Close All

Open All

Assurance and Risk Advisory

Assurance and Risk Advisory

As businesses expand their operations, there is an increased focus on good governance and risk management in order to protect and create value for all stakeholders. Good corporate governance, strong risk management policies and a comprehensive compliance framework provide accurate and timely information to the management; thus, adding business value by improving operational decision-making and strategic planning. We review an organisation’s existing governance policy and help strengthen it.

Alongside, every organisation has various risks that must be assessed and managed in order to meet its goals and objectives. We assist the management in identifying and assessing gaps with respect to external, internal, regulatory and compliance risks in critical processes. We then help design systems to mitigate such risks and monitor progress. Compliance with applicable laws and regulations must also be ensured.

In addition, with increasing frauds in the business world, forensic reviews play an important role in monitoring and responding to potential risks. With access to forensic technology, we employ creative thinking and intelligent software to come up with future trends, analytics and actionable intelligence. We also support organisations in identifying the root cause, impact and perpetrators of fraud.

SKP Governance, Risk Management and Compliance Services


Good governance involves the implementation of good practices, policies and procedures in your organisation. It reflects the culture of the management – it is the overall approach that the management team has towards the functioning of the organisation. Our services include reviewing the following:

  • Financial Governance
    • Policies
    • Processes/SOPs
    • Reporting Framework
  • ERP Implementation Support/Assistance in Customisation
  • Legal Governance

Risk Management and Compliance

SKP assists in identifying, assessing and managing risks that may affect an organisation’s business goals. Different organisations may perceive these risks differently but it is essential to have a system for identifying and responding to them. Organisations must also act in compliance with laws, regulations, contracts as well as internal policies.

We focus on the following areas under the Risk Management and Compliance function of an organisation:

  • Risk-based Process and Internal Controls Review
  • Revenue Assurance
  • Compliance with SOP
  • Forensic Services
  • Tax Risk Management
  • Clause 49 Review – Corporate Governance Review as per listing agreement
  • Direct and Indirect Tax Compliance
  • Secretarial and Company Law Compliance
  • Foreign Corrupt Practice Act (FCPA) Review
  • Assistance in SOX Readiness
  • UK Bribery Act Review
  • KYC and Anti Money Laundering Compliance Review
  • Any other key regulatory compliance

Forensic Services

Today’s competitive business climate and dynamic market environment provide numerous threats of fraud and ethics violations. With the growing global need for transparency, incidents of fraud and violation of ethics could impact businesses in their revenues and reputation. These incidents of fraud and non-compliance may include misreporting, misappropriation/theft, abuse of authority, falsification, conflict of interest, breach of contract, third-party frauds (including vendor, supplier, dealer, customer and business partner), kickbacks, or other regulatory non-compliances.

At SKP, we support businesses with strategies and measures to combat and minimise fraud including providing a fact-based investigations report for management action. The measures adopted by us are driven by a structured fraud-control framework developed by our team of trained professionals and Certified Fraud Examiners (CFEs) with experience in forensic accounting, fraud investigations/examination, digital forensic reviews and control reviews. We can help gather specific evidence around ethics- and compliance-related issues. Our services include:

Enhance whistle-blowing

  • Improve policy: Formulate or improve an organisation’s whistle-blowing policy in line with global best practices in order to influence genuine whistle-blowers.

  • Increase awareness: Help create awareness on whistle-blowing with training sessions, periodic internal communication, ethics-related posters, etc.

  • Effectiveness assessment: Code of conduct and whistle-blowing policy awareness assessment surveys and interviews to evaluate the effectiveness of the whistle-blowing mechanism.

Support in investigating concerns

  • Investigations: Gather evidence in whistle-blower investigations or any suspected concerns or policy violations, and identify the perpetrator and quantify frauds to the extent feasible. The approach is to gather evidence from documentation, data (both ERP and other application/maintained data), digital records and information available in the public domain. This includes forensic accounting, investigations that involve detecting fund diversion to vendors or third-party kickback investigations. In select cases, we even engage document examination experts to validate signatures or the age of the paper used for a contract.

  • Digital forensics: Conduct digital forensic reviews (desktop, laptop and mobile forensic), including imaging, extraction and analysis of the digital information from company-owned assets using the appropriate tools and technologies. The reviews will include gathering evidence including emails, user-created files, meta data, registry information, system log and application process data among others.

  • Desktop background checks: Conduct desktop background checks for corporates and investors on the target and its promoters, including litigation searches (e.g. if convicted of bribery or another criminal offence), negative media searches and regulatory searches (debarred entities/individuals).

  • Anti-corruption compliance investigations: Assist in investigations with reference to anti-corruption compliance (Foreign Corrupt Practices Act (FCPA) and UK Bribery Act (UKBA).

  • Pre-investment anti-corruption due diligence: Conduct anti-corruption compliance reviews on behalf of a parent company or due diligence on the target on behalf of investors based on a proprietary scoring model to enable meaningful decision-making.

  • Site visit and mystery shopping: Conduct a site visit or mystery shopping to validate the existence of and/or gather information on a particular practice/non-compliance.

Contribute to fraud prevention/minimisation measures

  • Fraud vulnerability assessment: Conduct vulnerability assessments of fraud risks in select processes (including red flags, vulnerabilities and control gaps) for enabling appropriate control mitigation strategies.

  • Fraud risk assessment and scoring: Conduct comprehensive fraud risk assessment of identified processes and score risks based on the existing level of mitigating controls.

  • Fraud analytics dashboard: Develop and deploy a rule-based fraud analytics dashboard for select processes, for periodic monitoring of control lapses. We use select tools for analytics (like IDEA Data Analysis) to analyse large volumes of data and identify select patterns/exceptions.

Set up a Fraud Control Unit

  • Develop a robust concern-handling process: Support in reviewing trends in case closures and actions taken to identify opportunities for enhancing the concern-handling process or investigator efficiency.

  • Enhance governance mechanism in investigations: Support in enhancing the governance mechanism in investigations with a structured framework, standard operating procedure and communication protocols.

  • Fraud reporting: Support in structuring protocols for reporting fraud and ethics violations.

Other services

  • Knowledge-sharing sessions: Conduct knowledge-sharing sessions or workshops on investigation techniques and case studies.

  • Co-source resources for investigations: Support the investigation team with trained resources based on specific requirements for case closure.

SKP Forensic Services 

SKP Forensic Insights app provides the latest publications, videos, tips and presentations along with forensic news from across the globe. Our aim is to keep users aware, informed and alert about incidents of fraud and non-compliance and support businesses in their efforts to minimise fraud and corruption.
Click here to download from Play Store or iOS

International Fraud Awareness Week

For the second consecutive year, SKP supported the International Fraud Awareness Week, 13-19 November 2016, in order to promote anti-fraud awareness and education. The movement, known commonly as Fraud Week, champions the need to proactively fight fraud and help safeguard businesses and investments from the growing fraud problem. Click here to see what we did last year.

Five fraud tips every business leader should act on

Articles and Presentations

Corporate Compliance Insights: ​ISO 37001: Anti-Bribery Management Systems
ACFE Insights: 8 Underrated Critical Types of Evidence in Email Reviews
Corporate Compliance Insights:  Emerging challenges affecting independent directors
Digital Forensic
Digital Analytics
Fraud Control Framework
The FCPA Blog: Is your next compliance problem at a toll booth in Delhi?
The FCPA Blog: Will Wal-Mart change India?
Forensic Magazine: Emerging Challenges in Digital Forensics
SKP Insights: Anti-money laundering compliance: Enhanced internal controls for foreign exchange remittance transactions
SKP Insights: Six reforms that can change the way money laundering is handled
UK’s Serious Fraud Office initiates corporate prosecution for failing to prevent bribery offences
The FCPA Blog: Are whistleblower reward programs really a good idea?
Role of the CFO in Ethics and Compliances of the Organisation
Regulators prosecuting corrupt intent
ACFE Insights: 6 cognitive biases of an investigator in corporate fraud investigations
Frauds in India
Nexia Global Insight October 2015: Anti-corruption investigations – an Indian perspective
eForensics Magazine October 2015: A Practitioner's Guide to Forensic Email Reviews

Technology Risk and Business Advisory

Technology has transformed the way business is conducted across the globe. Emerging technology has become an integral part of our everyday life. The closer we are to technology usage the more we are exposed to new risks created. This dependence comes from the need to manage both processes and information better. The sensitive nature of data exposes it to threats from malware, ransomware, insider threats, risks from outsourcing services, privacy breaches etc.

The lessons from Uber, Equifax for data breaches emphasize the need for privacy enforcement legislations like Data Privacy Act, GDPR etc. A recent study revealed that data breaches in first six months of 2017 was higher than the total breaches for the previous years.

In a competitive and highly connected business landscape, the urgency to leverage a given opportunity has resulted in businesses ignoring potential risks in pursuit of growth. It is important for organizations to ensure that their technology is tuned to their strategic goals. Organizations should utilize technology as a tool to achieve excellence in business delivery by reducing risk and optimizing returns.

We understand that each business’s requirements are unique. We offer a range of IT services under Technology Risk Advisory and Technology Business Advisory to enable you to concentrate on your core business functions, while we handle your technology concerns. We provide solutions that address a wide range of industries and geographies. Our team of multidisciplinary professionals assist you in identifying and mitigating the ever-changing landscape of emerging threats. We will partner you to address these risks by recommending mitigating controls and also assist you in implementing them seamlessly.

In the current business scenario, RBI and SEBI have recognized data security as the need of the hour, and have introduced regulations targeted at bolstering the Cybersecurity infrastructure of organizations in the financial space.

Click here to read more about how SKP’s Cybersecurity services can help organizations adhere to these regulations and stay ahead of the threats!

Technology Compliance & Advisory