© 2020 Association of Certified Fraud Examiners, Inc.
Developing an Integrated
Anti-Fraud, Compliance, and
Ethics Program
Performing Due Diligence
© 2020 Association of Certified Fraud Examiners, Inc.
Discussion Questions
1. How does your organization ensure that it is
hiring ethical employees?
2. What types of due diligence procedures does
your organization perform before doing business
with a third party?
© 2020 Association of Certified Fraud Examiners, Inc.
Introduction
▪ Management should
perform thorough due
diligence in:
• Hiring employees
• Promoting employees
• Third-party relationships
• Mergers and acquisitions
© 2020 Association of Certified Fraud Examiners, Inc.
Due Diligence in Hiring Employees
▪ Communicates the company’s ethical stance to
job applicants
▪ Helps ensure that known thieves do not enter
through the front door
© 2020 Association of Certified Fraud Examiners, Inc.
Due Diligence in Hiring Employees
10%
(screen out)
10%
(attract to hire)
80%
(focus of anti-fraud,
compliance, and
ethics program)
© 2020 Association of Certified Fraud Examiners, Inc.
Set Clear Expectations
▪ Ensure that the hiring team is unified in focus
on what makes an ideal candidate.
▪ Include ethics in the job posting.
▪ Have ethics resources and statements where
candidates will see them.
© 2020 Association of Certified Fraud Examiners, Inc.
Watch for Ethical Indicators in Applications
• Volunteer positions
• Promotions to
increasing responsibilities
• Serving as a mentor
• Participation in ethics initiatives
• Job hopping
• Decreasing responsibilities between positions
• Demotions at previous employers
• Unexplained gaps in employment
© 2020 Association of Certified Fraud Examiners, Inc.
Review Social Media Activity
▪ What are they saying
online?
▪ What are they
complaining about?
▪ Are they projecting a
sense of ethics?
▪ Are they presenting
the values of the
company?
© 2020 Association of Certified Fraud Examiners, Inc.
Screen for Ethics During Interviews
▪ Ask questions to assess the job candidate’s
ethical values.
▪ Pose ethical dilemmas.
▪ Follow up on unclear or inconsistent answers.
▪ Involve ethics leaders from throughout the
organization in the interview process.
© 2020 Association of Certified Fraud Examiners, Inc.
Administer an Ethics Assessment
▪ Consider having
candidates
participate in an
ethics or integrity
assessment.
© 2020 Association of Certified Fraud Examiners, Inc.
Conduct Background Checks
▪ Work history
▪ Educational history
▪ Certification and license verification
▪ Criminal and civil records
▪ Credit checks
▪ Drug screening
© 2020 Association of Certified Fraud Examiners, Inc.
Check References
▪ Ask candidate’s previous direct supervisors
about:
• Employment details (dates, title, duties)
• Disciplinary or performance issues
• Whether they would recommend this individual for this
position
• Whether they would hire this individual again
© 2020 Association of Certified Fraud Examiners, Inc.
Due Diligence in Hiring
▪ Document reasons for
declining qualified
individuals.
▪ Consider applicable legal
requirements and
restrictions.
© 2020 Association of Certified Fraud Examiners, Inc.
Due Diligence in Promotions
Ethical example
Supervisory/leadership
skills
Commitment to core values
Favoritism
Technical skills
Tenure
© 2020 Association of Certified Fraud Examiners, Inc.
Due Diligence in Promotions
▪ Ask questions related to
real-life compliance and
ethics scenarios for new
position.
▪ Perform background
checks on employees
under consideration for
promotion to higher
levels of authority or
given increased access
to assets or data.
© 2020 Association of Certified Fraud Examiners, Inc.
Due Diligence in Third-Party Relationships
▪ Many violations arise due to negligence on the
part of third-party agents, such as contractors,
vendors, or suppliers, rather than due to
internal misconduct.
© 2020 Association of Certified Fraud Examiners, Inc.
Due Diligence in Third-Party Relationships
▪ Review government watch lists.
▪ Review corporate registry records.
▪ Search PEP databases.
▪ Verify the third party’s key employees.
▪ Search the third party’s corporate records.
▪ Verify the third party’s insurance.
▪ Verify any professional licenses.
▪ Confirm the third party’s physical addresses.
© 2020 Association of Certified Fraud Examiners, Inc.
▪ Perform site visits.
▪ Evaluate the reputation of the third party.
▪ Conduct a media analysis.
▪ Interview the third party’s employees.
▪ Review the entity’s policies and procedures.
▪ Review the third party’s financial data and
banking information.
Due Diligence in Third-Party Relationships
© 2020 Association of Certified Fraud Examiners, Inc.
Using Third-Party Questionnaires
Company profile and strategy
Owners’ or stakeholders’ names
Managers’ names
Number of employees
Bankers’ and lawyers’ names and contact information
Years in existence
Similar projects completed by the entity
Information about the entity’s customers
Any involvement with government officials
Any security or privacy audits performed internally
© 2020 Association of Certified Fraud Examiners, Inc.
Assessing the Third Party’s
Commitment to Compliance and Ethics
▪ Require the third party to have its own effective
compliance and ethics program.
▪ Obtain and review the third party’s code of
conduct and other policies.
▪ Provide a copy of the organization’s code of
business ethics and conduct, and require the
third party’s agents to sign off on it.
▪ Ask if the third party has an internal audit
department and what types of audits it
undergoes.
© 2020 Association of Certified Fraud Examiners, Inc.
Assessing the Third Party’s
Commitment to Compliance and Ethics
▪ Include a clause related to compliance and
ethics in contracts with the third party.
▪ Include in contracts the requirement for the third
party to report any misconduct that occurs in any
work performed.
▪ Provide information on how to report suspected
misconduct.
▪ Inform third parties that they will be liable for any
unethical activity on their end.
© 2020 Association of Certified Fraud Examiners, Inc.
Third-Party Due Diligence Red Flags
Operations in a region with a
history of corruption
Inadequate financial
resources
Lack of qualifications or
experience
Lack of transparency in
accounting records
Poor record of performance
Decentralized operations
Recommendation by a government
official
Reputation for dishonesty
Refusal to certify compliance with anti-corruption
laws
Personal or business ties to a
foreign official
Involvement in prior complaints or legal actions
History of fraudulent conduct
Undisclosed outside business
interests
Family ties with an employee of the purchasing
entity
Business model that does not make sense
© 2020 Association of Certified Fraud Examiners, Inc.
Due Diligence in Mergers and Acquisitions
▪ M&A transactions deal with the buying, selling,
dividing, and combining of different companies
and similar entities.
▪ An acquiring company can limit its liability by
conducting M&A due diligence, rectifying any
identified issues, and implementing compliance
programs.
© 2020 Association of Certified Fraud Examiners, Inc.
Due Diligence in Mergers and Acquisitions
▪ Conduct a risk assessment.
▪ Review the target company’s compliance and
ethics program.
▪ Assess the target company’s ethical culture.
▪ Review any past incidents and current risks.
▪ Conduct background checks on key executives.
▪ Conduct background checks on key employees.
▪ Interview key executives.
▪ Identify the target company’s jurisdictions.
© 2020 Association of Certified Fraud Examiners, Inc.
Due Diligence in Mergers and Acquisitions
▪ Review the target company’s business practices.
▪ Use data analytics to identify red flags.
▪ Review the target’s third-party agreements.
▪ Include compliance representations in the M&A
agreement.
▪ Monitor the target’s business activities until
merger or acquisition takes place.
▪ Take an appropriate response if risks or red
flags are identified.