Clarity and speed are necessary when (suspected) irregularities such as fraud or theft have been committed within your organization. Forensic Caribbean will map out the nature and scope of the irregularities as much as possible, so that any damage (material and non-material) remains limited.
We distribute our services with regard to the provision of fraud investigations into two, namely repressive and preventative.
What options do you have after irregularities have taken place?
You can possibly choose for a labor law or a civil law approach. But also doing a criminal declaration might be an option. If you want to keep those possibilities still open in principle and first want to know more about what exactly has taken place, then we can carry out further research into the nature, extent and possible stakeholders in committed fraud, theft and/or abuse of company property, bankruptcy fraud and other irregularities.
Forensic IT research can be part of the whole research. The reports provided by Forensic Caribbean are of such a quality that they can withstand the Court key. Our reports can, if desired, be part of the file at the Court. It is up to the client to decide whether or not to make a declaration at the police and/or the public prosecutor. As an intermediary we can maintain contacts with police and/or justice for you.
If you want to prevent irregularities take place, you can respond to the risks that your organization runs in advance. We can offer you preventive service by providing a 1) fraud risk assessment and/or execute a 2) background investigation.
1. Fraud risk assessment
A fraud risk assessment is an excellent basis for a fraud policy plan where cohesion in risks and measures is brought into action. A (short) fraud risk assessment goes prior to a fraud policy plan. Identified (fraud) risks are (per business process) described. Identified is whether existing controls lend themselves to the desired fraud control.
If necessary, additional (internal control) measures are proposed. Tasks and responsibilities of the various departments/officials on fraud control are recorded. The principles of the fraud policy are described and made part of the overall policy of the company, the organization. Employees are informed about the principles of this policy and their own role in them.
2. Background investigation
A background research (generally) investigates facts and circumstances that can confirm that there is no need to doubt the existence and reliability of a company, its directors and possible partners. More specifically, it is important to find out if the (legal) persons concerned do not have questionable antecedents. In a background investigation, attention is usually given to the business profile, the financial profile of the company and the personal profile of the directors.
- The business profile includes a.o.: What kind of ‘business’ does the company? Does the proposed business transaction ‘fit’ in this business profile? What kind of reputation does the company have in the market?
- The financial profile includes a.o.: What is the financial reputation of the company? Are there any bankruptcies or liabilities known? How is the payment behavior of the company? If there is a proposed financial transaction: Does it concern a usual (under the Law Reporting Unusual Transactions) financial transaction?
- Within the personal profile the identity of the shareholders and directors will be determined. There is among other things, also research into: What kind of reputation do they have in the market? Does his/her profile (positions/additional positions) fit the proposed transaction? There is no conflict of interest? Are there any antecedents? The information of the relevant persons and entities is obtained world-wide, using our own ‘networks’, various sources and registers. From our professional background and extensive network we can investigate the background of the (potential) customer and/or partner.
Fraud is a container concept which indicates that someone intentionally acts by means of deception or fraud in order to obtain an undue advantage. The term bribery is different from the term fraud as bribery specifically is related to acts that are out to influence an official or a person who has a legal duty by offering, giving or receiving a reward. This reward can be money and/or property.
We talk about bribery when at the hands of the briber, behavioral change takes place at the one who is bribed to such a degree that this behavioral change is critical to a business decision. Bribery occurs primarily in ‘ kick backs ‘, where, for example, a Commission is paid for services that are delivered.
Experience shows that the most common form of discovery of bribery is, by an internal or external tip. On the basis of such a tip Forensic Caribbean can carry out an investigation to irregularities that occur within the business operations of your organization in order to figure out the acts that led to the bribery.
In addition, we can consider whether the policies of the organization comply with the rules as set forth in the national and international anti-bribery regulations.
Corruption involves persons with a dominant position who provide unauthorized favors in exchange for a return or as a return.
Corruption is in violation of the integrity of the relevant person and goes at the expense of honest people or organizations. Corruption also goes at the expense of your own organization. Your organization will be disadvantaged, because the interests of the corrupt employee are served and not the interests of the organization, which can result in possible overpaid quotes. This leads not only to financial damage, but also damages the company’s reputation.
When you suspect corruption, starting a research to lack of integrity can prevent more damage. If you suspect a corrupt employee within your organization, please contact Forensic Caribbean.
THE DETECTION AND COLLECTION OF ASSETS
From our recovering service, we offer the possibility to the detection and collection of your assets.
This service focuses on tracing and the retrieval of, for example, misappropriated or embezzled funds and/or property. If there is a suspicion that there are assets in other countries, we work together with related research agencies abroad. In this way, the scope of the research possibilities is greatly expanded. Countries in which we operate, directly or through partners, include: Curaçao, Aruba, Bonaire, St. Maarten, Saba, St. Eustatius, Trinidad & Tobago, Bermuda, Martinique, Antigua, Guadeloupe, Dominican Republic, Cuba, Grenada, Suriname, Venezuela, Colombia, Brazil, Chile, Argentina, Uruguay, Panama, USA, Canada. Netherlands – extended to almost all of Europe
Fact finding focuses on the question of how something could have happened and who is involved. There are cases where there is no intent. However, it should be discovered what happened and especially how and by whom. This includes, for example, when files have disappeared, goods have been delivered wrong or articles have been tagged incorrectly, but also when suddenly the costs of a project turn out to be much higher.
When research is not conducted and the facts and circumstances remain undiscovered, there is chance of recurrence or the misconduct continues. This will result in damages. Also this can lead to (damage) claims.
Forensic Caribbean can do a search to the cause of the misconduct. Depending on the misconduct, there are several research methods that can be applied. These include conducting interviews, IT research and so on. This results in a report that can be used in any lawsuit and gives an insight in the cause of the situation. This may result in advice for adjustments in procedures and processes.
Do you have any doubt about the signature under a contract or about the writer of a piece of text?
Handwriting Investigation is a method which, among other things, is used in the forensic field to determine whether hand-written text has been written by a particular person. In other words, it is verified if a disputed piece of text has been written by someone on the basis of his handwriting. Forensic Caribbean is able to conduct an investigation into the authenticity of a signature or handwriting through a Handwriting Investigation. In collaboration with our partner Nadal & Daniel we can deliver according to the following stages of an expert report:
- The analysis of the disputed handwriting and reference material
- The comparison of characteristics on similarities and differences
- The interpretation of the research results
- The wording of the conclusion
LEAK OF INFORMATION
The leaking of internal information to the press or other third parties can be harmful to the reputation of the organization and can have financial impact. For example you can think of whistleblowers, employees who act from resentment, but also information that gets out to the competition or information about bidding procedures etc.
The more information leaks out the greater the damage. Therefore it is important that this stops as soon as possible. A thorough research can determine who is responsible for the leak of information. Forensic Caribbean has various methods that can be applied depending on the situation.
In many investigations into irregularities such as the leakage of information, theft of intellectual property or a search for the sender of an email the IT research plays an ever increasing role or is even entirely depending on digital data for finding relevant facts and circumstances. These include investigations into e-spying or hacking.
By means of special equipment and software which Forensic Caribbean has to their disposal, not only visible data can be searched but also the deleted items. It is important when searching the digital data that this happens in a responsible manner in which the evidence is not affected. We use special software such as the Forensic Tool Kit which has been approved internationally to guarantee the authenticity of the data during the investigation.
Through the forensic software digital data like (text) files, emails, images, internet history and multiple other digital data which may be relevant in an investigation, can be investigated quickly. In short, we follow these steps:
- An image (exact copy with the deleted files included) is created of the data carrier of the computer, server, phone or other device for the forensic investigation
- An employee of Forensic Caribbean starts an investigation into the digital data to collect all the relevant information by means of forensic software
- The employee translates the digital traces to accepted evidence
DATA ABUSE & ESPIONAGE
We talk about data abuse and espionage when a (former) employee abuses his position to use data of his (ex-) employer for his own personal use or for business purposes.
International treaties are drawn to oppose this form of theft of business data. For example, in America they have the Treaty ‘Computer Fraud and Abuse Act and the Economic Espionage Act ‘. Forensic Caribbean can, in collaboration with your IT Department, analyze the problem, secure the data and investigate.
IT SECURITY TESTS
Research is becoming more common place in automated environments or relies heavily on data from automated systems. More and more information is only available in digital form. It is therefore crucial that the data is properly secured against different forms of danger.
This includes not only attacks from outside by an unknown but also includes internal threats:
- What information do the employees have access to?
- Can they give themselves additional access rights?
- In case of a server crash, can the data still be recovered by, for example, is there a backup?
The IT security test consists of the following components:
- Identification and exploration
The network traffic is analyzed for things like IP ranges that are in use and several critical servers and network components are identified.
- Port and vulnerability scan
During the port and network vulnerability scan the network is scanned for any known vulnerabilities in the network.
- Privilege escalation
The focus is on changing the increase of rights of certain systems. This can be done in various ways, for example by getting hold of credentials.
- Determine business risks
To keep it as concrete as possible, specific goals can be set such as: can certain data be obtained, can e-mail be reached or can processes be changed or adapted. This research is, depending on the question, carried out in collaboration with Forensic Caribbean’s partner called Fox-IT.
SECURITY RISK MANAGEMENT
Security risk management provides insight into the risks of an organization in becoming a victim of crime /irregularities by an unknown third party or an employee.
This risk analysis has 4 components: organizational, structural, electronic and digital, which are explained further below. On each area there are security measures to be taken, where of course, the cost/benefit plays a big role and the set-up of the organization must also still remain workable. By doing a risk analysis it becomes clear what risks the organization faces and what adjustments may be done to avoid unexpected high costs.
This risk analysis results in an advice based on the following 4 components:
- Organizational prevention measures
The organizational prevention measures focus on how the procedures within the organization are set up. For example do they track who enter, when and why they enter the company and who has access to what documents/areas etc. But also think about internal control on for example the finances on the basis of the four-eyes principle, the IT system or use of private email for work purposes. And what is the procedure around important documents. Can an employee take home those documents to work at it at home, or should those documents not leave the property. But also the procedure, when an alarm goes off, should be clear. Who is going to inspect the property, who will be warned etc.
- Structural prevention measures
Structural prevention measures relate to the building in which the organization is housed. Are the doors/windows and the roof secured against burglary. How is the area surrounding the property and can just anyone look inside vulnerable areas. But also notice how the safe has been anchored and has the server been placed in an open space or in a closed room.
- Electronic prevention measures
Within the electronic prevention measures electronic measures are taken against burglary. These include alarm systems, cameras, good lighting and fog machines in and around the property. This might sound logical but what’s important in the property. Does the camera film the right spots or are there “blind spots”; is the most expensive alarm system really necessary or are important matters not stored in the property. Is it necessary to place an alarm on the fence or lamps that work with a motion sensor.
- Digital prevention system
The digital prevention measures have to do with anything within the digital domain. Who can access what on the server and how is it protected. But also think about website security against cyber-attacks and the use of computers and phones of the organization. What is an employee allowed to do with his digital device and what is not allowed.