Ethical code of conduct: What should be covered?
Business leaders are usually quick to communicate their expectations to employees, especially when it comes to financial goals or tasks that they want to be accomplished. However, what is often lacking is a clear, concise explanation of what the organisation expects in terms of ethical behaviour. The recent article “Puffery or Not? Courts Examine Corporate Codes of Conduct” explains that although a number of federal courts have found code of conduct statements to be non-actionable puffery, given the uncertainty in the face of the novel CODIV19 pandemic, public companies are ought to review their codes of conduct and revise them if necessary to mitigate litigation risk. Ethical code of conduct:
Does your organisation have an ethical code of conduct? If not, you might be making assumptions that your employees know to conduct themselves in an ethical manner, when, in fact, this expectation only exists in a grey area in their minds – if at all. In fact, some employees who have engaged in fraud, corruption or other unethical situations have claimed that while they knew their behaviour was wrong, they thought it was implicitly accepted by their bosses and, in some cases, their company overall.
Rather than assume that ethical rules “go without saying,” every organisation should spell out what they expect of their employees when it comes to ethical behaviour. At CRI Group, we counsel business leaders on the principle that every organisation should have a written, carefully considered ethical code of conduct as part of their fraud prevention strategy. CRI’s Certification program through the ABAC Center of Excellence includes developing an ethical code of conduct as part of the training and development phase for clients.
What should be covered?
An ethical code of conduct should be tailored to your company and your organisation – no two will be the same. What are the risks inherent in your organisation? What about in your industry? A pharmaceutical company will have some different risk areas than a retail store, for example. A nonprofit organisation might have concerns that relate to fundraising, a government agency might be focused on preventing bribery or collusion.
The goal of an ethical code of conduct is to help all employees understand the expectation that they always behave in a legal and ethical manner, and that the organisation has zero tolerance for unethical behaviour. It should include the following focal points:
1. Business values
This can include your organisation’s mission and vision and should help set the tone for how the organisation relates to its clients, partners, its own employees and the public at large.
2. Guiding principles
The principles that guide your company include customer satisfaction, financial success and profitability, improvement and growth. Your company might also follow policies of corporate responsibility, such as respect for social and environmental issues, and support of the community and/or nonprofit efforts.
3. Role of leadership
This section of the code of conduct should state that management has clearly endorsed the code and that employees can approach any manager or executive with ethical concerns or complaints.
4. Regulatory and compliance
This section should communicate the organisation’s commitment to meeting all compliance requirements, from OSHA and EPA to Sarbanes-Oxley and Dodd-Frank. This reinforces leadership’s expectation that employees must act diligently and ethically to uphold those standards, as well.
5. Employee responsibility
Every employee, from top to bottom, shares the responsibility toward upholding the ethical standard defined in the code. Contractors and volunteers are also expected to follow the standard of behaviour. Furthermore, the code should make clear that if the unethical behaviour is detected, turning a blind eye or deciding “it’s not my problem” is unacceptable. That is a breach of the ethical code.
CRI Group can help your organisation with the finer points of drafting and implementing an ethical code of conduct. ABAC Center of Excellence includes this critical piece as a part of any robust fraud, bribery and corruption prevention program.
After the ethical code of conduct is approved by company leadership, it should be read and signed by all employees (with the signed copies kept on file by the organisation). And it should be displayed prominently in the office. Unethical behaviour, including fraud and other corruption, is everyone’s problem, and it must be prevented, detected and reduced. Staying one step ahead of any critical risk to your organisation is part of being an effective business leader.
ISO 37001:2016 Anti-Bribery Management System certification is offered under CRI Group’s ABAC® Centre of Excellence, an independent certification body established for Anti-Bribery Management System training and certification, ISO 37301 Compliance Management Systems and Risk Management System certification. The program will be tailored to your organisation’s needs and requirements. For assistance in developing and implementing a fraud prevention strategy, contact ABAC today or get a FREE QUOTE now!
Who is CRI® Group?
Based in London, CRI® Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening,
In 2016, CRI® Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI® Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.
Middle East Background Screening: Compliance With Privacy Laws
It’s a fact that some of the most talented and promising job candidates possess the most disturbing pasts. Such deception can lead to a perilous future for an employer. This is the primary reason businesses are strongly advised to conduct background screening investigations before hiring seemingly well-qualified managerial candidates. background screening Privacy Laws Compliance
In every region and jurisdiction in the world, there are different regulations that govern what background screeners can and can’t do in regards to providing pre- and post-employment screening services. The laws in the United States, for example, are not the same as those that affect investigations in the Middle East. The concern over individual privacy and data protection are hot discussion items globally. Companies that engage background screening firms for the Middle East need to make sure those investigators are following all rules and regulations in regards to privacy – or else they might face liability along with the screening provider.
Examples of Privacy Laws in the Middle East
While reputable screening firms in the U.S. comply closely with the Fair Credit Reporting Act to conduct domestic background investigations, foreign investigations are much more complex.
Middle East countries have no prohibitive legislation that governs the employment screening process. At the same time, there is no cooperative legislation and regulation to support background screening services for employee due diligence. However, background screening industry professionals must adhere to strict data protection requirements (such as the GDPR, local Data Protection regimes specifically DIFC Data Protection, ADGM Data Protection and QFC Data Protection regulations) to process consensually based personal information.
In UAE, local police departments provide “Good Conduct Certificates” for employees for immigration purposes, while Dubai International Financial Centre (DIFC) Data Protection standards allow for the processing of sensitive personal information, such as criminal history, with signed consent from the data subject for employee due diligence requirements.
In the United Arab Emirates, data protection laws permit investigators to process sensitive personal information such as criminal history data. As a DIFC-licensed entity, the Corporate Research and Investigations Limited “CRI Group” (as well as other reputable background screening firms) must maintain strict adherence to the region’s Data Protection Law in order to fulfil our ongoing DIFC licensed status. As in the United States, the procurement of personal data in this region – and any subsequent transfer of data outside of the DIFC – may only be attained with the written consent of the individual being investigated.
Reputable screening firms in the Middle East will also comply with regional privacy laws (such as the GDPR) by appointing an internal Data Protection Officer (DPO) whose primary responsibility is to conduct independent audits of the firm’s various information processing operations which handle customer and employee data. The DPO ensures that personal data is handled in accordance with all relevant data protection provisions covering online and offline data procurement while complying with local and regional regulations pertaining to individual privacy standards.
The Urgent Need for Background Checks
While all guidelines and regulations must be followed, the absolute need for comprehensive background screening in the Middle East cannot be disputed. The region has a labor force of over 150 million individuals serving in all capacities and industries (World Bank, 2019). Those statistics can be quickly put into context when considering that deception in the employment process, such as résumé fraud, is believed to be rampant and widespread: One report estimates that 80 percent of all job applicants intentionally mislead potential employers on their résumé or application (Security, 2017).
Case Study
To help understand the problem, consider this case study: An international company was hiring to fill a position in the Middle East. When they engaged a firm that specialises in pre- and post-employment background screening, the firm’s investigators uncovered disturbing details about an applicant. One of the individual’s previous employers reported that the applicant was hired without any prior experience, was trained for a couple of months, and then terminated due to committing cash embezzlement as well as participating in harassment and workplace violence. A second employment verification revealed his termination, as he caused a financial loss to the company.
In the above example, the background checking company uncovered the deception through comprehensive background screening that went beyond basic database checks and reviews of public records. In the Middle East, background investigations – both for pre- and post-employment screening – often require a “boots on the ground” approach. This can mean conducting much of an investigation literally on foot, travelling to remote regions to interview sources and check documents in person. And, the entire investigation was conducted within all privacy laws and regulations.
Some job candidates will seek an advantage through fraudulent means. The hidden truth might even include criminal behavior. It is important for any organisation to verify information provided by individuals they seek to hire. In the Middle East, this process will often look different than it would in the U.S. By following all local laws and regulations, however, a reputable background check firm will be helping to protect your company – while also safeguarding your future.
Let’s Talk!
If you have any further questions or interest in implementing compliance solutions, please contact us.
About the Author
Zafar Anjum | Group Chief Executive, CRI Group
Anjum is founder and CEO of CRI Group and ABAC Center of Excellence. Having dedicated three decades to the areas of fraud prevention, protective integrity, security, compliance, anti-bribery and anti-corruption, Zafar Anjum is a highly respected professional in his field.
Middle East corruption: how can ISO 37001 help?
Political and governmental unrest can affect a region’s economy and the integrity of business transactions. The current state of the Middle East exemplifies this phenomenon. While governments in the region are making efforts to curb corruption, political instability and regime changes often undermine these measures. Bad actors understand how to take advantage of such vulnerabilities, leading to increased bribery and corruption across international borders. Recent cases and statistics show that the problem persists in most countries in the region. Against this backdrop, most government officials and private sector business leaders view it as a high priority to reduce bribery and corruption. One of the problems, however, is that some dishonest politicians use supposed anti-corruption efforts as a tool against political enemies. This makes clear that the best approach is for government agencies and businesses themselves to lead from the front. By adopting an internationally recognised set of anti-bribery anti-corruption standards, increased business integrity will result. Organisations that are committed this effort are adopting the ISO 37001 – Anti-Bribery Management Systems standard as a comprehensive approach to mitigating bribery and corruption risk. ISO 37001 and its elements can be tailored to any type of organisation, of any size. The key elements include adopting an anti-bribery policy, appointing a person to oversee anti-bribery compliance, training, risk assessments and due diligence on projects and business associates. ISO 37001 also calls for implementing financial and commercial controls, and instituting reporting and investigation procedures.
Corruption a Major Challenge in the Middle East
The Middle East lags behind several other regions when it comes to bribery and corruption. Even as these elements are on a slight decrease globally, the Transparency International Corruption Perceptions Index shows the troubled state of the Middle East and North Africa. “The Corruption Perceptions Index 2018 presents a grim reality in the Middle East and Northern Africa where, despite some incremental progress by a select few, most countries are failing in the fight against corruption”. Syria, Yemen and Libya are at the bottom (worst) end of the list. There are some bright spots, though. United Arab Emirates (UAE) and Qatar, both countries that have taken strong stances on fraud and corruption, score the highest for the Middle East. Morocco and Egypt showed some improvement. Overall, however, the political instability in the region has created a tumultuous business environment. According to the article: “In many Arab governments, powerful individuals have actively influenced government policies and diverted public funds and state assets for their own self-interest and enrichment at the expense of citizens. This reduces anti-corruption efforts to merely ink on paper, where laws pass, but are rarely enforced or implemented.”
This is underscored by limits and obstacles that corruption throws up in the way of those looking to enact real change. “Across much of the developing world, the corruption of courts and other government institutions threatens the free flow of goods and capital that promotes economic growth. Left unaddressed, such threats can lead to heightened tensions among nations and even outright trade wars. Diplomats operate under constraints that limit how much they can call out international bad actors who violate the rule of law. That’s why the role of outside watchdogs is so important in promoting the Rule of Law and holding nations to the standards of fairness and impartiality they claim to meet,” writes National Review.
Iran: Power Structures Hamper Progress
One country that exemplifies the Middle East difficulties with corruption is Iran. The problem is described by one analyst as “deeply rooted,” and even recognised by the country’s conservative rulers. In such a political structure as Iran’s, a campaign to combat “systemic corruption” is often seen as the lens of political reprisals against rivals. “In autocratic systems, every now and then, a campaign emerges under the banner of fighting corruption. The main reason is to buy legitimacy for the system. During the last years of the rule of the former Shah of Iran, in an attempt to tame the revolution, such a campaign led to the arrest of several prominent political figures, including Amir-Abbas Hoveyda, who served for 13 years as prime minister”.
“While the same impetus could be behind the current move by Raisi, there is strong speculation in Iran that the move also, and more importantly, aims to shape a consensus within the country to accept Raisi’s giant leap towards assuming the leadership of the country after Khamenei’s death”.
While there has been some concern that the corruption crackdown is a cover for prosecuting reformers, some disagree – positing that it depends more on which party is leading the effort. “Corruption in Iran is linked to political power. Therefore, whichever of Iran’s two main political factions—fundamentalist or moderate-reformist—takes over the executive branch, corruption among the members of that faction increases. At the end of former President Mahmoud Ahmadinejad’s term in office, for instance, his first vice president, Mohammad-Reza Rahimi, and his Vice President for Executive Affairs, Hamid Baghaei, were imprisoned for economic corruption and embezzlement. Such corruption reached an all-time high during his tenure in office”. In any case, it’s clear that most observers aren’t convinced that the country’s anti-corruption campaign is to be taken at face-value – yet.
Bribery Cases Exposed in UAE
Two bribery cases demonstrate some common characteristics among such schemes. While both of these instances were uncovered (and prosecuted) in the UAE, they are likely typical for the Middle East region and beyond.
In 2018, an Emirates Post revenue officer was sentenced to prison after being convicted of attempted bribery. The officer solicited a Dh100,000 bribe from a corporate customer. He was in a unique position to attempt the crime, as his duties included collecting and auditing profits for the Emirates Post office in Dubai. The Jordanian revenue officer, 28, collected and audited profits, among other duties, on behalf of Emirates Post office in Dubai. The offender perpetrated the scheme by leveraging fines on a shipping company based in India for supposed postal fee violations. The alleged fine, according to the revenue officer, totaled Dh2.4 million, and he attempted to negotiate a scheme with the client to have the fine reduced to Dh400,000 – in exchange for the Dh100,000 bribe. Instead of paying, the client wisely contacted the police. In a sting operation, the client was fitted with a listening device, and met and paid the bribe – under coordination of the police. As a result, the revenue officer was arrested, and subsequently convicted.
In another case, two Asian residents of UAE were sentenced to three years and one year in jail for giving and accepting a bribe. They were also fined Dh5,000. One of the perpetrators was a government officer. The first defendant, a trader, offered a bribe of Dh900 to the government officer, who works as a customs clearance staff member with the Saqr Port in Ras Al Khaimah. The goal was to ship two containers full of scrap iron out of the UAE without paying taxes or undergoing an inspection. When they were caught, the trader who gave the bribe claimed that it was just a loan, and that he had already paid “over DH50,000 in taxes and charges”. The other defendant (the customs officer) agreed, but the court did not accept their explanation. Both defendants will be deported to their home countries after serving their prison sentences. These types of cases are typical among positions of access, and can happen in any jurisdiction. They exemplify the problem that government agencies and companies alike are trying to reduce and prevent.
‘Relationship Building’ v. Bribery
To some degree, the same problems that plague the Middle East are endemic around the world. Among them, the dilemma of misunderstanding in terms of what constitutes bribery. In nearly all cultures, relationship building is considered an essential part of doing business. Often, business associates consist of numerous friends or even family members. When that is the case, there can be a slippery scale in terms of what is merely a favor or a gift, versus what constitutes bribery or corruption. The Foreign Corrupt Practices Act (FCPA) can provide some guidelines here. A case involving Bank of New York Mellon is instructive. “On 18 August 2015, Bank of New York Mellon (“BNYM”) consented to a Securities and Exchange Commission (“SEC”) Order requiring BNYM to pay $14.8 million to settle charges that it violated the FCPA by providing student internships to family members of foreign government officials affiliated with a Middle Eastern Sovereign Wealth Fund (“SWF”). All parties involved, except BNYM, have been anonymised in the Order so that the nationality of the foreign public officials and the SWF is publicly unknown beyond being described as ‘Middle Eastern’.
“The BNYM internships were given to three people: the son and nephew of one key figure of the SWF and the son of another. The internships were given despite the facts that the interns did not meet the rigorous selection criteria usually applied by BNYM and did not go through the standard (or any) recruitment process before being awarded the internships. In addition, these internships were found by the SEC to be more valuable than those offered to the regular applicants, who had endured the competitive admissions process against strict entry requirements. For example, rotation between business units was arranged, which is not an opportunity afforded to regular interns.”
“Emails between BNYM employees clearly demonstrate that the motivation behind the favour to the foreign officials was to influence the latter’s decision-making in the interests of BNYM. There can be no doubt that this was bribery in action – the BNYM employees expected to retain and gain business from the foreign officials in return for offering their relatives valuable internships to which they would not otherwise have had access”.
The case clearly describes what could be considered a “gray area” compared to some of the more extreme realities of bribery and corruption. One study of the Middle East and North Africa in 2016 suggested that people felt the need to bribe officials for basic services. “About 30 percent of those polled said that they had to access basic public services by bribing officials. If that figure holds across the entire MENA region, that would mean that about 50 million people, the majority of whom are poor, feel they must pay bribes in order to have access to basic public services. In five countries, the rich reported being far less likely to have to pay a bribe: 63 percent of poor Sudanese citizens versus 38 percent of wealthy ones, for example, and 23 percent versus 12 percent, respectively, in Algeria”.
ISO 37001:2016 to Combat Bribery & Corruption
Corruption certainly isn’t exclusively a Middle Eastern problem. Organisations around the world are taking action to reduce risk. They’ve found the structure and process they need in ISO 37001. ISO 37001 was issued by the International Organization for Standardization (ISO) in 2016 to help organisations worldwide increase and measure their efforts against bribery and corruption. Through ISO 37001 ABMS, organisations can implement standards at every level. These measures include adopting an anti-bribery policy and appointing a person to oversee anti-bribery compliance, training, risk assessments and due diligence on projects and business associates. It’s also critical that the organisation implement financial and commercial controls, along with reporting procedures and investigation processes.
CRI Group founded ABAC® (Anti-Bribery and Anti-Corruption) Center of Excellence to help organisations of all types and industries implement ISO 37001 certification and/or training. ABAC® has a team of experts around the world that include certified ethics and compliance professionals, financial and corporate investigators, forensic analysts, certified fraud examiners, qualified auditors, and accountants. They are trained and experienced in the implementation of ISO 37001’s key elements, helping clients more effectively prevent bribery and corruption. ABAC Certification is an accredited provider of ISO 37001 ABMS, and it provides certification and training for organisations of various types and industries.
There are requirements and guidance that the ISO 37001 standard prescribes for a comprehensive anti-bribery management system. The following bribery elements are addressed by ISO 37001 in relation to the organisation’s business processes and activities:
- Bribery in the public, private and not-for-profit sectors
- Bribery by the organisation
- Bribery by the organisation’s personnel acting on the organisation’s behalf or for its benefit
- Bribery by the organisation’s business associates acting on the organisation’s behalf or for its benefit
- Bribery of the organisation
- Bribery of the organisation’s personnel in relation to the organisation’s activities
- Bribery of the organisation’s business associates in relation to the organisation’s activities
- Direct and indirect bribery (e.g. a bribe offered or accepted through or by a third party)
Government organisations and companies can reduce the risk of bribery through ISO 37001’s best practices for anti-bribery and anti-corruption. The following are just a few of the ways ISO 37001 helps accomplish this goal:
- Provide needed tools to prevent bribery and mitigate related risks
- Help an organisation create new and better business partnerships with entities that recognise ISO 37001 certified status, including supply chain manufacturing, joint ventures, pending acquisitions and co-marketing alliances
- Potentially reduce corporate insurance premiums
- Provide customers, stakeholders, employees and partners with confidence in the entity’s business operations and ethics
- Provide a competitive edge over non-certified organisations the organisation’s industry or niche
- Provide acceptable evidence to prosecutors or courts that the organisation has taken reasonable steps to prevent bribery and corruption
It is important to note that “Conformity with (ISO 37001) cannot provide assurance that no bribery has occurred or will occur in relation to the organisation, as it is not possible to completely eliminate the risk of bribery”, according to ISO. The certification is potentially an important piece of evidence, however, that shows regulators, prosecutors, and the courts that the organisation has taken meaningful action to prevent bribery and corruption.
Conclusion
All is not lost. Some Middle Eastern countries, like the United Arab Emirates, have made a commitment and continue to demonstrate positive strides toward combating corruption. UAE has expanded its laws, broadened the definitions of what is considered bribery and corruption, and increased punishments. But the country is largely an outlier in a region that is struggling under the weight of instability and corruption.
In this type of environment, both government organisations and the businesses they serve (and regulate) need ISO 37001. The sooner organisations implement the comprehensive measures prescribed by ISO 37001, the calmer the seas will be for international trade, business agreements and mergers, acquisitions and other positive elements of economic growth.
An established standard like ISO 37001 ABMS can help organisations address bribery and corruption through implementing best practices in a program of training and certification. While following the curriculum, the training process can easily be tailored to the organisation based on its size, type, industry or risk level. Bribery and corruption are pervasive problems that won’t be solved overnight. It will take a concerted effort by all major players in the region to make positive strides and reduce risk factors. ISO 37001 provides a blueprint for making those changes. Twenty or thirty years ago, organisations were mostly on their own went it came to developing an anti-corruption strategy. Today, there is a tried-and-true path forward. Committing to it is the first step toward making real progress in the Middle East.
Sources
- “Middle East & North Africa: Corruption Continues As Institutions And Political Rights Weaken,” Transparency International, 29 Jan. 2019,
< https://www.transparency.org/news/feature/regional-analysis-MENA> (accessed 25 Oct. 2019)
- John Fund, “Cleaning Up Corruption Is a Key to Middle East Stability,” National Review, 23 October 2019,
<https://www.nationalreview.com/corner/cleaning-up-corruption-is-a-key-to-middle-east-stability/> (accessed 25 Oct. 2019) OECD, The rationale for fighting corruption. 2014
- Shahir Shahidsaless, “Iran’s conservatives are saying it: Corruption is ‘systemic’”, Middle East Eye, 7 Oct. 2019,
<https://www.middleeasteye.net/opinion/whats-behind-irans-crackdown-corruption> (accessed 25 Oct. 2019)
- Jalil Bayat, “Iran’s Goals In The Fight Against Economic Corruption,” Lobe Log, 18 Oct. 2019,
<https://lobelog.com/irans-goals-in-the-fight-against-economic-corruption/> (accessed 25 Oct. 2019)
- Salam Al Amir, “Emirates Post worker jailed for seeking Dh100k bribe from customer”, The National, 31 Oct. 2018,
< https://www.thenational.ae/uae/emirates-post-worker-jailed-for-seeking-dh100k-bribe-from-customer-1.786526> (accessed 10 Nov. 2019)
- Ahmed Sheeban, “Government officer jailed for accepting Dh900 bribe in UAE”, Khaleej Times, 13 April 2019,
< https://www.khaleejtimes.com/nation/ras-al-khaimah/government-officer-jailed-for-accepting-dh900-bribe-in-uae> (accessed 10 Nov. 2019)
- Andrew Hudson, “Middle East meets West: Where is the line between relationship-building and bribery?,” Al Tamimi 7 Co., September 2015,
< https://www.tamimi.com/law-update-articles/middle-east-meets-west-where-is-the-line-between-relationship-building-and-bribery/> (accessed 25 Oct. 2019)
- Ben Thompson, “Bribery worsening in the Middle East and North Africa, citizens say,” CSM, 3 May 2016,
< https://www.csmonitor.com/World/Global-News/2016/0503/Bribery-worsening-in-the-Middle-East-and-North-Africa-citizens-say> (accessed 25 Oct. 2019)
- “ISO 37001:2016 ANTI-BRIBERY MANAGEMENT SYSTEMS — REQUIREMENTS WITH GUIDANCE FOR USE”, www.ISO.org,
< https://www.iso.org/standard/65034.html > (accessed 5 Aug. 2019)
- Adam Vause, Zara Merali, “The UAE’s fight against bribery and corruption,” DLA Piper, 16 July 2019,
< https://www.dlapiper.com/en/dubai/insights/publications/2019/07/the-uaes-fight-against-bribery-and-corruption/> (accessed 25 Oct. 2019)
اتصل بنا
المقر الرئيسي: +44 7588 454959
المحلي: +971 800 274552
:البريد الإلكتروني info@crigroup.com
المقر الرئيسي: 454959 7588 44
المحلي: 274552 800 971
:البريد الإلكتروني info@crigroup.com
الاشتراك في النشرة الإخبارية