After decades of experience in auditing, I prefer conducting "process-based" audits and assessments(as outlined core business process in my client's manual) rather than "element/clause-based audit" sequence. It makes me easier to assign specific to my auditor team based on their expertise and lots of time saving. This is a sample how I draw up my guiding principles/sort of tabular/checklist. You can fill in the blanks and expand the table to tailor it to your specific requirements or the industry you are assessing.
DISCLAIMER - NIKZAFRI.BLOGSPOT.COM
In no event shall nikzafri.blogspot.com be liable for any damages whatsoever, including, without limitation, direct, special, indirect, consequential, or incidental damages, or damages for lost profits, loss of revenue, or loss of use, arising out of or related to the nikzafri.blogspot.com or the information contained in it, whether such damages arise in contract, negligence, tort, under statute, in equity, at law or otherwise.
BIODATA - NIK ZAFRI
Kelantanese, Alumni of Sultan Ismail College Kelantan (SICA), IT Competency Cert, Certified Written English Professional US. Has participated in many seminars/conferences (local/ international) in the capacity of trainer/lecturer and participant.
Affiliations :- Network Member of Gerson Lehrman Group, Institute of Quality Malaysia, Auditor ISO 9000 IRCAUK, Auditor OHSMS (SIRIM and STS) /EMS ISO 14000 and Construction Quality Assessment System CONQUAS, CIDB (Now BCA) Singapore),
* Possesses almost 30 years of experience/hands-on in the multi-modern management & technical disciplines (systems & methodologies) such as Knowledge Management (Hi-Impact Management/ICT Solutions), Quality (TQM/ISO), Safety Health Environment, Civil & Building (Construction), Manufacturing, Motivation & Team Building, HR, Marketing/Branding, Business Process Reengineering, Economy/Stock Market, Contracts/Project Management, Finance & Banking, etc. He was employed to international bluechips involving in national/international megaprojects such as Balfour Beatty Construction/Knight Piesold & Partners UK, MMI Insurance Group Australia, Hazama Corporation (Hazamagumi) Japan (with Mitsubishi Corporation, JA Jones US, MMCE and Ho-Hup) and Sunway Construction Berhad (The Sunway Group of Companies). Among major projects undertaken : Pergau Hydro Electric Project, KLCC Petronas Twin Towers, LRT Tunnelling, KLIA, Petronas Refineries Melaka, Putrajaya Government Complex, Sistem Lingkaran Lebuhraya Kajang (SILK), Mex Highway, KLIA1, KLIA2 etc. Once serviced SMPD Management Consultants as Associate Consultant cum Lecturer for Diploma in Management, Institute of Supervisory Management UK/SMPD JV. Currently – Associate/Visiting Consultants/Facilitators, Advisors for leading consulting firms (local and international) including project management. To name a few – Noma SWO Consult, Amiosh Resources, Timur West Consultant Sdn. Bhd., TIJ Consultants Group (Malaysia and Singapore) and many others.
* Ex-Resident Weekly Columnist of Utusan Malaysia (1995-1998) and have produced more than 100 articles related to ISO-9000– Management System and Documentation Models, TQM Strategic Management, Occupational Safety and Health (now OHSAS 18000) and Environmental Management Systems ISO 14000. His write-ups/experience has assisted many students/researchers alike in module developments based on competency or academics and completion of many theses. Once commended by the then Chief Secretary to the Government of Malaysia for his diligence in promoting and training the civil services (government sector) based on “Total Quality Management and Quality Management System ISO-9000 in Malaysian Civil Service – Paradigm Shift Scalar for Assessment System”
Among Nik Zafri’s clients : Adabi Consumer Industries Sdn. Bhd, (MRP II, Accounts/Credit Control) The HQ of Royal Customs and Excise Malaysia (ISO 9000), Veterinary Services Dept. Negeri Sembilan (ISO 9000), The Institution of Engineers Malaysia (Aspects of Project Management – KLCC construction), Corporate HQ of RHB (Peter Drucker's MBO/KRA), NEC Semiconductor - Klang Selangor (Productivity Management), Prime Minister’s Department Malaysia (ISO 9000), State Secretarial Office Negeri Sembilan (ISO 9000), Hidrological Department KL (ISO 9000), Asahi Kluang Johor(System Audit, Management/Supervisory Development), Tunku Mahmood (2) Primary School Kluang Johor (ISO 9000), Consortium PANZANA (HSSE 3rd Party Audit), Lecturer for Information Technology Training Centre (ITTC) – Authorised Training Center (ATC) – University of Technology Malaysia (UTM) Kluang Branch Johor, Kluang General Hospital Johor (Management/Supervision Development, Office Technology/Administration, ISO 9000 & Construction Management), Kahang Timur Secondary School Johor (ISO 9000), Sultan Abdul Jalil Secondary School Kluang Johor (Islamic Motivation and Team Building), Guocera Tiles Industries Kluang Johor (EMS ISO 14000), MNE Construction (M) Sdn. Bhd. Kota Tinggi Johor (ISO 9000 – Construction), UITM Shah Alam Selangor (Knowledge Management/Knowledge Based Economy /TQM), Telesystem Electronics/Digico Cable(ODM/OEM for Astro – ISO 9000), Sungai Long Industries Sdn. Bhd. (Bina Puri Group) - ISO 9000 Construction), Secura Security Printing Sdn. Bhd,(ISO 9000 – Security Printing) ROTOL AMS Bumi Sdn. Bhd & ROTOL Architectural Services Sdn. Bhd. (ROTOL Group) – ISO 9000 –Architecture, Bond M & E (KL) Sdn. Bhd. (ISO 9000 – Construction/M & E), Skyline Telco (M) Sdn. Bhd. (Knowledge Management),Technochase Sdn. Bhd JB (ISO 9000 – Construction), Institut Kefahaman Islam Malaysia (IKIM – ISO 9000 & Internal Audit Refresher), Shinryo/Steamline Consortium (Petronas/OGP Power Co-Generation Plant Melaka – Construction Management and Safety, Health, Environment), Hospital Universiti Kebangsaan Malaysia (Negotiation Skills), Association for Retired Intelligence Operatives of Malaysia (Cyber Security – Arpa/NSFUsenet, Cobit, Till, ISO/IEC ISMS 27000 for Law/Enforcement/Military), T.Yamaichi Corp. (M) Sdn. Bhd. (EMS ISO 14000) LSB Manufacturing Solutions Sdn. Bhd., (Lean Scoreboard (including a full development of System-Software-Application - MSC Malaysia & Six Sigma) PJZ Marine Services Sdn. Bhd., (Safety Management Systems and Internal Audit based on International Marine Organization Standards) UNITAR/UNTEC (Degree in Accountacy – Career Path/Roadmap) Cobrain Holdings Sdn. Bhd.(Managing Construction Safety & Health), Speaker for International Finance & Management Strategy (Closed Conference), Pembinaan Jaya Zira Sdn. Bhd. (ISO 9001:2008-Internal Audit for Construction Industry & Overview of version 2015), Straits Consulting Engineers Sdn. Bhd. (Full Integrated Management System – ISO 9000, OHSAS 18000 (ISO 45000) and EMS ISO 14000 for Civil/Structural/Geotechnical Consulting), Malaysia Management & Science University (MSU – (Managing Business in an Organization), Innoseven Sdn. Bhd. (KVMRT Line 1 MSPR8 – Awareness and Internal Audit (Construction), ISO 9001:2008 and 2015 overview for the Construction Industry), Kemakmuran Sdn. Bhd. (KVMRT Line 1 - Signages/Wayfinding - Project Quality Plan and Construction Method Statement ), Lembaga Tabung Haji - Flood ERP, WNA Consultants - DID/JPS -Flood Risk Assessment and Management Plan - Prelim, Conceptual Design, Interim and Final Report etc., Tunnel Fire Safety - Fire Risk Assessment Report - Design Fire Scenario), Safety, Health and Environmental Management Plans leading construction/property companies/corporations in Malaysia, Timur West Consultant : Business Methodology and System, Information Security Management Systems (ISMS) ISO/IEC 27001:2013 for Majlis Bandaraya Petaling Jaya ISMS/Audit/Risk/ITP Technical Team, MPDT Capital Berhad - ISO 9001: 2015 - Consultancy, Construction, Project Rehabilitation, Desalination (first one in Malaysia to receive certification on trades such as Reverse Osmosis Seawater Desalination and Project Recovery/Rehabilitation)
* Has appeared for 10 consecutive series in “Good Morning Malaysia RTM TV1’ Corporate Talk Segment discussing on ISO 9000/14000 in various industries. For ICT, his inputs garnered from his expertise have successfully led to development of work-process e-enabling systems in the environments of intranet, portal and interactive web design especially for the construction and manufacturing. Some of the end products have won various competitions of innovativeness, quality, continual-improvements and construction industry award at national level. He has also in advisory capacity – involved in development and moderation of websites, portals and e-profiles for mainly corporate and private sectors, public figures etc. He is also one of the recipients for MOSTE Innovation for RFID use in Electronic Toll Collection in Malaysia.
Note :
Sunday, July 14, 2024
Tuesday, June 11, 2024
PREVENTING BRIBERY AND ILLEGAL BOOKMAKERS IN MALAYSIAN FOOTBALL (by NIK ZAFRI)
Remember the bribery cases involving FIFA? the international governing body for football (soccer). One of the most notable cases is the FIFA corruption scandal that came to light in 2015.
The FIFA corruption scandal involved allegations of widespread corruption, bribery, and racketeering among FIFA officials and other football administrators. The investigation, led primarily by the United States Department of Justice, uncovered a range of corrupt practices, including bribery related to the selection of host countries for the FIFA World Cup, the awarding of broadcasting rights, and other commercial deals.
Numerous FIFA officials and executives were indicted and arrested on charges of corruption, including bribery, money laundering, and fraud. Several high-ranking officials were banned from involvement in football-related activities due to their involvement in the scandal.
The FIFA corruption scandal prompted widespread condemnation and led to calls for reform within the organization. FIFA implemented various measures to improve transparency, governance, and integrity, including the establishment of independent oversight bodies and the adoption of stricter ethical standards.
The FIFA corruption scandal serves as a stark reminder of the challenges facing international sports organizations in combating corruption and preserving the integrity of the sport. It underscores the importance of robust governance mechanisms, transparency, and accountability in preventing bribery and corruption within football and other sports.
Bribery and Illegal Bookmakers
When discussing corruption in football, it's essential to consider bribery and the involvement of illegal bookmakers simultaneously.
To spot, address and prevent bribery in soccer requires vigilance, transparency, and strong ethical standards. Knowing the common signs of bribery is very important. Issues like sudden outcomes or players/managers behaving suspiciously.
Despite there have been great effort to educate everyone involved on the consequences of bribery and corruption, understanding the importance of maintaining integrity is another matter. Sometimes, the problem in raising awareness in football is the need to include more and more legislations.
It is also important to understand the MO of illegal bookmakers. They often offer large sums of money to players, coaches, referees, or other individuals involved in football matches to influence the outcome of games. This financial incentive can tempt individuals to engage in bribery and corruption. Illegal bookmakers seek to manipulate betting markets by bribing players or officials to fix the results of matches. By controlling the outcome of games, they can profit from betting on predetermined results, undermining the integrity of the sport. These illegal operations will undermine fair competition.
Illegal bookmakers tend to find vulnerable individuals to participate in bribery schemes. The vulnerable individuals are more susceptible to bribery offers due to their personal circumstances. Thus, the management need to be vigilant on the staff that they have hired. Screen them if necessary.
Football associations and clubs in Malaysia must support integrity initiatives dedicated to combating match-fixing, corruption, and illegal betting in sports. Contribute resources and expertise to their efforts to protect the integrity of soccer and other sports. Be open to collaborate with law enforcement agencies to investigate and prosecute illegal bookmakers and their associates. The management also need to share intelligence and coordinate efforts to disrupt the illegal operation.
We need to establish clear and strict rules against bribery and corruption. Make sure everyone involved, from players to officials, understands these rules and the penalties for breaking them. This must include the risks associated with illegal betting and the importance of reporting any suspicious approaches or activities.
The management of football associations and clubs need to ensure strong governance structures within the sport to prevent opportunities for bribery, matchfixing and illegal bookmakers. This includes having transparent decision-making processes and accountability mechanisms. Transparency as part of important core elements of good governance helps build trust and deter individuals from engaging in unethical behavior.
However, lack of transparency may support further growth of the clandestine nature of bribery and illegal bookmaking operations which will make them difficult to detect and investigate. Transactions often take place under the radar, away from public scrutiny, making it challenging for authorities to uncover evidence of wrongdoing.
There is also the need to establish strict anti-corruption policies and protocols within soccer organizations in Malaysia, including codes of conduct, reporting mechanisms, and disciplinary measures for those involved in illegal betting.
Whistleblowers (officials or even fans from fanclub) in football matches witnessing elements or signs of bribery is important. There is a need to create a safe environment for individuals to report suspicious behavior without fear of retaliation. There is also a need to implement anonymous reporting systems in football associations to encourage transparency. The management of associations need to take any allegations of bribery seriously and conduct thorough investigations.
It's a good move to alert the authorities or better involve them as well. Collaboration with law enforcement agencies (such as SPRM) and relevant authorities to tackle bribery and corruption effectively. If bribery is discovered, take swift and decisive action against the offenders. This may include banning them from the sport or pursuing legal action.
Preventing bribery in soccer requires a collective effort from everyone involved, including players, officials, administrators, and fans. By promoting integrity, transparency, and accountability, the sport can maintain its credibility and uphold its values.
Matchfixing and bribery can be detected by working closely with the management, managers, players, ex-players and whistleblowers. Malaysia has regulated that all forms of sports betting (at bookmakers) and online gambling as illegal. Illegal bookmakers in football involves several measures aimed at identifying their activities, disrupting their operations, and implementing preventive strategies.
The whistle blower or undercover officials need to monitor betting patterns especially involving large sums of money and match the sudden shifts in odds. Analyzing data carefully can potentially identify suspicious activities. This can also be a high risk job as bribery and illegal bookmaking operations often involve complex networks of individuals and organized crime syndicates (possibly money laundering activities as well) These networks can be difficult to detect and dismantle, requiring extensive resources and expertise.
Security measures need to be beefed up at stadiums, training facilities, and other venues to prevent unauthorized access by individuals associated with illegal bookmaking operations.
So far, the existing laws and regulations against illegal gambling activities are adequate, including prosecuting bookmakers operating outside the law and confiscating their assets. But there is also a need to continually promote awareness to the general public about illegal bookmakers and the harsh punishment that comes with it.
Nowadays we need to leverage technology, such as data analytics and surveillance systems, to identify and track illegal bookmakers and their networks. I suggest a collaboration with technology companies to develop tools for detecting and preventing illegal betting activities.
By implementing these measures and fostering collaboration among stakeholders, soccer organizations can effectively spot, take action against, and prevent illegal bookmaking activities, safeguarding the integrity and credibility of the sport.
Addressing these challenges requires a concerted effort from football organizations, government authorities, law enforcement agencies, and other stakeholders to implement comprehensive strategies aimed at preventing bribery and illegal betting, strengthening governance and integrity measures, and fostering a culture of transparency and accountability within the sport.
Public perception towards bribery and illegal bookmaking in football in Malaysia is typically negative. These activities are seen as undermining the integrity of the sport and compromising its fairness. Bribery involving acceptance of money or other incentives to influence the outcome of matches, is widely condemned as it distorts the natural competition and erodes trust in the game.
Similarly, illegal bookmaking, which involves unauthorized gambling on football matches often with ties to organized crime, is viewed as harmful. It can lead to match-fixing, manipulation of odds, and other illicit activities that tarnish the reputation of football and threaten its legitimacy as a sport.
Fans, authorities, and stakeholders in football generally advocate for strict measures to combat bribery and illegal bookmaking, including robust regulations, investigations, and penalties for those involved. There's a growing recognition that maintaining the integrity of the game is crucial for its long-term sustainability and credibility.
Monday, February 26, 2024
WOMEN IN GOVERNANCE AND TECHNOLOGY ASSOCIATION MALAYSIA (WIGTA) STAND ON ILLEGAL ACTIVITIES
Reshared :
Sunday, January 28, 2024
ALERT DON'T FALL FOR UNLICENSED INVESTMENT - A REMINDER BY NIK ZAFRI
Sunday, December 10, 2023
A CASE STUDY OF CORRUPTION IN PROCUREMENT (CONSTRUCTION) THAT WAS OVERLOOKED BY ABMS AUDITORS - BY NIK ZAFRI
True case. That's why ABMS Auditors and the Authorities should also be equipped with some "forensic audit skills" especially when it comes to construction industry.
Tuesday, November 28, 2023
CORRUPTION AND MONEY LAUNDERING TODAY
I'd sincerely advise those involved in money laundering or corruption: attempting to outwit authorities is not a viable strategy. Eventually, regardless of your cunning, the risk of being caught is high, leading to severe penalties and imprisonment.
Corruption and money laundering constantly evolve as people find new ways to exploit systems.
Cryptocurrency is one of them. Its decentralized and pseudo-anonymous nature makes it attractive for illicit activities. Criminals are hiding behind cryptocurrencies to launder money by converting it into various cryptocurrencies and moving it through multiple accounts.
The good old trick still lives - - establishing shell companies and trusts in countries with lax regulations allows individuals to obscure their identities and the origins of funds.
Trade-Based Money Laundering is done by manipulating trade invoices or falsify goods and services to move money across borders without detection.
Another old trick is via real estate where launderers invest illicit funds in high-value real estate, which can be sold later, legitimizing the money.
What is on the rise now are online gaming and gambling. These too are using platforms or sites to launder money by placing bets and cashing out with "clean" money.
The authorities should also look into those providing "the so-called" "professional services" hiding behind legal or accounting firms to legitimize illegal funds through transactions or complex financial structures.
Other which has posed so much risk is what I know as Cyber-Enabled Financial Crimes. Techniques like phishing, ransomware, and hacking can generate illicit funds that are then laundered through various means, including cryptocurrency.
Authorities and financial institutions should continuously adapting their strategies to combat these evolving methods. Technologies like AI and machine learning must be employed to detect patterns and anomalies in financial transactions, aiding in the fight against money laundering and corruption.
Wednesday, May 31, 2023
SKB GROUP OF COMPANIES
It's refreshing to have an audience with Mr. S. Khugan, The Group MD of SKB Group of Companies - SKB Resilient Sdn. Bhd., a leading financial consultancy firm with more than 2 decades experience in providing viable funding solutions to major corporations and companies throughout Malaysia.
We had an fruitful discussion and reached an understanding of moving forward during challenging times by integrating value-added elements such as corporate governance promoting transparency, anti corruption, sustainable development, risk management, management system standards etc. in the current service provision.
The new initiatives are geared towards strengthening corporate clients in enhancing their ratings and creditworthiness in all aspects - mergers and acquisition, corporate financing, project facilitation, due diligence, marketing and company restructuring for both domestic and international markets.
I thank you and hope for the best in our future undertakings.
Tuesday, May 30, 2023
TYPICAL CORRUPTION PRACTICES IN PROCUREMENT (ANTI-BRIBERY MANAGEMENT SYSTEM SERIES)
Based on my experience in assessment, one of the most critical department that I would focus on would be Procurement (or Purchasing) This is because the department are involved in various transactions with Supplier/Sub-Contractor/Materials where if not properly controlled or without proper procedure, potential and risk of corruption practices may occur.
Disclaimer - Without naming such organization (s) due to Oath of Confidentiality and the author may change some details/sequence of events - corruption in the Procurement Department can occur through various means and practices. Here are some common ways in which corruption can happen in procurement:
(1) Bribery
Suppliers/Subcontractors may offer bribes to procurement officials in exchange for favorable treatment, such as winning a contract or receiving preferential pricing. This can involve cash payments, gifts, vacations, or other forms of illicit benefits.
(2) Collusion
Procurement officials may collude with specific suppliers/subcontractors to manipulate the bidding process. They might provide confidential information about competitors' bids, set biased selection criteria, or create artificial barriers to exclude certain suppliers, all with the aim of awarding contracts to predetermined vendors.
(3) Kickbacks
(depending of the case where "impartiality" can be proven)
(6) Nontransparent Procurement Processes
Lack of transparency in procurement procedures can create opportunities for corruption. For instance, if the Procurement Department operates without clear guidelines or proper oversight, officials can exploit loopholes to engage in corrupt practices.
(7) Weak internal controls
Inadequate internal controls and poor governance structures within the procurement department can facilitate corruption. Lack of segregation of duties, limited oversight, and ineffective auditing mechanisms create an environment conducive to fraudulent activities.
(8) Influence peddling
Powerful individuals or organizations may exert undue influence on the procurement process to benefit certain suppliers/subcontractors. This could involve political pressure, nepotism, or other forms of manipulation, thereby compromising the integrity of procurement decisions.
Preventing corruption in the procurement department requires robust anti-corruption measures, such as :
a) implementing transparent processes,
b) promoting accountability and ethics,
c) conducting regular audits, and
d) providing training on anti-corruption practices.
It's crucial to establish a strong ethical culture and foster an environment where reporting corruption is encouraged and protected.
Friday, March 24, 2023
FINAL PART - ANTI BRIBERY MANAGEMENT SYSTEM - Nik Zafri
(ABMS = ISO 37001)
7.0 Continual Improvement
Nonconformity and corrective action
When a nonconformity (NC) occurs (usually issued via a Corrective Action Request (CAR), take quick action, control and correct.
Some NC can result in dire consequences such as OSH or Environmental issues that maybe fatal or cause damage to assets. Most safety issues are either related to ignorance or bribery. (Fatal dan Damage may be relevant to RISK MANAGEMENT, thus review the risk register to find out if the risk has been addressed and mitigated or the risk could be a new one)
(NC can sometimes repetitive in different places. It's advised that auditors should issue 1 CAR for same NC but state the occurrence at different locations)
Find out the root cause (s) of the NC. Root Cause is NOT a personal blaming platform. It should be more related to the process itself.
The idea of corrective action is not merely repairing the system or machine or devices, it is important to improve the process where similar NC may happen at other places as well. This is where preventive measures need to be taken which may include review of effectiveness and changes to the ABMS.
Corrective Action - shall be appropriate to the effects of non-conformities. Looking back at root cause and evidences may help in determining the right corrective action. It is imperative that auditors NOT to depend on pictorial evidence but to visit on a "before" and "after" the NC to verify the photos and action taken (including follow-up actions) accordingly by the auditee.
For auditors, the effectiveness of the corrective action can only be seen in the next audit. My advise that auditors should also look into the bribery risk register and relevant random inspection records where necessary. (in the next audit, the auditor should note the effectiveness of the last audited corrective action by looking into further evidence afterwards as well)
Continual improvement is to determine suitability, adequacy and effectiveness of the anti-bribery management system.
This improvement could be the follow up actions from :
a) Changes in statutory and legal requirements,
b) Results of the Management Review,
c) changes in the ABMS itself,
d) internally proposed