Mean Distribution: Fraud in beneficiary distribution lists

in this guest post, Najwa Whistler offers some insights into preventing and detecting fraud in beneficiary distribution lists. Experiences have been anonymised. Images are used for illustration only, and there is no suggestion that the events shown involved any of the issues discussed in Najwa’s article.

800px-Red_Cross_aid_distribution_in_Port-au-Prince_2010-01-25_2
NFI distribution in Port-au-Prince, Haiti (Red Cross, 2010)

A common form of evidence that a distribution of food or Non-Food Items (NFIs, such as hygiene kits), a training event, or any other service actually took place is a list of named recipients. This might be either pre-printed or handwritten, and featuring the signature or fingerprint of the recipients. In principle this should work – but does it work in practice?

From the experience of my colleagues and I in different NGOs, in both emergency and non-emergency contexts, here are some real-life examples.

One organisation was distributing NFIs in a very insecure location to the most vulnerable population. The organisation relied on its local staff for the distribution, beneficiaries were asked for a fingerprint as the unique identifier of receipt, and the senior managers were satisfied upon receipt of all the distribution lists. But when an audit was conducted by the donor, the auditors became concerned about the lists and sent them to a forensic laboratory. The results came back that all the prints belonging to just five individuals, and not all were finger prints. I couldn’t remove the image from my head of someone dipping their toes in ink!

800px-Patiently_waiting_for_food_aid_in_Bamako,_Mali_(8509960593)
Food distribution in Bamako, Mali (WFP/DFID, 2013)

While the organisation went the extra mile to reach the unreachable and ensure no beneficiary was left behind, five people were going the extra mile to spend hours faking records to steal from them.

Another example is when these records come back crisp, clean and as good as new. You can be almost sure that the papers have never left the desk of the supervisor. Other things to watch out for closely are signatures that are easily recognised as being signed by the same person, signatures with repetitive recipient names, or family names that alternate with first names.

Of course, these red flags do not necessarily mean fraud has taken place. Sometimes, for example, one person signs on behalf of other beneficiaries because they couldn’t all travel to the point of distribution. Or maybe the supervisor signs on behalf of the beneficiaries because it is not practical to collect a signature or fingerprint during the distribution. These situations are different to the creation of phantom beneficiaries, or falsely confirming that a service or item has been delivered.

What can we do about it?

In acute emergencies, the efforts should be focused on reaching people, eliminating their suffering, and treating them with dignity and respect. Collecting recipients’ confirmation can be impractical at times.

drone-1142182_1920In these situations, organisations can rely on alternative evidence of the delivery, such as the evidence of the supplies’ transport to, and arrival at, the point of distribution. Distributions can also be recorded with modern technologies such as biometrics, body cameras on the distributors, or even mini-drones which can be deployed to record at a set altitude above a person wearing a transmitter.

Organisations can also consider:

  • Conducting individual interviews with the staff involved in the distribution. Don’t exclude drivers and guards. They can be good witnesses, giving their experience of the distribution to enable organisations to compare stories for any inconsistencies or reasons for suspicion;
  • Keeping photographs and videos from cell phones if no other technology is available;
  • Ensuring that the delivery team is from different departments in the organisation, where possible;
  • Ensuring that emergency response personnel are trained on the counter-fraud, anti-corruption and whistleblowing policies that the organisation has in place.

pexels-photo-210647In non-emergency activities such as training, incorporating fraud detection into post-event monitoring and evaluation is key. Organisations can randomly select a sample of recipients, contact them for feedback, and verify receipt of the items or service.

Monitoring questions of a training delivery might be:

  • Your name?
  • Did you receive any training in the last 6 months?
  • Who was the provider?
  • Where was the training?
  • What was the subject of the training?
  • What session did you find most useful?
  • How did the training that you’ve received helped you improve in your daily work?
  • Who else attended the training?
  • How do you rate the trainer’s skills?
  • Give one recommendation to improve future trainings, what can be done differently?
  • What is your feedback on the venue? Was lunch provided? Did you receive a per-diem or transport cost? How much did you receive?
  • Any comments/other feedback?

In summary, these days technology has made monitoring and evaluation much easier and more efficient. But even so, we must be careful not to exchange one set of risks for another. The key to successful prevention and detection of fraud in beneficiary lists is to think creatively, both about how we apply controls in difficult circumstances – and how we catch those who collude to overcome them.

passport photoNajwa Whistler is a finance director with 18 years of experience working for several international NGOs around the world. Growing up in a small village in Lebanon in poverty during the civil war built her resilience and determination to work in international development. She enjoys cooking and dancing. You can reach her via naj.whistler@gmail.com

Cover photo: During the crisis in Yemen, ECHO funded a second phase of a cash distribution programme to help 4,000 families meet their basic needs during the pre-harvest lean season between July and December 2012. Close monitoring ensured that money was spent on essential items (ECHO/T. Bertouille, 2012).

 

Advertisements

Silent Partners: Are you working with a local NGO that doesn’t exist?

In this guest post, experienced global development finance professional Najwa Whistler describes her experience investigating ghost NGOs in a conflict zone. Names and details have been changed.

roadSome years ago, I found myself investigating events in a program in a war-torn country. The program had been set up to build the capacity of small local NGOs to implement community development projects. The concept was great, the donor funding had been secured, local partner NGOs had submitted proposals and agreements had been signed, transfers had been made and reports had been received. The only problem was that most of these NGOs didn’t exist.

In development sector investigations, one of the first actions upon arriving in-country is to meet with the local program director and understand how the concerns began. But within moments of sitting down with Nancy, I could already start to see how the fraud had arisen.

afghanistan-60668_1920Ex-pat Nancy used to be a teacher in Canada, and this was her first job in an international NGO. She was young, and idealistic, but it was clear that she did not have the relevant skills and experience. A conflict zone is a dangerous and stressful place, often with high staff-turnover, and the international NGO had compromised on her qualifications to find someone willing to endure the hardship.

As I talked through Nancy’s concerns that their local partners might not exist, two things became very clear. The first was that Nancy did not have field trip and progress reports and had not visited their offices.

“Why?” I asked.

“Oh, I can’t visit, it’s too dangerous,” she said.

The second was that, instead, Nancy had relied heavily on a single individual to manage this project.

“Can I see the checklist for the review of the partners’ proposals, and who was involved in the decision making?” I asked.

Nancy nodded. “Raj, the national program manager, reviewed the proposals and approved them – then he prepared the contracts.”

Raj had worked for the international NGO for many years.  In his late forties and a man of few words, he was a hard worker – the first in the office, the last to leave, and rarely took a day off. Nancy delegated most of her tasks to him.

volkswagen-569315_1920When my team drove out to the field to visit the partners and the communities, I went with Malik, a driver, who turned out to be Raj’s brother. The driver tipped off the ‘NGOs’ that we were coming for a visit.

Malik took us to a building consisting of five rooms and a hall way. On the door of each room was a crisp, freshly printed A4 paper with the name of each ’NGO’. In each room sat one man, the ‘managing director’ of each ‘NGO’. Solidarity, cooperation and co-ordination between NGOs at its best perhaps, and rarely seen to such an extent!

Malik was not the only person I met that day close to Raj. All five men came from the same village, and the same kinship group, as the brothers. This was surprising too – as the community development projects were in an area where the majority of locals were from a different kinship group – one with a long history of conflict with that of the brothers.

Over the day, I sat with each ‘managing director’ and asked about the progress of the work, the challenges, their records and their reports. Not one could locate any team members, volunteers or records with whom I could engage.

“I keep the documentation at my house because it is not safe to keep them in this building,” said one. Perhaps unsurprisingly, he would not allow us to follow him to his house or wait while he retrieved the documents as the house was ‘too far’.

Unfortunately, this picture is not unusual. But the red flags were visible in this case – and there are things we can do to better spot them and manage these risks.

office-594132_1920Firstly, ensure a realistic and validated assessment of potential partners takes place. More than one person or function needs to be involved in this assessment, and it should compare project proposals. Involve logistics and procurement teams to verify market rates.

Secondly, constantly review your project management approach during its lifecycle. Perform regular visits to the projects when the security situation allows. Ask the team members of the local partner organisation to meet you at your office from time to time.

Thirdly, even in environments where we trust our colleagues, ensure that you take a robust approach to verification. If security doesn’t allow you to physically visit the project, perhaps you can ask for GPS located photos of activities – and do not be afraid to ask for them again if the first ones look odd! Interview beneficiaries over the phone. Talk to donors and other international organisations working in the same area about their experiences.

passport photoNajwa Whistler is a finance director with 18 years of experience working for several international NGOs around the world. Growing up in a small village in Lebanon in poverty during the civil war built her resilience and determination to work in international development. She enjoys cooking and dancing. You can reach her via naj.whistler@gmail.com

In Rehab: Restoring a team after an insider fraud

When I arrived at my last employer’s headquarters on my first day as their new head of counter-fraud, I did not know that the vacancy had arisen because my predecessor had committed… fraud.

The last person to hold that office had stolen nearly £65,000 using false invoices from fake companies. He had been arrested, would plead guilty at court and receive a custodial sentence. Despite the lurid headlines, the organisation was open about what had happened.

1If a humanitarian or global development organisation gets serious about tackling fraud and corruption, then it will detect cases – possibly in significant numbers. As my organisation invested in counter-fraud efforts, for example, we saw recorded suspicions in its global operations nearly treble in three years (this, of course, reflected a rise in vigilance and engagement rather than incidents).

But what happens after an incident of insider fraud or corruption, when the dust settles?

rippleThe job does not finish with the dismissal or conviction of the suspect(s). These incidents have long tails – there is work still to be done to rehabilitate the project or business unit in which the incident took place. An incident represents a severe breach of trust; workers may feel abused and betrayed. The ripples can spread wide.

How we go about rebuilding a team and restoring a business function depends hugely on the circumstances of the case, and there is no ‘one-size-fits-all approach. Although we only have space here for a few pointers, I have learned some lessons from helping teams like mine to overcome setbacks like this – these considerations may be helpful for you too.

First things first

The aftermath of an incident is the time to ask some basic questions: Could this happen again, and are there any other vulnerabilities we can spot?

Startup Stock PhotosHopefully, the organisational response included a lessons-learned exercise, generating changes to implement. This should look beyond the internal controls, also into enabling factors such as culture, communication and awareness.

That said, a fresh and full fraud and corruption risk assessment of the department can be helpful. Are there other vulnerabilities beyond the affected processes? An unexpected further case – just as things settle  – can create more uncertainty for the team if more changes to processes are necessary. Instead, let’s make all the adjustments we need to now (and capture the benefit of a sense of ‘moving on’) rather than risk constant change for the team.

planningNow is also a good time to do some contingency planning. Is the incident serious enough that it could result in regulatory interest, onerous remedial controls applied by institutional donors, or put future funding at risk, for example? We can prepare for these.

Startup Stock Photos

Remember to seek advice. Overcoming an incident of fraud or corruption is a risk-rich activity. Consider engaging with HR, internal communications, legal, any dedicated counter-fraud or ethics or integrity office, staff health and/or other relevant specialists.

Treat people as individuals…

colored-pencils-179167_1920Team members will respond to the matter differently. While some may be relatively unaffected, others may not. It is important to note that where staff have made a commitment to an organisation on the basis of their values – perhaps more common for charities, nonprofits and NGOs than for private sector organisations – a breach of trust could be more impactive. Perhaps there could even be a grief reaction for some team members.

sadLook out for, and respond to, the traditional symptoms of stress, low morale and anxiety. These might include absenteeism, disciplinary issues, a rise in complaints, and disillusionment. An incident can impact upon personal and professional confidence, and colleagues may feel fear, shame or embarrassment. Will the incident create a funding crisis, putting their jobs at risk? Will staff have to justify themselves to an angry public? Consider access to staff support systems, and formal interventions such as counselling and facilitated debriefing.

16404-a-woman-in-a-business-meeting-pvBe a compassionate and responsive manager. Avoid assuming you understand how people feel or why they behave the way they do. Instead, in your one-to-one meetings with team members, explore how they are experiencing the crisis and responding to it. Remember, of course, to make it clear that this is pastoral and not investigative. Similarly, it is important to restore individuals’ sense of control. In a way, employees in whose midst an act of fraud or corruption occurred are victims of abuse. Solicit and listen to their concerns and visibly respond to them.

Accept that restoration may take time. Do not assume that the passage of time, themes in office chatter or improved productivity are signals that everybody has moved on. While these might be positive indicators, look out for those left behind.

…But re-build the team

Teams can be fragile creatures, and discovering that someone was out for themselves can undermine the workplace trust that allows them to function.

gambia-239849_1920Clear communication. Rebuilding trust requires the open communication of reliable content. Low information creates anxiety, more information helps manage our ‘fight or flight’ crisis response. Concealing the matter from the team is, therefore, more likely to sow suspicion and fear than peace and confidence. Be as open as you can about what has happened, and what will now happen, within the boundaries of policy, employment law and data protection legislation. As you describe the future, avoid over-promising – employees need clear and consistent messaging from management. If you cannot make promises, don’t; recognise uncertainty and explain what is being done to reduce it.

Similarly, set the right key messages for staff and stakeholders. Absolutes (‘this will never happen again,’ ‘rogue employee,’ ‘isolated incident…’) and over-reassuring can be risky for expectation management.  More sustainable messaging might include that fraud and corruption are normal business risks which we can reduce but not eliminate, and that the best way to respond to incidents is to use them to make us stronger.

Allow the opportunity to debrief. Ask staff what the incident has meant for them, and for the team. Consider soliciting suggestions on how to move forward, which can demonstrate management’s ongoing belief in the wider team (despite the actions of one). It also helps to empower the team to claim their status back, and move forward.

Team_Building_LanzaroteFoster trusting relationships. Ensure that teams meet as regularly as possible, in person or via teleconferencing. Consider holding team-building events, reflective away days and/or ‘how are we doing’ agenda items in meetings. These measures can improve understanding, interaction and trust between team members.

Arrange a good-quality fraud and corruption awareness workshop. This will not only help reduce the risk of incidents, but will also help staff to feel empowered; the best workshops help to generate a sense of solidarity and support amongst the honest majority. Be cautious not to let it feel remedial.

beautiful-day-1374424_1920Lead by example. We know that employees look to the behaviour of their managers to determine their own. So be present; you cannot role-model behaviours and attitudes if you cannot be seen by anyone. Be positive and show how you treat what has happened constructively, managing risk, avoiding blame, taking care of your colleagues (and yourself), and using the incident to make the business unit stronger in the future. As one casualty of a fraud or corruption incident is honesty, ensure that you are (and are seen to be) authentic. So, for example, if you feel hurt, vulnerable or confused, consider sharing those feelings with the team. This helps to normalise these emotions.

Avoid blame. This includes the narrative that we create around the perpetrator. It is tempting to turn them into the catch-all receptacle for all that has gone wrong, but this risks helping to foster a blame culture that can trip us up later. Furthermore, it can help us to move on from a crisis if we are able to see that there are things we could have done differently.

Get back to business-as-usual as quickly as possible

roadReaching project milestones or completing tasks puts clear blue water between the incident and the present, assisting both staff and stakeholders to move on. It also, of course, ensures the progress of the project or business unit. Embed, as rapidly and effectively as possible, any changes to processes to reduce the risk of a recurrence.

Remember the big picture – the goals and values of your organisation. Trust may have been betrayed on this occasion, but a refocus on why we all come to work in the first place can assist everyone to work hard towards recovery.

Thanks to Liz Crowe, Wellbeing at Work Specialist, for her contributions to the content. Liz tweets @lizcrowe2, or visit her website at LizCrowe.org.

FFCHGDSTo read more about how to deter, prevent, detect and respond to fraud and corruption in humanitarian and global development work, make sure you pick up a copy of my book, Fighting Fraud and Corruption in the Humanitarian and Global Development Sector (Routledge, 2016). It’s out now and packed with relevant material!

Fraud and corruption: 10 tips for obtaining buy-in from your NGO’s Board

pexels-photo-70292

The Commonwealth corruption conference and anti-corruption summit in London last week saw the full engagement of civil society. Leaders from big household name NGOs were active online and in person, taking the opportunity to challenge a range of related injustices. It was exciting and encouraging, but these events should prompt those NGOs to ask themselves, ‘how effective are our own organisational counter-fraud and corruption frameworks?’ If the question needed underlining, we also learned that the US government is investigating allegations of corruption affecting NGOs in the Syria emergency response.

Syria humanitarian aid
US humanitarian aid bound for Syria

What Boards need to do in order to reduce fraud and corruption risk is well-trodden ground. But for international NGOs, one of the great challenges can, in fact, be the Board. As your organisation’s counter-fraud lead, what do you do if members of your Board don’t recognise that fraud and corruption is a problem? Or merely give it lip service, unwilling to invest in meaningful risk reduction efforts? Or worse, are content to turn a blind eye to the risk of physical assets, funds and stock falling into the wrong hands if most aid gets through?

Obtaining the buy-in of an NGO’s Board isn’t about selling them a product – we need their ongoing support and ownership. It’s about changing perspectives; a long haul, not a quick win. So, in helping to generate that ongoing support, I’ve found that these tips (which are not exhaustive and in no particular order) have assisted my colleagues and I; perhaps they might help you too.

1. Educate to effectuate

apple-256261_1920Fraud and corruption has, historically, not been well understood in this sector. Your Board may have a low or rudimentary understanding of the risk and how to respond to it. This means starting at a basic level, making no assumptions, taking the time to address myths and misconceptions and playing a longer game. ‘Educate as you go,’ Willie Oelofse from Deloitte Kenya told NGOs at a conference in January. As we do so, of course, it’s important to remember that counter-fraud is a good news topic – your organisation may be at high risk, but actually there’s a lot that can be done to reduce it. Boardrooms are learning environments too.

2. Keep it simple

OLYMPUS DIGITAL CAMERA

Board members are busy. NGOs (especially humanitarian agencies) are often very responsive, and Board members’ attention is divided between competing thematic risk areas and arising issues. Use your time with them wisely. Proposal documents and assessments, for example, should be short or with executive summaries. Don’t bury key messages in a risk assessment document the size of a telephone directory.

3. Speak from within

people-men-grass-sportCivil society is under attack the world over, and the issue of their fraud and corruption exposure can be something that sends Board members running for their shields and helmets  – especially if it is perceived to come from an out-group rather than in-group. Take charge of how the matter is framed. Don’t let them entrench in defensive positions to ‘fend off’ your ‘attack,’ or sit in a ‘prospective client’ chair to listen to you ‘pitch’. Instead, use their business language, show your understanding of the difficulties they face, and speak from inside their group. Explain the landscape around them, and how you can help them navigate across it.

4. Remember that they’re individuals

colored-pencils-179167_1920People make decisions differently and on the basis of different values. For example, I am a big fan of the MBTI, which is one of a range of models that can help us to understand how we like to work and how best to relate to others. Models like these can really help to improve workplace relationships. So try to understand each member of your Board as a person, and what really drives their decisions. Some will be persuaded by cold, hard data, others by less tangible matters such as how your agenda relates to values, supports people, and so on.

5. Bring the risk to life

DSC06922Fraud and corruption, especially at a strategic level, can be abstract concepts. Help the Board to connect by painting a picture of the risk with case studies. If you don’t have any in your own organisation, then perhaps partners, donors or other organisations have some they will let you use? If not, then find cases in the public space affecting comparable organisations. If you’re really struggling, consider using fictional examples – but remember to state that they’re fictional!

6. Show the benefits

cost-benefit-analysisNGO Boards are often allergic to anything with a whiff of extra expense, especially if it is ‘overhead’ or ‘administration’ flavoured. So explain the benefits of the agenda not just in terms of what it prevents, but also what it gains – efficiency, effectiveness, quality improvement, and so on. Much of counter-fraud work synergises with good management (an example arises from the world of retail – smiling as a customer enters not only deters shoplifting by making the individual feel noticed, but is also good customer service!).

7. Take an evidence-based approach

evidenceNGO Boards manage a lot of risks, only some of which materialize. Using evidence helps them to appreciate how fraud and corruption sits, whether that evidence is perception-based, representative sampled, or from other diverse sources. Cast the evidence net wide – consider staff surveys (especially anonymous surveys), risk assessments, project and programme evaluations, audit reports, security reports, academic research and open source. This may mean that you need to start by improving the detection of incidents, in order to gather enough material. Be cautious with the use of quantification estimates, as these can be inherently open to challenge by those feeling resistant, and with over-stating the case (being debunked seriously damages credibility). Remember to cater for any risks created by the counter-fraud agenda, and to consider any donor or legal obligations.

8. Align with organisational objectives and strategy

marketing-board-strategyJust as is the case with private and public sector organisations, the counter-fraud agenda needs to directly support the organisation’s mission. This needs to be clearly elucidated so that Boards can see that counter-fraud is a mainstream activity, rather than a distraction.

9. Obtain a sponsor

hands-people-woman-meetingIn March’s Charity Finance magazine,  I explained why fraud and corruption needs to be a standing priority for NGO Boards. But in addition to this, the counter-fraud agenda needs a champion at Board level. Benefits of this include how the champion can look out for synergies with other business areas as they’re discussed.

10. Put in the legwork

Startup Stock PhotosA ten-minute agenda item at a Board meeting is not enough to ensure that a Board truly embraces counter-fraud and corruption. Obtain regular meetings with each member to explore their own position and build their buy-in – especially before key decisions are to be made. Similarly, the counter-fraud agenda needs to align not just to the organisation’s mission but to the agendas of those individual Board members. How does countering fraud help, not hinder, the aims of the person in front of you?

11. Bonus tip!

Why not get the members of your Board a copy of Fighting Fraud and Corruption in the Humanitarian and Global Development Sector? It explains the risk, busts myths and misconceptions, and sets out ways for NGOs to minimise the risk. It’s out now with by Routledge, pick up a hardback or e-reader copy via the Routledge website or Amazon!

FFCHGDS

 

 

 

Aid diversion to terrorists: 3 things NGOs need to know

This week I’ve been in Nairobi, Kenya, delivering workshops for local NGOs on minimising the risk of money-laundering and terrorist financing. Preparing the material led me to reflect on some of the conversations I’ve had with NGO managers about reducing the risk that physical assets, funds and stock might fall into the hands of those designated as terrorists, or subject to financial sanctions.

Diversion_11This presents a very challenging issue for NGOs that work in high-risk areas, and one with significant tensions at its heart. These include the tension between minimising the risk of diversion versus disrupting the delivery of aid, competing obligations on the ground, and the wider balancing act between regulation and enforcement versus guidance and capacity building.

It does not help that the international regulatory picture and sectoral response are far from coherent, and subsequently it is understandable that there are widespread misunderstandings. This is not an exhaustive article, of course,  but we’ll explore (in no particular order) some of the most common areas that have popped up in my conversations around the sector.

Audit may be unlikely to pick up incidents.

16811751576_856ea1d5f2_oAudit is a helpful process that assists managers to meet their organisational goals and minimise risks. It is not its purpose to detect financial crime (less than 20% of detected fraud cases are identified this way). That’s assuming, of course, that systematic and independent audit even happens – in remote programmes, conflict zones or humanitarian emergencies, whole projects in some organisations may see little or no independent review at all.

NGO managers need to avoid the errors of assuming that a detection-free audit is an all-clear, or that it is solely the duty of auditors to prevent and detect financial crime, rather than everybody’s responsibility. ‘Protection money’ or ‘taxes’ paid to terrorist groups can be masked as vague costs, such as ‘transport’ or ‘security.’ If identity and sanctions list checks of partners, contractors, consultants, staff and volunteers were not conducted, auditors won’t necessarily pick up positive hits either. Audit may help identify vulnerabilities, but it cannot be relied upon to spot incidents.

Instead, according to FATF, factors that might elevate an NGO’s risk include programmes in close proximity to terrorist groups, and/or those that are ‘service’-oriented; these could include construction and distributions (i.e. operations more likely to involve the movement of physical assets, funds or stock). An NGO in this position needs to ensure that it implements a meaningful risk management cycle, creating space to look for vulnerabilities and taking reasonable precautions. Risk assessment is only a bureaucratic ‘tick-box exercise’ if we let it be – it can be a powerful method to spot what could go wrong and do our best to prepare for it.

Transferring all the risk to local partners isn’t fair.

afghanistan-90761_1920In my book, I suggest that a chain of unbridled risk transfer from back-donors to INGOs to local partners has the opposite effect of protecting funds – it increases the risk of fraud and corruption. In the end, too much risk derived from decisions taken in coffee-laced, air-conditioned meetings in Brussels, London and Kabul sits on the shoulders of one Afghan worker standing in the sun at a checkpoint in Badakhshan. This is poor risk management, poor partnership-working, and poor diversion prevention.

The flow needs to be inverted. Rather than just responsibility flowing from back-donor to local organisation, communication about the nature of the risks needs to flow the other way, and provoke increased investment in capacity-building and shared responsibility. There are difficulties with reconciling programmatic objectives and terrorism risk (‘what if we really can’t access that population without a payment?’), but we will not start to address these if agencies hide behind risk transfer to avoid the conversation.

Relying on assurances of non-prosecution is dangerous.

getoutofjailIn 2015, the UK government issued guidance describing the risk of a prosecution for a terrorism offence as a result of involvement in humanitarian efforts or conflict resolution as ‘low.’ This was encouraging in terms of the British government’s recognition of the vital need for humanitarian work in conflict zones and the difficult circumstances in which it occurs. However, we need to be cautious about how we respond to this in terms of our investment in minimising the risk – we might have been here before.

In 2010, the Bribery Act led to a flurry of compliance activity amongst NGOs keen to avoid prosecution for failing to prevent bribery. According to some, however, unnamed British officials apparently indicated to nervous NGOs that their organisations were not the focus of this legislation and appeared to imply that they would not be paid much attention. Some perceive that, sadly, this well-intentioned move contributed to a dwindling of effort amongst some NGOs in developing meaningful compliance frameworks. (Ironically, in this regulation with strong ‘prevention’ requirements, it is the dwindling of effort and its consequences that could potentially elevate the chances of prosecution!)

Save_the_Children,_Westport,_CT,_USA_2012Implied assurance of non-prosecution is always caveated, is not always made by those with the correct authority, and might not relate to that which is perceived. The British guidance note, for example, does not indicate whether it is referring to placing resources in the hands of terrorists (potentially s15-18 Terrorism Act offences), failing to have sufficient systems to prevent sanctions breaches (potentially a s34 Terrorist Asset Freezing Act offence of neglect), failing to report a suspected funding offence (s19 Terrorism Act), or some of those, or none – and so on. In any event, any decisions would be made on the basis of the prevailing circumstances of the case and it is worth noting that Save the Children International were investigated by the Metropolitan Police for allegedly failing to report a suspected incident of theft by a terrorist group in Somalia.

This situation also comes with an ethical choice – if we are not to be prosecuted, is it okay to commit the offence? Our donors and supporters may have something to say about that.

Assurances of the low probability of prosecution are not literal Get Out Of Jail Free cards. Instead, a pragmatic response for NGOs might be to continue to do all that is reasonable to comply with regulations, invest in proper systems to reduce the risk of both incidents and non-compliance, and maintain dialogue with authorities on the implications for humanitarian operations generated by the intricacies of their regulatory regimes. And there is no substitute, of course, for professional legal advice.

Conclusion

As with many of the corruption risks facing NGOs, the issues are complex and difficult. NGOs require the understanding – and patience – of the public, their donors and host governments. However, there is much that NGOs can do to reduce these risks.

Many of the systems and approaches that minimise the risk of diversion represent good governance and management – creating space for proper planning and monitoring of operations, ensuring that open internal communication channels exist, investing in the coherent verification of outputs, the diligent management of third parties, and so on. Getting these things right in areas where we are more able to do so reduces overall exposure, allowing us to focus our problem-solving on the areas where things are more challenging.

Improving transparency – or, in old money, having the conversation – will start the ball rolling.

Going round in circles: Do NGOs and fraud hide from each other?

In the Foreword to my book, Fighting Fraud and Corruption in the Humanitarian and Global Development Sector, fraud expert Jim Gee mentions the ‘un-virtuous’ circle of fraud detection in the third sector.

I thought I’d draw up what this circle might look like. The starting point, as previous blog posts have mentioned, is that fraud and corruption hide. So, in essence, the un-virtuous circle means that NGOs, nonprofits and charities can lose physical assets, funds, and stock regularly and in potentially significant quantities without any red lights appearing on management’s dashboard. It is fuelled by a fear of the consequences of detection – the potential impact on public reputation, donor relationships, staff morale, and project delivery.

The un-virtuous circle might look like this:

Slide1

water-783355_1920Another way to think of this concealed drainage is like corrosion under your car – unless you go looking for it, you won’t ever realise its presence, scale and danger… until your car falls apart in the middle of the motorway. You may fear the consequences (e.g. costs involved) of detecting the corrosion and needing to deal with it, but these costs in the long run are less than those that the motorway incident might involve.

Concealed drainage vs squeezing every drop from our resources

background-906145_1920As public scrutiny of the sector rises, together with increased recognition of the scale of fraud and corruption risk facing such organisations, we need to move to a virtuous circle, fuelled by a desire to secure donor, public and staff trust by evidencing accountability and transparency. A virtuous circle might look like this:

Slide2

In this circle, global development organisations invest in a counter-fraud framework that detects incidents, allowing them to take an evidence-based approach to developing ever-more effective counter-measures and therefore reduce their exposure to fraud and corruption.

Improving the detection of fraud and corruption

‘But what if my organisation really doesn’t have any fraud?’ one might ask. Possibly, but given the scale and nature of the risk factors affecting humanitarian and global development organisations, wider under-detection is a better explanation of low detection.

A holistic approach means that countering fraud and corruption is not just about detecting suspicious matters, but detection is an important strand. In addition to effective and embedded detective controls (such as inventories and reconciliations), key detective methods for humanitarian and global development organisations should include:

  • Clear ‘overt’ reporting mechanisms for staff and third parties to raise concerns with line management;
  • Confidential reporting mechanisms for staff and third parties to report with an expectation of confidentiality and safety;
  • Dedicated work to build trust in ‘overt’ and confidential systems amongst staff, and to communicate and promote these systems;
  • Beneficiary feedback mechanisms;
  • The use of electronic systems to identify ‘red flags’, anomalies and patterns;
  • Proactive examinations of records (‘fraudits’);
  • Information-sharing with third parties, such as other INGOs or information exchange services;
  • Methods to provide early-warnings of incidents, or rising risk, in local partners;
  • Investment in the wider components (deterrence, prevention, response, strategic management, cultural development, and enabling activities) of a holistic counter-fraud and corruption framework that support the detection agenda.

FFCHGDSFind out more about the risk that fraud and corruption pose to humanitarian and global development organisations, and how they can better deter, prevent, detect and respond to it, in my book! Click here to get your copy of Fighting Fraud and Corruption in the Humanitarian and Global Development Sector from the Routledge website or Amazon!

5 psychological traits undermining your NGO’s fight against fraud and corruption

As humans, we love to think that we’re rational, sensible people making rational, sensible choices. The problem is that modern research suggests that this is pretty far from the truth, and that there are common biases and errors that affect our thinking.

As NGOs, charities and non-profits, some of these can really impact upon our efforts to reduce fraud and corruption to an absolute minimum. Here’s a little selection of some of those that I think I’ve observed.

1. Availability bias

AVAILABILITY BIAS-2In 2010, there were a number of shark attacks off the Egyptian resort of Sharm el-Sheikh. In the following weeks, it seemed to me that the news was full of shark encounter stories. What was going on? Had sharks suddenly become more aggressive? No – this was availability bias in action, a mental shortcut in which we rely on the most immediately available information to make decisions, without considering how that information became available. All that was happening, was that the media were reporting more on the subject, and that I was more attuned to the matter. (David Mcraney uses a similar example in his great book, You Are Not So Smart.)

Fraud and corruption love availability bias. These two creatures naturally hide, so availability bias means that senior managers are usually responding to more readily-apparent risks, often de-prioritising fraud and corruption. And when these phenomena are off the radar, they can blossom until they’re too big to ignore – and then it’s too late; public scandals are imminent.

Instead, we need to recognise that the unique nature of humanitarian and development agencies gives these risks high likelihoods and impact. So, they should be made a standing organisational priority, with their own reporting framework that provides management information on both the perceived risk areas and the performance of countermeasures.

2. Loss aversion

LOSS AVERSION-2Research suggests that we feel losses more intensely than gains – so if you lost a £100,000 sports car, you’d feel that much more powerfully than you would if you won a £100,000 sports car in one of those airport car lotteries. This emphasis leads to an aversion to losses that can be stronger than the lure of benefits.

Committing to counter-fraud and corruption work means that in the long run, we have more money with which to help our beneficiaries and are more sustainable – our work is more resilient to catastrophic reputational events, and we could enjoy greater public trust. But these less tangible long-term benefits face a big challenge from very tangible short-term losses. Spending more money on anti-fraud mechanisms, or refusing to pay bribes, can mean we slow down (or perceive a lessening in) our operational delivery. That means helping fewer beneficiaries by comparison to our expectations. So implementing a counter-fraud and anti-corruption agenda can appear to come at a loss – not a gain.

Counter-fraud specialists need to clearly articulate the benefits of counter-fraud and corruption work, using every available means. This requires creativity and effort. Further, donor agencies and private supporters need to leverage the NGOs they fund, making it clear that this better way of operating represents their expectation.

3. Rationalisation

RATIONALISATION-2Celebrated psychologist Dan Ariely conducted an interesting experiment in which he placed dollar bills and cans of Coca-Cola around the campus of an American university. When he went back, the dollar bills were all still there – but the Coke cans had gone. (You can read about this, and other experiments, in his fantastic book Predictably Irrational.)

What might be happening here is that the less like money something seems, the less like stealing it feels. This is rationalisation, the process of making something we want to do (even something dishonest) fit with our own self-respect.

This is really important for NGOs, because although we might have good controls for cash handling, do we take sufficient protective care of our physical assets, and the stock in our warehouses? Studies like this one would seem to suggest that these items are at a high risk too.

4. The fundamental attribution error

fundamental-2When you’re driving, have you ever noticed that if someone else makes a mistake, then they’re an idiotic and dangerous driver – but if you make a mistake it’s because you were interrupted by a passenger, the car needs servicing, or you were responding to something another car was doing? This effect is known as the fundamental attribution error – the tendency to ascribe the actions of others to their own internal factors, but yours to external factors.

Something we sometimes do in NGOs is to assume that people who commit fraud and corruption are fundamentally bad people that we need to keep out of our organisations. When we do this, we forget that people are complicated, and can become perpetrators while inside our organisations.

In Donald Cressey’s enduring ‘Fraud Triangle’ theory of behaviour, anyone can behave dishonestly if the pressure on them is sufficient, if they have an opportunity to do it with a sufficiently low chance of detection or meaningful sanction, and if they can rationalise (justify) it in their minds. Though our thresholds for each may vary, we all have a triangle, and might progress towards or away from those thresholds according to the factors acting on us throughout our lives.

This is important for NGOs, because it means that all our physical assets, funds and stock are at risk from all our staff, all of the time.

The best way to respond to this is to commit to an ongoing, holistic programme of activity that deters, prevents, detects and responds to fraud and corruption – and which is considered as fundamental to our business as having an HR or IT function.

5. Learned helplessness

learned-2A few years ago, in a Middle Eastern country, I was delivering a workshop for managers on reducing fraud and corruption. A lady interrupted me to say, ‘but this is just the way things are here!’

When I encounter that view, it reminds me of an experiment conducted by psychologist Martin Seligman. Seligman found (by accident) that if dogs received electric shocks while they were unable to escape, they would learn to accept their fate and even when an escape route became available later, the dogs wouldn’t take it. The effect is known as learned helplessness.

When we work in complex and difficult places, we can sometimes give in to learned helplessness. This phenomenon lies to us with such thoughts as ‘this is just how business is done around here,’ or ‘we can’t do this work in any other way.’

The truth is that for every problem there is an opportunity – even if that sometimes means doing things the long way round, or investing more funds in doing them. Helpful approaches include maximizing local contextual knowledge, incorporating a realistic and informed planning phase, and seeing response activities like investigations as business improvement tools that fuel a virtuous cycle of self-improvement – what can we learn in order to become more resilient?

What other effects have you seen in action, and how best can they be countered?

 

FFCHGDSFind out more about the risk that fraud and corruption pose to humanitarian and global development organisations, and how they can better deter, prevent, detect and respond to it, in my book! Click here to get your copy of Fighting Fraud and Corruption in the Humanitarian and Global Development Sector from the Routledge website or Amazon!