Corporate Research & Investigations

Employee Screening Process

How do you know the candidate you just offered a role to is ideal? Are you 100% sure you know that everything they’re telling you is the truth? 90%? They showed you a diploma; how do you know it’s not photoshopped? Did you follow the correct laws during your background check process? Background checks and necessary screenings are vital to avoid horror stories and taboo tales within HR, your business or even your brand – simply investing in proper employee screening can save you time, money and heartbreak. A complete employee screening process will result in fewer applications with serious discrepancies – it increases the quality of new hires due to an improved applicant pool and selection process. EmploySmart™ provides full in-depth background screening services for employees and candidates at all levels, from senior executives to shop-floor employees.

How Well Do You Know The People You Invest In?

CRI® Group has developed EmploySmart™, a robust new pre-employment background screening service to avoid negligent hiring liabilities. Ensure a safe work environment for all. EmploySmart™ can be tailored into specific screening packages to meet the requirements of each specific position within your company. We are a leading worldwide provider specialised in local and international employment background screening, including pre-employment and post-employment background checks.

Pre-employment checks/background checks/screening benefits:

Reduce turnover & training costs
Gain a competitive edge through the hiring of better people
Increase productivity – help your employees be more productive, knowing that everyone employed by your company has been screened.
Set your company apart & win more business
Reduce employee-related problems
Protect company reputation/brand & customer relations
Comply with mandates created by state or federal law for certain industries
Increase retention
Reduce negligent hiring claims
Avoid violence in the workplace (threats of violence & actual violence)
Reduce theft & espionage
Avoid lawsuits & the costs associated with the defence.
Avoid loss of goodwill.

Pre-employment checks/background checks, what are they?

These checks are essentially an investigation into a person’s character – inside and outside their professional lives. Some checks you probably already carry out in-house, such as candidate’s qualifications (documents provided), work history (with a reference check), right to work in the country and even a quick social media presence scan. However, we provide a full in-depth background screening service for candidates and employees at all levels – from senior executives through to shop-floor employees:

Address Verification (Physical Verification)
Identity Verification
Previous Employment Verification
Education & Credential Verification
Local Language Media Check
Credit Verification & Financial History (where publicly available)
Compliance & Regulatory Check
Civil Litigation Record Check
Bankruptcy Record Check
International Criminal Record Check
Integrity Due diligence… and more.

When should I conduct pre-employment checks?

Our pre-employment screening services will help you avoid adding potential fraudsters and other bad actors to your staff. These checks can be implemented before or after a job offer (with each having its pros and cons).

How to collect references, and what to ask?

Because it is impossible to know how your candidate will work daily from just one interview, you will need references. References are a great way to find out whether your candidates are suitable for the role or will fit with your company culture. A primary reference check asks for:

Employment dates
Employment main responsibilities
Attendance record
Any disciplinary actions against them
Any reasons why they shouldn’t be employed

These references will help you back up their CV – however, many candidates tend to exaggerate or misrepresent themselves. Our EmploySmart™ team goes beyond to get a fuller picture for you:

Greatest strengths?
Are they suitable for the role they’ve applied for?
Would they rehire the candidate?
Suitable management style?
Do they have any leadership skills?
Situations in which they have excelled at?

Some companies have policies of not giving references and just providing necessary employment details, while others direct you towards HR, but the EmploySmart™ team is persistent.

What specific legal requirement should I ask?

You will need to check if they have the right to work in the region you are recruiting for. You are subject to statutory penalties if you employ foreign nationals who don’t have the correct visas. You will need to request criminal records checks depending on the role you are recruiting. Such roles with children or vulnerable people are highly regulated – and all of these differ from country to country.

CRI Group™ carries the burden of knowing the laws, so we can assist you with staying compliant and helping you to make the best decisions for your company’s needs. We have established an interdisciplinary team of experts in employment law, best practices and data protection. We can manage your employment background screenings across borders for you! Country by country, we have documented the different approaches to employment screening, ensuring we operate in harmony with local culture and within the limitations of local legislation.

With extensive local language capabilities, flexible working patterns and time zone intelligent workflow, we provide a comprehensive and fully compliant global screening service.

At CRI Group™, we specialise in employment screening, working as trusted partners to HR and recruiting managers of corporations and institutions worldwide. Our people work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates.

CRI Group™’s unique identity and vision evolved from our fundamental desire to support our clients and candidates. We have a passion for Screening and a simple belief in setting new standards. These qualities fuel our commitment to excellence and drive our culture.

Our EmploySmart™ background screening services expose vulnerabilities and threats within your organisation and can significantly reduce business and financial crime, fraud and malpractice within your workplace. Our experienced EmploySmart™ Team can safeguard your data security and your business integrity while you can focus on human conversations and interactions. Together, your organisation can deliver outstanding screening experiences.

We provide a host of professional services to HR managers representing significant corporations worldwide. Employees should be screened regularly to reveal any new information relevant to the business. That’s why our background investigations services also include:

Employee monitoring and risk management
Data protection compliance
Employee testing and confidentiality
Employee risk management
Post-employment background checks

CRI Group™ is trusted by the world’s largest corporations and consultancies – outsource your employee due diligence to an experienced provider, and you will only ever have to look forward, never back.

BS 7858:2019 Screening: extra security level for your business and employees

Get answers to frequently asked questions about background checks/screening cost, guidelines, check references etc. This eBook of compiled list of background screening related questions taken as a whole is the perfect primer for any HR professional, business leader and company looking to avoid employee background screening risks. It provides the tools and knowledge needed to make the right decisions.

Extensive global coverage, with expertise in domestic and international Screening; one of the largest, most experienced and best-trained integrity due diligence teams in the world
Our team of more than 50 full-time analysts is spread across Europe, the Middle East, Asia, and North and South America and is fully equipped with the local knowledge to serve your needs globally.
The ability to manage multiple background checks online
Quick turnaround times
Our solutions are easily customisable and flexible, and we will tailor our scope to address your concerns and risk areas, saving you time and money.
High-quality searches, backed by numerous checks and quality controls
We have a flat structure which means that you will have direct access to senior staff members throughout the due diligence process.
Our multi-lingual teams have conducted assignments on thousands of subjects in over 80 countries, and we’re committed to maintaining and constantly evolving our global network.
Our extensive solutions include due diligence, employee pre and post background screening, business intelligence and compliance, and facilitating any decision-making across your business, no matter what area or department.

GET A QUOTE

Who is CRI Group™?

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider.

We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI® Group also holds BS 102000:2013 and BS 7858:2012 Certifications, and is an HRO certified provider and partner with Oracle.

LET’S TALK!

Filed under: All Industries, All Regions, Background Investigation, Employee Background Check, Resources by admin
1 Comment »

« Previous Page

CONTACT US

NEWSLETTER SUBSCRIPTION

Sign up for risk management, compliance, corporate and background investigations, business intelligence and due diligence-related news, solutions, events and publications.

Fraud: Ripple effects of the Hurricane Harvey

As Hurricane Harvey devastates the Texas coast and the U.S. megacity of Houston, however its ripple effects go beyond as investigators will be on high alert for another type of threat: fraud.

Disaster fraud is nothing new. Law enforcement, prosecutors and other legal authorities in eight different countries are still dealing with cases from 2012’s Hurricane Sandy, which devastated the Caribbean and eventually wreaked havoc upon the U.S. eastern seaboard. In New Jersey, new indictments reported just last month indicate how long these investigations can take, and how lengthy the process can be.

And that’s just for those who get caught.

According NJ.com in New Jersey, five more individuals face charges for filing fraudulent applications for relief funding, bringing the tally there to 100. As the article reports:

The latest group filed claims for homes they said were primary residences when they were not, the state Attorney General’s Office said.

Most state and federal relief programs are only available to those whose primary residences were damaged by the storm.

But there are other risks as well. Relief organizations have been charged with misappropriating funding meant as direct aid for disaster victims. Materials and supplies earmarked for disaster areas are sometimes horded, sold or otherwise used contrary to their purpose. And sham “charities” can pop up overnight, soliciting cash donations under the pretence of relief, while that money actually lines someone’s pockets.

Now, as another disaster unfolds, CRI Group offers some guidelines for individuals, corporations and non-profit organisations to follow as they seek to provide aid.

Research the charity

Disasters unfold quickly, but some quick checking online can help establish whether a charity or non-profit aid group is legit. Make sure it is tax exempt and rated by an external evaluation site, like GiveWell or Charity Navigator.

Look out for “new” charities

If a charity or non-profit aid group has no history, very little trail on the Internet, no registration with the government nor any testimonials online, it might be fake or fraudulent. It’s better to give your donation to an established, charitable organisation.

Be suspicious of solicitations

Social media posts, mass or spam emails, all requesting quick cash donations could be red flags of fraud. Look for inaccurate or incomplete information about the disaster, the location, and the charity itself. Double check the credibility of the charity and don’t donate through an email link – instead, visit the organisation’s website directly. After doing so, if you’re comfortable that it is a legitimate group, consider making your donation.

When disaster strikes, people need help. The generosity of others can mean the difference between life and death for those who are suffering. But we must always be cognisant of the fact that fraudsters are opportunists. Any situation that creates urgency and chaos is a scenario they will seek to exploit.

As with all other business matters, conducting due diligence investigation will help cut down on disaster fraud – and provide you with the peace of mind that your contribution is going where it can do the most good.

Who is CRI Group?

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

Filed under: Due Diligence, Resources by admin
No Comments »

« Previous Page

Protecting Data: Businesses Needs GDPR

The General Data Protection Regulation (GDPR) will come into force in Europe in just over a year. This sea change in data privacy aims to improve protections for individuals within the European Union, providing them with more control over how their personal data is used.

It will also clarify and standardise how businesses are expected to operate regarding data protection from a legal standpoint. With this in mind, smart business owners and directors are already preparing for its implementation.

There is much work to be done, however. According to a whitepaper from the DMA, a membership-based network of more than 1,000 companies, over a quarter (26 per cent) of marketers feel their business is unprepared for the GDPR.

That’s a problem. But there is time for organisations to take steps now and ensure they are ready for the GDPR when it took effect on May 25, 2018.

First, they should understand what the GDPR will require. According to “GDPR compliance: what organisations need to know” from the information age, the following are requirements of the new regulation:

Extended jurisdiction: Regulations will apply to any company collecting and/or processing EU citizen’s personal data regardless of where the company’s physical offices are located.
Consent: Companies will be required to obtain individual’s consent to store and use their data and explain how it is used.”
Mandatory breach notification: Companies will now be required to notify the supervisory authority within 72 hours of discovering a security breach unless it is unlikely to “result in a risk to the rights and freedom of individuals.
Right to access: Companies must be able to provide electronic copies of private records to individuals requesting what personal data the organisation is processing, where their data is stored and for what purpose.
Right to be forgotten: EU citizens will be able to request the controller to delete their personal data and stop sharing it with third parties – who are then also obligated to stop processing it.
Data portability: The new regulation gives individuals the right to transmit their data from one controller to another. As a result, upon request, organisations must be able to provide an individual’s personal data in a ‘commonly used and machine-readable format.
Privacy by design: Security must be built into products and processes from day one.
Data protection officers (DPO): Both data controllers and data processors are now required to appoint a DPO.

On a disturbing note, several reports indicate that some companies in the UK have stopped preparing for GDPR due to Brexit. According to MarketingTech’s “24% of UK businesses have stopped preparations for EU Data Protection Regulations,” fully 44 per cent of respondents to a survey believed – likely in error – that they will not fall under its jurisdiction. This is a dangerous assumption, as the article notes:

‘Firstly, it is likely to be in place before any Brexit,’ said director of information management at Crown Records, John Culkin. ‘Secondly, although an independent Britain would no longer be a signatory, it will still apply to all businesses that handle European citizens’ personal information. The fines associated with EU GDPR are significant. They can be as high as €20 million or 4% of global turnover.” Looking ahead at the GDPR, it is far better to be safe than sorry. In this case, that means being prepared – or risk serious consequences.

Who is CRI® Group?

Based in London, CRI® Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, TPRM, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI® Group also holds BS 102000:2013, and BS 7858:2012 Certifications is an HRO certified provider and partners with Oracle.

In 2016, CRI® Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body that provides education and certification services for individuals and organisations on a wide range of disciplines and ISO standards, including ISO 31000:2018 Risk Management- Guidelines; ISO 37000:2021 Governance of Organisations; ISO 37002:2021 Whistleblowing Management System; ISO 37301:2021 (formerly ISO 19600) Compliance Management system (CMS); Anti-Money Laundering (AML); and ISO 37001:2016 Anti-Bribery Management Systems ABMS. ABAC® offers a complete suite of solutions designed to help organisations mitigate the internal and external risks associated with operating in multi-jurisdiction and multi-cultural environments while assisting in developing frameworks for strategic compliance programs. Contact ABAC® for more on ISO Certification and training.

Filed under: Compliance Solution, Resources by admin
No Comments »

« Previous Page

Ethics and Compliance Hotline: your frequently asked questions answered…

Ethics hotlines are growing in popularity. In 2017 the South Africa Home Affairs Minister Malusi Gigaba announced over 3,000 officials were found guilty of misconduct related to cases reported via the National Anti-Corruption Hotline (NACH). “The closure rate underscores a commitment by government departments to investigate allegations of corruption as reported through the NACH.” Ethics and compliance hotlines work! Organizations must have an ethics and compliance hotline to help promote the organization’s code of conduct and nurture a culture of honesty and accountability.

Don’t opt out of an ethics hotline

The 2019 Global Business Ethics Survey found that more reports of misconduct were made to direct supervisors (a median of 51 per cent) compared to hotlines (6 per cent). However, it is still crucial to have an Ethics and Compliance Hotline. Why? Having an ethics and compliance hotline shows employees that the business leaders genuinely want to hear from them, making it a great employee relations tool.

The ethics and compliance hotline is an anonymous reporting mechanism. So when the normal channels of communication fail, a hotline can facilitate any flagging. They provide an accessible way for employees to report potential wrongdoing, possibly illegal, unethical, or improper. A company can better protect itself from fraud, learn of employee misconduct and proactively mitigate any corruption-related risk. Despite industry or size, any organisation should be 110% committed to having an open dialogue on ethical dilemmas regardless.

CRI® Group encourages everyone to report any wrongdoing. We believe that everyone should have a voice and protect themselves, colleagues and the organizations that they work for. Everyone must seek to maintain transparency to comply with the code of conduct and compliance regulations. If your organization considers an ethics and compliance hotline, here are some must-knows.

Who can report? And what can you report?

All individuals – employees, clients, contractors, vendors and others in a business relationship with you or your organization – have a duty and responsibility to report any known or suspected noncompliant behavior or violations of any regulatory mandates and/or local policies, including but not limited to:

Ethical standards violations;
Violation of laws and company policy and internal control;
Risk and safety;
Theft, embezzlement or misappropriate of assets and fraud;
Bribery and corruption;
Employee rights, employee relations, work environment;
Privacy laws or security of personal information;
Discrimination;
A dispute related to a supervisor, HR and other departments;
Physical and verbal harassment in the workplace;
Issues related to job responsibilities;
The report related to a suspicious activity being a witness; and/or
Unfair dismissals.

How to report?

You can report your concern using the Ethics and Compliance hotlines at any time, 24/7. And an effective Ethics & Compliance Hotline should allow reporting via phone, email, web-based compliant forms and even walk-ins.

How does it work?

This will depend on your organization structure; however, if you allow reporting directly by telephone, the caller should speak with the Compliance Department directly. The caller can remain anonymous or may want follow-up, in which case(s) he will give contact details. If the individual submits a report online, the system should guide the individual through the reporting process, and a PIN number will be generated automatically once they complete the report. The compliance department specialist who receives the tip is then in charge of validating it. This compliance officer typically receives special training on gathering enough information to ensure the complaint is credible. The tip is then routed to the right department within the organisation, such as audit, legal, or human resources.

What is the process of the investigation?

The Compliance Department or Committee should then review the report and conduct an investigation. The investigation may include an interview with relevant witnesses review of records, computers, telephones and other equipment per relevant personal data regulations. The reported individual will be able to follow the status of the case and communicate with the Compliance by giving their case number. However, no party can contact the individual directly if you have chosen to remain anonymous. The investigation conclusions and recommendations are reported to Management.

Can we generate anonymous reporting?

Yes, if the individual wishes to remain anonymous when reporting their concern, they can. However, you should encourage the individual to identify themselves where/when possible, enabling your organization to investigate the report more effectively. If they provide their names, your compliance department should protect their confidentiality to the greatest extent possible during the investigation. The organization should have a Non-Retaliation and Whistleblower Policy to help ease the process.

What is a Non-Retaliation Policy?

While on the surface, hotlines may seem a convenient option to receive employee complaints, tips or concerns, often, it’s the process that surrounds the hotline which can determine whether it ultimately succeeds or fails. Areas such as employee relations are particularly challenging for anonymous tips. An organisation needs to have a whistleblower process in place – this is a critical component of any compliance monitoring system. It enables companies to identify and mitigate potential risks early before they impact operations, reputation and ultimately, financial performance.

How can we make sure they deliver a credible report?

When reporting an issue, encourage individuals to ensure that they provide as much relevant information as possible, for example, the names of persons involved in the alleged conduct, potential witnesses, appropriate documentation or data, visual evidence etc. Provide them with forms that allow them to understand what they need to submit a credible report, with the appropriate questions and empty spaces for further feedback, including the ability to upload any initial profs. This will allow your Compliance to effectively follow up on the case.

What makes a successful implementation?

A strong and clear message is delivered to employees and stakeholders by a senior individual who champions the overall programme.
A clear understanding of how best to engage with your employees at all levels and in all countries. Remember to take into account country and cultural differences.
A robust internal process to deal with reported issues as laid out in your code of conduct policy or ethics programme.

Are you addressing corporate Compliance?

Prove that your business is ethical. Find out if your organisation’s compliance program aligns with worldwide Compliance, Business Ethics, Anti-Bribery and Anti-Corruption Frameworks. Complete our FREE Highest Ethical Business Assessment (HEBA) and evaluate your current Corporate Compliance Program. Let our experts prepare a complimentary gap analysis of your compliance program to evaluate if it meets “adequate procedures” requirements under the UK Bribery Act, DOJ’s Evaluation of Corporate Compliance Programs Guidance and Malaysian Anti-Corruption Commission.

Find out what’s a Gap Analysis and why do you need it?

Report with CRI® Group!

If you find yourself in an ethical dilemma or suspect inappropriate or illegal conduct, feel uncomfortable reporting through normal channels of communication, or wish to raise the issue anonymously, use the reporting process in this Code of Conduct, including the Compliance Hotline. The Compliance Hotline is a secure and confidential reporting channel managed by an independent provider. When reporting a concern in good faith, you will be protected by the CRI® Group Non-Retaliation Policy.

REPORT NOW!

CRI® will not accept any retaliation or discrimination against any employee or external stakeholder who uses our Compliance Hotline in good faith or participates in an investigation. Any employee who breaches the policy will be subject to disciplinary actions. If you wish to learn more just have a look at our article on Ethical code of conduct: What should be covered?

About us…

Based in London, CRI® Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI® Group also holds BS102000:2013 and BS7858:2019 Certifications and is an HRO certified provider and partner with Oracle.

Meet the CEO

Zafar I. Anjum is Group Chief Executive Officer of CRI® Group (www.crigroup.com), a global supplier of investigative, forensic accounting, business due to diligence and employee background screening services for some of the world’s leading business organisations. Headquartered in London (with a significant presence throughout the region) and licensed by the Dubai International Financial Centre-DIFC, the Qatar Financial Center – QFC, and the Abu Dhabi Global Market-ADGM, CRI® Group safeguard businesses by establishing the legal Compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. CRI® Group maintains offices in UAE, Pakistan, Qatar, Singapore, Malaysia, Brazil, China, the USA, and the United Kingdom.

Contact CRI® Group to learn more about its 3PRM-Certified™ third-party risk management strategy program and discover an effective and proactive approach to mitigating the risks associated with corruption, bribery, financial crimes and other dangerous risks posed by third-party partnerships.

CONTACT INFORMATION

Zafar Anjum, MSc, MS, CFE, CII, MICA, Int. Dip. (Fin. Crime) | CRI® Group Chief Executive Officer

37th Floor, 1 Canada Square, Canary Wharf, London, E14 5AA United Kingdom

t: +44 207 8681415 | m: +44 7588 454959 | e: zanjum@crigroup.com

Filed under: All Industries, All Regions, All Solutions, Anti-Bribery Anti-Corruption Solution, Compliance Solution, CRI News, Global, ISO 37001, Leadership Insights, Resources by admin
No Comments »

« Previous Page

GDPR: Everything You Need to Know

From eMarketer

The European Union’s General Data Protection Regulation (GDPR) was put in place to standardise existing laws that call for transparency in how companies collect and store personal data about EU citizens. eMarketer’s Sean Creamer spoke with Scott Meyer, CEO and co-founder of Evidon, and Todd Ruback, the compliance services company’s chief privacy officer and vice president of legal, about what the GDPR will mean for marketers from outside the EU when it goes into effect on May 25, 2018.

Read the full article.

Staying one step ahead of any critical risk to your organisation is part of being an effective business leader. Contact us today to get started on implementing a robust program that will serve you well for years to come. Get your FREE QUOTE now!

Who is CRI Group?

In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC™) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC™ operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC™ for more on ISO Certification and training.

Filed under: Compliance Solution, Resources by admin
No Comments »

« Previous Page

Move Over, ID Theft – Here’s the New No. 1 Fraud

From CBS News

Beware of bogus IRS agents, fake offers of tech support – in other words, impostors. They’ve overtaken identity thieves to become the nation’s top fraudsters, according to the latest consumer complaint data.

The Federal Trade Commission’s Consumer Sentinel project, which tallies up the number and type of consumer complaints received each year, reported more than 3 million of them in 2016. Debt collection remains the No. 1 gripe, accounting for some 28 percent of reported complaints. However, the bulk of debt-collection complaints involve overly aggressive collection tactics, not fraud.

Read the full article.

Who is CRI® Group?

Based in London, CRI® Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business Intelligence, TPRM, Due Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI® Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

Filed under: Anti-Bribery Anti-Corruption Solution, Resources by admin
No Comments »

« Previous Page

Structure of ISO management system standards

The International Organization for Standardization (ISO) defines a management system as a set of procedures an organisation needs to follow to meet its objectives. A management system standard provides a model to follow when setting up and operating a management system. Some of the top-level benefits of a successful management system include:

Enhanced use of resources;
Improved risk management; and
Increased customer satisfaction by meeting product/service expectations

ISO has published many management system standards for topics ranging from quality and environment to information security and business continuity management. For this reason, and to help accomplish their business objectives, most organisations have more than one management system standard in place. With this comes a need to integrate and combine the standards effectively because uncoordinated systems take up extra time and resources.

Most organisations have more than one management system standard. Existing management system standards often have different structures, requirements and terminology, so integration is challenging. Uncoordinated systems take up extra time and resources. At CRI® Group, we can help you address this problem. Adopting these standards together in an integrated way will produce less duplication, confusion, and misunderstandings by ISO 31000, ISO 37001 and ISO 19600.

Management system auditors use a core set of generic requirements across disciplines and industry sectors. In the future, all ISO management system standards will have the same high-level structure, identical core text, as well as common terms and definitions:

Clause 1: Scope

It sets out the intended outcomes of the management system. The outcomes are industry-specific and should be aligned with the organisation’s context (see clause 4).

Clause 2: Normative references

This section provides the reference standards or publications relevant to the particular standard.

Clause 3: Terms and definitions

The clause explains terms and definitions applicable to the specific standard and any formal related terms and definitions standard.

Clause 4: Context of the organisation

Clause 4 has four subclauses: 4.1) Understanding the organisation and its context; 4.2) Understanding the needs and expectations of stakeholders; 4.3) Determining the scope of the management system; and 4.4) The management system. The section describes why the organisation exists. The organisation needs to identify internal and external issues that can impact its intended outcomes and all stakeholders and their expectations. It also needs to document its scope and set the boundaries of the management system.

Clause 5: Leadership

Top management is accountable for all management systems. They need to integrate the management system into the core business process, ensure the system achieves its intended outcomes and allocate the necessary resources. Top management is also responsible for communicating the importance of the system to heighten employee awareness and involvement. Clause 5 has three sub-clauses: 5.1) Leadership and commitment; 5.2) Policy; and 5.3) Organisational roles, responsibilities and authorities.

Clause 6: Planning

Having identified risks and opportunities, the organisation needs to specify how these risks will be managed. The management system’s objectives should be measurable, monitored, communicated, aligned to the system’s policy and updated when needed. This proactive approach replaces preventive actions and reduces the need for corrective actions later. Clause 6 has two sub-clauses: 6.1) Actions to address risks and opportunities, and 6.2) Management system objectives and planning to achieve them.

Clause 7: Support

After addressing the context, commitment and planning, organisations need to look at the support needed to meet their goals and objectives. This includes resources, targeted internal and external communications, and documented information that replaces previously used terms such as documents, documentation and records. Clause 7 has five sub-clauses: 7.1) Resources; 7.2) Competence; 7.3) Awareness; 7.4) Communication; 7.5) Documented information.

Clause 8: Operation

The bulk of the management system requirements specific to the topic under consideration is within this single clause. Clause 8 addresses both in-house and outsourced processes. In contrast, overall management of the process includes adequate criteria to control these processes and ways to manage planned and unintended change. Clause 8 has only one sub-clause: 8.1) Operational planning and control.

Clause 9: Performance evaluation

Decisions are required on how performance will be monitored, measured, analysed and evaluated. Internal audit activities are part of the process to ensure the management system conforms to the organisation’s requirements and is successfully implemented and maintained. Management review evaluates whether the management system is suitable, adequate and effective. Clause 9 has three subclauses: 9.1) Monitoring, measurement, analysis and evaluation; 9.2) Internal audit; 9.3) Management review;

Clause 10: Improvement

The requirement for continual improvement in performance and enhanced delivery of stakeholder expectations should be embedded in all management system standards. Clause 10 has two sub-clauses: 10.1) Non-conformity and corrective action, and 10.2) Continual improvement. Clause 10 looks at ways to address non-conformities and corrective action, as well as strategies for improvement continually.

At CRI® Group, our experts can help your organisation implement ISO 37001, ISO 31000, and ISO 19600 seamlessly integrate these management systems. This is the most effective way to reap the benefits of these world-class standards, with Training and best practices that position your organisation to mitigate risk and create actionable systems for increased success.

What are the ISO certification & Training benefits?

When your organisation decides to become certified in ISO 37001, ISO 31000, and ISO 19600, numerous benefits come with implementing these management standards.

Get government tenders: ISO certification is now required in most government tenders.
Build credibility internationally: ISO certification helps your organisation gain credibility to build an overseas business.
Better customer satisfaction: ISO standards enable an organisation to serve their customers better and increase customer satisfaction. ISO certification enhances customer satisfaction by meeting customer requirements.
Improve product quality: Since product quality matches the international level, this can reduce the risk of order rejections due to the flaw in the product.
Improve business efficiency: ISO certification implementation enhances the functional efficiency of an organisation. ISO implementations help you manage your resources effectively, as you become able to use all your resources to their maximum extent. ISO certification helps you develop SOPs and work Instructions for all your processes.
Improve marketability: ISO certification helps improve business credibility with current and new clients, which leads to creating a niche market for your business.

Our ISO solutions (certification and Training) are offered through our ABAC® Center of Excellence. Powered by CRI® Group, ABAC® educates, equips and supports the world’s leading business organisations with the latest best-in-practice risk assessments, performance assessments, systems improvement and standards certification. Find out how ABAC® can help your business!

Address bribery and corruption in all its forms with ISO 37001 Anti-Bribery Management System

To help combat the threat of bribery and corruption, ISO issued the ISO 37001:2016 Anti-Bribery Management System (ABMS) standard to help businesses, nonprofits, and governmental agencies reduce their risk of bribery and corruption by establishing, implementing, maintaining and improving an anti-bribery management system. This is critically important, as bribery and corruption can lead to criminal punishments, fines, regulatory action, lowered employee morale and damage to reputation.

The benefits are immediate when an organisation decides to move forward with ISO 37001 Anti-Bribery Management System training and certification. That’s because ISO 37001 puts methods in place that do the following:

Ensure that your organisation is implementing a viable anti-bribery management system using widely accepted controls and systems.
Give your company the tools it needs to prevent bribery and mitigate related risks.
Provide assurance to management, investors, business associates, personnel and other stakeholders that the organisation is actively pursuing internationally recognised and accepted processes to prevent bribery and corruption.
Help your company create better business partnerships with entities that recognise your certified status, including supply chain manufacturing, joint ventures, pending acquisitions and co-marketing alliances.
Potentially reduce corporate insurance premiums.
Provide your customers, stakeholders, employees and partners with confidence in your business operations and ethics
Provide a competitive edge over non-certified organisations in your industry or niche
Provide acceptable evidence to prosecutors or courts that the organisation has taken reasonable steps to prevent bribery and corruption

ISO 37001 certifies that your organisation has implemented reasonable and proportionate measures which prevent, detect and respond to bribery and comply with anti-bribery laws, internally and externally (i.e. agents, consultants, suppliers, distributors and other third parties). These measures involve top-level leadership, Training, bribery risk assessment, due diligence adequacy, financial and commercial controls, reporting, audit and investigation. Learn more about ISO 37001 standard today. Learn more about ISO 37001 ABMS

Leverage ISO 31000:2018 to improve your business continuity management program

ISO developed the 31000:2018 Risk Management Standard to help organisations address operational continuity and provide confidence and reassurance in your organisation’s economic resilience, professional reputation and environmental and safety outcomes. Like most ISO management standards, ISO 31000 can be tailored to your organisation to help achieve the best results. ISO 31000 Risk Management provides principles, a framework and a process for managing risk. Public, private, and community enterprises can all benefit from ISO 31000 because it covers most business activities, including research, planning, management and communications. Implementing ISO 31000 can help organisations increase the likelihood of achieving objectives, identify opportunities and threats and effectively allocate and use resources for risk treatment.

Being ISO 31000 certified means protecting your organisation from potential risks that could endanger the operational efficiency, governance, and stakeholders’ confidence. It will help strengthen and achieve the strategic objectives of your organisation by establishing a risk-based system of values, enabling your organisation to:

Enhanced risk management will support achieving goals & objectives
Reduce costs through proper risk management
Respond to change effectively & find viable solutions
Create and protect the value
Create a consistent basis for decision making & planning
Increase the likelihood of achieving objectives
Productively identify the opportunities and threats
Identify and mitigate the risk throughout the organisation
Gain stakeholder confidence and trust

Learn more about ISO 31000 Risk Management standard with our free playbook!

ISO 37301 standard provides a clear and comprehensive description of what the compliance function should be responsible for

ISO 37301:2021 provides guidance for establishing, developing, implementing, evaluating, maintaining and improving an organisation’s compliance management program. It covers all compliance-related issues, including anti-trust, fraud, misconduct, export control, anti-money laundering, and other unexpected risks which might aﬀect your business.

The standard acts as a global benchmark for eﬀective and responsive compliance management programs based on good governance and transparency principles. The guidelines set forth by the standard are applicable to all types and sizes of organisations and aren’t restricted by industry, risk exposure or geographic reach. The guidelines set forth in the internationally accepted ISO 37301 Compliance Management Systems represent the first step in developing a framework that protects the organisation from falling victim to the many risks associated with corporate bribery and/or corruption. ISO 37301 standard provides a clear and comprehensive description of what the compliance function should be responsible for:

Identifying compliance obligations and translating those obligations into actionable policies and procedures
Integrating compliance obligations into existing practices and procedures
Analysing performance to identify the need for corrective actions
Providing or organising ongoing Training and support for employees regularly
Establishing compliance performance indicators, monitoring and measuring compliance performance
Providing objective advice to the organisation on compliance-related matters
Putting in place a compliance reporting & documenting system
Ensuring the compliance management system is reviewed regularly.
Developing & implementing processes for managing information (i.e. hotlines, whistleblowing reporting systems & other mechanisms)
Providing employees with access to resources on compliance procedures & references
Ensuring there is access to appropriate professional advice in the establishment, implementation and maintenance of the management system
Promoting the inclusion of compliance responsibilities into position descriptions & employee performance-management processes
Identifying compliance-related risks & managing resulting compliance obligations relating to third parties (i.e. suppliers, agents, distributors, consultants & contractors)

ISO 37301 Compliance Management Systems

CONTACT US

NEWSLETTER SUBSCRIPTION

FOLLOW US