Confronting the challenges of cross-border fraud examinations

A whistleblower within our organization alleged that high-profile personnel were taking bribes, bypassing laws, creating conflicts of interest and harassing women — all in collusion with local and foreign officials of a government aid agency that provided relief funds and educational scholarships.

The allegations, which arose from a Middle Eastern country, implicated foreign officials from a ministry of a country at war who’d colluded with a senior official from another country that followed the Western judicial system. We now had a complex case that crossed legal, judicial and cultural borders.

During our investigation, we discovered that all the paper trails had literally been burned and electronic data destroyed because of a fire and a virus attack. We were left with no choice but to visit numerous cities in a country at war to check paper records at a university and a government ministry associated with the scholarships. Our evidence and witness statements suggested:

• Candidates applying for scholarships (who were aspiring for better lives) at Western higher-education schools had paid “facilitation payments” (bribes) to scholarship ministry personnel.
• The scholarship ministry had provided some funds to family members of ministry employees who didn’t have the requisite skill sets and qualifications.
• Female scholarship recipients were sexually harassed under the guise of medical examinations in collusion with a hospital physician.

We obtained enough evidence to suggest that some top managers had colluded with a few foreign officials of a Western aid agency. Our investigation took another turn when we found that the mastermind of the scholarship scheme did indeed live in a country with well-established Western laws. So, we then had to research, study and understand those laws before we visited that Western country and interviewed officials in their jurisdiction.

You might eventually work on an internal fraud examination within your global organization that could cross several borders. You can immediately assume, of course, that your examination will be byzantine. If you don’t possess expert knowledge on international laws, procedures and cultural norms you’ll have to add team members who do.

In part one of two parts, I’ll cover what triggers a cross-border fraud examination, determining if an allegation is true or vindictive, who should be notified and how to begin your planning.

Triggering a cross-border fraud examination

These examinations can arise in a multitude of ways, but the most common reason is from an employee accusation, according to Cross-border investigations: Are you prepared for the challenge? KPMG International, 2013. (See Figure 1 below.)

Figure 1: Primary triggers of most cross-border investigations.

According to KPMG, 32 percent of those internal accusations come from anonymous whistleblower hotlines, which protect employees from potentially negative repercussions. And 45 percent of the accusations come from employee leads inside the company other than whistleblower programs.

According to the 2016 ACFE Report to the Nations of Occupational Fraud and Abuse, the most common detection method — not necessarily all involving cross-border examinations — was tips, 39 percent. And organizations that had hotlines were much more likely to detect fraud, 47.3 percent.

Fraud examinations can also begin from internal audit findings, outside source allegations and other enforcement agency findings, according to KPMG. How an organization receives and deals with an allegation can be a defining moment. You don’t want to encroach on someone else’s authority before the investigation has even begun.

Many organizations — faced with internal fraud — might follow their legal counsels’ advice to defensively keep their fraud examinations quiet because they value their reputations.

Company leaders might ask, “Can’t we just informally talk with a few people internally and see what happened?” Well, the answer is yes, but if you discover problems, you’re going to have to go back and repeat your initial examination. If you detect a global cross-border fraud, it’s best to do it right the first time and plan a full-scale fraud examination that will laboriously inspect the corners of your far-flung corporation.

Determine if an allegation is true or vindictive

It's difficult to differentiate between true allegations and vindictive hoaxes. A thin line often separates truth and fiction. Here are some steps that can potentially help differentiate the two:

• Diligent, thorough fact-finding. Utilize confidential resources within the firm, such as risk managers, the legal department, the COO and the CEO, to understand if problems similar to the allegations exist. (However, of course, if top management is involved they’ll plead ignorance.) 
• Review personal files of the whistleblower and the potential alleged fraudster. The whistleblower, possibly a longtime employee, might have scars from past events at the firm. A new employee still might have vindictive complaints or grudges even after a couple of appraisal cycles. If a newcomer tries to be a problem child, the surroundings will identify it for you. For example, an employee holding a grudge against their supervisor for not granting them a good bonus would likely discuss or show signs of frustration to their colleagues. Thus, while collecting initial intel on the case, whistleblowers or the potential alleged fraudster, assess the surroundings in detail to create a linked analysis.
• Review the whistleblower’s and the potential alleged fraudster’s annual conflict-of-interest and vendor-sponsorship declarations and trainings they’ve attended to evaluate how they’ve understood the purposes of these mandatory anti-fraud regulations.
• “Innocent until proven otherwise” is my motto for both parties. Give them both a fair chance. Also, disclosing their names to anybody not involved in the investigation can be detrimental to their future jobs and earnings plus possibly be harmful to their families. Once you have at least some vague hints toward the potential allegations, discuss with legal counsel.

If you’ve been with the firm three or four years you’re probably soaked in the business culture, and your radar is attuned. So, you have a good idea when something just doesn’t “seem right.”

Include this line in your whistleblowing policy: If individuals deliberately make false or malicious allegations, the organization will take disciplinary action against them.

This might deter some malicious complaints from an anonymous whistleblower.

Determine who should be notified

The first step in the process is to alert upper-level management that a whistleblower has made an allegation, and the organization will begin an examination. Tell only those who need to know; you don’t want to taint the investigation’s integrity. However, in some countries it’s not uncommon to alert several tiers on the organizational chart. Just be sure to understand the area’s customs and policies on this. Your investigation committee (see below under “Plan for a successful investigation”) always helps in this case.

This multidisciplinary standing committee consists of employees from the legal, compliance and risk departments (and others) who oversee investigations from procedural rather than substantive points of view. The committee provides insights into the organization’s culture, unspoken rules, and key policies and procedures plus manages and monitors the activities of outside investigators.

Plan for a successful fraud examination

An organization must respond quickly and effectively to any allegations with a well-developed, general cross-border plan.

Everyone in the organization should be prepared with specific, predetermined protocols that cover standards, principles, region- or country-specific requirements, customs and practices.

A key part of this plan is clear communication. Don’t fail to realize until it’s too late that you can’t overcome language barriers because you didn’t have proficient translators on your team.

Here are components common to successful cross-border examinations:

• Calm, clear mindset of the lead investigator (especially when working in a hostile environment, such as Afghanistan or Iraq).
• Determination of the time frame within an investigation.
• Data privacy ensured.
• Clear and timely transfer of information, notifications and deadlines to employees or their representatives plus governmental agencies and law enforcement.
• Determination of the type, jurisdictional authority and time frames in which possible disciplinary action(s) will be taken.
• Determination of cost parameters.
• Also, see Figure 2 below, “Important elements for the execution of a successful cross-border investigation.”

Figure 2: Important elements for the execution of a successful cross-border investigation.

Always take baby steps when creating your examination plan. If you don’t construct it well, you’ll reenact the Battle of Waterloo. You want to protect the integrity of all players, the process, privacy and confidentiality, company property and potential evidence.

As a lead investigator, with consent from management, here are the steps you should take when you unearth an issue and you’ve determined the credibility of the allegation:

• Understand the underlying substantive issue involved in the allegation.
• Ensure objectives are clear and defined.
• Clearly establish a reporting structure with points of contact.
• Alert your standing investigation committee. 
• Begin an investigation diary.
• Determine the documents and data you need to compile to conduct the examination.
• Devise a data security strategy.
• Keep a current backup copy of e-documents.
• Identify relevant witnesses to whom the fraud examiners should be speaking.
• Develop credible communication channels with the whistleblower/informant if they’ve disclosed their name(s). Draw a linked analysis with the known facts and those provided by the whistleblower. You’ll fill in the gaps later. Use the analysis to match the potential wrongdoings.
• Choose a subject matter expert (SME) who can help you make early decisions. Always run the evolving investigation plan by the SME whenever possible. Assign a backup team member to replace the SME if that person has to return home for personal, health or performance reasons.

(See Figure 3 below for the KPMG report’s participants’ responses on the nature of their cross-border investigations.)

Figure 3: Nature of cross-border investigations.

In part two of the March/April issue: assessing legal and cultural considerations, specifics of your plan, reporting findings and remediation across borders.

Robin Singh, CFE, LPEC, CFAP, is the compliance and fraud control department lead officer at Abu Dhabi Health Services Company – SEHA (Government of Abu Dhabi). His email address is: robinsingh002@yahoo.com.

The opinions expressed in this column are those of the author and don’t reflect the opinions of SEHA or its business entities or its affiliates. All figures are sourced from “Cross-border investigations: Are you prepared for the challenge?” KPMG International 2013.