A fast way to identify fraud risks and vulnerabilities: Proactive Integrity Reviews
In this guest article, Duncan Smith and Dominik Adamski of the European Investment Bank's Fraud Investigations Team explain how risk-based Proactive Integrity Reviews have helped to uncover vulnerabilities and fraud risks in EIB-funded projects. The General Principles are available for anyone to adapt and use.
Early identification of fraud risks or vulnerabilities in projects is a major concern of investors and international financial institutions. Yet time, staff and budget constraints make this a challenging task even in normal times – and much more so in the current context of the Covid-19 response.
The Fraud Investigations Division of the European Investment Bank (EIB) uses Proactive Integrity Reviews or PIRs to identify potential vulnerabilities and major fraud risks in EIB-funded operations and projects.
These reviews are different from classic investigations triggered by allegations of misconduct. Rather, they are launched proactively based on a risk assessment or a request from another internal service. This makes them a very useful way to identify misdeeds before they are noticed – and even before they occur.
General Principles: freely available for use and adaptation
Endorsed by the Conference of International Investigators (CII), the “General Principles of Proactive Integrity Risk or Fraud Detection Activities” are available for use and adaptation by any firm or organisation. They may be helpful to develop or fine-tune an existing proactive integrity risk or fraud detection programme.
The aim of a PIR is to:
- detect red flags or indicators of fraud, corruption, collusion or coercion;
- identify possible integrity risks; and/or
- determine the project’s susceptibility to misuse of funds.
The approach is constructive, seeking to identify:
- indicators that a project is vulnerable to or suffers from fraud or corruption (“red flags”);
- the nature and extent of any problems or issues;
- areas for possible follow-up, remediation/intervention and/or investigation; and
- recommendations and/or mitigating measures to prevent recurrence or mis-management.
The General Principles also give guidance on conducting a risk assessment and carrying out the review, from planning and fieldwork to follow-up.
Triggering a PIR – our FIRST risk assessment tool
One of the main challenges in a proactive exercise is selecting what to review. When we first started doing PIRs 10 years ago, we selected “riskier” projects to review based on a fragmented risk assessment (mainly country risk-driven) or even without it – simply based on suggestions from colleagues. This ad-hoc approach led to some fruitful PIRs but there was an obvious risk of bias.
The lesson learned: we needed a comprehensive risk assessment methodology covering all EIB projects. This approach led to the creation of the Fraud and Integrity Risk Scoring Tool (FIRST), a data- and intelligence-driven system providing daily fraud risk scores for all active EIB loans.
FIRST’s algorithms crunch data from within the bank as well as external databases to come up with more than 30 fraud risk indicators. Those interested in the methodology can read about it in this FCPA Blog article or in more detail in our Fraud Investigations Activity Report 2018.
Case study: identifying irregularities in loans to SMEs
We recently carried out several PIRs on intermediated loans both within and outside the EU. Our findings demonstrate the value of PIRs in identifying vulnerabilities and fraud risks early on, so they can be addressed quickly and with minimum disruption.
The “Multiple Beneficiary Intermediated Loans” we were reviewing are lines of credit extended to financial intermediaries such as banks, which then on-lend the proceeds of the loan in the form of “allocations” (sub-loans). The final beneficiaries include many SMEs.
The PIRs allowed us to quickly identify important irregularities and schemes in these loans, including:
- Weaknesses of internal control systems at the financial intermediaries. These included deficient due diligence as well as inadequate monitoring.
- Indications of tax avoidance. For example, some of the final beneficiaries used the allocations to purchase goods and services from related parties registered in tax havens. In some cases, there were indications that the beneficiaries were front companies set up specifically for the purpose of compliance with EIB eligibility criteria. We also found loans given to final beneficiaries linked to PEPs.
- Ineligible purposes. Some allocations were partly used for refinancing pre-existing long-term loans with other banks, or payment of dividends and overdue taxes.
- Ineligible beneficiaries. Some of the loans were given to final beneficiaries not compliant with SME eligibility criteria.
- Misleading or false information.
Based on these findings, the EIB concluded that a number of the sub-loans granted were ineligible and requested a partial prepayment of the loans to the relevant financial intermediary. The reviews also helped develop a remediation plan to strengthen the controls over these allocations.
Find out more
You can find more information about the PIR and our investigation, policy, training and awareness-raising activities in the Fraud Investigations Activity Report 2018. Feel free to contact the Head of the EIB Fraud Investigations PIR team, Dominik Adamski at firstname.lastname@example.org.
Duncan Smith is Deputy Head of Fraud Investigations at EIB, responsible for a range of policy, training, outreach, prevention and deterrence issues. After being Called to the Bar of England and Wales, he prosecuted corporate fraud and corruption offences at the UK’s Department of Trade and Industry and the Serious Fraud Office. In 2000, he joined the World Bank’s Investigation Unit as Team Leader then became policy/debarment adviser; he moved to EIB Fraud Investigations in 2007. He is co-author of the IFI Anti Corruption Task Force’s Uniform Framework Agreement (2006) and EIB’s Anti-Fraud Policy (2007-8) and update (2013). Duncan was a member of the CII Secretariat from 2001-2017.
Dominik Adamski has been working in the field of administrative financial investigations for 15 years. After working as an auditor and forensic accountant at major international audit firms, he joined the European Investment Bank in 2009 to implement PIRs. Within EIB’s Fraud Investigations Division, he is the Head of Fraud Detection Unit that encompasses a data-analytical model for measuring the integrity risk of EIB operations and undertakes PIRs on selected high-risk EIB financed projects across the world.
Connecting corruption and human rights compliance in a UN Global Compact virtual dialogue, 8 July
Gemma Aiolfi, Head of Compliance and Collective Action, will explore some thorny areas of anti-…
Why companies need resilience, and resilience needs compliance
New business and new markets present risks and opportunities. For a compliance officer,…