Common Fraud in the Pharmaceutical Industry Reported by Whistleblowers

Pharmaceutical Fraud

Pharmaceutical fraud involves activities that result in false claims to insurers or programs such as Medicare in the US or equivalent state programs for financial gain to a pharmaceutical company. Several different schemes are used to defraud the health care system, which is particular to the pharmaceutical industry. These include:

• Good Manufacturing Practice (GMP) Violations,
• Off Label Marketing,
• Best Price Fraud,
• CME Fraud,
• Medicaid Price Reporting, and
• Manufactured Compound Drugs.

The pharmaceutical industry is regularly found to be engaging in fraud of many types, and it appears as though each year, the number of pharmaceutical fraud is on the rise. Each year big pharma giants end up spending billions of dollars in paying for fraud, misrepresentation of data and other such corruption allegations levelled out against them. In the last years, global pharma giants have paid fines to the tune of $11 billion for criminal wrongdoing, including withholding safety data and promoting drugs for use, beyond any licensed condition; GlaxoSmithKline paid a $3 billion settlement, Pfizer $2.3 billion settlement, and Merck $650 million settlement. Damages from fraud can be recovered using the False Claims Act, most commonly under the qui tam provisions, which rewards an individual for being a “whistleblower” or relator (law).

July of 2021 saw Bolton pharmacist David “Jason” Rutland pleading guilty to conspiracy to solicit and pay kickbacks and bribes in a $182.5m fraud case in which Rutland himself pocketed $13.3m. This conspiracy is noted as the state’s largest health care/pharmaceutical fraud to date. It is estimated that more than $515 million in fraudulent prescription billings were made to TRICARE, Medicare, Medicaid, and private health care benefit providers in Mississippi.

In the US, whistleblowers are uniquely positioned to report this fraud to the government under the False Claims Act.

Common Fraud in the Pharmaceutical Industry Includes:

• Unlawful Kickbacks
• Clinical trials manipulation/fraud against the Food and Drug Administration (FDA)
• Off-label marketing/Food Drug and Cosmetic Act (FDCA) violation
• Failure to comply with Current Good Manufacturing Practices (CGMP) requirements
• Compounded drug fraud
• Illegal drug-switching
• Misuse of the 340B drug discount program
• Medicaid best price fraud
• Medicare Part D Fraud
• Fraud by Pharmacy Benefit Managers (PBMs)

Understanding the Most Common Types of Pharmaceutical Industry Fraud Reported by Whistleblowers

Unlawful Kickbacks

The pharmaceutical industry influences doctors’ prescribing habits, especially in the US. Drug manufacturers and distributors may pay unlawful kickbacks to physicians or others in the form of sham “consulting fees,” luxury vacations, and expensive meals in exchange for increased prescriptions of the company’s drugs.

Clinical Trials Manipulation/fraud Against the Food and Drug Administration (FDA)

Drug manufacturers must obtain FDA approval before marketing a new drug. The FDA approves new drugs proven safe, effective, and properly labelled following extensive preclinical and clinical testing and analysis, which results in a wealth of data regarding the drug’s safety, efficacy, pharmacology and toxicology. The FDA relies on the accuracy of the data that drug manufacturers submit in New Drug Applications (NDAs). Pharmaceutical companies that make false statements to the FDA, omit relevant data in NDAs, or otherwise misrepresent the safety or efficacy of drugs in clinical trials can be subject to False Claims Act (FCA) liability. The same is true of drug companies that pay researchers to falsify clinical trial data.

Off-label Marketing/Food Drug and Cosmetic Act (FDCA) Violation

Pharmaceutical companies may not promote their drugs for uses, doses, or populations not specifically approved by the FDA as safe and effective. Such “off-label” marketing and promotion violates the FCA. This could include, for example, if a drug is approved for use in treating severe psychiatric disorders, and the drug company’s sales representatives promote it for widespread use in calming elderly patients in nursing homes.

Failure to Comply with Current Good Manufacturing Practices (CGMP) Requirements

Drug and medical device manufacturers are subject to strict FDA manufacturing rules known as the Current Good Manufacturing Practice (CGMP) regulations. The CGMP exists to ensure manufactured drugs’ identity, strength, quality, and purity and protect consumers from tainted, ineffective, and harmful drugs. Government-funded healthcare programs pay for prescription drugs on the premise that CGMP regulations have manufactured the drugs. If they are not, it can be a violation of the False Claims Act. This could include, for example, a pharmaceutical company’s manufacturing facility using dirty equipment to make drugs, or using equipment that does not accurately measure the type or amount of the active ingredients incorporated into a drug, and then selling these tainted drugs to patients covered by Government-funded health care programs.

Compounded Drug Fraud

Compounding pharmacies prepare medications tailored to meet the needs of individual patients by mixing drugs or changing the route of administration. Compounding pharmacies can violate the FCA by making large batches of drugs—known as mass-compounding—rather than providing the required individualised service, “compounding” drugs that are already commercially available, or inflating the number of particular medications used in the mixture to increase the cost. Compounded drugs are primarily regulated by the states, meaning efficacy and safety need not be proven to the FDA.

Illegal Drug-switching

As a general rule, pharmacies must fill patients’ prescriptions as written by the ordering physician. Putting aside situations where a generic drug may be substituted for a name-brand drug, pharmacists may not simply replace one drug for another or dispense a liquid form of a drug when a pill or tablet was prescribed. Billing government insurers for medications that have been so manipulated can violate the False Claims Act.

Misuse of the 340B Drug Discount Program

The federally mandated 340B drug discount program requires most drug companies to provide hefty discounts — typically 20 to 50 per cent — to hospitals and clinics that treat low-income and uninsured patients. Pharmaceutical companies are required to cap outpatient drug prices at a statutorily defined “ceiling price” equal to the Average Manufacturer Price (AMP) reduced by the rebate percentage or Unit Rebate Amount (URA). Manufacturers submit both the AMP and URA to the Centers for Medicare and Medicaid Services (CMS) quarterly and can defraud the government by misrepresenting these figures, overcharging 340B entities, and/or not providing rebates to which 340B entities are entitled.

Medicaid best Price Fraud

To obtain Medicaid coverage of their drugs, pharmaceutical companies generally must promise to give state Medicaid programs the lowest price made available to almost any buyer of the drug. To provide this price, pharmaceutical companies report their “best price” on a drug—often calculated based on the drug’s “average wholesale price” or “average manufacturer price”—and payback to Medicaid in rebates any amount the programs paid more than this price. Pharmaceutical companies can defraud Medicaid and violate the False Claims Act by manipulating their “best price” to reduce the amount of money they must return to state Medicaid programs.

Medicare Part D Fraud

Implemented in 2006, Medicare Part D, also referred to as the Medicare Prescription Drug Program, provides drug coverage for tens of millions of elderly and disabled Americans. Under the program, private insurance companies—referred to as Part D Sponsors—offer prescription drugs to eligible beneficiaries directly or through pharmacy benefit managers (so-called “PBMs”) and then submit claims to Medicare for the drugs’ cost. Fraud can occur under Medicare Part D in many ways, including:

Some of the more common types of fraud occurring under the Medicare Part D program include:

• Billing for drugs not provided.
• Billing for drugs not covered by Medicare.
• Billing for brand name drugs when generic drugs are provided instead.
• Billing for drugs—especially opioids and other controlled substances—diverted for illegitimate purposes.
• Billing for expired drugs.
• Billing for drugs dispensed without a prescription or with a falsified prescription.
• Billing for drugs dispensed with prescriptions from unauthorized, excluded, or non-existent healthcare providers.
• Billing for drugs provided in quantities that exceed approved limits.

Fraud by Pharmacy Benefit Managers (PBMs)

PBMs are an increasingly common target of fraud investigations. PBMs are third-party administrators of prescription drug programs for, among others, Medicare Part D plans. PBMs contract with health plans to provide pharmaceuticals at low prices, which PBMs keep low through negotiation, generic substitution, manufacturer rebates, cost-sharing, formularies, and other methods. PBMs commit fraud by failing to pass savings from rebate arrangements and subsidies to clients, developing forms that favour more expensive drugs, and improperly switching drugs to generic or different brand name drugs instead of prescribed drugs. Drug manufacturers commit fraud by, for example, providing price concessions on certain drugs in exchange for a PBM’s favourable coverage of the manufacturer’s drug.

Filed under: All Regions, All Solutions, Global, Pharmaceutical & Healthcare, Resources by admin
1 Comment »

How Risky is Non-Compliance to Your Business?

How Risky is Non-Compliance to Your Business?

Last year we saw our fair share of AML (anti-money laundering) failures and violations, resulting in eye-watering FCA and HMRC fines. According to Ponemon Institute and security company GlobalScape recent report, the annual cost of non-compliance to businesses now runs an average of $14.8 million, a 45 per cent increase since 2011.

In recent years, adhering to the laws and standards and monitoring the Compliance of business processes has evolved as a major concern for business owners. Meanwhile, the range can be anywhere from $2.2 million to $39.2 million. On the other hand, the cost of Compliance was found to average $5.5 million, up 43 per cent from 2011.

Staying compliant with ever-evolving regulations has become an ‘obvious’ business imperative, and failing to adhere to these regulations can put organisations in a fix. Before we dive into the risks of falling into the ‘non-compliant dungeon, ‘ let’s understand corporate Compliance. Operating in a multiplicity of countries inevitably also means complying with any local regulations.

VIEW RISK MANAGEMENT BROCHURE

What is Corporate Compliance?

Compliance at the corporate level involves adhering to a wide range of rules, regulations, laws, and standards designed to protect every aspect of your business. Right from obeying safety guidelines to following the standards for paying wages, an organization must comply with all the local, state, and federal laws.

Monitoring the Compliance of business processes with relevant regulations, constraints, and rules during runtime has evolved as a major concern in practice. Monitoring refers to continuously observing possible compliance violations and includes predicting their occurrence. Since the concept of business process compliance is vast, approaches related to process monitoring are hard to identify.

The cost of non-compliance and monetary fines have continuously increased in the past few years. However, business owners are becoming impatient, as these consequences would affect the organization. Increased complexity, enforced business changes, and individuals being held personally accountable are all set to continue because of continuous compliance failures.

Why is Compliance Crucial?

The following are six fundamental reasons why an organization should implement statutory Compliance.

• Reason No. 1: is required by Law – All registered companies are mandatorily obligated by the law to follow statutory regulations and comply with them.
• Reason No. 2: surprise audits – Non-compliance also invites unnecessary inspection and audits, leading to a waste of time and money.
• Reason No. 3: the financial penalties are high – Failing to adhere to statutory Compliance will lead to hefty fines and indirect losses to organisations.
• Reason No.4: potential imprisonment for everyone involved – Severe cases of non-compliance could result in imprisonment of the organisation’s CEO/Directors/Board members.
• Reason No.5: Brand Value and Market Reputation – Payment of fines and imprisonment can destroy a company’s brand name in the market it thrives in.
• Reason No.6: the organization can be forced to a shutdown – In cases that exhibit perilous non-compliance, authorities can even order companies to cease operations.

Several examples in the global business environment show the repercussions of non-compliance. Look at the following cases:

• Amazon found guilty of breaching Dangerous Goods Regulations
• Thames Water was ordered to pay record £20 million for river pollution
• Google Is Fined $57 Million Under Europe’s Data Privacy Law
• Westpac accused of 23 million breaches by money-laundering watchdog
• Italy’s civil aviation authority ENAC threatens to ban Ryanair over alleged non-compliance

The biggest fine so far was the £102m imposed on Standard Chartered for “poor AML controls”, which saw “breaches in two higher risk areas of its business.” This is the second-largest financial penalty for AML failures imposed by the FCA.

Improve Your Compliance

A comprehensive compliance solution:

• Reduces business risks;
• Helps to expedite global expansion;
• Enhances control and visibility; and
• Enables the elimination of business risks/

After all, when it comes to non-compliance issues, ignorance of the law is no defense. As they say – “Being Compliance is not a choice, but a mandate” the regulatory environment will only get fiercer day by day, and companies that miss staying abreast of the global legal amendments might regret big-time.

The UAE, for example, has cracked down on their “Ultimate beneficial owner” (UBO) compliance requirements – a requirement that costs roughly Dh15 but results in a penalty of Dh15,000 up to Dh100,000 if businesses fail to comply. The UBO requirement was set up to prevent illicit activities such as money laundering or financing of terrorism.

The requirement reveals anyone who has direct or indirect control of an organization and requires all such information to set up or renew business licenses to the UAE Government. It’s great to see so many new procedures being put in place that can help you safeguard your business. Are you interested to know how your organisation can excel in global Compliance?

LET’S TALK

Anti-money Laundering solutions made easy…

There are many advantages to outsourcing portions of your Anti-Money Laundering (AML) compliance program to CRI Group™ . CRI™ Anti-money laundering (AML) advisory services help analyze systems and develop effective solutions that reduce your company’s risk of falling prey to employee, supplier or outside corporate and financial crimes. An effective AML framework is a testament to your organization’s position against crime. Our unmatched investigative capabilities, worldwide presence and a long-standing reputation for independence and integrity make us uniquely qualified to resolve regulatory concerns.

Our vast Anti-Corruption and Compliance network provides the protection you need when making critical bottom-line decisions crucial to your organisation’s success. Leave it for experts. Ensure you have the 360-degrees analysis of your challenges – get in touch with the experienced CRI Group’s AML team for a bespoke quote.

Get a FREE QUOTE

Take a proactive stance with the highest level of Anti-Money Laundering (AML) compliance as a part of your essential corporate strategy. Contact us today to learn more about our full range of services to help your organization stay protected.

LET’S TALK

CONTACT INFORMATION

Zafar Anjum, MSc, MS, CFE, CII, MICA, Int. Dip. (Fin. Crime) | CRI Group™ Chief Executive Officer

37th Floor, 1 Canada Square, Canary Wharf, London, E14 5AA United Kingdom

t: +44 207 8681415 | m: +44 7588 454959 | e:

Filed under: All Industries, All Regions, All Solutions, Global, Resources by admin
2 Comments »

Inadequate Due Diligence Hit Space-Transport SPAC Momentus $8 Million SEC Fine

Inadequate Due Diligence Hit SPAC Momentus $8 Million SEC Fine

Inadequate due diligence hit SPAC Momentus $8 million SEC fine after misleading investors. The Securities and Exchange Commission (SEC) has charged the Momentus particular purpose acquisition company (SPAC), its sponsor SRC-NI, the sponsor’s CEO Brian Kabot, the company, and founder Mikhail Kokorich – which involved in a $1.2 billion space-transport SPAC for defrauding investors and obscuring the CEO’s status as a US national security risk.

The Fraud Claimed

The SPAC, Stable Road Acquisition Corp, had sought to merge with Momentus, a private start-up, to take it public. Momentus’s key offering was a “microwave electro-thermal water plasma thruster,” a way of zapping water vapour to propel a spacecraft, intending to transport satellites into space.

But Momentus’s propulsion tech failed to show results, according to SEC filings. A test mission fell well short of the company’s benchmarks, and a former Momentus employee said that the test yielded “no data to suggest that that thruster would deliver an impulse of any commercial significance.”

According to the SEC’s settled order, Kokorich and Momentus, an early-stage space transportation company, repeatedly told investors that it had “successfully tested” its propulsion technology in space when, in fact, the company’s only in-space test had failed to achieve its primary mission objectives or demonstrate the technology’s commercial viability.

The order finds that Momentus and Kokorich also misrepresented the extent to which national security concerns involving Kokorich undermined Momentus’s ability to secure required governmental licenses essential to its operations.

Join our mailing list and get exclusive industrial insights for subscriber-only!

The Compliance Issue: Inadequate Due Diligence

The SEC’s settled order finds that Stable Road repeated Momentus’s misleading statements in public filings associated with the proposed merger and failed its due diligence obligations to investors.

According to the order, while Stable Road claimed to have conducted extensive due diligence of Momentus, it never reviewed Momentus’s in-space test results or received sufficient documents relevant to assessing the national security risks posed by Kokorich.

The order finds that Kabot participated in Stable Road’s inadequate due diligence and filed its inaccurate registration statements and proxy solicitations. The SEC’s complaint against Kokorich includes factual allegations that are consistent with the findings in the order.

“This case illustrates risks inherent to SPAC transactions, as those who stand to earn significant profits from a SPAC merger may conduct inadequate due diligence and mislead investors. Stable Road, a SPAC, and its merger target, Momentus, both misled the investing public. The fact that Momentus lied to Stable Road does not absolve Stable Road of its failure to undertake adequate due diligence to protect shareholders. Today’s actions will prevent the wrongdoers from benefitting at the expense of investors and help to better align the incentives of parties to a SPAC transaction with those of investors relying on truthful information to make investment decisions.

SEC Chair Gary Gensler

The Litigation Against Momentus, Stable Road, and Kabot

Associate Director of the SEC’s Division of Enforcement, Anita B, mentioned in her statement that Momentus’s former CEO alleged to have engaged in fraud by misrepresenting the viability of the company’s technology and his status as a national security threat, inducing shareholders to approve a merger in which he stood to obtain shares worth upwards of $200 million.

The SEC’s order finds that Momentus violated scienter-based antifraud provisions of the federal securities laws and caused sure of Stable Road’s violations. It also considers that Stable Road violated negligence-based antifraud provisions of the US federal securities laws as well as specific reporting and proxy solicitation provisions.

The order finds that Kabot violated provisions of the federal securities laws related to proxy solicitations. Kabot and SRC-NI caused Stable Road’s violation of Section 17(a)(3) of the Securities Act of 1933. Without admitting or denying the SEC’s findings, Momentus, Stable Road, Kabot, and SRC-NI consented to an order requiring them to cease from future violations. Momentus, Stable Road, and Kabot will pay civil penalties of $7 million, $1 million, and $40,000, respectively.

Inadequate due diligence hit SPAC Momentus $8 million SEC fine. Source: US Securities and Exchange Commission 

What do you actually know about the integrity of the 3rd party and their way of doing business? Do they adhere to (inter)national regulations on anti-bribery and anti-corruption? Is it possible that there is a liability risk?

Due diligence on potential business partners when adding a new vendor or even hiring a new employee is vital to confirm the legitimacy and reduce the risks associated with such professional relationships. Global integrity DueDiligence360^TM investigations provide your business with the critical information it needs in making sound decisions regarding mergers and acquisitions, strategic partnerships, and the selection of vendors, suppliers, and employees. It will ensure that working with an, i.e. potential trade partner will ultimately achieve your organisation’s strategic and financial goals.

At CRI Group, we specialise in Integrity Due Diligence, working as trusted partners to businesses and institutions worldwide. Our people work with energy, insight and care to ensure we provide a positive experience to everyone involved – clients, reference providers and candidates. CRI’s unique identity and vision evolved from our fundamental desire to support our clients and their candidates. Safeguard your business and its integrity with DueDiligence360™.

Our DueDiligence360™ expose vulnerabilities and threats that can cause serious damage to your organisation and can significantly reduce business. CRI Group is trusted by the world’s largest corporations and consultancies – outsource your due diligence to an experienced provider, and you will only ever have to look forward, never back.

CRI Group investigators employ a proven, multi-faceted research approach that involves a global array of databases, courts and public record searches, local contacts, industry and media resources, and in-depth web-based research. Our resources include:

Protect your reputation and the risk of financial damage and regulator action using our detailed reports. They enhance your knowledge and understanding of the customer, supplier, and third-party risk, helping you avoid those involved with financial crime.

Filed under:

To Check or Not to Check?

Background Checks: To Check or Not to Check?

Background checks don’t tend to make international news. They are the low-key diligent step in most well-managed recruitment processes to comfort employers that the person they are hiring is everything they seem – and nothing more.

That’s why the background checks of Belle Gibson, a super influencer who lied about having cancer, and Brett Kavanaugh, a nominee to the US Supreme Court, tend to make news headlines for who can you trust if not those in direct line of the public eye?

The Story of Belle Gibson & Brett Kavanaugh

Belle Gibson was a Melbourne “wellness” who rose to fame after sharing her story on Instagram of her terminal brain cancer and how she controls it through the power of healthy eating. Gibson claimed to have kept her cancer under control by turning away conventional medicinal practices and instead of following what she termed a “wellness” diet, a diet consisting of avocados, berries, no alcohol and so on.

Sounds impressive, right? To rid yourself of an incurable disease simply through eating better? Think again – it is too good to be true. The influencers lie caused untold damage, including turning a 44-year-old mother away from her chemotherapy in hopes of attaining Ms Gibson’s lifestyle.

But the reason why this lie broke headlines is because of what followed; a book deal with Penguin Books publishing company and an Apple app titled ‘The Whole Pantry’. It was evident that neither the tech giants nor the publishers thought to verify her assertions, thus leading to a $320,000 fine and a lot more emotional damage for the individual’s that Ms Gibson had provided false hope.

Context is everything, of course, and this job-for-life is one of the more crucial public office positions in the United States. Mr Kavanaugh had undergone six separate background checks during his career before the latest, which the FBI recently completed on behalf of the White House. Each of these will have been meticulous and thorough, right down to interviews with neighbours and acquaintances.

But you don’t have to be entrusted with national security clearance to pose a real risk to your employer. All staff members are in a position of trust, and even the humblest labourers or office workers will have privileged access to property – whether physical or intellectual. And this is not a theoretical risk – it’s a truism that employees or contractors cause the vast majority of security breaches.

The Compliance Perspective

Interviewing the ex-wives and sports coaches of factory and desk clerks is overkill and not economic. And that is where professional background checking comes in. It allows low hassle, cost-effective and fast checking for all recruits and employees to ensure everyone is what they claim to be, from the CEO to the company mascot.

Such checks will cover everything required to give HR directors and governing boards peace of mind: from criminal record checks and right-to-work documentation to education and qualification verifications and employment records.

A properly systematised process, supported by local intelligence, is essential to keeping costs low without compromising quality or effectiveness.

CRI Group is one of the few providers with a truly global reach and more than thirty years of experience in the sector. Our proven process means that we have one of the fastest turnaround times in the industry – typically just 3-5 days. Meanwhile, our more than 175 investigatory experts on the ground across the US, Europe, the Middle East and Asia, ensure we can navigate local customs, processes and regulations, no matter where your employees are based.

About CRI Group

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, 

We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds B.S. 102000:2013 and B.S. 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched the Anti-Bribery Anti-Corruption (ABAC ) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification.

ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s international team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC for more on ISO Certification and training.

Filed under: All Industries, Background Investigation, Industry Insights, Resources, United States of America, New York by admin
No Comments »

How to Identify and Prevent Employee Fraud?

In 2017 the major European ABB conglomerate admitted that an employee took advantage of serious management failings to disappear with $103 million of the firm’s cash. According to CNN business, ABB CEO Ulrich Spiesshofer and Chief Financial Officer Eric Elzvik admitted that the organizations managers had failed to maintain sufficient segregation of duties in the treasury unit of its subsidiary in South Korea and did not provide enough oversight of local treasury activities.

To top it all off, ABB also failed to keep the signature seals of the South Korean unit secure which as a result, has lead the company became “bound to unauthorized financial contracts, resulting in undetected financial obligations.” 

Organizations rely on the honesty and integrity of their employees, however employee fraud does unfortunately cost companies vast sums of money. Employee fraud is a reality across all sectors – no matter how credible a job applicant is and how stringent your hiring process is – your business is at risk.

Tips on Identifying and Preventing Employee Fraud

When you trust your employees, it is difficult to think the worst of them, even when there are red flags – circumstances or patterns that are out of the ordinary – alerting you to the contrary. If you have suspicions of employee fraud, it is recommended to hire a forensic accountant to help you detect fraud, understand your circumstances, and put together evidence to target and confront the employee without tipping them off.

The good news is that you can plan and train your team to prevent this from taking place; the best thing you can do for your business is to learn how to recognise the warning signs of employee fraud and have robust procedures in place to minimise the risks and opportunities for fraud. Employee fraud covers a wide range of fraudulent activities in the workplace and can vary in seriousness including embezzlement.

Embezzlement involves an employee who transfers company funds into their bank account. One example of an act of embezzlement is deliberately writing cheques in the employees’ name or diverting company assets without authorisation, e.g. customers unknowingly pay into an employee-controlled bank account, not the business’. This is serious fraudulent behaviour, but employees usually get away with it without raising any suspicion by creating non-existent suppliers and fake employees or using counterfeit credit notes to hide/disguise misappropriated monies.

An easy way to spot this type of financial fraud is to scour through the bank statements and financial records of your organisation and check for irregular activities or patterns of unusual and unauthorised transactions.

Another common sign of embezzlement is when either an employee or a manager/director begins to enjoy a lavish lifestyle that is obviously beyond their means, e.g. holidays, cars, clothes/jewellery. In the case that you suspect an employee or director might be embezzling funds from within your company, it is essential to be discreet in your employee fraud investigation to prevent the employee from covering their tracks and disposing of substantial evidence.

Other Common Types of Employee Fraud

• Commission fraud – inflating sales figures to gain a more significant commission than deserved.
• Petty fraud – for example, embellishing an expense claim or taking office supplies.
• Money laundering – hiding the origin of illegally obtained money and washing it through your business.
• Insider Trading – making a profit by using valuable information that is unavailable to the public to their advantage, for example, confidential information that could impact the prices of shares, securities, goods/commodities.
• Manipulation of accounts – false information on sales, purchases or stock can be used to perpetrate fraud for personal financial gain, e.g. overstated trading profits to receive cash/share bonuses, or get a promotion, creating false trading accounts or stock/fixed asset write-offs to obtain goods.

What Can You Do (as an employer) to Minimize Employee Fraud?

The most effective way to minimize employee fraud as an employer is to implement robust management procedures and employee background screening; the implementation of these preventative measures will ensure staff are adequately investigated and monitored and consider the possibilities for collusion between employees – including a conflict of interest. Paying attention to only the procedures within your accounts department is not sufficient. The same procedures can help you across your operations, including sales and procurement.

Minimize the chances of employee fraud with the following procedures:

• Separation of employee responsibilities such as placing orders, recording invoices and collecting debts.
• Requiring purchase or payment authorization by more than one person.
• Compare actual to budgeted expenditure for unexpected patterns.
• Examine bank reconciliations thoroughly.
• Scrutinize cancelled cheques and cheques made out to employees or unusual vendors.
• Review supplier invoices for significant amounts, pricing or volumes.
• Verify credit notes and write-offs with receiving records.
• Install and monitor CCTV to deter theft of stock or equipment.

Fraud Triangle

An American criminologist, Donald R Cressey, devised a theory that involved three aspects that trigger fraud. Understanding these triggers will help you prevent fraud:

• Opportunity – the lack of internal controls or reporting structure/oversight increase the chance of fraud.
• Rationalization – the fraudster will rationalize the continued deception, which increases slowly, perhaps over a few years, becoming an entitlement, i.e. I deserve this. This offers the chance to stop some employee fraud early if robust detection procedures are in place.
• Pressure – overwhelming pressure, be it business factors such as company targets to meet or personal pressures, such as gambling or financial problems.

Implement Pre-employment and Post-employment Employee Screening Now!

Preventing financial loss is crucial for your business’s survival and expansion, which is why it’s essential to know and understand its obvious signs. Use the list above as a guide to protecting your organization.

To detect employee fraud professionally and thoroughly, it is recommended you seek the expertise of a skilled employee fraud accountant as early as possible. They can help you investigate your employees by reviewing your bank statements and financial documents and advise you whether an employee is committing fraud and to what extent. A forensic accountant’s report will also give you the evidence you need to take the necessary action against your employee and act as a deterrent to others.

For a Free and Confidential Chat to Discuss How We Can Help Your Business, contact us. 

Filed under: All Industries, All Regions,

John Wood Group to Pay $177 Million to Settle Bribery Charges Inherited Through its Merger

John Wood Group Bribery Probe Trace Back to its Merger with Amec Foster Wheeler Plc.

The Importance of Due Diligence in Merger and Acquisition to Avoid a Similar Incident Happened like in John Wood Group.

Due diligence is understood as the reasonable steps taken to satisfy legal requirements in the conduct of business relations. That allows you to reduce risks – including risks arising from the FCPA (Foreign Corrupt Practices Act) and the UKBA (UK Bribery Act), to make informed decisions and to pursue takeovers or mergers with more confidence.

Unlike other kinds of control (audits, market analysis, etc.), it must be completely independent and rely as little on information provided by the researched subject. The other important difference lies in the methodology: commercial or financial due diligence analyses available information, investigative type provides reliable and pertinent, but raw, information.

Due diligence on potential business partners when adding a new vendor or hiring a new employee is vital to confirm the legitimacy and reduce the risks associated with such professional relationships. Global integrity due diligence investigations provides your business with the critical information it needs to make sound decisions regarding mergers and acquisitions, strategic partnerships, and the selection of vendors, suppliers, and employees.

It will ensure that working with an, i.e. potential trade partner will ultimately achieve your organisation’s strategic and financial goals. CRI Group investigators employ a proven, multi-faceted research approach that involves a global array of databases, courts and public record searches, local contacts, industry and media resources, and in-depth web-based research. Our resources include:

Filed under:

Looking for a Service Provider Due Diligence Checklist?

Due Diligence Checklist

Due diligence checklist and service provider. There are many risks implicit in doing business, and CEO’s and risk management officers face many internal and external threats. Most organisations face preventable risks; however, the burden of identifying risks can be too much, especially when dealing with third-party providers.

Most service providers offerings are often part of organisations’ core functions (i.e. internet-related services or cloud services); they have access to sensitive information, including your clients’ client details (PII), their financial data such as credit cards (PCI), or trade secrets; that impacts your data security or privacy programs; a worrying source of risk and, often than not, they drive up your cost. 

According to Ponemon Institute’s Cost of a Data Breach Report 2020, organisations spend £2.9 million ($3.86 million) recovering from security incidents. And third-party breaches cost $370,000 more than in-house breaches. Third-party breaches do happen, and many organisations aren’t prepared. In fact, Protiviti’s 2019 Vendor Risk Management Benchmark Study found that only 4 in 10 organisations have a fully mature vendor risk management process in place. 

It’s critical to follow a well-defined and comprehensive due diligence process when it comes to service providers. Having a services provider due diligence checklist allows you to see what obligations, liabilities, or any types of risks you’re assuming. 

What Is a Due Diligence Checklist?

A due diligence checklist is an organised way to analyse a service provider you want to work with. Following this checklist, you can learn about the Service Provider liabilities, benefits, and potential problems. Due diligence checklists are usually arranged in a basic format. However, they can be changed to fit different industries and professional relationships. A due diligence checklist can also be used for:

• Preparing an audited financial statement or annual report
• A public or private financing transaction
• Bank financing
• A joint venture
• An initial public offering (IPO)
• General risk management.

However, we developed a complete due diligence checklist for you to use on your service providers for this article. There are six core areas to consider when doing your due diligence vetting a service provider:

1. General company information
2. Financial review
3. Reputational Risk
4. Insurance
5. Information Security Technical Review
6. Policy Review

The questions could change based on your requirements or the company, industry, size, or region. The more you know about potential vendors, the easier it is to assess their risk. Let’s look!

1. Build an inventory of your service providers:

• List the providers of significant core functions
• List any smaller providers who might be working with individual departments

2. Rank each service provider based on risk by asking the following questions:

• What service does this organisation provide?
• Who owns the relationship with this provider?
• Is this provider tied to your organisation’s most critical business operations?
• What data do they have access to?

3. Collect information on each service provider, including basic information:

• A business charter or articles of incorporation (or similar corporate charter)
• Business location, and proof of location.
• Business license: confirm that the company is legitimate
• Overview of company structure
• Information about executives and board members
• Financial information: is the service provider financially solvent? Would you want to partner with a company that may not be in business next year? 
• Insurance: gather information on general liability insurance, cyber insurance, or insurance-specific capabilities.

4. General risk information:

• Is the service provider on any watch lists?
• Any Lawsuits?
• Any negative news coverage?
• Any significant complaints or negative reviews from consumers?
• Is the site physically secure?
• Policy Review

5. Cyber risk Information:

• Security rating
• Assessment questionnaire
• Retrieve the IT system outline
• Any assets exposed to the open Internet?
• Any cases of data breaches?

6. Final risk analysis:

• Calculate your risk: Risk = Likelihood of a Data Breach X Impact of a Data Breach/Cost
• Set a risk rating of high, medium, or low
• Compare the above information with your risk appetite and determine whether your organisation should pursue a relationship with the service provider

How can CRI Group™ Help You Manage and Respond to Risks?

Managing third-party risk can be difficult. The work isn’t done when you understand the risks associated with doing working with third-party providers. With CRI Group™, organisations can make the process simpler and gain a window into their service providers’ risk. 

Due diligence on potential business partners when adding a new vendor or hiring a new employee is vital to confirm the legitimacy and reduce the risks associated with such professional relationships. 

Our global integrity DueDiligence360 investigations provide your business with the critical information it needs in making sound decisions regarding mergers and acquisitions, strategic partnerships, and the selection of vendors, suppliers, and employees. And we offer various levels of due diligence to fit your needs:

• Level I Basic: Basic due diligence
• Level I Essential: Essential due Diligence
• Level II EDD Enhanced Integrity Due Diligence
• Level II EDD Plus Enhanced Integrity Due Diligence

Our Enhanced Integrity Due Diligence services will ensure that working with an, i.e. potential trade partner will achieve your organisation’s strategic and financial goals. To find out more about each level of due diligence, contact CRI Group™ HERE!

Who is CRI Group™?

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, 

We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

Filed under:

ISO 37001 Solutions for All Industries (Part 3)

In part 1, we discussed how ISO 37001 ABMS can help companies across a wide range of industries, including automotive, aviation and insurance. In part 2, we looked at how pharma and healthcare, property, IT and telecommunications organisations can benefit from Anti-Bribery solutions as well. In this final part, we will explore some aspects of how companies from the financial, oil and energy industries could implement ABAC solutions.

Finance

Bribery and corruption are among the top fraud concerns for all financial organisations. These include banks & financial institutions, real estate lenders, business credit and finance companies, commercial investment corporations, asset-based lenders, debt financing firms, acquisition capital firms and others. Having safeguarding processes in place is required both from a legal and compliance standpoint and from the position of being a trusted, secure financial institution. The financial sector includes new Anti-Money Laundering (AML) rules and legislation, and these regulations are strict and increasingly enforced. As such, remaining in compliance through implementing proper prevention controls is a must.

In one high-profile case, between 2006 and 2013, JPMorgan Chase and its subsidiary, JP Morgan Securities (Asia Pacific) Limited (JPM-APAC) took on about 100 Chinese interns and full-time employees who ended up at the centre of a bribery case spread over two continents and worth hundreds of millions of dollars. In order to win business from members of the Chinese government and state-owned companies, JPM-APAC allegedly targeted their children, offering them high-ranking and well-paid positions in the business in order to curry favour with their parents. JP Morgan fell into trouble for allegedly violating the Foreign Corrupt Practices Act (FCPA), and the DoJ called the scheme ‘bribery by any other name’ – alleging that it had threatened national security. In November 2016, the bank was ordered to pay $264 million to settle the claims against it – $130m to the SEC for violations of the FCPA, $72m to the US Justice Department and $61.9m to the Federal Reserve Board of Governors.

CRI Group™ investigates: Pharma corruption case included CFO

ISO 37001 in Oil, Gas and Energy Industries

The oil and energy sector is a massive portion of the world’s economy, dealing mainly in petroleum – including upstream (exploration, development and production of crude oil or natural gas) and downstream (oil tankers, refiners, retailers and consumers) pipeline. The need to prospect, discover, and realise oil and energy production in various (and often far-flung) locations lends to the vulnerability to fraud – but geographic considerations aren’t the only risk factors.  Perhaps even more impactful is the complexity of business relationships required to operate in the industry – relationships with governments, contractors, regulators, investors/venture partners, equipment suppliers and other parties. Every such interaction and dealing can be considered susceptible to bribery and corruption where cutting corners may be considered profitable or even perceived to be “business as usual.”

An infamous example is the case of Petrobras. In December 2017, the world’s largest builder of offshore rigs agreed to pay $422 million in penalties after entering a guilty plea for bribery charges connected with the Petroleo Brasileiro (Petrobras) scandal. Keppel Offshore & Marine Ltd. made illicit payments to both Petrobras officials and government representatives for more than a decade, between 2001 and 2014 (Reuters, 2017). The sweeping multimillion-dollar bribery scandal that rocked Petrobras led to numerous investor lawsuits and the downfall of disgraced government officials. It also served as the embodiment of the huge risk of bribery and corruption that confronts the entire oil and energy sector. See “Oil and Energy Companies Look to ISO 37001.”

Long-lasting Benefits of Certification of ISO 37001

ISO 37001 provides a strong framework for addressing and isolating risk factors in all industries. The benefits of certification are far-reaching, impacting not just the primary organisation but also influencing contractors, clients, and raising the profile of the company as an ethical entity that is a good trading partner. Even more effective, ABAC™ tailors IS0 37001 to the specific needs of the client.

By achieving ISO 37001:2016 certification, an organisation will ensure that it is implementing a viable anti-bribery management system utilising widely accepted controls and systems. It will also assure management, investors, business associates, personnel and other stakeholders that the organisation is actively pursuing internationally recognised and accepted processes to prevent bribery and corruption. Today, companies cannot afford to be reactive to threats of bribery and corruption. By achieving ISO 37001 Anti-Bribery Management System certification today, an organisation will remain in compliance and better positioned to address risks head-on.

Stay updated 

Stay tuned for Part 2 or follow us on LinkedIn, Facebook or Twitter for more industry news and insights.

Sign up for risk management, compliance, corporate and background investigations, business intelligence and due diligence related news, solutions, events and publications.

Who is CRI Group?

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, 

Filed under: All Industries, Anti-Bribery Anti-Corruption Solution, Compliance Solution, ISO 37001, Resources by admin
No Comments »

Procurement Risks: The 5 common Risks Every Organisation Needs to Know!

Procurement Risks: Your Lack of Due Diligence can Lead to Harm

Procurement risks: lack of due diligence can lead to harm. Procurement is one of the most critical areas of any organisation, large or small. Procurement officers secure the materials and goods that a business needs to be productive and successful. They ensure the best possible price, quality, delivery efficiency, and other important considerations.

Unfortunately, due to the very nature of dealing with third-party suppliers/vendors, procurement also requires an elevated level of risk management. As many high-profile cases have shown, supply-line problems can cause financial and reputational damage, sometimes on a grand scale.

The infamous horse meat scandal in the UK presents a classic scenario of the damage from risky third-party associations. Widely known international corporations, including Burger King and others, were forced to cut ties with a meat supplier after facing financial and reputational harm from the news that some of the supplier’s products were tainted with horseflesh.

The revelations of tainted meat resulted in international news headlines, waves of criticism from consumers and food products pulled from shelves and freezers in response to the uproar. As damaging as it was, the crisis helped illustrate why due diligence became more important as supply chains expanded and became more complex, especially among international organisations.

The procurement risks: How to minimise them?

The following are some priorities every organisation should have to minimise procurement risks in their procuring process:

Risk #1 – Know who your suppliers are

Due diligence is as vital in procurement as in any other business area, in some cases, more so. 

Risk #2 – Consider your organisation’s reputation

The horsemeat scandal showed how quickly and drastically it can damage a well-respected organisation’s reputation and brand. Your procurement team should know that while the bottom line is essential, nothing is more critical than protecting the image and brand of the company. Cutting due diligence corners to secure the lowest price is not only unwise – it should be strictly against company policy.

Risk #3 – Find sustainable lines of supply

Seek out suppliers with long, successful backgrounds in their business. Find economically sound and socially conscious companies, using fair labour practices and promoting sustainable resources. It harmed the organisation when it discovered that a supplier was using child labour or other unethical or illegal methods to produce their goods. Implement a code of conduct with expectations for your contractors, suppliers and vendors, and review them regularly to ensure they follow your guidelines.

Risk #4 – Have backup suppliers in place

What happens when your primary vendor is suddenly out of compliance? Or folds up completely? If your production chain grinds to a halt, the damage can be severe and lasting to your organisation’s financial and reputational health. Ensure your procurement team has conducted due diligence on backup suppliers that you can turn to in a crisis. Spending a little more to keep the production lines open will be a small price to pay compared to seeing your business come to a standstill.

Risk #5 – Conduct a thorough risk assessment

Any organisation that hasn’t prepared a risk assessment of its procurement process should immediately do so. How else will you know what red flags or gaps make your organisation susceptible to fraud, waste, risk to reputation, or all of the above? Third-party risk management experts can help you develop and put in place an effective third-party risk assessment plan that keeps your organisation protected and minimises your exposure to unseen or unknown trouble spots.

Every organisation needs a successful and efficient procurement process. It also needs to be safe from the inherent risks with connections to third parties, including suppliers, vendors and contractors. When it comes to procurement, let CRI Group™ help you put proper risk management processes in place so you don’t have to worry about your supply chain putting you in tomorrow’s headlines.

Who is CRI Group™?

Based in London, CRI Group™ works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, 

We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group™ also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

Filed under:

Tackling Corporate Fraud in the Middle East

Tackling corporate fraud in the middle east has become even more challenging during the pandemic. ICAEW Insights sat down with our founder and chief executive, Zafar Anjum, to discuss the rising levels of corporate fraud in the middle east during the pandemic.

Find out how CR™ is using AI to investigate wrongdoing; from fake degrees and doctored CVs to false insurance claims and bogus bills, our corporate fraud investigators in the Middle East have seen it all. Zafar told ICAEW his firm was busier than ever as the pandemic triggered a rise in white-collar crime cases across the region.

From its base in London, CRI has been helping firms in middle east regions like Qatar, Dubai, Abu Dhabi and Saudi Arabia. Regions where anti-fraud frameworks are still being built out inside the embryonic corporate regulatory regimes that govern the Middle East.

“We’ve seen a lot of insurance fraud claim investigations, fake bills, fake debts and fraudulent certificates designed to cheat insurance companies,” Zafar said. “Covid allowed internal controls to be relaxed; people are working from home, so the usual check and balances are missing.”

Filed under: All Industries, All Solutions, Leadership Insights, Middle East by admin
Comments Off on Tackling Corporate Fraud in the Middle East