Up
Logo
  • Menu
Logo Cancel
  • +1 212 694 7000 New York
  • +44 207 016 4250 London
  • +34 917 021 364 Madrid
  • +41 799 020 921 Geneva
  • +1 213 296 3300 Los Angeles
  • Home
  • Insights
  • Thought Leadership
  • The DOJ Expects Third-Party Management from Compliance Programs

12 Mar 2017

The DOJ Expects “Third-Party Management” from Compliance Programs

This article was originally published in The FCPA Blog (8 Mar. 2017). Read the full article online. Republished with permission.
The DOJ Expects Third Party Management from Compliance Programs

By Adam Frey, Associate Managing Director, K2 Intelligence

2016 was a banner year for global anti-corruption enforcement: the U.S. government set records in terms of both the number of FCPA actions brought and the total dollar amount of related fines.

Meanwhile, governments from around the globe—including the United Kingdom and Brazil—brought high-profile actions as well. And 2017 got off to a similar record-breaking start in January.

One feature of several of the most high-profile of these actions—such as the enforcement actions against Rolls-Royce and Och-Ziff, and the recent announcement by Panasonic about an investigation—is a reminder, if any were still necessary, that using third-party intermediaries in foreign markets remains fraught with the potential for illicit conduct.

Indeed, “Third-Party Management” is one of 11 key topics included in DOJ’s recently released guidance on how to evaluate corporate compliance programs.

While engaging and relying on the services of third-party intermediaries may be necessary in some industries and locales, it is vital that companies that do so ensure that they are conducting an appropriate level of due diligence on these intermediaries. Moreover, the due diligence that is performed cannot—or should not—be a “cookie cutter” approach.

Rather, the due diligence must be targeted to the industry and market in question and should seek to identify whether the intermediary has a reputation or history of engaging in corrupt or unethical activity or has any connection to the foreign government. And while public records research is a must, in many jurisdictions the company will also want to conduct targeted and discreet source inquiries, which will require on-the-ground knowledge and a network of sources.

Of course, as the DOJ guidance also makes clear, conducting robust due diligence on third-party intermediaries is not the only measure that companies should take as they seek to avoid the crosshairs of anti-corruption enforcement agencies—especially as those agencies increasingly work and resolve cases multilaterally.

An effective anti-bribery/anti-corruption (ABAC) posture requires measures that are proactive, reactive, and continuously refreshed and updated.

Proactive. Proactive measures begin with companies’ internal governance related to ABAC issues. Specifically, the company must have established and effective ABAC compliance policies, procedures, training, and internal controls designed to constrain, identify, and/or surface possible ABAC concerns. As with the particular due diligence discussed above, these internal governance measures must be tailored to the particular ABAC risks associated with the company’s size, business model, industry, and geography.

To that end, a critical first (and ongoing) step is to perform an ABAC risk assessment to identify potential vulnerabilities and risk areas, such as within the procurement or accounts payable processes or engaging third parties. The risk assessment will also identify the key areas to test underlying transaction or payment data.

Reactive. Companies must also have the ability to respond thoroughly and effectively to allegations of potential corrupt conduct. The response may range from initiating an internal investigation into whistleblower complaints (and protecting the whistleblower from any retributive actions) to conducting a wider investigation with the support of outside experts, such as forensic accountants and investigators with experience and source networks where the conduct allegedly occurred.

Importantly, such outside experts bring distinct skill sets that complement those of outside counsel which also is engaged to help.

An effective investigation to get to the bottom of what may have happened will be increasingly important as the use of Deferred Prosecution Agreements and tangible incentives for voluntary self-disclosure continue, since companies will want to know if there is any “there” there.

Continuously Updated. International ABAC enforcement regimes’ enforcement priorities and interpretations of key statutory provisions can often change, as do the methods that corrupt actors employ to evade those restrictions. (The crackdown on corporate “donations” to charities linked to government officials and the practice of hiring government officials’ otherwise unqualified relatives are but two examples.) Consequently, the steps companies take to constrain, identify, and remediate possible ABAC violations also cannot be static. Rather, constant vigilance is required.

An effective ABAC compliance program thus will repeatedly conduct risk assessments to identify new vulnerabilities and/or risk areas. The program will also refresh the testing performed on relevant transaction and payment data as well as the due diligence performed on critical third-party vendors and/or intermediaries.

Banking Pot: How Financial Institutions Can Prepare for Changing Regulations

04 Feb 2019

04 Feb 2019

The Unexplained Wealth Order Imperative: Always Keep Your Financial House in Order

25 Jan 2019

25 Jan 2019

The Importance of Enterprise-Wide Risk Assessments for Financial Institutions

24 Jan 2019

24 Jan 2019

A Winning Anti-Money Laundering Strategy: Strengthen Your Defense Against Financial Crimes

14 Jan 2019

14 Jan 2019

  • Services
    • Our Practices
      • Investigations and Disputes
      • Regulatory Compliance
      • Cyber Defense
      • Construction and Real Estate
      • Strategic Risk and Security
      • Private Client Services
    • Our Approach
      • Multidisciplinary Teams
      • Investigative Experience
      • Global Reach
      • Technology
    • The K2 Difference
  • People
    • Professionals
    • Spotlight Profiles
  • Insights
    • Focus On
    • Thought Leadership
    • Video
    • Resources
      • Glossary
      • Links
anti-corruptionbriberybribery and corruption investigationscorruptiondojfcpa
  • About Us
  • Our Offices
  • Find a Professional
  • Sitemap
© 2018 K2 Intelligence, LLC | Privacy Notice | K2 Intelligence is not affiliated with Kroll Inc., Kroll Associates, Inc., Kroll On Track, Inc. or their affiliated businesses.
loader
  • Services
    • Our Practices
      • Investigations and Disputes
      • Regulatory Compliance
      • Cyber Defense
      • Construction and Real Estate
      • Strategic Risk and Security
      • Private Client Services
    • Our Approach
      • Multidisciplinary Teams
      • Investigative Experience
      • Global Reach
      • Technology
    • The K2 Difference
      • A History of Success
      • Sizing Up a Situation
      • Finding the Needle in the Haystack
      • A Multidisciplinary Approach
      • Considering Every Angle
      • Securing the Right Outcome
  • People
    • Professionals
    • Spotlight Profiles
  • Insights
    • Focus On
      • Africa and Middle East
      • Art Risk Advisory: Art, Collectibles, and Wine
      • Corporate Social Responsibility
      • Cybersecurity Awareness
    • Thought Leadership
    • Video
    • Resources
      • Glossary
      • Links
  • About Us
    • Our Story
    • Our Offices
    • Corporate Social Responsibility
    • Contact Us
    Careers
    • Working at K2 Intelligence
    • Job Opportunities
    Media
    • Appearances
    • Newsroom
    • Mentions
    • Media Contacts
    Events
    • Webinars
    • Speaking Engagements
    • Roundtables
  • Contact Us