BEYOND ENGINEERING - Hidden Drivers of Flood Risk

When I was involved in a flood mitigation project and risk assessment, the emphasis was largely on engineered solutions. The measures included flood gates and high-capacity pump systems to manage peak flows and tidal backflow, detention ponds for temporary stormwater storage etc. Rubber dams were also suggested to regulate river levels. Drainage systems were upgraded, and steel bridges were improved to increase hydraulic capacity and reduce debris blockages. Road designs were revised, including widening carriageways and improving turning radii, enhancing runoff management and reduce flow constrictions.

Restrictions on hillside development where uncontrolled slope development reduces natural infiltration, increases surface runoff, accelerates erosion, and raises risks of landslides and sedimentation downstream.

The discussions identified multiple causes of flooding - rapid urbanisation, inadequate drainage systems, uncontrolled land clearing, excessive surface hardening due to development, encroachment into river reserves, poor drainage maintenance, climate change-driven extreme rainfall, weak enforcement of planning controls, river sedimentation, narrowing of waterways due to unregulated structures and limited flood retention areas.

However, I was concerned that illegal logging and illegal sand mining were given far less emphasis. From a field and technical standpoint, both are significant contributors to flood risk. Illegal logging removes forest cover that serves as a natural catchment buffer, reducing infiltration, increasing surface runoff, accelerating soil erosion, and increasing sediment loads in rivers. Over time, this reduces channel capacity and raises both flood levels and frequency downstream.

Similarly, illegal sand mining alters river morphology and destabilises riverbanks, disrupting natural flow regimes. Excessive extraction creates uneven riverbeds, deepening certain sections while destabilising others, leading to increased erosion, bank collapse, and unpredictable hydraulic behaviour during heavy rainfall. Collectively, these effects significantly worsen flood vulnerability.

For more than a decade, I have advocated for Malaysia to have its very own Flood Risk Act, similar to frameworks in the UK and the US. Such legislation should go beyond infrastructure and adopt integrated floodplain management, including protection of catchment forests, strict enforcement against illegal logging and sand mining, mandatory flood risk assessments for all developments, preservation of natural retention zones, climate adaptation planning, and stronger inter-agency coordination.

It should also strengthen early warning systems, data-driven hydrological planning, community preparedness, and long-term land-use control. Most importantly, the approach must shift flood management from a reactive disaster-response model to a preventive, science-based national framework.

HYDROELECTRIC DAMS - FRIEND OR FOE?

Yes, I've been witnessing endless debates even school nowadays somehow was taught that hydroelectric dam construction left impact ecosystems through habitat disruption, altered river flows, effects on aquatic life, sediment changes, and, in some cases, the relocation of local communities. These concerns are real and should never be ignored. However, completely rejecting hydroelectric development also brings other serious challenges, including higher reliance on fossil fuels, increased carbon emissions, energy insecurity, and limitations on long-term national development. Being directly involved in the industry, I understand both the strengths and shortcomings of such projects. Despite the environmental concerns, hydroelectric development has contributed significantly to stable energy generation, rural electrification, infrastructure growth, employment opportunities, and improved living conditions in remote areas. Many rural communities that once lacked basic necessities now benefit from electricity, better roads, improved communication access, healthcare, education, and economic opportunities. The real issue is therefore not whether development should exist, but how it is implemented. Responsible planning, proper environmental assessments, biodiversity protection, community engagement, continuous monitoring, and sustainable engineering practices are essential to ensure development and environmental protection can coexist in a balanced and responsible manner. 

TAX INCENTIVES AND SOCIAL SECURITY SCAM

Both emails exhibit clear indicators and red flags characteristic of scam, phishing, or unsolicited spam attempts. Here is a detailed analysis of the scam elements found in each email:

Email 1 (Left): "IAB-Investition ohne Genehmigungs- und Netzanschlussrisiken"

Sender Name Misalignment/Informality: The sender display name is "......." (capitalized) (not to mention using free @ outlook [dot] mail which is bizarre), but the sign-off at the bottom is typed entirely in lowercase as "....". While seemingly minor, professional business solicitations rarely contain basic capitalization errors in the sender's own name.

Generic Greeting ("Sehr geehrte Damen und Herren"): Mass-scale phishing or spam operations use generic greetings because they do not have your actual name. True investment offers or professional business inquiries are typically personalized.

Too-Good-To-Be-True Tax/Financial Incentives: The email heavily pushes a financial loophole using rapid-composting machines to instantly claim an investment tax deduction (Investitionsabzugsbetrag) with "immediate commissioning." Scams often rely on lucrative, low-risk, high-reward financial schemes to lure victims.

Vague and High-Pressure "Benefits": It promises complete "independence from authorities and grid operators" and "high planning security." These are vague buzzwords designed to bypass critical thinking by offering an easy solution to complex regulatory hurdles.

Lack of Contact Details or Corporate Footprint: Professional investment proposals in Germany/Europe are legally required to have an Impressum (corporate footprint) containing the company name, registered address, managing directors, and commercial register number. This email contains absolutely no company information - only an invitation to reply for more details.

Email 2 (Right): "SSA: Case 2611"

This email shows severe indicators of a highly dangerous Phishing Scam designed to steal personal identifiable information (PII) or login credentials.

Suspicious Sender Address Name: The sender is listed as "......". The official United States Social Security Administration sends automated emails from standard governmental extensions (like ssa [dot] gov) and does not typically identify its department as "Certs". (also using free @ outlook [dot] mail which is a redflag)

Fake Urgency/Pressure Tactics: The yellow warning box explicitly states: "Delayed access may result in processing setbacks or missed deadlines." Creating artificial urgency or fear of missing out/getting penalized is a classic social engineering tactic used to force victims into clicking links without thinking.

Vague "Case Number" Tracking: The subject line uses a generic "Case 2611". Government agencies track files via specific social security identifiers or highly structured application codes, not random short digits in an email subject line.

Call-to-Action Link (The Big Yellow Button): The entire email builds up to a massive, bright yellow button: "VIEW YOUR 2026 STATEMENT". Hovering over or clicking buttons like this in phishing emails usually directs the user to a spoofed, look-alike website designed to harvest your Social Security Number (SSN), banking information, or login passwords.

Generic Security Assurances: Phrases like "Secure connection - Takes less than 5 minutes" are used to lower your guard and make the malicious action seem safe, quick, and official.

Privacy Block Triggered: The email client itself has flagged the message by blocking remote resources ("To protect your privacy remote resources have been blocked"). This occurs when an email system detects tracking pixels or unverified external links often associated with malicious spam networks.

ANOTHER SCAM DISGUISING AS METAMASK/CONSENSYS

This email has very strong scam/phishing indicators. It is not a legitimate MetaMask/ConsenSys communication.

Key red flags:

The sender address ....@ sxv [dot] io is not a MetaMask or Consensys domain. Official emails would come from domains like metamask[dot]io or consensys[dot]net, not random [dot] io subdomains.

The message uses classic crypto-scam wording:

- “Ethereum Legacy RPC Support will be removed” - vague and fabricated technical threat

- “MUST synchronize your Wallet Signature” - this is not a real MetaMask process

- “to prevent irreversible loss of access” - emotional pressure tactic (fear-based urgency)

The “Synchronize Now” call-to-action is a major phishing trigger:

Likely leads to a fake site designed to steal your wallet seed phrase or signature approvals

MetaMask/Consensys would never:

- Ask you to “sync wallet signature” via email

- Warn of wallet access loss through email links

- Send security actions requiring immediate clicking outside the app/browser extension

Also:

“Ethereum Legacy RPC” wording is not a standard MetaMask user-facing concept

The footer “Security & Compliance Division” is commonly used in fake professional-looking scams

What you should do

a) Do NOT click “Synchronize Now” (it will lead to shortcut https.... // t [dot] co/(some weird codes) - a link shortener (X) to hide the real destination

Scammers commonly use t[dot]co links to:

- bypass spam filters

- hide fake MetaMask login pages

- redirect multiple times before landing on phishing sites

b) Do not reply

c) Delete or mark as phishing

Your crypto e-wallet (e.g., MetaMask) may be compromised if you click on the link and follow the instructions

Verdict :

This is almost certainly a phishing attempt designed to steal wallet access or signatures.

PUBLIC AWARENESS: POSSIBLE INVESTMENT & FUNDING SCAM

Please be careful with unsolicited emails claiming to represent “high-net-worth investors”, “private funding groups”, or “international investment brokers”, especially when they come from free email services such as Outlook, Gmail, or Yahoo.

Example recently received:

.... @ outlook [dot] com

The email claimed to represent a wealthy private client seeking joint ventures and investment opportunities across multiple sectors including healthcare, energy, technology, oil & gas, transportation, gaming, hospitality, and real estate.

At first glance, the wording sounds professional and sophisticated. However, several major red flags were identified:

- Uses a free Outlook email instead of a corporate domain

- No company name, website, office address, or registration details

- No regulatory or financial licensing information provided

- Very broad and generic investment interests

- No proper due diligence process mentioned

- Uses impressive financial terms but provides no verifiable proof

- Attempts to start discussions immediately without formal procedures

Legitimate investment firms, brokers, or private equity groups normally operate through:

- Official company domains

- Registered entities and licenses

- Corporate websites and verified profiles

- Structured due diligence and legal documentation

- Professional communication channels

In many cases, these approaches may eventually lead to:

- Advance fee requests

- Fake legal or compliance charges

- Identity and company document harvesting

- Fraudulent investment arrangements

Please remain cautious before sharing:

- Business proposals containing confidential information

- Company documents

- Banking details

- Identification documents

- Any upfront payments or “processing fees”

Again, even after checking many of the usual elements, people should remain cautious. Many professional scammers and international scam syndicates are capable of creating highly convincing setups that appear legitimate and professionally organized. Some may even appear on search engines, create fake reviews and ratings, or establish “rating agencies” that are themselves fraudulent. With enough investment and planning, much of this can be manufactured to look credible.

However, one area that scammers usually struggle to fake convincingly is independent verification through legitimate financial regulatory authorities and official licensing bodies.

If an individual or organization avoids regulatory verification, becomes defensive when asked about licensing or compliance status, or cannot be independently verified through official channels, this should be treated as a major red flag.

Always verify independently before engaging with unknown parties.

Stay alert. Protect your business, your data, and your reputation

HIGH RETURNS - SMALL CAPITAL?

Be cautious of investment apps that promise “high returns with very small capital” or claim you can become wealthy quickly with minimal effort.

Many of these platforms use attractive advertisements, fake testimonials, manipulated profit screenshots, and pressure tactics to lure people into depositing money. Some may initially show small “profits” to gain trust before eventually restricting withdrawals or disappearing altogether.

Before investing in any platform:

• Verify whether it is licensed and regulated by the relevant financial authorities.

• Avoid schemes that guarantee profits or “zero risk.”

• Do proper background checks on the company, founders, and payment methods.

• Never invest money you cannot afford to lose.

• Be extra careful when recruitment, referrals, or “top-up packages” become the main focus rather than genuine investment activities.

Remember:

If an investment sounds too good to be true, it usually is. Financial growth normally takes time, patience, proper knowledge, and calculated risk management.

IMPORTANCE OF A PROPER MONITORING SYSTEM

The images shown reflect actual incidents where TM responded promptly. In one case, suspects fled after nearby residents raised alarms. Permission was obtained before taking the photographs, including a still image captured from my concealed CCTV system.

CCTV systems have become increasingly important today, not only for businesses and infrastructure facilities, but also for homes including rooftops, perimeter areas, and blind spots often overlooked.

However, surveillance systems must never be misused for spying or invading others’ privacy. Such actions are unethical and illegal. Technology should always be used responsibly and within the law.

From my own experience, CCTV systems have helped detect suspicious individuals and monitor unusual activities around the neighbourhood. In some cases, integrated alarm systems connected to hidden surveillance devices including lamp-style units with concealed infrared sensors were able to trigger immediate alerts and deter possible intrusions.

While installing a proper monitoring system can be costly, it is ultimately a worthwhile investment. Protecting lives, assets, and critical infrastructure is far more important than the expense involved.

A proper monitoring system:

• Acts as both a deterrent and an evidence-gathering tool

• Allows real-time monitoring through mobile integration and remote access

• Requires strategic camera placement rather than simply installing large numbers of cameras

• Needs regular maintenance and testing for reliability

• Must comply with legal and ethical boundaries

Personally, I do not make such incidents viral or circulate them publicly. Instead, I hand the relevant information and recordings directly to the authorities.

This helps:

• Prevent investigations from being compromised

• Preserve the integrity of evidence

• Respect legal procedures and privacy

• Avoid rumours and misinformation

• Allow enforcement agencies to investigate professionally

Recently, there have been incidents involving attempts to steal electrical cables from stations and fibre optic cables from surrounding grounds.

Following brief discussions with relevant authorities as a concerned neighbour, both Tenaga Nasional Berhad and Telekom Malaysia officials reviewed CCTV footage from official systems and nearby premises

Observations suggested that these activities were not random, but involved individuals with some technical knowledge.

It was also highlighted that legitimate maintenance or replacement works can only be carried out by authorised contractors or qualified personnel familiar with shutdown procedures, cable routes, excavation points, and operational safety requirements.

Sometimes, vigilance from both the community and authorities can make a significant difference.

DON'T DO OTHER PEOPLE'S JOB

In a management and leadership context, this principle is about role clarity, accountability, and respect for organizational structure and it's not about avoiding teamwork.

Core principle

Do not perform or take over another person’s responsibilities without proper authority, agreement, or coordination.

Management

In an effective organization:

• Respect defined roles and responsibilities
• Every team member is assigned specific duties. Overlapping or bypassing roles without consent can disrupt workflow and accountability.
• Maintain clear accountability
• When someone else’s task is done by another person unofficially, it becomes unclear who is responsible for outcomes, errors, or decisions.
• Avoid undermining authority structures
• Taking over tasks without permission can unintentionally weaken supervisors, team leads, or assigned owners of the work.

Coordinate, don’t override

If support is needed, the correct approach is to communicate, offer assistance, or escalate through proper channels not to replace the assigned person.

• Prevent confusion and duplication of work
• Uncoordinated intervention can lead to conflicting decisions, rework, or inconsistent outputs.

Support teamwork through trust, not substitution

A strong team is built on trust in each member’s role, while still being ready to assist when formally requested.

Escalate concerns properly

If someone is underperforming or unavailable, the issue should be raised to the appropriate supervisor rather than independently taking over their responsibilities.

Leadership

Good leadership is not about doing everything yourself or others’ work it is about ensuring the right people do the right tasks, at the right time, through the right process

WARNING: Possible Scam Loan Offer Using Government Email Identity

 

I want to share this as a public awareness message.

Recently, there has been an email circulating offering a “working capital loan for business owners” claiming to come from:

...........@ camacari [dot] ba [dot] gov [dot] br

At first glance, the domain looks like an official government address (and technically, the domain format does exist as part of a Brazilian municipal system). However, several red flags strongly indicate this is a fraudulent or phishing attempt: - No official application portal or government website provided - No proper reply-to government address instead uses: .......@ outlook [dot] com Requests contact via WhatsApp (+1 US number), which is not standard for government loan programs - Generic message offering loans “for all categories” without eligibility criteria - No official program name, reference number, or verification channel - Suspicious mismatch between government domain and external personal contacts Important Reminder Even if an email appears to come from a legitimate government domain, it can still be: Spoofed (fake sender identity) or Misused in phishing attempts My Advice: - Do NOT respond to such emails - Do NOT contact the WhatsApp number provided - Do NOT share personal, banking, or business documents Always verify loan schemes through official government websites only Thus : If a “government loan” requires WhatsApp contact or Outlook/Gmail replies, treat it as highly suspicious.

Stay alert and share this to protect others, especially business owners.

PROJECT MANAGEMENT 101 : WORK IN A TEAM

Project Management 101:

Work in a Team

Yes, there are moments when independent work is necessary, but in construction, those situations are rare. Most of the time, the nature of the industry demands collaboration, coordination, and constant communication across multiple disciplines. Very few tasks can truly be done in isolation. One common mistake during construction meetings or consultancy work is the moment someone assumes they can handle the assigned task alone. The first and most critical failure is the inability or unwillingness to work effectively with others. In most cases, it is already foreseeable, without even a formal risk assessment, that the assignment will fail regardless of how competent one believes they are. - Overconfidence leads to isolation in decision-making - Lack of collaboration weakens project execution - Ignoring team input increases avoidable errors and rework - Technical skill alone is not enough without coordination - Early warning signs of failure are often visible but overlooked - Successful delivery depends on shared responsibility, not individual dominance

Yes, I have seen this pattern before, and the outcome is rarely positive. When collaboration breaks down, colleagues tend to disengage, observing from a distance rather than contributing actively. Over time, trust erodes, and communication becomes minimal. In some cases, even non-verbal reactions during meetings especially when issues are raised by clients can reflect underlying frustration or loss of confidence in the team dynamic

This scammer is really getting on my nerves

There are several strong signs this could be a phishing or scam email impersonating LEMBAGA HASIL DALAM NEGERI Malaysia/HM Revenue & Customs (HMRC) style tax authorities.

Here are the red flags:

Wrong / mixed terminology : Malaysia’s tax authority is usually referred to as LHDN or IRBM, not “HMRC” (which is the UK tax authority: HM Revenue and Customs).

- The email mixes “Akta Kastam 1967” and “Akta Cukai Pendapatan 1967” strangely in one notice.

- Suspicious short link - ....bttlib [dot] s [dot] gy... is highly suspicious.

Government agencies in Malaysia normally use official domains such as: hasil [dot] gov [dot] my, mytax [dot] hasil [dot] gov [dot] my. Shortened links are commonly used in phishing attacks to hide the real destination.

- Generic formatting

The letter lacks:

official reference number, taxpayer/company name, tax file number (TIN) assessment number, branch office details, formal letterhead

Real audit notices are usually far more structured.

Pressure tactics

“7 working days” plus threats of enforcement are common social engineering tactics to induce panic and rushed action.

Odd signature block

The inclusion of an IC number (“No. KP”) of Director General? in this manner is unusual for official correspondence. Government emails typically contain department contacts, official extension numbers, and verifiable office information.

Language inconsistencies

“Penalti Pentadbiran Cukai”, “Pendapatan boleh cukai kurang dilaporkan”, “Bayaran kurang bagi PCB”

These are technically plausible phrases, but the overall composition reads more like copied/generated text than a formal assessment notice.

What you should do immediately:

Do NOT click the link, Do NOT download attachments, Do NOT reply, Check directly via the official tax portal:

MyTax Portal, LHDN Official Website

Call LHDN directly using numbers from the official website only.

Additional safety steps:

- Hover over the sender’s email address and inspect the real domain, Check email headers for spoofing.

If anyone clicked the link:

- change passwords immediately, enable MFA/2FA, run antivirus scans, monitor bank and tax accounts

Final Verdict : It's a SCAM

DIRECTOR RESPONSIBILITY UNDER GOOD GOVERNANCE

As a Director, we need to fully understand the responsibilities, fiduciary duties, and legal accountabilities entrusted upon us under the law. It is not merely a title, but a serious obligation that requires continuous learning, awareness, and ethical governance.

It is therefore essential for Directors to actively participate (which in courses, forums, conferences, audits, assessments, and governance-related programmes involving Anti-Bribery and Anti-Corruption, Anti-Money Laundering (AML), Counter Financing of Terrorism (CFT), the Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act 2001 (Act 613), MACC Act (esp 17A) CCMA, corporate governance, compliance, integrity, risk management, and regulatory requirements.

Over the years, I took my own initiative to be involved in programmes and engagements with organisations and authorities such as BNM, SC, SSM, ROS, CCM and many others. (I still do) Directors should take proactive initiative to equip themselves with knowledge, compliance awareness, and governance competencies instead of waiting until enforcement authorities issue summonses, investigations, or regulatory actions. Prevention, awareness, integrity, and accountability are always better than damage control after a crisis occurs.

Good governance is not only about protecting the company, but also protecting shareholders, employees, stakeholders, public trust, and ultimately the nation's integrity and economic stability.

FAKE PROFILES AND FAKE SERVICE REQUESTS

Been dealing with a growing number of fake accounts and impersonators on my service request page lately. Most of them are not even within my network or professional circle. I’ve blocked many of these accounts, reported several, yet more continue to appear. 

Some of these are clearly the same individuals operating multiple fake LinkedIn accounts often without profile photos, using suspicious job titles, copied profiles, or recycled information from legitimate users. That’s one of the reasons why I prefer proper email communication and PMs, as it makes tracing and verification much easier.

What’s interesting is that many of these accounts appear to originate from the same country, while some pretend to be from other countries, including Malaysia. Unfortunately, online impersonation and social engineering tactics are becoming more common nowadays.

They probably assumed they were targeting an ordinary user this time. Instead, they attempted to deceive someone already familiar with cyber security, digital footprints, impersonation patterns, and verification methods.

Always verify before trusting. A professional profile does not always mean a genuine person behind it.

To everyone engaging online, please verify profiles carefully before interacting, especially when it involves business, services, or professional matters. The digital space is becoming increasingly vulnerable to scams, fake identities, and misleading accounts. Stay alert, protect your information, and always exercise caution.

PREPARING A PROPOSAL/QUOTATION - Things you need to be aware of. (from my own experience)

Disclaimer: The following tips may not apply universally to every consultant or consultancy firm. However, many of the points highlighted here represent common industry practices, professional expectations, and generic fundamentals that consultants should generally be aware of.

Different consultants may have different approaches, methodologies, and working styles depending on their field, experience, and organisational culture. Nevertheless, there are also many similarities in terms of professional conduct, commercial practices, project management, client engagement, ethics, and risk management much of which is reflected in my own experience and practice.

"Do not be too proud or talk in an arrogant manner especially if you've invited into Board Meetings, remember you're just a Consultant, not a CEO or President of a major corporation"

(I’ve seen this mistake happen before, and it can be one of the most damaging ways to engage with clients. Always remain calm and composed, especially when being grilled with questions, the client is often testing your resilience, depth of knowledge, and how you handle pressure in a crisis situation. Remember that today’s knowledge can quickly become yesterday’s. It is important to continuously update yourself with current industry developments, especially in areas such as AI and emerging technologies, to stay relevant and effective.)

PREPARING A PROPOSAL AND QUOTATION

When preparing a proposal and quotation for consultancy services whether in construction, engineering, management, ICT, ESG, training, or any other industry, it is common practice to provide a proper breakdown of the scope of work, deliverables, phases, man-days, and the corresponding cost for each item before arriving at the grand total.

At the proposal stage, you normally do not provide a full detailed schedule or execution programme yet unless the quotation has been officially approved or awarded. The quotation stage is usually part of the commercial evaluation and negotiation process. Clients are expected to negotiate on pricing, scope, duration, or deliverables, so ensure that whatever you quote remains commercially reasonable, technically justifiable, and aligned with current market practices.

Do your homework properly. Conduct market surveys, understand prevailing industry rates, benchmark competitors where possible, and ensure the value you provide matches the fee you are charging. Sometimes providing a few additional value-added services, limited advisory support, or certain minor items on an FOC basis can strengthen client confidence and improve long-term relationships.

It is also common industry practice to request a mobilization fee or upfront payment upon award confirmation. This reflects the consultant’s initial commitment cost such as travelling, accommodation, manpower preparation, preliminary site visits, documentation, insurance, and operational readiness. In some projects, the client may separately cover OPE (Out-of-Pocket Expenses), but in many cases mobilization is necessary before any substantial work begins. From a business and risk management perspective, obtaining the mobilization fee first is important to ensure commitment from both parties.

Another important point, never simply “sub-out” the entire job using your own company name if you do not possess the required competency, technical capability, or experience in the field you are quoting for. But you can collaborate with other experts/consultants in the field that you do not possess the strength. Clients today commonly conduct background screening, capability assessments, financial reviews, and technical evaluations before appointing consultants. If your documentation, experience, certifications, and procedures are genuine, there is nothing to fear.

At the same time, consultants should also conduct their own due diligence on clients discreetly and professionally. Review their company background, annual reports, financial standing, project track record, litigation history if any, ownership structure, and identify who the actual decision makers or PICs are. This is part of proper commercial risk management.

Equally important is maintaining ethical boundaries. Be cautious of red flags that may expose you to bribery, corruption, kickbacks, or disguised “facilitation payments.” Some payments may appear harmless initially but can later create legal, contractual, governance, or reputational problems. Proper documentation, transparency, and compliance with company SOPs and anti-bribery policies are extremely important.

As for marketing commissions, there is a major difference between legitimate business development arrangements and unethical inducements. In my own practice, when a marketer successfully helps secure a project, I normally compensate them through an agreed marketing commission. More importantly, I encourage them to remain involved in the project execution itself so the commission reflects actual contribution and continuing value creation. Additional payments are then tied to actual involvement, phases completed, deliverables, or man-days contributed rather than hidden transactions.

Lastly, from experience, I would strongly advise consultants to be very careful about proceeding with consultancy work, training programmes, or project execution entirely using your own funds first with the intention to “claim later,” even if you have sufficient capital reserves. In reality, this often leads to prolonged disputes over claims, delayed payments, variation disagreements, documentation arguments, strained relationships, and in some cases escalation into legal disputes or court proceedings.

A good consultancy engagement is not only about technical capability. It is also about professionalism, documentation, ethics, commercial awareness, risk management, financial discipline, and protecting both parties through clear procedures and proper agreements from the very beginning.