The legal sector has many processes some of which include collection of forensic evidence. In this video Doug Hall explains how this applies to finance. Legal sector collects forensic finance evidence As a term forensic just means to do with evidence and really it’s any part of [...]
Related videos
Legal sector: Establishing evidence using forensics
The legal sector has many processes some of which include collection of forensic evidence. In this video Doug Hall explains how this applies to finance. Legal sector collects forensic finance evidence As a term forensic just means to do with evidence and really it’s any part of [...]
Financial impact of breach of contract proven by forensics
Evidence of financial impact must be shown in court to win a breach of contract case. Doug Hall of Smith & Williamson explains further in this TV show.
Good experts prove financial impact
The adage is something like a good expert may not win you the case but a bad expert can certainly lose you the case. So if you take the sort of work I do where there is some sort of contractual breach, there’s two hurdles broadly to get over before let’s say the claimant gets a good result, firstly it’s to demonstrate liability, that there’s a case to answer. And once you’ve cleared that hurdle it’s pretty pointless if you can’t actually demonstrate that you’ve suffered a loss from it and you can have that loss awarded by the court. So the second limb is quantum, which is what I do. So okay there’s been a breach, liability is established, what’s it worth and therefore what does the claimant get awarded, and similarly from the other side acting for defendants, obviously hopefully to bring down the level of damages that are awarded against them.
Keep an eye on Inside Finance for similar content about financial impact and related issues.
Tax law is being enforced by the HMRC, as Chris Springett discusses in this TV Show.
Tax law and HMRC targets
This relief came in, with capital gains tax, so right back in 1965. Case law has developed it over time, big changes in the 80s on what constitutes the residency, including other buildings, you know, garages, annexes, granny flats, those kind of things.
But since then it’s been pretty consistent as to how it’s applied and when it’s applied.
That being said the recent cases have really shown the HMRC pursuing those who they think are making a claim that’s perhaps not available or overreaching what is available under the claim.
I think that fits in a lot with the HMRC seeing themselves really as enforcing the tax code, collecting taxes, the amount of tax at stake, it can be great in some of these cases. So you can really see why they’re pushing to make these recoveries.
_________________________________________________________
If you found this video about tax law interesting why not watch more interviews and briefings on Inside Finance TV?
Cyber space is about the virtual world, it’s about the world of the internet, it’s about the world of soft intelligence and all the other intangibles which are not part of the fixed assets of an organisation. Cyber risk is the risk that those assets in cyber space are going to be manipulated or misused. Cyber crime is the use of those assets in cyber space by criminal activity. Cyber terrorism is the use of those assets in cyber space by terrorists.
What we’re looking at is a very significant issue that increasingly our assets are invested in cyber space. How do we protect those assets from criminals, from terrorists and from any other people who want to misuse those assets for a purpose other than that which they were intended?
Cyber risk has become hugely topical now really because governments are starting to understand the importance of it. Someone said to me recently there are only two types of companies, those who know that they’ve had a cyber attack and those that don’t. But everybody’s had them in some form or other.
It has become a very important to governments, including the UK government and it really needs to now come onto the agenda of boards. Boards need to be looking at it but it’s not just an IT issue. People have thought about it as an IT issue having a cyber attack. But it’s much more complex now and the old idea of corporate espionage, for want of a better term has moved into this space.
Companies are very much at risk now of having their information stolen effectively, and that can be corporate secrets of any kind. So the risks are much higher than they ever were, and it’s not just corporates, we see it in other areas such as the forces, the concerns are growing there. But it’s certainly raising … the profiling of this is growing. It’s becoming more and more important and government is certainly concerned that this is where everybody’s at risk.
I’m not an IT expert. But there are certainly small changes that companies can do and there are specialist organisations out there that can help them to do that. There are a number of small changes companies can make that will effectively stop 80% of them. And that is an incredibly cost effective way to go. You can never stop it completely.
The world of IT is such as we all know with computer viruses, as soon as you close one loophole or close one avenue then another one opens. So this is an ongoing struggle. People who are working in this area are developing new ways all the time. And like I say, sort of 80% of it can be dealt with in a very cost effective way which leaves you 20% exposed, which is probably always going to be the case. What is being stolen from companies can be as serious as their future strategy, detail, you know, through details of their customer base, all that kind of intelligence that is so important to companies in this competitive environment.
If a competitor can get hold of it then obviously that’s very damaging for a company. But we’re not talking about competitors within the UK, this is a worldwide problem and the most cyber attacks are coming from overseas.
David Alexander: "If you’re involved in paying a bribe then that’s a criminal offence and you will be, you know, found guilty, you’ll be sentenced by the court. As to what the sentence will be, you know, we wait to see. But it wouldn’t surprise me if it was somewhere between two and up to ten years. If you as a company Director are … it’s demonstrated that whilst you didn’t know about the fraud, that you failed to put controls in place and you, as I said, you effectively buried your head in the sand, then again, you could be sanctioned for that, as could the company as well. It would be a criminal offence for the company. But all this is going to be led by case law, and therefore that’s why a lot of people are just sort of sitting there now waiting for the first cases to be brought by the FSO to understand how the Bribery Act is going to be rolled out in practice."
David Alexander: "There’s probably three things that companies should do, if they’re concerned about bribery, corruption or indeed fraud. Firstly is they need to understand what the risks are. They need to understand where their businesses could be susceptible to fraud and bribery and to understand what the level of risk might be within those areas. Secondly they need to take leadership from the top. So senior management needs to get involved and they need to demonstrate that they are taking these issues seriously. And then finally at a minimum there needs to be a process of awareness, a training programme within the business. The most likely person to detect fraud or to detect bribery is a fellow employee, it’s not management, it’s not the internal auditors, it’s not the external auditors. And the reason why it’s the fellow employee is that he is there or she is there 365 days of the year and knows the business and knows what’s going on. But what they don’t know and they don’t understand necessarily is the...of fraud. So you need an awareness programme that brings peoples…that lets people understand what the symptoms are and what to do if they suspect and those symptoms."
David Alexander: "Company Directors can be held personally liable if bribes have been paid in their company. And that could happen in a number of ways. Firstly, obviously if they knew about it or they were involved in the payment of the bribe then they would be caught under the act as a direct person, as someone who is, you know, paid, offered or promised a bribe to another individual. However, they could also be caught if they have ignored the warning signs. And if they’ve ignored the risks in the business and not put any procedures in place, and that’s commonly called the consent and connivance clause, and what that’s basically saying is you buried your head in the sand. You didn’t look at the risks. You didn’t consider whether there was the potential for the business to be involved in bribery and corruption. And as a Director, if that is established then you are as guilty as if you paid the bribe."
David Alexander: "If you ignore the Bribery Act and do nothing, you’re undoubtedly taking a risk because you cannot predict and you do not know if bribes are being paid or are going to be paid in your business. If they are, and if that’s established you can’t go back and reinvent the wheel. You cannot put procedures in place after the fact and therefore defend yourself against this new element of the legislation which is the criminal offence of failure to prevent. So we’re advising clients, they don’t have to go overboard on this, but we’re advising them to take a few preliminary steps that can demonstrate that they have thought about this and they have attempted to put some procedures in place to preventing to take bribery."
David Alexander: "The definition of bribery has changed with the UK Bribery Act 2010. And traditionally it was around bribing an official or the Americans with the Foreign Corrupt Practices Act, talk about bribing a foreign official. So it’s where you make a payment or a payment in kind because you want somebody to engage in an activity which they otherwise wouldn’t do for your benefit but which is unlawful. Now, what the UK Bribery Act 2010 has done is it’s expanded that definition and said it’s not just about corrupting officials or corrupting foreign officials, but it’s bribery within both the public sector and the private sector. And it’s also bribery both overseas and in the UK. So it’s quite a broad definition."
David Alexander: "The UK Bribery Act is a new piece of legislation, and certainly it only affects acts of bribery after July 2011. So to a certain extent it’s a sort of a wait and see game. There have been no prosecutions made by the SFO yet under the Bribery Act . There has been a single prosecution made but it’s so insignificant that no one can draw any lessons from it. And really what we’re waiting for is for the SFO to bring some cases to court so that we can understand what the drivers are and what they will be looking at. But there is some important additional legislation that businesses need to be concerned about, not only the Bribery Act, and that is their responsibilities under the Process of Crime Act and under the Companies Act as well. And the Process of Crime Act is probably the more significant one because if you suspect that you may have paid a bribe or you suspect that you may be involved in a transaction where a bribe was paid, then there isn’t an automatic requirement for you to report that under the UK Bribery Act. But there is under the Process of Crime Act. And the risk there is that if it turns out that it’s proven that you have paid a bribe then all of the value, all of the benefit you have earned as a result of that bribe could be deemed to be the Process of Crime. So an example of that would be, I pay you £1,000 to win a £100,000 contract. The value of the bribe is clearly £1,000 but under the Process of Crime Act the company found guilty could in theory have to pay over £100,000 being the full value of the contract. And there would be no excuse for the company saying, “Well that contract … the income for that contract was 100,000, but I only made £20,000 profit for it, therefore my benefit is 20,000.” It wouldn’t be that, it would be the full value of the contract. And that’s quite a serious concern for businesses, especially when they have a suspicion because it’s the suspicion that triggers the requirement to report."
David Alexander: "There was some research done a year after the acts came into force, so the summer of 2012. And that research revealed that only 10% of companies had a real concern about the Bribery Act and thought that there was a danger of prosecution. So that would lead me to think that companies are unprepared. And certainly the cases that I come across, that is the case and they need a lot of guidance and they need a lot of help in terms of deciding what action they should take, how much investigation they should do and how they can mitigate the potential regulatory downside."
David Alexander: "There’s always a balance between whether you go down the criminal route or whether you go down the civil route. The advantage of going down the criminal route is you are seen to be a good citizen. Also I talked earlier about prevention, and making a criminal complaint and publicising that within your business is clearly a strong deterrent for other individuals, both inside the business and outside the business, to commit fraud in the future, and demonstrates what your attitude is to it. Unfortunately a lot of businesses will see a downside to make a criminal complaint and that is that the fraud becomes public, and they have to effectively wash their dirty linen in public. And where businesses, you know, depend on their reputation to encourage new business and to, you know, encourage their existing business then that’s obviously can be a deterrent to reporting. On the civil side clearly if there’s a substantial amount of money that’s gone missing and there is a realistic opportunity to recover that then businesses are very keen to do that, because not only will they recover the losses but they’ll also recover the cost of the investigation as well."
David Alexander: "Clients typically go down three roads. They either want to make a criminal complaint and go to the police, or they want to go down the civil route and try and identify what money or assets they’ve lost and recover it or they want to deal with the employment issues. And if the allegations are proved to be true they want to exit the individual in a legal manner. Many companies want to do all three of those things, which can be done, although there are often conflicts between them, for example, if you make a criminal complaint and you take it to the police then they will tend to sort of effectively take over the investigation. And you will have little opportunity to direct the work that they do. On the civil side which is where you’re trying to get your money back, those are the sort of cases that we work on mostly. And in that case, because quite frankly the client is paying the bill, the client can decide, you know what direction the investigation should take. And also the speed of the investigation. And we normally find that a civil investigation, we can speed the process up. And if there’s a possibility of recovery then achieving that in a quicker process than going down the criminal route."
David Alexander: "Traditionally if you want to prevent fraud, the focus has always been on accounting controls. And the idea is that the tighter the accounting controls the less fraud you’ll have. Unfortunately my experience is that’s not the case, that you can, if somebody’s sufficiently motivated and they can rationalise the way of their behaviour then despite the controls being tight, you could still suffer from fraud. So if you’re going to prevent it you need to not only address the controls, but you need to look at some of the softer issues as well. And I’ll give you an example of that. Employee manuals or employee handbooks that talk about the conduct and the conduct expected of individuals within a company is a pretty standard document. The importance of that from a fraud perspective is it’s tackling peoples’ ability to rationalise fraud, because what they’ll do is they’ll read that and they’ll think, right, I understand what the company’s policy is on fraud, I understand what my responsibilities are, and I understand what will happen to me if I cross the line, if I commit fraud. And a good analogy there is when you go into a shop and you see a sign in the shop and it says ‘shoplifting is a theft, is a crime, we will prosecute’ and it’s the same principle in an employee manual. It’s saying this is unacceptable behaviour, if you engage in this behaviour this is what you can expect. And what it’s trying to do, it’s not trying to stop all potential fraudsters, but it’s trying to prick peoples’ conscience and stop a few of them. And that as I said is an example of sort of not putting all your eggs in one basket, of actually making sure that yes, you have tight controls, but you also address some of these softer issues around rationalisation and around the motivation of the individual as well."
David Alexander: "The typical roles are the roles that are more likely to create the opportunity are those where they are people in the position of power. I mean many people in an organisation will have an opportunity to commit fraud. But a lot of that fraud, because of the position they are in the company will be fairly low level. For example if you work in the stores then there’s an opportunity to walk out with the company products. But if you’re in a management position or in a senior management position then you have far more opportunity and because you are in a position of power it can be far more damaging to the business."
David Alexander: "If you’ve got a suspicion, the first thing you need to do is to evaluate that, because in my experience all frauds tend to look the same to start with. There are a number of reasons why it might not be fraud, a number of reasons why it might be, but until you actually look into and you won’t know. And that initial evaluation is key, it’s a bit like a triage process, it’s a bit like when you go into hospital and you go and see the triage nurse. Is it an issue that we think is going to be damaging to the company and we need to spend some resource on or is it something that where we’d need to take, you know, slightly less remedial action? But it’s that triage process, that initial assessment which is vital when you have a suspicion."
David Alexander: "Typical types of fraud normally involve around getting money out of the business. So people who have control of the payment systems, whether that’s electronic systems or chequebooks, those are the people that have the most opportunity. A typical fraud for us would involve a combination of two things. It would involve money going out of the company illegally, and that might be through maybe the submission of a false invoice, or just by the fact that the fraudster has the capability to control the payment system. But that’s normally in conjunction with some sort of manipulation of the accounting system. So it’s like a smokescreen. And why … I often define fraud as theft with a cover up, and that’s essentially what it is, you’re stealing money, you’re stealing product from the company, but in order to disguise that you’re manipulating the accounts and records so it’s not clear as to what’s gone on."
David Alexander: "I specialise in investigation of fraud, bribery and corruption. And that’s basically all I do, I spend my whole time doing that. So a typical client for me is somebody who’s suffered a loss either because an employee or an employee in combination with people outside the company have defrauded them or attempted to defraud them. And then more increasingly now there’s cases where there’s a suspicion of bribery. Well nobody really knows what the size of the fraud problem is in the UK. I mean there’s various statistics, the National Fraud Authority have estimated that fraud in the UK runs at something like £73 billion. But what that actually means in terms of individual companies is quite hard to evaluate. Normally the first time the companies know they have a problem is when they get a suspicion, when they think they’ve got a problem with an employee."
David Alexander: "What you’ve got to remember about fraud is that it’s a people problem, it’s a person, it’s not the company itself. It’s individuals who because of financial worries or because of other pressures have effectively crossed the line and are prepared to consider fraud as the alternative, as the only way out. So in as much as there is a typical fraudster then it tends to be someone who has been in the company quite some time, is a trusted employee, I think statistically they tend to be male, aged between 25 and 40. But normally the overriding factor is the pressure. So it’s someone who’s under personal or business pressure, nobody to … not necessarily because of financial need, but maybe because of budget constraints, about fears about being made redundant, which is a real concern in the current economic climate. And those pressures build and build and build until, you know, fraud is considered as an option, as an otherwise unthought of, but as a real option as the only way out for that person."