International NGOs: What does Deloitte’s new bribery and corruption report mean for you?

This week, Deloitte published One Step Ahead, its 2017 bribery and corruption report. It provides insights from Deloitte’s survey of Australian and New Zealand risk leaders, asking about their perception and experiences of domestic and foreign bribery and corruption.

International NGOs operate in some of the most high-risk jurisdictions in the world, often in the bottom half of the Transparency International (TI) Corruption Perceptions Index. So what are the implications of the report’s insights for such organisations? This article suggests four key questions for your internationally-operating NGO.

Do you recognise the reputational risk – and how to manage it?

There is a disconnect between the perception of reputational risk and the action taken to manage it.

Deloitte’s report notes rising public scrutiny and political concern in Australia, with a number of recent initiatives including a review of Australia’s legislative and policy framework on corruption, the consideration of Deferred Prosecution Agreements, proposed changes to whistleblower protection and beneficial ownership legislation, and a proposed new corporate offence of failing to prevent foreign bribery. These measures arise as Australia slips down TI’s index, and survey respondents overwhelmingly saw reputational impact as the most serious consequence of incidents.

And yet despite this dizzying acceleration, Deloitte’s survey actually implies a slowdown in the progress of organisations. Detection rates and the perception of the risk were broadly consistent with 2015, and almost half of respondents did not even intend to upgrade their anti-corruption frameworks in the next five years.

International NGOs will recognise the reputational dimension, often perceived to impact upon fundraising. But they may also recognise the slowdown. There’s a paradox here and it begs the question – are you best managing the risk? Considering reputational risk after an incident has occurred is too late – it needs to be a driver for investing in meaningful prevention and detection systems.

What does ‘risk assessment’ mean to you?

One of the report’s most surprising findings was the under-use of risk assessment. This might not surprise NGOs, however; my counter-fraud colleagues and I have found the quality and extent of risk assessment in the sector to be patchy at best.

The problem is often in how it is seen. Is it a dry, bureaucratic, tick-box activity carried out for donor proposals and then forgotten about – or a powerful and creative tool for building resilience, evidencing stewardship, and quality-assuring your NGO’s anti-corruption approach?

The narrative we create around risk assessment, and the space we make for it, is critical. For example, I have delivered fraud and corruption training all over the world and people love risk assessment exercises – being invited to think about how they might defraud their organisation, and what could stop them! We can harness that intelligence. For example, consider proper risk workshops, horizon-scanning, ‘red-cell’ thinking, and reflect on how risk management is framed to your staff.

How effectively are you managing conflicts of interest?

The biggest proportion of incidents reported were conflicts of interest, with personal favours not far behind. This may resonate with NGO managers; anecdotally, conflicts of interest in procurement and recruitment can be a real issue.

There is often scope for improvement in how conflicts of interest are identified and managed. Because the process is often reliant on self-declaration by those who are not necessarily incentivised to declare, compliance is not automatic. Good conflicts of interest frameworks need to be simple, well-communicated, focused on heightening transparency, and subject to ongoing reinforcement.

What do you say, and what do you incentivise?

Respondents most frequently declared organisational culture and tone-at-the-top as the greatest preventative factors. I have written about the link between culture and corruption for NGOs before (here and here), but in my experience most NGO managers believe they do set the right tone and have the right culture. The problem here is that by culture and tone, we don’t just mean what you say and how you say it, we also mean what you incentivise and are perceived to permit. In my book, I describe how tone at the top is about not just words, but actions. For example:

Did you take the right action over that manager who might have given a contract to his sister’s company?
Did you ask the right questions about that mysteriously rapid movement of humanitarian equipment into that high-risk jurisdiction when other agencies were held up at customs?
Do you include anti-corruption objectives into personnel appraisals and job descriptions?
Are the objectives and timelines for projects and programmes set at such an ambitious level that you inadvertently incentivise corruption?

Your staff, volunteers, institutional donors, private supporters are watching. Crucially, so are your beneficiaries.

To read more about how to deter, prevent, detect and respond to fraud and corruption in humanitarian and global development work, make sure you pick up a copy of my book, Fighting Fraud and Corruption in the Humanitarian and Global Development Sector (Routledge, 2016). It’s out now and packed with relevant material!

Fraud and corruption: 10 tips for obtaining buy-in from your NGO’s Board

The Commonwealth corruption conference and anti-corruption summit in London last week saw the full engagement of civil society. Leaders from big household name NGOs were active online and in person, taking the opportunity to challenge a range of related injustices. It was exciting and encouraging, but these events should prompt those NGOs to ask themselves, ‘how effective are our own organisational counter-fraud and corruption frameworks?’ If the question needed underlining, we also learned that the US government is investigating allegations of corruption affecting NGOs in the Syria emergency response.

Syria humanitarian aid — US humanitarian aid bound for Syria

What Boards need to do in order to reduce fraud and corruption risk is well-trodden ground. But for international NGOs, one of the great challenges can, in fact, be the Board. As your organisation’s counter-fraud lead, what do you do if members of your Board don’t recognise that fraud and corruption is a problem? Or merely give it lip service, unwilling to invest in meaningful risk reduction efforts? Or worse, are content to turn a blind eye to the risk of physical assets, funds and stock falling into the wrong hands if most aid gets through?

Obtaining the buy-in of an NGO’s Board isn’t about selling them a product – we need their ongoing support and ownership. It’s about changing perspectives; a long haul, not a quick win. So, in helping to generate that ongoing support, I’ve found that these tips (which are not exhaustive and in no particular order) have assisted my colleagues and I; perhaps they might help you too.

1. Educate to effectuate

Fraud and corruption has, historically, not been well understood in this sector. Your Board may have a low or rudimentary understanding of the risk and how to respond to it. This means starting at a basic level, making no assumptions, taking the time to address myths and misconceptions and playing a longer game. ‘Educate as you go,’ Willie Oelofse from Deloitte Kenya told NGOs at a conference in January. As we do so, of course, it’s important to remember that counter-fraud is a good news topic – your organisation may be at high risk, but actually there’s a lot that can be done to reduce it. Boardrooms are learning environments too.

2. Keep it simple

Board members are busy. NGOs (especially humanitarian agencies) are often very responsive, and Board members’ attention is divided between competing thematic risk areas and arising issues. Use your time with them wisely. Proposal documents and assessments, for example, should be short or with executive summaries. Don’t bury key messages in a risk assessment document the size of a telephone directory.

3. Speak from within

Civil society is under attack the world over, and the issue of their fraud and corruption exposure can be something that sends Board members running for their shields and helmets – especially if it is perceived to come from an out-group rather than in-group. Take charge of how the matter is framed. Don’t let them entrench in defensive positions to ‘fend off’ your ‘attack,’ or sit in a ‘prospective client’ chair to listen to you ‘pitch’. Instead, use their business language, show your understanding of the difficulties they face, and speak from inside their group. Explain the landscape around them, and how you can help them navigate across it.

4. Remember that they’re individuals

People make decisions differently and on the basis of different values. For example, I am a big fan of the MBTI, which is one of a range of models that can help us to understand how we like to work and how best to relate to others. Models like these can really help to improve workplace relationships. So try to understand each member of your Board as a person, and what really drives their decisions. Some will be persuaded by cold, hard data, others by less tangible matters such as how your agenda relates to values, supports people, and so on.

5. Bring the risk to life

Fraud and corruption, especially at a strategic level, can be abstract concepts. Help the Board to connect by painting a picture of the risk with case studies. If you don’t have any in your own organisation, then perhaps partners, donors or other organisations have some they will let you use? If not, then find cases in the public space affecting comparable organisations. If you’re really struggling, consider using fictional examples – but remember to state that they’re fictional!

6. Show the benefits

NGO Boards are often allergic to anything with a whiff of extra expense, especially if it is ‘overhead’ or ‘administration’ flavoured. So explain the benefits of the agenda not just in terms of what it prevents, but also what it gains – efficiency, effectiveness, quality improvement, and so on. Much of counter-fraud work synergises with good management (an example arises from the world of retail – smiling as a customer enters not only deters shoplifting by making the individual feel noticed, but is also good customer service!).

7. Take an evidence-based approach

NGO Boards manage a lot of risks, only some of which materialize. Using evidence helps them to appreciate how fraud and corruption sits, whether that evidence is perception-based, representative sampled, or from other diverse sources. Cast the evidence net wide – consider staff surveys (especially anonymous surveys), risk assessments, project and programme evaluations, audit reports, security reports, academic research and open source. This may mean that you need to start by improving the detection of incidents, in order to gather enough material. Be cautious with the use of quantification estimates, as these can be inherently open to challenge by those feeling resistant, and with over-stating the case (being debunked seriously damages credibility). Remember to cater for any risks created by the counter-fraud agenda, and to consider any donor or legal obligations.

8. Align with organisational objectives and strategy

Just as is the case with private and public sector organisations, the counter-fraud agenda needs to directly support the organisation’s mission. This needs to be clearly elucidated so that Boards can see that counter-fraud is a mainstream activity, rather than a distraction.

9. Obtain a sponsor

In March’s Charity Finance magazine, I explained why fraud and corruption needs to be a standing priority for NGO Boards. But in addition to this, the counter-fraud agenda needs a champion at Board level. Benefits of this include how the champion can look out for synergies with other business areas as they’re discussed.

10. Put in the legwork

A ten-minute agenda item at a Board meeting is not enough to ensure that a Board truly embraces counter-fraud and corruption. Obtain regular meetings with each member to explore their own position and build their buy-in – especially before key decisions are to be made. Similarly, the counter-fraud agenda needs to align not just to the organisation’s mission but to the agendas of those individual Board members. How does countering fraud help, not hinder, the aims of the person in front of you?

11. Bonus tip!

Why not get the members of your Board a copy of Fighting Fraud and Corruption in the Humanitarian and Global Development Sector? It explains the risk, busts myths and misconceptions, and sets out ways for NGOs to minimise the risk. It’s out now with by Routledge, pick up a hardback or e-reader copy via the Routledge website or Amazon!

Aid diversion to terrorists: 3 things NGOs need to know

This week I’ve been in Nairobi, Kenya, delivering workshops for local NGOs on minimising the risk of money-laundering and terrorist financing. Preparing the material led me to reflect on some of the conversations I’ve had with NGO managers about reducing the risk that physical assets, funds and stock might fall into the hands of those designated as terrorists, or subject to financial sanctions.

This presents a very challenging issue for NGOs that work in high-risk areas, and one with significant tensions at its heart. These include the tension between minimising the risk of diversion versus disrupting the delivery of aid, competing obligations on the ground, and the wider balancing act between regulation and enforcement versus guidance and capacity building.

It does not help that the international regulatory picture and sectoral response are far from coherent, and subsequently it is understandable that there are widespread misunderstandings. This is not an exhaustive article, of course, but we’ll explore (in no particular order) some of the most common areas that have popped up in my conversations around the sector.

Audit may be unlikely to pick up incidents.

Audit is a helpful process that assists managers to meet their organisational goals and minimise risks. It is not its purpose to detect financial crime (less than 20% of detected fraud cases are identified this way). That’s assuming, of course, that systematic and independent audit even happens – in remote programmes, conflict zones or humanitarian emergencies, whole projects in some organisations may see little or no independent review at all.

NGO managers need to avoid the errors of assuming that a detection-free audit is an all-clear, or that it is solely the duty of auditors to prevent and detect financial crime, rather than everybody’s responsibility. ‘Protection money’ or ‘taxes’ paid to terrorist groups can be masked as vague costs, such as ‘transport’ or ‘security.’ If identity and sanctions list checks of partners, contractors, consultants, staff and volunteers were not conducted, auditors won’t necessarily pick up positive hits either. Audit may help identify vulnerabilities, but it cannot be relied upon to spot incidents.

Instead, according to FATF, factors that might elevate an NGO’s risk include programmes in close proximity to terrorist groups, and/or those that are ‘service’-oriented; these could include construction and distributions (i.e. operations more likely to involve the movement of physical assets, funds or stock). An NGO in this position needs to ensure that it implements a meaningful risk management cycle, creating space to look for vulnerabilities and taking reasonable precautions. Risk assessment is only a bureaucratic ‘tick-box exercise’ if we let it be – it can be a powerful method to spot what could go wrong and do our best to prepare for it.

Transferring all the risk to local partners isn’t fair.

In my book, I suggest that a chain of unbridled risk transfer from back-donors to INGOs to local partners has the opposite effect of protecting funds – it increases the risk of fraud and corruption. In the end, too much risk derived from decisions taken in coffee-laced, air-conditioned meetings in Brussels, London and Kabul sits on the shoulders of one Afghan worker standing in the sun at a checkpoint in Badakhshan. This is poor risk management, poor partnership-working, and poor diversion prevention.

The flow needs to be inverted. Rather than just responsibility flowing from back-donor to local organisation, communication about the nature of the risks needs to flow the other way, and provoke increased investment in capacity-building and shared responsibility. There are difficulties with reconciling programmatic objectives and terrorism risk (‘what if we really can’t access that population without a payment?’), but we will not start to address these if agencies hide behind risk transfer to avoid the conversation.

Relying on assurances of non-prosecution is dangerous.

In 2015, the UK government issued guidance describing the risk of a prosecution for a terrorism offence as a result of involvement in humanitarian efforts or conflict resolution as ‘low.’ This was encouraging in terms of the British government’s recognition of the vital need for humanitarian work in conflict zones and the difficult circumstances in which it occurs. However, we need to be cautious about how we respond to this in terms of our investment in minimising the risk – we might have been here before.

In 2010, the Bribery Act led to a flurry of compliance activity amongst NGOs keen to avoid prosecution for failing to prevent bribery. According to some, however, unnamed British officials apparently indicated to nervous NGOs that their organisations were not the focus of this legislation and appeared to imply that they would not be paid much attention. Some perceive that, sadly, this well-intentioned move contributed to a dwindling of effort amongst some NGOs in developing meaningful compliance frameworks. (Ironically, in this regulation with strong ‘prevention’ requirements, it is the dwindling of effort and its consequences that could potentially elevate the chances of prosecution!)

Implied assurance of non-prosecution is always caveated, is not always made by those with the correct authority, and might not relate to that which is perceived. The British guidance note, for example, does not indicate whether it is referring to placing resources in the hands of terrorists (potentially s15-18 Terrorism Act offences), failing to have sufficient systems to prevent sanctions breaches (potentially a s34 Terrorist Asset Freezing Act offence of neglect), failing to report a suspected funding offence (s19 Terrorism Act), or some of those, or none – and so on. In any event, any decisions would be made on the basis of the prevailing circumstances of the case and it is worth noting that Save the Children International were investigated by the Metropolitan Police for allegedly failing to report a suspected incident of theft by a terrorist group in Somalia.

This situation also comes with an ethical choice – if we are not to be prosecuted, is it okay to commit the offence? Our donors and supporters may have something to say about that.

Assurances of the low probability of prosecution are not literal Get Out Of Jail Free cards. Instead, a pragmatic response for NGOs might be to continue to do all that is reasonable to comply with regulations, invest in proper systems to reduce the risk of both incidents and non-compliance, and maintain dialogue with authorities on the implications for humanitarian operations generated by the intricacies of their regulatory regimes. And there is no substitute, of course, for professional legal advice.

Conclusion

As with many of the corruption risks facing NGOs, the issues are complex and difficult. NGOs require the understanding – and patience – of the public, their donors and host governments. However, there is much that NGOs can do to reduce these risks.

Many of the systems and approaches that minimise the risk of diversion represent good governance and management – creating space for proper planning and monitoring of operations, ensuring that open internal communication channels exist, investing in the coherent verification of outputs, the diligent management of third parties, and so on. Getting these things right in areas where we are more able to do so reduces overall exposure, allowing us to focus our problem-solving on the areas where things are more challenging.

Improving transparency – or, in old money, having the conversation – will start the ball rolling.

Going local: Could national NGOs prevent more fraud than international agencies?

Last year, UN investigations into several small, local partner NGOs in Somalia resulted in estimates that up to 79% of disbursed funds (in the region of US$3m) could have been stolen, with suggestions that some of it could have fallen into terrorist hands.

The local partners of international agencies vary widely; the term encapsulates an enormous number of diverse organisations, from grassroots collectives to municipal authorities, educational institutions, and local (or ‘national’) NGOs. The relationships themselves are also diverse.

Working with partners is crucial, offering international organisations deep insights into the localised causes, enablers and solutions of the issues that their missions tackle, as well as (often) heightened access to beneficiaries. Helping to establish, grow and support local civil societies is also vital to the future of global development.

But there is a tension. Case studies such the UN’s experience in Somalia support a perception amongst many in the sector that, generally speaking, working with local partners represents an elevated fraud and corruption risk. A range of reasons are commonly cited for this, but the most common perhaps is where partners carry lower capacity and capability in finance and wider management by comparison to that of the international agencies, or donor expectations.

Another way to look at it

In the current global development paradigm, the perception of this risk may be accurate. But not only shouldn’t it surprise us – research suggests that across all sectors, smaller organisations are the most vulnerable to fraud – it also isn’t the whole picture, and rather belies the role played by international actors, including NGOs, institutional donors and development agencies, in perpetuating this vulnerability.

Ways in which these agencies leave the relationships open to fraud and corruption, and can inadvertently help to maintain the vulnerability of local organisations, can include:

Failing to assess or adequately build capacity, or issuing funds in excess of that assessed capacity;
Failing to operate in a true partnership – instead treating the partner as a sub-contractor, irrespective of its fundamentally different nature;
Unbridled and unmanaged risk transfer – sometimes down a long funding chain;
Failure to follow a proper engagement cycle (including strategic planning, assessment and selection, effective engagement and monitoring, and objective evaluation and review) which includes the consideration of fraud and corruption risk at each stage;
Cultural insensitivity, failing to factor in cultural differences around the perception of things like contracts and transactions.

But things could be different. In fact, there are some ways that local organisations could be better at deterring and preventing fraud and corruption than their international agency partners.

1. They have local, contextual knowledge

The first is the very reason international agencies often work with them in the first place – they understand their local environment. They know where the risks are, and are in a strong position to evaluate how to reduce them. This can mean more informed planning (how long does it take to get that permit without paying a bribe?) and risk management, if the space is given to it.

2. They are closer to the action

Whether in remote programme management or not, local partners are often physically closer to project delivery or able to more efficiently move around and interact. This is a substantial advantage for monitoring, and the detection of red flags.

3. They might be part of local accountability systems

Development expert Jennifer Lentfer tells a great story of an encounter with a Liberian village elder in which he described ‘hot money’ and ‘cold money.’ It was an illustration of how local accountability systems exist, but development money might not connect with them – denying it the investment of local communities necessary for greater oversight. Carefully-selected local partners may be part of such systems in a way that international agencies might not, presenting opportunities for greater deterrence of fraud and corruption.

4. They’re increasingly assisted by technology

The global coverage of telecommunications is expanding as fast as its costs are declining, meaning that much humanitarian and development work is happens underneath its umbrella. This means that innovative software and hardware solutions to manage and monitor programming are increasingly available and affordable.

So what?

So how can international actors respond to this – reducing the role that they play in perpetuating the cycle, and instead helping local civil societies to unlock this counter-fraud potential?

1. Actually build capacity

Counter-fraud workshop for local NGOs underway in the Philippines

However many project proposals mention capacity-building, it often does not happen, or if it does, it does so without the clear assessment of need, a plan, and an evaluation phase that are so important for it to actually have effect. Where the capacity and capability of a potential partner is assessed pre-engagement, this should provide the basis for a capacity-building plan. What can we live with, and how do we need to help the partner to grow?

As international NGOs challenge themselves to look for ways they can devolve responsibility, funding and power to local civil societies, helping them to improve their resilience to fraud and corruption would be a great start.

2. Consider the risk of fraud and corruption at each stage of the partner engagement cycle

Fraud and corruption risks vary as a project progresses. At the outset, kickbacks and nepotism can cluster around selection processes. Towards the end, as short-term employment contracts expire, theft of funds and stock can begin to climb in likelihood. At each stage, both partners should give space to identifying the risks and how best to protect the partnership.

3. Seek their advice, and that of national staff

It should be uncontroversial to point out that expat workers are not local experts. And local experts are available – in the partner, and in international agencies’ national staff. Agencies need to take the time to actually ask these reservoirs of knowledge about how best to squeeze fraud and corruption out of this work, and do so in sufficient time that the information can be applied. When I conduct counter-fraud awareness workshops, it is always exciting to hear local participants’ innovative and contextually-relevant ideas.

Conclusion

There are corrupt local organisations out there, of course, who have the sole or corollary aim of gaining access for their principals to international agencies’ funds. But the vast majority of local organisations whom I have encountered have been full of passionate people doing amazing work in difficult circumstances. Robust selection processes are needed to ensure that these are the partners who are taken on.

There are other necessary changes of course – Mango currently champion universal financial management standards for NGOs, which would significantly improve transparency and accountability. But for now, there is much that international agencies can do to truly contribute to local civil societies – not just write about it in their annual reports.

Find out more about the risk that fraud and corruption pose to humanitarian and global development organisations, and how they can better deter, prevent, detect and respond to it, in my book! Click here to get your copy of Fighting Fraud and Corruption in the Humanitarian and Global Development Sector from the Routledge website or Amazon!

Going round in circles: Do NGOs and fraud hide from each other?

In the Foreword to my book, Fighting Fraud and Corruption in the Humanitarian and Global Development Sector, fraud expert Jim Gee mentions the ‘un-virtuous’ circle of fraud detection in the third sector.

I thought I’d draw up what this circle might look like. The starting point, as previous blog posts have mentioned, is that fraud and corruption hide. So, in essence, the un-virtuous circle means that NGOs, nonprofits and charities can lose physical assets, funds, and stock regularly and in potentially significant quantities without any red lights appearing on management’s dashboard. It is fuelled by a fear of the consequences of detection – the potential impact on public reputation, donor relationships, staff morale, and project delivery.

The un-virtuous circle might look like this:

Another way to think of this concealed drainage is like corrosion under your car – unless you go looking for it, you won’t ever realise its presence, scale and danger… until your car falls apart in the middle of the motorway. You may fear the consequences (e.g. costs involved) of detecting the corrosion and needing to deal with it, but these costs in the long run are less than those that the motorway incident might involve.

Concealed drainage vs squeezing every drop from our resources

As public scrutiny of the sector rises, together with increased recognition of the scale of fraud and corruption risk facing such organisations, we need to move to a virtuous circle, fuelled by a desire to secure donor, public and staff trust by evidencing accountability and transparency. A virtuous circle might look like this:

In this circle, global development organisations invest in a counter-fraud framework that detects incidents, allowing them to take an evidence-based approach to developing ever-more effective counter-measures and therefore reduce their exposure to fraud and corruption.

Improving the detection of fraud and corruption

‘But what if my organisation really doesn’t have any fraud?’ one might ask. Possibly, but given the scale and nature of the risk factors affecting humanitarian and global development organisations, wider under-detection is a better explanation of low detection.

A holistic approach means that countering fraud and corruption is not just about detecting suspicious matters, but detection is an important strand. In addition to effective and embedded detective controls (such as inventories and reconciliations), key detective methods for humanitarian and global development organisations should include:

Clear ‘overt’ reporting mechanisms for staff and third parties to raise concerns with line management;
Confidential reporting mechanisms for staff and third parties to report with an expectation of confidentiality and safety;
Dedicated work to build trust in ‘overt’ and confidential systems amongst staff, and to communicate and promote these systems;
Beneficiary feedback mechanisms;
The use of electronic systems to identify ‘red flags’, anomalies and patterns;
Proactive examinations of records (‘fraudits’);
Information-sharing with third parties, such as other INGOs or information exchange services;
Methods to provide early-warnings of incidents, or rising risk, in local partners;
Investment in the wider components (deterrence, prevention, response, strategic management, cultural development, and enabling activities) of a holistic counter-fraud and corruption framework that support the detection agenda.

Find out more about the risk that fraud and corruption pose to humanitarian and global development organisations, and how they can better deter, prevent, detect and respond to it, in my book! Click here to get your copy of Fighting Fraud and Corruption in the Humanitarian and Global Development Sector from the Routledge website or Amazon!

Trust issues: Does a ‘culture of trust’ make your NGO effective, or vulnerable to fraud and corruption?

Years ago, as a teenager, I walked past a bakery in my home town which had a ‘part-time Saturday work – inquire within’ sign on the window. In I went, and asked the lady at the till whether I could apply. She summoned a flour-dusted gentlemen from the back, and asked him: ‘What do you think – a young man?’

He gave me a cursory glance up and down, shook his head, and said: ‘No.’

The baker vanished again, and the lady shrugged. I left, dejected and wondering whether they thought a female candidate might be more trustworthy.

Trust is very important in the workplace. We know that ’empowerment’ is probably a key factor in employee satisfaction, and that there might be a link between the quality of staff performance and their sense of that. We also know that there is a level of trust inherent in all controls, and that humanitarian and global development organisations need to devolve substantial responsibility in (for example) emergency operations, distant field offices, and when working with volunteers. Trust is an important lubricant for our operations. Untrusting workplaces feel austere: morale-deserts that suck the moisture of life out of us.

There is, however, a tension between the need to trust, and the risk of abuse – such as fraud and corruption. Some have argued that the scale of trust in charities, NGOs and non-profits elevates their vulnerability to fraud, a perception with which a 2009 survey of UK charities seemed to agree.

When you unpack it, it is hard to find justifications for the idea that charity, NGO and non-profit workers are more trustworthy than those in other sectors. Such an idea would seem to imply that people are either honest or dishonest, and one can determine which is which from their career choices. This is patently untrue – people are complicated, and are the products of factors acting upon and through them.

Instead, there are good reasons to look again at the extent of our cultures of trust.

Firstly, fraud and corruption are designed to hide and masquerade, like chameleons, stonefish or those alarming wobbegong sharks. Instances can look (for example) like the product of poor training or non-compliance through operational stretch – there’s always an excuse for anomalies. Arguably, if we are too trusting, we never dig deep enough to find out when something dishonest is afoot.

Secondly, the Association of Certified Fraud Examiners (ACFE) found in 2012 that 87% of the occupational fraudsters they studied had never been charged or convicted of a fraud-related offence, while 84% hadn’t been punished or dismissed by a previous employer for fraud-related conduct. They were ‘clean (and trusted) skins.’ Noting that this is the second Pesh Framjee reference on this blog (sorry, Pesh), no wonder he said at a recent conference in the UK: ‘In God we trust, everybody else we audit.’

Thirdly, when NGO managers cite a ‘culture of trust’ in their organisation, they need to ask themselves – is this really a conscious, intentional, planned and managed organisational culture – or a phrase being used to cover mismanagement such as conflict-aversion or complacency?

So, how do we reconcile this tension? For many NGOs, non-profits and charities, the first step is the recognition than an alternative is needed – a culture of trust that isn’t at the expense of vigilance. While trust is important, fraud and corruption can be enabled when:

The organisational culture is not intentional, monitored and reviewed;
Trust is used an excuse for failing to maintain proportionate visibility of work, ask questions, and challenge managers and staff – or for failing to build the capacity of staff, volunteers or local partners to manage resources effectively;
Trust is allowed to extend into complacency, such as permitting the absence of, or non-compliance with, meaningful internal controls and risk management.

Here are six suggested ways we can foster trust, at the same time as reducing the risk of fraud and corruption.

1. Ensure that sufficient checks are conducted before a person is let into a culture or position of trust

Don’t just seek two employment references – after all, what self-respecting fraudster volunteers damaging referees? Consider:

Conducting dip-sample checks on the contents of CVs (some research suggests a significant proportion of applicants lie about qualifications);
Joining an information-exchange service such as CIFAS;
Ensuring that criminal record checks are conducted in a timely fashion (and consider using a commercial checking agency);
Obtaining local legal advice on checking the internet footprint of applicants – contrary to popular belief, it is often not unlawful to Google applicants as part of the background check process.

2. Develop a good understanding of the signs that your trust is being abused

Know what ‘red flags’ – signs that something might be wrong – look like. Organisations like the ACFE and the World Bank publish lists of them online. Being trusting does not mean failing to ask questions or probe anomalies – prompt action is needed where red flags are identified.

3. Have proportionate internal controls…

Having a culture of trust does not mean having no, or inadequate, controls. Neither, of course, does it mean an onerous filing cabinet’s worth of policies, procedures and systems (in fact evidence suggests that too many, or too demanding, controls reduces compliance). It means having just enough to manage the risks – an ongoing cycle of design, implementation and review of proportionate internal controls. It also, of course, means having an effective organisational counter-fraud and corruption framework.

4. …and actually follow them

Counter-intuitively, it is the failure to follow policies, procedures and systems that can often be so corrosive to trust in the workplace. Following some but not others makes staff feel untrusted, wondering ‘why am I being checked on this but he isn’t on that,’ and allows suspicions to develop when others are routinely non-compliant without challenge (‘is she committing fraud or taking kickbacks? Did she bribe the manager to turn a blind eye to it?’). Not only does routine non-compliance make it much harder to identify dishonest non-compliance, but it also leaves staff uneasy and confused – the norms of their workplaces unclear.

Instead, to feel safe, secure and successful, we all need to know where the boundaries are, and we all need feedback on our performance. After all, if we are mission-oriented, then ‘oversight’ is about colleagues working together to maximise our effectiveness and efficiency in delivering that mission, right?

5. Articulate the value of policies, procedures and systems

One of the things we can do to reduce the perception that having and following rules represents a failure to trust, is to re-frame activities like due diligence and monitoring. We need to be clear with managers and staff about our expectations, and explain that following policies, procedures and systems is about:

Transparency. It means we are all accountable to each other, and it’s easier to spot what is wrong when right is the norm;
Teamwork. NGOs can be big organisations, and when we follow procedures, it enables colleagues and teams in other departments to do their job – knowing what to expect from us and when;
Totality. Nobody likes going through airport security and being zapped, prodded and rummaged. But we all accept it, because we know it’s needed to deter and prevent a very small number of people who could create a catastrophic event. In the same way, we all need to adhere to policies, procedures and systems, because of the small number of people we need to catch misbehaving.

6. Develop internal culture with intentionality

A defence against the use of a ‘culture of trust’ as an excuse for poor management might be to define the organisational culture we do want, and what the indicators of it might be. That way, poor management behaviours are easily compared against this standard.

Internal culture is something that happens whether it is intended or not – and it only needs a few people in an organisation for one to develop. Taking hold of it and shaping it to be an effective force-multiplier for our missions can be very powerful.

Trust can be a great asset – as long as it is sited within a culture that also actively reduces the risk of fraud and corruption.

Find out more about the risk that fraud and corruption pose to humanitarian and global development organisations, and how they can better deter, prevent, detect and respond to it, in my book! Click here to get your copy of Fighting Fraud and Corruption in the Humanitarian and Global Development Sector from the Routledge website or Amazon!

Mind your head: How the push for low overheads in charities raises the risk of fraud

In December, an outfit called the True and Fair Foundation drew the ire of the UK third sector with a report attacking the amount spent on ‘charitable activities’ versus other spending such as ‘overhead.’ The analysis was flawed (Pesh Framjee comprehensively dismantles it here), but the incident was notable as yet another attack on NGOs which played to the idea that costs not seen as directly related to delivery are wasteful at best and, at worst, self-serving. It is a notion that some researchers have argued leads to a ‘non-profit starvation cycle,’ pushing non-profits into a race to the bottom for lower and lower declared overheads.

Proponents of the drive for ever-lower ‘overhead,’ ‘administration’ or ‘support’ costs are often unclear (or contradictory) about what expenditure is actually meant. The impact of the drive is that many NGOs are incentivised to cut to the bare bone anything with a whiff of ‘support cost,’ and which cannot be said to directly relate to delivery. This can include finance, human resources, IT, investment in systems, supply chain management, procurement, wider logistics and other costs.

This has a range of consequences for the effective operation and development of NGOs, but a particular ramification is the increased vulnerability to fraud. Anecdotally, my NGO counter-fraud colleagues and I rarely see a case of fraud or corruption where significant improvements to prevention – that is, having policies, procedures and systems, proper management oversight, the independent review of both, and a coherent risk management framework – would not have significantly reduced the chances of it happening. An example might be World Vision’s experience in Liberia, where staff stole approximately $1m of food and construction materials. World Vision’s statement following the case listed a number of changes in the wake of the fraud.

Key ways that NGOs can more effectively prevent fraud and corruption, thus living out the stewardship that their donors and supporters expect, include:

Conducting fraud and corruption risk assessment before and throughout a project;
Performing due diligence on new staff, contractors, consultants and local partners;
Designing, implementing and complying with robust systems of financial control;
Conducting proper checks before authorising expenditure, and keeping accurate records of stock movement;
Utilising electronic systems where possible, making funds and stock easier to track;
Properly monitoring and evaluating projects;
Training staff and managers in how to identify and respond to the signs of fraud and corruption.

What becomes clear, of course, is that many – if not all – of these require investment in what some might think of as overhead, administration or support costs. Conducting checks before authorising payments, for example, requires staff to do it. As they say in the theatrical industry, it’s about ‘bums on seats.’ Both the bum, and the seat, are support costs.

This narrative, and the resultant dynamic, can leave NGOs who respond to it more vulnerable to fraud and corruption. The damage is not just limited to prevention, either – it also impacts upon detection. Because fraud and corruption are designed to hide, they are unlikely to be picked up without investment in the systems and functions to do so. This contributes to the ideal conditions for fraud. The idea that low overhead, administration or support costs automatically mean greater resource for delivery is immediately debunked – because without them, at least some of that delivery can be happily and secretly stolen.

Ironically, of course, a driver behind the flawed narrative is a desire to see good stewardship in NGOs. But in the same way that it would not represent good stewardship for a fire department to send firefighters into burning houses without protective clothing, it does not represent good stewardship for charities to move resources around without sufficient protective systems clothing those resources. Although there is, of course, a balance to strike – enormous overhead, administrative and support costs are a red flag – under-investment in prevention, and the infrastructure that makes prevention happen, is a key enabler of fraud and corruption for NGOs.

Five suggestions to change the dynamic

Reduce the extent to which your NGO fuels the paradigm. Avoid semantic games and creative reporting about what costs are, and are not, ‘delivery’ or ‘administration.’ Be clear in reports about what broad terms mean;
Celebrate the value of ‘support-side’ work. Supporter marketing usually focuses on delivery activities – consider promoting and explaining the powerful contribution made by what might be thought of as ‘administration’. Delivery happens because of support costs – not in spite of them;
Educate courageously in the public space. The Charity Defense Council (of which Dan Pallotta is a director) in the US is a good example of clear and determined voices tackling the pressure on charities;
Take every opportunity to claim ‘support-side’ funding. Where institutional donors make funds available for support costs, use them. If funding is available for a compliance officer, for example, employ one!
Invest in ‘overhead’, ‘administration’ or ‘support’ in the first place. These expenditures may not come with the inspiring business cases or immediate sense of reward that programmes might, but they are no less vital for making sure that those programmes happen, and that they are the best and most sustainable they could possibly be.

Find out more about the risk that fraud and corruption pose to humanitarian and global development organisations, and how they can better deter, prevent, detect and respond to it, in my book! Click here to get your copy of Fighting Fraud and Corruption in the Humanitarian and Global Development Sector from the Routledge website or Amazon!

Do you recognise the reputational risk – and how to manage it?

What does ‘risk assessment’ mean to you?

How effectively are you managing conflicts of interest?

What do you say, and what do you incentivise?

Share this:

1. Educate to effectuate

2. Keep it simple

3. Speak from within

4. Remember that they’re individuals

5. Bring the risk to life

6. Show the benefits

7. Take an evidence-based approach

8. Align with organisational objectives and strategy

9. Obtain a sponsor

10. Put in the legwork

11. Bonus tip!

Share this:

Audit may be unlikely to pick up incidents.

Transferring all the risk to local partners isn’t fair.

Relying on assurances of non-prosecution is dangerous.

Conclusion

Share this:

Another way to look at it

1. They have local, contextual knowledge

2. They are closer to the action

3. They might be part of local accountability systems

4. They’re increasingly assisted by technology

So what?

1. Actually build capacity

2. Consider the risk of fraud and corruption at each stage of the partner engagement cycle

3. Seek their advice, and that of national staff

Conclusion

Share this:

Concealed drainage vs squeezing every drop from our resources

Improving the detection of fraud and corruption

Share this:

1. Ensure that sufficient checks are conducted before a person is let into a culture or position of trust

2. Develop a good understanding of the signs that your trust is being abused

3. Have proportionate internal controls…

4. …and actually follow them

5. Articulate the value of policies, procedures and systems

6. Develop internal culture with intentionality

Share this:

Share this: