GDPR vs. UK-GDPR; the Laws Post Brexit

The General Data Protection Regulation (GDPR) is a regulation in EU law that was implemented on the 25^{th of} May 2018 and concentrates on data protection and confidentiality in the European Union and the European Economic Area; alongside this, the GDPR is also used to address the transmission of personal data outside the EU and EEA areas. The EU Commission announced on 28 June 2021 that adequacy judgments for the UK have been passed, so what does that mean for the GDPR rules?

The Brexit transition phase concluded on the 31^{st of} December 2020 and as a component of the new trade agreement, the EU has come to an agreement to postpone the transmission limitations for at least four months, which can then be stretched out to six months (recognised as the bridge). The European Commission published its draft decisions on the 19^th of February 2021  regarding the UK’s adequacy under the EU’s General Data Protection Regulation (EU GDPR) and Law Enforcement Directive (LED). In both cases, the European Commission has found the UK to be adequate which implies that much of the data can resume the stream from the EU and the EEA devoid of the need for supplementary precautions. Nevertheless, it is vital to take note of the fundamental reality that the adequacy decisions do not cover data conveyed to the UK for the principles of immigration control, or where the UK immigration immunity is appropriate. For this nature of data, distinct regulations are employed, and the EEA dispatcher wants to set other transfer safeguards in place. September 2021 saw WhatsApp being handed the second highest fine under EU GDPR (General Data Protection Regulation) rules and the biggest fine ever from the Irish Data Protection Commission due to their lack of understanding towards the new GDPR laws – had they done their due diligence, they may have been able to avert such a hefty fine. Our Due diligence 360° services provide the specialised intelligence needed by global financial institutions and multinational corporations to guarantee complete compliance with anti-money laundering (AML) regulations and legislations.

Find out more about compliance below or download our free brochure.

FIND OUT OUR SOLUTIONS or DOWNLOAD THE BROCHURE

The draft decisions will at this point be deemed by the European Data Protection Board (EDPB) and a committee of the 27 EU Member Governments.  If the committee accepts the draft decisions, then the European Commission can formally adopt them as legal adequacy decisions.  If adequacy decisions are not implemented at the end of the bridge and allocations from the European Economic Area (EEA) to the UK will require compliance with EU GDPR transfer constraints.

What is the UK-GDPR?

The United Kingdom General Data Protection Regulation (UK-GDPR) is the UK’s national data privacy law that is the proxy for the EU’s GDPR after Brexit; it is fundamentally the equivalent to the EU’s GDPR but altered to accommodate national regions of regulation. The UK-GDPR will regulate personal data and demand the same legal grounds for managing personal data.

The GDPR is indeed still retained in domestic law as the UK GDPR, although the UK has the freedom to maintain the framework under evaluation. The ‘UK GDPR’ as it’s known as, rests adjacent to a revised edition of the DPA 2018. It is also essential to note that the fundamental ethics, constitutional rights, and responsibilities remain as they were but that there are connotations for the regulations on transmissions of individual data between the UK and the EEA.

The UK GDPR also pertains to regulators and processors established out of the UK if their managing pursuits correlate to:

• presenting commodities or services to persons in the UK; or
• supervising the conduct of persons taking place in the UK.

Similarly, there are also outcomes for UK regulators who have an institution in the EEA, have consumers in the EEA, or observe individuals in the EEA. The EU GDPR still pertains to this handling as data can still flow freely from the EEA because the EU have adopted adequacy decisions about the UK, but the European data protection mandates has altered the way you can interact. CRI® Group’s own exclusive, expert-developed 3PRM™ services help you proactively mitigate risks from third-party affiliations, protecting your organisation from liability, brand damage, and harm to the business. Whether your organisation has a large, well-established third-party program, is in the early stages of development, or is anywhere in between, the 3PRM™ solution can improve the health of your program and future-proof your entire business in many forms.

Find out more about 3PRM™ below or download our free brochure.

FIND OUT OUR Third-Party Management Solution or DOWNLOAD THE BROCHURE

Which rules apply?

Whilst the adequacy judgments stay in order, the UK GDPR is still valid and is expected to remain so until the 27^{th of} June 2025. The EU Commission will be supervising advancements in the UK on a constant basis to guarantee that the UK will continue to deliver a comparable degree of data protection. The Commission is still able to revise, postpone, or rescind the decisions if concerns cannot be settled. EU data subjects or an EU data protection authority can also instigate a lawful dispute regarding the decisions in which the Court of Justice of the European union would then have to determine whether the UK did essentially deliver comparable security.

In the absenteeism of an EU GDPR adequacy decision, the Frozen GDPR would be valid to subjective data of the basis of if:

• it was administered in the UK under the EU GDPR before 01 January 2021; or
• it’s being administered in the UK on the basis of the Withdrawal Agreement

Conversely, the UK-GDPR does increase on -and diverge from- the EU GDPR in noteworthy approaches that will make modifications to the legal environment of data protection in the UK.

UK-GDPR expands and changes the European GDPR

The areas increased on by the UK-GDPR are:

• National security
• Intelligence services
• Immigration

These regions, are per definition, are outside the scope of the European GDPR the three of them are deemed to be extra-national regulation from the EU devoid of powers to govern affairs of national confidence in constituent nations. Nevertheless, the UK-GDPR sets out specific concessions by which the customary welfare of personal data can be circumvented, e.g., when in matters of national security or in matters of immigration. It also applies the same requirements for collection and processing of personal data to the intelligence services. A further significant change is that the Information Commissioner, who was the leading data protection authority in the UK today, became the primary director, monitor and enforcer of the UK-GDPR.

Are you post-Brexit GDPR compliant? 

The UK-GDR would now entail your organisation’s site or application to request for the user’s approval prior to accumulating and managing data via cookies. It involves that your organisation not amassing more data than is truly mandatory and to also make it as straightforward for your users to rescind authority to the application of data as it is to give it. Transparency is key in the UK-GDPR and requires clarification of how long data is stored and how you will be processing users’ personal data.

Let’s Talk!

It’s always great to have a helping hand when it comes to compliance and risk management – especially with all the new changes expected to take place ahead of securing the integrity and morality across corporate culture. Take a proactive stance with the highest level of expertise as a part of your essential corporate strategy. Contact us today to learn more about our full range of services to help your organisation stay protected.

GET IN TOUCH

Filed under: Compliance Solution, Industry Insights by admin
Comments Off on GDPR vs. UK-GDPR; the Laws Post Brexit

Due Diligence and Compliance: Breakdown and Importance

DUE DILIGENCE VS COMPLIANCE

Due diligence is a vital part of tackling anti-bribery & corruption in the workplace. The Corporate Financial Institute has defined it as a process of verification, investigation, or audit of a potential deal or investment opportunity to confirm all relevant facts and financial information. Similarly, compliance means what it does in the word’s consensus: to follow the rules. IONOS further elaborates the phrase’s meaning in a business environment as conforming to the laws, regulations, rules, and policies is the part of business operations often referred to as “corporate compliance.” Due diligence and compliance aid in combating the issue of anti-bribery & corruption in the workplace.

When Should these Duties be Fulfilled?

Due diligence and compliance start before an employee, vendor or supplier is even introduced to the business. They are implemented to reduce risks in professional relationships and satisfy the legalities of running a business; they are also beneficial to the purchaser and the vendor.

Due diligence provides purchasers with all the correct and accurate information to help them make an informative decision to acquire a property, good or service. This is based on the data found about the company. The information ranges from the company’s existing customer base and partner relationships to the areas in which they display irregularities – in the same vein, compliance ensures a set standard for the delivery of the good, service or process.

Vendors find due diligence providing business owners with the financial integrity of their business. It facilitates unearthing the fair market value of their company. A compliance audit on a vendor conducted by the buyers or their agents will validate and strengthen the professional relationship between the two entities.

Key Differences

Compliance is reactive and a legal obligation made mandatory by a government or a regulatory agency. On the other hand, due diligence is proactive and is unmandated, though many organizations like to implement due diligence as a part of their guidelines and procedures. Due diligence is a measure of best practice from industries ranging from Pharmaceutical & Healthcare to Oil, Gas & Energy.

Compliance is tactical, whilst due diligence is strategic. The end goal with compliance is short term but frequent; complete what is necessary for the required period. Alternatively, due diligence screens all information and evaluates it against your company’s objectives. It considers the pros and cons of the decision to help you shift towards a judgment or action.

A checklist drives compliance orientated views and searches for specific items. It checks them off a list, while due diligence creates a full profile searching for previous occurrences, factors leading up to the occasion, and actions taken after the incident.

Case Studies

One of the most infamous examples of this was in 1994 with BMW’s decision to acquire Rover. The decision was made when Rover’s owner, British Aerospace, was facing trying times. BMW had plentiful goals, including engendering trade and diversifying products with the brands’ icons such as the Mini and the Land Rover. However, the ten-day deal lacked due diligence and compliance, leading to a £790 million loss.

BMW overlooked financial data concerns as well as inaccurate sales data. BMW also failed to comply with Rover’s learning culture. They also failed to accept other manufacturing approaches. To top it all off, the frequent disputes between BMW’s directors resulted in poor leadership after the acquisition, followed by mass resignations. Had the company performed their duties to the highest capability, it could have avoided such a costly mistake.

2012 saw HP pay the price of $11.1 billion due to their failure to do accurate data checks concerning income statements, cash flow, balance sheets and footnotes, ultimately halting their plans to move from producing hardware to producing software and resulting in a $5 billion loss.

Our hand in making a difference

Due diligence and compliance are not the same. The consideration of the two components helps finalize a decision, but the difference between them lies within your reasons for investigating and what the end goal is. CRI® highlights the important distinction using Due Diligence DD360°™ and ISO 37301:2021. Why not download our free Due Diligence 360 brochure to find out more?

DUE DILIGENCE 360 BROCHURE

CRI Group’s compliance and due diligence solutions are tailored with your organization’s needs in mind. This is to keep you one step ahead of regulatory requirements. Our Due diligence DD360°™ services run specialized intelligence used by global financial institutions and multinational corporations. Complete compliance with anti-money laundering (AML) regulations and legislation is guaranteed. Manage your third-party risks confidently with customized 3PRM™ solutions for your organization or get certified.

Why wait?

Get a Free Quote Today 

Who is CRI Group™?

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider.

We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group™ launched the Anti-Bribery Anti-Corruption (ABAC™) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301:2021 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification.

ABAC™ operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. Contact ABAC™ for more on ISO Certification and training.

Filed under: All Industries, Compliance Solution, Due Diligence, Resources by admin
Comments Off on Due Diligence and Compliance: Breakdown and Importance

The Consequences of Neglecting Background Screening

Neglecting Background Screening

Are you neglecting background screening? What consequences may affect your organisation when you ignore this process when hiring? What is it about Background Screening? Statistics have revealed to us that a substantial quantity of resumes that are presented to HR during the recruitment process comprised fabricated material; shortlisting is a rigorous assortment procedure intended to put your applicant on trial, but if you are interviewing an individual who has fabricated much of their resume, how can you make a good judge of character? Put, executing a pre-employment check is the best way to combat this issue.

Background screening is vital to organisations of all types and industries as it can assist in authenticating your employees’ record of accomplishment and help avoid a bad hire. Before COVID-19, it was found that an estimate of 85% of organisations testified to conducting background screening of some type. On the same note, a vast 92 per cent stated that they trust their employees with confidential data but without the assistance of a background screening measure. Find out other ways COVID has impacted the hiring process, or download our background screening brochure.

Below, CRI Group™ has compiled a list of 5 risks you are running into when failing to conduct a background screening check before employment.

1. Your prospective member of staff could be a felon

Hiring a candidate with a criminal record could taint your company’s reputation, generate a highly volatile atmosphere in your office, and harm other staff members. An employer has the right to investigate an applicants’ criminal past; however, the only way to genuinely acquire the data surrounding an applicant’s criminal past when they intend on masking the evidence is through a criminal background check. 

A professional background verification service is a must to communicate with the local authorities to acquire legitimate illegal data and make a well-informed decision for the benefit of your organisation.

2. The odds of employing an unqualified candidate devoid of background screening is 1 out of 6

1 out of every 6 candidates carry inflated or falsified documents to persuade you into offering them the position – and this can be accredited to the rise of credential mills and fake corporations; applicants commonly use counterfeit degrees and false employment records to get hired, and it takes more than just a phone call to find out the reality. 

Background service providers use various procedures to obtain legitimate data, including private trips to the university/corporations where applicants allege to have graduated from or worked. Applicants with falsified resumes are not simply deficient in both integrity and honesty – in most cases, they are also not competent enough to fit your job description. A straightforward background verification uncovers this deception and prevents you from hiring an unqualified candidate.

3. Endangering the welfare of other members of the task force

In correspondence to the Substance Abuse and Mental Health Administration (SAMHSA),9 % of approximately 22.4 million unlawful drug users are employed either full time or part-time. A substance abuser, aside from grappling with efficiency, will also inhibit the performance of their co-worker with their improper demeanour. 

Employees with a record of drug abuse and misconduct are also deemed to be exceedingly inconsistent and present themselves as a danger to their co-workers; workplace violence and delinquency can be attributed to disregarding employee drug tests and criminal checks – checks that avert such calamities making your office peaceful and an improved place to work.

4. Increased abrasion can also be attributed to improper background screening

Pre-employment screening underlines the notion of quality over quantity. It makes sure that you hire the right candidate from a mass of applicants who applied for the position as employees with unsatisfactory credentials habitually find their way into your organisation through fabricated evidence. Hiring model candidates with an admirable mindset and relevant qualifications can mitigate employee turnover and enhance the general outcome of your organisation. However, the good news is that they never last for long, owing to their shortage of output and failure to handle the work delegated to them.

5. A candidate’s social media presence and global database can help nail down an accurate judge of character

Social media platforms in conjunction with international databases, for instance, criminal watch lists, credit archives, and public litigation archives, can expose your candidates’ positive and negative characteristics that may escape you during the interview and selection process. Abandoning these checks will hinder you as an employer from seeing your candidate’s best or worst side when picking among leading applicants who contend for a critical position. Employers who operate social media checks on their candidates have found it simpler to identify their candidates better, as social media is where the candidates are more apt to demonstrate their temperament and talents. The process for operating social media and archive checks can be burdensome, but rest assured that pre-employment screening providers are devoted to passing thorough checks on social media platforms and hundreds of databases to assist employers worldwide make critical hiring judgments.

The Verdict?

Background screening has achieved immense recognition throughout the world over the previous few years as it should do – its impact and the modern setting assist in diminishing the pressures that jeopardise every employer’s aim to enhance their personnel and work environment. Verification should be a compulsory component of an organisation’s onboarding procedure to alleviate all the risks we have discussed thus far. Notwithstanding the apparent advantages that background screening presents, it likewise confirms that your organisation hires the most excellent contenders who would promise continual triumph.

CRI™ is certified by British Standard Institute BSI for the scope of BS 7858:2019 screening of individuals working in a secure environment, Code of practice and BS 102000:2018 Code of practice for the provision of investigative services. The BSI is the only BS 7858 accredited background screening services provider in the UAE and the Middle East. Find out more about the BS 7858:2019 or download our BS7858:2019 free playbook.

The more you invest in sourcing morally correct corporate conduct, the more you can expect to be rewarded with a catalytic action to grow and expand your organisation.

Let’s Talk!

Don’t leave hiring to chance. Take a proactive stance with the highest level of background screening as a part of your essential corporate strategy. Contact us today to learn more about our full range of services to help your organisation stay protected.

GET A FREE QUOTE

Filed under: Employee Background Check, Resources by admin
No Comments »

CRI™ to attend PBSA Mid-Year Legislative & Regulatory Conference 2022

Corporate Research and Investigations Limited (CRI Group™) is delighted to unveil our place at the 2022 PBSA Mid-Year Legislative & Regulatory Conference in Virginia, USA.

The PBSA Mid-Year Legislative & Regulatory Conference is convened each year in the spring with a large emphasis on law, legislature, training, and compliance associated topics in correlation to the background screening industry. This specific conference offers insight and support for everyone across a range of industries at all levels in the operative hierarchy. Every attendee is guaranteed to leave this conference equipped with significant data and resources to advance them in their individual corporate objectives. It is standard for the Exhibition Hall to be packed with industry affiliates and experts showcasing their goods and services and is an excellent prospect for you to educate yourself about the most recent industry manufactured goods and services that can be used to enrich your organisations stance on conducting background screening.

BOOK A MEETING NOW!

Who are the PBSA?

The Professional Background Screening Association (PBSA) is an association that originated in 2003 as a means of progressing brilliance in the screening vocation through encouraging the use of background screening companies when conducting checks on the likes of employees and occupants and presently platforms the abilities of more than 900 member firms around the globe; they diverge from Fortune 100 corporations to smaller, regional organisations that perform masses of employment and tenant background checks each year as a portion of the hiring and leasing process. The PBSA does this by determining and supporting the maximum degree of integrity and execution standards for the experts in this profession.

BOOK A MEETING NOW!

What is a background check?

A background check is data which is recorded on a single individual which is brought about at the point of evaluation when verifying their suitability for a role or board. Proprietors ascertain what elements to incorporate in the background check – this is generally built on the trade, location, or housing unit. These elements may include facets such as criminal history data, public records, motorist data, employment records, scholastic information, license authentication, credit information and reference checks. Background checks may also include drug testing, a physical, and even psychological evaluations or assessments. To decide which elements may be included in a background check, candidates are urged to discuss matters with their prospective managers and property administrators.

CRI® is certified by British Standard Institute BSI for the scope of BS 7858:2019 Screening of individuals working in a secure environment, Code of practice and BS 102000:2018 Code of practice for the provision of investigative services. The BSI is the only BS 7858 accredited background screening services provider in the UAE and across the Middle East. Find out more about the BS 7858:2019 below or download the free playbook.

FIND OUT MORE or DOWNLOAD THE BROCHURE

BOOK A MEETING NOW!

Why conduct background checks?

Background checks are completed for numerous occasions – this is comprehensive of compliance with accommodation, certification as well as employment rules and regulations. Additionally, background checks can be used to diminish workplace hostility, fraud, larceny, and theft; organisations have an obligation to safeguard their personnel, customers, and the community by directing their efforts to completing their due diligence and accordingly completing a background check on candidates to alleviate perils in homes and workplaces.

The pros of using a specialist third-party service to oversee background checks are countless. All-inclusive background checks are best performed by industry experts who understand where to find and confirm employee data vacillating from criminal, education and employment history records checks to verification of credentials, training, certifications, and other important info claimed by the employee or candidate.

Proprietors tend to employ background checks as a means of generating educated employment decisions by mitigating the risk in selecting the wrong candidate by preserving highly competent candidates for roles in their organisation and thereby reducing their employee turnover rate. These are just a few of the advantages of conducting a background check. Find out more about the significance of conducting a background check below or download the free brochure.

BOOK A MEETING NOW!

FIND OUT MORE or DOWNLOAD THE BROCHURE

It is an honour for us to be a part of a conference that extends to and facilitates so many organisations across the globe; more information on the event will be released soon so keep your eye out for our updates! We hope to see you there.

About CRI Group™

Corporate Research and Investigations Limited, or CRI Group™ for short, has been safeguarding businesses from fraud, bribery and corruption since 1990. Globally, we are a leading Compliance and Risk Management company licensed and incorporated entity of the Dubai International Financial Center (DIFC) and Qatar Financial Center (QFC). CRI™ protects businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. Based in London, United Kingdom, CRI™ is a global company with experts and resources located in key regional marketplaces across the Asia Pacific, South Asia, the Middle East, North Africa, Europe, North and South America. Our global team can support your organisation anywhere in the world.

BOOK A MEETING NOW!

Filed under: All Industries, Background Investigation, Employee Background Check by admin
Comments Off on CRI™ to attend PBSA Mid-Year Legislative & Regulatory Conference 2022

WEBINAR | Do you Know the Importance of the Whistleblowing Standard?

However, despite the importance of implementing a whistleblowing framework, many organisations choose to overlook it or not invest as much time into implementing the framework into everyday working life and this can have dire consequences for the organisation against its competitors, there may be a loss of financial gains and as well as a corrupt ethical moral code spreading amongst the employees. Infamous corporate governance cases, such as Enron and WorldCom, have enticed the spotlight of corporate citizens to the issue of poor, yet ineffective, sound governance practices in corporate strategies; as a result, the momentum of implementing and performing sound governance practices by the world national bodies, government agencies, and business community has been triggered which is why we at CRI Group™ are pleased to celebrate Fraud Awareness Week which will take place from November 14-20th 2021. In the lead up to Fraud Awareness week, we want to discuss how exactly should you go about addressing a situation surrounding Whistleblowing. 

What is Fraud Awareness Week?

International Fraud Awareness Week, or Fraud Week, was founded by the Association of Certified Fraud Examiners (ACFE) in 2000 as a committed point in time to increase recognition of fraud. The week-long campaign encourages corporate leaders alongside employees to proactively take action to curtail the influence of fraud by advocating for anti-fraud awareness and additional training. Corporations and entities are urged to enrol as Official Supporters prior to International Fraud Awareness Week, and to host training prospects, disseminate anti-fraud material or otherwise promote anti-fraud pursuits during the course of the week.

Zafar Anjum, founder and CEO of CRI Group™ says that “Fraud Week reminds us that awareness is any organisation’s first line of defence against fraud and corruption, as properly trained employees will have a better opportunity to recognise the red flags of fraud, and a better understanding of their organisation’s zero-tolerance policy toward such behaviour”.

We are proud to announce that our sister brand ABAC™ Center of Excellence will be hosting a free webinar on Friday 29th October 2021 in honour of Fraud Awareness Week to discuss how to implement and successfully carry out the duties of a whistleblower. However, be quick to sign up as seats for the webinar are limited to 30 participants. 

REGISTRATION EXPIRED 

TOPIC OF DISCUSSION

At both brands, we aim to use our events as a means of educating corporations as well as opening the path to receiving tailored advice which is beneficial to each and every individual corporation in the long run. In this specific webinar, we intend to discuss the following:

Filed under: All Industries, All Regions, Anti-Bribery Anti-Corruption Solution by admin
Comments Off on WEBINAR | Do you Know the Importance of the Whistleblowing Standard?

Fraud Prevention Strategy: Build One in Five Simple Steps

Fraud Prevention Strategy: The 5 Simple Steps

A fraud prevention strategy is one of the key policies that can aid an organization in safeguarding itself against reprimands of the matter. One of the greatest encounters a fraud auditor can confront is the mission of persuading management that the peril of fraud exists across all aspects of corporate culture – regardless of whether it is from internal factors or external factors. Fraud cannot ever be eradicated from the corporation as collusion is adept in continually conquering routine organizational regulations.

What is the strategy?

The objective of a Fraud Prevention Strategy is to identify a high-level proposal on how an organization should implement its fraud prevention policy in the presence of its internal and external influences. The strategy forms the most important part of the fraud deterrence strategy; thus, the policy an organization chooses to implement must be straightforward and pragmatic.

Combating fraud requires a distinct and refreshing methodology that entails including all three facets of the fraud cycle:

• Fraud deterrence and prevention
• Fraud detection
• Fraud investigation

Preferably, with the fraud cycle in mind, every enterprise ought to put together a distinctly specified fraud prevention strategy that integrates the following:

• Determine the proper culture with the proposed policy: having protocols and policies in place for dealing with fraud will help you establish a good grounding for identifying it.
• Counteract and detect: To detect fraud, you need to have effective systems and processes in place covering all aspects of your business.
• Investigation of any occurrences in which fraud occurs.
• Review and monitor policies and occasions in which fraud has transpired regularly to ensure that fraud levels stay below the goal amount.
• Learn from previous occurrences and update training procedures.
• Risk management covers all types of risk, from corporate and social responsibility compliance to performance measurement. 

To learn more about third-party risk management, why not check out our 3PRM brochure.

What should be established in a fraud prevention strategy:

1. Whistleblowing policy

Whistleblowing is the act of exposing information about misconduct in the workplace and is a crucial element in any prevention strategy. When whistle-blower hotlines are implemented and sustained correctly, they can substantially decrease an organization’s exposure to fraud by permitting for prior detection and thus savings in the form of reduced fraud losses from the prior detection.

2. Identify the risks:

The risk of fraud is not solely based on an employee’s background but also a myriad of other factors. Most notably, it is important to be able to identify risks by nature of items (some examples include size and value, ease of resale and cash), nature of the control environment (including separation of duties, safeguards, complexity, turnover and related party transactions) and pressures ( i.e., level of dissatisfaction – if the workforce is unhappy with the company, they will be more inclined to engage in fraud, expectations and guarantees). Identifying these risks is the first step in figuring out how to counteract them, thus preventing fraud.

3. Implement effective controls:

When it comes to implementation, organizations need to ensure that they complete the action plan and then refer it to an appropriate person – in most instances. This is from HR and other figures in leadership to management of employees. It is then up to the subordinates to assist them with implementing the strategy, reviewing the strategy, or delegating it to the employees.

Most policies implement:

• Making employees aware of emergency procedures
• Making employees aware of the location of first aid stations
• Educating employees on the location and obvious danger and workplace hazards
• Examine health and safety workplace responsibilities; wear the necessary protective clothing or equipment, participate and have input to management report incidents or mishaps as considered essential by management.

4. Increase awareness of the risks:

It must not be presumed that staff members have an innate perception of the risks of fraud or that they have any understanding of the scope of risks that encircle them. This means that it is incredibly important to stimulate a risk-conscious culture within an organization.

Some examples of methods to increase such awareness include:

• Performing risk audits and engaging as many individuals as possible in the organization in the risk auditing procedure
• Benchmarking – studying “best practices” from other organizations that have executed risk management.
• Sending organization personnel to attend industry seminars on fraud prevention as well as risk management

5. Plan for the worst:

It might sound pessimistic, but it is always best to prepare yourself and your employees for the worst-case scenario. Unfortunately, as hard as we try to minimize fraud, it cannot, be fully eradicated. If it appears too good to be true, it most likely is. It is good practice to meticulously probe all agreements, prospects, transactions, data and documents.

Want to know more about recruiting the right people for your organization? Visit our page on Background Screening services or view our EmploySmart brochure.

Crucial components that a proper fraud prevention strategy accomplishes:

It is easy to infer that fraud can leak into all aspects of corporate culture and can destroy an organization from within. Despite this issue, several organizations opt not to implement a fraud prevention strategy – it is primarily implied that this is ascribed to the absence of knowledge circulating on the benefits of such a strategy. However, the rewards reaped from this type of policy is beneficial to corporations eventually and can reap the rewards such as:

• Lower consequential loss pertaining to fraud
• Lesser/no legal and investigative costs relating to fraud
• Lesser/no regulatory fines paid in the occurrence of fraud
• Better time management can be used to enrich employees’ knowledge and experience at the organization.
• Reduced insurance premiums
• Lower turnover of key staff and customers
• The lessened cost of/capability to increase new finance

Overall, the process of preventing fraud can be an extensive one, but one whose benefits outweigh the onerous course. Protect your organization from liability, business interruption and brand damage by partnering with the CRI® Group. Our 3PRM solution address various specific areas, including:

• Third-Party Integrity Due Diligence & Screening: ensures global compliance, provides adequate monitoring & protection against potential litigation;
• 3PRM Enhanced Background Checks: uncovers derogatory information within the public & private record resources through risk-based background checks, including investigative research into suppliers & individuals, ultimate-beneficial owners;
• ISO 37001 Anti-Bribery Management System: CRI® Group’s independent and accredited Certification Body can examine your Anti-Bribery & Anti-Corruption procedures & issue an accredited Certification; and
• ISO 37301 Compliance Management System: CRI® Group’s independent certification body helps companies worldwide to increase & measure their efforts against regulatory compliance risks.

If you still have any questions surrounding fraud prevention, why not contact CRI®? Our experts have years of experience and have been trained to provide your business with bespoke advice that fits your organizations’ needs.

GET IN TOUCH

Don’t hesitate to prevent fraud in your workplace today.

About us…

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS102000:2013 and BS7858:2019 Certifications is an HRO certified provider and partner with Oracle.

In 2016, CRI Group™ launched the Anti-Bribery Anti-Corruption (ABAC™) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC™ operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organizations. Contact ABAC™ for more on ISO Certification and training.

LET’S TALK

Filed under: All Industries, All Regions, Anti-Bribery Anti-Corruption Solution, Compliance Solution, ISO 37001, Resources, Third-Party Risk Management by admin
1 Comment »

Time to get ISO 37001:2016 Certified – The Process, Part 2

Shifting a light on anti-Bribery and anti-corruption methods, our sister brand ABAC™ Centre of Excellence tells us how key is ISO 37001:2016 Anti-Bribery Management System Certification is for public, private, and non-profit organisations across the globe and explains the process behind certification. At CRI™, we believe it is important as it provides a key layer against threats of bribery, corruption, fraud and other security concerns. It also sets an organisation apart from its peers as a model for ethical behaviour and compliance.

In a recent guest blog, ABAC™ Centre of Excellence discussed the first part of getting ISO 37001:2016 certified. ABAC™ covered the initial engagement and the first four steps, including the audit confirmation, pre-assessment, and stage one and two audit processes. Today our sister brand ABAC™ will discuss the rest of the certification process and the path to getting your organisation better protected and fully compliant in addition to CRI Group’s corporate due diligence services.

Step 5: Follow up Audit (optional)

If a major non-conformity is raised or remains outstanding from Stage 1, an additional visit will need to be booked. For major non-conformity raised during Stage 2, a revisit will be required within 30 days of submitting the CAP to confirm the implementation of an effective CAP.

Step 6: Awarding of Certificate

If the organisation is compliant with the standard conditions, a recommendation for certification will be made.

• For minor non-conformities: This will not delay the certificate if an organisation has a CAP. The certificate is granted within 04 weeks from the time of CAP submission.
• For major non-conformities, the organisation must submit and implement CAP within 180 days maximum. Once the auditor has verified the CAP, the certificate is granted within six weeks (from the time of CAP submission by the Client). However, all major non-conformities will need to be addressed before a certificate can be published.

Step 7: Continual improvement and surveillance audits

Surveillance is planned over three years and will ensure that the organisation complies with the standard.

Step 8: Re-certification Audit

The registration period is three years from the date on the certificate. After the initial registration period, renewing your Anti-Bribery Management System Certification is relatively seamless. Once the second surveillance visit has been completed, you will be sent a registration renewal/re-certification proposal detailing the process and associated costs and assessment days for the next three years. A re-certification audit will require Stage 1 and Stage 2 audit. The depth of the audit and time required would be determined as per your performance (during the certification period) and any planned changes to your system. It’s that easy. Now is the time to move forward with ISO 37001:2016 certification.

What comes next? 

For assistance in developing and implementing an Anti-Bribery Management System, go to www.abacgroup.com, contact ABAC™. today or get a FREE QUOTE!

In 2016, CRI Group™ launched Anti-Bribery Anti-Corruption (ABAC™) Center of Excellence – an independent certification body that provides education and certification services for individuals and organisations on a wide range of disciplines and ISO standards, including ISO 31000:2018 Risk Management- Guidelines, ISO 37000:2021 Governance of Organisations, ISO 37002:2021 Whistleblowing Management System, ISO 37301:2021 (formerly ISO 19600) Compliance Management system, Anti-Money Laundering (AML) and ISO 37001:2016 Anti-Bribery Management Systems. 

Who is CRI Group™?

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

Filed under: Anti-Bribery Anti-Corruption Solution, Compliance Solution, ISO 37001, Resources by admin
No Comments »

Time to get ISO 37001 Certified – The Process, Part 1

Shifting a light on anti-Bribery and anti-corruption methods, our sister brand ABAC™ Centre of Excellence tells us how key is ISO 37001:2016 Anti-Bribery Management System Certification is for public, private, and non-profit organisations across the globe and explains the process behind certification. At CRI®, we believe it is important as it provides a key layer against threats of bribery, corruption, fraud and other security concerns. It also sets an organisation apart from its peers as a model for ethical behaviour and compliance. After all, consider the benefits: Certification adds a distinct level of credibility to the organisation’s management systems and ensures that the organisation implements a viable anti-bribery management program utilising widely accepted controls and systems.

It assures management, investors, business associates, personnel and other stakeholders that the organisation is actively pursuing internationally recognised and accepted processes to prevent bribery and corruption. ISO 37001:2016 certification also protects the organisation, its assets, shareholders and directors from the effects of bribery. But what, exactly, is the process for getting ISO 37001:2016 certified by ABAC Group™? Once your organisation has submitted questionnaire information and completed the approval and contract stage, the certification cycle is ready to begin.

Step 1: Audit confirmation

An audit plan will be developed with your organisation and confirmed to the Certification’s Body Assessment Team at least three months before the organisation’s first audit.

Step 2: Pre-assessment audit (optional)

The organisation can opt to perform a pre-assessment audit to identify any possible gaps between its current management system and the standard requirements. This audit is optional and helps the organisation check its preparedness for the stage 1 and 2 assessments by identifying any major non-conformities that have not been addressed.

Step 3: Stage 1 audit

Review the results of the audit, including:

• General observations
• Non-conformities (major or minor, see below)

Minor non-conformities: These are not seen as serious. The organisation must complete an internal Corrective Action Plan (CAP) before Stage 2. CAP is not required to be sent to the Assessment Team at Stage 1.

Major non-conformities: These are more serious. The organisation will need to submit a CAP within ten days of receiving the audit report, with all actions scheduled to be completed before Stage 2. The CAP should be sent to the Assessment Team. The major non-conformities raised during Stage 1 will be re-assessed during Stage 2 Audit.

Step 4: Stage 2 audit

This is an on-site audit and takes place after the organisation has successfully completed Stage 1 and corrected any major non-conformities identified during the Stage 1 audit. Stage 2 confirms that the organisation’s management system is fully aligned to the standard. The evaluation is of management system implementation and its effectiveness.

Outcome: The audit report will detail the following:

• Any positive observations
• Opportunities for improvement – suggestions for improvement and any findings that could lead to potential non-conformities.
• Non-conformities (Major or Minor)
• Recommendation for Certification

Minor non-conformities: The organisation must complete an internal Corrective Action Plan (CAP) and submit this to the Assessment Team within 45 working days of receiving the audit report. The Assessment Team will review the CAP; it must detail the non-conformity, the cause, the proposed corrective action, who is responsible and the date the action will be implemented. Based on the evaluation of CAP, the recommendation for certification will be made.

For minor non-conformities, if an organisation has a corrective action procedure, this will not delay the certificate.

Major non-conformities: The organisation must complete an internal Corrective Action Plan (CAP) and submit it within 90 days (or 180 days depending on the number and risk of major non-conformities) of receiving the audit report be sent to the auditor.

What Comes Next?

Stay tuned for the second instalment in our two-part series about the ISO 37001:2016 certification process: sign up for our newsletter HERE!

In 2016, CRI Group™ launched Anti-Bribery Anti-Corruption (ABAC™) Center of Excellence – an independent certification body that provides education and certification services for individuals and organisations on a wide range of disciplines and ISO standards, including ISO 31000:2018 Risk Management- Guidelines, ISO 37000:2021 Governance of Organisations, ISO 37002:2021 Whistleblowing Management System, ISO 37301:2021 (formerly ISO 19600) Compliance Management system, Anti-Money Laundering (AML) and ISO 37001:2016 Anti-Bribery Management Systems. 

Who is CRI Group™?

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

Filed under: Anti-Bribery Anti-Corruption Solution, Compliance Solution, ISO 37001, Resources by admin
No Comments »

CRI™ to attend 2022 Trade Winds Dubai, Gulf Region | March 6-8

2022 Trade Winds

We are delighted to unveil our place at the 2022 Trade Winds As the largest annual U.S. government trade mission – meet with Corporate Research and Investigations Limited (CRI Group™). Trade Winds, the largest U.S. Government-led trade mission and business development forum will be held in Dubai, UAE at the InterContinental Festival City, at the same time as World Expo. 

Dubai, UAE | March 6-8, 2022

Join us in Dubai, UAE for the largest U.S. government-led trade mission and business development forum. Organized by the U.S. Commercial Service, Trade Winds will feature meetings with U.S. commercial diplomats from over 20 countries in the Middle East, North Africa and Sub-Saharan Africa, exciting conference programming and plenty of networking. The registration fee for the forum is $750 per attendee.

Qualified U.S. businesses may customize their experience with optional business-to-business matchmaking meetings with pre-screened buyers, agents, distributors or joint-venture partners in the United Arab Emirates (March 8) as well as Algeria, Israel, Morocco and Qatar (March 2-3) and Saudi Arabia, Kuwait, and Egypt (March 9-10).

BOOK A MEETING NOW!

About Trade Winds

About CRI Group™

Corporate Research and Investigations Limited, or CRI Group™ for short, has been safeguarding businesses from fraud, bribery and corruption since 1990. Globally, we are a leading Compliance and Risk Management company licensed and incorporated entity of the Dubai International Financial Center (DIFC) and Qatar Financial Center (QFC). CRI® protects businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. Based in London, United Kingdom, CRI® is a global company with experts and resources located in key regional marketplaces across the Asia Pacific, South Asia, the Middle East, North Africa, Europe, North and South America. Our global team can support your organisation anywhere in the world.

Filed under: All Industries, Compliance Solution, Due Diligence by admin
Comments Off on CRI™ to attend 2022 Trade Winds Dubai, Gulf Region | March 6-8

Meet Samia El Kadiri; Gifted Consultant, Author & Trainer

CRI Group™ is delighted to welcome Samia El Kadiri as an Auditor at our sister brand the Anti-Bribery Anti-Corruption (ABAC™) Center of Excellence. Samia provides audit services and expertise on existing compliance and Anti-bribery Anti-corruption management systems to assess effectiveness and vulnerabilities while ensuring compliance with Internal Standards, FCPA rules, UK Bribery Act laws, Anti-Money Laundering regulations, and all other global, regional and local regulations. For this reason, we are also delighted to announce that Ms El Kadiri will be a guest speaker on our upcoming webinar with our sister brand ABAC® titled “Building a Culture of Compliance and Trust Through ISO 37301:2021 Compliance Management Systems”.

MORE ON THE WEBINAR HERE

Widespread trust is built on a company culture of doing the right thing, where every employee contributes because they understand and believe in its importance. Don’t miss out!

Meet Samia

Samia El Kadiri Consultant , Author & Trainer 6σGB |IRCA- QMS Lead Auditor | TOT Auditor | Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence

She brings in over eight years of progressive experience working in private and government owned entities in compliance, management, quality assurance and excellence functions. Possess keen understanding, oversight and reporting mechanisms on Financial Crimes – Anti-Money Laundering, UAE Central Bank regulations, Dubai and UAE federal government mandates. She Developed and delivered various number of workshops and awareness sessions to leaders and decision makers on “Good Corporate Governance Practices”, “Development of Strategic Plan and Effective Policies” and “Financial Ethics” (AML&CFT according to local Guidelines). She authored reports and research papers on Compliance and the evolution of CG in the MENA region.

She participated in the ESG Index; MENA wide Environment, Social and Governance (ESG) Index in cooperation with Standard & Poor’s with the support of the International Finance Corporation (IFC).

She is a Consultant at DIFC – Hawkamah Institute for Corporate Governance charged with leading entities consultancy and advisory engagements in identifying the relevant controls, processes and frameworks and recommend areas of improvements. She works closely with clients in assessment and development, advisory and succession planning across multiple industries (Dubai and Federal Government entities, Healthcare, Financial institutions including Banks, and Real Estate) and functional topics (Ethics, Strategic excellence, ESG, Clinical Governance, Regulatory Compliance, Audit & Risk , Policies & Procedures…etc.).

Prior to joining Hawkamah she was the Regulatory Compliance Officer and Chief Editor of Compliance newsletter at Wall Street Exchange, a member of Emirates Post Group where she developed systems, policies and procedures for compliance of relevant UAE laws. Prior to that she worked with the American Clinics for Psychiatry and Neurology where she focused on health care compliance of Dubai Healthcare Authority’s mandates. Prior to ACPN she worked at Roads and Transport Authority (RTA) in Dubai where she focused on government excellence, quality management, and customer happiness.

She is Graduated with a BSC in Economics. She is a Certified Train the Trainer – Institute of Leadership and Management (UK), In addition to other accreditations related to Anti-Money Laundry (AML) and Counter Financing Crimes. She is fluent in English, Arabic and French.

WATCH SAMIA AT OUR UPCOMING WEBINAR

Samia is our guest speaker at our upcoming WEBINAR “Building a Culture of Compliance and Trust – an essential part of a corporate compliance program”. Our intention with this free webinar is to be able to provide resources on corporate compliance to organisations around the globe that will aid them in expansion and an ethical working environment. Widespread trust is built on the corporate culture and understanding of making the morally correct decision and we want to aid organisations to reach a degree to which every employee contributes towards this because they understand and believe in its importance. Our “Building a Culture of Compliance and Trust Through ISO 37301:2021 CMS” webinar will highlight all essential parts of a corporate compliance program.

SAVE YOUR SEAT NOW!

Our webinars, resources and other events are always designed with our clients in mind. Expect to be provided detailed insights and expert opinions to all of your questions and queries in regards to compliance adequate due diligence for third-party risk management, corporate compliance program and what it means for your organisation.

Check out some of Samia’s publications:

• “HOW SHOULD BOARD MEMBERS OVERSEE CRISIS COMMUNICATIONS” – Thought leadership piece published on April 2020 with a comprehensive review of GCC Corporate Governance regulations on crisis communication.
• “CORPORATE GOVERNANCE AND DATA PROTECTION DEVELOPMENTS ACROSS THE GCC” – A study report in partnership with a leading Corporate Governance software provider company, it provides an overview of recent developments in corporate governance and data protection landscape in the MENA region.
• UAE Business Magazine, Article “The Benefits of Good Governance in Times of Crisis”
• “COMPLIANCE FUNCTION; Reporting lines and Effectiveness” – Survey report about the role of Compliance function in the MENA region- July 2021

Filed under: Anti-Bribery Anti-Corruption Solution, CRI News by admin
Comments Off on Meet Samia El Kadiri; Gifted Consultant, Author & Trainer