John Wood Group to Pay $177 Million to Settle Bribery Charges Inherited Through its Merger

John Wood Group Bribery Probe Trace Back to its Merger with Amec Foster Wheeler Plc.

The Importance of Due Diligence in Merger and Acquisition to Avoid a Similar Incident Happened like in John Wood Group.

Due diligence is understood as the reasonable steps taken to satisfy legal requirements in the conduct of business relations. That allows you to reduce risks – including risks arising from the FCPA (Foreign Corrupt Practices Act) and the UKBA (UK Bribery Act), to make informed decisions and to pursue takeovers or mergers with more confidence.

Unlike other kinds of control (audits, market analysis, etc.), it must be completely independent and rely as little on information provided by the researched subject. The other important difference lies in the methodology: commercial or financial due diligence analyses available information, investigative type provides reliable and pertinent, but raw, information.

Due diligence on potential business partners when adding a new vendor or hiring a new employee is vital to confirm the legitimacy and reduce the risks associated with such professional relationships. Global integrity due diligence investigations provides your business with the critical information it needs to make sound decisions regarding mergers and acquisitions, strategic partnerships, and the selection of vendors, suppliers, and employees.

It will ensure that working with an, i.e. potential trade partner will ultimately achieve your organisation’s strategic and financial goals. CRI Group investigators employ a proven, multi-faceted research approach that involves a global array of databases, courts and public record searches, local contacts, industry and media resources, and in-depth web-based research. Our resources include:

Filed under:

Looking for a Service Provider Due Diligence Checklist?

Due Diligence Checklist

Due diligence checklist and service provider. There are many risks implicit in doing business, and CEO’s and risk management officers face many internal and external threats. Most organisations face preventable risks; however, the burden of identifying risks can be too much, especially when dealing with third-party providers.

Most service providers offerings are often part of organisations’ core functions (i.e. internet-related services or cloud services); they have access to sensitive information, including your clients’ client details (PII), their financial data such as credit cards (PCI), or trade secrets; that impacts your data security or privacy programs; a worrying source of risk and, often than not, they drive up your cost. 

According to Ponemon Institute’s Cost of a Data Breach Report 2020, organisations spend £2.9 million ($3.86 million) recovering from security incidents. And third-party breaches cost $370,000 more than in-house breaches. Third-party breaches do happen, and many organisations aren’t prepared. In fact, Protiviti’s 2019 Vendor Risk Management Benchmark Study found that only 4 in 10 organisations have a fully mature vendor risk management process in place. 

It’s critical to follow a well-defined and comprehensive due diligence process when it comes to service providers. Having a services provider due diligence checklist allows you to see what obligations, liabilities, or any types of risks you’re assuming. 

What Is a Due Diligence Checklist?

A due diligence checklist is an organised way to analyse a service provider you want to work with. Following this checklist, you can learn about the Service Provider liabilities, benefits, and potential problems. Due diligence checklists are usually arranged in a basic format. However, they can be changed to fit different industries and professional relationships. A due diligence checklist can also be used for:

• Preparing an audited financial statement or annual report
• A public or private financing transaction
• Bank financing
• A joint venture
• An initial public offering (IPO)
• General risk management.

However, we developed a complete due diligence checklist for you to use on your service providers for this article. There are six core areas to consider when doing your due diligence vetting a service provider:

1. General company information
2. Financial review
3. Reputational Risk
4. Insurance
5. Information Security Technical Review
6. Policy Review

The questions could change based on your requirements or the company, industry, size, or region. The more you know about potential vendors, the easier it is to assess their risk. Let’s look!

1. Build an inventory of your service providers:

• List the providers of significant core functions
• List any smaller providers who might be working with individual departments

2. Rank each service provider based on risk by asking the following questions:

• What service does this organisation provide?
• Who owns the relationship with this provider?
• Is this provider tied to your organisation’s most critical business operations?
• What data do they have access to?

3. Collect information on each service provider, including basic information:

• A business charter or articles of incorporation (or similar corporate charter)
• Business location, and proof of location.
• Business license: confirm that the company is legitimate
• Overview of company structure
• Information about executives and board members
• Financial information: is the service provider financially solvent? Would you want to partner with a company that may not be in business next year? 
• Insurance: gather information on general liability insurance, cyber insurance, or insurance-specific capabilities.

4. General risk information:

• Is the service provider on any watch lists?
• Any Lawsuits?
• Any negative news coverage?
• Any significant complaints or negative reviews from consumers?
• Is the site physically secure?
• Policy Review

5. Cyber risk Information:

• Security rating
• Assessment questionnaire
• Retrieve the IT system outline
• Any assets exposed to the open Internet?
• Any cases of data breaches?

6. Final risk analysis:

• Calculate your risk: Risk = Likelihood of a Data Breach X Impact of a Data Breach/Cost
• Set a risk rating of high, medium, or low
• Compare the above information with your risk appetite and determine whether your organisation should pursue a relationship with the service provider

How can CRI Group™ Help You Manage and Respond to Risks?

Managing third-party risk can be difficult. The work isn’t done when you understand the risks associated with doing working with third-party providers. With CRI Group™, organisations can make the process simpler and gain a window into their service providers’ risk. 

Due diligence on potential business partners when adding a new vendor or hiring a new employee is vital to confirm the legitimacy and reduce the risks associated with such professional relationships. 

Our global integrity DueDiligence360 investigations provide your business with the critical information it needs in making sound decisions regarding mergers and acquisitions, strategic partnerships, and the selection of vendors, suppliers, and employees. And we offer various levels of due diligence to fit your needs:

• Level I Basic: Basic due diligence
• Level I Essential: Essential due Diligence
• Level II EDD Enhanced Integrity Due Diligence
• Level II EDD Plus Enhanced Integrity Due Diligence

Our Enhanced Integrity Due Diligence services will ensure that working with an, i.e. potential trade partner will achieve your organisation’s strategic and financial goals. To find out more about each level of due diligence, contact CRI Group™ HERE!

Who is CRI Group™?

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, 

We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

Filed under:

Procurement Risks: The 5 common Risks Every Organisation Needs to Know!

Procurement Risks: Your Lack of Due Diligence can Lead to Harm

Procurement risks: lack of due diligence can lead to harm. Procurement is one of the most critical areas of any organisation, large or small. Procurement officers secure the materials and goods that a business needs to be productive and successful. They ensure the best possible price, quality, delivery efficiency, and other important considerations.

Unfortunately, due to the very nature of dealing with third-party suppliers/vendors, procurement also requires an elevated level of risk management. As many high-profile cases have shown, supply-line problems can cause financial and reputational damage, sometimes on a grand scale.

The infamous horse meat scandal in the UK presents a classic scenario of the damage from risky third-party associations. Widely known international corporations, including Burger King and others, were forced to cut ties with a meat supplier after facing financial and reputational harm from the news that some of the supplier’s products were tainted with horseflesh.

The revelations of tainted meat resulted in international news headlines, waves of criticism from consumers and food products pulled from shelves and freezers in response to the uproar. As damaging as it was, the crisis helped illustrate why due diligence became more important as supply chains expanded and became more complex, especially among international organisations.

The procurement risks: How to minimise them?

The following are some priorities every organisation should have to minimise procurement risks in their procuring process:

Risk #1 – Know who your suppliers are

Due diligence is as vital in procurement as in any other business area, in some cases, more so. 

Risk #2 – Consider your organisation’s reputation

The horsemeat scandal showed how quickly and drastically it can damage a well-respected organisation’s reputation and brand. Your procurement team should know that while the bottom line is essential, nothing is more critical than protecting the image and brand of the company. Cutting due diligence corners to secure the lowest price is not only unwise – it should be strictly against company policy.

Risk #3 – Find sustainable lines of supply

Seek out suppliers with long, successful backgrounds in their business. Find economically sound and socially conscious companies, using fair labour practices and promoting sustainable resources. It harmed the organisation when it discovered that a supplier was using child labour or other unethical or illegal methods to produce their goods. Implement a code of conduct with expectations for your contractors, suppliers and vendors, and review them regularly to ensure they follow your guidelines.

Risk #4 – Have backup suppliers in place

What happens when your primary vendor is suddenly out of compliance? Or folds up completely? If your production chain grinds to a halt, the damage can be severe and lasting to your organisation’s financial and reputational health. Ensure your procurement team has conducted due diligence on backup suppliers that you can turn to in a crisis. Spending a little more to keep the production lines open will be a small price to pay compared to seeing your business come to a standstill.

Risk #5 – Conduct a thorough risk assessment

Any organisation that hasn’t prepared a risk assessment of its procurement process should immediately do so. How else will you know what red flags or gaps make your organisation susceptible to fraud, waste, risk to reputation, or all of the above? Third-party risk management experts can help you develop and put in place an effective third-party risk assessment plan that keeps your organisation protected and minimises your exposure to unseen or unknown trouble spots.

Every organisation needs a successful and efficient procurement process. It also needs to be safe from the inherent risks with connections to third parties, including suppliers, vendors and contractors. When it comes to procurement, let CRI Group™ help you put proper risk management processes in place so you don’t have to worry about your supply chain putting you in tomorrow’s headlines.

Who is CRI Group™?

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, 

We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

Filed under:

BS 7858:2019 | The New Way to Mitigate Employee Risk During COVID-19

BS 7858:2019 Standard: A New Way to Mitigate Employee Risk During COVID-19

BS 7858:2019 Standard is the revised standard for screening individuals working in secure environments. The far-reaching impact of the COVID-19 outbreak has affected virtually every business and economic sector worldwide. Depending on the global region, the far-reaching implications have hampered (on various levels) the ability to conduct proper and thorough background screening investigations.

In the United Kingdom and the United Arab Emirates, the countrywide lockdowns forced leaders to close sites and send their workforce home. Many have to learn how to manged people working from home (WFH) or remotely for the first time. The previous concerns about productivity, privacy and protecting sensitive information only grew more with the practice of WFH.

They highlighted the vital importance of pre-employment background screening and background investigations. BS 7858:2019 Standard for screening individuals working in secure environments offers a complete solution.

Unfortunately, conducting such investigations in a reliable and timely manner has brought its struggles. The closure of public information sources has dramatically impacted accessing public records to verify previous employment, education and criminal charges.

Drug screening tests have been delayed or postponed until such companies are permitted to reopen their doors for business. On the applicant side, it’s been widely reported that individuals are concerned (and rightly so) about participating in face-to-face interviews. Applicants are concerned with leaving their homes to do a drug test and, ultimately, returning to a work environment that may or may not appear healthy, protected and safe.

Recruitment Fraud and How BS 7858:2019 Standard Provide the Solutions

Investigators themselves have hesitations about venturing into the field to complete their assignments, which may require a high degree of boots-on-the-ground research and in-person interaction in many countries. Fortunately, the background screening industry is resilient.

It is steadily working around these obstacles to ensure that workplaces are safeguarded, workers, customers and property are protected, and sensitive information doesn’t fall into rogue hands. This is particularly important in those sectors that rely heavily on vetting personnel working in secure environments responsible for people, property, data and critical systems.

It’s important for the mere fact that a trending increase in recruitment fraud is creating additional challenges for already over-burdened employers. Last year recruitment fraud cost £23 billion in the UK alone.

The BS7858:2019 Standard

The recent update of the BS7858:2019 standard, “Screening of Individuals Working in a Secure Environment – Code of Practice,” emphasizes the risk assessment of secure environment workers. The code focuses on the need for tighter controls over the pre-employment screening – and periodic re-screening – of individuals, who in their positions, could potentially benefit from illicit personal gain, become compromised, or take advantage of other opportunities for creating breaches of confidentiality, trust or safety.

Written by the British Standards Institute, which is recognized as the UK’s national standards body, BS7858:2019 lays out the scope of “obtaining personal background information to enable organizations to make an informed decision, based on risk, on employing an individual in a secure environment.”

Those workers include business owners, directors, partners, silent partners and shareholders holding more than 10% of the business; managers, area managers, department managers, screening managers and staff; installers and service crew; security personnel; and office supervisors and staff with access to customer and system records.

The amended guidelines of the standard put the onus on the organization’s top management to demonstrate that they are focused on the aspects of the business where the most risk lies and the particular personnel roles involved within those risks areas.

This is particularly important because, as the standard states, the “organization retains ultimate responsibility for an outsourced screening process and is required to review the completed screening file.” Risks assessment includes examining certain roles that involve financial tasks, data security, goods management, property risks or any number of “people risks” such as roles with direct access to vulnerable adults and children.

To that end, management ensures that the organization has proper and adequate resources and infrastructure to manage the adequate vetting of high-risk personnel. Management is tasked with the response and that there is a firm commitment at the top level to manage and support the coordination required to execute the screening process.

Finally, management is tasked with ensuring that such responsibilities are appropriately assigned and communicated throughout the organization. The guideline also eliminates its original text in 2012, a requirement to produce character references as part of the screening process. This decision was based on the supposition that such references are now deemed potentially weak and difficult to verify. 

Price of a Bad Hire

The price of a bad hire has far-reaching consequences for any business, including productivity loss, decreased employee morale, risks to employee safety, increased exposure to costly negligent hiring claims, and potentially devastating litigation. The premise behind the standard is to safeguard employers from harmful or fraudulent hires. Cases of organizations that forego conducting due diligence on a new hire – especially a hire with high-risk exposure – often end badly for those organizations.

The revised BS7858:2019 standard enables organizations to demonstrate a commitment to safeguarding their businesses, employees, customers and information utilizing widely accepted methods that focus on risk assessment and top-down management involvement in the company’s employment policies and practices. In establishing standards and practices, organizations can show that they place a high value on hiring individuals who possess integrity. Organizations can then task them with responsibilities designed to keep their co-workers, customers and information safe from the negative forces that have become more prevalent in today’s ever-changing COVID-19 world.

Playbook | Everything About BS 7858:2019 Standard

The price of a bad hire has far-reaching consequences for any business, including productivity loss, decreased employee morale, risks to employee safety, increased exposure to costly negligent hiring claims, and potentially devastating litigation. The premise behind the standard is to safeguard employers from bad or fraudulent hires. Cases of organizations that forego conducting due diligence on a new hire – especially a hire with high-risk exposure – often end badly for those organizations.

At CRI® Group, we know how important is your background screening to your company’s success and to give you an idea of what is new, we have produced this playbook detailing the differences between the BS7858:2012 standard and the new BS7858:2019 standard.

DOWNLOAD OUR FREE PLAYBOOK

Managing People through COVID-19

The COVID-19 pandemic is undeniable, affecting the world. And the situation is changing at an hourly rate as we go into a second global lockdown. Businesses have to adapt quickly to survive, i.e. cutting steps in their hiring process, and no one knows how this will play out. However, there are ways you can mitigate the impact, learn how from this free ebook.

Taken as a whole, this ebook is the perfect primer for any HR professional, business leader and company looking to avoid employee background screening risks. It provides the tools and knowledge needed to stay ahead of COVID-19 effectively. Read the answers to the following questions:

• Does a candidate have to give consent to process a background check/screening?
• How long does it take to conduct a background check?
• When should I conduct pre-employment checks?
• How often should I screen employees?
• How to collect references, and what to ask?
• How much does it cost to conduct background checks?
• What is the difference between employment history verification and employment reference?

DOWNLOAD OUR FREE PLAYBOOK

FAQ E-Book | All About Background Checks

The price of a bad hire has far-reaching consequences for any business, including productivity loss, Get answers to frequently asked questions about background checks/screening cost, guidelines, check references etc.

Taken as a whole, it is the perfect primer for any HR professional, business leader and company looking to avoid employee background screening risks. It provides the tools and knowledge needed to make the right decisions. This eBook is a compilation of all of the background screening related questions you ever needed answers to:

• Does a candidate have to give consent to process a background check/screening?
• How long does it take to conduct a background check?
• When should I conduct pre-employment checks?
• How often should I screen employees?
• How to collect references, and what to ask?
• How much does it cost to conduct background checks?
• What is the difference between employment history verification and employment reference?
• How do I check on entitlement to work?
• How to conduct identity checks?
• What will a financial regulatory check show?
• Is it possible to identify conflict of interest during checks?
• What is a bankruptcy check?
• What about directorships and shareholding search?
• Can I have access to a criminal watch list?
• Anti-money laundering check?
• Can we conduct FACIS (fraud and abuse control information system) searches?

DOWNLOAD OUR FAQ EBOOK

CRI Group™ | BS7984:2008 Accredited Company

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, 

Filed under: COVID-19 Insights,

The Consequences of Inadequate Due Diligence

Adequate Due Diligence

Running worldwide businesses requires effectively recognizing, analyzing and managing risks and ensuring compliance. We have identified that many organizations with third-party relationships conduct inadequate due diligence that might pose significant risks. In this article, we look at the possible risks and the best practices for conducting adequate due diligence and third-party risk management effectively, such as:

1. Planning
2. Documentation
3. Culture

Continuous Risk Management

Today’s global business requires efficiently managing a network of third-party partners that supply product components, run operations in foreign markets, operate call centers, or act as outside consultants or agents.

A well-maintained third-party network’s vast array of capabilities and specialized skill sets make operations easier for the organization and its customers. But many organizations, from small businesses to multi-national corporations, can rarely afford the time and effort required in-house to manage these often-complex third-party relationships.

Because of this, the risk of unethical business practices, bribery and other business corruption potentially increases if inadequate due diligence is conducted on third-party partners. The ramifications of a scandal related to a third-party partner can easily take down an organization, resulting in such risks as a damaged reputation and brand devaluation, regulatory violations, legal proceedings and possible fines and jail terms for directors. Therefore, a solid and viable third-party risk management program is the only way to protect the corporation’s assets fully.

Building a third-party risk management program is not a passive process. It continually requires time and effort as the risks associated with third-party partnerships evolve.

Explore Third-Party Risk Management Solutions

Consider the recent events during which the legislators of three separate nations signed new compliance regulations and standards into law. Suppose your organization’s third-party risk management program cannot quickly adjust to these new regulations (or is not designed to anticipate future legislative movements). In that case, your organization is genuinely at risk.

Cutting Corners Not Worth the Risk: Adequate Due Diligence

Indeed, building a solid risk management program requires a significant investment of time and resources (internally and from the outside). Still, the consequences of not doing it right could be dramatically severe. Still, far too many organizations are willing to tempt fate by cutting corners on developing and implementing their third-party risk management program.

Organizations attempt to cut corners by relying on outdated or stagnant tools to monitor, detect, and prevent risks. Hiring outside industry professionals with proven track records of successful due diligence experience is necessary.

Relying too heavily on “desktop” due diligence is another dangerous shortcut. Desktop due diligence is an essential initial step of the investigative process, involving background checks, lien searches, regulatory filing investigations and environmental reports. And while it is a vital component of any effective due diligence program, it’s not nearly enough to evaluate the third party thoroughly.

Truly understanding a potential partner’s business requires a considerable amount of time spent face-to-face with the outside organization’s leadership, operations management and even current customers. This “boots on the ground” process will detect potential risks, often hidden from a distance and undetectable via web-based discovery tools.

The “boots on the ground” approach also help to establish a relational dynamic required for ongoing negotiations and provides a clear insight into two of the fastest-growing issues in third-party risk management: Bribery and Labor Management.

Bribery As a Compliance Issue

Anti-bribery and anti-corruption compliance is a fast-moving target. New anti-bribery laws and regulations are being decreed worldwide at a relentless pace. Complicating matters further, many countries may have laws in place but cannot enforce them adequately. The responsibility falls to your organization’s adequate due diligence program to ensure detection and protection when this happens.

High profile investigations in recent years have contributed to the rapid emergence of bribery and corruption as a societal issue. Never before has such a contrast been drawn so dramatically on a global stage between those who engage in corruption and those who suffer. Any organization that finds itself mixed up in a scandal involving bribery has more than a legal mess. It has a long battle to win back the trust of its shareholders, employees, customers and the public.

Conducting adequate due diligence surrounded such varying factors is work that must be completed in person. Gaining insight into a potential partner’s company culture requires immersion with the organization’s leadership, management and staff. When evaluating bribery risk, some warning signs can only be discovered on-site.

This e-book explores some critical questions posed to business leaders today: Has your organization implemented reasonable and proportionate measures to prevent bribery? How will you know if your anti-bribery and anti-corruption controls are effective? Are you aware of the latest best practices in avoiding bribery? Download our eBook to find out! READ NOW

Labor Matters and Compliance

From overtime issues and under-age workers to unsafe working conditions and improperly documented accidents, labor compliance represents a significant component of any solid third-party risk management program.

Once again, inadequate attention to risks related to labor compliance can bring on considerable penalties. Understanding which industries, geographic regions, and management structures elevate the organization’s risk is vital to efficiently operate an adequate due diligence program. This understanding is nearly impossible to guarantee via ‘desktop’ due diligence. Spending the necessary time in person is the only way to ensure a potential supplier properly compensates and manages employees while providing a safe workplace environment.

Even if your agreement with a third-party partner places the responsibility of payroll issues firmly upon the vendor, your organization — as a joint employer — can still be held accountable in many countries. After all, the labor conducted at your partner’s facility benefits your organization’s bottom line.

What are the Best Practices?

The demands of identifying and measuring third-party risk, monitoring those potential risks on an ongoing basis, and making recommendations based on empirical research are best met by a dedicated team of outside professionals. And while no two organizations are alike in terms of risk profiles, several factors have become consistent in building a strong, effective and adequate due diligence program:

1. Planning: Without a well thought out plan outlining ongoing monitoring efforts with assigned roles and responsibilities, measures to mitigate risk will be haphazard at best and dormant at worst. With a thoroughly established, management-advocated program that identifies specific risk factors for each affiliation, a process for addressing red flags, and an established mechanism for continual revision, the organization will remain vigilant in its efforts to protect itself from liability.

2. Documentation: Due diligence efforts are only as good as the information and data gathered and secured. Meticulous documentation and reporting enable the organization to recognize trends, communicate analyses, and sustain efforts during any future personnel changes. Effective risk management programs feature established guidelines for capturing data, contracts and research with uniformity.

3. Culture: An organization where leadership, management and workforce do not take the third-party risk seriously will never be adequately protected from risk. Successful organizations in this respect dedicate themselves to building a culture in which every employee feels personally invested in the operation’s risk management. Employees must feel empowered and encouraged to report red flags. Passive engagement is simply not enough.

Done correctly, third-party risk management can effectively save the organization from risk, liability, and other perils often associated with outside entities wanting to engage and transact with your business.

A TPRM Customized Solution that Best Suits Your Needs

CRI Group™’s own exclusive, expert-developed 3PRM™ services help you proactively mitigate risks from third-party affiliations, protecting your organization from liability, brand damage and harm to the business. Whether your organization has a large, well-established third-party program, is in the early stages of development, or is anywhere in between, the 3PRM™ solution can improve the health of your program and future-proof your entire business in many forms.

Our 3PRM™ solution streamlines the third-party risk management process through scalability, and efficiencies – from third-party risk identification to assessment what sets us apart is that our 3PRM™ solution includes:

• العناية الواجبة 360°
• Screening & Background Checks
• Regulatory Compliance
• Business Intelligence: Information Management
• Investigations: i.e. IP, Fraud, Conflict of Interest, etc.
• Anti-bribery & Anti-Corruption (ABAC) Compliance
• Employee auditing training & education
• Monitoring & reporting

Where Should TPRM Sit within an Organization?

TPRM can sit within various business units depending on your organization’s structure. Many organizations involve multiple departments such as procurement, information security, operational risk and compliance to provide input to manage the risks related to engaging third parties. Depending on your business’ internal structure, you may choose to apply a centralized, mixed or decentralized model when focus on TPRM. At CRI Group™ we observed a trend with many of our clients implementing a centralized model when managing their third-party relationships, given the required input from their multiple business lines. A centralized model allows you as an organization to track common risks across departments and identify emerging trends that may require a response from more than one department.

Risk Management Goes Beyond TPRM

CRI Group™ provides the knowledge required to navigate unfamiliar markets and mitigate third party risk by assessing the backgrounds, integrity and character of those with whom you do business. Our 3PRM-Certified™ program is therefore key for managing an organization’s third party risk levels. However, this is only one of the several vital steps towards a robust risk management strategy implementation.

Risk management is the identification, evaluation, and prioritization of risks (defined in ISO 31000 as the effect of uncertainty on objectives) followed by coordinated and economical application of resources to minimize, monitor, and control the probability or impact of unfortunate events or to maximize the realization of opportunities. Risks can come from various sources including your employees.

Getting Started with ISO 31000 Risk Management? Learn more with our “ISO 31000 Playbook”

At CRI Group™, we understand that managing compliance and risk activities might be a daunting task. That’s why we present you with the insights library where you can dive deep into these topics to make your job easier. If you can’t find what you are looking for, just get in touch – we would love to have a chat!

CONTACT INFORMATION

Zafar Anjum | CRI Group™ Chief Executive Officer
t: +44 207 8681415 | m: +44 7588 454959

Filed under:

BS7858:2019 – everything you need to know and more!

The recent update of the BS7858 standard, “Screening of Individuals Working in a Secure Environment – Code of Practice,” places emphasis on the risk assessment of secure environment workers. The code focuses on the need for tighter controls over the pre-employment screening – and periodic re-screening – of individuals, who in their positions could potentially benefit from illicit personal gain, become compromised, or take advantage of other opportunities for creating breaches of confidentiality, trust or safety.

What is BS7858?

BS7858 stands for “Screening of Individuals Working in a Secure Environment – Code of Practice,” The BS7858 is a code of practice released by BSI (British Standards Institution), a business standards company which supports companies in achieving excellence within their field, and continuously boosting performance. Introduced in 2013, the standard was updated in September 2019 and is now considered to be the industry standard for all screening in employment, despite its original intention for use in security environments only. This code was meant to provide a critical security standard that guided employers on the screening process for security staff before offering full employment. However, the new update has widened the scope of this code.

This British Standard helps employers to screen personnel before they employ them. It gives best-practice recommendations, sets the standard for the  screening of staff in an environment where the safety of people, goods or property is essential. This includes data security, sensitive and service contracts and confidential records. It can also be applied to situations where security screening is in the public’s interest. It sets out all the requirements to conduct a screening process. It covers ancillary staff, acquisitions and transfers, and the security conditions of contractors and subcontractors. It also looks at information relating to the Rehabilitation of Offenders and Data Protection Acts. CRI Group is the first and only investigative research company in the Middle East to receive the certifications BS7858:2019 and BS102000:2013, Code of Practice for the Provision of Investigative Services from internationally recognised training and certification body BSI. 

Change of scope

The change of scope is possibly the biggest change of the standard. In the old document, the standard concerned the security sector only. However, the scope has been amended to allow organisations in all environments to adopt the standard when employee screening. And due to the current pandemic, this update is more significant than ever. There is a specific section of the standard that relates to risk management which states: “An integral part of risk management is to provide a structured process for organisations to identify how objectives might be affected. It is used to analyse the risk in terms of consequences and their probabilities before the organisation decides what further action is required”.

BS 7858:2019 lays out the scope of “obtaining personal background information to enable organisations to make an informed decision, based on risk, on employing an individual in a secure environment.” Those workers include business owners, directors, partners, silent partners and shareholders holding more than 10% of the business; managers, area managers, department managers, screening managers and staff; installers and service crew; security personnel; and office supervisors and staff with access to customer and system records.

The amended guidelines of the standard put the onus on the organisation’s top management to demonstrate that they are focused on the aspects of the business where the most risk lies, and the particular personnel roles that are involved within those risks areas. This is particularly important because, as the standard states, the “organisation retains ultimate responsibility for an outsourced screening process and is required to review the completed screening file.” Risks assessment includes examining specific roles that involve financial tasks, data security, management of goods, property risks or any number of “people risks” such as roles with direct access to vulnerable adults and children.

To that end, management is charged with ensuring that the organisation has proper and adequate resources and infrastructure in place to manage the adequate vetting of high-risk personnel. Management is tasked with the response and that there is a firm commitment at the top level to manage and support the coordination required to execute the screening process. Finally, management is tasked with ensuring that such responsibilities are correctly assigned and communicated throughout the organisation. The guideline also eliminates from its original text in 2012, a requirement to produce character references as part of the screening process. This decision was based on the supposition that such references are now deemed as potentially weak and difficult to verify. Managing risk effectively is essential to ensure businesses succeed and thrive in an environment of constant uncertainty. ISO 31000 aims to simplify risk management into a set of clearly understandable and actionable guidelines, that should be straightforward to implement, regardless of the size, nature, or location of a business.

BS7858:2019, a new way to mitigate employee risk during COVID-19

The far-reaching impact of the COVID-19 outbreak has affected virtually every business and economic sector worldwide, and depending on the global region, has hampered (on various levels) the ability to conduct proper and thorough background screening investigations. In the United Kingdom and the United Arab Emirates, the countrywide lockdowns forced leaders to close sites and send their workforce home. Many are having to learn how to manged people working from home (WFH) or remotely for the first time. The previous concerns about productivity, privacy and protecting sensitive information only grew more with the practice of WFH. They highlighted the vital importance of pre-employment background screening and background investigations. BS 7858:2019: the revised Standard for screening individuals working in secure environments offers a complete solution.

The revised BS7858 standard enables organisations to demonstrate a commitment to safeguarding their businesses, employees, customers and information utilising widely accepted methods that focus on risk assessment and top-down management involvement in the company’s employment policies and practices. In establishing policies and procedures around the standard, organisations can show that they place a high value on hiring individuals who possess integrity. Organisations can then task them with responsibilities designed to keep their co-workers, customers and information safe from the opposing forces that have become more prevalent in today’s ever-changing COVID-19 world. Find out more on how you can mitigate employee risk during this pandemic with BS7858:2019.

Playbook BS7858:2019, everything you need to know and more!

The price of a bad hire has far-reaching consequences for any business, including productivity loss, decreased employee morale, risks to employee safety and increased exposure to costly negligent hiring claims and potentially devastating litigation. The premise behind the standard is to safeguard employers from harmful or fraudulent hires. Cases of organisations that forego conducting due diligence on a new hire – especially a hire with high-risk exposure – often end badly for those organisations. At CRI Group we know how important is your background screening to your company’s success and to give you an idea of what is new we have produced this playbook detailing the differences between BS7858:2012 standard and the new BS7858:2019 standard.

Download FREE BS7858 playbook

Managing your people through COVID-19

The COVID-19 pandemic is undeniable affecting the world. And the situation is changing at an hourly rate as we go into a second global lockdown. Businesses are having to adapt quickly to survive, i.e. cutting steps in their hiring process, and no-one knows how this will play out. However, there are ways you can mitigate the impact, learn how with this FREE ebook.

Taken as a whole, this ebook is the perfect primer for any HR professional, business leader and companies looking to avoid employee background screening risks. It provides the tools and knowledge needed to stay ahead of COVID-19 effectively. Read the answers to the following questions: How to turn the tide’ on coronavirus crisis?; COVID-19 Action point checklist; Background Screening: Essential Checks; 6 steps for good practice in connection with COVID-19; 11 Steps to Reduce Personnel Costs; COVID-19 General advice; How to remove any danger to your business during COVID-19; … and more!

Download your FREE playbook

Frequently asked questions about background checks

Get answers to frequently asked questions about background checks / screening cost,  guidelines, check references etc.

This eBook is a compilation of all of the background screening related questions you ever needed answers to: Does a candidate have to give consent to process a background check / screening? How long does it take to conduct a background check? When should I conduct pre-employment checks? How often should I screen employees? How to collect references and what to ask? How much does it cost to conduct background checks? What is the difference between employment history verification and employment reference? How do I check on entitlement to work? How to conduct identity checks? What will a financial regulatory check show? Is it possible to identify a conflict of interest during checks? What is a bankruptcy check? What about directorships and shareholding search? Can I have access to a criminal watch list? Anti-money laundering check? Can we conduct FACIS (fraud and abuse control information system) searches? … and MORE!

Taken as a whole, is the perfect primer for any HR professional, business leader and companies looking to avoid employee background screening risks. It provides the tools and knowledge needed to make the right decisions. DOWNLOAD THE EBOOK

Let’s Talk!

BS7984:2008 accredited companies (such CRI Group) highlight to their clients that their security personnel are staff that can be trusted and relied upon to complete a high-quality job as the screening process highlights the level of conduct that they have presented in the past. This reassures the safety of the people, goods and property that they have been hired to protect. If you have any further questions or interest in implementing compliance solutions, please contact us.

About the Author

Zafar Anjum, MSc, MS, LLM, CFE, CII, MABI, MICA, Int. Dip. (Fin. Crime), Int. Dip. (GRC)
CRI Group Chief Executive Officer
37th Floor, 1 Canada Square, Canary Wharf, London, E14 5AA, United Kingdom
t: +44 207 8681415 | m: +44 7588 454959 | e: zanjum@crigroup.com

Who is CRI Group?

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening,

In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

Filed under: All Industries, COVID-19 Insights,

ICC launches an Anti-corruption Third Party Due Diligence guide for small and medium size entities

International Chamber of Commerce (ICC) has launched an Anti-corruption Third Party Due Diligence guide for small and medium size entities. SMEs are often on the receiving end of burdensome due diligence procedures of large multi-national companies. These requirements can be overwhelming and often companies feel they do not have sufficient resources to meet them. This Guide aims to address these concerns and inspire Small and Medium size Enterprises (SMEs) to engage in due diligence by creating achievable and manageable due diligence goals. Following the Guide a company can:

• Know and have confidence in their counterparties;
• Through such knowledge and confidence meet the conditions for responsible investment;
• Avoid prosecution/reputational/financial damage from being implicated in an anti-corruption issue;
• Develop an ethical brand;
• Provide assurance to business partners, in particular larger organisations that they are an ethical
  company.

SMEs must also develop robust anti-corruption ethics and compliance procedures to ensure they minimise the risk of corruption and adhere to international anti-corruption standards. Understandably, many SMEs are overwhelmed by the extensive international anti-corruption legislation and the complex ethics and compliance procedures in place in larger, multi-national companies. However, ethics and compliance does not necessarily need to be on a grand scale and supported by a dedicated legal department. There are manageable ways in which smaller companies can protect themselves by better managing corruption risks. A key element to a simple but effective ethics and compliance programme is due diligence. This is the focus of this Guide which sets out what due diligence is, why it is necessary, when it is necessary and how it can be implemented to protect a company from the risk of corruption as much as possible.

It provides practical advice on how SMEs can cost-effectively conduct due diligence on third parties they engage to perform services on their behalf. It focuses on corruption risks associated with engaging third party suppliers, contractors and consultants in an international and domestic setting and how those risks can be managed. This tool will also assist SMEs create an effective due diligence procedure that fits into an overall ethics and compliance programme. For SMEs that do not have any ethics and compliance procedures in place, it can be considered a good starting point. The Guide can be used by any SME, of any size (even very small companies) or industry and it can be adapted so that the due diligence programme is tailored to the specifics needs and industry in which the company operates.

ICC is the institutional representative of more than 45 million companies in over 100 countries. Through a unique mix of advocacy, solutions and standard setting, ICC promotes international trade, responsible business conduct and a global approach to regulation, in addition to providing market-leading dispute resolution services. ICC members include many of the world’s leading companies, SMEs, business associations and local chambers of commerce. Read more about ICC here!

Adoption of this Guide by SMEs will provide reassurance to prospective customers and can be used as evidence of an overall compliance commitment; the commercial benefits of which should not be underestimated.

GET THE DOCUMENT HERE

This guide is also available in:

• Spanish version: CCI AUDITORÍA LEGAL ANTI-CORRUPCIÓN SOBRE TERCEROS: GUÍA PARA PEQUEÑAS Y MEDIANAS EMPRESAS 
• Swedish version: Anti-korruption Due diligence på externa aktörer

[/vc_column_text][vc_empty_space][accordion_father][accordion_son title=”Speak up – report any illegal, unethical, or improper behaviour” clr=”#ffffff” bgclr=”#1e73be”]Ethics and Compliance Hotline is an anonymous reporting mechanism that facilitates reporting of possible illegal, unethical, or improper conduct when the normal channels of communication have proven ineffective, or are impractical under the circumstances. At CRI Group, we are committed to having an open dialogue on ethical dilemmas regardless.

REPORT HERE!

We would like to introduce a new Ethics & Compliance Hotline. This hotline is available to all employees, as well as clients, contractors, vendors and others in a business relationship with CRI Group and ABAC Group. If you find yourself in an ethical dilemma or suspect inappropriate or illegal conduct, and you feel uncomfortable reporting through normal channels of communication, or wish to raise the issue anonymously, use CRI Group’s Compliance Hotline in below mentioned ways or provide us with your complaint online on the form below. The Compliance Hotline is a secure and confidential reporting channel managed by an independent provider. When reporting a concern in good faith, you will be protected by CRI Group’s Non-Retaliation Policy.

READ MORE!

[/accordion_son][accordion_son title=”Prove that your business is ethical.” clr=”#ffffff” bgclr=”#1e73be”]Complete ABAC® FREE Highest Ethical Business Assessment (HEBA) and evaluate your current Corporate Compliance Program. Find out if your organisation’s compliance program is in the line with worldwide Compliance, Business Ethics, Anti-Bribery and Anti-Corruption Frameworks. Let ABAC® (powered by CRI Group) experts prepare a complimentary gap analysis of your compliance program to evaluate if it meets “adequate procedures” requirements under UK Bribery Act, DOJ’s Evaluation of Corporate Compliance Programs Guidance and Malaysian Anti-Corruption Commission.

The HEBA survey is designed to evaluate your compliance with the adequate procedures to prevent bribery and corruption across the organisation. This survey is monitored and evaluated by qualified ABAC® professionals with Business Ethics, Legal and Compliance background. The questions are open-ended to encourage a qualitative analysis of your Compliance Program and to facilitate the gap analysis process.

The survey takes around 10 minutes to complete. TAKE THE SURVEY NOW!

[/accordion_son][accordion_son title=”About CRI Group” clr=”#ffffff” bgclr=”#1e73be”]Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening,

In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.[/accordion_son][/accordion_father]

Have you read…

[/vc_column_text][vc_basic_grid post_type=”post” max_items=”12″ style=”pagination” items_per_page=”3″ item=”234″ initial_loading_animation=”none” grid_id=”vc_gid:1605689308060-9e4edd68-a073-0″ taxonomies=”41, 43″][/vc_column][/vc_row]

Filed under: All Industries, All Regions,

Third-party risk: how to survive in a brave new world?

Third party risk management, how to survive in a brave new world?

Third party risk management. The Current Business Climate Requires a Review and Reassessment of Your Organisation’s Third-Party Relationships. We won’t soon forget the year 2020 and the myriad ways worldwide business was derailed over a microscopic virus that caused a global pandemic. From layoffs and shutdowns to shortages and closures, the long-term effects of the pandemic have yet to be determined. But one thing is certain: The disruption to the global supply chain has wreaked havoc in virtually every business sector. third party risk management

Automobile manufacturing in Korea has been suspended due to a lack of parts from China. The fashion industry in the United States is struggling over sourcing as garment producers in Asia reduce output. U.K. aerospace manufacturer Rolls-Royce has announced it is cutting 9,000 jobs as a result of the coronavirus. And sharp declines in consumer demand have adversely affected global manufacturers who, in turn, are idling production to curb losses.

Find out how anti-bribery and anti-corruption management plays an important part in your third-party risk management strategy. This free ebook analyses the performance of Rolls-Royce in terms of ABAC policies within the scope of the ISO 37001 provisions.

DOWNLOAD EBOOK NOW

Global sourcing has been greatly impacted as suppliers have ceased operations, and multinational organisations have had to scramble to locate replacement supply sources. This gloomy picture has been made all the more daunting as opportunists, bad actors and other sanctioned, restricted, or unreputable parties have set up operations to take advantage of unsuspecting and desperate businesses by producing inferior goods, missing contractual deadlines, or operating in ways that could raise flags in the areas of ethical conduct, business integrity or jurisdictional compliance. As such, multinational companies need to be on high alert for such nefarious outside operations, lest they put their reputations, stakeholders, directors and bottom lines at risk.

Now is the time to identify alternative supply scenarios and re-evaluate contractual terms and performance metrics with those parties in the sourcing network. And to accomplish this, a risk-based approach to diligence, screening and vetting present and potential third-party suppliers is more important now than ever before.

Get your guide for risk prevention, detection and compliance. Download our Risk Management and Anti-Bribery Anti-Corruption Playbook

DOWNLOAD PLAYBOOK NOW

What is third party risk management?

Threats are increasing on several levels for organisations that rely on outside third parties, such as agents, brokers, vendors and suppliers.  While depleted inventories, idle production, inferior products and delayed delivery have greatly impacted the marketplace worldwide, multinational businesses are feeling the brunt of these pandemic-induced supply chain disruptions on a greater scale:

• Organisations are suffering financial loss as the supply chain falters;
• Companies are losing customers because of poor-quality products and services from third parties;
• Organisations are opening the doors to litigation by working with third parties that may be engaging in bad labour practices or forcing workers to produce in unsafe work conditions;
• Company data systems are being exposed and breached because of poor security practices by third parties;
• Companies are experiencing a greater level of supply chain issues due to poor disaster recovery procedures enacted by third parties;
• Organisations and boards are increasingly being exposed to litigation because of relationships with outside providers that may have violated contractual terms, potentially resulting in regulatory exposure;
• Such organisations are being targeted by story-hungry media sources determined to expose the company to a global audience.

The result of these increased risks can be highly problematic:

• Business litigation has skyrocketed;
• Corporate reputations are negatively impacted on a larger scale;
• Organisations have had to continually review, reassess and adapt risk management frameworks to adjust and acclimate to an ever-changing global business environment;
• Board members are becoming increasingly subjected to intense scrutiny from outside watchdogs and critics;
• Unfortunately, a highly educated market responds to the above scenarios accordingly with their pocketbooks.

From supply and production disruptions to regional compliance issues and bad media exposure, multinational corporations face increased scrutiny working with unscrupulous third-party partners.  Thus, the an intense need to remain vigilant in conducting due diligence and vetting those outside affiliations.

VIEW 3PRM^TM BROCHURE

Don’t let the dominoes fall, ever, with our 3PRM certification

CRI® Group’s third-party compliance verification and certification program – 3PRM-Certified™ – can help organisations establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. Third-party relationships are critical in business today and include partnerships with suppliers, distributors, consultants, agents and other contractors.

While such affiliations are essential to the success of your organisation, a business cannot overestimate the consequences of inadequate due diligence. As the risk for data breaches and supply chain disruption continues to rise with COVID-19, so does the need for effective third-party risk management (TPRM) programs.

Whether you’re a TPRM professional looking for a certification to advance your skillset, or the leader of your organisation considering how to better equip your team with the best knowledge and skills, 3PRM-Certified™ program is an all-in solution.

When is it time to conduct third-party screening?

CRI® Group’s exclusive 3PRM-Certified™ solution provides the very best in third-party risk management. Our 3PRM-Certified™ program provides a proactive approach to mitigating risks from third-party affiliations, protecting the organisation from liability, brand damage and harm to the business. The 3PRM-Certified™ program includes a focus on the following:

• Providing third-party risk assessments
• Meeting contracting requirements
• Conducting due diligence
• Identifying potential fraud risks
• Providing management oversight

Utilising a network of trained professionals positioned across five continents, CRI® Group’s 3PRM services utilise one of the largest multi-national fraud investigation teams the industry has to offer. The 3PRM-Certified™ program is especially critical when your business is performing pre-merger and acquisition research and pre-IPO due diligence, engages new clients, employs, contracts or retains foreign business partners and requires a consistent and audit-worthy AML and anti-corruption compliance program.

Who is CRI® Group?

Based in London, CRI® Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, 

We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI® Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI® Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification.

ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI® Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.

Meet our CEO and Author

Zafar I. Anjum is Group Chief Executive Officer of CRI® Group (www.crigroup.com), a global supplier of investigative, forensic accounting, business due diligence and employee background screening services for some of the world’s leading businesses organisations.

Headquartered in London (with a significant presence throughout the region) and licensed by the Dubai International Financial Centre-DIFC, the Qatar Financial Center-QFC, and the Abu Dhabi Global Market-ADGM, CRI® Group safeguards businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business.

CRI® Group maintains offices in UAE, Pakistan, Qatar, Singapore, Malaysia, Brazil, China, the USA, and the United Kingdom. Contact us to learn more about the third-party risk management strategy program and discover an effective and proactive approach to mitigating the risks associated with corruption, bribery, financial crimes and other dangerous risks posed by third-party partnerships.

Zafar Anjum, MSc, MS, CFE, CII, MICA, Int. Dip. (Fin. Crime)

CRI® Group Chief Executive Officer
t: +44 207 8681415 | m: +44 7588 454959
e: zanjum@crigroup.com

Filed under: All Industries, All Regions,

FAQ: Employment Screening

Want to know what red flags are most often found on résumés and employment applications? CRI® Group’s EmploySmart™ experts provided some statistics on their latest pre-and post-employment screening engagements, giving insights into where companies are most vulnerable in the hiring process. The operations team found that providing incorrect employment details is the most common red flag, as it was uncovered in about 4.5 per cent of background screenings. This is followed by providing incorrect education degree details and having adverse media (unfavourable news or online mentions), both at 2.33 per cent.

Most employers would probably say that when it comes to educational background, the only thing worse than providing incorrect degree information would be outright claiming a fake degree – which occurred in nearly 2 per cent of cases. Other red flags included:

• Having a criminal record (1.5 per cent).
• A civil litigation record (1.27 per cent).
• Providing a fake address (also 1.27 per cent).

To round out the findings, the operations team found bankruptcy records, fake certificates and negative references among 0.85 per cent of those screened.

Get answers to frequently asked questions about background checks/screening cost, guidelines, check references etc. This eBook is a compilation of all of the background screening related questions you ever needed answers to:

• Does a candidate have to consent to process a background check/screening?
• How long does it take to conduct a background check?
• When should I conduct pre-employment checks?
• How often should I screen employees?
• How to collect references, and what to ask?
• How much does it cost to conduct background checks?
• What is the difference between employment history verification and employment reference?
• How do I check on entitlement to work?
• How to conduct identity checks?
• What will a financial regulatory check show?
• Is it possible to identify conflict of interest during checks?
• What is a bankruptcy check?
• What about directorships and shareholding search?
• Can I have access to a criminal watch list?
• Anti-money laundering check?
• Can we conduct FACIS (fraud and abuse control information system) searches?
• … and MORE!

Taken as a whole, it is the perfect primer for any HR professional, business leader and company looking to avoid employee background screening risks. It provides the tools and knowledge needed to make the right decisions.

Download your “Employee Background Screening FAQ” FREE ebook now!

FAQ employee background screening

Filed under:

Responsible Management and CEOs

As of 13 August 2020, COVID-19 has affected more than million people globally, including 744,385 deaths, reported to WHO. The virus has also had severe economic implications, leaving organizations facing a unique set of new challenges that can only be summed up in one word: uncertainty. And the only way to navigate these uncertain times is through leadership. This is critical right now, as COVID-19 has magnified societal vulnerabilities. Good leaders can and should lead society into a new “normal”. However when Harvard economist Greg Mankiw argued in a New York Times opinion piece that CEOs are qualified to make profits, not lead society this is somewhat inadequate to the times we live in now. Furthermore, Doug Sundheim, contributor at Forbes, has argued in his article “CEOs Have A Responsibility To Help Lead Society” that Greg’sc arguments just simply do not fit today’s business models. This “shareholder-first business model” originated from 1970, however 50 years on a lot has changed and at a time when over 70% of the largest entities on earth are corporations, not nations, Mankiw’s view is troubling. 

The sheer number of corporations around the world should make us understand that business impacts societies on a global scale; therefore, business leaders have the responsibility to at least consider those societies and how they impact them. The singular management goal of CEOs is no longer about maximizing returns to shareholders, but to support society as business has grown more interconnected and complex. Today, business and society are weaved together in an intricate way, both depending on the other for stability and success. 

The COVID-19 pandemic has also changed businesses and created a surge in the number of positive collaborations between companies, institutions and governments. Our article “COVID-19 prompted innovative leadership” reflects how Mankiw fails to grasp the world in which CEOs are now in fact leading communities and helping societies.

Mankiw asks the reader to imagine having to make an executive decision and how effective and simplier it is when your only priority is profits, and not the wider set of stakeholders – i.e., employees, suppliers, communities, and shareholders. Mankiw defends the idea that corporate management’s mandate should be the narrow self-interest of achieving greater profits for shareholders, not broad social welfare. He goes on to list several additional hypothetical questions. A social-driven leader would have to consider:

• How do you weigh those losses against the gains to the would-be workers at the new plant?
• How much will the closure of the old plant hurt its workers and their community?
• Does it matter whether the new plant is in South Carolina, providing jobs for American workers, or in Mexico, providing jobs for Mexican workers?
• How should you weigh the benefit of electric cars in mitigating climate change? 
• How should you balance these concerns against the interests of shareholders, who entrusted you to invest their savings?

However, the above questions are now part of the many new demands from consumers, talent and governments. 

Consumers have changed; they are no longer only interested in the end product. Consumers are demanding more from companies for their buy-in. And every corporate leader has to include some version of the above questions in their considerations if they want to succeed. Top CEOs say social responsibility should be prioritised over profits proving that social responsibility planning; it’s officially basic business planning. Last year the bosses of 181 Leading US’s biggest companies dropped the shareholder-first principle – they changed the official definition of “the purpose of a corporation” (from making the most money possible for shareholders) to “improving our society.”

Most successful CEOs and corporate leaders have profit in mind, and they always will; but they are also considering the needs of a variety of stakeholders, including the communities they impact. In this day and age, CEOs and corporate leaders are rising up to social expectations and are balancing the demands of multiple stakeholders.

Mankiw questioned CEOs’ and corporate leaders’ ability to be broadly competent social planners.  Paul Polman (former Unilever CEO) talks about creating collective courage. He rightly argues that it’s difficult for one industry player to impact an issue like reducing greenhouse gases because of the loss of competitiveness. However, if 20% of industry players come together, they can begin tipping the scales.  It’s starting to happen. In this way, by unifying their efforts, corporations, governmental agencies, and NGOs can partner to lead society.

CEOs and other leaders now find themselves in a changed world … they can and should play a variety of leadership roles that move beyond narrow profit maximization. This is a social responsibility, not broad social planning. Short-term earnings no longer feature in the top of the mission statement for most successful companies. We’re starting to find our way back to a more balanced view, and we need CEOs’ leadership in the process.

Mankiw admits that the world needs people to look out for the broad well-being of society – elected leaders who are competent and trustworthy – but those people are not CEOs. However, Mankiw fails to acknowledge just how much influence CEOs and corporate leaders have over our elected officials and the legislative process. Today, large corporations and their associations outspend labour and public interest groups 34 to 1 on lobbying efforts in the US.

In today’s high-risk environment, businesses have to pay attention to their social and environmental roles not only due to demand, but out of responsibility for the damage they (can) cause. For example, companies that contribute to, but then deny, climate change – the attorneys general of several American states launched investigations into ExxonMobil and whether they had committed fraud by sowing doubts about climate change – even as its own scientists knew it was taking place to firms involved in botched Grenfell Tower revamp refusing to accept responsibility for tragedy. Then there is Chamath Palihapitiya, former Facebook executive, who expressed regret for his part in building tools that destroy ‘the social fabric of how society works’. Companies are responsible for causing great damage on a human scale. We have to hold companies, CEOs and brands accountable for their destructive impact in today’s society; while they have a responsibility to support and help lead society.

CEOs and corporate leaders are exerting immense influence behind the scenes; therefore, qualified CEOs and corporate leaders should step up and help lead on the thorny economic issues of the day. However, with great power comes great social responsibility. Not all of the corporate leaders are equipped to lead societies; therefore, they should take a significant weight off the scale. Contrary to what Mankiw and others of his mindset might think, we must continue to demand more from our corporations, their boards, and their CEOs and leaders. Corporate leaders can make a unique and lasting positive impact, too.

About us…

Based in London, CRI® Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, 

In 2016, CRI® Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI® Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organizations. Contact ABAC® for more on ISO Certification and training.

MEET THE CEO

Zafar I. Anjum is Group Chief Executive Officer of CRI® Group (www.crigroup.com), a global supplier of investigative, forensic accounting, business due to diligence and employee background screening services for some of the world’s leading business organizations. Headquartered in London (with a significant presence throughout the region) and licensed by the Dubai International Financial Centre-DIFC, the Qatar Financial Center – QFC, and the Abu Dhabi Global Market-ADGM, CRI® Group safeguard businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. CRI® Group maintains offices in UAE, Pakistan, Qatar, Singapore, Malaysia, Brazil, China, the USA, and the United Kingdom.

Contact CRI® Group to learn more about its 3PRM-Certified™ third-party risk management strategy program and discover an effective and proactive approach to mitigating the risks associated with corruption, bribery, financial crimes and other dangerous risks posed by third-party partnerships.

CONTACT INFORMATION

Zafar Anjum, MSc, MS, CFE, CII, MICA, Int. Dip. (Fin. Crime) | CRI® Group Chief Executive Officer

37th Floor, 1 Canada Square, Canary Wharf, London, E14 5AA United Kingdom

t: +44 207 8681415 | m: +44 7588 454959 | e: zanjum@crigroup.com

Filed under: Background Investigation, Compliance Solution, COVID-19 Insights,