The Quest for Quality
Far Eastern Economic Review - October 21, 2004

Background checks of employees, partners and clients form a critical first step in managing business risk. Quest Research has built a multimillion-dollar business by refining and mastering the process

Howard Winn / HONG KONG: When a large A merican financial institution in Hong Kong was looking to find someone to run its China operations it took the precaution of hiring a firm to check the backgrounds of its candidates. This was just as well. One of them from the mainland, claiming to be a deal maker with extensive connections, on closer inspection turned out to have been the interpreter on the deals he said he had closed.

In another instance, a hypermarket was looking to recruit a south China sales agent. The Hong Kong office was reluctant to screen the candidates but was pushed into it by its European head office. As a result, one of the candidates subsequently admitted that a four-month period that his curriculum vitae said was spent traveling around Europe was in fact spent in jail. He had been found guilty of selling counterfeit compact discs in Guangdong.

"It's all about knowing who you transact with on a daily basis," says Michael Short, co-founder and managing director for business development at Quest Research, the company that carried out these background checks.

Short and John Baxter, both former Hong Kong police officers, started Quest Research in 2000 above a sauna on the fringes of Hong Kong's Central business district. Since then, the danger of terrorism and increased security risk for global business has resulted in soaring demand for pre-employment screening, along with background checks on clients, vendors, distributors and business partners. Four years later the start-up business has become a multimillion-dollar business occupying an office in upmarket Alexandra House in the city's financial heartland.

Pre-employment and other background screening is well established in the United States and in Europe, which is why Quest's main clients are U.S. and European financial institutions and multinationals operating in Asia . However, Asian-based companies have been less enthusiastic, viewing it as an unnecessary cost.

But the terrorist attacks on the U.S. on September 11, 2001, and the reaction to them have changed that attitude. "After the . . . attacks there was a big change in the regulatory environment, particularly for financial institutions," says Short. Within weeks of the attacks, U.S. President George W. Bush issued an executive order which included a list of individuals, entities and groups believed to be connected with terrorism. The list is maintained by the Treasury Department's Office of Foreign Asset Control and has been combined with the Specially Designated Nationals and Blocked Persons list. It is almost 100 pages long and contains thousands of names.

"If any U.S. business does business with any companies or entities on this list, even unknowingly, they are committing a criminal offence and could go to jail," says Short. The Patriot Act, passed shortly after the 2001 attacks, was another piece of U.S. legislation that has wide-ranging implications for businesses. It sought to strengthen anti-money-laundering laws and was directed at cutting off terrorist sources of finance and the use they were able to make of the U.S. financial system before the attacks. Financial institutions are now required by law to implement special account-opening procedures, and to institute screening of customers.

Businesses also need to be aware of the Foreign Corrupt Practices Act, which relates to bribery in respect of securing contracts and maintaining a business overseas. Politically exposed persons are another business risk. These include rulers or senior officials and their families and friends who are likely to have acquired funds through corruption or by illegally diverting government funds. Businesses face the risk of criminal charges in assisting in money laundering, lawsuits, and damage to reputation. Businesses also have to ensure that they and their counterparts are in compliance with the Sarbanes- Oxley Act, which covers corporate transparency.

" The U.S. is very good at saying this is our legislation and though you live somewhere else you have to abide by it," says Short. "The Patriot Act is a prime example. It is U.S. legislation but it applies to any entity or organization which does business with a U.S. entity."

STANDARD PRACTICE
Before the 2001 attacks, screening was something that was best practice--now it is standard. "As a result of these new regulations, banks need to know their clients, whose money they are accepting or transferring and who they are providing with trade finance. Multinational companies shifting container loads of high-value goods around the world need to know who their distributors and end clients are." Companies, particularly in the financial sector, need to know who their employees are. "Failure to comply with these regulations can result in criminal prosecutions, fines and ultimately prison sentences. The law says firms have to carry out enhanced due diligence," Short points out.

The screening industry has also benefited from the heightened activity of the Financial Action Task Force, which is an inter-governmental agency. It drew up a list of 40 recommendations that set out a basic framework to counter money laundering. These were revised in 1996, and then again in 2003 in the wake of the 2001 attacks, in an effort to deny terrorists and their supporters access to the international financial system. Since then a number of monetary authorities such as those in Hong Kong and Singapore have incorporated these recommendations into their regulations. Pre-screening of bank managers, for example, is now mandatory in these jurisdictions.

Quest Research has also seen an increase in business arising from the sharp increase in the outsourcing of back-office operations to India by information-technology companies and banks in recent years. Outsourcing is a huge business, worth $12 billion a year and employing thousands of white-collar workers. It is still growing and needs around 80,000 new workers a year, most of whom require background screening. According to business consultancy Gartner, security and privacy concerns are set to replace job losses as the main issue in the increasing campaigns against outsourcing. This means that firms have be careful about who they hire.

The response to the 2001 attacks and the outsourcing boom in India have helped Quest to grow rapidly from its initial two founders to its current level of 350 employees with offices in Hong Kong, Beijing, Perth, Singapore, Dubai, Mumbai, Bangalore and New Delhi. Short says Quest does more screenings than all the other firms in Asia put together; clients include most of the big financial institutions in Hong Kong , Singapore and elsewhere in the region.

Short and Baxter developed the idea for their company after joining the risk-management industry after leaving the Hong Kong police force. It's an industry that has grown up in Asia during the past decade, particularly since the onset of the Asian financial crisis. They perform a variety of functions, including pre-employment screening, intellectual-property investigations, fraud investigations, due-diligence inquiries, and contingency planning. The two founders, following business models from the U.S. , focused on one aspect of this business and commoditized it.

"We saw that there was so much more that you could achieve by focusing on a distinct product and providing good value and giving people what they wanted," says Short. We have also tried to take the 'smoke and mirrors' out of the industry. This is one of the things that sickened me when I worked in the industry. The so-called China expert would say, ' China is a very difficult place to do business--its all done on contacts. We can get that information for you but it is going to cost thousands of U.S. dollars for us to give you a read on the background of this company.' It's nonsense, absolute nonsense. We have cut through that. We put a lot of people's noses out of joint because they can't command that fee any more."

According to Short, much of the information on individuals and companies is publicly available even in places like Indonesia and China . "You just have to know where to look," he says.

One of the problems for individual firms in keeping up with the lists of banned entities is that there are numerous lists produced by governments and global agencies but there is no central repository. They are updated irregularly and stored in different ways. Quest Research monitors some 35 lists which it puts together as a product it calls IntegraScreen Online-Asia. Most of the work is done in India , where some 280 of Quest Research's 350 employees are based. It's not alone in doing this, but Short says that unlike others, Quest Research is more focused on Asian risk.

Last November, Quest strengthened its IntegraScreen product when it signed a deal with U.S.-based Language Analysis Systems, one of the leaders in name-recognition technology. "It's not enough having the database--you have to be able to use it in a smart way in order to get the information you want," Short explains. Asian and Middle Eastern names pose a problem in that they can be transliterated in a number of ways leading to time-wasting "false-positives" from database searches. For example, there are about 395 different versions of the name Mohammed, and the Chinese name Chan can be variously transliterated as Chen or Tan, making it easy for a name to be missed when using traditional search methods.

So what does all this screening show up? "A lot of people lie about their educational qualifications, their salaries and their job titles. In about 8% of pre-employment screening that we do, there are large enough discrepancies for us to pick up the phone and tell the client, 'You should talk to your candidate about this'," says Short.

Indian police recently seized 39,000 fake educational certificates in one day. The Chinese government estimates that there are at least 600,000 more degrees in circulation than degrees awarded. Serious discrepancies run to about 1.5%, and include people who have been fired when they say they left, stolen from the company and been dismissed and other forms of dishonesty.

Short says that the main risk for companies that don't screen, particularly for financial institutions , is to reputation. If there's another terrorist outrage and the funds for it were channeled through an investment bank, the damage to the bank's reputation would be immense, Short believes. He adds that while it might appear to be normal business practice to check into the backgrounds of business counterparts, a lot of companies couldn't care less as long as they were getting a good deal. He believes investment banks are pretty tight: "It's too dangerous for them not to be."

But it's a different story for multinational companies. "I think a lot of [them] haven't the faintest idea who they are doing business with. They only have a vague idea of the company's name. They have no idea who owns it or where they would start if anything went horrendously wrong," he says.