effort. But after that, it’s just a matter of sticking to a routine to maintain compliance, meet reporting requirements and keep up with changes to governing regulations and day-to-day tools and operations.

About CRI Group

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 19600:2014 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

Prove that your business is ethical with a Gap Analysis (FREE)

Prove that your business is ethical. Complete our FREE Highest Ethical Business Assessment (HEBA) and evaluate your current Corporate Compliance Program. Find out if your organisation’s compliance program is in the line with worldwide Compliance, Business Ethics, Anti-Bribery and Anti-Corruption Frameworks. Let ABAC® experts prepare a complimentary gap analysis of your compliance program to evaluate if it meets “adequate procedures” requirements under UK Bribery Act, DOJ’s Evaluation of Corporate Compliance Programs Guidance and Malaysian Anti-Corruption Commission.

The HEBA survey is designed to evaluate your compliance with adequate procedures to prevent bribery and corruption across the organisation. This survey is monitored and evaluated by qualified ABAC® professionals with Business Ethics, Legal and Compliance background. The questions are open-ended to encourage a qualitative analysis of your Compliance Program and to facilitate the gap analysis process.

The survey takes around 10 minutes to complete.

TAKE THE SURVEY NOW!

Share Insights

Filed under: 3PRM, All Industries, All Regions, Due diligence, Insights by admin
No Comments »

Importance of leadership and culture for ABMS Corruption: An Impending Doom on Investments

Comments are closed.

Contact Us

Email: info@crigroup.com

Newsletter subscription

Sign up for risk management, compliance, corporate and background investigations, business intelligence and due diligence related news, solutions, events and publications.

Subscribe Today

Background screening survey

Your opinion matters! Participate in the background screening survey now and let us know how COVID-19 and WFH has affected your business.

ANSWER THE SURVEY NOW

CONTACT DETAILS

LONDON:
Corporate Research and Investigations Limited
2nd Floor, 5 Harbour Exchange Square South Quay, London E14 9GE United Kingdom

Tel: +44 207 8681415 | +44 758 8454959
Email: london@crigroup.com

DUBAI:
Corporate Research and Investigations Limited
917, Liberty House, DIFC P.O. Box 111794 Dubai, U.A.E.

Tel: +971 43588577 | +971 43589884
Toll Free: +971 800 274552
Email: cridxb@crigroup.com

Publications

Getting Started with Risk Management?

Download this ISO 31000 Risk Management playbook now!

Download

RISKS OF CYBERCRIME AND SOCIAL MEDIA: NEW PLAYBOOK

Complete Guide on How to Protect Your Organisation and Team! Take the first steps towards developing measures against cybercrime! This paper critically examines the growth of cybercrime, evaluating the risks it poses in terms of the different forms of cybercrime that exist and the regulations that seek to detect, prevent and punish them.

Download

Resources | EU Directive Corporate due diligence and corporate accountability

Download the study on Corporate due diligence and corporate accountability by EPRS (European Parliamentary Research Service)

Download

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.