CMS South Africa’s Zaakir Mohamed unpacks CFOs' role in protecting business from exposure to crime syndicates.
After finally making it through to the other side of a significant period of volatility and uncertainty as a result of the Covid-19 pandemic, South Africa is unfortunately not out of the woods just yet. In fact, the country has another epidemic that it desperately needs to tackle if it is to achieve its vision of prosperity and growth — organised crime.
The magnitude of organised crime in South Africa has reached frightening levels. In fact, a recent report assessing organised crime risk in South Africa found that the country is moving up the ladder in criminality to the point that it has outpaced Mexico, Somalia and Libya and is at the same level of organised crime as can be found in Guatemala, Brazil and Russia.
The consequences of this rapidly growing organised crime environment can be seen economically in the impact of the Financial Action Task Force’s decision earlier this year to globally grey list South Africa as the country’s efforts to improve its compliance to international standards in preventing illegal financial activities had fallen short.
On a more micro level, organised crime presents significant risk for businesses. Falling prey to any form of financial crime through theft, fraud, corruption, money laundering, cybercrime or any other type of irregularity could have dire consequences for any organisation, whether it be realised through a negative impact on a business’s reputation, operations and/or revenue.
That’s why, as the person on whose shoulders lie the responsibility of a business’s financial wellbeing, the CFO has a key role to play in helping to mitigate any risks and closing any loops on vulnerabilities within the business that criminals can exploit. But first they need to have a clear understanding of exactly what organised crime is and how it functions.
The inner workings of organised crime
At a very basic level, organised crime is much more sophisticated and insidious in the way it is carried out in comparison to other types of criminal activity. Instead of, for instance, an individual committing a crime based on opportunity within the organisation, you have a group of individuals colluding with one another to perpetrate crimes against a business.
In South Africa organised crime is usually conducted by quasi-criminal style networks with significant transnational links termed syndicates. Their activities are associated with moderate to high levels of violence across a variety of criminal activities. These syndicates target businesses from a purely financial crime perspective and look at ways to defraud a company through either employee risk, third party risk or unknown risks within the cybercrime arena, where it is harder to identify any malicious perpetrators of crime.
There are two ways in which these syndicates generally operate; a pyramid structure where there is usually a singular mastermind who acts as the decision-maker with various roleplayers below them, and a flat structure wherein two or more people decide collectively what they’re going to do and delineate who will be doing what tasks.
However, organised crime can also have nothing to do with criminal syndicates, but rather a group of individuals within the organisation. For example, several employees within an organisation may collude to defraud a company over a period of time which may result in significant financial losses to the company.
How CFOs can help their organisations combat this risk
While most businesses already have a number of measures in place to detect and prevent financial crimes being committed against them from the outside, it’s often the case that businesses aren’t as prepared to deal with fraud that is committed from within the company. This can lead to a delayed and disorganised response to criminal activity, which could negatively impact any ensuing investigation into the incident(s) as well as any ensuing legal processes that may need to be instituted against the perpetrators of such conduct.
Finding out that a crime has been committed within your organisation can be an extremely stressful and worrying experience, leading organisations to panic, act rashly, or not think very carefully about the actions they need to take to effectively manage the situation. As such, CFOs need to prioritise managing the risk of organised crime as part of an organisation’s entire commercial crime strategy. The CFO should ensure that the business has adopted the necessary processes and procedures that ensure financial transactions are carefully monitored, that the right internal controls are employed, and checks and balances are in place to safeguard the integrity of the financial system of the organisation.
A starting point for CFOs can be to identify specific risks within the current processes and procedures of the business.
Take, for example, the payment of invoices. This is where a business has the greatest exposure to financial information being manipulated in a way that looks legitimate. To illustrate this point let’s look at a business that has a payment process where one person is responsible for receiving, capturing and paying the invoice. This introduces a big risk to the organisation. To mitigate this risk, a business could implement the proper segregation of duties whereby one person signs the invoice, another checks the invoice for discrepancies, and another person verifies that the services set out within the invoice have actually been received or that what has been received is worth the value of what the business is paying for it.
Another common vulnerability lies in procurement. As a CFO, whether procurement is a separate unit from finance or sits directly within the finance structure, there’s a need to ensure that due diligence is carried out to verify all vendors placed on an organisation’s list of vendors.
It’s clear that the CFO has a significant role to play in mitigating the financial crime risks faced by their respective organisations. By taking careful steps to deploy robust and agile frameworks to tackle organised crime and financial crime risks, CFOs can ensure that the business is able to manage and mitigate these risks effectively.