A'sharqiyah Young
Businessman Forum
Managing Risk in the Family Business
Environment
William Asante
Director, Forensic & Dispute Services, KSA
December 2011
Managing Risk in the Family Business Environment
What you don’t know can hurt you
•
When executives are concerned about events involving regulatory and security breaches,
fraud, accounting irregularities and other similar scenarios, the financial impact can be the
most worrisome issue
•
The impact on reputation and future business can also be severe
Getting the balance right
•
Developing business strategies that are
designed to explicitly identify and mitigate
potential risks, integrate risk management into
day-day business processes, and deploying
technology to support risk analysis are key
drivers to good risk management
A company with a profit margin of 5% would need to generate an additional $2 million in
revenues to recover losses from a $100,000 fraud event.
Managing Financial Risk
Managing Financial Risk
Protect your assets and preserve legacy
•
Fraud, theft and employee misconduct have always been an unfortunate business reality,
often exacerbated by periods of economic downturn and lack of proper oversight
•
New economic and competitive pressures have changed the landscape, introducing new risks
and putting reputations on the line
•
A flurry of recent headlines announcing cases of fraud, theft and misconduct have made
executives search for ways to strengthen their fight against the war on fraud
•
Today’s organizations are under siege – inside and out. There are countless opportunities to
exploit weaknesses that come with new developments such as outsourcing partnerships,
mobile employees, new technologies and offshore operations
Managing Financial Risk
Looking ahead – assessing risks
•
Fraud risk exposure should be assessed periodically by the organization to identify specific
potential schemes and events that the organization needs to mitigate
•
Fraud risk management is not a onetime development. An organization’s plan should be reevaluated and updated regularly
•
A fraud risk assessment should include an evaluation of the incentives, pressures and
opportunities to commit fraud within the organization
•
Evaluating the risk of fraud should also include an examination of management, including
internal controls and segregation of duties
It is vital to have a stable platform for future economic growth and development
Managing Financial Risk
Prevention & detection
•
Not all fraud is preventable. However, preventative techniques are an organization’s first line
of defense against fraud
•
Financial controls are not fraud controls. Therefore, an organization should develop a specific
set of preventive measures designed to address fraud risk
•
The success of preventative techniques is reliant on awareness and reinforcement. Family
businesses, in particular, can be susceptible to considerable waste or abuse due to a lack of
adequate oversight and awareness.
•
Detection techniques will act as a deterrent against fraud, but only if they are properly
designed, visible and effective
•
Detection techniques should be flexible and adaptable to meet changing risks of fraud
Managing Regulatory Risk
Managing Regulatory Risk
Risks you can’t ignore
•
It is an irony of modern business that regulation, a concept designed to reduce risk by
protecting the interests of corporates, customers and society at large, has itself become one
of the most serious risks that companies face
•
•
•
Audit and reporting regulations
Workforce regulations
Environmental regulations
•
•
•
Health and safety regulations
Technology regulations
Intellectual property regulations
•
Increased complexity in the regulatory environment is one of the biggest challenges facing
companies, with regulations in one country potentially having an increased impact on firms’
global operations
•
Taking a focused approach can save considerable time, effort and cost, and may increase the
return on an investment. It can also reduce the risk of loss and damage to a company’s
reputation and its assets and enhanced enterprise
Positioning your business to respond to new standards is
a critical component of effective risk management.
Managing Regulatory Risk
From burden to benefit
•
Plan to invest in people, processes and technology to improve regulatory risk management
•
Pre-empting regulatory change is to adopt best practice before they are mandated, and to
maintain regular communications with domestic and international regulators
•
A proactive approach can help avert the need for regulation in the first place, and minimize
the disruption caused by new regulation where it arises
•
Direct lobbying of governments is deemed far less effective as a strategy for managing
regulatory risk, while recruiting expertise in different countries’ regulatory environments is
seen as an important strategy
Companies must seek to stay one step ahead of the regulators
Managing Reputational Risk
Managing Reputational Risk
Reputation is a powerful asset
•
Reputation is an intangible asset, greater than brand, offering premium value growth
opportunities to shareholders. It is the sum total of all stakeholders’ experience
•
Understand the value of your entity’s reputation
•
Treat reputation holistically
•
Understand interrelationships within the business
•
Identify and prioritize the main causes of reputational risk
•
Communicate these causes to key management
•
Have a crisis plan when all else fails (contingency planning)
“If I lost all of my factories and trucks but kept the name Coca-Cola,
I could rebuild my business. If I lost my name, the business would
collapse”
CEO, Coca-Cola
Managing Reputational Risk
Protecting your reputation is not a regulatory requirement
but a business strategy
•
Positioning an organization to respond to the new environment is critical for effective risk
management and for preserving its reputation and capital
Your people can be your strength
•
A regulatory and risk framework matters less than the competence and independence of
those doing the supervision
•
Therefore, organizations need to ensure they are getting their fair share of talent
Assess the risk profile of your advisers/ business partners
•
•
•
Consider the risk posed by advisers and business partners e.g. investment managers.
Conduct adequate due diligence during the partner on-boarding process
Exercise audit rights and adopt a risk-based approach to partners in certain industry/sectors,
jurisdictions
It takes many good deeds to build a good reputation and only one bad deed to lose it
Case Study
Case Study
Major Saudi Conglomerate
Fraud Investigation, Asset Tracing and
Forensic Accounting
Multi-National Conglomerates
Fraud, Corruption and Bribery Pre Acquisition
Due Diligence
Healthcare Equipment Supply Company
Investigation and Training
We were appointed as lead financial advisor
and forensic investigators to a major Saudi
conglomerate in May 2009. The matter
relates to one of the largest ever reported
frauds in the Middle East. The sums in
dispute amount to billions of dollars.
Our team of fraud specialists have assisted a
number of multi-national conglomerates to
conduct fraud, corruption and bribery pre
acquisition due diligence assessments of
target companies based in Saudi Arabia.
We were appointed by the external counsel
of a US based healthcare equipment supply
company to investigate allegations of bribery
at their exclusive Saudi distribution agent.
As a part of this matter, amongst many
services, we have:
 Successfully traced more than 50% of the
funds misappropriated
 Been involved in negotiations with over
100 local and international creditor banks
 Assisted in the defence of claims and
appeared on behalf of the group in more
than 11 jurisdictions around the world
 Worked with a number of legal advisers
 Acted as expert witnesses in courts of law
and gave evidence
 Advised the group on various financial
affairs, including restructuring of debt and
effective cash management and control.
The team attend the target company offices
and carry out interviews with senior
management and key staff. We test certain
high risk contracts, transactions and
company accounts to identify any red flags
and potential key risk areas associated with
the transaction.
We often work at the direction of client’s
counsel and provide reports of key findings
and mitigation action plans. When
necessary, we can return to the target
company to follow up upon the
implementation of recommendations put
forward.
A team of professional investigators
attended the distribution agent to gain an
understanding of the circumstances
surrounding the prosecution of two
employees convicted of attempting to bride
a Saudi government official. Conducted
interviews of senior management and key
staff and reviewed accounting transactions
related to the incident.
Provided counsel with intermittent verbal
reports and visual timeline of significant
events.
Subsequent to the investigation we were
contacted and retained by the distribution
agent to hold anti-bribery and corruption
workshops which were attended by all
employees.
Case Study
Major Global Financial Institution
Anti-bribery and corruption framework
Bahrain Public Prosecutor
Investigation into Allegations of Fraud
ME Government Accountability Authority
Fraud Risk Management
We are currently assisting a global financial
services provider in establishing their
compliance programme following their
recent entry into an ME-based joint venture.
We have been appointed by the Bahrain
Prosecutor to investigate allegations of fraud
by the CEO of an Islamic investment bank.
Our work concerned a number of allegations
including:
We were appointed to by an ME government
accountability authority to assist with Fraud
Risk Scenario Assessment Projects at central
government departments and state owned
enterprises.




The purpose of the assessments is to help
the authority to understand the fraud and
corruption risk profile of the operations and
identify the major fraud and corruption risks.
We prepare and conduct specialised one-onone interviews with key staff and
management, hold targeted workshops and
review any and all relevant documentation.
Our team consists of specialist fraud risk
practitioners supported by industry experts.
As part of this work we have conducted a
desk-top review of their anti-bribery and
corruption policies and procedures with a
view to harmonising these with relevant
local and global policies and procedures.
Deliverables will include a gap analysis and
high level action plan to assist them in
improving their compliance program.
Unauthorised payments
Acting outside his authority
Breaking corporate governance polices
Destruction of documents and theft of
intellectual property
The investigation has involved a large
number of interviews of key personnel.
We have been required to present our
independent findings to the Bahraini Public
Prosecutor together with supporting exhibits
and appendices.
We compile a summary of the identified
potential gaps in fraud mitigation activities,
action plans to bridge identified gaps and
staff training to mitigate future occurrences.
During our time on this project we have
assisted the accountability authority to
develop their standard Fraud Risk Scenario
Assessment methodology which is being
rolled out across all entities.
Q&A
Questions and Answers
Contact Information
William Asante
Director, Forensic and Dispute Services
wasante@deloitte.com
+971 (0)50 294 5847
Deloitte Corporate Finance Limited is a Company limited by shares, registered in Dubai International Financial Centre with registered number CLO 748 and is authorised and regulated by the Dubai Financial Services Authority.
A list of members is available for inspection at Al Fattan Currency House, Building 1,Dubai International Financial Centre, the firm’s principal place of business and registered office. Tel: +971 (0) 4 506 4700
Fax: +971 (0) 4 327 3637.
Deloitte Corporate Finance Limited is an affiliate of the UK and Middle East member firms of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally
separate and independent entity. Please see www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms.
.
Deloitte provides audit, tax, consulting, and financial advisory services to public and private clients spanning multiple industries. With a globally connected network of member firms in more than 150 countries, Deloitte brings world-class
capabilities and deep local expertise to help clients succeed wherever they operate. Deloitte's approximately 182,000 professionals are committed to becoming the standard of excellence.
Deloitte's professionals are unified by a collaborative culture that fosters integrity, outstanding value to markets and clients, commitment to each other, and strength from cultural diversity. They enjoy an environment of continuous
learning, challenging experiences, and enriching career opportunities. Deloitte's professionals are dedicated to strengthening corporate responsibility, building public trust, and making a positive impact in their communities.
Deloitte Corporate Finance Limited (Regulated by the DFSA)
DIFC | Dubai International Financial Centre
P.O. Box 282056 Dubai
United Arab Emirates
Local offices:
Al Zamil Tower
Bin Ghanem Tower
Government Avenue
Hamdan Street
P.O. Box 421
P.O. Box 990
Manama, Bahrain
Abu Dhabi, UAE
© 2011 Deloitte Corporate Finance Limited. All rights reserved.
Fahad Al-Salem Street
Salhia Complex, Entrance 2
P.O. Box 23049
Safat 13091, Kuwait
Al-Ahli Bank
Sheikh Suhaim bin Hamad St
P.O. Box 431
Doha, Qatar
Al Salam Bldg
Main Olaya Road
P.O. Box 213
Riyadh, Saudi Arabia
Saudi Business Center
Madinah Road
Mail: P.O. Box 442
Jeddah, Saudi Arabia