When NGOs break the law: Consequences for fraud risk

The 1986 movie Top Gun, starring Tom Cruise, opens with a fantastic scene of aerial derring-do.

In this fictional scenario, American planes are engaged by a rival power’s ‘Mig’ aircraft, one of whom activates its missile lock on an American aircraft. The pilot calls out to Tom Cruise’s character to ‘get the [guy] off’ him. As I understand it, what Maverick apparently should have done was to fly behind the Mig and engage his own missile lock, deterring the Mig from firing at his comrade. Maverick doesn’t do that. He’s got his own plan.

4It’s a great scene, and we celebrate Maverick’s daring heroics. But let’s be clear, this wasn’t what he was supposed to do. It was dangerous. We only celebrate because Maverick pulled it off. If something had gone wrong, Top Gun wouldn’t be a heartwarming movie about a young pilot’s quest for meaning, love and success. It would be a dark political thriller about a world on the brink of nuclear war following a mid-air collision caused by a reckless American pilot.

From time to time in my work with NGOs, I’ve caught glimpses of internal cultures where compliance is not as valued as one might expect. When the organisation’s overall aims are moral, getting away with non-compliance might even attract honour. But just as would be the case with Maverick’s airborne antics, there are consequences if risk catches up with reality.

PASSPORT 5Some international NGOs are tempted to break the laws and regulations of their countries of operation, registration, or both. Here we don’t so much mean situations where legal authority is unclear, or regulations and obligations are ill-defined or differently interpreted, or laws which violate human rights. Here we’re focussing on a situation where an NGO wilfully or negligently breaks legitimate, clearly-defined and communicated local laws and regulations. Temptations might include, particularly:

  • Breaching immigration, tax or employment law;
  • Procuring on the black market;
  • Conducting projects outside the authorised parameters;
  • Breaching NGO regulations or directives (e.g. reporting).

INGOs do complex work in complex places. Common reasons why staff or managers may take this action (or indeed, inaction) might include:

  • A tension between the time it takes to negotiate labyrinthine or contradictory local bureaucracies versus their urgent humanitarian objectives or donor expectations;
  • A disconnect between headquarters expectations versus local realities;
  • Failing to invest in the preparation and planning necessary to properly identify relevant regulatory factors and formulate organisational responses to them;
  • Failing to maintain proper oversight to ensure that staff are delivering objectives lawfully – sometimes potentially deliberately (‘don’t ask, don’t tell’);
  • Internal cultures where ‘getting the job done’ is valued more highly than compliance.

This exposes an international NGO to a wide array of risks. Now, this is not a legal blog and I am not a lawyer, but I do note that some possible consequences of non-compliance might affect an NGO’s ability to reduce its risk of fraud and corruption. In this article we’ll suggest three such areas.

The impact upon responding to fraud incidents

file2831269190184When an incident of fraud takes places in a project where the NGO was working unlawfully,  managers may then be incentivised against taking civil or criminal justice action for fear of drawing attention to the project’s own misdemeanours. This may significantly hamper the prospect of redress (getting our money back), and impact upon the available sanctions for a perpetrator. This, in turn, could damage the NGO’s ability to deter fraud and corruption if a potential perpetrator knows that such an outcome is unlikely.

The impact upon counter-fraud culture

My book suggests four characteristics of such a culture, one of which is that ‘all commit to, and participate in, reducing fraud and corruption to an absolute minimum.’ It is not hard to see how the toleration of unlawful activity can contradict this. As a previous blog post has mentioned, how can we ask our employees to role-model accountability and transparency if the managers of our organisations are not doing it?

file4081251141923The risk goes even further, however. While international staff may be able to hop on the next plane home if things get too hot with local authorities, local staff can’t press that escape button. They may therefore bear the greatest risk of consequences like prosecution. This outrageous burden is hardly helpful to the positive workplace relationships necessary to help deter corruption and promote whistleblowing.

Similarly, we need to consider how expecting or allowing workers to break the law, or breaching their employment rights, might disenfranchise them. A breakdown in the relationship between employee and employer – particularly where an employee feels wronged – might, in some cases, contribute to the rationalisation of occupational fraud.

The impact upon preventing fraud and corruption

Operating unlawfully could contribute to a country’s wider crime problem and undermine the legitimate state. In this sense, we help to sustain the environments of complexity and injustice that make transparent and accountable work so difficult – not alleviate them. In turn, this helps to maintain the risk of fraud and corruption in our operations there.

DSC06922An area where this ‘do-no-harm’ themed risk is particularly evident is where NGOs procure from the black market, an option that can arise during scenarios such as the recent fuel crises in Yemen and Nepal. Doing so makes an NGO part of an opaque supply chain and financial flow – where did the product really come from, and where is your money really going? The transparency of your contacts is in no way incentivised, and they are unlikely to volunteer to whom or what they are linked (think Six Degrees of Separation).

Subsequently, an NGO could easily appear in a network that features terrorist groups or those subject to financial sanctions, or in which the financial flow benefits those involved (or ultimately supports investment) in other forms of state-destabilising serious organised crime. Being a black marketplace buyer can make an NGO part of a network in which its donors and supporters might be surprised to see it.

How can these organisations claim to help the nation’s development when, through corruption, they weaken the rule of law? How can we deal with this hypocrisy?

Ingrid Nanne, What happens when NGOs break the law?

Conclusion

Humanitarian and global development work is complex, and programmes are often under pressure from multiple sources. However, operating unlawfully carries a range of risks, and the crystallisation of some of those might damage a programme’s resilience to fraud and corruption.

Managers need to take these risks seriously. This means avoiding the blanket application of a ‘humanitarian need’ trump card to all their operations, and instead ensuring that a nuanced and considered approach to business planning and risk management identifies and caters for foreseeable tensions with legitimate local laws and regulations. The days of ‘don’t ask, don’t tell’ need to be a feature of history textbooks, not modern programme doctrine.

FFCHGDSFind out more about the risk that fraud and corruption pose to humanitarian and global development organisations, and how they can better deter, prevent, detect and respond to it, in my book! Click here to get your copy of Fighting Fraud and Corruption in the Humanitarian and Global Development Sector from the Routledge website or Amazon!

Advertisements

Aid diversion to terrorists: 3 things NGOs need to know

This week I’ve been in Nairobi, Kenya, delivering workshops for local NGOs on minimising the risk of money-laundering and terrorist financing. Preparing the material led me to reflect on some of the conversations I’ve had with NGO managers about reducing the risk that physical assets, funds and stock might fall into the hands of those designated as terrorists, or subject to financial sanctions.

Diversion_11This presents a very challenging issue for NGOs that work in high-risk areas, and one with significant tensions at its heart. These include the tension between minimising the risk of diversion versus disrupting the delivery of aid, competing obligations on the ground, and the wider balancing act between regulation and enforcement versus guidance and capacity building.

It does not help that the international regulatory picture and sectoral response are far from coherent, and subsequently it is understandable that there are widespread misunderstandings. This is not an exhaustive article, of course,  but we’ll explore (in no particular order) some of the most common areas that have popped up in my conversations around the sector.

Audit may be unlikely to pick up incidents.

16811751576_856ea1d5f2_oAudit is a helpful process that assists managers to meet their organisational goals and minimise risks. It is not its purpose to detect financial crime (less than 20% of detected fraud cases are identified this way). That’s assuming, of course, that systematic and independent audit even happens – in remote programmes, conflict zones or humanitarian emergencies, whole projects in some organisations may see little or no independent review at all.

NGO managers need to avoid the errors of assuming that a detection-free audit is an all-clear, or that it is solely the duty of auditors to prevent and detect financial crime, rather than everybody’s responsibility. ‘Protection money’ or ‘taxes’ paid to terrorist groups can be masked as vague costs, such as ‘transport’ or ‘security.’ If identity and sanctions list checks of partners, contractors, consultants, staff and volunteers were not conducted, auditors won’t necessarily pick up positive hits either. Audit may help identify vulnerabilities, but it cannot be relied upon to spot incidents.

Instead, according to FATF, factors that might elevate an NGO’s risk include programmes in close proximity to terrorist groups, and/or those that are ‘service’-oriented; these could include construction and distributions (i.e. operations more likely to involve the movement of physical assets, funds or stock). An NGO in this position needs to ensure that it implements a meaningful risk management cycle, creating space to look for vulnerabilities and taking reasonable precautions. Risk assessment is only a bureaucratic ‘tick-box exercise’ if we let it be – it can be a powerful method to spot what could go wrong and do our best to prepare for it.

Transferring all the risk to local partners isn’t fair.

afghanistan-90761_1920In my book, I suggest that a chain of unbridled risk transfer from back-donors to INGOs to local partners has the opposite effect of protecting funds – it increases the risk of fraud and corruption. In the end, too much risk derived from decisions taken in coffee-laced, air-conditioned meetings in Brussels, London and Kabul sits on the shoulders of one Afghan worker standing in the sun at a checkpoint in Badakhshan. This is poor risk management, poor partnership-working, and poor diversion prevention.

The flow needs to be inverted. Rather than just responsibility flowing from back-donor to local organisation, communication about the nature of the risks needs to flow the other way, and provoke increased investment in capacity-building and shared responsibility. There are difficulties with reconciling programmatic objectives and terrorism risk (‘what if we really can’t access that population without a payment?’), but we will not start to address these if agencies hide behind risk transfer to avoid the conversation.

Relying on assurances of non-prosecution is dangerous.

getoutofjailIn 2015, the UK government issued guidance describing the risk of a prosecution for a terrorism offence as a result of involvement in humanitarian efforts or conflict resolution as ‘low.’ This was encouraging in terms of the British government’s recognition of the vital need for humanitarian work in conflict zones and the difficult circumstances in which it occurs. However, we need to be cautious about how we respond to this in terms of our investment in minimising the risk – we might have been here before.

In 2010, the Bribery Act led to a flurry of compliance activity amongst NGOs keen to avoid prosecution for failing to prevent bribery. According to some, however, unnamed British officials apparently indicated to nervous NGOs that their organisations were not the focus of this legislation and appeared to imply that they would not be paid much attention. Some perceive that, sadly, this well-intentioned move contributed to a dwindling of effort amongst some NGOs in developing meaningful compliance frameworks. (Ironically, in this regulation with strong ‘prevention’ requirements, it is the dwindling of effort and its consequences that could potentially elevate the chances of prosecution!)

Save_the_Children,_Westport,_CT,_USA_2012Implied assurance of non-prosecution is always caveated, is not always made by those with the correct authority, and might not relate to that which is perceived. The British guidance note, for example, does not indicate whether it is referring to placing resources in the hands of terrorists (potentially s15-18 Terrorism Act offences), failing to have sufficient systems to prevent sanctions breaches (potentially a s34 Terrorist Asset Freezing Act offence of neglect), failing to report a suspected funding offence (s19 Terrorism Act), or some of those, or none – and so on. In any event, any decisions would be made on the basis of the prevailing circumstances of the case and it is worth noting that Save the Children International were investigated by the Metropolitan Police for allegedly failing to report a suspected incident of theft by a terrorist group in Somalia.

This situation also comes with an ethical choice – if we are not to be prosecuted, is it okay to commit the offence? Our donors and supporters may have something to say about that.

Assurances of the low probability of prosecution are not literal Get Out Of Jail Free cards. Instead, a pragmatic response for NGOs might be to continue to do all that is reasonable to comply with regulations, invest in proper systems to reduce the risk of both incidents and non-compliance, and maintain dialogue with authorities on the implications for humanitarian operations generated by the intricacies of their regulatory regimes. And there is no substitute, of course, for professional legal advice.

Conclusion

As with many of the corruption risks facing NGOs, the issues are complex and difficult. NGOs require the understanding – and patience – of the public, their donors and host governments. However, there is much that NGOs can do to reduce these risks.

Many of the systems and approaches that minimise the risk of diversion represent good governance and management – creating space for proper planning and monitoring of operations, ensuring that open internal communication channels exist, investing in the coherent verification of outputs, the diligent management of third parties, and so on. Getting these things right in areas where we are more able to do so reduces overall exposure, allowing us to focus our problem-solving on the areas where things are more challenging.

Improving transparency – or, in old money, having the conversation – will start the ball rolling.

Mind your head: How the push for low overheads in charities raises the risk of fraud

Caution ticker

Caution ticker

In December, an outfit called the True and Fair Foundation drew the ire of the UK third sector with a report attacking the amount spent on ‘charitable activities’ versus other spending such as ‘overhead.’ The analysis was flawed (Pesh Framjee comprehensively dismantles it here), but the incident was notable as yet another attack on NGOs which played to the idea that costs not seen as directly related to delivery are wasteful at best and, at worst, self-serving. It is a notion that some researchers have argued leads to a ‘non-profit starvation cycle,’ pushing non-profits into a race to the bottom for lower and lower declared overheads.

Proponents of the drive for ever-lower ‘overhead,’ ‘administration’ or ‘support’ costs are often unclear (or contradictory) about what expenditure is actually meant. The impact of the drive is that many NGOs are incentivised to cut to the bare bone anything with a whiff of ‘support cost,’ and which cannot be said to directly relate to delivery. This can include finance, human resources, IT, investment in systems, supply chain management, procurement, wider logistics and other costs.

This has a range of consequences for the effective operation and development of NGOs, but a particular ramification is the increased vulnerability to fraud. Anecdotally, my NGO counter-fraud colleagues and I rarely see a case of fraud or corruption where significant improvements to prevention – that is, having policies, procedures and systems,  proper management oversight, the independent review of both, and a coherent riskLiberia map management framework – would not have significantly reduced the chances of it happening.  An example might be World Vision’s experience in Liberia, where staff stole approximately $1m of food and construction materials. World Vision’s statement following the case listed a number of changes in the wake of the fraud.

Key ways that NGOs can more effectively prevent fraud and corruption, thus living out the stewardship that their donors and supporters expect, include:

  • Conducting fraud and corruption risk assessment before and throughout a project;
  • Performing due diligence on new staff, contractors, consultants and local partners;
  • Designing,  implementing and complying with robust systems of financial control;
  • Conducting proper checks before authorising expenditure, and keeping accurate records of stock movement;
  • Utilising electronic systems where possible, making funds and stock easier to track;
  • Properly monitoring and evaluating projects;
  • Training staff and managers in how to identify and respond to the signs of fraud and corruption.

What becomes clear, of course, is that many – if not all – of these require investment in what some might think of as overhead, administration or support costs. Conducting checks before authorising payments, for example, requires staff to do it. As they say in the theatrical industry, it’s about ‘bums on seats.’ Both the bum, and the seat, are support costs.

This narrative, and the resultant dynamic, can leave NGOs who respond to it more vulnerable to fraud and corruption. The damage is not just limited to prevention, either – it also impacts upon detection. Because fraud and corruption are designed to hide, they are unlikely to be picked up without investment in the systems and functions to do so. This contributes to the ideal conditions for fraud. The idea that low overhead, administration or support costs automatically mean greater resource for delivery is immediately debunked – because without them, at least some of that delivery can be happily and secretly stolen.

firefighterIronically, of course, a driver behind the flawed narrative is a desire to see good stewardship in NGOs. But in the same way that it would not represent good stewardship for a fire department to send firefighters into burning houses without protective clothing, it does not represent good stewardship for charities to move resources around without sufficient protective systems clothing those resources. Although there is, of course, a balance to strike – enormous overhead, administrative and support costs are a red flag – under-investment in prevention, and the infrastructure that makes prevention happen, is a key enabler of fraud and corruption for NGOs.

Five suggestions to change the dynamic

  • Reduce the extent to which your NGO fuels the paradigm. Avoid semantic games and creative reporting about what costs are, and are not, ‘delivery’ or ‘administration.’ Be clear in reports about what broad terms mean;
  • Celebrate the value of ‘support-side’ work. Supporter marketing usually focuses on delivery activities – consider promoting and explaining the powerful contribution made by what might be thought of as ‘administration’. Delivery happens because of support costs – not in spite of them;
  • Educate courageously in the public space. The Charity Defense Council (of which Dan Pallotta is a director) in the US is a good example of clear and determined voices tackling the pressure on charities;
  • Take every opportunity to claim ‘support-side’ funding. Where institutional donors make funds available for support costs, use them. If funding is available for a compliance officer, for example, employ one!
  • Invest in ‘overhead’, ‘administration’ or ‘support’ in the first place. These expenditures may not come with the inspiring business cases or immediate sense of reward that programmes might, but they are no less vital for making sure that those programmes happen, and that they are the best and most sustainable they could possibly be.

 

FFCHGDSFind out more about the risk that fraud and corruption pose to humanitarian and global development organisations, and how they can better deter, prevent, detect and respond to it, in my book! Click here to get your copy of Fighting Fraud and Corruption in the Humanitarian and Global Development Sector from the Routledge website or Amazon!

 

Welcome!

file00099997224.jpg

Welcome to the blog devoted to helping humanitarian and global development organisations to reduce fraud and corruption.

Posts are filed according to the different components of the holistic approach and some of the key issues in tackling fraud and corruption in development today.

Click on the category of your choice to get started!