The Charbonneau Commission released its report on November 24, 2015, after four years of work. This extensive document reveals the inner workings of systems involving corruption, collusion and the infiltration of organized crime that emerged in Quebec over the course of decades and proposes solutions to remedy these problems.
The Commission also considered factors that allowed for the emergence of these fraudulent practices in order to reveal the root causes of the schemes that were uncovered. This analysis may be useful in determining whether your company is at risk for similar schemes. Our expert, Yves Nadeau, has outlined what the Charbonneau Commission can teach us about managing the risk of fraud in an organization.
1. Know the risks specific to your industry
The first category of causes analyzed by the Commission includes risks inherent to the construction industry. According to the report, the emergence of the schemes uncovered is partly attributable to the local nature of the construction industry, the characteristics of supply and demand for this type of work and the particularities relating to the services offered.
Each industry has its own risks, which require specific mitigation measures. Are you aware of the risks for your sector? Identifying these risks is the first step in protecting you against them.
2. Determine the risks in your environment
Just like each industry, every environment involves specific risks. In particular, the Commission drew a distinction between the risks for municipal as compared to provincial contracts.
The environment in which your company operates must be taken into consideration when analyzing your risks. Do you do business in different cities, provinces or even countries? You must tailor your mitigation measures to ensure that the risks in each situation are adequately addressed.
3. Assess your process-related risks
Every process involves risks that may be exploited by fraudsters. The procurement processes of public bodies are no exception to this rule. According to the Commission’s report, the practice of systematically selecting the lowest compliant bidder, the predictable nature of the procurement process and the lack of guidance provided to selection committees are all weaknesses that were exploited to put in place corruption and collusion schemes.
Your company’s processes also involve risks that must be assessed in order to be controlled. Failing to do so opens the door to people who will exploit weaknesses that you never even saw.
4. Develop in-house expertise
Strong in-house expertise is the first line of defence against all types of misappropriation of funds that may involve your organization. The Commission examined the cases of Quebec’s Transportation Department and the City of Montréal in detail to show that a lack of expertise within these organizations led to a loss of control in their procurement processes, which benefitted ill-intentioned individuals.
By encouraging the development of leading-edge expertise within your organization, you will ensure optimal control over all of your activities while at the same time helping to reduce your risks of fraud.
5. Be careful when releasing strategic information
Information is power. This is even more true with the risk of fraud, since significant vulnerabilities are created when strategic information is made public. In her report, Justice Charbonneau states that strategic information, such as the names of selection committee members, the estimated cost of work, and the names of potential bidders, was used to carry out corruption and collusion schemes.
In a private company, seemingly insignificant information (such as travel dates for a company executive or the individual’s personal email address), can now be used to commit fraud. Now, more than ever, you must keep a close eye on information that you are making public.
6. Develop a culture of integrity within your organization
All governance experts will tell you that corporate culture is determined by management. This is often referred to as the “Tone from the Top”. It is management’s responsibility to set the example and send clear messages regarding the importance of integrity within the organization.
The work of the Charbonneau Commission highlighted numerous examples of executives—working in both the public and private sectors—who set a poor example by taking part in illicit activities or simply looking the other way. Today, these organizations are paying the price for this and countless business leaders have been forced to resign in the wake of the scandals uncovered in recent years.
Having a strong culture of integrity could reduce the risks of fraud within your organization. This starts with the example that you set as a company executive and must be based on a solid governance structure. Such a structure makes it possible to ensure that employees are acting in accordance with the company’s values and to avoid any deplorable initiatives. A good governance structure also helps to minimize risks for directors and to provide better control for the fallout that these unfortunate events can have for the company’s shareholders.
7. Promote whistleblower mechanisms
When they see signs of fraud, most employees will try to sound the alarm internally. The Commission noted that, on many occasions, the alarm bells rung by employees and civil servants were not heard. In some cases, employees were threatened with retaliation by a superior. Of course, ignoring a problem does not make it go away. The wrongdoing denounced by employees became broader in scope, sometimes reaching worrisome proportions.
If honest employees had been able to rely on rigorous whistleblower mechanisms within their organization, there is a good chance that many problems could have been resolved quickly. Providing such mechanisms, such as an anonymous whistleblower hotline or a designated person within the organization to address issues, is a good way to shed light on undesirable situations and to put an end to them before they spiral out of control.
8. Keep a watchful eye on exchanges of cash
If cash transactions are common in your industry, you must be extra vigilant. The Commission noted that, in the large majority of cases that it examined, the fraudulent transactions involved the exchange of cash. Some cases also involved bogus billing schemes. Moreover, the world of organized crime infiltrated certain segments of the construction industry thanks to large amounts of liquid capital.
Cash is always difficult to trace, which is why you must pay especially close attention to movements of cash in connection with your activities.
9. Encourage transparency within your organization
Transparency is a concept that traditionally is associated with public organizations. It refers to information released on public organizations so that it can be assessed by members of civil society. Given that illicit activities rise up in the shadows, transparent management may discourage the emergence of such activities. On the other hand, a lack of transparency, as was seen by the Commission in the cities of Laval and Montréal, is conducive to fraud.
Although private companies cannot be expected to adhere to the same standards for transparency as a public organization, it is nonetheless important to encourage transparency within a company. By ensuring that all the information that is necessary for evaluating your company is available in a ready-to-use format, you make things more difficult for fraudsters, in addition to being able to mobilize more people to protect your organization’s integrity and fostering a culture of accountability.
10. Put in place a robust and effective control and monitoring system
Why was it possible for corruption and collusion schemes to have been carried out on such a large scale for 15 years without anybody being blamed? According to the Commission, the answer is simple: this is due to weak practices for controlling and verifying the problems raised. According to the Commission, the government’s monitoring and control system was undermined by a lack of resources, or by a poor use of resources, inadequate training and recruiting of staff and inadequate fraud detection tools.
The final lesson that can be learned from the Charbonneau Commission where risk management is concerned is also the most important one: nothing beats a robust and effective monitoring and control system, no matter what the industry.