Why Financial Services Firms Need ISO 37001 ABMS?

When Société Générale, a global financial services institution based in France, agreed to pay a combined total penalty of more than $860 million for an alleged bribery and corruption scheme, it served as a warning shot to financial firms worldwide that a culture of enforcement has arrived. Société Générale was accused of paying bribes to officials in Libya and committing violations in manipulating the London InterBank Offered Rate (LIBOR), one of the world’s leading benchmark interest rates. Together with other regulatory penalties faced by the financial services giant, the total amount to be paid exceeds $1 billion. (The United States Department of Justice, 2018)

Bribery and corruption often go together with money laundering – and, as such, the financial sector faces new Anti-Money Laundering (AML) rules and legislation that is strict and increasingly enforced. Remaining in compliance through implementing proper prevention controls is a must. Failing to do so can mean a loss of business, trust and reputation: Banking giant Citibank was fined $70 million in the US for failing to address shortcomings in its anti-money laundering policies. We at CRI intend on being apart of the solution. Therefore, CRI Group’s ABAC™ will be hosting a webinar on the 30th of September exploring the Pitfalls Most Organisations Often Commit – the importance of implementing Anti-Bribery Management System (ABMS). Being a part of the solution means sharing our knowledge so society is one step closer to an ethical reality.

Registration Expired

In the US alone, more than 100 bribery investigations were in progress at the end of last year, with the financial services industry facing the most investigations. (Wall Street Journal, 2019)

Having layers of safeguards in place is required both from a legal and compliance standpoint. One of the most critical layers is an effective anti-bribery management system (ABMS).

Prevent Corruption and Promote Compliance

There is a solution that financial services organisations can implement to take a proactive stance against bribery and corruption: The ISO 37001:2016 Anti-Bribery Management System standard. ISO 37001 ABMS is designed to help global organisations implement an anti-bribery management system (ABMS), as the standard specifies a series of measures required by the organisation to prevent, detect and address bribery, and provides guidance relative to that implementation.

For financial services firms, this is a critical layer of protection that provides both anti-bribery controls and a system for compliance with various anti-corruption legislation, such as the FCPA and UK Bribery Act. The UK Bribery Act’s adequate procedures requirement dictates that all companies need to have ongoing monitoring, training, surveillance and risk assessments – ISO 37001 ABMS is designed to fulfil these criteria and more.

CRI Group’s ABAC™ Certification Services is accredited to offer independent ISO 37001 certification to ensure that an organisation is in compliance with the standard, which is recognised and practised in more than 160 countries worldwide. CRI Group’s auditors and analysts work with financial services organisations to develop measures that integrate with existing management processes and controls, and include:

  • Adopting an anti-bribery policy
  • Establishing buy-in and leadership from management
  • Training personnel in charge of overseeing compliance
  • Communicating the policy and program to all personnel and business associates
  • Providing bribery and corruption risk assessments
  • Conducting due diligence on projects, business associates and other third-party affiliations
  • Implementing financial and commercial controls
  • Developing reporting and investigation procedures

Our paid webinar will have a rundown of the following:

  • What are the core Bribery and Corruption Risks for Financial Institution?
  • How to protect financial institutions and corporations from bribery and corruption risk
  • Reparations from bribery that could affect the businesses, clients, and employees
  • Successful regulations to mitigate risk for bribery and corruption.
  • What can be done if bribery is detected?
  • Internationally recognised solutions laid forth by ISO 37001: Anti-Bribery Management System that gives businesses effective controls to mitigate risk
  • Components of risk management at a financial institution

We will also be exploring how the implementation of such a standard aids in examining and dealing fittingly with any actual or suspected bribery within the corporation and also how to implement appropriate financial, procurement and other commercial controls so as to help prevent the risk of bribery in financial services as these organisations face unique challenges.

Register Here (Expired)

Among them are maintaining proper internal procedures as they relate to bribery and AML regulations. These measures can be logistically challenging, especially in the auditing process – but keeping accurate books and records is a key provision of the UK Bribery Act. ISO 37001 ABMS standard makes this a key provision in cultivating proper due diligence and reporting procedures.

Another major challenge involves monitoring third-party risk. The due diligence practices and risk assessments implemented through ISO 37001 ABMS are critical in this area. Financial services firms, more than any other sector, must conduct effective vetting and ongoing monitoring of third-parties. This goes beyond “on-boarding” and relates to how companies continually assess risk from outside partners – including brokerage firms, introducers, agents, joint-venture relationships, even clients – as borrowers, for example, represent a major risk on the balance sheet.

Some financial services companies do not properly score or assign risk profiles to third-party partners, and this can represent a major weak point in efforts to prevent bribery, corruption and money laundering. Regulators understand this, too. That’s why ISO 37001 ABMS dictates thorough and comprehensive due diligence in regards to all third-parties and especially in the case of mergers and acquisitions.

Once certified, an organisation must continue surveillance and undergo a recertification audit over three years to ensure that the organisation still complies with the ISO 37001:2016 ABMS standard. During this time, any changes to processes, the addition of new partners and expansion/acquisition of new assets or energy contracts, etc. are carefully reviewed.

Long-lasting Benefits of Certification

ISO 37001 ABMS provides a strong framework for addressing and isolating risk factors, and the benefits of certification are far-reaching, impacting not just the primary organisation but also influencing contractors, clients, and raising the profile of the company as an ethical entity that is a good trading partner. By achieving ISO 37001:2016 ABMS certification, a financial services firm will:

  • Ensure that the organisation is implementing a viable anti-bribery management system utilising widely accepted controls and systems.
  • Assure management, investors, business associates, personnel and other stakeholders that the organisation is actively pursuing internationally recognised and accepted processes to prevent bribery and corruption.
  • If needed, provide acceptable evidence to prosecutors or courts that the organisation has taken reasonable steps to prevent bribery and corruption.

Cases like Société Générale are not isolated, but more and more, we are seeing companies punished for not taking proper preventative action with a robust anti-bribery management system (ABMS). Financial services firms need to be aware and stay in front of increased anti-bribery and corruption legislation given that such regulations have, in most cases, achieved a global reach. For ownership and management, the stakes are especially high – accountability now includes criminal liability for organisation personnel as individuals, beyond (and in addition to) liabilities faced by the organisation. This trend will only continue as governments, and their publics become increasingly intolerant of fraud, bribery and corruption. Significant media coverage and the real and perceived threat to governments’ economies contribute to this changing landscape of public opinion.

As the ISO 37001 International standard document states, “Conformity with (ISO 37001) cannot provide assurance that no bribery has occurred or will occur in relation to the organisation, as it is not possible to eliminate the risk of bribery. However, (the standard) can help the organisation implement reasonable and proportionate measures designed to prevent, detect and respond to bribery”. With this in mind, It’s important to note that ISO 37001 certification, on its own, is not a “safe harbour” from prosecution should bribery or corruption be discovered. Significantly, ISO certification is, as the above explains, a potential mitigating piece of evidence to regulators or even prosecutors and the courts that the entity has taken meaningful steps in its efforts to prevent bribery and corruption.

Financial Services Firms Need ISO 37001 ABMS

It is critical that any financial services organisation have a proper, comprehensive strategy to prevent and detect bribery and corruption, and remain in compliance with all regulations – on the local, regional, and international levels. The ISO 37001 ABMS standard is an established, tried and tested program to address those issues head-on through a comprehensive program of training and certification. The training process is tailored to the organisation while still following the developed curriculum and documented best practices. Due diligence procedures and risk assessments are applied in a thorough, comprehensive manner. Certification requires the demonstration that processes have been implemented effectively, with follow-up evaluations.

Worldwide developments in laws and regulations have demonstrated that there isn’t time to wait to implement controls and compliance procedures – the next investigation and/or prosecution may be too late. The harm caused by bribery and corruption to an entity’s reputation, investments and business can be far-reaching and long-lasting.

This paid webinar will be running from the following times on Thursday the 30th of September;

  • 08:00 to 10:00 GMT
  • 15:00 to 17:00 MYT
  • 12:00 to 14:00 GST

Your turnout with come with a certificate of Attendance (COA) as well as a complimentary webinar ABMS Awareness for 2 Pax per company. While you’re there, why not attain a Continuing Professional Development (CPD) certificate and stay on top of your industry?

Register your place for this webinar here and find out how to tackle the issue of bribery and corruption in your workplace before it has time to manifest itself into a greater issue. Finance is the greatest asset to the economy after all.

Complete Registration (Expired)

, Finance & Professional services Industry, ISO 37001, Resources by admin
No Comments »

ISO 37001 Solutions for All Industries (Part 3)

In part 1, we discussed how ISO 37001 ABMS can help companies across a wide range of industries, including automotive, aviation and insurance. In part 2, we looked at how pharma and healthcare, property, IT and telecommunications organisations can benefit from Anti-Bribery solutions as well. In this final part, we will explore some aspects of how companies from the financial, oil and energy industries could implement ABAC solutions.

Finance

Bribery and corruption are among the top fraud concerns for all financial organisations. These include banks & financial institutions, real estate lenders, business credit and finance companies, commercial investment corporations, asset-based lenders, debt financing firms, acquisition capital firms and others. Having safeguarding processes in place is required both from a legal and compliance standpoint and from the position of being a trusted, secure financial institution. The financial sector includes new Anti-Money Laundering (AML) rules and legislation, and these regulations are strict and increasingly enforced. As such, remaining in compliance through implementing proper prevention controls is a must.

In one high-profile case, between 2006 and 2013, JPMorgan Chase and its subsidiary, JP Morgan Securities (Asia Pacific) Limited (JPM-APAC) took on about 100 Chinese interns and full-time employees who ended up at the centre of a bribery case spread over two continents and worth hundreds of millions of dollars. In order to win business from members of the Chinese government and state-owned companies, JPM-APAC allegedly targeted their children, offering them high-ranking and well-paid positions in the business in order to curry favour with their parents. JP Morgan fell into trouble for allegedly violating the Foreign Corrupt Practices Act (FCPA), and the DoJ called the scheme ‘bribery by any other name’ – alleging that it had threatened national security. In November 2016, the bank was ordered to pay $264 million to settle the claims against it – $130m to the SEC for violations of the FCPA, $72m to the US Justice Department and $61.9m to the Federal Reserve Board of Governors.

CRI Group™ investigates: Pharma corruption case included CFO

ISO 37001 in Oil, Gas and Energy Industries

The oil and energy sector is a massive portion of the world’s economy, dealing mainly in petroleum – including upstream (exploration, development and production of crude oil or natural gas) and downstream (oil tankers, refiners, retailers and consumers) pipeline. The need to prospect, discover, and realise oil and energy production in various (and often far-flung) locations lends to the vulnerability to fraud – but geographic considerations aren’t the only risk factors.  Perhaps even more impactful is the complexity of business relationships required to operate in the industry – relationships with governments, contractors, regulators, investors/venture partners, equipment suppliers and other parties. Every such interaction and dealing can be considered susceptible to bribery and corruption where cutting corners may be considered profitable or even perceived to be “business as usual.”

An infamous example is the case of Petrobras. In December 2017, the world’s largest builder of offshore rigs agreed to pay $422 million in penalties after entering a guilty plea for bribery charges connected with the Petroleo Brasileiro (Petrobras) scandal. Keppel Offshore & Marine Ltd. made illicit payments to both Petrobras officials and government representatives for more than a decade, between 2001 and 2014 (Reuters, 2017). The sweeping multimillion-dollar bribery scandal that rocked Petrobras led to numerous investor lawsuits and the downfall of disgraced government officials. It also served as the embodiment of the huge risk of bribery and corruption that confronts the entire oil and energy sector. See “Oil and Energy Companies Look to ISO 37001.”

Long-lasting Benefits of Certification of ISO 37001

ISO 37001 provides a strong framework for addressing and isolating risk factors in all industries. The benefits of certification are far-reaching, impacting not just the primary organisation but also influencing contractors, clients, and raising the profile of the company as an ethical entity that is a good trading partner. Even more effective, ABAC™ tailors IS0 37001 to the specific needs of the client.

By achieving ISO 37001:2016 certification, an organisation will ensure that it is implementing a viable anti-bribery management system utilising widely accepted controls and systems. It will also assure management, investors, business associates, personnel and other stakeholders that the organisation is actively pursuing internationally recognised and accepted processes to prevent bribery and corruption. Today, companies cannot afford to be reactive to threats of bribery and corruption. By achieving ISO 37001 Anti-Bribery Management System certification today, an organisation will remain in compliance and better positioned to address risks head-on.

Stay updated 

Stay tuned for Part 2 or follow us on LinkedInFacebook or Twitter for more industry news and insights.

Sign up for risk management, compliance, corporate and background investigations, business intelligence and due diligence related news, solutions, events and publications.

Who is CRI Group?

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background Screening

العناية الواجبة 360°
حلول الامتثال
 and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

 

Cyber Security: How to Maintain GDPR Compliance?

The European Union’s (EU) General Data Protection Regulation (GDPR) came into force in 2018. The GDPR was a response to massive worldwide data breaches that were undermining the trust and security of private citizens whose personal information was at stake. As this data was exposed by both hackers and, in some cases, simply through poor security measures, governments of the EU felt it was time to create a strong piece of governance to bolster protection. While the initial rollout of GDPR held some uncertainty and unknowns for organisations subject to its guidelines, there is now a much clearer picture of how its standards apply. The punishments for being caught out of compliance can be severe: Violators of the GDPR may be fined up to €20 million or up to 4 percent of the annual worldwide turnover of the preceding financial year in case of an enterprise, whichever is greater.

Cybersecurity is a Priority for the Management

Even with extremely high fines and stringent requirements, GDPR violations and data breaches have been skyrocketing across the world. In 2020, the overall increase of fraudulent activities has been detected, based on ACFE’s “Fraud in the Wake of COVID-19: Benchmarking Report”: 77% of survey participants have seen an increase in the overall level of fraud as of August, compared to 68% who had observed an increase in May. Earlier we wrote how the COVID-19 crisis triggered fraudulent activities and what can businesses do to support anti-fraud movements in their organisations and to strengthen their immunity to fraud. However, cyber-attacks are on the rise – the survey by the gov.uk continues to show that cybersecurity breaches are a serious threat to all types of businesses and charities. 39% of businesses and 26% of charities reported having cybersecurity breaches or attacks in the last 12 months. Like previous years, this is higher among medium businesses (65%), large businesses (64%) and high-income charities (51%).

The study suggests that the risk level is potentially higher than ever under COVID-19 and that businesses are finding it harder to administer cybersecurity measures during the pandemic: 35% of businesses compared to 40% last year are now deploying security monitoring tools. This reduction suggests that these organisations might simply be less aware than before of the breaches and attacks their staff are facing.

However, among those that have identified breaches or attacks, around 27% of businesses experience them at least once a week. The most common by far are phishing attacks (83%, and 79% in charities), followed by impersonation (for 27% and 23%). Based on a survey by the gov.uk, despite COVID-19 stretching many organisation’s cybersecurity teams to their limits, cybersecurity remains a priority for management boards. But it has not necessarily become a higher priority under the pandemic. Three-quarters (77%) of businesses say cybersecurity is a high priority for their directors or senior managers, while seven in ten charities (68%) say this of their trustees.

The Most Notable Data Breaches

In the climate where organisations are putting more emphasis on strengthening their online security systems, there is no shortage of data breaches or GDPR violations. Our experts have noticed and shortlisted a few most notable cases in any order for you to be aware:

1. Booking.com

The very recent case, when travel booking website Booking.com has been hit with a  €475,000 ($560,000) fine after failing to report a data breach within the time period mandated by the GDPR. It happened back in 2018 when telephone scammers targeted 40 employees at various hotels in the United Arab Emirates (UAE). The hackers were able to get login creations for the booking system and to access the personal details of more than 4000 customers who booked hotel rooms via booking.com. The scammers exposed the credit card details of 283 customers, and in 97 cases the CVV code was also compromised. Based on GDPR, the data breach must be reported within 72 hours. Booking.com was late for 22 days (!) to report the breach to the Dutch Data Protection Authority and was issued a fine in April 2021, as reported by Forbes.

2. Twitter

Another company that was late to report the security flaw is Twitter – it was discovered in December 2018 but the social media giant did not report it to Ireland’s Data Protection Commission (DPC) until the following month. As a result, Twitter has been told to pay a €450,000 GDPR fine by Ireland’s data regulator for failing to report a 2018 data breach in the legally required timeframe. The DPC also determined that Twitter failed to adequately document the breach, another requirement under GDPR.

3. Vodafone

The firm that has been warned or fined smaller amounts on at least 50 occasions between January 2018 and February 2020, is in the news again: the Spanish data protection authority has fined Vodafone €8.15 million (approximately £7 million) for aggressive telemarketing tactics and repeated data protection failures. The fine was issued as a result of an investigation that was prompted by hundreds of complaints, with the regulator discovering a system that held up to 4.5 million contact lists purchased from third parties without user consent.

4. Facebook

And another social media giant – Facebook. Ireland’s data protection watchdog is demanding answers from Facebook over the release of records on 533 million people that appeared to stem from the social media site. As reported in April 2021, a spokesman for the Data Protection Commission (DPC) – which regulates Facebook in the European Union – said “a dataset, appearing to be sourced from Facebook, has appeared on a hacking website this weekend for free and contains records of 533 million individuals.”

5. H&M

The Data Protection Authority of Hamburg, Germany, fined clothing retailer H&M €35,258,707.95 — the second-largest GDPR fine ever imposed. H&M’s GDPR violations involved the internal monitoring of employees. After employees took vacation or sick leave, they were required to attend a return-to-work meeting. Some of these meetings were recorded and accessible to over 50 H&M managers. It has violated the GDPR’s principle of data minimisation — don’t process personal information, particularly sensitive data about people’s health and beliefs, unless you need to for a specific purpose.

6. Google

The biggest penalty (€50 million) was issued to Google for its alleged failure to provide notice in an easily accessible form, using clear and plain language, when users configure their Android mobile devices and create Google accounts, and obtain users’ valid consent to process their personal data for ad personalisation purposes. 

COMPLIANCE & ETHICS HOTLINES, REPORT NOW

How to Maintain GDPR Compliance

What can we learn from these case studies? Maintaining GDPR compliance is a complex process, and requires a lot of diligent work. At CRI Group, we recommend looking at it as a part of your risk management strategies, together with your compliance policies and procedures.

To help you with maintaining compliance with GDPR, our integrity due diligence experts created the following top 10 GDPR best practices for any business or entity that deals with collecting, storing or using personal information:

1. Employ a Data Protection Officer (DPO)

It is a GDPR requirement that entities who carry out regular and systematic monitoring of individuals on a large scale, or large-scale processing of certain special categories of data, have an assigned DPO. It is also recommended, however, for all other entities to help ensure data security. While the GDPR does not specifically list the necessary training or qualifications of a DPO, the regulation does require the DPO to have “expert knowledge of data protection law and practices” (Digital Guardian, 2019). Implement thorough background screening processes and make sure they are trained and qualified to be your DPO.

2. Train Your Employees

Ensure that all personnel are aware of the GDPR and your organisation’s commitment to compliance. Make sure that all leaders, and especially key personnel charged with collecting, handling or storing data, understand their responsibilities under GDPR. Make date protection training a regular part of your employee curriculum.

3. Confirm the Legality of Your Data Collection

GDPR requires that you have a legal basis to collect personal data. For most businesses, the following are the most likely to be applicable:

  • The information is necessary to perform a contract between the organisation and the individual;
  • You have a legal obligation to process the data (such as a court order);
  • The organisation has a legitimate interest in collecting and processing the data – in other words, there needs to be a relationship and business reason to collect the date (it cannot be random);
  • The individual has provided direct consent to the processing of the data.

4. Maintain thorough Records

For larger organisations (more than 250 employees), GDPR requires that records of data collection and processing be maintained. Again, this is also a best practice for smaller organisations, as well. It can help establish that the organisation is dutifully complying with the data protection principles in GDPR. Take inventory and make a record of the data you have collected and are storing to date. Create a detailed matrix to understand what types of data you are holding, where/how it is collected, how and where it is held, and whether it is still needed. Based on this information, you can also develop a data-retention policy to govern how long personal data is kept and stored. Keeping data on file longer than needed is a liability, and serves no business purpose.

5. Establish Consent Policies for Data

For some of your records, consent is your lawful basis for holding it. Under GDPR, it is no longer acceptable to assume consent in your collected data, or treat silence as consent. Create clear and unambiguous consent forms for your data collection that demonstrate adherence to GDPR principles. And remember, under GDPR, you must make it a simple process for an individual to withdraw their consent at any time.

6. Perform Due Diligence on Third-Parties

Under GDPR, your organisation is responsible if third-party partners collect, store or manage data for your organisation. You must ensure their compliance with GDPR as if it is your own since they are responsible for your data. This is the time to update your contracts with them to include compliance measures, as needed. It is also important that you review their control systems and their data handling processes. They must be comprehensive and meet all of the GDPR requirements to keep data secure. CRI Group’s third-party risk management experts can help you conduct effective reviews of your partners and their processes.

7. Be Responsive

Under GDPR, your organisation must respond to requests from individuals whose data you have collected and/or are storing. These requests are spelt out as individuals rights in regards to their personal data and they include the following:

  • Right to be informed about what data is collected and why;
  • Right of access to data that has been collected;
  • Right to rectification/correction of inaccurate data;
  • Right to erasure of data (“right to be forgotten”);
  • Right to restrict processing of personal data;
  • Right to data portability;
  • Right to object to use of data; and
  • Right not to be subject to automated decision making, including profiling.

Have a process in place to timely respond to requests and provide data when requested in order to stay in compliance.

8. Have Written Policies in Place

Develop your internal policies in regards to GDPR and how you protect personal data, and communicate them across your organisation. Take special note to spell out policies on data retention, cross-border processing of data, and how you collect and handle data for persons under the age of 16, as GDPR has special requirements in regards to children’s data.

9. Conduct Risk Assessments

GDPR requires Data Protection Impact Assessments in certain cases. These assessments measure your organisation’s ability to protect personal data and risks associated with that protection. If your data processing is considered high-risk, uses new technology, or deals in large-scale processing of data in certain categories, the assessments are required – but for any organisation, they are recommended. Data protection experts at an outside firm like CRI Group™ can help you prepare robust risk assessments and follow-up plans to address their results.

10. Be Prepared for a Breach

A worst-case scenario in data security is a breach that exposes personal information. Under the steps above, your organisation should be well-positioned to prevent or limit any breach to your data security. However, you should always have a contingency plan in place to immediately respond to a breach should it occur. Understand that GDPR requires that the applicable EU data protection supervisory authority be notified within 72 hours of a breach. Gone are the days where a company can announce it weeks or even months after the fact. Be ready to notify the affected individuals that their data has been compromised, so that they can take the appropriate steps to respond.

Organisations don’t like to think about the impact of a data breach – but major cases have pushed governments to act in the public’s interest. Perhaps nowhere is this more true than in the EU, where the GDPR is now the governing policy for organisations that deal with individuals’ personal data. By being proactive with the steps above, your organisation can be better prepared and maintain compliance with the GDPR. Most importantly, you will have the confidence and trust of your consumers through effective best practices in handling and protecting their data. CRI Group’s experts are here to help. Contact us today so that we can walk you through the steps of GDPR compliance. If you have any further questions or interest in implementing compliance solutions, please contact us.

Stay Updated on the Go

Sign up for risk management, compliance, corporate and background investigations, business intelligence and due diligence related news, solutions, events and publications.

Q&A: Corporate Fraud & Corruption in the UK 2021

The United Kingdom scores 77 out of 100 on Transparency International’s (TI)  2020 Corruption Perceptions Index (CPI), as is one of the 25 least corrupt countries across the globe. However, it all seems great on the surface as corporate fraud and corruption cases have been noticeable in various industries across the UK. TI reports that corrupt actors enjoy their illicit gains by “buying luxury property in the world’s most sought-after cities, like London”. Based on the article “CPI 2020: Trouble in the top 25 countries”, “While the UK (77) is the first G20 country to launch a public register of beneficial ownership, a loophole in the law allows foreign companies to purchase real estate anonymously. This is particularly problematic as research shows that over 75 per cent of properties subject to criminal investigations between 2004 and 2015 used offshore anonymous companies to hide their owners’ identities. The UK government committed to closing this loophole by introducing a register of beneficial ownership for property, but it has yet to be implemented. The necessary legislation has been subject to significant delays. In the meantime, rich businesspeople linked to autocratic regimes are allegedly purchasing property via shell companies, such as billionaire and daughter of former President of Angola, Isabel de Santos.”

To discuss the situation of corporate fraud and corruption, CRI Group™ and its ABAC™ Center of Excellence were invited to share the expert views in the special InDepth Feature by Financier Worldwide “Corporate fraud and corruption 2021”. In this edition, CRI Group’s CEO Zafar Anjum and ABAC®’s Scheme Manager Huma Khalid talk about how corporate fraud and corruption affect businesses not only in the UK, but across the globe, and provide solutions and insights for businesses to become better protected from corporate fraud, bribery and corruption. Read on the answers to the below questions:

  • To what extent have you seen a notable rise in the level of corporate fraud, bribery and corruption uncovered in your country of focus?
  • Have there been any legal and regulatory changes implemented in your country of focus designed to combat fraud and corruption? What penalties do companies face for failure to comply?
  • In your opinion, do regulators in your region have sufficient resources to enforce the law in this area? Are they making inroads?
  • If a company finds itself subject to a government investigation or dawn raid, how should it respond?
  • What role are whistleblowers playing in the fight against corporate fraud and corruption? How important is it to train staff to identify and report potentially fraudulent activity?
  • What advice can you offer to companies on conducting an internal investigation to follow up on suspicions of fraud or corruption?
  • What general steps can companies take to proactively prevent corruption and fraud within their organisation?

Q: To what extent have you seen a notable rise in the level of corporate fraud, bribery and corruption uncovered in your country of focus?

A: The COVID-19 pandemic has created increased opportunities for fraud worldwide. The UK is not immune, unfortunately, and such a disruptive event as the pandemic increases the likelihood that normal safeguards and risk management controls can be bypassed and subverted. There has been an increase in reported fraud and corruption cases over the past year. A survey of fraud experts by the Association of Certified Fraud Examiners (ACFE) in August 2020 showed that 77 percent were seeing an increase in fraud. Perhaps not surprisingly, cyber fraud is the fastest-growing problem area, but there has also been an uptick in unemployment fraud. This is bad news in the UK, where fraud is our most common crime, costing the country £190bn annually, according to the Royal United Services Institute (RUSI).

Q: Have there been any legal and regulatory changes implemented in your country of focus designed to combat fraud and corruption? What penalties do companies face for failure to comply?

 A: There is proposed legislation, supported by the secretary of state of the UK’s Department of Business, Energy and Industrial Strategy, that would increase accountability for corporations that produce falsified financial statements. This includes a provision that would require company directors to personally sign off on their corporation’s financial statements, under penalty of fines and possible prison time. Under the Sarbanes-Oxley Act in the US, the penalty for falsely certifying such statements is steep: up to 20 years in prison and up to $5m in fines, and the UK is looking at similar measures to step up its fight against fraud and corruption. The UK also recently approved the formation of an audit, reporting and governance authority (ARGA) that should come into force within the next two or three years. Accordingly, the UK is taking a stronger stance against fraud going forward.

STAY UPDATED: Sign up for risk management, compliance, corporate and background investigations, business intelligence and due diligence related news, solutions, events and publications

 Q: In your opinion, do regulators in your region have sufficient resources to enforce the law in this area? Are they making inroads?

A: Combatting fraud is never straightforward. When looking at progress in detecting and preventing fraud, it sometimes feels like a question of whether the glass is half full or half empty. For example, the Serious Fraud Office (SFO) brought 13 fraud defendants to trial in 2019 and 2020, with a 95 percent four-year success rate by case. Many of these represent large frauds, and they are meaningful wins, but how many more fraudsters are out there undiscovered? Other bodies, including Her Majesty’s Revenue and Customs (HMRC), among others, also have key roles to play in investigating fraud, but a considerable amount of fraud is still investigated and prosecuted at the local level. It is important for leaders in the UK to know what resources law enforcement have and where they need training and support in the fight against fraud.

Q: If a company finds itself subject to a government investigation or dawn raid, how should it respond?

A: Any investigation, and especially a raid, can be an incredibly stressful time for a company and its employees. The important thing is to not panic – the investigators have a job to do, and the sooner they get to the truth of the situation, the better for everyone. Companies should direct their management and their employees to cooperate fully, while also engaging legal counsel to properly protect the corporation from future litigation. If fraud is detected, it is a criminal matter and the company should make a good faith effort to work with prosecutors and regulators, while making sure to document all control measures and prior steps taken to manage fraud risk. Having a track record of meeting compliance requirements and having proper internal controls in place at the time fraud occurs could have a mitigating effect in terms of potential prosecution and penalties down the road. View the reprint of the interview, covering not only the UK but also the United Arab Emirates.

Q: What role are whistleblowers playing in the fight against corporate fraud and corruption? How important is it to train staff to identify and report potentially fraudulent activity?

A: Employees are a company’s first line of defence against fraud and corruption. But training them to recognise the red flags of fraud is only half of the process. The company must also implement a reporting system that is anonymous and easy to use, so that employees are encouraged to report any suspicions. Then, the company must follow through and fully investigate any reports that do come in. If they do not, whistleblowers will believe that combatting fraud and corruption is not a corporate priority, and the tips will stop coming in. How important are those tips? According to the ACFE, they are by far the highest detection method for fraud, well above audits and other means. The company should communicate that a whistleblower hotline or online reporting system is available, and that there is a zero-tolerance policy for any type of retaliation against whistleblowers. Over time, the tips will come in.

Q: What advice can you offer to companies on conducting an internal investigation to follow up on suspicions of fraud or corruption? 

A: Investigations can be challenging, and they require expertise. For example, there are rules for collecting and handling evidence, including physical evidence and witness statements, that must be followed for such evidence to be admissible in court. There are also laws in the UK dealing with privacy and the rights of the accused. The bottom line is that a company already dealing with a potentially costly and damaging fraud scenario should not risk adding more legal trouble through a faulty investigation. Hire experts who deal with corporate crime and specialise in fraud and corruption cases. Like any other area of expertise, they will have the knowledge and resources to help proceed with an investigation and lead it to the most favourable outcome for your company. If you already have anti-fraud professionals on staff, let them take the lead, but provide outside resources as needed.

Q: What general steps can companies take to proactively prevent corruption and fraud within their organisation? 

A: A fraud prevention strategy has many different elements, and the sooner companies implement them, the sooner they can begin to work together in a proactive way to prevent fraud. Mandating employee training, such as ISO 37001 ABMS, having an ethical code of conduct signed by every member of staff, providing regular and surprise audits, and implementing a fraud reporting system are all effective ways to help prevent and detect fraud and corruption. None of these methods is strong enough on its own to properly protect organisations. But together, they can be very effective. It is also important to set a ‘tone at the top’, from ownership, directors and management on down, that fraud will not be tolerated. Anti-fraud controls only work if the company sees them through and thoroughly investigates every report. When fraud is confirmed, any perpetrators should be terminated and potentially prosecuted, sending a message of zero-tolerance.

Find out more about the ISO 37001 training

 

CONTACT INFORMATION

Zafar Anjum, MSc, MS, CFE, CII, MICA, Int. Dip. (Fin. Crime) | CRI Group™ Chief Executive Officer
37th Floor, 1 Canada Square, Canary Wharf, London, E14 5AA United Kingdom
t: +44 207 8681415 | m: +44 7588 454959 | e:

Source & Credits

The original version of the Q&A was published on Financier Worldwide’s InDepth Feature: Corporate Fraud & Corruption 2021Download the reprint here.

 

by admin
No Comments »

CPI 2020 Overview: Middle East & Asia

The newly published Transparency International’s Corruption Perception Index (CPI 2020) has ranked 180 countries and territories by their perceived levels of public sector corruption. This index uses a scale of 0 to 100, where 0 is highly corrupt and 100 is very clean. CPI 2020 identified that despite progress, most countries still struggle to stop corruption effectively – more than 2/3 of countries score below 50 on CPI, with an average score of just 43. That proves the need to implement more stringent anti-bribery anti-corruption measures worldwide.

In this article, which was originally published on ABAC™ Center’s of Excellence website, we will look at how the Asia Pacific, the Middle East and Pakistan scored in the CPI 2020 and discuss solutions to tackle bribery in these regions.

Asia Pacific

Transparency International identified that with an average score of 45, the Asia Pacific region is still struggling to combat corruption despite continuous efforts. Region’s top leader New Zealand (88) is followed by Singapore (85), Australia (77) and Hong Kong (77). Conversely, Cambodia (21), Afghanistan (19) and North Korea (18) ranked lowest in the region. Malaysia, the country which introduced more stringent measures to fight bribery and corruption, proves that it takes time to see improvements. The country has moved down to 51 points compared to 53 points in 2019. Accordingly, the ranking also moved down to 57 in comparison with 51 in 2019. “Although a drop in the score appears statistically insignificant, the government must be cognizant that our rank falling 6 steps means that compared to other countries we are not improving as well as other countries in our efforts to fight corruption” – said Transparency International Malaysia in a statement. TI-M added: “The Government after coming into power in early 2020 committed to continue with the agenda to fight corruption and among them were to gazette the enforcement date of 1 June 2020 for the Corporate Liability and continue with the National Anti-Corruption Plan (NACP) initiated by the previous Government which is commendable. The NACP (National Anti-Corruption Plan) is a comprehensive plan but the government must ensure the implementation is effective and the Chief Secretary to the government should be empowered to lead the implementation and be made accountable”.

In our published whitepaper “South Asia grapples with anti-bribery compliance”, which overviews anti-bribery, anti-corruption and ISO 37001 solutions in Malaysia and entire in South Asia, we wrote that South Asia has a troubled record when it comes to preventing bribery and corruption, as well as enforcing compliance. Recent cases and statistics show that the problem persists in most countries in the region. Both government officials and private sector business leaders are struggling to adopt policies, control methods and best practices to help reduce bribery and corruption on their watch. High profile cases such as the 1MDB scandal in Malaysia and, more recently, the alleged Meikarta township case in Indonesia underscore this point. The investigations that were triggered by these cases demonstrate, however, that regulators are serious about addressing the threat of bribery and corruption as more than just a legal issue, but as a societal one, as well. In response, organizations that are committed to being in compliance are adopting the ISO 37001 – Anti-Bribery Management Systems standard as a comprehensive approach to mitigating risk and demonstrating ‘adequate procedures’ taken to prevent bribery and corruption.”

READ ARTICLE

Middle East

Transparency International identified that with an average score of 39, the Middle East and North Africa region is still perceived as highly corrupt, with little progress made towards controlling corruption. Even though the United Arab Emirates (71) and Qatar (63) are best performing in the region, UAE is still appearing in headlines with bribery and corruption scandals.

In the article “CPI 2020: Trouble in the top 25 countries” Transparency.org wrote: “The United Arab Emirates has been heavily criticised by the Financial Action Task Force (FATF) for its inadequate anti-money laundering framework. The country’s chaotic approach to registering companies makes it incredibly difficult for law enforcement to detect who is behind a suspicious company when thirty-nine different registries operate across the seven Emirates.

The UAE’s booming construction and real estate sector accounts for a fifth of the Emirates’ GDP, but remains vulnerable to money laundering because of complex and opaque ownership structures”.

Recently CRI® Group was featured in Financier Worldwide’s InDepth Feature: Anti-Money Laundering 2021 publication and shared the view about the unfortunate situation of money laundering in this region: “When it comes to money laundering, a recent report from Carnegie Endowment found that there is a steady stream of illicit funds from corruption and crime flowing into the UAE. This should be alarming to organisations and regulators alike. The perpetrators take advantage of ‘free trade zones’ and often the money is funnelled through real estate deals, especially in luxurious properties in Dubai, for instance. This might be facilitated by foreign mobsters, gold smugglers, and even warlords. These are high-level criminal operations that can pose a risk to any legitimate organisation operating in the UAE and the Middle East as a whole”. In this edition, CRI® Group’s CEO Zafar Anjum and ABAC®’s Scheme Manager Huma Khalid talked about the Anti-Money Laundering solutions and financial crime impact on businesses not only in UAE but across the globe: “Money laundering still represents a gap in enforcement, and organisations should not wait for government action to put their own AML frameworks in place. Like many countries around the world, the UAE is experiencing an uptick of fraud and financial crimes during the COVID-19 pandemic”. Read the full interview here.

Pakistan

As published in the press release, Pakistan’s CPI 2020 score “has lowered to 31/100 from 32/100 in 2019 and rank to 124/180 from 120/180 in 2019. This is despite NAB’s extraordinary efforts who claims to have recovered Rs363 billion in the last two years, and Public Accounts Committee claims to have recovered Rs. 300 billion over the previous two years”.

TI Pakistan recently reported that “A total of 95 corrupt persons were convicted and fined worth billion of rupees by various accountability courts during the last three years due to the vigorous persuasion of National Accountability Bureau, Rawalpindi“. The comment was made by the Director General NAB, Irfan Naeem Mangi Monday. These efforts, of course, plays a significant role in fighting bribery and corruption, however, Pakistan is still appearing in the headlines. Recently, Transparency International Pakistan has found the Federal Board of Revenue (FBR) involved in prima facia violating procurement rules for IT-based solutions and causing Rs13.5 billion losses to exchequer.

As the expert in AML and risk management solutions, CRI Group™ was interviewed in the Annual Review (2018): Pakistan Corporate Fraud & Corruption, published by Financier Worldwide Magazine and highlighted that Corporate fraud and corruption in Pakistan are widespread (Rose-Ackerman, 1997, p. 4), particularly in the government and police forces. There is a need to reform accountability and anti-corruption policies in Pakistan. 

Rising fraud risks have driven companies to establish the right steps to prevent fraud and corruption from surfacing. Following through with a focused trajectory ultimately also ensures failsafe protections are put in place, which will guard against scandals or negative publicity, while minimizing risk exposure. There is quite a notable empirical rise in the frequency of companies conducting background screenings to nip corruption in the bud. Though checks can vary in nature, enforcing internal controls by implementing ISO strategies can bring pivotal change to a company’s strategy. Risk management is an essential part of minimizing the costs that can arise in the long term due to losses and falling prey to fraudulent practices in the corporate realm. This can be implemented through a resilient management system that has been designed to specifically target any loopholes and any roadblocks, the impact of which can often be greater than anticipated, rattling the company and causing harm that could lead to lawsuits, unanticipated monetary and financial losses and hefty fines imposed by regulatory authorities, from which the company may never recover.

READ THE Q&A NOW

Demonstrating Adequate Procedures to Prevent Bribery and Corruption 

ISO has developed a standard – ISO 37001:2016 ABMS – to help organisations promote an ethical business culture. “Designed to help your organisation implement an anti-bribery management system (ABMS), and/or enhance the controls you currently have. It helps to reduce the risk of bribery [and corruption] occurring and can demonstrate to your stakeholders that you have put in place internationally recognised good-practice anti-bribery [and anti-corruption] controls”.

“Adequate procedures” is a term made popular through the UK Bribery Act of 2010. It presents the potential of a company avoiding liability for failing to prevent bribery if that organisation can fully demonstrate clear, sound and established policies and procedures that deter individuals (inside and outside of the organisation) from partaking in questionable or corrupt conduct. Transparency International has written a checklist for countering bribery and assessing whether you have adequate procedures in place, do the  “Adequate Procedures” Checklist now, and find out! Provided by our ABAC™, ISO 37001 certifies that your organisation has implemented reasonable and proportionate measures to prevent bribery. These measures involve top-level leadership, training, bribery risk assessment, due diligence adequacy, financial and commercial controls, reporting, audit, and investigation.

Consider ISO 37001:2016 ABMS as one of the invaluable tools of your 

 Strategy. Combined with due diligencebackground screeningbusiness intelligence and compliance solutions, ISO 37001 certification and training can lift your risk management process and help your business mitigate risks from third-party affiliations, protecting your organisation from liability, brand damage and harm to the business. Learn more about 3PRM™ program as a flexible and responsive tool to the various risk domains that are most important to your business.

ABAC™ – Aiming for a Higher Standard

At CRI Group’s ABAC™ Center of Excellence Limited, we are affiliated with leading certification and accreditation bodies around the world. These affiliations and accreditations help demonstrate the high level of experience and knowledge we provide in anti-bribery, risk and compliance management to our clients on a daily basis.

That’s why ABAC™ has achieved essential accreditations from the United Kingdom Accreditation Service (UKAS), Emirates International Accreditation Center (EIAC) and membership in the Association of British Certification Bodies (ABCB). ABAC® is also a member of the “Partner in Corporate Governance” programme with the Malaysian Institute of Corporate Governance (MICG) and a Corporate Member of Transparency International Malaysia (TI-M).

ABAC™ was established in 2016 by CRI Group™, a global leader in risk, compliance and anti-bribery management systems. ABAC™ was launched to provide certification and online training in anti-bribery and anti-corruption risk management and compliance for organisations worldwide. CRI Group™ and ABAC™ CEO Zafar I. Anjum, CFE, said that ABAC™ is proud to be accredited by, and affiliated with, international accreditation bodies. “Our engagement with high-profile bodies like EIAC, ABCB and UKAS demonstrates the effectiveness of our ISO 37001:2016 Anti-Bribery Management System certification and training, along with our ISO 37302, ISO 31000 certifications and other programs,” Anjum said. Visit abacgroup.com to find out more about anti-bribery, anti-corruption, risk and compliance management solutions.

CRI Group™ invites you to schedule a quick appointment with us to discuss in more detail how conducting due diligence and compliance can help you and your organisation. 

 

Meet our CEO

Zafar I. Anjum is Group Chief Executive Officer of CRI Group™ (www.crigroup.com), a global supplier of investigative, forensic accounting, business due to diligence and employee background screening services for some of the world’s leading business organisations. Headquartered in London (with a significant presence throughout the region) and licensed by the Dubai International Financial Centre-DIFC, the Qatar Financial Center – QFC, and the Abu Dhabi Global Market-ADGM, CRI Group™ safeguard businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. Based in London, CRI Group™ maintains offices in UAE, Pakistan, Qatar, Singapore, Malaysia, Brazil, China, Turkey and the USA.

Protecting Your Company from the Global Corruption Pandemic

Webinar Video | Protecting Your Company from the Global Corruption Pandemic

Organizations now, more than ever, become vulnerable and have to take actions now to protect themselves, reputation, employees and other stakeholders from bribery and corruption associated risks; particularly against the Global Corruption Pandemic.

The recently celebrated International Anti-Corruption Day drew attention to these sometimes hidden risks worldwide, and many organization joined for this day to raise awareness of how to stop corruption inside and outside their organizations. That’s great news. But we at CRI® Group and ABAC® believe that “saying NO TO CORRUPTION” is not enough and draw attention all-year-round on how organisations can take actions now to secure themselves and contribute towards businesses’ fight against bribery and corruption risks.

Even with the world under partial lockdown during the COVID-19 pandemic, there’s been no shortage of bribery and corruption cases. Did you know that £100 billion of dirty money passes through the UK systems and services every year? Or that £1.27 billion is lost annually to fraud, bribery and corruption in the NHS? Recently, the Airbus was fined £3.6 billion in February 2020 by courts in the UK, US and France for slush funds, “success payments” and lavish hospitality. Are you 100% sure what’s happening in your organization or even department?

Such risks could affect you any time and not only in healthcare or aviation industries – no industry, organization or even country is immune to that. The above mentioned shocking figures indicate the need for organizations in public and private sectors and different industries to take more stringent actions to stop bribery and corruption. Learn more bribery and corruption-related facts by reading our ABAC®’s infographic here.

ANTI-CORRUPTION WEBINAR

As part of our continuous effort to educating businesses across the world of risk management, anti-bribery and anti-corruption solutions, we publish the library of insights and resources aimed to help you find the tools you and expand the knowledge.

This February, together with ABAC®, CRI® Group presents the anti-corruption webinar, focused on helping businesses to stay protected from the global pandemic of corruption. This FREE “Protecting your company form the global pandemic of corruption” webinar (date TBA) will provide you with the knowledge to identify how to protect your organization from global corruption and to critically assess the applicability of several recent legislative guidelines to the proactive mitigation of corruption and bribery in corporate administration across the world.

Based on recent Airbus and Rolls-Royce cases of multinational, multi-party bribery, the webinar will dive into the consequences of systemic inadequacy, confirming a paradigm shift in corporate oversight and network risk management.

  • Discuss how to ensure compliance, compare and analyze the spectrum of regulatory instruments and corporate compliance standards and legislation in order to establish a comparative basis for Anti-Corruption policies and practices
  • Assess the Airbus and Rolls-Royce cases studies to outline rules-based violations and identify compliance instruments for mitigating future replication
  • Identify a combination of institutional solution for managing and monitoring corporate compliance to prevent bribery and corruption in a modern enterprise
  • Get the copy of webinar content supporting and complimentary eBook
  • Engage in a live Q&A session

Who is CRI® Group?

Based in London, CRI® Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background Screening

TPRM
العناية الواجبة 360°
حلول الامتثال
 and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI® Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI® Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body that provides education and certification services for individuals and organizations on a wide range of disciplines and ISO standards, including ISO 31000:2018 Risk Management- GuidelinesISO 37000:2021 Governance of OrganisationsISO 37002:2021 Whistleblowing Management SystemISO 37301:2021 (formerly ISO 19600) Compliance Management system (CMS)Anti-Money Laundering (AML); and ISO 37001:2016 Anti-Bribery Management Systems ABMS. ABAC® offers a complete suite of solutions designed to help organizations mitigate the internal and external risks associated with operating in multi-jurisdiction and multi-cultural environments while assisting in developing frameworks for strategic compliance programs. Contact ABAC® for more on ISO Certification and training.

Q&A: Corporate Fraud and Corruption in UAE

The United Arab Emirates (UAE) is the 21 least corrupt nation out of 180 countries, according to the 2019 Corruption Perceptions Index reported by Transparency International.  However, UAE corporate fraud and corruption still prevails as UAE is just one of many enablers of global corruption, crime, and illicit financial flows. Addressing the emirate’s role presents anti-corruption practitioners, law enforcement agencies, and policymakers with incredibly complex challenges. Read the answers to the following questions:

  • To what extent are boards and senior executives in UAE taking proactive steps to reduce incidences of fraud and corruption from surfacing within their company?
  • Have there been any significant legal and regulatory developments relevant to corporate fraud and corruption in the UAE over the past 12-18 months?
  • When suspicions of fraud or corruption arise within a firm, what steps should be taken to evaluate and resolve the potential problem?
  • Do you believe companies are paying enough attention to employee awareness, such as training staff to identify and report potential fraud and misconduct?
  • How has the renewed focus on encouraging and protecting whistleblowers changed the way companies manage and respond to reports of potential wrongdoing?
  • And much more…

Q. To what extent are boards and senior executives in UAE taking proactive steps to reduce incidences of fraud and corruption from surfacing within their company?

Anjum: High-profile corruption scandals have driven home the seriousness of fraud and corruption, and the turmoil that can engulf a company because of it. Organisations in the United Arab Emirates (UAE), and in the Middle East region as a whole, understand that being proactive against risk can be a matter of survival, especially in a competitive environment, but it is more than that. Today, being forward-thinking and proactive when it comes to fraud and corruption can actually foster organisational growth. Business grows an average of 3 per cent faster where corruption is low, according to the World Bank. And more organisations are engaging in trusted certifications like ISO 37001 for anti-bribery management because having that certification tells customers, vendors, third parties and employees that the company places a high priority on fraud training and prevention.

Q. Have there been any significant legal and regulatory developments relevant to corporate fraud and corruption in the UAE over the past 12-18 months?

Anjum: In January 2017, UAE president Shaikh Khalifa Bin Zayed Al Nahyan approved the highly anticipated Anti-Commercial Fraud Law, which strengthens protections of intellectual property rights (IPR) and imposes stricter penalties on counterfeiters. Counterfeiting and adulterated goods, along with intellectual property (IP) theft, are severe problems in the Middle East, propagated by unscrupulous inland and free zone traders. And while fraud and corruption still plague the region, the UAE continues to lead the Middle East in Transparency International’s latest Corruption Perception Index for its strides in addressing fraud risk and areas of concern, including bribery and corruption. With that said, experts have noted that businesses and governments in the UAE, and the Middle East, on the whole, face increasing threats of cybercrime, with a need for continuously updated laws and regulations to keep pace with this ever-evolving fraud threat.

Q. When suspicions of fraud or corruption arise within a firm, what steps should be taken to evaluate and resolve the potential problem?

Anjum: Fraud allegations, from bribery to embezzlement, should be treated as a very serious issue. When suspicion arises at an organisation, business leaders and the board should bring in expert help. Professional investigators have years of training in evidence collection and interviewing, and their role is to establish the facts of the case. The key to a proper investigation is to not approach it with a preconceived notion of how it will conclude. It is critical to remember that companies do not get a second chance when conducting a fraud investigation. It has to be done right the first time to reach a successful conclusion.

Q. Do you believe companies are paying enough attention to employee awareness, such as training staff to identify and report potential fraud and misconduct?

Anjum: Employees are the eyes and ears of your company, and the first line of defence against fraud and corruption. Many organisations are getting the message and making employee training and awareness of key parts of their fraud prevention programme. One key way to do this is by engaging in ISO 37001, which certifies that an organisation has implemented reasonable and proportionate measures to prevent bribery. The certification process involves a training module for employees. It stresses the importance that such training should continue as mandatory for all staff, and be provided on an annual basis – if not more frequently. If employees do not know what constitutes fraud, or how to recognise it, organisations face a heightened risk of being victimised.

Q. How has the renewed focus on encouraging and protecting whistleblowers changed the way companies manage and respond to reports of potential wrongdoing?

Anjum: Statistics from the Association of Certified Fraud Examiners (ACFE) show that most fraud is discovered by tips, which often come from employees, vendors and others connected to the organisation in some way, and the only way to get those tips is to provide a culture that supports and encourages whistleblowers. That is why having an anonymous reporting system, and communicating it to employees is a critical part of any fraud and risk prevention strategy. But for it to work, employees have to know what type of behaviour should be reported. This is where a training protocol like ISO 37001 comes in. It provides a curriculum that helps employees recognise the red flags of fraud, and also communicates how they can report fraud when they see it.

Q. Could you outline the main fraud and corruption risks that can emerge from third-party relationships? In your opinion, do firms pay sufficient attention to due diligence at the outset of a new business relationship?

Anjum: Many companies pay lip service to due diligence, but when an opportunity arises to make a major move, such as a merger, acquisition or new partnership, the interest of growing the business trumps a more cautious approach. This may be changing, however, as more organisations in the UAE and elsewhere put established due diligence procedures in place that cannot be circumvented by overeager business leaders. This is important because the risks are great.

Q. What advice can you offer to companies on implementing and maintaining a robust fraud and corruption risk management process, with appropriate internal controls?

Anjum: Begin with a thorough fraud risk assessment that examines every area of your organisation. This should be conducted by experts and used to gauge your overall threat level, as well as help you create a plan for moving forward by exposing a weakness that could lead to fraud risk and compliance issues. When creating your fraud and corruption risk management process, be sure to include hiring procedures, including thorough background checks, due diligence for any new mergers, acquisitions and partnerships, regular schedule audits and implement an anonymous reporting system. Build-in review processes that track the effectiveness of your controls, including how tips were handled and ultimately resolved. Finally, try to think like a fraudster. Consider any way that an employee, vendor or even customer might try to take advantage of your organisation. You might be surprised at what you find.

Speak up – report any illegal, unethical, or improper behaviour

If you find yourself in an ethical dilemma or suspect inappropriate or illegal conduct, and you feel uncomfortable reporting through normal channels of communication, or wish to raise the issue anonymously, use CRI® Group’s Compliance Hotline. The Compliance Hotline is a secure and confidential reporting channel managed by an independent provider. When reporting a concern in good faith, you will be protected by CRI® Group’s Non-Retaliation Policy.

Meet our CEO

Zafar I. Anjum, is Group Chief Executive Officer of CRI® Group, a global supplier of investigative, forensic accounting, business due diligence and employee background screening services for some of the world’s leading business organisations.  Headquartered in London (with significant presence throughout the region) and licensed by the Dubai International Financial Centre-DIFC, the Qatar Financial Center-QFC, and the Abu Dhabi Global Market-ADGM, CRI Group safeguards businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. CRI® Group maintains offices in UAE, Pakistan, Qatar, Singapore, Turkey Malaysia, Brazil, China, USA, and the United Kingdom.

Contact CRI® Group to learn more about its 3PRM-Certified™ third-party risk management strategy program and discover an effective and proactive approach to mitigating the risks associated with corruption, bribery, financial crimes and other dangerous risks posed by third-party partnerships.

CONTACT INFORMATION

Zafar Anjum, MSc, MS, CFE, CII, MICA, Int. Dip. (Fin. Crime) | CRI® Group Chief Executive Officer

37th Floor, 1 Canada Square, Canary Wharf, London, E14 5AA United Kingdom

t: +44 207 8681415 | m: +44 7588 454959 | e:

About CRI®

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening,

العناية الواجبة 360°
,
حلول الامتثال
 and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI® Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI® Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI® Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

Download 2018 annual reviews by Mr. Zafar Anjum, CEO, and Ms. Fatima Farrukh, Compliance professional at CRI® Group.

Click here to download the review of UAE (Mr. Zafar Anjum, CEO at CRI® Group)
Click here to download the review of UK (Mr. Zafar Anjum, CEO at CRI® Group)
Click here to download the review of Pakistan (Ms. Fatima Farrukh, Compliance professional at CRI Group)

CRI® Group was included in the 2018 Annual Review: UAE Corporate Fraud & Corruption, published by Financier Worldwide Magazine. The above is an updated version of the Financier Worldwide reprint.

Q&A: Corporate Fraud and Corruption in UK is Growing, FAST!

Corporate fraud and corruption is growing in United Kingdom (UK). In a devastating article, Oliver Bullough proved that UK is quickly becoming the money-laundering capital of the world. In addition, the most recent The Guardian article “If you think the UK isn’t corrupt, you haven’t looked hard enough” by  highlighted that billions of pounds of COVID-19 contracts issued by the government without competition, have reportedly cost taxpayers £800 for every protective overall delivered, and appear to have been issued to dormant companies, with several of them have benefited from this largesse are closely linked to senior figures in the government.  Read more about the situation in UK in the answers to the following questions:

  • To what extent are boards and senior executives in UK taking proactive steps to reduce incidences of fraud and corruption from surfacing within their company?
  • Have there been any significant legal and regulatory developments relevant to corporate fraud and corruption in UK over the past 12-18 months?
  • When suspicions of fraud or corruption arise within a firm, what steps should be taken to evaluate and resolve the potential problem?
  • Do you believe companies are paying enough attention to employee awareness, such as training staff to identify and report potential fraud and misconduct?
  • How has the renewed focus on encouraging and protecting whistleblowers changed the way companies manage and respond to reports of potential wrongdoing?
  • and much more…

Q. To what extent are boards and senior executives in your region taking proactive steps to reduce incidences of fraud and corruption from surfacing within their company?

Anjum: Business leaders in the UK recognise that being proactive against fraud and corruption is about more than just protecting the business – which is critical – but it is also a key component of growing and connecting to more opportunities. According to the World Bank, business grows an average of 3 percent faster where corruption is low. One way for organisations to demonstrate their commitment to preventing bribery and corruption is to engage in ISO 37001 certification. We expect to see more UK companies seeking certification and we expect this trend to increase as organisations look to set themselves apart from their competitors.

Q. Have there been any significant legal and regulatory developments relevant to corporate fraud and corruption in UK?

Anjum: Perhaps the biggest development, by extension, was the official beginning of the Brexit process and its potential impact on how the region continues to enforce and regulate against bribery and corruption. While the UK has a solid record thus far in combating fraud, the Organisation for Economic Co-operation and Development (OECD) recently warned that pressure from businesses to weaken bribery laws, coupled with an inability of the government to focus on non-Brexit issues, have increased the risks that bribery and corruption could increase.

The civil society group Corruption Watch has voiced similar complaints and has noted with concern new settlements that allow companies to resolve investigations with just a fine and an apology. The Serious Fraud Office (SFO) is tasked with policing this volatile landscape, and does so at a time when it has just appointed an interim director, pending the appointment of a new permanent director.

The shifting economic conditions surrounding Brexit have raised uncertainty and vulnerability. Learn how the “Brexit Poses New Bribery & Corruption Challenges” with this ebook. READ MORE!

Q. When suspicions of fraud or corruption arise within a firm, what steps should be taken to evaluate and resolve the potential problem?

Anjum: Any allegation of fraud, including bribery and other forms of corruption, is very serious and requires expert handling. Only those trained in investigative techniques, including thorny issues such as evidence collection and the interviewing of witnesses and suspects, should be engaged to help establish the facts of the case.

To be clear, not all suspicions lead to fraud – trained investigators understand this, and will approach any allegations from an objective, fact-finding point of view. One critical thing to remember is that companies do not get a chance for a ‘do over’ if they bungle an investigation.

Q. Do you believe companies are paying enough attention to employee awareness, such as training staff to identify and report potential fraud and misconduct?

Anjum: We definitely see awareness of fraud and corruption moving in the right direction among business leaders and their employees. This is evident when companies engage in certification courses such as ISO 37001, which certifies that an organisation has implemented reasonable and proportionate measures to prevent bribery.

Q. How has the renewed focus on encouraging and protecting whistleblowers changed the way companies manage and respond to reports of potential wrongdoing?

Anjum: In the UK, there is a strong emphasis on encouraging and protecting corporate whistleblowers because the statistics show that fraud is most often uncovered by tips. Employees truly are the first line of defence against corruption. This change in approach and attitude has exposed two issues that need attention, however.

First, the worker needs to understand what constitutes fraudulent behaviour – otherwise, how will he or she know what to report? That is where a training protocol like ISO 37001 comes in, with a curriculum to help educate a company’s workforce on the red flags of fraud and how to identify it. Second, employees must know how to report fraud.

A hotline or other reporting system is useless if the company does not properly communicate how to engage it – or that it exists at all.

Q. Could you outline the main fraud and corruption risks that can emerge from third-party relationships? In your opinion, do firms pay sufficient attention to due diligence at the outset of a new business relationship?

Anjum: Many business leaders have learned the hard way that new partnerships require more than just handshakes, optimism and a basic level of fact-checking. To be protected, an organisation should engage an expert due diligence firm before undertaking any merger, acquisition, partnership or other third-party engagement.

Some of the risks of inadequate due diligence include merging with an international business embroiled in several behind-the-scenes legal battles, discovering your new partner is a credit risk, has claimed bankruptcy or is faced with debtor filings, learning that your new overseas contractor has none of the industry experience it claimed, affiliating with a partner that is rife with conflicts of interests and, worst of all, having your own organisation’s reputation damaged or destroyed through the actions of a third-party.

Q. What advice can you offer to companies on implementing and maintaining a robust fraud and corruption risk management process, with appropriate internal controls?

Anjum: No matter your location, industry or the size of your organisation, having a fraud and corruption risk management process is a must.

Step one is to establish a zero-tolerance stance against fraud. This is done by communicating the right ‘tone at the top’ across the entire organisation, spelling out the leadership’s stance against corruption. An ethical code of conduct should be adopted and signed by all employees from top to bottom, and the organisation’s hiring policies should include thorough pre-and-post employment background screenings.

The organisation should engage in ISO 37001 certification to ensure that employees are trained to recognise and report bribery and other types of fraud, and that proper controls and compliance procedures are in place to limit the company’s exposure and risk. Finally, the company should conduct regular audits, and encourage whistleblowing through an anonymous reporting system.

At CRI Group™ we use our extensive knowledge and expertise in creating stable and secure networks across challenging global markets. for organisations needing large project management, security, safeguard testing and real time compliance applications, CRI Group™ is the assurance expert of choice for industry professionals.

Speak up – report any illegal, unethical, or improper behaviour

If you find yourself in an ethical dilemma or suspect inappropriate or illegal conduct, and you feel uncomfortable reporting through normal channels of communication, or wish to raise the issue anonymously, use CRI Group’s Compliance Hotline. The Compliance Hotline is a secure and confidential reporting channel managed by an independent provider. When reporting a concern in good faith, you will be protected by CRI Group’s Non-Retaliation Policy.

About CRI Group™

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening,

العناية الواجبة 360°
,
حلول الامتثال
 and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group™ launched Anti-Bribery Anti-Corruption (ABAC™) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC™ operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC™ for more on ISO Certification and training.

Meet our CEO

Zafar I. Anjum, is Group Chief Executive Officer of CRI® Group (www.crigroup.com), a global supplier of investigative, forensic accounting, business due diligence and employee background screening services for some of the world’s leading business organisations.  Headquartered in London (with significant presence throughout the region) and licensed by the Dubai International Financial Centre-DIFC, the Qatar Financial Center-QFC, and the Abu Dhabi Global Market-ADGM, CRI® Group safeguards businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. CRI Group maintains offices in UAE, Pakistan, Qatar, Singapore, Malaysia, Brazil, China, USA, and the United Kingdom.

Contact CRI Group™ to learn more about its 3PRM-Certified™ third-party risk management strategy program and discover an effective and proactive approach to mitigating the risks associated with corruption, bribery, financial crimes and other dangerous risks posed by third-party partnerships.

CONTACT INFORMATION

Zafar Anjum, MSc, MS, CFE, CII, MICA, Int. Dip. (Fin. Crime) | CRI Group™ Chief Executive Officer, 37th Floor, 1 Canada Square, Canary Wharf, London, E14 5AA United Kingdom

t: +44 207 8681415 | m: +44 7588 454959 | e: zanjum@crigroup.com

Download 2018 annual reviews by CRI Group™:

  • Click here to download the review of UAE (Mr. Zafar Anjum, CEO at CRI Group™)
  • Click here to download the review of UK (Mr. Zafar Anjum, CEO at CRI Group™)
  • Click here to download the review of Pakistan (Ms. Fatima Farrukh, Compliance professional at CRI Group™)
  • Download the Financier Worldwide 2018 reprint about the situation in the UK.

ISO 37001 Solutions for all industries (Part 2)

In part 1, we discussed how ISO 37001 ABMS can help companies across a wide range of industries, including automotive, aviation and insurance. In this part, we look at how pharma and healthcare, property, IT and telecommunications, financial, oil and energy organisations can benefit from Anti-Bribery solutions as well.

Pharma and Healthcare

Corruption involving pharmaceutical companies and healthcare providers is a major concern around the world. With varied layers and a complicated supply change, corruption can easily gain a foothold even among the most well-meaning healthcare providers and their companies, especially with the industry overburdened with inflating costs and increasing fraud schemes. The World Health Organisation (WHO) estimates that, where losses have been measured and the types of health expenditure have been covered, the average annual cost of fraud totals 7.29 per cent of healthcare budgets (Gee and Button, 2014). For fraudsters, big pharma and healthcare represent a target-rich environment.

Take global pharmaceutical giant GlaxoSmithKline. The company was accused in China of a large-scale bribery scandal, charged with systematically paying bribes and “gratuities” to doctors and hospitals in return for favourable product use and promotion. China was in the midst of an emerging anti-graft campaign and imposed tough penalties against GSK and its executives: In the end, various company leaders were arrested and eventually given suspended prison sentences; GSK was fined $490 million; and the corporation published a statement of apology to the Chinese government and its citizens (BBC, 2014). Read more about pharma and healthcare fraud in “Pharma and Healthcare Companies can Benefit from ISO 37001.”[/vc_column_text][vc_hoverbox image=”8517″ primary_title=”” hover_title=”Pharma and Healthcare Companies can Benefit from ISO 37001″ hover_btn_title=”TAKE ME TO CASE STUDY” hover_add_button=”true” hover_btn_link=”url:https%3A%2F%2Fcrigroup.com%2Fokatsukr%2F2020%2F09%2Febook_Pharma-case-studies-uncovered-due-diligence-lessons-learned.pdf||target:%20_blank|”]CRI Group investigates: Pharma corruption case included CFO[/vc_hoverbox][vc_empty_space height=”45px”]

Property

Property and real estate provide ample opportunity for bribery and corruption, unfortunately. Every step of the process, from zoning and permits to construction and sale or resale represent vulnerabilities and risk. Unfortunately, for as long as there has been a market for buying and selling land, property and resources, there have been schemes that aim to defraud.

Property fraud can be difficult to detect and prevent. Fraudsters often produce fake or forged documents, and there is likely to be collusion involved. For example, a crooked investor might provide kickbacks to an appraiser in return for inflating the value of a property, or he/she may sell a property to a “straw buyer” at an inflated price, with the straw buyer intentionally going into default (and splitting the proceeds of the loan with the fraudulent investor). There are “handshake deals” and “facilitation payments” ready to be made, many in direct contradiction to ethics and the law.

IT and Telecommunications

Internet technology (IT) and telecommunications providers are the engines that help power commerce on a global scale. This massive industry includes companies that provide the infrastructure for communication across multiple countries and continents, including phone and internet providers. Given their role and the technology on which they (and all of us) depend, these services must always be on guard for vulnerabilities to fraud. There is a high risk, however, for bribery and corruption in such a massive market.

In one example, Sweden-based telecommunications provider Telia Company AB agreed to pay $965 million in a global settlement with the Securities and Exchange Commission, U.S. Department of Justice, and Dutch and Swedish law enforcement to resolve charges related to violations of the Foreign Corrupt Practices Act (FCPA) to win business in Uzbekistan. According to the SEC’s order, Telia entered the Uzbek telecommunications market by offering and paying at least $330 million in bribes to a shell company under the guise of payments for lobbying and consulting services that never actually occurred. In another case, Cinergy Telecommunications (based in Miami) pleaded guilty to violating the FCPA after admitting to a role in a bribery scheme aimed at locking down a contract with the state-owned telecommunications company in Haiti. The case included large fines and criminal prison sentences for the key players.[/vc_column_text][vc_empty_space height=”45px”]

Food and beverage

This industry is one of the fastest-moving industry in regards to changes. Consumer tastes, preferences, packaging, manufacturing, storage
and transportation is constantly changing and challenging the industry. It has been years since the news of the horsemeat scandal first broke and rocked
the industry. It is not immune to bribery and corruption either. In recent years, the food and beverage industry was shaken by the scandal, when British confectionary company Cadbury Limited and its owner, Mondelez International, Inc., agreed to pay $13 million to settle charges of violating the internal controls and books-and-records provisions of the FCPA. According to the order from the SEC, the FCPA violations arose from payments their subsidiary in India made to a consultant to obtain government licenses and approvals for a chocolate factory in Baddi, India.

An SEC investigation found that in February 2010, Mondelez, formerly known as Kraft Foods, Inc., acquired Cadbury and its subsidiaries, including Cadbury India Limited, which manufactures and sells chocolate products in India. Cadbury India retained and made payments to an agent to interact with Indian government officials to obtain licenses and approvals for a chocolate factory in Baddi, India. Cadbury India failed to conduct appropriate due diligence on, and monitor the activities of, the agent.

To find out more, click below to read our e-book on how ISO 37001 provides solutions to British companies exposed by Brexit challenges:[/vc_column_text][vc_hoverbox image=”7902″ primary_title=”” hover_title=”Brexit poses bribery challenges but ISO 37001 provides solutions” hover_btn_title=”TAKE ME TO CASE STUDY” hover_add_button=”true” hover_btn_link=”url:https%3A%2F%2Fcrigroup.com%2Fcase-study%2Fbrexit-poses-new-bribery-challenges%2F||target:%20_blank|”]With Brexit posing challenges through new, untested trade deals in various markets, organisations need ISO 37001 – Anti-Bribery Management Systems standard as a comprehensive approach to mitigating risk.[/vc_hoverbox]

Stay updated 

Stay tuned for Part 2 or follow us on LinkedInFacebook or Twitter for more industry news and insights.

[/vc_column_text][/vc_column][/vc_row][vc_cta h2=”Subscribe to our monthly newsletter now!”]Sign up for risk management, compliance, corporate and background investigations, business intelligence and due diligence related news, solutions, events and publications.[/vc_cta][/vc_column][/vc_row][accordion_father][accordion_son title=”Who is CRI Group?”]Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk ManagementEmployee Background Screening

العناية الواجبة 360°
حلول الامتثال
 and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management SystemsISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.[/accordion_son][/accordion_father][/vc_column][/vc_row]

The Role of a Fraud Investigator

Fraud investigators are the front line of establishing the facts of suspected fraud or other unethical business behavior. A fraud investigator’s skillset and wide knowledge of fraud laws, evidence gathering and interviewing make them the go-to expert for investigating insurance fraud, financial fraud, procurement fraud, asset recovery, cyber fraud, healthcare fraud, retail fraud and other areas.

A fraud investigator can either be part of a team of experienced investigators, or the leader of such a team. If part of a team, the fraud investigator generally works with the other team members to handle reports of suspicious activity. If in charge of a team, the fraud investigator would typically report to the head of a department, such as corporate security, compliance or audit. A fraud investigations manager at a typical retail business, for example, would be responsible for the day-to-day monitoring, investigation and resolution of fraudulent activity relating to delays in the repayment and refunds processes. They will take the lead on the implementation of strategies to prevent fraud and financial crime, thereby mitigating risk to the business.

Fraud Investigator Key Functions

Fraud investigators provide subject matter expertise on claims and associated fraud risks, helping to ensure effective resolution of investigations. The effective fraud investigator adheres to relevant security standards, internal and external procedures and legislative requirements. Their role often involves developing and maintaining close working relationships with relevant law enforcement agencies, ensuring that cases are developed and prosecuted to a criminal standard.

When working with an organization in a preventative fashion, a fraud investigator will perform fraud risk assessments across the business relating to both external and internal threats; implementing mitigation measures as required. They also build appropriate fraud prevention and detection processes and implement them. Some fraud investigators manage the day-to-day operation of an expanding fraud team, ensuring that KPIs are met and regular reports produced for the management team. In this capacity, they will also work closely with the senior management team to ensure that operational capacity is correctly aligned to combat a variety of fraud types.

Here are some of the other key functions performed by fraud investigators:

  • Evaluate potential fraud indicators and the impact of current fraud trends and make recommendations as to appropriate mitigation.
  • Conducting investigations into allegations of fraud, waste or abuse committed by clients against our company
  • Reviewing and researching evidence/documents to analyze the overall fact pattern of a claim and synthesize data into a professional report with recommendations
  • Preparing and coordinating field assignments to obtain relevant evidence and information
  • Conduct objective, fair, thorough, unbiased and timely investigations into allegations of fraud, waste or abuse committed by clients against our company
  • Review and research evidence/documents to analyze the overall fact pattern of a claim and synthesize data into a professional report with recommendations
  • Prepare and coordinate field assignments to obtain relevant evidence and information
  • Coordinate with defense attorneys to provide deposition strategies and use law enforcement resources for assistance
  • Manage and priorities a large and varied caseload effectively and efficiently to achieve positive results
  • Prepare prosecution packages and restitution proposals.

Responsibilities

As a fraud investigator often wears many different hats, they also have many ongoing responsibilities. These include monitoring transaction reports to identify any suspicious transactions and conducting detailed investigations as required. They must also proactively identify financial crime trends through data analysis and share findings with leadership as and when needed. A few other responsibilities of a fraud investigator include:

  • Working to a high standard, meeting strict time-frames whilst working under pressure.
  • Communicating directly with customers as part of ongoing fraud investigations through in-app messages or via telephony with potential victims of fraud to establish circumstances and additional information, before providing a fair and logical decision, with supporting rationale.
  • Work as part of a team and supporting colleagues as and when required to reduce workload(s).

Personality Traits of a Fraud Investigator

There are some common traits among the most successful fraud investigators. This includes being a self-starter who is results-driven with high levels of self-motivation, energy and initiative. An effective fraud investigator has a proven ability to work under pressure to and meet tight deadlines, without compromising the quality of output. One key trait that can’t be overlooked is the ability to be an effective communicator – a fraud investigator must have excellent written and verbal skills. Here are some other key traits among successful fraud investigators:

  • An ability to thrive under pressure amidst changing business priorities
  • Effective cost management and analytical integrity
  • Experience in leading and developing a team
  • Keen interest in stopping fraud whilst considering the impact of how an investigation can impact customers

Knowledge and Skills

A successful fraud investigator brings to the table a broad range of security/ fraud detection and prevention experience. A fraud investigator must be a subject matter expert on fraud for their related field, such as insurance fraud, financial fraud, procurement fraud, asset recovery, cyber fraud, healthcare fraud, retail fraud and other areas.

Many fraud investigators have specialized skills such as:

  • Experience of interviewing in accordance with the Police and Criminal Evidence Act following the PACE framework.
  • Strong knowledge of cyber risk and common fraud typologies, along with the emerging trends affecting fraud and financial crime.
  • Familiarity with key AML, TF, Financial Crime and Sanctions legislation and associated Regulatory Guidance.
  • Demonstrated experience working with customers on fraud prevention and detection strategies.
  • Sound understanding of the customer impact of a transaction monitoring system; able to balance fraud prevention with the need to provide an excellent customer experience.

As previously mentioned, an effective fraud investigator must have strong interpersonal and communication skills, including the ability to interact with clients, upper management and law enforcement. They also need to have an ingenuity and persistence to obtain case information not readily available with an eye for detail. Dealing with various different cases and different types of evidence requires strong organizational skills. For insurance fraud, investigators must be proficient with the insurance procedures, regulations and investigation methods

Perhaps most important, fraud investigators must set a positive example for their colleagues. They need to be honest and ethical, with high levels of integrity and confidentiality.

A fraud investigator has many different responsibilities, and the role requires an individual with some specific traits. CRI Group’s fraud investigators are experts at uncovering the facts and evidence of a case, but they also implement proactive anti-fraud measures to help an organisation be better protected against future incidence of fraud. Fraud investigators specialise in insurance fraud, financial fraud, procurement fraud, asset recovery, cyber fraud, healthcare fraud, retail fraud and other areas. It’s important that organisations hire trained, qualified fraud investigators who understand the laws, are effective at evidence collection and fact-finding, and are good communicators (since interviewing is one of the key processes of fraud investigation). A fraud investigator might work with a team, or they might lead their team and report to another division. Being able to work under pressure and meet deadlines is critically important. Properly evaluating and securing evidence is of equal importance. CRI Group has only the best expert fraud investigators to meet these challenges.

Are you a fraud investigator? Tell us about your day-to-day job, we would love to hear it.

 

Who is CRI Group?

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening,

العناية الواجبة 360°
,
حلول الامتثال
 and other professional Investigative Research solutions provider. We have the largest proprietary network of background-screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organizations. Contact ABAC® for more on ISO Certification and training.

 

 

 

by admin
1 Comment »