Corporate Research & Investigations

Decrease Bribery Risk with ISO 37001:2016 ABMS

Bribery and corruption are worldwide problems with serious consequences for organisations of any size, industry or region. To help combat this threat, the International Organization for Standardization (ISO) issued the ISO 37001:2016 Anti-Bribery Management System (ABMS) standard. This standard helps businesses, nonprofits and governmental agencies to reduce their risk of bribery and corruption, How? By establishing, implementing, maintaining and improving an anti-bribery management system.

> Does your organisation have an ethical code of conduct? Don’t make assumptions that your employees know to conduct themselves in an ethical manner. Read “Your organisation needs an ethical code of conduct” to learn more.

The ISO 37001:2016 standard mirrors numerous steps contained in the U.S. Foreign Corrupt Practices Act, the UK Bribery Act 2010 and other major legislation aimed to curb bribery and corruption and increase punishments resulting from its occurrence. When an organisation makes the decision to move forward with ISO 37001:2016 ABMS training and certification, the benefits are immediate. That’s because ISO 37001:2016 puts methods in place that do the following:

Ensure that your organisation is implementing a viable anti-bribery management system using widely accepted controls and systems.
Give your company the tools it needs to prevent bribery and mitigate related risks
Provide assurance to management, investors, business associates, personnel and other stakeholders that the organisation is actively pursuing internationally recognised and accepted processes to prevent bribery and corruption.
Help your company create new and better business partnerships with entities that recognise your certified status, including supply chain manufacturing, joint ventures, pending acquisitions and co-marketing alliances
Potentially reduce corporate insurance premiums
Provide your customers, stakeholders, employees and partners with confidence in your business operations and ethics
Provide a competitive edge over non-certified organisations in your industry or niche
Provide acceptable evidence to prosecutors or courts that the organisation has taken reasonable steps to prevent bribery and corruption

ISO 37001:2016 certifies that your organisation has implemented reasonable and proportionate measures to prevent bribery. These measures involve top-level leadership, training, bribery risk assessment, due diligence adequacy, financial and commercial controls, reporting, audit and investigation.

Impacting your corporate culture

An organisation that takes a firm stand against bribery and corruption, and makes compliance standards a priority, will see the effects among its employees and in its corporate culture. After all, ISO 37001:2016 isn’t just for the security team or executives. It involves the entire organisation. Staff learn how to recognise red flags of noncompliance for bribery and fraud, and how to report them. They also gain an understanding that the organisation won’t tolerate unethical behaviour, especially when it comes to bribery and corruption. For example, many employees in today’s workforce might think they understand what bribery and corruption are – but they probably don’t recognise the many different ways it can manifest itself in the business world. ABAC® Certified™ training and certification process for ISO 37001:2016 educates your personnel and helps your company address bribery in all its forms, including:

In the public, private and not-for-profit sectors
By the organisation
By the organisation’s personnel acting on the organisation’s behalf or for its benefit
By the organisation’s business associates acting on the organisation’s behalf or for its benefit
Of the organisation
Of the organisation’s personnel in relation to the organisation’s activities
Of the organisation’s business associates in relation to the organisation’s activities
Direct and indirect bribery (e.g. a bribe offered or accepted through or by a third party) (Source: ISO 37001 ABMS Standard)

> Enhance your organisation’s anti-corruption culture! Read our FREE “Whitepaper: Countering bribery & corruption in the public & private sectors – Anti-corruption culture, risk assessment, auditing & compliance”

Expert training from an accredited body

CRI Group’s ABAC® Certification services are accredited by the Emirates International Accreditation Center (EIAC) for administering the ISO 37001:2016 anti-bribery standard, and has leading experts administering the 37001:2016 Anti-Bribery Management Systems certification program. ISO 37001:2016 Anti-Bribery Management System Certification reflects international best practices and can be used in all jurisdictions. It is applicable to small, medium and large organizations in all sectors, including public, private and not-for-profit sectors. reduce the risk of bribery and corruption by establishing, implementing, maintaining and improving your management system. When everyone is on the same page and playing as a team, the organisation is stronger because employees trust one another to do the right thing. Those “gray areas” of rule-bending and non-compliance are no longer gray. The organisation culture dictates that only ethical behaviour and compliance with anti-bribery and anti-fraud standards will be acceptable.

When an organisation undertakes ISO 37001:2016 training, employees understand that ethical behaviour is the norm, and anything outside of those bounds will be punished – especially criminal acts like bribery and corruption – perhaps with the loss of their job, or even prosecution. ABAC® Certification provides three levels of training ensure that employees get the instruction they need: Introductory Training, Internal Auditor Training, and Lead Auditor Training. ABAC® conducts ISO 37001:2016 training in a classroom setting, providing face-to-face interaction with expert instructors. The training helps establish an ethical culture by educating your employees on the following:

What constitutes fraud, corruption, and bribery, and why these are so damaging to business
How to identify red flags of fraud, corruption and bribery
The process for reporting fraudulent and unethical acts
The organisation’s zero-tolerance attitude toward unethical behaviour and willingness to terminate employees for breaches, and prosecute unethical acts
The serious ramifications for committing fraud or bribery, the legal consequences, and the negative impact on one’s career

The time is now to take action against bribery and corruption – the world is watching, and organisations that make anti-bribery and anti-corruption and compliance a priority are poised to be successful. ISO 37001:2016 provides the layer of security, and as it is stated in the standard itself, “Conformity with this document cannot provide assurance that no bribery has occurred or will occur in relation to the organisation, as it is not possible to completely eliminate the risk of bribery. However, this document can help the organisation implement reasonable and proportionate measures designed to prevent, detect and respond to bribery”. The benefits are long-lasting and far reaching. Most importantly, when you engage ABAC® ’s training and certification program, you are assured that an accredited team of experts is working with your organisation to implement a top-of-the-line program that is tailored to your needs and accomplishes your goals.

> Need a reason for ISO 37001 certification? How about 25 of them? Check out our ABAC® “25 Benefits of ISO 37001 ABMS Certification” article now!

Whether your organisation is a corporation, nonprofit, or government agency, you can start enjoying the benefits of ABAC® Certification’s ISO 37001:2016 training and certification immediately. Learn more about ABAC® Certification and ISO 37001:2016 Anti-Bribery Management System today.

Who is CRI Group?

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

Prove That Your Business is Ethical for FREE

Complete our FREE Highest Ethical Business Assessment (HEBA) & evaluate your current Corporate Compliance Program. Find out if your organisation’s compliance program is in the line with worldwide Compliance, Business Ethics, Anti-Bribery and Anti-Corruption Frameworks. Let ABAC® experts prepare a complimentary gap analysis of your compliance program to evaluate if it meets “adequate procedures” requirements under UK Bribery Act, DOJ’s Evaluation of Corporate Compliance Programs Guidance and Malaysian Anti-Corruption Commission.

Filed under: Anti-Bribery Anti-Corruption Solution, Compliance Solution, ISO 37001, Resources by admin
No Comments »

« Previous Page — Next Page »

CONTACT US

NEWSLETTER SUBSCRIPTION

Sign up for risk management, compliance, corporate and background investigations, business intelligence and due diligence-related news, solutions, events and publications.

Corruption: a real Threat to Organisations Worldwide

Corruption: a Real Threat to Organisations Worldwide

For ages, systematic bribery was tolerated in various countries and industries as a “necessary part of getting business done or circumventing bureaucratic red tape.” The times are changing, however. Societies and their governments have recognised that bribery and corruption vastly affect economic growth, undermine trust and discourage investment. Studies show that bribery and corruption directly contribute to global poverty, social inequality, and a decrease in public infrastructure development.

To help organisations worldwide increase and measure their efforts against bribery and corruption, the International Organization for Standardization (ISO) issued the ISO 37001:2016 Anti-Bribery Management System standard. This new standard mirrors numerous steps contained in the U.S. Foreign Corrupt Practices Act, the U.K. Bribery Act 2010 and other major legislation aimed to curb bribery and corruption and increase punishments resulting from its occurrence.

The standard is a set of controls that any organisation can implement with the right guidance. The first step is an understanding among business leaders, from ownership and directors to management, that a global corruption problem exists – and ignoring it will eventually lead to serious consequences. From lapses in corporate due diligence and devolving government and corporate integrity to poor transparency, lack of accountability, and inadequate corporate integrity systems, business corruption has become rampant and commonplace globally. According to Transparency International, bribery and corruption were among the key components that led to the recent global economic crisis.

ISO 37001:2016 for different types of organisations

When it comes to bribery and corruption, businesses, non-profits, and government organisations all face risks to their financial well-being and reputation. ISO 37001:2016 Anti-Bribery Management System standard plays a vital role for all types of organisations in reducing risk and putting a structure in place that prevents and detects bribery and corruption on all levels.

Corporate/private sector

In the present era of globalisation, anti-corruption compliance plays a vital role for companies with high ethical values trying to expand business across borders and attract potential investors and business partners for the long term. Such companies are expected to ensure the integrity of their operations and the conduct of their suppliers, distributors, and agents wherever they may be.

To meet these needs, the standard ISO 37001:2016 is designed to apply to all organisations (or parts of an organisation) regardless of type, size and nature of the business activity. The program is tailored to the needs and requirements of the organisation.

Public sector organisations

Public sector organisations play critical roles, often interacting directly with the public they serve; they include utility service providers, license-issuing authorities and other regulatory bodies. These are vulnerable areas where authority is concentrated with weak financial positions that must fulfil the needs of both the service provider and its users. Such public sector organisations can benefit from implementing ISO 37001:2016 to control bribery and corruption to enhance their productivity level and play an improved role in the socio-economic development of their country.

Government departments

The government is a major stakeholder in the socio-economic development of a country. Hence it makes laws, regulations and establishes departments to check and control bribery and corruption. In many developing countries, however, anti-corruption laws and regulations are either weak or implemented unevenly, providing poor results. Government-led steps or campaigns to fight corruption often are ineffective, while bribes continue to be accepted as part of doing business. However, the threat of bribery and corruption can be mitigated through the implementation of ISO 37001:2016 standard, which provides safeguards within a management system, rather than temporary measures or mere slogans.

Training is the key to prevention

According to the Association of Certified Fraud Examiners’ “Report to the Nations on Occupational Fraud and Abuse,” a company’s employees are its best protection against fraud. Statistics show that most fraud is detected by internal tips, even more than audits and other methods. That means that employees recognise fraud, understand that it’s wrong and not acceptable at their workplace, and report it.

This means that the more trained and educated a workforce is about fraud, bribery and corruption, the better that organisation will operate as a team in preventing and detecting those behaviours.

The ISO 37001:2016 Anti-Bribery Management System uses this approach as a focal point in providing the standards for training and knowledge your organisation needs to prevent fraud, bribery and corruption. The proper training program should be tailored to your organisation, based on its size, the way it’s structured, the business you conduct, and your specific risk areas identified in the discovery phase. In this way, ISO 37001:2016 accommodates every level of your organisation to ensure that the entire team gets the training needed to identify, prevent and detect bribery and corruption.

The ISO 37001:2016 Anti-Bribery Management System certification empowers you with the ability to safeguard and maintain the integrity of your company by:

Guaranteeing that all workers and agents are devoted to the latest anti-bribery practice
Regularly validating compliance to appropriate legislation like the FCPA and U.K. Bribery Act 2010
Jointly cooperating with stakeholders to observe and reduce the risks throughout your supply chain
Externally scrutinising your company, testing the effectiveness of your anti-bribery policies and processes
Ensuring compliance in action

ISO 37001:2016 Anti-Bribery Management System certification is offered under CRI® Group’s ABAC® Center of Excellence, an independent certification body established for Anti-Bribery Management System, Compliance Management System and Risk Management System certification. ABAC Certification’s experts are skilled at developing and implementing programs to meet clients’ needs and requirements. Learn more about ABAC Certification and ISO 37001:2016 Anti-Bribery Management System today.

Who is CRI Group?

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds B.S. 102000:2013 and B.S. 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

Filed under: Anti-Bribery Anti-Corruption Solution, Compliance Solution, ISO 37001, Resources by admin
No Comments »

« Previous Page — Next Page »

ISO 37001 Certification: a Proclamation of Business Integrity

It’s a well-known World Bank statistic, but one that bears continual repeating: More than US$1.5 trillion – or 2% of world gross domestic product – is paid in bribes each and every year, contributing to the demise of governments, inadequate social services, inferior infrastructure, low-quality goods and services, and a general strain on public and private sector integrity and reputation.

But the past several years have seen marked progress in the global fight against bribery and corruption, particularly with the adoption of ISO 37001 “Anti-Bribery Management Systems,” which provides generally accepted standards for establishing, implementing, maintaining, reviewing and improving an organisation’s anti-bribery management system.

The global adoption of the standard means that organisations worldwide can now publicly demonstrate their intent to battle bribery via review, examination and certification of their systems to the ISO standard. And in doing so, those certified organisations are realising many key benefits that come with certification, and the extended impact certification has on their supply chain and third-party partners.

ISO 37001 Certification: A Conscientious Decision

ISO 37001 certification is not currently mandated by governments around the world, with the exception of Malaysia and a few other countries which are considering certification as a requirement for private sector organisations bidding for government contracts. That said, multi-national organisations are increasingly seeking certification as a conscientious decision to improve their operations for the good of the overall organisation.

In doing so, those organisations are making a strong statement to their stakeholders, customers, authorities, third-parties and the international marketplace that they are taking all necessary measures to review, amend and improve their systems and processes to control and prevent bribery.

Even more important, to verify compliance and achieve such certification, those organisations are willing to expose their operations to outside independent auditors who are specifically trained in identifying risks and weaknesses within the organisation, while making recommendations for improvement.

From an integrity perspective, the result of certification to the ISO 37001 standard can help reduce internal and external corruption risks, manage compliance risks and boost the public perception and reputation of the organisation as a whole.

This can provide the organisation with certain advantages in the tender process and give the organisation a competitive edge in business development.

Take for example the case of Mubadala Investment Company PJSC (Mubadala), a state-owned holding company that can be characterised as a sovereign wealth fund in the United Arab Emirates, a country widely known for its relatively high rankings on the annual Transparency International Corruption Perception Index.

In 2019 Mubadala called on CRI Group’s ABAC Center of Excellence to attain ISO 37001 certification. Upon completion of the extremely thorough and careful certification process, Mubadala Head of Ethics & Compliance noted that achieving such certification has helped his organisation provide full confidence to its partners and shareholders, and has opened avenues of investment for international and national companies because Mubadala enjoys a great rapport with the business community as a competent and truthful entity.

“We are very proud to attain this certification. It demonstrates our strong commitment to the highest standards of ethics and integrity in our activities. This achievement specifically affirms the presence of anti-bribery management systems across Mubadala that support a culture of transparency and compliance in line with the highest global standards.” Mubadala Head of Ethics & Compliance said.

The Ripple Effect of ISO 37001 Certification

While one of the most beneficial advantage of certification is that it formally announces to the global marketplace that the organisation has gone to great lengths to demonstrate a high level of integrity in its compliance program and can be looked upon as a trusted partner when it comes to business affiliations and future business dealings, there is an notable down-stream effect as well.

That’s where the standard requires intense third-party due diligence to verify that the organisation’s supply-chain partners maintain a strong commitment to anti-bribery compliance. This subsequently motivates the organisation’s business partners, suppliers and third-party providers to examine and improve their own practices, knowing that the organisation will not conduct business with outside providers that don’t measure up to its internationally accepted compliance standards.

And managing third-party risks will result in the ongoing supply of high-quality products and services, on-time delivery, reduced legal liability, increased stakeholder protection, higher customer satisfaction and improved reputation, to name just a few of the associated benefits.

ISO 37001 Certification Improves the Organisation

Finally, ISO 37001 certification is structured in a way that not only identifies risks and weaknesses within an organisation’s anti-bribery framework, it also outlines measures designed to improve that framework and, in turn, contribute to strengthening the overall operation. Here are some examples:

Financially, certification can help identify redundancies in the processes used to combat anti-bribery and corruption, potentially reducing the costs associated with duplication. Additionally, through certification, one can assume that demonstrating an adequate procedures defense may in many cases reduce legal costs in bribery cases and investigations, while also reducing or eliminating potential fines levied in such cases.

Operationally, certification can help to streamline internal processes and controls, and – through effective top-down management advocacy – ensure that all staff levels of the organisation stand united in the fight against bribery and corruption.

Ethically, certification shows that the organisation is making a conscientious choice to protect its customers by taking strong stances against the effects of bribery, which include overpriced products or services, defective parts, and under-qualified labor – all of which can produce economic hardship, physical harm or even death.

From a brand perspective, certification demonstrates that the organisation is committed to operating in an ethical environment, taking strong measures to prevent bad actors from succeeding and exposing the organisation to negative media publicity, adverse public reaction and damaged reputation.

And from business development standpoint, certification can effectively enhance the organisation’s ability to secure new business contracts, as public sectors around the world are increasingly requiring such certification as a qualification in the bidding process for large-scale contracts.

It’s no secret why multi-national organisations are increasingly realising the many benefits of ISO 37001 certification, as they enjoy improved internal systems and procedures, greater operational efficiency and top-down confidence throughout the organisation, to reduced corporate risks, stakeholder liability, and a resulting competitive edge in the international marketplace.

ISO 37001:2016 Anti-Bribery Management System certification is offered under CRI Group’s ABAC® Centre of Excellence, an independent certification body established for Anti-Bribery Management System training and certification, ISO 37301 Compliance Management Systems and Risk Management System certification. The program will be tailored to your organisation’s needs and requirements. For assistance in developing and implementing a fraud prevention strategy, contact ABAC today or get a FREE QUOTE now!

Who is CRI Group?

Filed under: Anti-Bribery Anti-Corruption Solution, Compliance Solution, ISO 37001, Resources, Third-Party Risk Management by admin
No Comments »

« Previous Page — Next Page »

Oil and Energy Companies Look to ISO 37001

In December 2017, the world’s largest builder of offshore rigs agreed to pay $422 million in penalties after entering a guilty plea for bribery charges connected with the Petroleo Brasileiro (Petrobras) scandal. Keppel Offshore & Marine Ltd. made illicit payments to both Petrobras officials and government representatives for more than a decade, between 2001 and 2014 (Reuters, 2017). ISO 37001

The sweeping multimillion-dollar bribery scandal that rocked Petrobras led to numerous investor lawsuits and the downfall of disgraced government officials. It also served as the embodiment of the huge risk of bribery and corruption that confronts the entire oil and energy sector.

Such a scandal is less surprising when one considers the scale of the oil and energy sector. It is a massive portion of the world’s economy, dealing mainly in petroleum – including upstream (exploration, development and production of crude oil or natural gas) and downstream (oil tankers, refiners, retailers and consumers) pipeline. As a raw material, petroleum is used for a number of chemical products, including pharmaceuticals, fertilisers, pesticides, solvents, and plastics.

The need to prospect, discover, and realise oil and energy production in various (and often far-flung) locations lends to the vulnerability to fraud – but geographic considerations aren’t the only risk factors. Perhaps even more impactful is the complexity of business relationships required to operate in the industry – relationships with governments, contractors, regulators, investors/venture partners, equipment suppliers and other parties. Every such interaction and dealing can be considered susceptible to bribery and corruption where cutting corners may be considered profitable or even perceived to be “business as usual.”

Contributing to the risk is the volatile nature of oil and energy prices (along with all levels of the production chain), along with increasing global demand. This drives oil and energy companies to expand into new areas and markets that might carry a higher risk of bribery and corruption, including undeveloped, third-world countries with few controls, lax enforcement, or both. The reality, however, is that when bribery and corruption continues unabated, everyone loses – companies and governments are affected financially, and economic instability is increased.

ISO 37001 Anti-Bribery Management System standard

There is a solution that oil and energy companies can implement to help prevent and detect bribery and corruption: the ISO 37001:2016 Anti-Bribery Management System standard. The standard requires organisations to implement a series of procedures to prevent, detect and address bribery on a reasonable and proportionate basis according to the type and size of the organisation, and the nature and extent of bribery risks faced. It applies to small, medium and large organisations in the public and private sector and can be implemented in any country. Though it will not provide absolute assurance that bribery will completely cease, for organisations in the oil and energy sector that operate across global boundaries, this is a critical layer of protection that provides both anti-bribery controls and a system for compliance with various anti-corruption legislation, such as the FCPA and UK Bribery Act.

ABAC Center of Excellence Limited is accredited as a Conformity Assessment Body (Certification Body) to assist your organisation in attaining ISO 37001 ABMS certification through a thorough bribery risk assessment and audit covering the entire scope of the standard. The audit methodology is evidence-based, meaning any issues raised will be confirmed through adequate evidence that the ABAC Certification team has discovered during the audit.

Auditing techniques take a risk-based approach to examining your organisation’s Anti-Bribery Management System (ABMS), and the ABAC Certification team will increase the scale of the investigation if they determine that a specific process presents on a higher risk side. Factors such as Impact, Negligence, Minor, Major, and Critical are taken into consideration during the audit.

A separate audit method is a process-based approach where the ABAC Certification examines the organisation’s processes while considering the interaction between those processes. Finally, there is a sampling-based audit approach where ABAC Certification incorporates an appropriate sampling plan utilising samples from different ABMS processes to conclude and support the audit findings and results.

The audit is extremely thorough in its approach, which results in an accredited certification for the scope of the ISO 37001 Anti-Bribery Management System. Because of the standard’s international acceptance and the thoroughness of the audit process, such certification can provide a valuable safeguard in demonstrating an “adequate procedures” compliance defence in cases posing a liability for a company’s failure to prevent bribery.

Once certified, an organisation must continue surveillance and undergo a recertification audit over three years to ensure that the organisation still complies with the ISO 37001 ABMS standard. During this time, any changes to processes, the addition of new partners and expansion/acquisition of new assets or energy contracts, etc. are carefully reviewed.

Lessons to learn

In the Keppel Offshore bribery and corruption case, implementing the measures above would have severely mitigated the risk that such a scandal could take root, much less proliferate over 13 years. The certification process involves a number of steps that include on-site audits to reveal any non-conformities – red flag areas that indicate a heightened risk of bribery and corruption. Such an assessment would have uncovered serious problems in Keppel Offshore’s processes, for example, and required corrective action plans to bring the organisation into compliance with its anti-bribery policy.

As corporations like Petrobras and Keppel Offshore have learned, there are deep repercussions for not taking proper preventative action with a robust anti-bribery management system (ABMS). The increase of anti-bribery and corruption legislation cannot be ignored by oil and energy companies, given that such regulations have, in most cases, achieved a global reach. For ownership and management, the stakes are especially high – accountability now includes criminal liability for organisation personnel as individuals, beyond (and in addition to) liabilities faced by the organisation. This trend will only continue as governments, and their publics become increasingly intolerant of fraud, bribery and corruption. Major media coverage and the real and perceived threat to governments’ economies contribute to this changing landscape of public opinion.

By extension, enforcement efforts are also being stepped up. Existing penalties are being applied with more regularities and new ones added with stronger impacts, including imprisonment and large fines – adding to the reputational damage that can occur as a result of bribery and corruption. Laws like the UK Bribery Act are being applied in force across international borders to put teeth in efforts to prevent, detect and punish corrupt corporate behaviour. While ISO 37001:2016 certification does not provide a shield against such enforcement measures, applying its standards can be considered a “good faith measure” for companies facing the consequences of bribery and corruption incurred in the past – and the measures prescribed by ISO 37001:2016 will no doubt have a mitigating effect on risk factors and the scale and scope of future acts of bribery and corruption should they occur.

Conclusion

With so much at stake in terms of money and resources, it should be no surprise that the oil and gas industry is rife with bribery and corruption. In today’s business climate, taking every step possible to prevent and detect bribery and corruption is more than just good business sense: It is essential to ensure a successful future. Implementing a worldwide recognised standard like ISO 37001 is a critical step forward for any organisation in the oil and energy industry.

Filed under: Anti-Bribery Anti-Corruption Solution, Compliance Solution, ISO 37001, Oil, Gas & Energy, Resources by admin
No Comments »

« Previous Page — Next Page »

Pharma and Healthcare Companies can Benefit from ISO 37001

Pharma and Healthcare Companies can Benefit from ISO 37001

When global pharmaceutical giant GlaxoSmithKline found itself in the Chinese government’s crosshairs for an alleged large-scale bribery scandal, there was perhaps little doubt that the consequences would be large-scale, as well. GSK was accused of systematically paying bribes and “gratuities” to doctors and hospitals in return for favourable product use and promotion. Pharma and Healthcare Companies ISO 37001 Benefits

China was in the midst of an emerging anti-graft campaign and imposed tough penalties against GSK and its executives: In the end, various company leaders were arrested and eventually given suspended prison sentences; GSK was fined $490 million; and the corporation published a statement of apology to the Chinese government and its citizens.

GSK’s fraud was arguably symptomatic of a widespread problem among pharmaceutical companies and healthcare providers (also called “life sciences” providers) with bribery and corruption in economies and healthcare markets around the world. Despite increased awareness of the problem and the application of sophisticated anti-fraud mechanisms, individual actors and agencies continue to defraud public and private health systems in the same ways exemplified by GSK in China.

Generally speaking, healthcare and pharma presents a target-rich environment for fraud. Quantitative data indicate that healthcare fraud has already risen starkly in recent years. The World Health Organisation (WHO) estimates that, where losses have been measured and the types of health expenditure have been covered, the average annual cost of fraud totals 7.29 per cent of healthcare budgets (Gee and Button, 2014). With rapidly ageing populations and the increased costs of providing long-term care, placing substantial pressure upon already overburdened health and social care sectors, healthcare spending will continue to increase worldwide. Unfortunately, this will also bring increased fraud schemes, as fraud perpetrators follow the money.

Bribery and corruption will continue to be a part of this upward trend in fraud. Certainly, not all cases are as broad and sweeping as GSK’s – in some cases, corruption occurs simply because the pharma or healthcare entity doesn’t have proper controls in place to uncover red flags. This also raises serious compliance issues in a landscape that has increasingly stringent regulations and enforcement measures to punish organisations that fail to implement proper anti-bribery and anti-corruption management procedures.

CRI Group investigates: Pharma corruption case included CFO

A major pharma company suspected bribery and corruption among some of its senior employees. The client’s corporate security department had received conflict of interest complaints that reportedly involved a range of employees, from sales personnel on up to the chief financial officer (CFO).

An outside investigation firm was called in launch a risk assessment of the company’s third-party relationships, which included several interviews with identified vendors and suppliers to help ascertain the engagement process and associated risks. This process uncovered the fact that the client had no policy or code of conduct concerning ethics, compliance and standards for appointment of vendors, suppliers and local agents. Most troubling was the fact that in most cases, senior management referred business opportunities to friends and family members.

Investigators found that one of the vendors, which was deeply engaged in procurements and the supply of services for the pharma company over the past five years, raised serious red flags. The vendor’s letterhead lacked a physical address, and the only contact information listed was a single cell phone number. It was clear this vendor warranted further investigation.

Investigators used site visits, background checks and interviews to determine that the suspicious vendor was not a company at all – but a single person. Not just any person, however – a public records check with a national database revealed that this individual, who was posing as a major vendor, was none other than the brother-in-law of the client company’s CFO. Worse still was the fact that this blatant fraud was being conducted right under the noses of procurement and finance professionals at this large and well-known pharma company.

The individual’s residence was being used as a warehouse to help facilitate the fraud. A comprehensive litigation records check found that he was previously convicted in federal court and spent three years in prison for the charges of selling counterfeit products, physician samples and expired medicines; further regulatory checks found that his pharmacist license had been cancelled.

A high fraud risk environment was created through the non-compliance of specific procurement rules, and a lack of integrity due diligence and proper risk management. Also, severe conflicts of interest were exposed, connected to high-level executive positions and benefiting those in positions of power.

The pharma company was exposed to highly unethical practices and could face regulatory and other government action. Furthermore, the company was at risk of civil and criminal investigations and liability, damage to its reputation, and loss in shareholder trust, all of which could adversely affect the company’s financial well-being.

A solution through ISO 37001:2016 ABMS

The case study above is not an outlier – such corruption cases are relatively common in such a broad and complex industry. The pharma company could have prevented the scandal altogether, however, had it proactively implemented a proper anti-bribery management system (ABMS). There is a solution that pharma and healthcare companies can implement to help prevent and detect bribery and corruption: the ISO 37001:2016 Anti-Bribery Management System standard. ISO 37001:2016 is designed to help global organisations implement an anti-bribery management system (ABMS), as the standard specifies a series of measures required by the organisation to prevent, detect and address bribery, and provides guidance relative to that implementation.

CRI Group’s ABAC Certification Services is fully accredited to offer independent ISO 37001:2016 certification to ensure that an organisation is in compliance with the standard, which is recognised and practised worldwide. CRI Group’s auditors and analysts work with pharma and healthcare companies to develop measures that integrate with existing management processes and controls, and include:

Adopting an anti-bribery policy
Establishing buy-in and leadership from management
Training personnel in charge of overseeing compliance
Communicating the policy and program to all personnel and business associates
Providing bribery and corruption risk assessments
Conducting due diligence on projects, business associates and other third-party affiliations
Implementing financial and commercial controls
Developing reporting and investigation procedures

In the case study outlined above, having such an ABMS in place would have detected the red flags of bribery and corruption before the scandal was able to proliferate and cause so much damage to the company. Risk assessments, in particular, would have uncovered the lack of due diligence procedures and alerted organisation leaders to the trouble areas that were points of opportunities for the CFO and his brother-in-law. Also, having proper due diligence procedures in place to vet and uncover fraudulent third-parties would have detected the problem with this vendor from the outset.

Once certified, an organisation must continue surveillance and undergo a recertification audit over three years to ensure that the organisation still complies with the ISO37001:2016 standard. During this time, any changes to processes and any new relationships with vendors and other third-party partners are carefully reviewed.

Long-lasting benefits of ISO 37001:2016 certification

ISO 37001 provides a strong framework for addressing and isolating risk factors, and the benefits of certification are far-reaching, impacting not just the primary organisation but also influencing contractors, clients, and raising the profile of the company as an ethical entity that is a good trading partner.

By achieving ISO 37001:2016 certification, a pharma or healthcare organisation will ensure that the organisation is implementing a viable anti-bribery management system utilising widely accepted controls and systems. It will also assure management, investors, business associates, personnel and other stakeholders that the organisation is actively pursuing internationally recognised and accepted processes to prevent bribery and corruption. Today, companies cannot afford to be reactive to threats of bribery and corruption. By achieving ISO 37001 Anti-Bribery Management System certification today, an organisation will remain in compliance and better positioned to address risks head-on.

Who is CRI Group?

Filed under: Anti-Bribery Anti-Corruption Solution, Compliance Solution, ISO 37001, Pharmaceutical & Healthcare, Resources by admin
No Comments »

« Previous Page — Next Page »

Demonstrating Adequate Procedures with ISO 37001 ABMS Certification and Training

As the international outcry on bribery and corruption practices continues to tighten its grip around rogue players in the private and public business sectors, global organisations continue to ramp up their efforts to develop effective frameworks to prevent, detect and report bribery and corruption. And by fortifying their anti-bribery management systems, such organisations are further helping their cause as such systems can play a pivotal role in establishing “adequate procedures” as a compliance defense in the event of a bribery accusation.

“Adequate procedures” is a term made popular through the UK Bribery Act of 2010, which poses the potential of a company avoiding liability for failing to prevent bribery if that organization can demonstrate sound and established policies and procedures that deter individuals (inside and outside of the organisation) from partaking in questionable or corrupt conduct. A key challenge, though, is that “adequate procedures” takes on different meanings, depending on what country or jurisdiction one may reside. Further, most enforcement agencies and government authorities offer little guidance that pinpoints what exactly “adequate procedures” means when considered as a possible defense in a legal proceeding.

Consider two international legislative provisions that offer “adequate procedures” as a possible legal defense consideration along with the most recent National Anti-Corruption Plan of the Malaysian Government, and discover how a newly adopted international standard can offer multi-national organisations specific guidelines in developing a globally accepted anti-bribery management system that may support most “adequate procedures” defenses.

UK Bribery Act of 2010

Under the UK Bribery Act, an “adequate procedures” defense would be considered during an investigation into a corporate failure to prevent bribery. The Act provides commercial organisations with a defense to liability when commercial organizations can prove and demonstrate that they had in place proper procedures designed to prevent persons associated with them from undertaking bribery related conduct.

Consequently, corporations that are otherwise liable for violating the corporate failure to prevent bribery provision can escape criminal liability from the provision if they can prove that they had in place “adequate procedures” to prevent the relevant illegal conduct from occurring. This defense is unique in that it contends that corporations are acting in good faith and taking proper precautions throughout the organization in implementing adequate compliance procedures, and subsequently can avoid being held criminally accountable for the failure to prevent bribery. This defense is significant in that there is no such defense under the FCPA (see below) or most other foreign anti-bribery laws.

FCPA (U.S. Dept. of Justice)

While corporate compliance procedures are not considered in the liability phase of the FCPA, they are taken into account during the sentencing phase by the U.S. DOJ relevant to the FCPA. The United States Sentencing Commission outlines through its Federal Sentencing Guideline Manual six factors — four aggravating and two mitigating — that a sentencing court must consider in determining the appropriate penalty on organizations convicted under the FCPA. The existence of an effective compliance program is one of the two mitigating factors. Subsequently, an organization convicted of FCPA violations can use the existence of an effective compliance program to potentially reduce a penalty against it.

Malaysian National Anti-Corruption Plan 2019-2023

Under Section 17A (3) of the Malaysian Anti-Corruption Commission act, if the commercial organisation is found liable under the corporate liability provisions, a person who is the director, controller, officer or partner of the organization, or a person who is concerned with the organization’s management affairs at the time of commission of an offense, is deemed to have committed that offense unless such person can prove that the corrupt act was committed without his consent or connivance and that he exercised due diligence to prevent that commission of the offense as he ought to have exercised with regard to the nature of his function in that capacity and the circumstances.

Hence, there is a need for the company to put in place “adequate procedures” as a defense in case there is proven corruption by the associated individual. The Malaysian Anti-Corruption Commission MACC has issued guidelines which constitute “adequate procedures.” In the National Anti-Corruption Plan, Tun Dr. Mahathir bin Mohamad, Prime Minister of Malaysia on 29th January 2019 developed initiative number 2.1.3 which seeks “To introduce Anti-Bribery Management System (ABMS)MS ISO 37001 certification in all Government agencies” within two years (Jan 2019-Dec 2020). The guidelines further state in initiative 6.2.4 “To propose Anti-Bribery Management System (ABMS) MSISO 37001 certification as a requirement for State-Owned Enterprises (SOEs), Company Limited By Guarantee (CLBG) and the private sector to bid for Government contracts”.

In complying with these guidelines and to prove “adequate procedures”, public and private sector organizations should implement the ISO 37001 certification process which would provide proper assurance that the organization has succeeded in establishing, implementing, maintaining, reviewing and improving its Anti-Bribery Management System.

Demonstrating “Adequate Procedures” through ISO 37001 Certification

ISO 37001 Anti-Bribery Management System is an internationally accepted standard that specifies the procedures by which an organization should implement in preventing bribery while detecting and reporting any bribery incident that occurs.

The standard requires organizations to implement these procedures on a reasonable and proportionate basis according to the type and size of the organization, and the nature and extent of bribery risks faced. It applies to small, medium and large organizations in the public and private sector and can be implemented in any country. Though it will not provide absolute assurance that bribery will completely cease, the standard can help establish that the organization has in place reasonable, proportionate and adequate anti-bribery procedures.

ABAC® Center of Excellence Limited is fully accredited as a Conformity Assessment Body (Certification Body) to assist your organization in attaining ISO 37001 certification through a thorough bribery risk assessment and audit covering the entire scope of the standard The audit methodology is evidence-based, meaning any issues raised will be confirmed through adequate evidence that the ABAC Certification team has discovered during the audit.

Auditing techniques take a risk-based approach to examining your organization’s Anti-Bribery Management System (ABMS), and the ABAC Certification team will increase the scale of the investigation if they determine that a specific process presents on a higher risk side. Factors such as Impact, Negligence, Minor, Major, and Critical are taken into consideration during the audit.

A separate audit method is a process-based approach where the ABAC Certification examines the organization’s processes while considering the interaction between those processes. Finally, there is a sampling-based audit approach where ABAC Certification incorporates an appropriate sampling plan utilizing samples from different ABMS processes to conclude and support the audit findings and results.

The audit is extremely thorough in its approach, which results in an accredited certification for the scope of the ISO 37001 Anti-Bribery Management System. Because of the standard’s international acceptance and the thoroughness of the audit process, such certification can provide a valuable safeguard in demonstrating an “adequate procedures” compliance defense in cases posing a liability for a company’s failure to prevent bribery.

Indeed, from an FCPA perspective, certification may provide tangible evidence that a compliance program was in place at the time of the alleged bribery actions. And from a UK Bribery Act perspective, the certification could provide the company with tangible prima facie evidence presented by an accredited certification body attesting to the establishment and effectiveness of the organization’s compliance program. Notably, per Section 17A of the Malaysian Anti-Corruption Commission act, the Prime Minister’s National Anti-Corruption Plan 2019-2023 has declared ISO 37001 certification a requirement for companies operating in Malaysia.

There is a strong likelihood that ISO 37001 Anti-Bribery Management System will continue to set the pace for a globally recognized “adequate procedures” standard for corporations embroiled in corruption litigation proceedings. But for now, the most powerful “insurance” tool that public and private sector organizations can use in their defense strategy is ISO 37001 ABMS certification.

ABAC Certification is an accredited conformity assessment body in issuing ISO 37001:2016 certification, and an independent component of CRI® Group’s Anti-Bribery Anti-Corruption Center of Excellence, which was created to educate, equip and support the world’s leading business organizations with the latest in best-practice processes and procedures, providing world-class anti-bribery and anti-corruption solutions to organizations seeking to validate or expand their existing compliance frameworks to maintain a competitive edge in the world marketplace.

Zafar Anjum, MSc, MS, LLM, CFE, CIS, MICA, Int. Dip.(Fin. Crime), CII, MIPI, MABI | CRI® Group & ABAC® CEO
t: +44 207 8681415 | m: +44 7588 454959 | e: zanjum@CRIGroup.com

Let’s Talk!

If you have any further questions or interest in implementing compliance solutions, please contact us.

CRI® Group has safeguarded businesses from any risks, providing investigations (i.e. insurance fraud), employee background screening, investigative due diligence, business intelligence, third-party risk management, forensic accounting, compliance and other professional investigative research services. In 2016, CRI® Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. Contact ABAC® for more on ISO Certification and training.

Filed under: Anti-Bribery Anti-Corruption Solution, ISO 37001, Resources by admin
No Comments »

« Previous Page — Next Page »

3 ways to protect your Company’s Reputation

In today’s connected business world, there are very few secrets. United Airlines, for example, recently learned the hard way that one ugly incident can go viral and spread around the world in a matter of minutes – not hours, days or weeks. protect company reputation

United initially faced criticism over the rough treatment of a passenger being removed from one of their planes. Then, the company learned a second lesson when its CEO’s response to the crisis seemed somewhat disconnected and uncaring. United was in the middle of a reputational crisis, and its first official response to angry consumers only added more fuel to the fire. Later, the CEO offered an apology and a more compassionate statement – but the damage was done.

There are lessons to be taken from this and other high-profile cases where companies have seen their reputation, which they’ve worked hard to cultivate, trashed in the public spotlight. The fact is, things happen, and no company has a guaranteed way to safeguard their reputation from ever being dinged or facing scrutiny, whether fair or not. But there are ways to mitigate the damage and help ensure your company survives the crisis, and can rebuild its reputation in a positive way.

Know that people are talking about you

In the age of Twitter, Facebook, Yelp and other social engagement sites, people are keen to talk about what they like, dislike, what they wish would be better, and anything else on their mind. That includes your company and your products or services. Accept this and embrace it. Engage with people who post on social media when appropriate, and always in a polite and respectful manner. When there is a legitimate problem, communicate that you are taking the matter seriously and looking to resolve it, and then do so.

1. Be transparent

A way to be proactive in your engagement with others is to ask for feedback. Then be prepared to address it, good or bad. Consumers, stakeholders and even your own employees will be impressed by the open lines of communication and an honest dialog. In this way, you can strive to improve your services and offerings and show that you are receptive to your client’ needs.

2. Protect your customers’ data

Nothing can destroy your reputation among your clients and customers quicker than having to tell them their personal information, which was entrusted to you to remain private and protected, is now in the hands of hackers or criminals because you suffered a security breach. Even worse is when they learn that your company did not take all the measures necessary, or even the most basic ones, to prevent such a breach from occurring. Not only might you be criminally liable, but customers will run from you, not wanting to take a risk that something like that could happen again in the future. In today’s high-risk environment, you must have the most sophisticated and up-to-date security measures in place to protect your date – and your reputation.

3. Conduct due diligence

How much do you know about your third-party partners – those suppliers and contractors that you’ve trusted for years, or new ones with whom you seek to engage? An unethical partner can have serious effects on your own company’s reputation – bribery, corruption, supply chain problems are all issues that can end up tainting your own business and causing your customers to lose trust in your products or services. Conducting thorough due diligence, with background checks and full risk assessments, is the only way to help protect your reputation from potential harm.

It may feel sometimes like your company’s reputation is out of your control. However, there are steps you can take to help manage your reputation and help steer the conversation. It becomes more difficult when you wait, and try to undo later the damage that has already been done. That’s why being proactive in maintaining a positive reputation is the best strategy. Contact CRI Group today and let us help you stay on the path to managing your message and your reputation.

Who is CRI Group?

Filed under: Anti-Bribery Anti-Corruption Solution, Automotive, Aviation, Business Intelligence, Compliance Solution, Finance & Professional services Industry, Insurance, ISO 37001, IT & Telecommunications, Oil, Gas & Energy, Pharmaceutical & Healthcare, Property, Resources by admin
No Comments »

« Previous Page — Next Page »

Why should you want your partners to be ISO 37001 certified?

We at the CRI Group believe that businesses that are being run free of corruption accomplish their vision and mission sooner and easier. They bring good to the world more effectively than others. When a business has a clearly set vision and a detailed plan on how to reach it, all it takes to accomplish it is to stick to the plan. However, since companies have to cooperate with other companies in their regular work, they don’t have a choice but rely on someone else’s ethics and principles of doing business. But we all know that business partners are not always reliable. Starting cooperation with one requires conducting thorough due diligence of their work before doing any serious business with them.

The risks could be enormous when your potential partners are involved in criminal activities. Unfortunately, white-collar crimes are not eradicated from the business world, especially when it comes to corrupt activities. Many acts of corruption are often in some kind of gray area – maybe they are legal, maybe not, but certainly are not ethical. In such circumstances, some businessmen don’t hesitate to reach for methods that don’t comply with your legal and ethical standards. If you are cooperating with such partners, you know that risks for your companies are huge. Not only because unknowingly you could be involved in corrupt practices and be investigated by law enforcement authorities, but also because they ruin your reputation and make other potential partners avoid working with you. You are aware that a mistake in choosing business partners can be very costly for your business. Sometimes these risks are easy to mitigate, but some of them could bring your company on the edge of shutting down.

This is where the ISO 37001 standard helps. If you get certified, that would mean implementing numerous anti-bribery standards that will protect your business from bribery. By requiring your partners be certified as you are, you show your preference to cooperate with partners who tackle bribery as well. That speaks of your values as a company. It will let the world know that your anti-bribery values don’t serve just to take space on the Values section on your company’s website, but you are dedicated to putting them in practice as well.

What is required of ISO 37001 certified companies?

Certifying with ISO 37001 means that a third-party such as ABAC® has checked out on the company and confirmed that your partners have implemented the following anti-bribery standards:

Annual and continuous risk-assessment
Anti-bribery policies and procedures, including those for hospitality, gift-giving, and donations
Anti-bribery training for employees
Procedures for reporting and investigating cases of bribery in the company
A compliance team to oversee implementation of anti-bribery measures
Policies and procedures for mitigating the risk of bribery
Safe channels for reporting bribery by whistleblowers
The proper due diligence of third parties
Continuous corrections of anti-bribery policies and procedures
The commitment of top management to tackle bribery in their own company
Risk-rating system for third parties

What does this mean for you when you cooperate with others?

Requiring your partners to be ISO 37001 certified will bring the following benefits for you:

It will protect you from potential bribery practices. Although implementing the ISO 37001 standard doesn’t necessarily mean that no one will ever try to ask or offer bribes, the mere implementing of the standards will make that very difficult to occur. If both you and your partners are certified, it’s unlikely that corrupt practices related to bribes will happen in your cooperation.

It will be easier to onboard new partners. Starting cooperation with a new company for which you don’t know how reliable it actually is will require doing a thorough due diligence analysis. If both of you are ISO 37001 certified by a third party, at least for the anti-bribery part, you’ll be sure from the start that the other party operates by the same standards as you.

You’ll have peace of mind when cooperating with your partners. You’ll know that someone knowledgeable of anti-bribery standards has confirmed that your new partner is ethical and doesn’t pose a threat to your company.

If you haven’t certified your company with the ISO 37001 Anti-bribery Management Systems standards yet, but you want to show your potential partners that you are serious about running a bribery-free business, contact us by filling this form. We will answer your certification inquiries as soon as possible.

Filed under: Anti-Bribery Anti-Corruption Solution, Compliance Solution, ISO 37001, Resources by admin
No Comments »

« Previous Page — Next Page »

Corruption won’t stop: is your organisation protected?

In one case, an enforcement agent for a Malaysian government department pleaded guilty for receiving a bribe from a business owner. In another, a U.S. district attorney from Philadelphia was accused of taking cash in return for helping people with their legal cases. He was accused of 28 counts of bribery, and in the end was given a deal to plead guilty on one count. Both cases show how easy it is for organisations to fall victim to bribery and corruption.Businesses, non-profits, government organisations both face a risk to their financial well-being and reputation.

In Malaysia, the case centred around an employee of the Domestic Trade, Cooperatives and Consumerism Ministry. According to the article “Domestic Trade enforcement staff fined RM1,200 for bribery” published in the New Straits Times, Muhammad Mat Sa’ad, 36, was charged with taking bribes from a fuel storage owner in 2014. His case was prosecuted by the Malaysian Anti-Corruption Commission (MACC).

In the U.S., Philadelphia’s top law enforcement officer, District Attorney R. Seth Williams, pleaded guilty to bribery in a more sweeping case with some very troubling details. According to the New York Times article “Philadelphia District Attorney Pleads Guilty to Bribery and Resigns,” Williams allegedly accepted bribes from business people in return for offers of legal help with their cases or those of their friends. But he may have also defrauded his own mother.

The article states:

“Mr. Williams accepted gifts including a trip to the Dominican Republic and checks for thousands of dollars from people who wanted favours, prosecutors said. According to an indictment by the United States attorney’s office for New Jersey, he promised one of the business people that he would “look into” a case that had been brought against a friend of that person.

He also faced charges including wire fraud and extortion for his alleged personal use of political action committee funds and government vehicles. Among the most damaging charges against Mr. Williams was that he defrauded a nursing home and family friends of money that was designated for the care of his mother.”

He faces a up to five years in prison and a fine of up to $250,000.

These types of troubling cases can likely be prevented with the right training, internal controls, and certification. The International Organization for Standardization (ISO) issued the ISO 37001:2016 Anti-Bribery Management System standard to help companies worldwide increase and measure their efforts against bribery and corruption.

CRI® Group is registered as a foremost ISO 37001:2016 Certification Body with the Dubai Accreditation Center (DAC) Government of Dubai, UAE, and has formally launched its ISO 37001:2016 Anti-Bribery Management Systems certification program. ISO 37001:2016 certifies that your organisation has implemented reasonable and proportionate measures to prevent bribery. These measures involve top-level leadership, training, bribery risk assessment, due diligence adequacy, financial and commercial controls, reporting, audit and investigation.

Through CRI® Group’s 3PRM-Certified™, the ISO 37001:2016 Anti-Bribery Management System Certification will help your company, organisation or department to reduce risk of bribery and corruption by establishing, implementing, maintaining and improving your management system. The certification empowers you with the ability to safeguard and maintain the integrity of your company by:

Guaranteeing that all workers and agents are devoted to the latest anti-bribery practice.
Regularly validating compliance to appropriate legislation like the FCPA and UK Bribery Act 2010.
Jointly cooperating with stakeholders to observe and reduce the risks throughout your supply chain.
Externally scrutinising your company, testing the effectiveness of your anti-bribery policies and processes.
Creating “Compliance in Action.”

ISO 37001:2016 Anti-Bribery Management System certification is offered under CRI® Group’s ABAC® Centre of Excellence, an independent certification body established for Anti-Bribery Management System training and certification, ISO 37301 Compliance Management Systems and Risk Management System certification. The program will be tailored to your organisation’s needs and requirements. For assistance in developing and implementing a fraud prevention strategy, contact ABAC® today or get a FREE QUOTE now!

Who is CRI® Group?

Based in London, CRI® Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI® Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI® Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI® Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

Filed under: Anti-Bribery Anti-Corruption Solution, Compliance Solution, Due Diligence, ISO 37001, Leadership Insights, Resources, Third-Party Risk Management by admin
No Comments »

« Previous Page — Next Page »

Any successful ethics and compliance strategy needs 5 key ingredients …

Once upon a time, the idea of business ethics was more of an abstract or philosophical notion that seemed more suited for discussion in a university lecture or at a business conference. Today, however, organisations of all sizes and industries must have concrete ways of addressing ethics and compliance issues as a principal component of their business processes and strategy.

According to a study by PwC, 98 per cent of senior leaders say they’re committed to compliance and ethics; however, only 67 per cent have a process in place to identify the owners of compliance and ethics-related risks, with only a third having an officer in place for the overall compliance and ethics. Fifty-six per cent of the companies don’t have a chief ethics officer at all, and only 20 per cent have a Board of Directors that formed separate compliance and ethics committees. The study reports that 82 per cent of leaders communicated with employees on ethics, but 46 per cent of this is done in business meetings or by email. You can read the result on the full PwC website.

Business leaders are usually quick to communicate their expectations to employees, especially when it comes to financial goals or tasks that they want to be accomplished. However, what is often lacking is a clear, concise explanation of what the organisation expects regarding ethical behaviour and a compliance framework in place to follow. Today citizens, media, politicians and international bodies across all regions actively condemn abuses of power. And past scandals and their consequences have created a demand for increased regulations, greater transparency, and other rigorous scrutiny measures to be taken. To maintain (or regain) public trust, the ethics and compliance function has been placed at the centre of the strategic core of organisations by effective leaders.

Empower your organisation to mitigate risk!

To ensure a robust compliance and ethics strategy, five critical elements need to be implemented; 1) tone at the top; 2) corporate culture; 3) risk management, 4) a Chief Compliance Officer; and 4) testing and monitoring.

1 – Building Tone at the Top

“Tone at the top” is a term used to describe the ethical atmosphere created at an organisation or workplace by their leaders and their attitudes and behaviours. Tone at the top is vital in determining whether fraud, bribery, or corruption are likely to occur. Because all levels of management set it, it has a trickle-down effect on all employees. If the top leaders show a robust and zero-tolerance approach to fraud, employees are likely to lead by example.

An organisation with a strong ethical culture is usually led by a board of directors and senior management personnel who actively promote a culture of compliance and zero tolerance for fraud and other unethical business behaviour. Effective tone at the top will communicate to the organisation at all levels the expected type of conduct, what is considered unacceptable, and what the consequences will be for transgressions. A zero-tolerance approach should be followed at all times; it is vital in maintaining the culture of ethics and compliance at the organisation; below are some examples of failed tone at the top:

For more scandals, check out our list of the “Top 10 Bribery & Corruption Stories of 2020“.

2 – Corporate culture

The prevailing norms, expectations, and recognised acceptable behaviour form the corporate culture of an organisation. By implementing an ethical code of conduct and compliance with all regulations a part of those norms, the organisation will help promote positive behaviour and integrity among its staff.

You might be making assumptions that your employees know how to conduct themselves ethically when, in fact, this expectation only exists in a grey area in their minds – if at all. Some employees who have engaged in fraud, corruption or other unethical situations have claimed that while they knew their behaviour was wrong, they thought it was implicitly accepted by their bosses and, in some cases, their company on the whole.

Similar to establishing an effective tone at the top, fostering a positive corporate culture hinges on effective communication, and it needs to permeate different layers of the organisation. In other words, sending occasional emails about ethical behaviour isn’t enough to influence the culture at a company. Develop videos, team-building exercises, new employee orientations, and employee appreciation events; these provide opportunities to recognise positive behaviour and reinforce the company’s values. When employees see their colleagues being recognised and rewarded for maintaining a compliant and ethical corporate culture, they are more likely to help cultivate an ethical workplace. When the tone at the top and corporate culture are tied together, everyone understands what is acceptable and expected in being a part of the organisation’s success.

3 – Risk management: perform risk assessments

Risk management is identifying, evaluating, and prioritising risks (defined in ISO 31000 as the effect of uncertainty on objectives) followed by coordinated and economical application of resources to minimise, monitor, and control the probability or impact of unfortunate events to maximise the realisation of opportunities. In other words, before you establish an ethics and compliance framework – first, a risk assessment should be conducted to uncover any vulnerabilities that need to be addressed with new processes.

> Risk assessment breakdown: Identification, Analysis, Evaluation

This means you need to assess how your business is conducted. So ask yourself:

Have the various roles at the company been appropriately allocated, and is there a proper separation of duties?
Are employees qualified for their responsibilities?
Is the workforce trained to recognise the red flags of unethical behaviour and fraud?

Once the risks are identified, they can be isolated and addressed as part of your organisation’s comprehensive approach to ethics and compliance. The risks should be prioritised:

Which ones pose an immediate threat?
Could they effectively shut down the business?
Do they pose a risk of financial, legal, or reputational risk – or all of the above?

Once prioritised, the identified risks should be assigned to critical members of the organisation. Whatever your reasons or motivations might be, if your organisation’s objective is to have an effective risk management strategy in place, then ISO 31000 can provide the principles, framework and a process for managing risk.

4 – A Chief Compliance Officer (CCO)

The implementation of a robust ethics and compliance strategy can give your organisation a competitive edge. A compliance officer or a CCO plays an essential and crucial role in the implementation. They are tasked with the day-to-day responsibility of overseeing the management of compliance and ethical risks whilst ensuring that the organisation is in compliance with the various regulatory requirements and that employees adhere to internal procedures and policies. Oversight should be provided by the board of directors (or ownership and executives) to ensure that problem areas have been adequately addressed and the organisation is taking a proactive approach to mitigating risk.

5 – Testing and monitoring

When all the new processes have been implemented (the anti-fraud policy and employee code-of-conduct, anti-bribery and anti-corruption training and policies, allocation of duties and responsibilities, an anonymous reporting -hotline- process for unethical behaviour), a thorough testing and monitoring regimen is critical to ensure the new process is working.

It is important to remember that having the best processes on paper won’t make a positive difference on its own. You need to monitor how they are being used and their success. A schedule should be in place that promotes frequent, regular check-ups of the ethics and compliance controls, with metrics that show results (i.e. surprise audits). A surprise audit is an effective way to test if any new controls have reduced the flagged irregularities. Before implementing ethics and compliance controls, the risk assessments should have identified risk areas with the new processes to mitigate that risk. Only by testing and testing frequently can the organisation determine if the new controls have the desired effect. If they are not, the company should develop new solutions that specifically robustly target these problem areas – and, in time, test them again.

Addressing ethics and compliance issues at an organisation can be a daunting task. However, with careful preparation, expert help, and a common-sense approach, any organisation can develop or enhance its corporate culture to be proactive in mitigating ethics and compliance risks. The benefits will be obvious – increased productivity, better security, and empowered employees who understand that their organisation values integrity and an ethical work environment.

Create a zero-tolerance approach to fraud with ISO 37001 ABMS

Creating a zero-tolerance approach to fraud doesn’t happen overnight. When your organisation enrols in ISO 37001:2016 ABMS training and certification, the program involves your entire team. The training helps establish an ethical culture by educating your employees on the following:

What constitutes fraud, corruption, and bribery, and why these are so damaging to business
How to identify red flags of fraud, corruption and bribery
The process for reporting fraudulent and unethical acts
The organisation’s zero-tolerance attitude toward unethical behaviour and willingness to terminate employees for breaches and prosecute unethical acts
The severe ramifications for committing fraud or bribery, the legal consequences, and the negative impact on one’s career

Employees shouldn’t be expected to follow a code of conduct that they aren’t aware exists. That’s why ISO 37001:2016 ABMS creates a communication plan through which organisation leaders regularly communicate their ethical behaviour expectations to the staff periodically. Read more on how to build trust in the workplace with ISO 37001 Certification.

About CRI Group

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

Speak up – report any illegal, unethical, or improper behaviour

If you find yourself in an ethical dilemma or suspect inappropriate or illegal conduct, and you feel uncomfortable reporting through normal communication channels or wish to raise the issue anonymously, use CRI Group’s Compliance Hotline. The Compliance Hotline is a secure and confidential reporting channel managed by an independent provider. When reporting a concern in good faith, you will be protected by CRI Group’s Non-Retaliation Policy. COMPLIANCE HOTLINE

Filed under: All Industries, All Solutions, Automotive, Aviation, Compliance Solution, Finance & Professional services Industry, Global, Insurance, ISO 37001, IT & Telecommunications, Leadership Insights, Oil, Gas & Energy, Property, Resources by admin
1 Comment »

« Previous Page — Next Page »

CONTACT US

NEWSLETTER SUBSCRIPTION

FOLLOW US