Fraud Advisory Panel deep dives into the HBOS scandal
On 30 January 2017, following a four-month trial, former HBOS employees Scourfield and Mark Dobson involved in HBOS scandal were convicted of fraud and corruption involving a scheme that cost the bank £245m. Scourfield pleaded guilty to six counts including corruption, and Dobson was found guilty of counts including bribery, fraud and money laundering.
The HBOS (Halifax Bank of Scotland) fraud trial was highly unusual in that senior bankers were convicted of crimes, including fraud and hiding the proceeds of crime, in the boom of irresponsible lending ahead of the 2008 crash. As Lloyds reopens compensation claims over HBOS fraud and almost a decade after the HBOS fraud victims will hopefully be finally compensated. Loyds damning review found that victims were not all treated equally after fraudsters plundered £1bn to fund sex parties, superyachts and lavish holidays. The victims were the taxpayer, small business customers of the bank, and HBOS shareholders.
Fraud Advisory Panel
Fraud Advisory Panel discusses the HBOS scandal in an executive breakfast briefing. Which will take a deep dive into the case and take stock of the significant challenges faced by counter-fraud professionals to ensure fair access to justice for those affected by fraud and financial crime, especially SMEs. The agenda is comprised of the following:
- The impact of the HBOS fraud on its victims.
- The practical challenges faced by law enforcement and prosecutors in large corporate frauds.
- The work of the APPG on Fair Business Banking to support SME victims.
- The key lessons that can be learnt from HBOS and how these can be used to inform proactive action to support victims.
Guest speakers
- Nick Gould, Aria Grace Law
- Brian O’Neill QC, 2 Hare Court
- Anthony Stansfeld, Police Crime Commissioner, Thames Valley
- Kevin Hollinrake MP Thirsk and Malton, Co-chair, All Party Parliamentary Group on Fair Business Banking
In the chair
- Rachel Sexton, director, Fraud Advisory Panel
Details
Time: 08:30 – 10:30
Location: Online
Venue: Live interactive session
Costs: FAP member £20+VAT; Non-member £30+VAT
Registration Expired!
Staying one step ahead of any critical risk to your organisation is part of being an effective business leader. Contact us today to get started on implementing a robust program that will serve you well for years to come. Get your FREE QUOTE now!
About us…
Based in London, CRI® Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI® Group also holds BS102000:2013 and BS7858:2019 Certifications is an HRO certified provider and partner with Oracle.
In 2016, CRI® Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI® Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.
MEET THE CEO
Zafar I. Anjum is Group Chief Executive Officer of CRI® Group (www.crigroup.com), a global supplier of investigative, forensic accounting, business due to diligence and employee background screening services for some of the world’s leading business organisations. Headquartered in London (with a significant presence throughout the region) and licensed by the Dubai International Financial Centre-DIFC, the Qatar Financial Center – QFC, and the Abu Dhabi Global Market-ADGM, CRI® Group safeguard businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. CRI® Group maintains offices in UAE, Pakistan, Qatar, Singapore, Malaysia, Brazil, China, the USA, and the United Kingdom.
Contact CRI® Group to learn more about its 3PRM-Certified™ third-party risk management strategy program and discover an effective and proactive approach to mitigating the risks associated with corruption, bribery, financial crimes and other dangerous risks posed by third-party partnerships.
CONTACT INFORMATION
Zafar Anjum, MSc, MS, CFE, CII, MICA, Int. Dip. (Fin. Crime) | CRI® Group Chief Executive Officer
37th Floor, 1 Canada Square, Canary Wharf, London, E14 5AA United Kingdom
t: +44 207 8681415 | m: +44 7588 454959 | e: zanjum@crigroup.com
Ethical code of conduct: What should be covered?
Business leaders are usually quick to communicate their expectations to employees, especially when it comes to financial goals or tasks that they want to be accomplished. However, what is often lacking is a clear, concise explanation of what the organisation expects in terms of ethical behaviour. The recent article “Puffery or Not? Courts Examine Corporate Codes of Conduct” explains that although a number of federal courts have found code of conduct statements to be non-actionable puffery, given the uncertainty in the face of the novel CODIV19 pandemic, public companies are ought to review their codes of conduct and revise them if necessary to mitigate litigation risk. Ethical code of conduct:
Does your organisation have an ethical code of conduct? If not, you might be making assumptions that your employees know to conduct themselves in an ethical manner, when, in fact, this expectation only exists in a grey area in their minds – if at all. In fact, some employees who have engaged in fraud, corruption or other unethical situations have claimed that while they knew their behaviour was wrong, they thought it was implicitly accepted by their bosses and, in some cases, their company overall.
Rather than assume that ethical rules “go without saying,” every organisation should spell out what they expect of their employees when it comes to ethical behaviour. At CRI Group, we counsel business leaders on the principle that every organisation should have a written, carefully considered ethical code of conduct as part of their fraud prevention strategy. CRI’s Certification program through the ABAC Center of Excellence includes developing an ethical code of conduct as part of the training and development phase for clients.
What should be covered?
An ethical code of conduct should be tailored to your company and your organisation – no two will be the same. What are the risks inherent in your organisation? What about in your industry? A pharmaceutical company will have some different risk areas than a retail store, for example. A nonprofit organisation might have concerns that relate to fundraising, a government agency might be focused on preventing bribery or collusion.
The goal of an ethical code of conduct is to help all employees understand the expectation that they always behave in a legal and ethical manner, and that the organisation has zero tolerance for unethical behaviour. It should include the following focal points:
1. Business values
This can include your organisation’s mission and vision and should help set the tone for how the organisation relates to its clients, partners, its own employees and the public at large.
2. Guiding principles
The principles that guide your company include customer satisfaction, financial success and profitability, improvement and growth. Your company might also follow policies of corporate responsibility, such as respect for social and environmental issues, and support of the community and/or nonprofit efforts.
3. Role of leadership
This section of the code of conduct should state that management has clearly endorsed the code and that employees can approach any manager or executive with ethical concerns or complaints.
4. Regulatory and compliance
This section should communicate the organisation’s commitment to meeting all compliance requirements, from OSHA and EPA to Sarbanes-Oxley and Dodd-Frank. This reinforces leadership’s expectation that employees must act diligently and ethically to uphold those standards, as well.
5. Employee responsibility
Every employee, from top to bottom, shares the responsibility toward upholding the ethical standard defined in the code. Contractors and volunteers are also expected to follow the standard of behaviour. Furthermore, the code should make clear that if the unethical behaviour is detected, turning a blind eye or deciding “it’s not my problem” is unacceptable. That is a breach of the ethical code.
CRI Group can help your organisation with the finer points of drafting and implementing an ethical code of conduct. ABAC Center of Excellence includes this critical piece as a part of any robust fraud, bribery and corruption prevention program.
After the ethical code of conduct is approved by company leadership, it should be read and signed by all employees (with the signed copies kept on file by the organisation). And it should be displayed prominently in the office. Unethical behaviour, including fraud and other corruption, is everyone’s problem, and it must be prevented, detected and reduced. Staying one step ahead of any critical risk to your organisation is part of being an effective business leader.
ISO 37001:2016 Anti-Bribery Management System certification is offered under CRI Group’s ABAC® Centre of Excellence, an independent certification body established for Anti-Bribery Management System training and certification, ISO 37301 Compliance Management Systems and Risk Management System certification. The program will be tailored to your organisation’s needs and requirements. For assistance in developing and implementing a fraud prevention strategy, contact ABAC today or get a FREE QUOTE now!
Who is CRI® Group?
Based in London, CRI® Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI® Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.
In 2016, CRI® Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI® Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.
1 in 3 Furloughed UK Employees Pressured to Work
The COVID-19 pandemic has been a major crisis for businesses and employees around the world. To make matters worse, some unscrupulous employers in the UK have abused the Coronavirus Job Retention Scheme by engaging in furlough fraud. They do this by accepting taxpayer money designed to help them pay salaries for furloughed workers, who are essentially “deactivated” to due to loss of business and quarantine – yet they pressure them to work (or they accept furlough benefits without the employees’ knowledge).
The system is designed to keep companies from laying off employees during such a time of crisis. Unfortunately, a crisis can also present the opportunity to commit fraud. In this case, pressuring employees to work despite being furloughed is an abuse of the system and a violation of the law. Employers who do this are gaming the system and taking advantage of employee labour, with taxpayers footing up to 80 percent of the bill (their salary).
How big is the problem? According to a recent study, more than one in three employees on furlough in the UK are currently under pressure to continue working while on furlough (Express UK, 2020). This shocking statistic has demonstrated that the issue of abuse in the furlough system is not an isolated affair, but appears to be widespread. So much so that HM Revenues and Customs is actually offering a 30-day amnesty period for employers to “admit to deliberate non-compliance of furloughing rules” (Yahoo UK, 2020). More than 1,900 calls have been logged to the furlough fraud hotline, and companies face penalties with new legislation on the way to punish violations.
What does furlough fraud look like? Here are some of the ways that employers are abusing the system.
1. Furloughed employees are pressured to work
A survey showed that 27 percent of furloughed employees were asked to send and respond to emails, and 17 percent were asked to make phone calls. Furlough workers by law are not expected to be actively engaging in any work for the employer while furloughed.
2. They are asked to come to the workplace
Rather than being asked to work from home (which is still against the rules), 12 percent of furloughed employees report being pressured to physically attend their workplace.
3. Employees are encouraged to “volunteer”
A reported 11 percent of furloughed employees are being pressured to continuing working for their employer as a “volunteer,” which is against the law.
4. Some employee don’t even know they are furloughed
In certain cases, employers have claimed furlough on their employees’ behalf, without their knowledge, while they continue working.
In their efforts to eradicate corruption, Parliament is pushing through new draft legislation that is expected to become law in July as part of the Finance Bill 2020. Dawn Register, partner in tax dispute resolution at BDO, told Personnel Today: “It is clear that HMRC is now gearing up to tackle incorrect and fraudulent claims for Covid-19 support payments. Latest government statistics show the eye-watering numbers paid out and why HMRC resources will focus on this potential new area of fraud” (Personnel Today, 2020).
The problem of furlough fraud illustrates the danger at companies that don’t adhere to a strict ethical code of conduct. By contrast, a proper tone at the top that helps discourage fraud and corruption would make it just as difficult and unacceptable to flout furlough laws as it would be to, say, engage in bribery, or cook its books. Unfortunately, many entities in the UK will likely learn the hard way when investigations and penalties bring them into compliance at a high cost. Legislators have signalled that both criminal and civil penalties will be on the table for those companies found to be abusing the system.
At CRI® Group, our experts are focused on anti-corruption methods and help implement proper anti-fraud processes that prevent problems like furlough fraud. Our due diligence processes can also detect when such fraudulent acts are being undertaken without the knowledge of ownership or directors. Let us show you ways to detect and prevent fraud at every level, and build a corporate culture that’s based on compliance and ethics.
About us…
Based in London, CRI® Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI® Group also holds BS102000:2013 and BS7858:2019 Certifications is an HRO certified provider and partner with Oracle.
In 2016, CRI® Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI® Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organizations. Contact ABAC® for more on ISO Certification and training.
MEET THE CEO
Zafar I. Anjum is Group Chief Executive Officer of CRI® Group (www.crigroup.com), a global supplier of investigative, forensic accounting, business due to diligence and employee background screening services for some of the world’s leading business organisations. Headquartered in London (with a significant presence throughout the region) and licensed by the Dubai International Financial Centre-DIFC, the Qatar Financial Center – QFC, and the Abu Dhabi Global Market-ADGM, CRI® Group safeguard businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. CRI® Group maintains offices in UAE, Pakistan, Qatar, Singapore, Malaysia, Brazil, China, the USA, and the United Kingdom.
Contact CRI® Group to learn more about its 3PRM-Certified™ third-party risk management strategy program and discover an effective and proactive approach to mitigating the risks associated with corruption, bribery, financial crimes and other dangerous risks posed by third-party partnerships.
CONTACT INFORMATION
Zafar Anjum, MSc, MS, CFE, CII, MICA, Int. Dip. (Fin. Crime) | CRI® Group Chief Executive Officer
37th Floor, 1 Canada Square, Canary Wharf, London, E14 5AA United Kingdom
t: +44 207 8681415 | m: +44 7588 454959 | e: zanjum@crigroup.com
6 challenges for compliance officers in 2020
The job of a compliance officer can be a difficult one. Organisations from large corporations down to small government agencies rely on their compliance officers to keep them within ethical and legal boundaries. They also rely on them to maintain monitoring and reporting requirements, and stay abreast of any changes in the compliance landscape. For professionals in this field, the bad news is that challenges will continue to increase in the near future (as we’ll explain in this article). The good news is that there are trained experts available to work hand-in-hand with organisations’ compliance officers to minimise risk and help them remain in compliance.
The stakes are high, as organisations in both the public and private sectors face new laws and regulations in jurisdictions around the world, along with increasingly strict enforcement and punishments. Investigations of violations can, and often do, lead to heavy fines. In some cases, criminal charges may result – and these can be levied against the organisation, or individuals, or both. Here are some of the biggest challenges facing compliance officers today:
1. Anti-money laundering (AML) regulations
The Panama Papers and other major scandals, including the illicit funding of certain terrorist actions, brought money laundering issues firmly into the spotlight. Many governments have been stirred to action to create stronger measures meant to prevent the illegal funding of criminal or terrorist enterprises. In the European Union, this resulted in the 5th Money Laundering Directive (5MLD), which takes effect in January 2020. 5MLD impacts organisations most directly in how they handle their know-your-customer (KYC) processes.
In the run-up to the 5MLD, there was increased attention on high-risk countries. Clients or transactions engaged in high-risk countries are now subject to enhanced due diligence when performing onboarding checks. Compliance teams need to ensure KYC is not a simple “tick box” exercise during the onboarding phase, and ongoing monitoring processes need to be implemented to manage changes throughout the customer lifecycle.
5MLD requires enhanced due diligence when dealing with high-risk countries. In addition to obtaining evidence of the source of funds and source of wealth, information on beneficial ownership and background to the intended transaction must also be recorded. The EU may also designate a ‘blacklist’ of high-risk countries for money laundering.
2. Conflicts of interest
Risks related to conflicts of interest are significant at every level of the company. Starting with the board of directors, an effective board must be transparent about potential conflict issues and address them on an ongoing basis. Board decisions that either suffer from actual conflicts can risk the board’s adherence to its duties and create real legal risks. Even the appearance of a conflict can raise real issues and transparency becomes even more important in these contexts.
This same level of risk can undermine the integrity of senior management. When senior executives fail to address real and significant conflicts, the integrity and overall leadership trust factor can deteriorate. A compliance executive must be willing to take on these issues, even when it is difficult to confront senior executives.
Within the private equity (PE) industry, conflicts and their adequate disclosure remain problematic. In recent years regulators have made examinations of PE firms and their complex structures top priorities. Most major organisations – and their compliance officers – see outside business activities as a risk.
3. Innovation driving new demands
New innovations are providing increased efficiency in compliance processes, which is a major plus for organisations. Always a double-edged sword, however, technology also creates more issues in data security, not to mention the training and expertise required to master it.
For many ‘non-tech’ professionals such as compliance officers, rapidly changing technology can be a concern, as the importance and integration of technology into the compliance suite continue to evolve. Compliance officers may not need to become technology experts, but they do need to ensure that tech-related risks are addressed within their firm’s framework. Compliance must be aware of rules and regulations from every jurisdiction with authority over the firm’s activities. This is another area where partnering with an outside firm that provides training and technology resources can be a major advantage.
4. Regulatory and political change
Recent years have seen a flurry of new regulations from various governmental bodies and jurisdictions, from the General Data Protection Regulation (GDPR) act to 5MLD. The GDPR, for example, has extraterritorial reach. It also serves as a model for future possible regulations in the critical area of data privacy and cybersecurity.
In Europe, Brexit creates real uncertainty for the UK’s regulators, and the industries that they regulate. But Brexit also impacts EU member states and any organisations doing business within or through the UK. The impact is far-reaching, and regulators face major challenges in responding to profound changes in policy, the legislative framework and the wider economic context.
Politics in the United States and other nations have also seen similar dramatic shifts in governmental control and resultant effects in policy, which can impact regulatory laws and how they are implemented and enforced worldwide. One thing is certain – investigations and legal actions based on violations of the Foreign Corrupt Practices Act (FCPA) continue to increase, and organisations must remain diligent in conducting risk assessments and implementing control measures to remain in compliance.
5. Personal liability
One area of concern sure to grab the attention of any compliance officer is the issue of personal liability. Recent news stories have reported criminal convictions, some leading to prison sentences, of executives, “middle men” and other individuals involved in various scandals. Compliance officers should take heed, as their responsibilities to their company can also extend to their own professional conduct being placed under a microscope. Many compliance professionals are aware of this, as a recent Thomson-Reuters survey found that 60% of them expect personal liability to increase.
New initiatives underline this reality, such as the Senior Managers and Certification Regime (SCMR) in Europe. It places a focus on firms’ senior managers and individual responsibility, and extends to all Financial Conduct Authority (FCA) solo-regulated financial services firms. The FCA itself has been increasing enforcement notices against individuals. We can expect an increase in these types of measures and they will apply to industries beyond those in the financial sector.
6. Ethics and integrity
Today’s business landscape brings an increased emphasis on the culture of an organisation, with an eye toward ethical practices and principles. With growing scrutiny from both regulators and stakeholders, the pressure is on for compliance professionals and their superiors to take broader responsibility for policies, procedures and controls to create a truly ethical business.
The Cambridge Analytica scandal is a notable example of how data misuse has serious brand and societal implications, on top of legal and compliance penalties. The public outrage was so intense that governments were forced to act, calling on Facebook and other involved parties to testify and explain themselves. The market’s reaction was also punishing, with more than $100 billion knocked off Facebook’s share price in days, while Cambridge Analytica went out of business.
In conclusion, AML regulations, conflicts of interest, innovation driving new demands, regulatory and political change, personal liability, and ethics and integrity issues are among the biggest challenges facing today’s compliance professional. This is the time to address solutions. There is expert help and a wealth of resources available, with no better time to leverage them than the present.
Let us know if you would like to learn more! Contact us today and get your FREE QUOTE now!
Who is CRI Group?
Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.
In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.
3 ways to protect your Company’s Reputation
In today’s connected business world, there are very few secrets. United Airlines, for example, recently learned the hard way that one ugly incident can go viral and spread around the world in a matter of minutes – not hours, days or weeks. protect company reputation
United initially faced criticism over the rough treatment of a passenger being removed from one of their planes. Then, the company learned a second lesson when its CEO’s response to the crisis seemed somewhat disconnected and uncaring. United was in the middle of a reputational crisis, and its first official response to angry consumers only added more fuel to the fire. Later, the CEO offered an apology and a more compassionate statement – but the damage was done.
There are lessons to be taken from this and other high-profile cases where companies have seen their reputation, which they’ve worked hard to cultivate, trashed in the public spotlight. The fact is, things happen, and no company has a guaranteed way to safeguard their reputation from ever being dinged or facing scrutiny, whether fair or not. But there are ways to mitigate the damage and help ensure your company survives the crisis, and can rebuild its reputation in a positive way.
Know that people are talking about you
In the age of Twitter, Facebook, Yelp and other social engagement sites, people are keen to talk about what they like, dislike, what they wish would be better, and anything else on their mind. That includes your company and your products or services. Accept this and embrace it. Engage with people who post on social media when appropriate, and always in a polite and respectful manner. When there is a legitimate problem, communicate that you are taking the matter seriously and looking to resolve it, and then do so.
1. Be transparent
A way to be proactive in your engagement with others is to ask for feedback. Then be prepared to address it, good or bad. Consumers, stakeholders and even your own employees will be impressed by the open lines of communication and an honest dialog. In this way, you can strive to improve your services and offerings and show that you are receptive to your client’ needs.
2. Protect your customers’ data
Nothing can destroy your reputation among your clients and customers quicker than having to tell them their personal information, which was entrusted to you to remain private and protected, is now in the hands of hackers or criminals because you suffered a security breach. Even worse is when they learn that your company did not take all the measures necessary, or even the most basic ones, to prevent such a breach from occurring. Not only might you be criminally liable, but customers will run from you, not wanting to take a risk that something like that could happen again in the future. In today’s high-risk environment, you must have the most sophisticated and up-to-date security measures in place to protect your date – and your reputation.
3. Conduct due diligence
How much do you know about your third-party partners – those suppliers and contractors that you’ve trusted for years, or new ones with whom you seek to engage? An unethical partner can have serious effects on your own company’s reputation – bribery, corruption, supply chain problems are all issues that can end up tainting your own business and causing your customers to lose trust in your products or services. Conducting thorough due diligence, with background checks and full risk assessments, is the only way to help protect your reputation from potential harm.
It may feel sometimes like your company’s reputation is out of your control. However, there are steps you can take to help manage your reputation and help steer the conversation. It becomes more difficult when you wait, and try to undo later the damage that has already been done. That’s why being proactive in maintaining a positive reputation is the best strategy. Contact CRI Group today and let us help you stay on the path to managing your message and your reputation.
Who is CRI Group?
Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.
In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.
Top 4 Red flags during a Merger & Acquisition
The business world is often transitional, and the landscape changes as entities grow or industries change – and the players involved have to change with it. Mergers and acquisitions are examples of these “transitional times,” and they are also among the most critical times to conduct proper and thorough due diligence.
There are inherent risks involved with the “unknown factor” that outside entities represent. By nature, merging with another entity, or acquiring it altogether, can be an exciting time, but background screening is especially crucial at this juncture.
When conducting due diligence before a merger or acquisition, what are some of the red flags that should make you take a closer look?
CRI® Group has conducted numerous due diligence engagements for clients undertaking major business deals. Our agents have also conducted many investigations for organisations that failed to do proper due diligence, and as a result became victims of fraud. Our findings in those investigations have provided a road-map of things to look for, and be cautious about, when in the pre-merger or pre-acquisition stage.
Here are a few red flags for any organisation undergoing a merger or acquisition:
1. Legal issues
When merging with or acquiring another entity, due diligence will uncover legal proceedings, including any troubling issues that the entity might have been trying to keep hiding. Past or current litigation or even criminal proceedings have been uncovered in background checks.
2. Credit risks
Some potential partners might be financial landmines, bringing the kind of baggage your organisation cannot afford. Has the entity claimed bankruptcy? Have they dissolved prior companies or are they faced with debtor filings? Proper due diligence will uncover these and other financial risk factors.
3. Lack of experience
If your organisation is looking to partner with a contractor or service provider, what is their experience level in the industry? Have they successfully completed past projects of a similar scale? Nothing can hurt your reputation with clients and customers more than having your deliverability affected by a contractor that cannot handle to job.
4. People problems
Hopefully, your organisation conducts thorough employee background screening of all potential and current employees. Can you say the same for the entity you are considering for a merger or acquisition? If not, the risks are great: fraud risks, criminal conduct, even employees without the needed training or skill level doing dangerous jobs could all come back to damage your own organisation and reputation. Comprehensive and thorough background screening, including of owners and principals (perhaps these are most important) will uncover such risks.
None of these red flags, on their own, are necessarily absolute roadblocks to a proposed merger or acquisition. Some scenarios can be explained, and certain circumstances simply require a fuller explanation.
But the key is having the information. In business, being surprised is generally not a good thing. This is never more true than when dealing with mergers and acquisitions.
Staying one step ahead of any critical risk to your organisation is part of being an effective business leader. Contact us today and get your FREE QUOTE now!
Who is CRI® Group?
Based in London, CRI® Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI® Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.
In 2016, CRI® Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.
Any successful ethics and compliance strategy needs 5 key ingredients …
Once upon a time, the idea of business ethics was more of an abstract or philosophical notion that seemed more suited for discussion in a university lecture or at a business conference. Today, however, organisations of all sizes and industries must have concrete ways of addressing ethics and compliance issues as a principal component of their business processes and strategy.
According to a study by PwC, 98 per cent of senior leaders say they’re committed to compliance and ethics; however, only 67 per cent have a process in place to identify the owners of compliance and ethics-related risks, with only a third having an officer in place for the overall compliance and ethics. Fifty-six per cent of the companies don’t have a chief ethics officer at all, and only 20 per cent have a Board of Directors that formed separate compliance and ethics committees. The study reports that 82 per cent of leaders communicated with employees on ethics, but 46 per cent of this is done in business meetings or by email. You can read the result on the full PwC website.
Business leaders are usually quick to communicate their expectations to employees, especially when it comes to financial goals or tasks that they want to be accomplished. However, what is often lacking is a clear, concise explanation of what the organisation expects regarding ethical behaviour and a compliance framework in place to follow. Today citizens, media, politicians and international bodies across all regions actively condemn abuses of power. And past scandals and their consequences have created a demand for increased regulations, greater transparency, and other rigorous scrutiny measures to be taken. To maintain (or regain) public trust, the ethics and compliance function has been placed at the centre of the strategic core of organisations by effective leaders.
Empower your organisation to mitigate risk!
To ensure a robust compliance and ethics strategy, five critical elements need to be implemented; 1) tone at the top; 2) corporate culture; 3) risk management, 4) a Chief Compliance Officer; and 4) testing and monitoring.
1 – Building Tone at the Top
“Tone at the top” is a term used to describe the ethical atmosphere created at an organisation or workplace by their leaders and their attitudes and behaviours. Tone at the top is vital in determining whether fraud, bribery, or corruption are likely to occur. Because all levels of management set it, it has a trickle-down effect on all employees. If the top leaders show a robust and zero-tolerance approach to fraud, employees are likely to lead by example.
An organisation with a strong ethical culture is usually led by a board of directors and senior management personnel who actively promote a culture of compliance and zero tolerance for fraud and other unethical business behaviour. Effective tone at the top will communicate to the organisation at all levels the expected type of conduct, what is considered unacceptable, and what the consequences will be for transgressions. A zero-tolerance approach should be followed at all times; it is vital in maintaining the culture of ethics and compliance at the organisation; below are some examples of failed tone at the top:
- The Enron scandal
- Arthur Andersen obstruction of justice
- Xerox fined by SEC
- Scandals at Fannie Mae
- Global financial crisis
- Tyco Scandal
- MCI Inc/WorldCom
- ImClone Systems trading case
For more scandals, check out our list of the “Top 10 Bribery & Corruption Stories of 2020“.
2 – Corporate culture
The prevailing norms, expectations, and recognised acceptable behaviour form the corporate culture of an organisation. By implementing an ethical code of conduct and compliance with all regulations a part of those norms, the organisation will help promote positive behaviour and integrity among its staff.
You might be making assumptions that your employees know how to conduct themselves ethically when, in fact, this expectation only exists in a grey area in their minds – if at all. Some employees who have engaged in fraud, corruption or other unethical situations have claimed that while they knew their behaviour was wrong, they thought it was implicitly accepted by their bosses and, in some cases, their company on the whole.
Similar to establishing an effective tone at the top, fostering a positive corporate culture hinges on effective communication, and it needs to permeate different layers of the organisation. In other words, sending occasional emails about ethical behaviour isn’t enough to influence the culture at a company. Develop videos, team-building exercises, new employee orientations, and employee appreciation events; these provide opportunities to recognise positive behaviour and reinforce the company’s values. When employees see their colleagues being recognised and rewarded for maintaining a compliant and ethical corporate culture, they are more likely to help cultivate an ethical workplace. When the tone at the top and corporate culture are tied together, everyone understands what is acceptable and expected in being a part of the organisation’s success.
3 – Risk management: perform risk assessments
Risk management is identifying, evaluating, and prioritising risks (defined in ISO 31000 as the effect of uncertainty on objectives) followed by coordinated and economical application of resources to minimise, monitor, and control the probability or impact of unfortunate events to maximise the realisation of opportunities. In other words, before you establish an ethics and compliance framework – first, a risk assessment should be conducted to uncover any vulnerabilities that need to be addressed with new processes.
> Risk assessment breakdown: Identification, Analysis, Evaluation
This means you need to assess how your business is conducted. So ask yourself:
- Have the various roles at the company been appropriately allocated, and is there a proper separation of duties?
- Are employees qualified for their responsibilities?
- Is the workforce trained to recognise the red flags of unethical behaviour and fraud?
Once the risks are identified, they can be isolated and addressed as part of your organisation’s comprehensive approach to ethics and compliance. The risks should be prioritised:
- Which ones pose an immediate threat?
- Could they effectively shut down the business?
- Do they pose a risk of financial, legal, or reputational risk – or all of the above?
Once prioritised, the identified risks should be assigned to critical members of the organisation. Whatever your reasons or motivations might be, if your organisation’s objective is to have an effective risk management strategy in place, then ISO 31000 can provide the principles, framework and a process for managing risk.
4 – A Chief Compliance Officer (CCO)
The implementation of a robust ethics and compliance strategy can give your organisation a competitive edge. A compliance officer or a CCO plays an essential and crucial role in the implementation. They are tasked with the day-to-day responsibility of overseeing the management of compliance and ethical risks whilst ensuring that the organisation is in compliance with the various regulatory requirements and that employees adhere to internal procedures and policies. Oversight should be provided by the board of directors (or ownership and executives) to ensure that problem areas have been adequately addressed and the organisation is taking a proactive approach to mitigating risk.
5 – Testing and monitoring
When all the new processes have been implemented (the anti-fraud policy and employee code-of-conduct, anti-bribery and anti-corruption training and policies, allocation of duties and responsibilities, an anonymous reporting -hotline- process for unethical behaviour), a thorough testing and monitoring regimen is critical to ensure the new process is working.
It is important to remember that having the best processes on paper won’t make a positive difference on its own. You need to monitor how they are being used and their success. A schedule should be in place that promotes frequent, regular check-ups of the ethics and compliance controls, with metrics that show results (i.e. surprise audits). A surprise audit is an effective way to test if any new controls have reduced the flagged irregularities. Before implementing ethics and compliance controls, the risk assessments should have identified risk areas with the new processes to mitigate that risk. Only by testing and testing frequently can the organisation determine if the new controls have the desired effect. If they are not, the company should develop new solutions that specifically robustly target these problem areas – and, in time, test them again.
Addressing ethics and compliance issues at an organisation can be a daunting task. However, with careful preparation, expert help, and a common-sense approach, any organisation can develop or enhance its corporate culture to be proactive in mitigating ethics and compliance risks. The benefits will be obvious – increased productivity, better security, and empowered employees who understand that their organisation values integrity and an ethical work environment.
Create a zero-tolerance approach to fraud with ISO 37001 ABMS
Creating a zero-tolerance approach to fraud doesn’t happen overnight. When your organisation enrols in ISO 37001:2016 ABMS training and certification, the program involves your entire team. The training helps establish an ethical culture by educating your employees on the following:
- What constitutes fraud, corruption, and bribery, and why these are so damaging to business
- How to identify red flags of fraud, corruption and bribery
- The process for reporting fraudulent and unethical acts
- The organisation’s zero-tolerance attitude toward unethical behaviour and willingness to terminate employees for breaches and prosecute unethical acts
- The severe ramifications for committing fraud or bribery, the legal consequences, and the negative impact on one’s career
Employees shouldn’t be expected to follow a code of conduct that they aren’t aware exists. That’s why ISO 37001:2016 ABMS creates a communication plan through which organisation leaders regularly communicate their ethical behaviour expectations to the staff periodically. Read more on how to build trust in the workplace with ISO 37001 Certification.
About CRI Group
Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.
In 2016, CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.
Speak up – report any illegal, unethical, or improper behaviour
If you find yourself in an ethical dilemma or suspect inappropriate or illegal conduct, and you feel uncomfortable reporting through normal communication channels or wish to raise the issue anonymously, use CRI Group’s Compliance Hotline. The Compliance Hotline is a secure and confidential reporting channel managed by an independent provider. When reporting a concern in good faith, you will be protected by CRI Group’s Non-Retaliation Policy. COMPLIANCE HOTLINE
CONTACT US
Headquarter: +44 7588 454959
Local: +971 800 274552
Email: info@crigroup.com
Headquarter: 454959 7588 44
Local: 274552 800 971
Email: info@crigroup.com
NEWSLETTER SUBSCRIPTION