article banner

Continuous monitoring in your own backyard

The term “white-collar crime” was first defined by the sociologist Edwin Sutherland in 1939 as “a crime committed by a person of respectability and high social status in the course of their occupation”.  While mankind was able to put a label on such behaviours and actions only in the 20th century, the first documented case of a “white-collar crime” was said to surface in England in 15th century which involved a simple case of larceny. 

Over the years, as humans became more creative and further compounded by the advent of industrial and technological revolutions, white-collar crimes have become increasingly sophisticated, complex and multi-faceted.  Often, the real nature and purposes of transactions were disguised with numerous layers of deceit and many transactions involved the use of offshore accounts further enhancing the opaqueness of the transactions.  Since the early documented case of larceny, we have seen the scope of white-collar crimes expanded to include bribery, corruption, financial statement frauds, ponzi schemes, and tobashi schemes etc.

History has shown that as mankind progressed economically, there would almost always be a corresponding increase in leakages in the global financial system due to white-collar crimes.  The annual Report to the Nations released by the Association of Certified Fraud Examiners (ACFE) showed that the world lost a total of US$7 billion to white-collar crimes in 2018 while the figure was US$6.3 billion 2 years ago.  Corporations all around the world have put up safeguards to mitigate risks of white-collar crimes, but are these safeguards robust enough to keep the fraudsters (within and outside of the corporations) at bay?

Whilst there is no one-size-fits-all measure, international organisations around the world have come up with standards and principles to combat financial crimes.  One of the highly regarded publications is the UK Bribery Act 2010: the six prevention principles released by the United Kingdom’s Ministry of Justice.  These six principles are considered good international practices for which adhering to all six principles could be considered as a defence for having put in place adequate procedures in preventing bribery.  Although these principles are designed specifically to prevent bribery, the principles can generally be applied to prevent financial crimes, including occupational fraud. 

Therefore, this article sets out to introduce the six principles and how the continuous monitoring of any organization in adhering to the principles can benefit the organization in their combats against financial crime.  The six principles, which are not meant to be prescriptive, are summarized in the proceeding paragraphs.

Principle 1: Proportionate procedures

This principle basically sets out that the organization should consider putting in place measures, controls or efforts that are commensurate to the nature, scale and complexity of the organization.  These measures ought to be proportionate to the risks that the organisation faces, hence organisations should focus their efforts on the significant risks that they may have.

Principle 2: Top-level commitment

This principle is all about fostering the right ethical culture within the organization and establishing the moral compass for the organization.  What better way to achieve this than having the top-level management walk their talk and be exemplary?  The top-level management ought to communicate and foster a culture of a zero tolerance to financial crime, a commitment to operate business fairly, honestly and openly and articulate the benefits of making ethical decisions.

Principle 3: Risk assessment

This principle states that organizations should identify internal and external threats and assess the nature and extent of such exposure.  This principle, in conjunction with principle 1, allow the organization to focus their efforts in where they ought to in order to effectively mitigate the risks of financial crimes.

Principle 4: Due diligence

This principle basically states that an organization should know the ins and outs of all the parties it collaborates with.  However, due to the extent of globalization, it makes knowing in-depth of all the parties nearly impossible, particularly for large businesses.  Therefore, this principle should work in conjunction with principles 1 and 3, focusing on a risk-based due diligence approach.

Principle 5: Communication and training

All the work and efforts of the organization would come to a nought if they are not properly communicated, disseminated and equipping personnel with the right knowledge and skillsets to see through the design and implementation of the anti-financial crime programme.  Policies and procedure manuals should not be established for the sake of having one and being kept somewhere in a folder untouched; instead they should be made available to everyone in the organization and that employees are properly educated.

Principle 6: Monitoring and review

In keeping up with technology and competition, organizations in the 21st century have to continually reinvent their strategies in the ever-changing business landscapes. This brings about evolving risks (internal and external) that organizations face. This principle states that an organization has to continually monitor and review its procedures and make improvements where necessary.

It continues to be a challenge for business to strike a balance between having the ideal level of fraud measures and ensuring that business remains profitable. However, business leaders ought to be cognizant that failures to prevent fraud can cause significant losses and reputational damage to the business.  It is therefore often recommended that business leaders keep their ears on the ground, continue to evaluate and assess their risk appetite and find that sweet spot i.e. allocating sufficient resources between its anti-financial crime measures and remaining focus on generating revenue and staying profitable.

Continuous monitoring is a journey. It is certainly not a sprint, but a marathon where it is necessary to regularly update and refresh in order to “stay ahead of the game”.  For more information, visit our Forensic service page or send an email to