DISCLAIMER - NIKZAFRI.BLOGSPOT.COM

Today, Knowledge Management today are not limited merely to : (A) 'knowing' or 'reading lots of books/scholarly articles' or (B) data mining, analysis, decision making, preventive actions, or (C) some Human Resources Management issue or (D) some ICT issue. Knowledge Management is about putting your knowledge, skills and competency into practice and most important IT WORKS! For you and your company or your business (Nik Zafri) Can I still offer consultancy or training? Who claims otherwise? Absolutely, I can.

The information comprised in this section is not, nor is it held out to be, a solicitation of any person to take any form of investment decision. The content of the nikzafri.blogspot.com does not constitute advice or a recommendation by nikzafri.blogspot.com and should not be relied upon in making (or refraining from making) any decision relating to investments or any other matter. You should consult your own independent financial adviser and obtain professional advice before exercising any investment decisions or choices based on information featured in this nikzafri.blogspot.com can not be held liable or responsible in any way for any opinions, suggestions, recommendations or comments made by any of the contributors to the various columns on nikzafri.blogspot.com nor do opinions of contributors necessarily reflect those of http://www. nikzafri.blogspot.com

In no event shall nikzafri.blogspot.com be liable for any damages whatsoever, including, without limitation, direct, special, indirect, consequential, or incidental damages, or damages for lost profits, loss of revenue, or loss of use, arising out of or related to the nikzafri.blogspot.com or the information contained in it, whether such damages arise in contract, negligence, tort, under statute, in equity, at law or otherwise.


MY EMPLOYERS AND CLIENTELLES



BIODATA - NIK ZAFRI


 



NIK ZAFRI BIN ABDUL MAJID,
CONSULTANT/TRAINER
Email: nikzafri@yahoo.com, nikzafri@gmail.com
https://nikzafri.wixstudio.com/nikzafriv2

Kelantanese, Alumni of Sultan Ismail College Kelantan (SICA), Business Management/Administration, IT Competency Cert, Certified Written English Professional US. Has participated in many seminars/conferences (local/ international) in the capacity of trainer/lecturer and participant.

Affiliations :- Council/Network Member of Gerson Lehrman Group, Institute of Quality Malaysia, Auditor ISO 9000 IRCAUK, Auditor OHSMS (SIRIM and STS) /EMS ISO 14000 and Construction Quality Assessment System CONQUAS, CIDB (Now BCA) Singapore),

* Possesses almost 30 years of experience/hands-on in the multi-modern management & technical disciplines (systems & methodologies) such as Knowledge Management (Hi-Impact Management/ICT Solutions), Quality (TQM/ISO), Safety Health Environment, Civil & Building (Construction), Manufacturing, Motivation & Team Building, HR, Marketing/Branding, Business Process Reengineering, Economy/Stock Market, Contracts/Project Management, Finance & Banking, etc. He was employed to international bluechips involving in national/international megaprojects such as Balfour Beatty Construction/Knight Piesold & Partners UK, MMI Insurance Group Australia, Hazama Corporation (Hazamagumi) Japan (with Mitsubishi Corporation, JA Jones US, MMCE and Ho-Hup) and Sunway Construction Berhad (The Sunway Group of Companies). Among major projects undertaken : Pergau Hydro Electric Project, KLCC Petronas Twin Towers, LRT Tunnelling, KLIA, Petronas Refineries Melaka, Putrajaya Government Complex, Sistem Lingkaran Lebuhraya Kajang (SILK), Mex Highway, KLIA1, KLIA2 etc. Once serviced SMPD Management Consultants as Associate Consultant cum Lecturer for Diploma in Management, Institute of Supervisory Management UK/SMPD JV. Currently – Associate/Visiting Consultants/Facilitators, Advisors/Technical Experts for leading consulting firms (local and international), certification bodies including project management. To name a few – Noma SWO Consult, Amiosh Resources, Timur West Consultant Sdn. Bhd., TIJ Consultants Group (Malaysia and Singapore), QHSEL Consultancy Sdn. Bhd.

He is also currently holding the Position of Principal Consultant/Executive Director (Special Projects) - Systems and Methods, ESG, QHSE at QHSEL Consultancy Sdn. Bhd.* Ex-Resident Weekly Columnist of Utusan Malaysia (1995-1998) and have produced more than 100 articles related to ISO-9000– Management System and Documentation Models, TQM Strategic Management, Occupational Safety and Health (now OHSAS 18000) and Environmental Management Systems ISO 14000. His write-ups/experience has assisted many students/researchers alike in module developments based on competency or academics and completion of many theses. Once commended by the then Chief Secretary to the Government of Malaysia for his diligence in promoting and training the civil services (government sector) based on “Total Quality Management and Quality Management System ISO-9000 in Malaysian Civil Service – Paradigm Shift Scalar for Assessment System”

Among Nik Zafri’s clients : Adabi Consumer Industries Sdn. Bhd, (MRP II, Accounts/Credit Control) The HQ of Royal Customs and Excise Malaysia (ISO 9000), Veterinary Services Dept. Negeri Sembilan (ISO 9000), The Institution of Engineers Malaysia (Aspects of Project Management – KLCC construction), Corporate HQ of RHB (Peter Drucker's MBO/KRA), NEC Semiconductor - Klang Selangor (Productivity Management), Prime Minister’s Department Malaysia (ISO 9000), State Secretarial Office Negeri Sembilan (ISO 9000), Hidrological Department KL (ISO 9000), Asahi Kluang Johor(System Audit, Management/Supervisory Development), Tunku Mahmood (2) Primary School Kluang Johor (ISO 9000), Consortium PANZANA (HSSE 3rd Party Audit), Lecturer for Information Technology Training Centre (ITTC) – Authorised Training Center (ATC) – University of Technology Malaysia (UTM) Kluang Branch Johor, Kluang General Hospital Johor (Management/Supervision Development, Office Technology/Administration, ISO 9000 & Construction Management), Kahang Timur Secondary School Johor (ISO 9000), Sultan Abdul Jalil Secondary School Kluang Johor (Islamic Motivation and Team Building), Guocera Tiles Industries Kluang Johor (EMS ISO 14000), MNE Construction (M) Sdn. Bhd. Kota Tinggi Johor (ISO 9000 – Construction), UITM Shah Alam Selangor (Knowledge Management/Knowledge Based Economy /TQM), Telesystem Electronics/Digico Cable(ODM/OEM for Astro – ISO 9000), Sungai Long Industries Sdn. Bhd. (Bina Puri Group) - ISO 9000 Construction), Secura Security Printing Sdn. Bhd,(ISO 9000 – Security Printing) ROTOL AMS Bumi Sdn. Bhd & ROTOL Architectural Services Sdn. Bhd. (ROTOL Group) – ISO 9000 –Architecture, Bond M & E (KL) Sdn. Bhd. (ISO 9000 – Construction/M & E), Skyline Telco (M) Sdn. Bhd. (Knowledge Management),Technochase Sdn. Bhd JB (ISO 9000 – Construction), Institut Kefahaman Islam Malaysia (IKIM – ISO 9000 & Internal Audit Refresher), Shinryo/Steamline Consortium (Petronas/OGP Power Co-Generation Plant Melaka – Construction Management and Safety, Health, Environment), Hospital Universiti Kebangsaan Malaysia (Negotiation Skills), Association for Retired Intelligence Operatives of Malaysia (Cyber Security – Arpa/NSFUsenet, Cobit, Till, ISO/IEC ISMS 27000 for Law/Enforcement/Military), T.Yamaichi Corp. (M) Sdn. Bhd. (EMS ISO 14000) LSB Manufacturing Solutions Sdn. Bhd., (Lean Scoreboard (including a full development of System-Software-Application - MSC Malaysia & Six Sigma) PJZ Marine Services Sdn. Bhd., (Safety Management Systems and Internal Audit based on International Marine Organization Standards) UNITAR/UNTEC (Degree in Accountacy – Career Path/Roadmap) Cobrain Holdings Sdn. Bhd.(Managing Construction Safety & Health), Speaker for International Finance & Management Strategy (Closed Conference), Pembinaan Jaya Zira Sdn. Bhd. (ISO 9001:2008-Internal Audit for Construction Industry & Overview of version 2015), Straits Consulting Engineers Sdn. Bhd. (Full Integrated Management System – ISO 9000, OHSAS 18000 (ISO 45000) and EMS ISO 14000 for Civil/Structural/Geotechnical Consulting), Malaysia Management & Science University (MSU – (Managing Business in an Organization), Innoseven Sdn. Bhd. (KVMRT Line 1 MSPR8 – Awareness and Internal Audit (Construction), ISO 9001:2008 and 2015 overview for the Construction Industry), Kemakmuran Sdn. Bhd. (KVMRT Line 1 - Signages/Wayfinding - Project Quality Plan and Construction Method Statement ), Lembaga Tabung Haji - Flood ERP, WNA Consultants - DID/JPS -Flood Risk Assessment and Management Plan - Prelim, Conceptual Design, Interim and Final Report etc., Tunnel Fire Safety - Fire Risk Assessment Report - Design Fire Scenario), Safety, Health and Environmental Management Plans leading construction/property companies/corporations in Malaysia, Timur West Consultant : Business Methodology and System, Information Security Management Systems (ISMS) ISO/IEC 27001:2013 for Majlis Bandaraya Petaling Jaya ISMS/Audit/Risk/ITP Technical Team, MPDT Capital Berhad - ISO 9001: 2015 - Consultancy, Construction, Project Rehabilitation, Desalination (first one in Malaysia to receive certification on trades such as Reverse Osmosis Seawater Desalination and Project Recovery/Rehabilitation), ABAC Centre of Excellence UK (ABMS ISO 37001) Joint Assessment (Technical Expert)

* Has appeared for 10 consecutive series in “Good Morning Malaysia RTM TV1’ Corporate Talk Segment discussing on ISO 9000/14000 in various industries. For ICT, his inputs garnered from his expertise have successfully led to development of work-process e-enabling systems in the environments of intranet, portal and interactive web design especially for the construction and manufacturing. Some of the end products have won various competitions of innovativeness, quality, continual-improvements and construction industry award at national level. He has also in advisory capacity – involved in development and moderation of websites, portals and e-profiles for mainly corporate and private sectors, public figures etc. He is also one of the recipients for MOSTE Innovation for RFID use in Electronic Toll Collection in Malaysia.

Note :


TO SEE ALL ARTICLES

ON THE"LABEL" SECTION BELOW (RIGHT SIDE COLUMN), YOU CAN CLICK ON ANY TAG - TO READ ALL ARTICLES ACCORDING TO ITS CATEGORY (E.G. LABEL : CONSTRUCTION) OR GO TO THE VERY END OF THIS BLOG AND CLICK "Older Posts"


 

Showing posts with label QUALITY CONTROL. Show all posts
Showing posts with label QUALITY CONTROL. Show all posts

Monday, June 30, 2025

Corruption and Bribery in the Construction Industry: Why It Fails, and What Must Be Done - by Nik Zafri


Introduction

The construction industry, often regarded as the backbone of economic development, is paradoxically one of the sectors most vulnerable to corruption and bribery. Despite various policies, codes of conduct, and public declarations of integrity, corruption often persists, undermining project quality, safety, timelines, and public trust. But why does corruption continue to fester, and why do conventional methods often fail to curb it?

A) Why Corruption and Bribery Persist in Construction

1. Complex Supply Chains and Multiple Layers

Construction projects involve numerous stakeholders, clients, consultants, contractors, subcontractors, suppliers, and regulators. This multilayered structure creates opportunities for bribes and kickbacks at many points, from procurement and tender evaluations to approvals and inspections.

2. Large Capital Involvement

Projects involve significant sums of money, making them attractive targets for unethical behaviour. A small percentage of a multi-million-dollar contract in the form of a bribe may seem negligible to perpetrators but can have massive consequences on project outcomes.

3. Lack of Transparency

Poor documentation, verbal agreements, and vague decision-making criteria allow corrupt practices to go unnoticed. Many construction companies lack robust systems for recording or tracking transactions in a transparent and auditable way.

4. Culture of Silence and Normalization

In some organizations or regions, bribery is seen as a "cost of doing business." When corruption becomes normalized, reporting mechanisms become weak, and whistleblowers are reluctant to come forward for fear of retaliation or career sabotage.

5. Ineffective Enforcement and Monitoring

Internal audits or ethics committees often lack the independence, authority, or resources to investigate wrongdoing thoroughly. Additionally, some investigations are symbolic rather than substantive, giving the appearance of action without impact.


B) Why It Doesn’t Work in the Long Run

Corruption and bribery may offer short-term gains, but they inevitably compromise:


Corruption is not sustainable. Eventually, it corrodes the ethical foundation of the organization, leads to internal disputes, and attracts regulatory scrutiny. In many cases, companies suffer long-term reputational and financial damage.


C) What Should Be Done to Minimize the Problem

1. Tone from the Top (A Strict One)

Leadership must take a firm stance against corruption. Ethical behaviour should be modelled by top management and incorporated into performance KPIs.

2. Institutionalize Policies

Robust anti-bribery and corruption policies must be formalized, communicated clearly, and integrated into day-to-day operations. They should define:

a) What constitutes bribery?
b) Prohibited behaviours
c) Reporting mechanisms
d) Penalties for non-compliance

3. Employee Training and Awareness

Staff at all levels, including field workers, must receive regular training on recognizing and responding to bribery attempts. Scenario-based sessions can help build moral reasoning and resilience.

4. Implement Whistleblower Protection

Safe and anonymous channels for reporting wrongdoing must be established and maintained, with guarantees of no retaliation.

5. Procurement Transparency

Tender processes, supplier evaluations, and contractor selections must be governed by clear, transparent, and auditable criteria. Digital tools and e-procurement systems can reduce manipulation.

D) Is ABMS Certification the Answer?

Yes but with a caveat.

 1) What is ABMS (Anti-Bribery Management System)?

ABMS, particularly ISO 37001, is an international standard that specifies requirements and provides guidance for establishing, implementing, maintaining, reviewing, and improving an anti-bribery management system. It can be applied in public, private, or non-profit sectors.

2) Why ABMS Helps?
  • It introduces a structured approach to identifying bribery risks,
  • It enhances governance, accountability, and control,
  • It increases investor and client confidence,
  • It protects the organization from legal consequences by demonstrating due diligence.
However, certification is not a silver bullet. It must be supported by strong internal commitment and follow-through mechanisms.

3) Proactive Risk Assessment

Before corruption occurs, identify where it is most likely to happen.

A strong ABMS starts with assessing risks based on:

  • Geographical and political exposure,
  • Project scale and budget size,
  • Third-party and subcontractor involvement,
  • Previous incidents or audit findings

 Purpose:

  • To prioritize resources and controls where risks are highest,
  • To inform policies, procurement strategies, and contract terms,
  • To prepare preventive measures before issues arise

 Risk assessments should be:

  • Conducted regularly (at least annually or when entering a new market/project),
  • Reviewed during key project lifecycle phases (design, procurement, execution, closing),
  • Aligned with ISO 37001 and enterprise risk management (ERM) frameworks

 3) I'm certified!! What Next?

 1. Continuous Monitoring

  • Internal Audits: Conducted periodically to assess adherence to anti-bribery controls,
  • External Audits: Annual or bi-annual reviews by certification bodies,
  • Compliance Reviews: Spot checks, data analysis, and third-party interviews.

 2. Determining the Root Cause

When a potential bribery incident or control failure is detected, organizations must conduct a root cause analysis to determine:

  • What went wrong
  • Why it happened
  • Where the system, process, or culture failed

This step ensures that the issue is addressed not just superficially but at its core preventing recurrence.

 3. Corrective and Preventive Actions

Non-compliances must trigger documented investigations, root cause analysis, and corrective action plans.

4. Stakeholder Engagement

Suppliers and subcontractors must be made aware of the company’s anti-bribery stance and policies. Contracts should include integrity clauses with consequences for violations.

5. Periodic Risk Assessment 

Bribery risks must be reassessed based on changes in geography, regulatory environment, project size, or political climate.

6. Ongoing Training

Training is not a one-off event. Refreshers, updates, and role-specific modules must be incorporated into annual plans.

7. Simulated Case Studies

Disclaimer 

The following case studies are simulated scenarios developed for educational and illustrative purposes only. Any resemblance to actual persons, organizations, projects, or events, past or present is purely coincidental. These examples are intended to highlight common risk patterns and responses related to corruption and bribery in the construction industry.

1. Complex Supply Chains and Multiple Layers

Case Study: “The Subcontractor Shuffle”

In a government hospital project, the main contractor appointed a series of shell subcontractors linked to one of their project managers. Work was routinely re-subcontracted, causing miscommunication and poor supervision. Despite obvious issues with safety and workmanship, payments were approved because the internal quality assurance engineer was being paid under the table to look the other way.

Impact:

  • Cracked floor tiles, unstable door frames,
  • Overruns in both time and cost,
  • Regulatory red flags due to inconsistent records,

2. Large Capital Involvement Attracts Bribery

Case Study: “The Inflated Bridge”

A regional bridge project had a budget of RM180 million. The tender was awarded to a contractor who promised a “token of appreciation” to several selection committee members. The bid was 12% higher than the lowest technically qualified bidder.

Impact:

  • Auditor-General’s Office flagged the discrepancy,
  • Public outcry led to suspension of the project,
  • Contractor blacklisted; government agency reputation damaged

3. Lack of Transparency

Case Study: “Verbal Approvals Only”

In a mixed-use development, approvals for site variation orders were made verbally. The contractor quietly paid off the site engineer and billed for over RM5 million in undocumented extras. There were no audit trails, only WhatsApp messages.

Impact:

  • Internal audit found no written approvals,
  • Project Director was reassigned pending investigation,
  • Clients demanded full refund and compliance audit

4. Culture of Silence

Case Study: “Keep Quiet or Quit”

A junior site supervisor discovered that electrical wiring was being sub standardly installed due to a cost-cutting deal between the M&E subcontractor and the main contractor. When he raised concerns, he was told to “keep quiet or leave.”

Impact:

  • Supervisor resigned and anonymously reported it,
  • After media exposure, the project was delayed 8 months,
  • The contractor was sued for negligence after a small fire broke out during testing

5. Ineffective Enforcement and Monitoring

Case Study: “The Fake Audit”

An in-house compliance officer completed a “paper audit” for an ISO-required annual review. The checklist was pre-filled, and interviews were skipped. Meanwhile, bribes were actively flowing in the materials procurement division.

Impact:

  • Whistleblower reported it to the certification body,
  • ISO certification was suspended,
  • Clients froze all pending payments until re-audit

6. Leadership with No Ethical Stance

Case Study: “The Director’s Deal”

A construction firm’s Managing Director openly told staff to “play the game” when dealing with authorities and clients. Kickbacks became normalized, with staff accepting “entertainment allowances” from suppliers to push certain products.

Impact:

  • Junior engineer leaked documents to media,
  • Several public clients cut ties,
  • Key staff left, citing toxic leadership and legal risks

7. Failure to Institutionalize Policies

Case Study: “Policy? What Policy?”

Despite having an Anti-Corruption Policy document, it was never socialized, trained, or enforced. A site agent accepted RM10K to expedite inspection sign-offs, causing later structural issues in a residential block.

Impact:

  • Building owners filed lawsuits,
  • Company settled with RM4 million payout,
  • Insurance provider declined coverage due to internal failure

8. Weak Whistleblower Protection

Case Study: “Whistleblower Retaliation”

A procurement assistant exposed an inflated invoice scheme and was subsequently transferred to a remote site without internet access. The company later claimed it was part of “routine rotation.”

Impact:

  • The whistleblower filed a complaint with MACC,
  • The company was investigated and fined,
  • ABMS certification was denied for “failure to uphold whistleblower protection”

9. Lack of Transparent Procurement

Case Study: “The ‘Preferred’ Vendor”

One supplier continued to win supply contracts despite higher pricing and poor delivery. A forensic procurement review later revealed that the vendor had been entertaining project staff with trips and gifts.

Impact:

  • Vendor contract cancelled,
  • Procurement team reshuffled,
  • Company committed to e-tendering platform rollout

10. ABMS Introduced - But No Follow-Through

Case Study: “Certified but Corrupt”

A civil engineering firm achieved ISO 37001 (ABMS) certification but treated it as a checkbox exercise. No internal audits were performed, and training was skipped to “save time.” Bribery quietly continued under the surface.

Impact:

  • Internal whistleblower triggered a surprise audit,
  • Certification body withdrew ISO status,
  • Client dropped the firm from shortlist for a major rail project

 11. Effective Post-Certification Monitoring (Positive Example)

Case Study: “The Turnaround”

A Malaysian construction company faced multiple bribery allegations in the past. After serious reflection, it implemented ISO 37001, conducted quarterly audits, established an ethics hotline, and rotated procurement staff every 12 months.

Impact:

  • Staff confidence and client trust increased,
  • No bribery cases reported in 3 years,
  • Successfully won government contracts due to enhanced reputation

E) WHAT THESE CASES TEACH US? 

Each case reflects a broader principle:

  • Without systems, corruption thrives,
  • Without culture, systems fail,
  • With both, trust and performance grow.

Implementing ABMS is a powerful step, but true transformation lies in consistency, integrity, and leadership accountability.

F) CONCLUSION

Corruption and bribery in the construction sector are deeply entrenched but not insurmountable. While external forces such as enforcement and regulation play a role, the real change must start from within through leadership, policies, culture, and systems. ABMS certification provides a powerful framework, but it is the continuous commitment to ethical behaviour and accountability that will define long-term success. In the end, integrity isn't just good ethics, it's good business.
 

Wednesday, October 02, 2024

SOME THINGS USEFUL FOR THE CONSTRUCTION INDUSTRY - QUALITY, SAFETY, HEALTH, ENVIRONMENT AND RISK

 

A sample of PDCA customized to the construction industry based on ISO 9001:2015






Here’s an example of Risk Assessment Guidelines in the Construction Industry, following the standards of ISO 31000:2018, ISO 45001:2018, ISO 9001:2015, and with elements of ISO 14001:2015. These processes are part of Integrated Management System that I developed to suit both clients and contractors - also for my training. Many have benefited from it including the authorities. (So if you see it anywhere - that's actually my masterpiece) If you have any questions or would like to customize the diagrams further, feel free to reach out.

Hope it will help Risk Assessors to understand how to conduct a proper Risk Assessment in the Construction Industry.


Wednesday, July 03, 2024

QUALITY ASSURANCE - QUALITY CONTROL 101 - Short Article by Nik Zafri


I've noticed that many people still confuse Quality Assurance and Quality Control. Let me reclarify this with an example using "defects." I've created a table for QA/QC 101 to illustrate the differences.



KEY DIFFERENCES

Proactive vs. Reactive - QA is proactive, focusing on preventing defects by improving processes, while QC is reactive, focusing on identifying and fixing defects in the product/during project operation

Scope - QA is broad, encompassing all activities related to the implementation of processes, while QC is narrow, concentrating on specific outputs (products or deliverables).

Responsibility - QA is a responsibility of everyone involved in the development process, whereas QC is usually the responsibility of a specific team.

Both QA and QC are essential for ensuring high-quality products/projects and processes, but they serve different purposes and are implemented at different stages in the development lifecycle/project operation.