We’re All Paying a High Price for Corporate Corruption

Corruption weakens governments, fuels organised crime, stifles economic growth and discourages development. International corruption continues to undermine the progress of developing nations as rogue politicians, civic leaders and corporate representatives conduct “business as usual” to bypass bureaucratic red tape or circumvent competitive processes. But the world is taking notice and punishing those organisations accused of corruption practices. From damaged corporate reputations that lead to brand and stock devaluation to negative investor perceptions, legal action and even jail terms for corporate directors, the high cost of corruption can have a lasting effect on even the most diligent organisations.

Companies worldwide can fall victim at any time to bribery and corruption practices, particularly those organisations with multi-national operations utilising vast networks of third-party agents, suppliers, distributors and consultants. Navigating the complex web of multi-jurisdiction laws and regulations around the world related to anti-bribery and anti-corruption practices can be daunting, exhausting financial resources and taxing personnel. But now there’s an all-encompassing solution for building strong global compliance frameworks and safeguarding your organisation from third-party risks.

Global efforts to fight bribery and corruption 

The past decade has seen a dramatic rise in the prosecution of organisations accused in bribery schemes. Often regarded in many regions as a standard operating procedure necessary to move business along, the practise of bribery is fast becoming a focal point for governments and global watchdogs’ intent on levying heavy fines and penalties for companies involved in the practice. In this situation which with the course of time, regional and international regulations are becoming stricter, particularly companies that are in the supply chain (importers, exporters, third-party service providers or indenters) for any foreign company.

Foreign companies are now being penalised if discovered that companies in their supply chain are involved in corrupt practices. These companies are increasingly complying with international laws such as the Foreign Corrupt Practices Act (FCPA), Malaysian Anti-Corruption. Commission (Amendment) Act 2018 introduced a new far-reaching corporate liability provision, the UK Bribery Act, Brazilian Clean Company Act. This progress intends to eliminate corruption from supply chains and third-party working relationships of foreign companies. Companies that are not complying with these laws are being panelised and prosecuted heavily.

ABAC® Center of Excellence Limited “ABAC Certification”

Anti-Bribery Anti-Corruption Center of Excellence Limited “ABAC Certification” was created to educate, equip and support the world’s leading business organisations with the latest in best-practice due diligence processes and procedures. We provide world-class services to organisations seeking to validate or expand their existing compliance frameworks to maintain a competitive edge in the world marketplace. The ABAC® Center of Excellence offers a complete suite of world-class services and solutions designed to help organisations mitigate the internal and external risks associated with operating in multi-jurisdiction and multi-cultural environments.

Bribery and Corruption Risk Management

ABAC Certification provides an expert audit of your existing risk management system to assess effectiveness and vulnerabilities while ensuring your organisation adequately complies with FCPA regulations, UK Bribery Act laws, Anti-Money Laundering regulations, and other global, regional and local regulations.

ISO 37001:2016 Certification

CRI Group offers independent global accredited ISO 37001:2016 certification to ensure that your organisation complies with this newly established standard, which is recognised and practised in more than 160 countries worldwide. Our auditors and analysts work with your team to develop policies, communications, training, monitoring and reporting measures that integrate seamlessly with your existing management processes and controls.

ABAC Certification & Strategies

ABAC® Certification’s exclusive Third-Party Risk Management-3PRM-Certified™ solution provides the very best in third-party bribery and corruption risk management, corporate compliance program, providing a proactive approach to mitigating risks from third-party affiliations and protecting your organisation from liability, brand damage and harm to the business. ABAC® presents innovative and globally accepted risk management solutions with an accredited corporate compliance program that can be applied to any organisation.

Becoming Compliant: The Benefits of ISO 37001 Certification

Because ISO 37001 is built around a set of generally accepted requirements, global organisations can become certified in the standard, utilising the services of an accredited third-party certifying body. Certification will add a distinct level of credibility to the organisation’s management systems and must be completed by a qualified, independent third-party specifically versed in ISO 37001:2016 certification. Becoming certified in ISO 37001 enables the organisation to demonstrate that it has adequate procedures in place to detect and prevent bribery on a multi-national level. Additionally, such certification:

  • Ensures that the organisation is implementing a viable anti-bribery management program utilising widely accepted controls and systems.
  • You are minimising corruption and bribery lawsuit likelihood.
  • Lessening the possible litigation penalty through demonstrating an effective and adequate compliance program
  • Assures management, investors, business associates, personnel and other stakeholders that the organisation is actively pursuing internationally recognised and accepted processes to prevent bribery and corruption.
  • Protects the organisation, its assets, shareholders and directors from the effects of bribery.
  • Provides acceptable evidence to prosecutors or courts that the organisation has taken reasonable steps to prevent bribery and corruption.

Bribery continues to be a significant problem on a worldwide scale and conforming to an internationally recognised standard to combat the practice while promoting ethics in business will help organisations succeed in the ever-expanding global marketplace. Contact us today to learn more about safeguarding your organisation from the outside risks associated with multi-national business affiliations.

Filed under: Anti-Bribery Anti-Corruption Solution, ISO 37001, Resources by admin
No Comments »

« Previous Page

    CONTACT US

    Contact us to discuss any feedback.
    Headquarter: +44 7588 454959
    Local: +971 800 274552
    Email: info@crigroup.com
    Contact us to discuss any feedback.
    Headquarter: 454959 7588 44
    Local: 274552 800 971
    Email: info@crigroup.com

    NEWSLETTER SUBSCRIPTION

    Sign up for risk management, compliance, corporate and background investigations, business intelligence and due diligence-related news, solutions, events and publications.

    Sign up for risk management, compliance, corporate and background investigations, business intelligence and due diligence-related news, solutions, events and publications.

How Risk Management and Due Diligence Interlock?

RISK MANAGEMENT AND DUE DILIGENCE: HOW DO BOTH INTERLOCK?

Risk management and due diligence: How both interlock? These are challenging and complex times. COVID-19 is forcing organisations to adapt quickly and change their business model in the process. In an era of compliance, with many regulations and regional “interpretations”, leaders and organisations need to be careful about how they conduct business, who conducts business in their name and with whom. This demands extraordinary attention to the means and mechanisms used by the organisation.

Due diligence, in legal terms, entails taking reasonable steps to satisfy any legal or regulatory requirement, regardless of the size or type of business conducted. Businesses also need to take several mandated steps to ensure that the organisation remains safe from any unwanted or unauthorised action taken on their behalf. For example, when making an investment such as a merger or an acquisition, the organisation needs to take the appropriate action on the proper due diligence necessary to make the most informed decision possible.

Being casual about the due diligence process is a failure to execute the proper level of investigation regarding the assets being purchased or financed or the management team being backed and vetted.

Where does Risk Management Come into Play?

Risk management is the identification, evaluation, and prioritisation of risks (defined in ISO 31000 as the effect of uncertainty on objectives) followed by coordinated and economical application of resources to minimise, monitor, and control the probability or impact of unfortunate events or to maximise the realisation of opportunities.

A formal business discipline that relies on the forecasting and evaluation of any risks, along with identification and (where feasible or warranted) implementation of procedures to avoid or minimise their impact. Using ISO 31000 can help organisations increase the likelihood of achieving objectives, improve the identification of opportunities and threats and effectively allocate and use resources for risk treatment.

DOWNLOAD ISO 31000 PLAYBOOK

Risks can come from various sources including your employees. From a risk management perspective, the penalties on conducting business that can result from unwanted or unauthorised third-party relationships or any employee unethical business action are exceedingly high making it imperative to perform due diligence when trying to protect your business and brand.

Inadequate due diligence can easily take down an organisation; from damaged reputation to brand devaluation, from regulatory violations to fines and jail terms for directors, the risks are exceedingly high.

The risks from losses of such potential magnitude should not be ignored. At such cost, implementing the most stringent and effective controls and protections in place even at a cost still makes absolute financial sense. And the only way to fully protect a corporation’s assets, therefore, is through a strong and viable 360 due diligence program.

Learn more about due diligence from this article. When is due diligence most critical?

Managing risk and due diligence should begin with a policy and a plan. Here we will focus on the human element of risk management, specifically background investigations. Organisations need to perform due diligence to make sure that their business is conducted by their employees and through their partners and vendors. Such insurance invariably includes regular security audits, ISO certification, pre-employment background checks, TPRM, etc.

There are several incentives to practice due diligence and perform risk management to ensure you conduct business appropriately and comply with all applicable laws and regulations. Anything less is just asking for trouble and losses!

What Can and Should Organisations and Risk Professionals Do?

The very first step to mitigating risks and exposures starts with a risk assessment. There are plenty of risk assessment checklists and tools available. If you want to dive deeper into how to start a risk assessment, just read our Risk assessment breakdown: Identification, Analysis, Evaluation to learn more. Once risk professionals get a handle on their due diligence processes and other compliance regimes, it’s time to start the entry process into the regulatory life cycle:

  1. Prioritisation and planning
  2. Implementation of a response
  3. Integration of related tools, technologies, audits, processes and procedures to integrate compliance into normal operations

 

The first steps toward achieving compliances are usually big ones and may require substantial time and effort. But after that, it’s just a matter of sticking to a routine to maintain compliance, meet reporting requirements and keep up with changes to governing regulations and day-to-day tools and operations.

About CRI Group™

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background ScreeningBusiness IntelligenceDue DiligenceCompliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group™ launched the Anti-Bribery Anti-Corruption (ABAC™) Center of Excellence – an independent certification body established for ISO 37001 Anti-Bribery Management SystemsISO 37301 Compliance Management Systems and ISO 31000 Risk Management, providing training and certification. ABAC™ operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group™’s global team of certified fraud examiners work as a discreet, white-labelled supplier to some of the world’s largest organisations. Contact ABAC™ for more on ISO Certification and training.

Prove that your business is ethical with our free Gap Analysis

Evaluation of Corporate Compliance Programs – Highest Ethical Business Assessment: Evaluating Adequate Compliance, Business Ethics, Anti-Bribery and Anti-Corruption Framework

Prove that your business is ethical. Complete our free Highest Ethical Business Assessment (HEBA) and evaluate your current Corporate Compliance Program. Find out if your organisation’s compliance program is in the line with worldwide Compliance, Business Ethics, Anti-Bribery and Anti-Corruption Frameworks. Let ABAC™ experts prepare a complimentary gap analysis of your compliance program to evaluate if it meets “adequate procedures” requirements under the UK Bribery Act, DOJ’s Evaluation of Corporate Compliance Programs Guidance and Malaysian Anti-Corruption Commission.

The HEBA survey is designed to evaluate your compliance with adequate procedures to prevent bribery and corruption across the organisation. This survey is monitored and evaluated by qualified ABAC™ professionals with Business Ethics, Legal and Compliance backgrounds. The questions are open-ended to encourage a qualitative analysis of your Compliance Program and to facilitate the gap analysis process.

The survey takes around 10 minutes to complete.

TAKE THE SURVEY NOW!

 

Filed under: All Industries, All Regions, Due Diligence, Resources, Third-Party Risk Management by admin
No Comments »

« Previous Page

Risk management and its continuous improvement

Risk management requires continuous improvement. Without a company culture strongly aligned with principles of continuous improvement, organisations will struggle to implement, let alone maintain, successful risk management programs. This can be challenging in practice, as cultivating a risk management attitude within a company involves aligning risk initiatives with existing company values, policies and, to put it simply, convincing everyone involved that risk management is worthwhile. However, improving risk culture is possible, and, like many things, it becomes a lot easier when you have a process for it.

Such a process can be separated into three stages:

  • Cultural awareness
  • Cultural change
  • Cultural refinement

Phase one: Building and strengthening cultural awareness

The first stage is building cultural awareness; this will take the form of communications, training, and general education initiatives within the organisation. Here is where companies set risk management expectations and objectives, define roles and responsibilities, and communicate all of these things with their employees. You shouldn’t expect your employees to conform to your ideas about risk management without first taking the time to educate and inform them, whether through formal training or access to knowledge base material or similar.

Successfully building and strengthening cultural awareness about continuous improvement includes:

  • Establishing a common risk management vocabulary
  • Making sure communications are consistent with said vocabulary and that everyone in the organisation has clear access to all relevant documents
  • Being clear about risk management responsibilities and accountabilities.
  • Launching and maintaining training programs, providing training support and guidance where needed and as required by different roles and responsibilities within the organisation
  • Making sure onboarding processes adequately cover risk management.
  • Making sure recruitment processes adequately cover risk management.

Phase two: Changing the way the organisation operates

Once a firm foundation of cultural awareness regarding continuous improvement has been established, it’s time to start thinking about how to gradually change how the organisation operates to reflect these values. This phase begins by recognising and rewarding employees for paying attention to risk and responding to risk in a way that challenges the previously established (pre-continuous improvement) status quo. These motivational systems, rewarding and penalising behaviour according to the established ideals of continuous improvement outlined in the early planning stages, will result in the gradual but certain shift towards a proliferation of continuous improvement-conscious company culture. Another important element is recognising the talent that conforms with the desired vision of continuous improvement and capitalising on this alignment by placing them accordingly in relevant, optimised positions of responsibility or seniority. It’s getting people in the right place to drive the right results.

Some important considerations for this phase:

  • Utilising challenge as a motivator for driving cultural change
  • Gamifying and quantifying risk performance metrics and rewarding/penalising behaviour accordingly.
  • Considering risk management and continuous improvement culture in talent management approaches.

Phase three: Optimising and refining the cultural ecosystem

The third and final stage of cultural adoption of continuous improvement occurs once the company culture has matured to the point of widespread adoption and desired values are already well-entrenched. At this point, the focus shifts to monitoring performance versus expectations and attempting to tweak and refine the system to further improve cultural adoption. The expectations can and will be influenced by a wide range of stakeholders, not just top management; employees, a board of directors, analysts, customers, investors – they all have a say in the definition of cultural expectations because these expectations should directly reflect the whole entity that is the organisation, made up of all its constituent stakeholder parts.

Steps taken during this phase might include:

  • Iterating feedback and observations from risk management into training, education, resources, and communications.
  • Making sure stakeholders are held responsible for their actions
  • Make sure any risk performance metrics or quantifiers are adjusted to reflect risk strategy, goals, and objectives changes.
  • The capacity to redeploy and reassign individuals within an organisation according to desired risk culture goals
  • Continually reflecting on and refining risk culture by continually changing business goals, objectives, and strategies.

At CRI® Group, we are committed to spreading the knowledge about the riskcompliance management and negative impact of fraud, bribery, and corruption to global businesses and promote transparent business relations across the world. As part of this effort, we want to present you our in-depth risk management and compliance insights – articles, whitepapers, eBooks, and other publications to help organisations overcome fraud, compliance, bribery, and corruption management challenges and tackle risks more effectively.

Don’t miss the opportunity to step up towards transparency and better protection for your business and your career – CRI® Group’s risk management and compliance insights give you a chance to explore these topics in-depth. If you are interested in our solutions, please click below to a free quote or contact us today.

GET A FREE QUOTE

Filed under: All Industries, All Regions, Background Investigation, Due Diligence, Resources by admin
1 Comment »

« Previous Page

Importance Of Strong Risk Management Leadership

Managing risk effectively ensures businesses succeed and thrive in constant uncertainty. Good leadership has tremendous importance in the success of the ISO 31000 risk management system. ISO 31000 aims to simplify risk management into clearly understandable and actionable guidelines that should be straightforward to implement, regardless of a business’s size, nature, or location. However, without leadership, your risk management strategy is likely to fail. Here are a few key points that top management should pay close attention to for a successful ISO 31000 risk management system. 

ISO 31000 is not one-size-fits-all

ISO 31000 clearly states that risk management is an open-ended process designed to be highly customised and tailored to the organisation’s individual needs and contexts. That said, ISO 31000 advises particular attention to customising the risk profile, risk appetite, and the communication and facilitation of risk management throughout the company culture.

Executive alignment is crucial

This is one of the most important points; top management must be firmly committed to the risk management program, or the system will not work. Executives should ensure that the entire risk management process is integrated across all levels and departments of the organisation and is strongly aligned with company objectives, strategy, and culture.

Consider how risks will impact value

Top management should be responsible for ensuring that risks are prioritised per how they impact the organisation’s ability to create and deliver value. This approach differs from traditional risk management approaches, which typically rank the risks by numeric value, assigned by considering probability and estimated severity.

Proactive, not reactive

This one is self-explanatory. The basic idea is that risk management should be preemptive. Rather than simply reacting to the currently identifiable risks, it prepares for risks that haven’t yet arisen.

What about ISO 31000 certification?

ISO 31000 provides guidelines, not requirements, and is therefore not intended for certification purposes. It’s important to note that ISO 31000 is a set of guidelines, not requirements. Many ISO standards, like ISO 37001 ANTI-BRIBERY MANAGEMENT SYSTEMS and ISO 37301 Compliance Management Systems, are requirements, which means they compose a strict set of specifications that can be certified. ISO 31000 is not like that; it can’t be certified. It’s simply a set of best practice guidelines.

Powered by CRI® Group, ABAC® educates, equips and supports the world’s leading business organisations with the latest best-in-practice risk assessments, performance assessments, systems improvement and standards certification. Our ISO solutions (certification and training) are offered through our ABAC® Center of Excellence. Find out how ABAC® can help your business! 

Getting Started with ISO 31000 Risk Management?

ISO 31000 is an international standard issued in 2009 by ISO (International Organization for Standardization). All types and sizes of organisations face internal and external factors that directly impact whether an organisation can achieve their objectives or not. ISO 31000:2018 serves as a guide for the design, implementation and maintenance of risk management; ISO 31000:2018 describes a systematic and logical process during which organisations manage risk by identifying it, analysing it, and then determining as to mitigating the risk treatment in a way that is consistent with their risk appetite. An organisation can implement risk management across the entire company and can do so at any time. It can also tailor these controls to specific areas and activities in the business.

  • Organisations can use it to compare their risk management practices with an internationally recognised benchmark, providing sound principles for effective management and corporate governance.
  • It is a clear indicator to your customers and other stakeholders that, as an organisation, you are committed to managing risks in every part of your business.
  • Increases public confidence in the organisation by demonstrating your management capabilities in protecting your business from internal and external threats.
  • ISO 31000:2018 helps to provide guidance for internal or external audit programmers.
  • Competitive bidding for commercial tenders will enhance your company’s reputation and give you a competitive advantage.

Our newly published “ISO 31000 Risk Management: A guide to identify, analyse and mitigate risk” playbook covers everything you need to know about ISO 31000:2018; here’s a quick rundown of the playbook structure:

  • What is ISO 31000?
  • Why is this Standard a good idea?
  • What are the benefits for my business?
  • Principles of ISO 31000:2018
  • ISO 31000 framework
    • Why was it revised?
    • What are the main differences?
  • Key Clauses of 31000:2018
  • Who is the Standard?
  • The process
  • The link between 31000:20180 and other standards
  • Importance of risk management leadership
  • 31000:2018 and continuous improvement
  • How do we get started?

Risk management is a full-time, ongoing endeavour for organisations in today’s business world, and it poses constant challenges. The first part of reducing risk is having a strategy and taking action. So DOWNLOAD your free playbook now!

Other risk management solutions

CRI® Group’s unique identity and vision evolved from our fundamental desire to support our clients and their candidates, thus creating the DueDiligence360™. We specialise in solutions regarding compliance, working as trusted partners to businesses and institutions across the globe. While CRI® may not offer the ABMS certification, we offer other services. Our experts work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates.

The DueDiligence360™ reports help organisations comply with anti-money launderinganti-bribery, and anti-corruption regulations. This service also proves beneficial ahead of a merger, acquisition, or joint venture. It can be used for a third-party risk assessment, onboarding decision-making, and identifying beneficial ownership structures. Identifying key risk issues clearly and concisely helps enhance your knowledge and understanding of the customer, supplier, and third-party risk, helping you avoid those involved with financial crime.

Why not consider our background investigative solutions? 

Firms spend thousands, even millions, to brand their products and services – it only takes one bad hire to cause a loss of capital and reputation. Employee Background Checks can aid in reducing the risk of hiring an employee who does not live up to their supposed skill set and could cause irrevocable damage. It can cause a business to fail, especially if the employee holds malice toward the organisation. EmploySmart™ is CRI® Group’s solution to expose vulnerabilities and threats within your organisation. Much like the ISO certification, our EmploySmart™ is a risk management measure that can be used to significantly reduce business and financial crime, fraud and malpractice within your workplace.

Our solutions are also certified by the British Standard Institute BSI for the scope of BS 7858:2019 Screening of individuals working in a secure environment, Code of practice (the only BS 7858 certified background screening services provider in the UAE and across the Middle East); and BS 102000:2018 Code of practice for the provision of investigative services.

Another risk management solution to consider from CRI® is our Third-Party Risk Management solution (TPRM), also known as 3PRM™. In the wake of the global pandemic, the 3PRM-Certified™ was developed to aid organisations in accurately determining the legal compliance, financial viability, and integrity levels of external parties, vendors, and customers who seek to be affiliated with and represent the business.

The 3PRM-Certified™ program consists of gap analysis and investigative due diligence on the targeted parties. This highly thorough program reveals anti-corruption, compliance and risk management discrepancies associated with the international regulatory framework helping your business flourish at any scale. Find out more about CRI® Group’s Risk Management Solutions.

If you’re unsure what solution may be best for you and your business, how about connecting with one of our experts for a free consultation? Receive tailored advice from the top analysts and investigators across the globe.

CONTACT US

Filed under: All Industries, All Regions, Resources by admin
No Comments »

« Previous Page
Copyright ©2024 CRI Group™. All Rights Reserved.