How to be proactive about your organisation’s integrity risks in 2021

organisation integrity

Proactive risk management needs to start at the top of the organisation. Most business owners and leaders understand that leading a business involves a degree of risk. The key is to ensure that, as your business matures, you build the capability to identify, assess and manage risks in a prudent manner, writes Darren Murphy, Managing Director, Core Integrity.

Every business, regardless of its size, industry or maturity is exposed to integrity risks such as fraud, corruption, conflicts of interest and employee misconduct. Internal integrity risks remain a persistent threat to businesses as motivated employees look to take advantage of weak internal controls, outdated business practices or lucrative opportunities to commit fraud and engage in misconduct.

To add to the complexity of running a business and managing risk in 2021, there is a global pandemic hanging over the business landscape and the associated security risks. Outside of the organisation’s walls, businesses are coming under increased threat from cyber criminals with issues like business email compromise (BEC), phishing and data breaches.

The risk landscape in 2021
As we enter a new calendar year, businesses and governments are attempting to get back to ‘normal’. The impact of COVID-19 has demonstrated the need for organisations to reassess how they manage and mitigate integrity risks within the business to protect their people, reputation and bottom line.

In times of uncertainty, instances of employee misconduct, fraud and corruption can significantly increase as employees facing mounting financial pressure rationalise behaviour and take advantage of opportunities to enrich themselves. Unfortunately, for businesses, this is bad timing.

As businesses grapple with navigating and surviving a global pandemic, the focus of the organisation shifts to cutting costs, remaining “open for business” and minimising the impact of day-to-day operations. Investment in proactive initiatives is put on the back burner – and rightly so.

However, with signs of economic recovery on the horizon, the time is now to consider how you will look to prevent and mitigate integrity risks from occurring or increasing in your business.

Risks to your organisation can be internal, such as theft, fraud, bullying and employee misconduct. External risks can include corruption and collusion with suppliers, third-party fraud and business email compromise.

How to manage the new risks
Proactive risk management needs to start at the top of the organisation. Most business owners and leaders understand that leading a business involves a degree of risk. The key is to ensure that, as your business matures, you build the capability to identify, assess and manage risks in a prudent manner. There will always be a degree of risk and quantifying this is known as a Risk Appetite Statement. While that might sound like a complicated step for your business, it doesn’t have to be.

It’s important to recognise that integrity risks can take many shapes and forms. Risks can be internal to your organisation, such as theft, fraud, bullying and employee misconduct. Or external to your organisation, such as corruption and collusion with suppliers, third-party fraud and business email compromise. Taking a moment to stop and think about what risks your business faces is a simple but important first step.

For most businesses, the best place to start is to focus on your employees, their roles and the behaviour you expect from them. This is often captured in your organisation’s policies, such as a Code of Conduct,Bullying and Harassment Policy or Conflicts of Interest Policy.

Perhaps one of the biggest areas of opportunity for businesses in 2021 is to review and update your policy suite to ensure employees understand what is expected of them and attest to these policies. When we conduct internal investigations into fraud or employee misconduct, we often encounter employees who are not familiar with the policies, cannot remember the last time they read the policy or where it is located – there is an evident disconnect.

Another area of opportunity is to improve the way conflicts of interest and gift and entertainment is managed. These two areas present the greatest area of risk for an organisation as they affect the greatest number of employees across all roles.

In almost every organisation we work with, we see an inadequate approach to how these risks are managed. Registers for tracking conflicts of interest and gifts are often underutilised, empty and siloed across business units. Importantly, there is a lack of oversight and review at an organisational level.

Every business, regardless of its size, industry or maturity is exposed to integrity risks such as fraud, corruption, conflicts of interest and employee misconduct.

Moving to Centralised Compliance Software
Large organisations often have polices and other integrity initiatives located on an intranet site, however in 2021, this is an outdated way to manage risk.

Cloud-based software now exists for virtually every aspect of running a business and compliance is no different. A cloud-based compliance software, such as the one we use at Core Integrity (www.corethix.com), can dramatically improve your integrity risk and compliance program.

There are several simple initiatives that can be implemented through a cloud-based compliance platform to help proactively manage risk in your business, including:

  • Ensure all company policies are located on the one platform to maintain version control of each policy and distribute these to all employees automatically by role, function and location for reading and attestation.
  • Move all conflict of interest and gift and entertainment management online so employees can submit declarations in real time for management to review, approve or investigate.
  • Migrate incident, issue and safety reporting online so employees can submit issues via mobile devices as they occur rather than waiting to return to the office to submit a paper-based form.
  • Leverage technology to integrate your organisation’s whistleblower or ethics hotline into the compliance platform to improve the reporting experience.
  • Drive engagement and use by employees by leveraging communications and announcement functionality.

Now is the time to proactively assess and mitigate the potential integrity risks in your business and examine the opportunities to enhance your compliance program to ultimately engage with your employees. Prevention is always the best method to ensure your organisation is protecting its people, reputation, and bottom line.

Key Takeaways

  • Most business owners and leaders understand that undertaking a business involves a degree of risk. The key is to ensure that, as your business matures, you build the capability to identify, assess and manage risks in a prudent manner.
  • Risks to your organisation can be internal, such as theft, fraud, bullying and employee misconduct. External risks can include corruption and collusion with suppliers, third-party fraud and business email compromise.
  • Engage integrity risk experts such as Core Integrity to educate your people about your internal policies such as a Code of Conduct, Bullying and Harassment Policy or Conflicts of Interest Policy.
  • Review and update your cyber security systems to ensure your software reflects current risks and protect your organisation’s data, resources, and accounts, such as centralised Compliance Software like Corethix.
  • Work from the top down to implement culture and policy that reflects the guidelines for a workplace that encourages integrity.
  • Implement reporting systems that support internal and external whistleblowing and at a minimum, discuss potential issues within the workplace.
  • Move all conflict of interest and gift and entertainment management online so employees can submit declarations in real time for management to review, approve or investigate.

Image Source: Pexels