Regardless of the size of the company, keep these 7 steps in mind for the company's contingency plan:
1. Take a staff inventory: divide it into three groups. First, what people have to be in the office; second, who can work at home and third, those who have to be in the office and can work at home.
For the first group: tell them why they need to be in the office. Make sure to increase cleanliness and disinfect all shared surfaces such as: elevator buttons, electronic devices, coffeemakers, light switches, any handles or doors. Ask them to wash their hands regularly and avoid physical contact.
For the second group: send them home but first tell them that their work time should be respected as much as possible. That is to say; if they work from 9 a.m. at 6 p.m. and they have lunch from 1 to 2 p.m., it will be the same as they should do at home. But be flexible because they may have children to take care.
For the third group: depending on their duties if they need to be in the office; for example, once a week because it’s really necessary, try to rotate them. In this way, fewer people in the office will be better at preventing illness.
For any employee who becomes ill, it should be informed immediately to assist the person with the medical process and cover that person’s work. Coordination is key to keeping employees safe and the business running.

2. Monitor the employees’ situation: each area or department Head must monitor everyday how the employees are, no matter where they are and must report daily to the CEO. This is not just for coronavirus; remember that other problems may arise such as: frustration, tension, worries, loneliness, fear. If possible, organize a conference call or use some other tool where people can see each other (for example Skype), at least once a week. Not just to stay up-to-date on what's happening at work, but for employees to share what they're living. Those little sessions can help everyone a lot.
Keep in mind: it's easy to lose balance when changing a dynamic; for example working at home when it was not done. Maintaining contact can avoid feeling isolated or any other negative feelings.

3. Analyze the things the company needs to be able to operate. This covers any third party that works for the company (suppliers, consultants, distributors, etc.) to cleaners, soap, stationery, etc. Talk to third parties about what they plan to do so that you can also know what to expect from them and how this may or may not affect the company's supply chain, and therefore the products or services the company offers.

4. Train employees with reliable sources and keep them regularly updated on what is happening in your country and what the company is doing. Check what the health authorities are saying. Informed people can prevent other crises like panic; don't let uncertainty create insecurity. And train them in cybersecurity to prevent data breaches and phishing, especially now that criminals are taking advantage of this pandemic and people's fear to scam.

5. Cancel any trip, conference, meeting, event that is not necessary. The goal is to limit employees’ exposure to more people to minimize contagion.

6. Pause any contract or business plan that may be affected. There is still no specific date on when the pandemic will be minimized. Therefore, anything that is not critical must be thought twice about being hired or carried out.

​7. Make a daily backup of company data: this includes emails, figures, and documents. Since many of the employees will work at home, it is important to support their work. Whether it's done manually or automatically, make sure everything is fine. Are they working using a company laptop or their own? Their mobile? Are they sending an Excel document or accessing the company system remotely? What control measures does the company have to mitigate any risk of information security?

​The main goal of the contingency plan is to make the transition from what was physically carried out in the office and is now done remotely in the best possible way. And of course, that the company's operations continue. Giving security and support to employees will also help that productivity doesn’t decrease and the company stays alive in the face of this coronavirus pandemic.

-Leadership: if in past years true leaders were needed, this year will be an indispensable requirement for both governments and companies. The new generation of leaders must have: clear strategies on what to do, make appropriate and well thought-out quick decisions, as well as be updated on everything that affects the government or company. The consultants and/or advisors will play an important role.

-Cybercrimes: given the turnaround that the world is giving in a more digital world, they will tend to increase. Data breaches, frauds, terrorist financing, money laundering, harassment, corruption...will be increasingly done in the digital world. Crimes will tend to be more international and cooperation between governments and companies will be indispensable in order to stop them. The cornerstone of protection for all of us will be to be trained on these issues in order to determine how vulnerable we are and prevent them.

-Greater impact on the environment: if last year nature showed us the effects of global warming and pollution, this year the effects will be greater. This will cause greater migration of people to other countries, shortage or price increase of some resources, which will lead to higher prices of products. At the same time, companies will have to adjust to new environmental regulations, adjust processes and become more aware of their corporate responsibility towards the environment.

-More activism by society: social networks have boosted people's voice. Technology has helped expose crimes in real time; either with a video or photo. Uploading them to social networks makes it spread more quickly and has more coverage. And in turn, more pressure is generated, more demand for a solution. This will make both governments and companies take more care of their actions because they will be more exposed to reputational risk.

-Employees: companies will tend to focus much more on teamwork and those employees who are proactive will excel. The proactivity will have 2 pillars: that it is done with knowledge and experience.

​2020 will be a challenge for everyone: we’ll tend to become more aware of our role and the impact that our actions are producing in the world. And hopefully, we'll rectify strategies and attitudes to do the best for everyone.

After delivering so many workshops, I’ve seen that most people express a desire for promotion but it’s more a “saying” than a plan.
“Who sees himself as a manager of this company?” Half of the hands are raised. If I change to director, fewer hands are raised… and when I say CEO…there are only one or two hands raised.
If I ask: do you know what you need to be in your boss’s position? Nobody answers.
The truth is that the vast majority would like to be the boss but for some reason they are afraid to do it. Everyone wants true leaders; a better work environment but none dares to make the change.

If you are one of those people who have the desire but don’t know how to do it, here are some tips.
First, nobody is born being a leader. So remove all your fears and insecurities. You can start doing little things that over time will make you stand out from others, such as:

a) Do the right thing: I know, I’m asking you to go to the hard way but it’s essential if you want to stand out. So many excuses…so many exceptions…favoritisms…everything is part of not doing what it should be. If you want fair conditions you need to be fair!

b) Do what you say: this will give you credibility and trust with everyone else. Everybody wants a consistent person especially if that person is the leader. Guide by example.

c) Speak up: I’ve met so many people with great ideas…but sadly they keep those ideas for themselves. If you don’t speak nobody will know what you think, how you can contribute to the company. Speak-up… be open to feedback… and shape that idea. It could be the solution of that recurrent problem…

d) Accept when you are mistaken: if being consistent gives you credibility, wait to see what happens when you recognize your mistakes. By doing so, it shows that you are a human being, like everyone else, but that you have the courage, the security to admit it.

e) Generate relationships: no matter if the person is from another area, a supplier, a client, listen to them. You’ll be surprised of how much you can learn with a conversation. Also, you never know when life can change…so, be humble.

​f) Always continue learning: many people think that the only way to do it is by attending courses, workshops…no! If due to the budget you can’t attend one, do some research. There are so many useful things for free on Internet that the only thing you need is time to do it. You can also approach others and ask them what you need. A leader shares knowledge, while a boss blocks it.
 
Companies need leaders…countries, too. If you don’t believe me, read the news. There is a huge opportunity for capable, professional people. That kind of people that can make a difference in leadership, in corporate governance…so, what is holding you back?

Just by reading the title, many people could say “No way! I am not part of any fraud…” but if you keep reading maybe you are.

When you receive messages on WhatsApp, Twitter or Facebook…yes, those that are the forward of the forward of the forward... do you believe the content? And most importantly, do you forward that message to more people immediately?

If your answer is yes, we have bad news for you. You are being part of a fraud. The reason: fake news is fabricated news. Fabricated news means: lies, invented histories, false information. They may seem true because its objective is to deceive a person. That fits with the definition of fraud. By not corroborating with an alternative source of information and forwarding the content to other people, you are contributing to the fake news continue to spread, becoming viral and in many cases incite violence.

Many people think that fake news doesn’t have an impact but they do. They have much more impact than you think. People have been harassed on social media…beaten… burned alive…murdered…because someone spread the news that they were kidnappers, human traffickers, criminals. There have been cases in India, Mexico, Colombia, France, Italy that show that the alleged criminals were in fact, innocent people.

If we all want justice and be protected, shouldn’t we first check whether that information is fake news? If the news is true, it’s going to be published on a credible news website (check it out). If it is anonymous, not well written or the resolution of the video or photo is low, it’s very likely that is fake news.

​Fake news is not a victimless crime. Fake news is a fraud and we, as individuals, can stop it.

After Pablo Escobar the next most famous and rich drug dealer is “El Chapo Guzmán”. He is the Head of the Sinaloa Cartel in Mexico and although he is waiting for his sentence in the U.S. his cartel continues operating in more than 50 countries. He has been charged with transporting more than 155 tons of cocaine to the U.S. His trial has brought to light many things that people suspected, and it has emphasized the most common methods used by cartels to launder money.

The cartel got the cocaine from South America, transported it to Mexico and finally distributed it in the U.S. One of the most common ways to send the drug from Colombia to Cancun, Mexico, was by speedboats, or small boats and even fishing vessels with up to 30 tons of cocaine. They exchanged the drug in international waters, so if they were caught prosecution would be more difficult.

Once in Mexico, the cocaine was sent to warehouses in the capital and from there to the US border. They used gas pipe trucks with a hidden tank inside, in which the drugs were put. This was one of the safest methods: if the authority verified the truck, they could open the pipes, and they would only smell gas.  

Of course to do this, they needed to have front companies (either incorporated by them or established companies that they had purchased) and most importantly: lawyers and accountants; known as the “gatekeepers” in anti-money laundering regulations. Some said that to launder money, the cartel also used real estate companies, restaurants, hotels, football teams, international bank accounts, exchange houses and gasoline stations, among many others. It’s estimated that 95 companies were used (based in different parts of the world) and several of them even worked for the Mexican government.

But here there is a main question: if we know how the cartel launders money, why is it still operating? The answer is a mix of reasons but there are four that stand out for facilitating more money laundering: corruption, loopholes in regulation, lack of monitoring and companies failing to properly “know their customer”.

Word has it that in Mexico City alone the cartel paid 300,000 US dollars monthly in briberies to police chiefs, military, prosecutors, diplomats, Interpol and even former presidents. The cartels objective: to know about investigations, police operatives and to be protected. The bribes extended to Ecuador and Colombia giving the Cartel control over borders, highways, airports…everything was done to pass the drugs easily. Lawyers paid the bribes in cash, in US dollars. 

The high levels of corruption in several countries also facilitated impunity. If they were caught, they were able to pay to be free again. Bribery bought Mexican police in such a way that they helped El Chapo to escape.

​We once read an interview of the Queen of the Pacific (another cartel) and she explained that it is not so easy to launder money but that the key to do it is bribery.
We couldn’t agree more.

Surely you have heard of the "3D" printers... those that already allow us to print everything that we didn’t imagine: lenses, tools, shelves, furniture... even guns.

A few days ago, it was going to be legally allowed that anyone could download the plans of guns and rifles to produce them with a 3D printer. All this, by an agreement of the government of US with the Defense Distributed organization. However, several prosecutors managed to stop the access to the plans.
You can say: "Very well, it was stopped, so what is the problem?" The problem is that it is not yet a resounding "no" to the prohibition of this type of weapons. The risk: that anyone produces weapons without permission or authorization, without being registered, not much less controlled. Yes, without being traced. The risk that these weapons are used to carry out any crime... from domestic abuse, thefts, kidnappings, hate crimes... massacres, shootings.

Some experts have indicated that they are not a danger, because their material is similar to toys. That on average they could fire up to 9 bullets and only once. But the final idea is that they work and are deadly. Imagine that a criminal buy not one, but several 3D printers... in how much time and days, it can be produced how many weapons...

They have another weakness: their material doesn't allow to be detected. The risk: they can be taken in to massive events, airports, planes, offices, schools...
Who can assure that a minor won’t have access to them? Someone with a criminal record? A gang member?

While the technology will continue... like this issue, we must consider the impact it can have. Will technology protect us from organized crime, from terrorists? Or will it destroy us, by facilitating the criminal's lives?
​Reference data: the BBC says those days before the planned date, the plans were made public, generating thousands of downloads. Maybe the damage is already irreparable...

Have you ever thought of the risks in BIG data? If so, this information is for you. First, let’s define: BIG data involves large information in volume that comes from varying sources and is produce at a quick rate. That’s why they are known as the 3 “V” of BIG Data: volume, variety and velocity. Therefore traditional data-processing application software’s are inadequate to deal with it.

Hence the first risk relies on which software is your company going to use? Most companies decide upon the software; not based upon their processes. Keep in mind: the software has to adapt to your company not the other way around.

What kind of data your company has? Is it relevant? Is it complete and updated? Where does the information come from? The second risk is to start managing data that is bad or useless and the third risk is that it is unorganized. Make sure to organize it according to the fields your company needs.

After that, analyze and interpret data. By doing so, the information becomes meaningful, ready to make accurate business decisions. Erase information that has no use. This will help you to minimize the fourth risk: wrong decision making.

Now that you have relevant data, make sure where it is going to be store; because the fifth risk is not to have the conditions; for example temperature, maintenance, location. Sixth risk: who is going to have access to the information? Remember data protection…you don't want data leaks or breaches!

Seventh risk is lack of back-ups: secure the data by carrying out a backup in a regular basis and make sure that it is store in a different location than the company’s.

​Up to this point keep in mind that although we talk about risks, if manage them correctly your company can have high-quality data…so make it BIG!

What will 2018 bring to Internal Audit?

• Risk management: the world is changing, new risks emerge and with that the challenge of Internal Auditors to know how to manage them. They key point here is: how to manage something that you don’t understand or know? If you are in that case, it’s very unlikely to assess risk in an effective way and to show concrete results of Internal Audit's work. Target: helping the company to be able to adapt to any risk in a quick way before it concretes.  Solution: understand how the company works and its associated risks.
• Cybersecurity, technology and data analytics: with all the attacks some big companies faced this year, it is mandatory to have controls in place to guarantee that the information is protected and of course that business continues… with the minimum harm to its image and reputation. Think about ransomware, data breach…they are dangerous for companies and individuals and are becoming more sophisticated. Target: have at least one expert in technology within the Internal Audit team; in this way can also be covered new technologies and data analytics. Solution: hire someone expert in technology and teach that person to be an auditor…it is simpler in this way!

• Regulation: new rules are arising, new rules will arise… the first challenge is to understand what should be done, secondly, train staff about it. Target: implement new regulation in time to comply with deadlines and avoid sanctions. Solution: have a multidisciplinary team composed by: Compliance, Legal and Internal Audit who analyzes how to do it; they’ll complement each other by their expertise. Add any other area needed according to the subject.
• Skills: an Internal Auditor should have several skills but one that is imminent: manage conflict. Tip: listen more than talk. Show with evidence your position. Be fair.

Above all: you are not alone; this affects all the Internal Audit profession. See them as opportunities to grow, to make a bigger role for Internal Audit in 2018!