The widespread diffusion of organised crime clans into the legal economies makes harder for private organisations working in the public sectors to conduct an appropriate financial and reputational assessment of third parties (such as partners, suppliers and customers). To prevent the attempts of infiltration of organised crime groups in the business, ignoring the adoption of appropriated tools may lead to company disqualification from the practice of commercial activities in the public sector. As a consequence, company image and stakeholders value creation processes can be irreparably damaged. Based on such remarks, the paper aims to verify if the internal control system can act as an effective barrier to prevent the attempts of infiltration of organised crime groups in legitimate businesses. To test such a hypothesis, an action research was conducted in a company operating in North-Italy. Research findings show that the design of an internal control system able to promptly assess the risk profiles associated with company strategies can support decision makers to identify which relationships might pose the greatest threat to their organisation sustainable business development.
Keywords: Internal control system, infiltrations of organized crime, integrated risk management system, business development