TNRC Guide - How-to Guide: Strengthening internal controls to prevent corruption in illegal wildlife trade enforcement

How-to Guide: Strengthening internal controls to prevent corruption in illegal wildlife trade enforcement

This TNRC Guide shares practical knowledge for program designers and implementers to reduce corruption’s impact on conservation.

What are internal controls?

Broadly speaking, internal controls are the policies, procedures, and practices that help organizations to achieve their goals and reduce their risks, including corruption risks. A robust system of internal controls can help foster accountability, reduce corrupt behavior, enhance law enforcement, identify gaps in performance and opportunities to improve, and enable oversight by government and civil society. The Basel Institute on Governance quick guide “Internal controls and anti-corruption” and the Basel Institute/TNRC brief “Internal controls and illegal wildlife trade” provide introductions to the topic.

This guide was developed for program managers and donors who seek to understand and assess the strength of internal control functions in government agencies responsible for enforcing laws against illegal wildlife trade (IWT). It provides detailed steps and guidance based on experience implementing assessments of internal controls, but a scan of the guide may also be helpful for conservation practitioners who want to understand more about how internal controls systems should work to reduce risks posed by corruption. Such an assessment can aid strategic efforts to enhance the integrity of government operations and to reduce the negative impact of corruption on the enforcement of IWT laws. Though this guide focuses on IWT, the same approach can be useful in other areas of natural resource management, such as forests and fisheries.

Note: The methodology presented in this guide assumes a basic understanding of governance, anti-corruption, and auditing and/or performance evaluation. It is not intended for self-implementation by those without a background in internal controls or risk management but can be helpful when considering outsourcing such work.

1. Getting started

Wildlife and natural resource agencies, law enforcement agencies, and other administrative and judicial units work together to investigate and prosecute violations of laws designed to protect wildlife from unsustainable and illegal exploitation. Some efforts may be effective, while others may be futile. Some units may operate based on well-documented policies and procedures while others may be managed in an ad hoc manner. Agency leaders and employees can act in the public interest or participate in corruption, including the exploitation of the natural resources that have been entrusted to their care.

Regardless of the current status of wildlife protection activities, strengthening systems of internal control can help improve performance and reduce corruption risks.

1.1 Looking at IWT through an internal control lens


Practitioners seeking to protect wildlife can use this guide to identify strengths and weaknesses in internal controls related to IWT and anti-corruption. Understanding the basics of how a country has designed and implemented its system of internal controls can assist NGOs and donor agencies in making well-informed decisions about how to provide assistance and support to strengthen wildlife protection and integrity functions. Strong systems of internal controls are likely to result in more effective programming and provide concrete evidence of impact and results. This approach is based primarily on the model offered by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) in the 2013 revision of its Internal Control Integrated Framework.

1.2 Why consider this approach to understanding systems of internal control?


Assessing the existing control structure and understanding how it supports the achievement of conservation goals, including law enforcement activities related to IWT, allows practitioners to:

  • Identify weaknesses, loopholes, and gaps that reduce an agency’s ability to achieve objectives. Such vulnerabilities can be exploited intentionally, through some form of corrupt behavior, but they can also foster an environment where mistakes and inefficiencies go unaddressed and hinder important goals;
  • Support the use of good practices to protect wildlife and enhance the integrity of governmental efforts to address IWT;
  • Encourage systems thinking and develop an awareness of the value of internal controls in the people responsible for enforcing laws and regulations related to IWT; and
  • Help develop a roadmap to guide future efforts and provide input for prioritizing the projects and activities most likely to result in measurable progress toward goals.

An effective system of internal controls can produce useful and reliable information for management and other stakeholders. When properly implemented, enhanced systems of internal control can also:

  • Provide agencies with an outside perspective on their policies, procedures, and practices;
  • Identify “blind spots” that increase corruption risks;
  • Amplify the voices of those who choose to behave ethically, even in situations where others may have chosen to act without integrity;
  • Help locate the “low-hanging fruit” – relatively easy fixes to persistent problems that may not be evident without an outside perspective;
  • Focus practitioner resources on problem areas that can be solved, to enhance effectiveness and to provide small wins that point to the possibility of bigger wins; and
  • Help identify leaders who are ready to work proactively to reduce corruption in their activities.

Importantly, this approach to understanding controls does not:

  • Involve the identification or investigation of actual instances of corrupt or improper behavior – although it could make such efforts easier and more effective in the future; or
  • Seek to identify or embarrass particular individuals, agencies, or countries. The process recommended here is designed to preserve the confidentiality of people and institutions.

We hope that lessons learned through application of this process will be shared, to allow others to benefit from the work that has been done. Although keeping country-specific details confidential can be important for some partners, results of control assessments from various countries can often be anonymized, combined, and reported in ways that still communicate important lessons about the relationship between internal controls and IWT enforcement objectives.

1.3 Using an internal control lens with programs at an early stage of maturity.


Internal controls surrounding wildlife activities are likely to be at the “informal” or “ad hoc” level, whether due to a lack of funding or because wildlife programs are only beginning to be implemented. This situation, where internal controls are absent, fragmented or siloed, indicates an earlier stage of internal control “maturity.”

Many widely used internal control assessment methodologies appear to focus on tools and features associated with higher maturity levels. These higher levels feature more extensive use of automated tools, key performance indicators (KPIs), and real-time monitoring, making them more lucrative for the commercial accounting or consulting firms that often market them. Less guidance is available to address wildlife-related internal controls for governments at earlier stages of maturity.

Additionally, much of the academic and professional literature about internal controls is deeply rooted in the fields of finance or accounting. This means most of the existing guidance can seem less directly relevant to IWT control objectives such as securing illegally harvested and seized ivory, ensuring the quality of forensic DNA testing, or rotating the staffing and routes of scouting patrols.

This document offers one approach to filling these gaps.

Box 1. A pilot study to explore internal controls in IWT enforcement

This Guide was developed to share lessons gained from a three-country study in Sub-Saharan Africa and Latin America. The Basel Institute on Governance used an internal control lens to analyze IWT-related law enforcement as an interlinking system of policies, procedures, and actual practices. The studies aimed to identify gaps, weaknesses, opportunities, and challenges that emerge when the system is considered holistically. The research built on previously completed political economy analyses and corruption risk assessments. The studies sought to examine how internal control systems are working (or not) to address high-priority risks identified in the corruption risk assessment and also to identify opportunities to mitigate risks and help achieve the agencies’ objectives through a strengthened system of internal controls.

2. Designing the assessment

It is helpful to approach the assessment like a research project aimed at generating highly targeted and practical recommendations.

2.1 Developing research questions


Using the lens of internal control, the best research questions are the ones that lead to actionable answers. A good rule of thumb when selecting research questions is to consider whether the answer is likely to affect your recommendations or suggested next steps. While specific details vary, most assessments of internal controls for IWT-related law enforcement are concerned with at least three things:

  • What is the internal control system to manage corruption risks that is already in place?
  • How effective are the controls as currently operating?
  • What can be done to strengthen anti-corruption controls?

Depending on the focus of the review, other important research questions might address legal or regulatory authorities, key success and challenge factors, monitoring and evaluation activities, lessons learned, and opportunities for collaboration. The actual research questions used as part of a wider three-country project in Sub-Saharan Africa and Latin America are in Annex 1.

2.2 Working from assessed risks


The scope of reviews can vary in accordance with the needs of the organizations involved. Generally, no more than three to five high-priority risks, as identified through a corruption risk assessment or similar analysis, should form the primary subject matter of the review of internal controls. In some cases, a single risk might be targeted, especially in instances where donors are developing programming to address a specific problem or concern, such as the poaching of a single animal or plant species.

Considerations for selecting the specific risks to be addressed include:

  • Priority – Generally, risks that are ranked highest in priority are good candidates for review. However, choosing the top three or top five risks does not automatically produce the best results. Some degree of judgement is needed in making the selection. For example, if a wildlife agency is already working to strengthen accountability for confiscated wildlife and wildlife products, risks related to physical evidence might be a good choice to review, even if this risk is not one of the highest priorities.
  • Suitability – A few common risks are unlikely to be mitigated through internal controls. For example, while “lack of resources” can present an important corruption risk, there are relatively few internal control processes applicable to “lack of resources” and this risk is probably not a good candidate for this methodology. Other risks, such as those related to personnel system weaknesses, are more suitable for mitigation using an internal controls approach.
  • Synergies – Some corruption risks can be mitigated by similar risk reduction strategies. For example, many of the same internal controls are useful to mitigate both undue external influence (outsider attempts to affect official actions) and collusion (irregular agreements or deal-making). Therefore, it might make sense to choose both risks and analyze them together.
  • Feasibility – Resource limitations and other constraints might make some corruption risks more appropriate for review than others. For example, if the number of days to conduct interviews is limited, fully addressing one or two key risks might produce more useful results than gathering scattered information about the seven or eight top priority risks.

The success of this methodology can be influenced by the quality of the risk assessment that is used to identify, prioritize, and select the specific risks to be addressed. In the Basel Institute’s “MCAR Methodology,” key corruption risks identified via corruption risk assessments are used as a starting point. These risks are then analyzed, filtered, and grouped into primary risk categories. Then, the risks are further prioritized, with higher priorities being assigned to risks present at multiple stages in the criminal justice process.

Other established risk assessment approaches could also be suitable as long as the risk assessment process directly addresses the unique aspects of IWT-related law enforcement. Generalized financial or managerial risk assessments (such as the ones done as part of annual financial statement audits) are unlikely to offer an appropriate basis for this internal controls methodology.

Considering the challenges that face IWT enforcement activities through both the lens of corruption risk and the lens of internal control objectives provides a more complete and informative view of current operations. This will lead to more effective processes and procedures.

2.3 Spanning institutional boundaries


A process-focused approach that spans departmental and ministerial boundaries and includes all the agencies with responsibilities that touch on the enforcement of wildlife crime is likely to produce the most actionable results. Said another way – if at all possible, plan to look at controls holistically, where the unit of analysis is the overall law enforcement cycle, including both preventive and detective controls.

2.4 Doing the initial background research


The purpose of initial background research is to develop a “big picture” understanding of the different agencies and individuals making up the overall system of internal controls. Whether researchers come to the project with a detailed understanding of the processes already in place to address wildlife crime or whether they begin with a blank slate, the first steps involve determining which specific government entities have responsibility for the issues under review. Sometimes this is easy to determine (e.g., national wildlife authorities or the agencies that oversee national parks and other protected areas) and sometimes the relevant agencies may be less obvious, as in the case of authorities responsible for revenue or customs enforcement. In addition, understanding the connections between various agencies can be one of the most challenging aspects of the background research. Even the individuals who work in an agency may not be able to explain the specifics of how their agency works with others.

The political economy analyses conducted by NGOs, donors, and others can often provide a treasure trove of background information to help move the research forward. A good internet search is likely to disclose valuable context about relevant agencies and the issues they face in preventing, investigating, and prosecuting IWT. Additional ways to gain a preliminary perspective on agencies and their internal controls include reading reports prepared by government agencies and NGOs, as well as a variety of news and academic articles. No matter how the researchers choose to develop their initial understanding of the overall context, it is a good practice to test that understanding by discussing it with someone who has direct knowledge of the agencies and systems involved.

One key aspect of the initial background research is to understand how a case moves through the criminal justice system. Determining which specific entities investigate and/or prosecute wildlife crimes can be difficult, as can determining what courts are responsible for their adjudication. Internal controls related to law enforcement activities might have very little to do with direct case work, involving different personnel, IT, and security management systems.

At a minimum, the background research should determine:

A. Who initially identifies and/or investigates IWT;

B. How and when a resource agency (e.g., a national wildlife agency) seeks assistance from or refers a case to a law enforcement (e.g., police department or defense agency) or prosecutorial entity; and

C. How cases move through the court system, including how decisions are made to prosecute or drop cases; how and when bail is granted; how sentences are imposed, including judicial compliance with sentencing guidelines; and processes for appeal and dismissal.

In countries where programs are under-resourced, new, or developing, much of this information may be undocumented and ad hoc, adding to the difficulty of designing the internal control research. When background research indicates that documentation may be sparse or inconsistent with the actual practice, be aware that more interviews and additional analysis will likely be needed to develop the necessary level of understanding.

Integrity or oversight agencies – such as Auditors General, Offices of Inspector General, Anti-corruption Bureaus, etc. – can be important parts of the overall internal control system for all types of anti-corruption activities, including those associated with wildlife crime. To the degree that integrity agencies provide oversight and monitoring of other governmental agencies, they are frequently responsible for reporting on the effectiveness of internal control systems and making recommendations for necessary enhancements. Unfortunately, wildlife agencies are commonly omitted from an integrity agency’s oversight activities, especially in the common case where prioritization of review efforts is directly tied to the amount of government funding involved. Understanding the degree to which wildlife activities are the subject of monitoring and oversight activities is an important part of background research.

This initial understanding is only a starting point and should be refined or corrected as the research unfolds. Nevertheless, sufficient time should be allocated to this phase of the review.

2.5 Communicating about the research


Ensuring a shared understanding about the objectives and scope of the research with agency leadership and program managers early in the review can enhance trust and encourage collaboration with the process. For agencies where a positive working relationship is already in place, an email or phone call may suffice to start the process. However, it is a good practice to meet with agency leadership or send a letter to the agency head setting out the objectives of the assessment, explaining that the results are for the benefit of the agency and will not be made public, and requesting a liaison who can provide contact information for individuals to be interviewed and respond to requests for documents or other information.

Agency leaders will likely have questions and may offer suggestions of areas that they believe should be included in the review. Explaining procedures, such as confidentiality protections for participants, can enhance trust in the process and lead to better relationships throughout the review and into the future. Obtaining a letter of authorization or introduction from major donors or from agency leadership supports the evaluator’s authority to conduct the work and can encourage individuals to participate in interviews and provide documents.

3. Conducting the research

This methodology relies on three ways of learning about the internal control structure as related to IWT:

  • Discussion with knowledgeable individuals regarding existing policies, procedures, and practices, as well as challenges and opportunities (See Section 3.1);
  • Review of written documentation, including plans, policies, procedures, and practices as well as reports, assessments, and other materials (See Section 3.2); and
  • Analysis of the system of internal controls to identify gaps and develop recommendations to enhance the control structure (See Section 3.3).

The research questions (described in section 2.1, above) will be a useful guide for each stage of data collection and analysis. When interviewing people about their experiences and when analyzing written documentation, it will be important to keep the specific research questions firmly in mind. It may be necessary to adjust the data collection instrument if it is not producing the information needed, and it may also be necessary to conduct additional interviews or seek out additional documents to fully answer the research questions.

Generally, each research question will be answered via a combination of testimonial evidence (gathered through interviews), documentary evidence (gathered through reviewing policies, procedures, reports, etc.) and analytical evidence (likely developed through careful consideration and comparison of the data collected and application of the COSO model).

3.1 Gathering data from people


When agencies and their partners are under-resourced or in the process of developing and implementing new or revised programs, the systems of internal controls relating to IWT are likely to be informal and/or undocumented. As a result, people with responsibility for implementing the controls and other stakeholders who interact with the system are key sources of insight. Semi-structured interviews are an effective way to elicit information about how the system of internal controls actually works in practice as well as about specific challenges, risks, and opportunities for future enhancements.

What to ask


In contrast to structured interviews, where every question is pre-planned and each respondent is asked identical questions, semi-structured interviews have the advantage of allowing the interviewer to adjust questions based on the individual’s responses and to ask clarifying and follow-on questions as warranted. Individuals interviewed can express themselves more fully and give reasons for their answers. Semi-structured interviews typically create a more friendly and collegial atmosphere, leading to more candid and completed responses. They also allow room for unexpected topics to be addressed.

Box 2. Leaving room for the unexpected

In conducting interviews, expect to hear about unexpected facets of the issues. Semi-structured interviews are particularly useful in their ability to produce unanticipated responses and to raise novel or surprising concerns.

For example, in discussing the corruption risk associated with information leakage, individuals participating in the original corruption risk assessments focused on the disclosure of personal or private information about investigators, prosecutors, and others involved in legal proceedings and on the importance of maintaining the confidentiality of whistleblowers. As a result, interviewers expected to hear about the controls associated with the protection of personal privacy data as part of the more detailed internal control interviews. However, many interviewees also expressed concern with the disclosure of information about the location of rare or valuable animals and plants. Further, the need to protect the security of digital data was also revealed to be an important aspect related to the corruption risk of information leakage. As wildlife protection activities become more dependent on technology, the importance of ensuring the security of digital data increases.

However, semi-structured interviews are not unstructured, general conversations about internal controls. Semi-structured interviews utilize a framework of themes, so careful planning of the framework helps ensure coverage of important topics and allows for easier analysis of results.

The framework of themes for the semi-structured interviews should be tailored to fit the research questions. For internal control assessments of IWT and anti-corruption in a law enforcement context, themes for inquiry should include:

  • The respondent’s role in the activities under review
  • Objectives and effectiveness of the activities
  • Specific controls related to each activity,[1] including:
    • Methodology and practice – What actually occurs?
    • People – Who is involved and what is their role?
    • Systems and information – What kinds of records or reports address the activity?
    • Communication and reporting – Who is notified and how does this happen?
    • Policy – What written policy or other guidance exists to address the issue?

It is not a problem if the people interviewed have difficulty in answering the questions about specific internal controls, as many people are not aware of how their own efforts interact with the overall system. Knowing whether the people interviewed are aware of their own agency’s policies and procedures or why they are required to complete their work in certain ways can itself be useful information.

Appendix 2 includes an example of a data collection instrument designed to address identified corruption risks related to IWT and law enforcement. This document addresses several common control objectives, but it will be necessary to tailor the data collection instrument to reflect the unique circumstances of your review.

Box 3. Using open-ended questions and probing for details

Designing your data collection instrument with lots of open-ended questions will produce better and more complete information for your assessment of internal controls. Open-ended questions can’t be answered with a “yes” or “no” and therefore require more thought than closed questions.

For example, if evidence is generally maintained by the police, asking an employee of a different agency the closed question “does your organization collect and preserve evidence for legal proceedings?” might elicit a simple “No” for a response. However, asking the question another way – “what role, if any, does your organization play in the collection and preservation of evidence for legal proceedings?” – might produce a more complete explanation and detail the steps that are to be taken when evidence of a crime (e.g., a carcass of a poached animal) is discovered by an employee (e.g., protect the site, make a report to superiors, immediately contact the police).

Once an initial question has been answered, consider probing for additional detail. In the example above, it might be important to ask what happens if the police do not respond in a timely manner to the site of the crime or how procedures might be different when the evidence is a living animal. Probing questions can sometimes reveal gaps or weak points in existing controls. They also offer respondents an opportunity to share additional concerns, suggestions, and areas of uncertainty.

Who to ask


To the degree possible, interviews should be conducted with a wide range of respondents. When selecting individuals to be interviewed, strive for a mix of the following:

  • Organizational roles: Try to interview people with different levels of responsibility, including those who are actually responsible for overseeing or implementing the activity under consideration. Senior leaders often have a more complete understanding of how systems of control operate and can be an excellent source of information, but don’t overlook the value of speaking with people who do the day-to-day work. The perspective of an investigator who visits the carcass of a poached rhino to collect evidence of the crime may be very different from that of a program manager or high-level administrator. Each viewpoint is likely needed for full understanding.
  • Methods of identification: Try to interview people suggested by or identified from a variety of sources. include both individuals recommended by agency leadership or their designated liaison and at least a few people who were not specifically identified by the agency under review, because leaders sometimes tend to suggest people who share their own perspectives. Sharing the general topics to be discussed in advance is likely to result in better targeted recommendations and may lead to referrals of individuals who are working on improvement initiatives or who have detailed expertise in a particular area. Don’t discount the potential insights to be gained from speaking with a person who sees things differently. Asking “who else should I speak with” at the end of each interview is likely to produce candidates with interesting and sometimes divergent viewpoints.
  • Employees from integrity units: When possible, interview the agency’s internal auditor and employees of the anti-corruption agencies, integrity committees, offices of inspector general, and supreme audit organizations. Even if these organizations do not have specific work addressing the topics under review, they may have important insights on approaches that have been useful in other contexts or be able to share information about related reviews and assessments.
  • Other knowledgeable parties: Consider interviewing people with outside perspectives on the issues under review, including employees of NGOs and representatives of civil society with an interest in wildlife or anti-corruption issues; academics who deal with issues related to the topics under review; journalists who report on wildlife-related topics; and former agency heads or retired leaders.

When selecting people to interview, work toward a mix of genders and geographic, economic, and ethnic backgrounds. When tribal or indigenous people are affected by the issues under review, it is a good practice to seek the perspective of both leaders and others who are likely to have insight into local concerns.

The identity of each individual respondent should be carefully protected and the confidentiality of individual interview responses maintained. This is not possible when interviews are conducted in group settings, so individual interviews are strongly recommended. Recording interviews, with the express permission of the interviewee, is a good way of making sure that an individual’s responses are accurately collected. Automated transcription software can produce useful documentation of what is said.

3.2 Gathering data from documents


Documentation of internal controls related to IWT enforcement may be incomplete or outdated, especially when programs are under-resourced or in the process of change. Nevertheless, reviewing and understanding the written policies and procedures that guide an agency’s actions are an important part of any assessment of systems of internal control.

Request documents early in the review as agencies may take some time to get approvals for sharing or to locate difficult-to-find items. It can be useful to remind agency liaisons that additional document requests should be expected throughout the review, as relevant materials are often identified during interviews or are referenced in policies, procedures, and other documents.

Use broadly inclusive language when asking for documents and ask for policies, procedures, regulations, administrative orders, standard operating procedures, codes of conduct, training materials, and any other sources of guidance about the topics under review. Soft (electronic) copies make information sharing between review team members easier, but hard copy documents can be scanned. If documents are available over the internet, requesting links to the relevant information can make complying with requests easier for the agency liaison. Learning that an agency doesn’t have written policies or procedures for a certain area can be important too and may lead to recommendations that informal practices be documented.

In some cases, agencies may not be willing to share certain types of documents, especially those related to sources and methods of investigative activities. Additional interviews may be necessary in these instances, with more detailed questioning about how control activities are conducted. It is also worth noting that many policies are in fact not documented, though they are well-established and well-known inside the agencies. In those cases, interviews will be invaluable and an “easy win” recommendation might be to formalize these informal practices.

When making document requests, it is a good practice to ask for any periodic reporting made by the agency, any outside reviews conducted by integrity agencies or NGOs, and other studies that address the areas under review. Internet searches may turn up additional documents or assessments that can offer additional perspectives on aspects of the control system, but care should be taken to consider the validity and relevance of information from unfamiliar sources.

3.3 Putting it all together – analyzing the system of internal controls


Making meaning out of all the interviews and policy documents can be a daunting task, but the following approach – with its roots in thematic analysis – offers a simple way to answer research questions about informal or ad hoc systems of internal control.

  1. First, carefully read all the interviews and each piece of documentary evidence, with an eye to identifying ideas that seem to be related to one or more of the five basic components of an effective internal control system: Control Environment; Risk Assessment; Control Activities; Information and Communication; and Monitoring.[2] Be aware that the internal control components may not be identified as such. (Refer to the Basel Institute’s topic brief “Internal controls: a systemic approach to corruption prevention and law enforcement integrity” for guiding questions and other information to help with this process.)
  2. Create an initial list of the main ideas that emerge from your reading of the documents and use it to assign a code to each block of data. Codes can include the specific corruption risks addressed (e.g., undue influence, tampering with physical evidence), the category of control (e.g., written policy, systems and information), or other themes that emerge from the analysis (e.g., problems with valuing resources or concerns with information technology security). A single paragraph or block of data will frequently contain multiple codes.
  3. Next, begin categorizing the various data extracts into themes and subthemes. There are many ways of doing this. One is visual mapping by writing each code on a separate piece of paper and creating theme piles. Mind maps or various types of tables are helpful. It is also helpful to use a spreadsheet to create a matrix that summarizes the data and cross-references the sources that support each example of a particular code and theme. For projects with larger amounts of data, qualitative analysis software such as MAXQDA or NVivo can be worthwhile. It is likely that unanticipated topics will be identified during the categorization process, requiring that additional topics and codes be added to the initial list of main ideas.
  4. Do a “reasonableness” check on your results. Consider the possibility that:
      • People may have been hesitant to answer questions in ways that they believe might reflect negatively on them or their agencies. For example, even though a recent corruption risk assessment had identified the loss of physical evidence as a high-priority risk, a prosecutor interviewed in the three-country study advised that the loss of evidence was “impossible” and there had never been such an issue. However, researchers spoke with individuals who had visited the agency and described the haphazard storage of evidence in halls and on desktops. Since other interviewees had acknowledged the risk of evidence loss, and since written policies and procedures did not directly address aspects of security for evidence, the team did not rely on the prosecutor’s perspective concerning physical evidence.
      • People may describe aspirations rather than actual current practice. For example, multiple people described an agency’s integrity committee that received and acted on complaints of undue influence, among other activities. However, none of the people interviewed were able to identify who the committee members were, or how they could be contacted, or provide any details of their activity. After additional probing questions and interviews, the team found that this integrity committee was an aspiration that had not yet been implemented. When specific details (e.g., who implements a control or how many instances of something have occurred) are lacking, it is good practice to seek additional information before concluding that a control is in place and operating. Interviewees are typically aware that stronger controls are considered better by the interviewer and commonly present an aspiration as an existing reality.
  5. Develop suggestions or recommendations for future action. In many instances, a single activity can be used to mitigate multiple issues. For example, an effective system for citizen complaints can help mitigate risks related to undue influence, collusion, weaknesses in the personnel system, and other inefficient or wasteful practices.

    Ensure that suggestions include provision for monitoring and evaluation efforts and encourage public reporting of lessons learned as a way of benefitting others who may face similar challenges. Brainstorming sessions among well-curated small groups of technical experts can be tremendously valuable, as individual authors often struggle to come up with new ways to address challenges within a given system’s constraints. Good practice includes discussing potential recommendations with affected individuals to the extent possible to gain perspective about recommendations’ utility and practicality.

    Box 4. Corruption risk vs. enhancing integrity

    Sometimes, interviewees are unsure about the views of their own leadership and may be concerned about how their answers will be received if others become aware of what they say. Additionally, in some contexts, statements that suggest a need for improvement can be viewed as disloyal or inappropriate. Therefore, it is important to tailor questions about sensitive topics like bribery and corruption in ways that make it more comfortable for interviewees to answer. In conducting interviews, use judgment in asking about sensitive issues and consider phrasing questions in terms like “integrity” instead of “corruption” if respondents seem particularly uncomfortable. Remind interviewees that no one is required to answer questions and that any responses an individual chooses to provide will be kept completely confidential, for use only by the review team.

    3.4 Communicating results and making suggestions for future action

    Documenting the results of the assessment in a written report can help government and other stakeholders understand corruption in the established system of internal controls. A written report may also identify opportunities to enhance aspects of the current control structure in ways that reduce corruption risks and help achieve control objectives.

    The contents of the report can vary according to the needs of the intended users. A suggested approach includes:

    • A high-level discussion of internal control systems in relation to IWT enforcement activities currently in place;
    • The research questions and details of the methodology used in developing answers to those questions;
    • A description of cross-cutting internal control issues, emphasizing the ways in which key government-wide internal control processes and practices have or have not been applied within the IWT context;
    • An explanation of existing anti-corruption internal control systems, as described in interviews with key informants and represented in policy documents and other supporting literature; and
    • General recommendations and considerations for future action to enhance the effectiveness of internal controls systems in addressing corruption risks and supporting the achievement of control objectives relating to IWT. When more than one agency is included in the assessment, detailed and specific suggestions for individual governmental units can be included as annexes to the report. Distribution of the annexes can be limited to the particular agency involved, at the discretion of the affected agency.

    The presentation of such reports to government counterparts can be quite sensitive and much depends on these presentations for the possibility of future collaboration. Consider the following suggestions, based on experience:

    • Highlight that the research is intended to address opportunities for system strengthening and not to criticize an existing approach.
    • Link recommendations, wherever possible, to existing government requirements for risk assessment, audit, or corruption prevention. While almost all governments have these, many are not sufficiently implemented. Internal controls reviews can in fact serve as a major step towards making the agency in question compliant with these requirements, something that will no doubt make the report far more valuable.

    Executive summaries are frequently the only section agency leadership will read. Make sure to focus sufficient time on drafting these and include all recommendations for follow-on action.

    Annex I. Research questions used in the pilot project

    The following research questions were used as part of the wider three-country project in Sub-Saharan Africa and Latin America.

    • What is the legislative/regulatory basis for internal controls?
    • What are the internal control systems in place at selected natural resources management and IWT-relevant agencies to manage key corruption risks identified through the corruption risk assessment?
    • How effective are these systems at mitigating corruption risks?
    • What are the key success and challenge factors that the units experience?
    • What measures can be taken to enhance the effectiveness of internal control systems?

    Annex II. Sample data collection instrument

    The following instrument provides an example of how data was collected as part of the three-country study. The specific corruption risks described below are common risks, likely to be encountered when this guide is used for future research. You will need to adapt the discussions of corruption risk to the specific situation you are reviewing and adjust questions and probes accordingly.

    Introduction

    1. Thank the respondent for taking the time to participate in the interview.
    2. Introduce yourself and the other evaluation team member(s) conducting the interview.
    3. State the overall goal: in this case, you are conducting research to better understand the potential for strengthened internal control systems and units in their own and partner agencies.
    4. As appropriate, provide brief information about the specific activity, e.g., the objective of the activity is to develop an understanding of opportunities to use an internal controls approach to prevent corruption (or enhance integrity – see Box above “Corruption Risk vs. Enhancing Integrity”) in wildlife management agencies. [Note: Adjust as needed to reflect the objectives of your research]
    5. State the purpose of the research, the “why,” which in this case is to generate evidence on the existence, functioning, and effectiveness of internal control systems in relevant government agencies. [Note: Adjust as needed to reflect the purpose of your research]
    6. State the objectives of the interview, which are to (i) gather information about existing internal controls and how they interact with potential corruption risks (or challenges to integrity) and (ii) learn the respondent's opinion about these internal controls in as much as the respondent is familiar with the activity and has an opinion about it. [Note: Adjust as needed to reflect the objectives of the interview]
    7. Mention approximately how long the interview will last. [Suggested time: 45 minutes to 1 hour]
    8. Mention that you and/or the other member(s) of the evaluation team will be taking notes.
    9. If you intend to record the interview, obtain the respondent’s consent.
    10. Share your statement of informed consent. Emphasize that responses will be kept confidential, for use only by the review team. In any report, respondents will not be individually identified or referred to in a way that allows them to be identified. Also, they may choose not to answer any individual question or questions.
    11. Check whether the respondent has any questions.

    Notes to interviewer

    1. Think about the role of the person you are interviewing and what they may know. You may need to vary the starting point for questions to help ensure that time pressures do not inadvertently result in reducing the depth of responses for categories at the end of the interview.
    2. Every situation will be different and the specific corruption risks, control objectives, suggested questions and associated prompts will need to be adjusted to reflect the concerns and issues of each individual review. The following examples of commonly encountered corruption risks are provided as a starting point:
      • Undue External Influence and/or Collusion
      • Procedural Abuse, Undue Internal Influence, and/or Case Weakening
      • Tampering with Physical Evidence and Evidence Procedures
      • Information Leakage
    3. Each section below covers a commonly encountered corruption risk. To orient the interviewer, the specific control objective and examples of risks identified in the corruption risk analysis are listed, followed by specific questions related to that control objective and risk. The control objective and risk information should not be read or shared at any length with the person being interviewed. It is included here to help team members understand how the narrative information to be gathered will link to the corruption risk analysis and to help ensure that they get full, thoughtful answers with enough specificity. Similarly, information in brackets […] is provided in the event that probing is needed to get respondents started talking.

    Undue external influence and collusion

    [Note: This is provided as an example of one way to approach a commonly encountered corruption risk. Substitute the risks you intend to consider, as warranted.]

    Background for interviewer


    Control objective
    – Government employees exercise their roles with integrity and react appropriately to attempts by external parties to improperly affect official actions. (Attempts to affect official actions can be as overt as direct bribes, threats, or impediments, or as indirect as implications and hints about future benefit or harm – all intended to motivate the government employee to take (or not take) a particular action. This does not include appropriate advocacy for an alternative position or viewpoint, nor does it include normal representation, supervision, oversight, or quality control activities.)

    Examples of risks include:

    • Political, social, economic, or diplomatic pressure from foreign officials, well-connected individuals, criminal organizations, and others [e.g., cash or other inducements]..
    • Improper contacts from defense lawyers or other persons involved in the case, particularly if they previously worked for the authority or have otherwise strong relationships with serving officers or prosecutors.
    • Witnesses testifying against the suspect being persuaded to change their statements.
    • Irregular meetings and deal-making between prosecutors, magistrates and/or the defense either directly or through third parties.
    • Monetary bribes exchanging hands, including attempts by suspects themselves to informally settle a case with either investigators or prosecutors before it goes to trial.

    Questions relating to undue influence and collusion


    A. Respondent’s role in the activity

    • What role do you play in supporting integrity in government? What, if any, responsibility do you have for wildlife protection?

    B. Objectives and effectiveness of the activity

    • What is your understanding of your agency’s objectives in preventing improper influences on government actions? Is there anything unique, particularly in relation to actions relating to wildlife?
    • In your opinion, what part of your agency’s actions have worked well to avoid/discourage/identify/address improper influence? Which areas could be improved and how?
    • In your view, what external factors significantly enhance your agency’s ability to deal with improper influence? What external factors significantly constrain your agency’s ability to deal with improper influence?
    • To your knowledge, what impact has your agency had on the prevention of undue influence?

    C. Controls related to undue external influence

    • Methodology and process: Thinking about the more likely types of undue external influence, tell me how that might occur. [Probe for details; who reports what to whom? What forms are completed? Who makes key decisions? If something is likely to go wrong, what will it be?]
    • People: Who (roles, not names) is involved in taking action to deal with attempted or achieved undue external influence? Generally, to whom should attempts at undue influence be reported? Who decides what next steps are to be taken? Who, if anyone, records the incidents and to whom are the reports made? Who else is told about the attempt? Is there anyone who is not to be told? Who decides to dismiss or take no action over a potential attempt at undue influence? Does anyone review this decision? How do employees know what to do if they suspect undue external influence? Is there training on specific actions to be taken in response to an attempted bribe? What actions are employees to take if threatened?
    • Systems and information: What kinds of records are available about the types of undue influence or collusion that may have been encountered or observed in your agency? What form do these records take and how complete/reliable do employees believe them to be? How are the records maintained [paper, located in one person’s office, electronic database]? Who has access to the records? Are results compiled and analyzed [to look for trends, repeat offenders, area of concern, emerging problems, etc.] and by whom? What else would it be helpful for your agency to know about this issue?
    • Communication and reporting: Are concerns about undue external influence (attempted or actual) reported to anyone outside your agency? How is this accomplished [periodic reporting, press releases, public service announcements]?
    • Policy: Does your agency have a written policy or other guidance to address the types of undue external influence likely to be encountered, observed by, or reported to your agency? Generally, what is that policy and what thoughts do you have about its effectiveness?

    Procedural abuse and undue internal influence – case weakening


    [Note: This is provided as an example of one way to approach a commonly encountered corruption risk. Substitute the risks you intend to consider, as warranted.]

    Background for interviewer


    Control objectives
    – Legal proceedings are brought based on fully developed investigative cases, supported by evidence addressing each element of the crimes or offenses. Specific charges are consistent with the facts of a case and the rationale for decisions that appear to weaken cases is shared, as allowable by law. (Procedural abuse in the form of case weakening refers only to actions taken for corrupt purposes or based on favoritism or other inappropriate bases. Case weakening does not include actions taken due to articulable shortcomings in the case as prepared, limitations on available resources, or plea bargaining when it is undertaken for purposes that are not corrupt. Generally, actions that appear to weaken a case and can be explained to other knowledgeable individuals or appealed by those who disagree would not be considered procedural abuse in the form of case weakening.)

    Examples of risks related to case weakening include:

    • Presenting fewer, or different (less serious) charges;
    • Submitting weak legal proceedings that appear intended to fail in court or to lead at most to a trivial sanction; and
    • Being selective in terms of which witnesses and evidence are produced in court with the aim of leaving out important elements that could lead to a successful prosecution.

    Questions relating to procedural abuse and undue internal influence

    A. Respondent’s role in the activity

    • What role, if any, do you play in preparing cases for eventual legal proceedings? In assessing the quality of cases and determining the appropriate charges to be brought? In determining the evidence and witnesses to be presented in court? What, if any, responsibility do you have for wildlife protection?[3]

    B. Objectives and effectiveness of the activity

    • What is your understanding of your agency’s objectives in developing criminal cases to be presented in court? Civil cases? Administrative cases? Is there anything unique, particularly in relation to actions relating to wildlife?
    • In your opinion, what part of your agency’s actions have worked well to ensure the development of strong cases that incorporate adequate evidence of crimes and offenses? Which areas could be improved and how?
    • In your view, what external factors significantly enhance your agency’s ability to develop and present strong cases? What external factors significantly constrain your agency’s ability to develop and present strong cases?

    C. Controls related to the development of strong, fully supported cases

    • Methodology and process: Thinking about the more likely ways that a case might be intentionally weakened, tell me how that might occur. [Probe for details; who reports what to whom? What forms are completed? Who makes key decisions? If something is likely to go wrong, what will it be?]
    • People: Who (roles, not names) is involved in taking action to deal with potential case weakening? Can the individual suspected of procedural abuse in the form of case weakening be asked to explain the rationale for actions? Does this happen in practice? Is the individual suspected of procedural abuse required to account for actions to any other party or organization [e.g., written opinions, appeals processes]? Generally, to whom should suspected case weakening be reported? How do individuals who suspect intentional case weakening know what action to take?
    • Systems and information: What kinds of records are available about the quality and effectiveness of investigative cases developed in your agency? What form do these records take and how complete/reliable do employees believe them to be? How are the records maintained [paper, located in one person’s office, electronic database]? Who has access to the records? Are results compiled and analyzed [to look for trends, repeat offenders, area of concern, emerging problems, etc.] and by whom? What else would it be helpful for your agency to know about this issue?
    • Communication and reporting: What channels of communication exist between individuals who develop cases, those who charge cases, and those who present cases in court or other proceedings? Are concerns about potential case weakening reported to anyone outside your agency?
    • Policy: Does your agency have a written policy or other guidance to address how investigative cases are to be developed and documented? Generally, how does the guidance address:
      • Staff qualifications [e.g., education/experience, character]
      • Independence [e.g., personal impairments such as official, professional, personal, or financial relationships; external impairments such as assignment of cases, denial of access, or content of investigative reports]
      • Due professional care [ e.g., fair and impartial manner; perseverance necessary to determine the facts; investigative reports supported by adequate, accurate and complete documentation in case file]
      • Case planning [e.g., individual case plans, contemporaneous interview notes, exculpatory evidence, and mitigating information]
      • Information management [e.g., specific procedures; tracking investigative results; orderly, systematic and accurate information management system]

    Tampering with physical evidence and evidence procedures


    [Note: This is provided as an example of one way to approach a commonly encountered corruption risk. Substitute the risks you intend to consider, as warranted.]

    Background for interviewer


    Control Objective
    – Evidence is collected and preserved in such a way as to ensure that all known or obviously relevant material is obtained, the chain of custody is preserved, and the evidence is admissible in any subsequent proceeding. When physical evidence is disposed of, it is in accordance with applicable laws and regulations, in a way that is verifiable by an independent third party.

    Examples of risks related to evidence include:[4]

    • The potential for files or particular pieces of evidence to get “lost” or be stolen by insiders or external parties;
    • Poor infrastructure (e.g., unlocked or unguarded storage facilities);
    • Malicious actors who tamper with evidence procedures (e.g., first responders being persuaded not to collect evidence or to leave evidence behind at the scene);
    • Evidence or evidence records disappearing during the transfer of case files; and
    • Reliance on outside payments (due to insufficient financing for operational needs such as fuel and expenses) as a prerequisite to collect evidence. This might in turn influence the level of effort and diligence that law enforcement officials exert while collecting evidence.

    Questions relating to tampering with physical evidence and evidence procedures


    A. Respondent’s role in the activity

    • What role, if any, does your organization play in the collection and preservation of evidence for legal proceedings? Does your agency have a role in the disposal of evidence after proceedings have been concluded? What unique challenges, if any, do you encounter in dealing with evidence related to wildlife specimens?

    B. Objectives and effectiveness of the activity

    • What is your understanding of your agency’s objectives in collecting and preserving evidence? Has your agency encountered difficulties related to having enough resources to collect evidence (e.g., for fuel and expenses) and what actions are taken if resources are not adequate to collect needed evidence? How do the individuals charged with collecting and preserving evidence know what is to be collected and preserved?
    • In your opinion, what part of your agency’s actions have worked well to ensure the collection and preservation of evidence? Which areas could be improved and how? In your view, what proportion of the known and obviously relevant evidence is collected and what actions can be taken if substantial evidence cannot be collected or preserved?
    • In your view, what external factors significantly enhance your agency’s ability to collect and preserve known and obviously relevant evidence? What external factors significantly constrain your agency’s ability to collect and preserve relevant evidence?
    • Are there categories of evidence that present special difficulties? How does your agency address evidence developed through the work of specialists, such as criminal laboratory examiners, computer forensic examiners, and financial experts?

    C. Controls related to the collection and preservation of evidence

    • Methodology and process: In practice, what types of evidence are collected for typical criminal cases and who actually does the physical collection? Who determines what is to be collected? Who is responsible for maintaining the chain of custody? What happens if a field unit lacks money for fuel or other needed resources to collect evidence?

    Thinking about the more likely ways that evidence might be lost, compromised or stolen, tell me how that might occur. What would actually happen if evidence went missing? How does this differ when evidence has a high market value? How is this handled if evidence is compromised while being transferred from one administrative unit to another? [Probe for details; who reports what to whom? What forms are completed? Who makes key decisions? If something is likely to go wrong, what will it be?]

    How often are inventories of evidence taken? Who completes the inventories and to whom are reports of any shortages or other problems reported? Is physical security of evidence assessed as part of these inventories?

    • People: Who (roles, not names) is involved in taking action to deal with missing or compromised evidence? Is it possible to identify exactly who has responsibility for each individual piece of evidence as an aid to understanding how evidence may have gone missing? Are records maintained in such a way that theft of a piece of evidence does not also result in loss of the record of who is accountable for the evidence? Can the individual who last had custody of the lost evidence be asked to account for it? Does this happen in practice? Is the individual suspected of losing evidence required to account for their actions to any other party or organization?
    • Systems and information: What kinds of records are available about the types, amounts, and locations of evidence supporting cases developed in your agency? What form do these records take and how complete/reliable do employees believe them to be? How are the records maintained [paper, located in one person’s office, electronic database]? Who has access to the records? Are results compiled and analyzed [to look for trends, people who encounter loss of evidence, areas of concern, emerging problems, etc.] and by whom? What else would it be helpful for your agency to know about this issue?
    • Communication and reporting: What channels of communication exist between the sending and receiving agencies when evidence is transferred from one agency to another? Does the receiving agency sign for or otherwise accept accountability for evidence transferred to them? Are concerns about lost or compromised evidence reported to anyone outside your agency?
    • Policy: Does your agency have a written policy or other guidance to address how evidence is to be collected and preserved? Generally, how does the guidance address:
      • Compliance with rules of evidence;
      • Objectivity, including provisions to ensure that evidence is gathered and reported in an unbiased and independent manner in order to determine the validity of an allegation or to resolve an issue. This includes inculpatory and exculpatory information;
      • Collecting and preserving evidence derived through various techniques, including interviews of complainants, witnesses, victims, and subjects; reviews of records; surveillance and consensual monitoring; undercover operations; use of computer technology, and biological specimens;
      • Preservation of the chain of custody, including physical security of evidence;
      • Preservation of evidence for future proceedings (i.e., eventual charges that may be brought against individuals higher up within a criminal enterprise);
      • Disposal of physical evidence, including any special provisions for evidence that has intrinsic or market value.

    Information leakage


    [Note: This is provided as an example of one way to approach a commonly encountered corruption risk. Substitute the risks you intend to consider, as warranted.]

    Background for interviewers


    Control objective
    – Sensitive information is properly safeguarded and disseminated only to those with a need to know. Information to be protected includes personal data about government employees, witnesses, informants, and others who might be at risk from retaliation, intimidation, blackmail, or improper influence. Other types of information potentially deemed sensitive could include the location of vulnerable plants and animals with value to traffickers or to trophy hunters; locations or planned routes of anti-poaching patrols; information provided by whistleblowers; proprietary or privileged business information and materials, including legally protected trade secrets; and medical information.

    Examples of risks related to information leakage include:

    • Private information about government employees including their social circle, residence, whereabouts, etc. Such information can lead to intimidation, blackmail, or improper influence.
    • Human intelligence, especially with regard to confidential informants. Improper disclosure of identifying information could result in risks both to the integrity of the informant and the confidentiality of the information collected.
    • Information about habitats of endangered animals or rare plants. Such information can be used by poachers to locate or track valuable wildlife.

    Questions relating to information leakage


    A. Respondent’s role in the activity

      • What role, if any, do you and your organization play in the protection of personal information about government employees, witnesses, informants, and others? What unique challenges, if any, do you encounter in dealing with information related to wildlife, to include biological specimens such as protected animals or rare plants?

      B. Objectives and effectiveness of the activity

      • What is your understanding of how your agency protects sensitive personal information about individuals? How well are the identities of confidential informants protected and what concerns, if any, do you have about the ability of your agency to protect whistleblowers, witnesses, informants, and others potentially at risk?
      • In your opinion, what part of your agency’s actions have worked well to protect sensitive information? Which areas could be improved and how? [Include personal information as well as information about the location of protected species, inventories of valuable biological specimens, and digital data.]
      • In your view, what external factors significantly enhanced or constrained your agency’s ability to protect sensitive information?

      C. Controls related to information leakage

      • Methodology and process: In practice, what types of information are kept about informants, complainants, and whistleblowers and how is the information generally protected? Who determines what is to be collected? Who is responsible for determining who has access to the information?

      Thinking about the more likely ways that sensitive information might be improperly leaked, either intentionally or unintentionally, tell me how that might happen. What would you do if you became aware that the identity of a confidential source has been compromised? [Probe for details: who reports what to whom? What forms are completed? Who makes key decisions? If something is likely to go wrong, what will it be?] How is information about the location of protected plants and animals protected? How is digital information safeguarded?

      • People: Who (roles, not names) is involved in protecting sensitive or confidential information? In your view, how well is such information protected in practice?
      • Systems and information: What kinds of records are available about potential and actual breaches of information security in your agency? What form do these records take and how complete/reliable do employees believe them to be? How are the records maintained [paper, located in one person’s office, electronic database]? Who has access to the records? Are results compiled and analyzed [to look for trends, areas of concern, emerging problems, etc.] and by whom? What else would it be helpful for your agency to know about this issue?
      • Communication and reporting: What channels of communication are used when sensitive information is to be shared between your agency and other entities that have a need to know? How does the receiving agency acknowledge responsibility for maintaining the security of such information that is transferred to its custody? Are concerns about lost or compromised sensitive information reported to anyone outside your agency?
      • Policy: Does your agency have a written policy or other guidance to address the protection of sensitive information? Generally, how does the guidance address:
        • Personal information about government employees, whistleblowers, complainants, witnesses, and confidential informants?
        • Actual or suspected breaches of information security?
        • Information about the location and habits of protected species?

      Final questions


      Coordination and synergies

      Thinking about the issues we have been discussing today, what other entities are important to you and your agencies in addressing the challenge of ensuring integrity in the protection of wildlife? Who else should we speak with? Are there other experts who could provide insight for us? Are there organizations that you work with that help you do your job more effectively?

      Lessons learned

      As we conduct our research, what information or perspectives do you feel that it is important for us to be certain to obtain? Are there any ongoing initiatives that your organization is in the process of implementing? What future plans are in place or under consideration to address issues of integrity in wildlife management and enforcement? What else should we know about?

      Concluding the interview

      • Ask the respondent if they would recommend the evaluation team to (i) interview a particular person and (ii) review a particular document as part of the evaluation? If yes, ask the name of the person, how they can be contacted, and how the document can be obtained.
      • Thank the respondent for their time.
      • Tell the respondent that they are welcome to contact you to provide clarifications and/or additional information at a later date if they wish. Tell the respondent you may contact them if you have any additional questions or need additional clarification.

      Annex III. Sample resource needs

      Human resources


      The methodology can be implemented by a relatively small team. Potential team members could include the following:

      Lead researcher to oversee project design and implementation, lead workshops and interviews, and facilitate preparation of the report. This person should have significant experience in risk mitigation, internal controls, and performance evaluation. A strong track record and reputation in the field is desirable, as are analytical skills and the ability to build trust. For assessments addressing a single risk, the estimated time commitment is about 20-25 working days, while assessments that address more corruption risks will require additional time.

      Research assistant to set up research tools; schedule, prepare for and participate in interviews; analyze data; and draft portions of the report. Strong research and writing skills are important. The research assistant will likely be needed throughout the duration of the review.

      Local researcher/insider to facilitate contacts with local agency leaders and participants, assist in scheduling interviews, conduct and participate in interviews, analyze qualitative information in the form of transcribed data and policy/procedures documents, participate in face-to-face activities when remote meeting arrangements are not feasible, and provide input to the report. This person should also share local knowledge with the rest of the research team. This position is particularly important when other team members are not from the country where the research is being conducted. General knowledge or experience in the content areas under review is desirable, with an ideal combination being stronger expertise in the area that the lead researcher is weaker in (conservation or anti-corruption).

      Strong professional networks and the ability to independently contact potential respondents are also useful. However, exercise care when employing local researchers with deep connections to the individuals likely to be interviewed or to the issues under review. It can be challenging for such people to maintain an objective viewpoint while gathering data and – in some instances – individuals to be interviewed may be uncomfortable speaking with researchers with whom they have had prior interactions. Divided loyalties can put local researchers into difficult positions when called upon to address sensitive issues like corruption or noncompliance with established policies and procedures.

      An estimated 10-15 days is needed for the local researcher, with longer time commitments in situations where making arrangements is more complex.

      Technical resources


      Internet access and remote conferencing
      capability allows interviews and other important discussions to take place across time zones and when participants are in different countries. The majority of interviews conducted as part of the three-country study were conducted via a video conferencing platform. In addition to facilitating international connections with respondents, the platform facilitated the scheduling process and allowed multiple researchers to participate in calls and on-screen document sharing when needed. It also allowed for easy recording and transcription of interview, with permission from respondents. (Although some team members had anticipated resistance to recording of interviews, almost everyone interviewed as part of the three-country pilot consented to recording when reminded that this helped to ensure that their responses were accurately captured.)

      Basic business process software like Microsoft Word and PowerPoint is an invaluable aid to report writing and presentation development.

      Qualitative analysis software such as NVivo or MAXQDA is not vital to the methodology, but can be a useful tool, especially for larger projects where multiple risks are to be evaluated, larger numbers of interviews are conducted, and extensive review of policy or other documentation is involved.

      Annex IV. Sample Terms of Reference for consultants

      Terms of reference


      IWT Internal Controls Consultant (Country)

      Information about the employing organization

      [Description about organization].

      Project: [insert name of project]

      Numerous government agencies tasked with enforcing laws on illegal wildlife trade continue to suffer from the effects of corruption. This severely undermines their effectiveness and, in many instances, may well serve as an important enabler of the crime. Examples include: license issuing, curtailing investigations, delaying prosecutions, etc.

      (Add additional information about the project, as appropriate)

      Assignment

      The Internal Controls Consultant will support an ongoing project to develop a better understanding of the design and effectiveness of internal control systems currently in place to address corruption risks in relation to IWT enforcement and to develop practical recommendations to reduce corruption risks through the implementation of more effective systems of internal control in (country).

      The Consultant will work with (who) based in (country) to implement this programme.

      Activities and timeline

      [Note: these estimates of time are based on reviewing a single corruption risk and should be adjusted for projects that anticipate evaluating multiple risks.]

      The Consultant will be contracted for __ days to perform the following responsibilities:

      Deliverables

      • 1 (one) overview of existing rules, regulations, policies, and procedures relevant to the selected risk, addressing controls for prevention, detection, deterrence, and correction. The document will also describe agency-specific documentation such as organizational structures, decrees on internal controls and internal control units (if any), agency-specific corruption prevention plans, relevant internal and external assessments, practice guides, performance reports, etc.
      • Interviews of up to __ stakeholders identified in collaboration with Research Lead.
      • Draft report (est. 10-12 pages).
      • Final report.
      • Presentations of results to agencies and relevant partners.

      Reporting

      The Consultant reports to the Research Lead, Internal Controls.

      [1] Note: these specific categories of controls are related to, but are not the same as, COSO’s five basic components of an effective system of internal control.

      [2] Note: the five basic components of an effective internal control system listed above are not the same as the categories of specific control activities suggested for use in developing the framework of themes.

      [3] It is useful to understand what a respondent considers as their area of responsibility. For example, some rangers and first responders may not consider that they have a role in preserving a poaching site as evidence of a crime. Alternatively, some employees of integrity agencies may not recognize a responsibility related to wildlife protection.

      [4] These may also occur due to a lack of capacity on the part of those charged with gathering and maintaining evidence rather than intentionally corrupt activity.