POLICY: FRAUD INVESTIGATION. October 2017

Transcription

1 POLICY: October 2017

2 CONTENTS 1. PURPOSE P3 2. SCOPE P3 3. POLICY STATEMENT AND INTERNAL STANDARDS P3 3.1 Possible outcomes P Suspension P Disciplinary action P Criminal action P Civil action (recovery of losses) P Insurance P4 3.2 Conducting the preliminary investigation Allegation identification P4 P Preliminary enquiry P5 3.3 Full investigation P Investigation team P Planning P Investigation records P Evidence gathering P Conducting interviews and obtaining statements P Outcome P Reporting P9 3.4 External reporting P Reporting to third parties P Media liaison P Insurance P Authority P11 4. BUSINESS PROCESS PROCEDURE REFERENCE 5. APPLICABLE BUSINESS GOVERNANCE FORUMS REFERENCE P11 P11 6. NON-COMPLIANCE P12 7. PERIOD OF OPERATION P12 8. DEFINITIONS P12 Appendix A Investigative process P12 REVISION NUMBER DESCRIPTION DATE ROLE NAME AND SURNAME/COMMITTEE SIGNATURE DATE Originator Devan Somiah 8 August 2017 Head of Assurance and Risk Reviewed by Barrie van der Merwe Chief Financial Officer 22 August 2017 Approved by Recommended by Approved by Ben Magara Lonmin Exco Dr Len Konar Lonmin Audit and Risk Committee Brian Beamish Lonmin Board of Directors 24 September 2017 nn September 2017 nn September

3 POLICY: PURPOSE 1 SCOPE 2 The purpose of the Investigation Policy is to establish a framework for investigating, reporting and responding in the event that suspected criminal activity and contraventions of Lonmin policies (hereinafter collectively referred to as irregularities ) is detected, as defined in this policy. All companies and operations in the Lonmin group of companies are included in this policy. The policy and any of its prescripts should be applied with due consideration of South African and United Kingdom (UK) regulatory requirements. POLICY STATEMENT AND INTERNAL STANDARDS 3 Lonmin is committed to the highest standards of honesty, integrity and fairness, and upholds zero tolerance of the commissioning or concealment of criminal acts and/or policy contraventions by employees, contractors or suppliers. The conduct of our employees must be characterised by the fundamental values of zero harm, integrity, honesty, trust, transparency, respect, high performance and employee selfworth. Based on the abovementioned values, all employees are responsible for reporting irregular acts criminal activity and contraventions of Lonmin policies through the available channels. All reporting of irregular acts, criminal activity and contraventions of Lonmin policies will be investigated and, if the complaint proves to be founded, appropriate action will be taken, including legal action where prima facie evidence exists. The Investigation Policy sets out the procedures to be followed once information regarding a potential irregularity has been received. A diagram depicting the process flow of an investigation is attached, as Annexure A, to this policy. 3.1 POSSIBLE OUTCOMES SUSPENSION Where appropriate, in terms of the Group human resources policies and procedures, and the circumstances surrounding the alleged irregularity, management needs to assess the option of suspending any staff member(s) involved in the suspected irregularity, pending the outcome of the investigation. Suspension could assist with preventing the removal or destruction of evidence, or interference with possible witnesses. Any suspensions must be carried out by the appropriate Exco member or General Manager or Head of Function who has the authority to make that decision. Any decisions regarding action possibly impacting staff will also be made in conjunction with the relevant Business Unit or Human Resources Manager and must be in accordance with Group human resources policies and procedures DISCIPLINARY ACTION At the completion of the internal investigation, the General Manager and/or Head of Function, in consultation with the investigation team and/or the Human Resources Manager, will decide if disciplinary action is appropriate in the specific instance. Where a police investigation is to be conducted, expert legal advice must be sought to determine whether or not it would be appropriate to proceed with any internal disciplinary action CRIMINAL ACTION All liaisons with the South African Police Service (SAPS) should be conducted by either the Head of Assurance and Risk, or the Group Security and Risk Manager, or his delegated official. The investigating team, in consultation with the Head of Assurance and Risk or Group Security and Risk Manager, Group Legal and/or Group Human Resources, and relevant Lonmin Exco member should decide whether or 3

4 POLICY: continued not to report the matter to the SAPS. The advantages of involving the SAPS generally include: The SAPS can assist in minimising losses and can assist in tracing assets held overseas The SAPS can assist in gathering information in the appropriate format and standard required for prosecution in the criminal courts As a general rule, suspicions of fraud or corruption should be reported to the SAPS operating in the area where the crime took place as early as possible. Furthermore, if not yet reported in the early stages of the investigation, all corruption and all fraud, theft, extortion, forgery or uttering to the value of R or more, must be reported to the SAPS in terms of the Prevention and Combating of Corrupt Activities Act 12 of Consideration should also be given to using professional forensic specialists to establish and assess the facts, which can then be handed over to the SAPS in the event of a criminal prosecution CIVIL ACTION (RECOVERY OF LOSSES) The recovery of any losses is one of the key objectives of any investigation. The investigation process must involve the full quantification of any losses sustained by Lonmin and its subsidiaries. The repayment of these losses should be sought from any guilty party. Where necessary, legal advice should be obtained for the most effective actions that can be taken in order to secure the recovery of any losses. Any Exco member, together with the General Manager and/or Head of Function, with support from Group Legal, shall approve the commencement of civil action INSURANCE The Lonmin insurance provider must be notified as soon as potential fraud is being investigated in order to ensure compliance with insurance policy requirements. 3.2 CONDUCTING THE PRELIMINARY INVESTIGATION Once an allegation of an irregularity is received, a preliminary internal investigation must be initiated. This process aims to determine the validity of the information ALLEGATION IDENTIFICATION The allegation may be received through various sources and should be reviewed to establish the true nature thereof. These sources could include, but are not limited to, the following: Data analytics detection activities Management reporting 4

5 POLICY: continued Internal audit Whistleblower Hotline mechanism An attempt should be made to establish as many facts as possible in the initial report. The reporter should, where possible, be required to supply detailed information with regard to, for instance, the timeframe, modus operandi and possible suspects. All information should be carefully noted in a format that can later be produced should it be required PRELIMINARY ENQUIRY A preliminary enquiry must be conducted to determine if there is merit to the allegation and if a full investigation is justified. If so, the modus operandi should be identified as this will assist in developing the investigation plan and process to be followed. An enquiry file must be opened to keep formal record of the mandate and procedures performed in conducting the preliminary procedures. The procedures to be performed, inter alia, include: The matter should be recorded in the case management system An initial meeting should be conducted with the relevant General Manager or Head of Function to understand the business environment to which the allegations apply An initial meeting with Human Resources should be held to obtain background information on the person(s) mentioned in the allegation Available documentation should be reviewed and assessed An initial interview should be conducted with the complainant Witnesses and other role players should be interviewed Appropriate steps should be taken to safeguard information or evidence of any nature gathered during this phase The allegation should be assessed in relation to the business role of the implicated party. If it is found that the allegation is unfounded, or that a prima facie case cannot be made, the enquiry must be closed and a final report must be written. If it is established that sufficient information and evidence exists to enable the investigation team to conclude 5

6 POLICY: continued that there are grounds to suspect that the allegation is founded, the allegation will move to a full investigation. A case file must be opened, and the outcome of the preliminary enquiry and the decision reached must be documented. The facts of the allegation should, at this stage, be communicated to the relevant Business Unit Manager and Head of Assurance and Risk or Group Security and Risk Manager, as necessary. A mandate or instruction to proceed should be obtained from either of the aforementioned persons. Where possible, the communication and mandate should be written. 3.3 FULL INVESTIGATION The purpose of the full investigation is to establish whether or not there is material evidence that an alleged irregularity occurred and, if so, to gather the following: Statements should be obtained from witnesses and, where possible, these statements should be sworn affidavits Sufficient evidence should be gathered to support any complaint reported to the SAPS Sufficient evidence should be provided for disciplinary action, civil action, criminal action or a combination of the aforementioned as the case may be Controls, or lack thereof, should be reviewed and make recommendations made regarding remedial actions based on findings The investigation team should adhere to the following basic procedures in conducting an investigation INVESTIGATION TEAM The composition of the investigation team is dependent upon the nature of the allegation and the level of complexity involved in the investigation. In certain circumstances, third-party investigators may be appointed in order to gather sufficient evidence to hand the matter over to the appropriate authorities. In addition, expert legal opinion may be sought to guide the investigation team. Responsibility for management of third parties rests with the Head of Assurance and Risk and/or Group Security and Risk Manager. 6

7 POLICY: continued Once the investigation team has been assigned, they will agree on the terms of reference, scope of operations and an initial time allocation with specific monitoring points with Head of Assurance and Risk and/or Group Security and Risk Manager. This team will make preliminary observations on whether or not there is any substance to the allegation, and recommend the various courses of actions to be considered and/or any third parties should be notified for example, insurers PLANNING Planning of the investigation should be focused on: Where the alleged offence occurred Who may have been involved What transactions, records, reports, goods, material or other assets are involved What laws or regulations/policies may have been breached When the alleged offence started What the extent of loss suffered by Lonmin was Why the alleged offence was not picked up through internal controls and checks INVESTIGATION RECORDS The investigation team must, at a minimum, maintain the following: A diary of all procedures must be kept during the investigation, including site visits, interviews conducted and telephone calls Copies of all statements must be obtained Copies of all supporting documentation must be obtained All original documentation must be kept in safe custody, where possible, at the offices of the Group Security and/or Lonmin Business Assurance Services Working papers must be kept Copies of electronic evidence should be obtained Records should be kept of the person from whom documentation was obtained, from where the information originates, and the date on which it was obtained and by whom 7

8 POLICY: continued All records/documentation must be handed to Lonmin Business Assurance Services after finalisation of the investigation for filing on the case management system EVIDENCE GATHERING When suspicions have been raised, it is important that evidence is preserved and protected. Wherever possible, gathering of evidence relevant to the case should be conducted by staff conducting the investigation. Failure to follow the correct process may lead to insufficient or inadmissible evidence being gathered, which could prejudice the final outcome of any action taken. Information kept by the investigation team regarding specific cases may be sensitive. An inadequate chain of custody or lack of physical security could lead to negative repercussions if the information cannot be traced or if unauthorised individuals have access to it. The following steps should be followed at a minimum: Original documentation should be placed in safekeeping and copies should be made in order to conduct the investigation Back-up files of all electronic information should be made Evidence should be catalogued and indexed to ensure that information can be traced when required Evidence should be properly safeguarded against unauthorised access and disasters Procedures for sourcing documentary and other physical evidence exist to ensure the integrity of the evidence is maintained. Such procedures include: Evidence receipts Inventory lists compiled on site Preservation of originals immediately once obtained custodians Where electronic evidence exists, the following basic procedures must be followed to secure the relevant data: Secure the relevant electronically stored information for example, laptop and memory cards Properly and accurately record the physical movement/handling of evidence when it is seized/ received If it is envisaged that a matter could be the subject of a criminal investigation, each party handling the item should supply an affidavit reflecting the date, time 8

9 POLICY: continued frame and purpose of having custody of the item Ensure the chain of custody is maintained while handling evidence Safeguard and store the evidence CONDUCTING INTERVIEWS AND OBTAINING STATEMENTS The investigation team must: Determine who will be interviewed and what information is needed from them Disclose to the interviewee the capacity in which he is being interviewed for example, as a suspect or witness Where appropriate, afford the interviewee the opportunity to have a Human Resources representative present Brief the interviewee on the purpose of the interview without disclosing sensitive information Where possible, record the interviews with permission of the interviewee Where appropriate, take statements or affidavits (sworn statements) from the interviewee during or after the interview OUTCOME The investigation team must assess the information obtained and determine whether or not a suspect can be identified. If so, further steps should be taken to interview the suspect and attempt to obtain a statement. Where the suspect is not an employee of Lonmin, criminal and civil action should, where possible, be instituted. However, if the suspect is an employee of Lonmin, Human Resources must be informed and a disciplinary enquiry arranged. It should be noted that a disciplinary enquiry does not preclude the institution of criminal or civil action. It must be borne in mind that where a police investigation is to be conducted, expert legal advice must be sought to determine whether or not it is appropriate to proceed with any internal disciplinary action. If a suspect cannot be identified, consideration should be given to approaching potential informers in order to continue the investigation REPORTING The investigation report should be circulated to the Chief Executive Officer, Chief Financial Officer and respective 9

10 POLICY: continued General Manager(s) and Head of Function, and should contain the following basic sections: Introduction This section must contain concise details of: The objective of the investigation The scope of the investigation Preliminary facts relevant to the investigation The investigation procedures performed, including documentation, physical objects and electronic information or devices collected, and individuals interviewed and the information obtained Findings The findings section of the report will set out the factual findings and detail the prima facie evidence that needs to be considered. Recommendations Based on the findings of the investigation, recommendations should be made on the most appropriate course of action. In addition, internal control weaknesses, which may have been highlighted through the investigation, must be referred to the relevant Regional Manager. Management comments Management will be given a period of 10 working days to provide Lonmin Business Assurance Services with the following: An action plan to address control breakdowns and other recommendations made for example, disciplinary steps The person responsible for implementing the corrective action The implementation date 3.4 EXTERNAL REPORTING REPORTING TO THIRD PARTIES It is Group policy to report all known criminal activity to the SAPS for investigation. The timing of SAPS involvement will be at the discretion of the Chief Financial Officer and/ or Head of Assurance and Risk and/or Group Security and Risk Manager, and Group Legal in conjunction with the appropriate Lonmin Exco member and/or Board members. The Group will report incidents of suspected criminal activity, including fraud, corruption and theft to the relevant authorities, including the South African Revenue Service (SARS), among others, where necessary. In terms of the requirements of the Prevention and 10

11 POLICY: continued POLICY STATEMENT AND INTERNAL STANDARDS continued Combating of Corrupt Activities Act, any suspected corruption and any suspected fraud, theft, extortion, forgery and/or uttering to the value of R or more must be reported by the Regional Manager: Risk Control to the SAPS MEDIA LIAISON Any disclosures to the media about misconduct or any investigation may only be made by Group Corporate Communications or the Chairman of the Board in consultation with the Chief Financial Officer and/or Head of Assurance and Risk and/or Group Security and Risk Manager, and Group Legal INSURANCE The Group Risk Manager and Head of Assurance and Risk will liaise with the insurers to ensure that an appropriate assessment of the claim is conducted. 3.5 AUTHORITY The Investigation Team Leader is authorised to allocate resources, set time frames, determine scopes of work and apply the investigative techniques required to accomplish the investigation objectives. The investigation team has the authority and mandated to conduct an investigation with: Unrestricted access to all functions, records, property and personnel Full and free access to the Lonmin Board, Exco members, Ethics Committee, and Audit and Risk Committee members The necessary assistance of personnel in the business units of the Group, where investigations are performed, as well as other specialised services either internal or external BUSINESS PROCESS PROCEDURE REFERENCE Fraud Risk and Control Management 4 APPLICABLE BUSINESS GOVERNANCE FORUMS REFERENCE 5 Lonmin Social, Ethics and Transformation Committee Lonmin Audit and Risk Committee Lonmin Exco NON-COMPLIANCE 6 In the event of non-compliance, the individual shall be subject to Lonmin s disciplinary procedures. 11

12 POLICY: continued PERIOD OF OPERATION 7 This Policy will remain in force from the date of acceptance until amended and circulated as an updated policy. DEFINITION 8 Lonmin management Lonmin management shall include Supervisors, Line Managers, Junior/Senior Managers, General Managers, Heads of Department and Exco members in the Corporate Office and the Operating Divisions. APPENDIX A INVESTIGATE PROCESS PHASE 1 PHASE 2 PHASE 3 SOURCE OF INFORMATION STEP 1 PRELIMINARY INVESTIGATION STEP 2 DETAILED INVESTIGATION STEP 3 POSSIBLE ACTIONS TO CONSIDER Allegations received through hotline or directly reported to management Investigations identified by internal audit/external audit Analyse allegations and open enquiry Communicate with Business Unit Manager Verify information Open case file and allocate case to investigation team Conduct preliminary investigation for example: Document review Data analytics Background checks Detailed investigation for example: Interviews Gather evidence Secure statements and evidence Analyse evidence Link suspect Lifestyle review Computer forensics Handwriting specialist (outsourced) Polygraphs (outsourced) Based on findings consider: Disciplinary action Criminal case Red flags identified through data analytics Allegations received from other sources If negative If positive Close enquiry and write final report If insufficient evidence If sufficient evidence Close file and update case management system Interview suspect Write final report detailing: Evidence obtained Findings Conclusions Recommendations Civil recovery Update case file on case management system ANALYSIS OF EFFICACY OF APPLICABLE REGULATIONS AND PROCEDURES PROJECT MANAGEMENT AND FEEDBACK 12