Another Dirty Secret: CBs Push Work to Family Member Consultants

As we talk a lot about here at Oxebridge, the ISO 17021 rules prohibit a certification body (CB) from providing any consulting services to the clients they certify; this is ostensibly so that they don’t wind up having to audit their own work, which introduces a serious conflict of interest.

The CBs, who want the lucrative consulting money in addition to the certification contracts, ignore the lessons of Enron and get around this through a number of tricks. First, they re-define “consulting” so that when they do it, it’s considered “public training”; when the provide QMS documents, they aren’t documents, they are “templates.” Next, they then claim that the consulting services they offer do not impact on the audit anyway, since they don’t “touch” such things during an audit.

Both argument are ludicrous. In the first case, clearly the training and documentation are consulting, since they are the exact services offered by .. wait for it… consultants. The second argument is defeated by the fact that when a different consultant provides the same service as the CB, the CB audits the output; for example, when Oxebridge provides a client with procedures, CAR systems, etc., the CB audits those systems. But we are to believe that when the CB provides the very same thing, they don’t audit those outputs, and thus there’s no conflict. By that very admission, there’s a conflict: it means they skip past any consulting deliverable they provide, but then apply critical scrutiny to the same deliverables provided by a competing consultant. Since that is likely to push clients to use their in-house consulting services (greases the wheels during audits) it probably amounts to unfair trade practices, and is thus illegal.

All of this happens right under the noses of the Accreditation Bodies, such as ANAB and UKAS, who intentionally overlook it all because the CBs pay them, and if they were to actually start enforcing the rules, the CBs would bolt, and the ABs would be pushed into bankruptcy. It’s so bad, the ABs have actually defended the CBs when complaints are raised, even with such activities may have broken international trade law. The highest authority on the matter — the IAF — has sided with the CBs and ABs, showing just how corrupt the system is. It reduces ISO 9001 certification to a pay-to-play scheme, whereby anyone willing to pay off the CBs and, by extension, the ABs can get a certificate, regardless of whether the system is actually compliant.

All in the Family

One of the worst-kept secrets in the profession is how CBs apply another trick to give the illusion of complying with the regulations: using family to operate the consulting services. It’s well known that a certain west coast US registrar is owned by the wife of a man who happens to run a certain west coast US consulting firm. ANAB knows about it, the IAF knows about it, and probably your Starbucks barista knows about it, but no one has stopped it. Even I overlooked it for years because in general, my clients were not complaining about the CB, and generally liked their auditors. The consulting company appeared genuinely firewalled, too, as I hadn’t personally witnessed any conflicts. The registrar landed a lot of contracts with my clients as a result, and there was always an assumed “hands off” agreement that the husband’s consulting practice wouldn’t touch my clients as a result, or I’d go apeshit.

Well, prepare the cage cleaning crew, because of course a CB can’t even be expected to remain ethical for long. Now comes word that, sure enough, hubby’s consulting firm injected itself into an Oxebridge client certified by the wife. Suddenly, a client we thought was entirely happy with us, whom we managed to get certified to their deadline and with whom we had a great relationship, is now using the husband/wife team for their full menu of ISO stuff. Since the consultant is west coast, and we were local to the client, it doesn’t make much sense as to why they’d replace Oxebridge with the other firm, since their travel expenses just went through the roof, but I’m suspecting some aggressive salesmanship cut some kind of deal. The client isn’t answering any questions about it because they likely didn’t know they had signed onto an incestuous conflict of interest, and now they’ve got egg on their face. So just by raising the issue with the client, they’re stressed and embarrassed, and now they’re going radio silent, and I have to drop them from my referral list. Which really, really pisses me off. There are precious few CBs out there I have a good relationship — because they are almost always corrupt — and one of the last ones I trusted proved to be as bad as the rest.

When I raised this problem with the CB, they said they’d “process a complaint” or somesuch garbage, and of course I haven’t heard back. As a result, I am alerting all my clients who currently use this CB to be on the lookout for unscrupulous selling by the husband’s consulting firm. I’m also advocating that my clients switch to a different registrar, which is the kiss of death for a CB.

(And of course they’re all in bed with the US TAG to TC 176; the wife is on the TAG, and the husband is doing speaking tours with ANAB’s John Knappenberger and the Lorri Hunt gang. Whenever something smells rotten in the US ISO 9001 scheme, you know the TAG is nearby, giving off the deadstink of a squirrel carcass laying behind a bush somewhere.)

They’re not alone. In Florida, one of the most aggressive sellers of ISO 9001 runs the branch office of a national manufacturing trade group, which itself gets some Federal dollars while acting as a front for a single international CB. They hold large “consortium” classes to potential ISO 9001 users in bulk, usually set up in hotel conference rooms, using the opportunity to sell the certification services of a that CB. They then offer access to grants; for these, they contract with consultants, then mark up the consultant’s usual fee and submit this for Federal grant funding, ripping off the US government to the tune of $10,000 a pop. Then, they lie to clients, saying that only they can get the client grants, when in fact they are open to anyone; in fact, if the clients bypassed the group, they’d likely get more of their program funded, since it wouldn’t include the group’s phony markup. So in the end the client winds up paying more, but they have no clue. The clients then get funneled to the same CB, and everyone makes money at the taxpayer’s expense. It, too, is probably highly illegal, since it’s not just a violation of ISO 17021, it appears to be outright defrauding of the Federal government.

But they don’t just hand the work out to any consultant, no. Instead they only drive the business to the consultants that have agreed to this illegal nonsense. The particular sales-bro in question goes further, and not only uses the “consortia” to sell his own auditing services, through the favored CB, but also the consulting services of a local company run by his daughter. He’s overt about it, too, telling clients openly that he will write the documentation for them, have her sign off on it, and then certify it himself later. He’s so bold, he even goes into clients who’ve already hired a consultant, and tells them the work is no good, and how they really have to hire his daughter to ensure they get certified. He’s even made this pitch during actual ISO 9001 registration audits, dangling the final certificate in front of the client only if they agree to hire his kid. A few years back, he was caught distributing the Quality Manuals of previous clients, without their permission, and thus violating confidentiality agreements and intellectual property law. The CB was alerted and, of course, did nothing. This guy is one of their top salesmen, after all, so it doesn’t matter if he probably belongs in Federal prison.

If ANAB actually cared, it would take all of ten minutes in the CB’s office to pull the evidence together: the particular auditor’s clients would have nearly identical manuals, and show the work being done by the same consultant, his daughter. Likewise for the west coast example; ANAB merely needs to check how many of the CB’s clients are shared with the consultant, and they’d see a big, fat smoking gun. But that implies they’d have to do something afterwards, and citing the CBs would cost ANAB too much money.

Who… Me?

The stunning thing is how, when they are confronted, the CBs act incredulous. They can’t imagine someone would even think that they are engaged in something improper, even if it is blatantly clear to anyone else. Their ethical bar is so low, it’s shocking. They are like the murderer who gets caught killing someone, and then tries to explain it away as “I was just helping him to donate blood.” Aww….

Of course the ABs, such as ANAB, could put a stop to this. They know it’s going on, but they look the other way. After all, the rules say the CB can’t certify its consulting clients, but they would argue it says nothing about the consulting clients of a wife or husband or daughter or pet hamster. Sure, there’s a lot of language requiring the CBs to assess and mitigate conflicts of interest, but that’s too complicated and the ANAB auditors are more interested in smoking that next cigarette and taking that next nap than reading pesky mitigation reports.  And so the corruption continues apace.

As I said, I’m pissed; and when I’m pissed, bad things happen. So this goes into the file of things I intend on investigating further, and which is likely to explode into yet another industry-wide scandal. For now I’m not naming names. I’m not sure how long that will hold out, though. If I do, and they want to sue… well, maybe that’s not a bad thing. Let’s subpoena the hell out of their records, and start the process of proving, in court, that the entire CB/AB scheme is broken.

Have you experienced this phenomenon? If so, let me know.