SlideShare a Scribd company logo

Third Party Compliance: Issues and Strategies to Mitigate Corruption Related Risk

Dan Reynolds, CPA, CFE, CAMS
Dan Reynolds, CPA, CFE, CAMS

2015 Spring Conference (IIA Philadelphia Chapter)

1 of 34
Download to read offline
THIRD PARTY COMPLIANCE: ISSUES AND STRATEGIES TO MITIGATE CORRUPTION-RELATED RISK MATTHEW RUBLE, SENIOR MANAGER DAN REYNOLDS, MANAGER GRANT THORNTON, LLP Institute of Internal Auditors- Philadelphia Chapter 2015 Spring Conference – Internal Audit 2020 APRIL 20, 2015
The Philadelphia Chapter was established in 1943, and is the 5th affiliate chapter of The Institute of Internal Auditors (IIA). The Philadelphia Chapter, its board of governors, its officers, The IIA , and today’s presenters are not responsible or liable for any acts or omissions and specifically disclaim any and all responsibility or liability for acts or omissions. The material contained herein or communicated is for informational purposes only and should not be construed as accounting, financial, tax, or legal advice. Please seek guidance specific to your questions or concerns from qualified advisors. All content including graphics or art work is protected by law and may not be duplicated in any form with out the express written permission from the Philadelphia Chapter. © 2014 Philadelphia Chapter of the IIA Disclaimer, Trademark, and Copyright Notice Philadelphia Chapter of the IIA IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
AGENDA 3 • Corruption and Bribery • Foreign Corrupt Practices Act • Third Parties • Key Components of an Effective Third Party Program • Role of Internal Audit IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
4 CORRUPTION: • Abuse of entrusted power for private gain BRIBE: • Something valuable (such as money) that is given in order to get someone to do something IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
BRIBERY AND CORRUPTION ARE GLOBAL CHALLENGES 5 Source: 2014 Corruption Perception Index (Transparency International) IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
BRIBERY AND CORRUPTION ARE GLOBAL CHALLENGES 6 Source: 2013 Global Corruption Barometer (Transparency International) IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
7 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
8 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
Social EconomicPolitical THE IMPACT OF CORRUPTION IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
FOREIGN CORRUPT PRACTICES ACT (FCPA) 10 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE Anti-Bribery Provision • Prohibit offering or promising anything of value to a foreign government official to obtain or retain business. Books and Records Provision • Must maintain books and records that accurately and fairly reflect the entities transactions. • Must maintain a system of internal accounting controls.
FCPA APPLIES TO: 11 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE Issuers Individuals in U.S. U.S. Citizens Entities with U.S. Presence Traded on U.S. Exchange
BRIBERY – NOT JUST CASH… 12 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
…ANYTHING OF VALUE 13 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
FLIR SYSTEMS, INC. 14 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE Casablanca Paris Dubai Beirut New York City 20 Days 12 Hours $7 Million
LARGEST FCPA ENFORCEMENT ACTIONS COMPANY COUNTRY PENALTY (Millions) YEAR Siemens Germany $800 2008 Alstom France $772 2014 KBR/Halliburton USA $579 2009 BAE UK $400 2010 Total SA France $398 2013 Alcoa USA $384 2014 Snamprogetti Netherlands B.V/ ENI S.p.A Netherlands /Italy $365 2010 Technip SA France $338 2010 JGC Corporation Japan $219 2011 Daimler AG Germany $185 2010 15 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
16 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE Reported FCPA cases involve third parties Companies that do not perform due diligence on their third parties Source: 12th Global Fraud Survey - 2013 THIRD PARTY RISK
17 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE THIRD PARTY RISK
THIRD PARTY RISK 18 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE Third Party Population Third Party Representatives A third party is any entity or person providing goods and/or services to an organization. A third party representative is any entity or person that acts on behalf of an organization.
KEY COMPONENTS OF A SUCCESSFUL PROGRAM 19 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
20 IIA PHILADELPHIA CHAPTER 20134 SPRING CONFERENCE OPERATING MODEL COMPONENTS CORPORATE OBJECTIVES KEY RISK DOMAINS THIRD PARTY RISK LIFECYCLE Text Text Third Party Risk Framework Governance Policies & standards Business processes Tools & technology Risk metrics & dashboard Risk culture Contractual risk Continuity of service/product risk Financial viability risk Transactional / Operational risk Credit risk Reputational risk Legal / regulatory risk Geo-political risk Information security risk Strategic risk Planning, risk identification Due, diligence, 3rd party selection Contract negotiation & on boarding Termination & off-boarding Growth/innovation (products/services) Improved client experience Cost optimization Improved time to market Risk & compliance mgmt On-going monitoring & mitigation Continuous improvement
THIRD PARTY MANAGEMENT LIFECYCLE 21 • Develop and implement a new, well- governed process to manage on-boarding of third parties – Confirm to whom/where they are doing business, and the means by which they conduct business, etc. • Conduct due diligence on third parties to assign levels of risk which determine the level of monitoring required • Train the workforce and third parties on the rules and risk of fraud and corruption • Monitor and detect transactions identify and act upon potential threats Risk Model Certification & Training Verification & Updates Reporting & Analytics Financial Controls Transaction Monitoring Onboarding IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
22 Services to be provided Transaction Level Geographic Risk Interactions with govt. officials Input From Business IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE RISK MODEL DEVELOPMENT High Risk Low Risk Moderate Risk
23 IIA PHILADELPHIA CHAPTER 20134 SPRING CONFERENCE STRONG TONE AT THE TOP SUPPORTING TONE AT THE MIDDLE PROPER STRATEGY & GOVERNANCE NETWORK OF SUPPPORT UTILIZE REPORTING AND ANALYTICS COMPREHENSIVE TRAINING THIRD PARTY MANAGEMENT: KEYS TO SUCCESS • Build and drive culture of compliance • Communicate often • Reinforce culture set forth by leaders • Conduct discussion-based programs • Don’t boil the ocean – take a risk based approach • Make training relevant • Train third parties on what is expected of them • Identify critical influencers across the globe • Develop regional/location champions • Develop robust reporting • Dashboards by region or business
THIRD PARTY DUE DILIGENCE: MITIGATING RISKS 24 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
THIRD PARTY DUE DILIGENCE 25 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE Due Diligence Process Third Party Recommendation
DUE DILIGENCE PROCEDURES 26 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE Third Party Questionnaire Background/ Ownership Policies Business References Open Source Investigations Enforcement Action Databases Sanctions/ Watchlists Civil and Criminal Prosecutions Due Diligence Reports Negative Media (Local Language) Political Exposure State-Owned Entities
27 THIRD PARTY DUE DILIGENCE: MITIGATING RISK IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE Contract Terms • Anti-bribery language • Right to audit clause Anti- Corruption/Anti- Bribery Training • Local language Transaction Testing • Review internal books and records for transactions with third party Exercising Audit Rights • Review third party's books and records. Review Third Party's Compliance Program • Code of Conduct • Policies • Training
COLLABORATION BETWEEN COMPLIANCE AND INTERNAL AUDIT 28 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
29 IIA PHILADELPHIA CHAPTER 20134 SPRING CONFERENCE Third Party Program Audit Third Party Program can : - provide "of interest" third parties by region/country - share investigation findings and recommendations for "of interest" third parties - provide a random sample third parties Audit can: - share audit findings of third party investigations - gather and provide contracts, written agreements, other relevant data - request investigations on third parties COLLABORATION BETWEEN AUDIT AND COMPLIANCE • To maintain independence, Audit should not be part of day-to-day management of the program • Audit can provide an opinion on the compliance program
THIRD PARTY AUDITS 30 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE Review due diligence performed by compliance Level 1: Internal Books and Records Review Level 2: Third Party Books and Records Review (Exercise Right to Audit Clause) Level 3: Third Party Compliance Program Review
OUTLOOK AND RESOURCES IIA PHILADELPHIA CHAPTER 20134 SPRING CONFERENCE 31
CORRUPTION OUTLOOK 32 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE • Prosecution of individuals (FCPA) • DOJ tripled their task force 10 to 30 • Continued Industry sweeps • More countries developing similar legislation – Brazilian clean company act January 2014
RESOURCES 33 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE • FCPA (legislation): http://www.justice.gov/criminal/fraud/fcpa/ • "A Resource Guide to the U.S. Foreign Corrupt Practices Act" http://www.justice.gov/criminal/fraud/fcpa/guidance/guid e.pdf • Transparency International http://www.transparency.org/
LET'S KEEP THE CONVERSATION GOING 34 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE • Matthew Ruble – Matthew.Ruble@us.gt.com – linkedin.com/in/matthewruble • Dan Reynolds – Dan.Reynolds@us.gt.com – Twitter: @DanReynoldsCFE – linkedin.com/in/dreynoldscfe

Recommended

3rd Party Vendor Mgt - IBC Pres'n - 17 March 2015 (PM)
3rd Party Vendor Mgt - IBC Pres'n - 17 March 2015 (PM)3rd Party Vendor Mgt - IBC Pres'n - 17 March 2015 (PM)
3rd Party Vendor Mgt - IBC Pres'n - 17 March 2015 (PM)Maija Burtmanis,
 
Third Party Risk Due Diligence - Feb 2012
Third Party Risk Due Diligence - Feb 2012Third Party Risk Due Diligence - Feb 2012
Third Party Risk Due Diligence - Feb 2012aj22dms
 
Protecting Against Bribery Risk in Business Transactions: Developing an Effec...
Protecting Against Bribery Risk in Business Transactions: Developing an Effec...Protecting Against Bribery Risk in Business Transactions: Developing an Effec...
Protecting Against Bribery Risk in Business Transactions: Developing an Effec...PECB
 
FCPA Enforcement Tends and Their Impact on Corporate Compliance Programs
FCPA Enforcement Tends and Their Impact on Corporate Compliance ProgramsFCPA Enforcement Tends and Their Impact on Corporate Compliance Programs
FCPA Enforcement Tends and Their Impact on Corporate Compliance ProgramsPECB
 
Third Party Due Diligence - Case Study Discussion
Third Party Due Diligence - Case Study DiscussionThird Party Due Diligence - Case Study Discussion
Third Party Due Diligence - Case Study DiscussionSam Gibbins 紀俊森
 
Third-Party Risk Management
Third-Party Risk ManagementThird-Party Risk Management
Third-Party Risk ManagementMark Scales
 
Third Party Oversight and Monitoring: How to Establish an Effective Third Par...
Third Party Oversight and Monitoring: How to Establish an Effective Third Par...Third Party Oversight and Monitoring: How to Establish an Effective Third Par...
Third Party Oversight and Monitoring: How to Establish an Effective Third Par...PECB
 
Best Practices for Integrated Regulatory Reporting Across Multiple Jurisdictions
Best Practices for Integrated Regulatory Reporting Across Multiple JurisdictionsBest Practices for Integrated Regulatory Reporting Across Multiple Jurisdictions
Best Practices for Integrated Regulatory Reporting Across Multiple JurisdictionsLeigh Hill
 

Recommended

3rd Party Vendor Mgt - IBC Pres'n - 17 March 2015 (PM)
3rd Party Vendor Mgt - IBC Pres'n - 17 March 2015 (PM)3rd Party Vendor Mgt - IBC Pres'n - 17 March 2015 (PM)
3rd Party Vendor Mgt - IBC Pres'n - 17 March 2015 (PM)Maija Burtmanis,
 
Third Party Risk Due Diligence - Feb 2012
Third Party Risk Due Diligence - Feb 2012Third Party Risk Due Diligence - Feb 2012
Third Party Risk Due Diligence - Feb 2012aj22dms
 
Protecting Against Bribery Risk in Business Transactions: Developing an Effec...
Protecting Against Bribery Risk in Business Transactions: Developing an Effec...Protecting Against Bribery Risk in Business Transactions: Developing an Effec...
Protecting Against Bribery Risk in Business Transactions: Developing an Effec...PECB
 
FCPA Enforcement Tends and Their Impact on Corporate Compliance Programs
FCPA Enforcement Tends and Their Impact on Corporate Compliance ProgramsFCPA Enforcement Tends and Their Impact on Corporate Compliance Programs
FCPA Enforcement Tends and Their Impact on Corporate Compliance ProgramsPECB
 
Third Party Due Diligence - Case Study Discussion
Third Party Due Diligence - Case Study DiscussionThird Party Due Diligence - Case Study Discussion
Third Party Due Diligence - Case Study DiscussionSam Gibbins 紀俊森
 
Third-Party Risk Management
Third-Party Risk ManagementThird-Party Risk Management
Third-Party Risk ManagementMark Scales
 
Third Party Oversight and Monitoring: How to Establish an Effective Third Par...
Third Party Oversight and Monitoring: How to Establish an Effective Third Par...Third Party Oversight and Monitoring: How to Establish an Effective Third Par...
Third Party Oversight and Monitoring: How to Establish an Effective Third Par...PECB
 
Best Practices for Integrated Regulatory Reporting Across Multiple Jurisdictions
Best Practices for Integrated Regulatory Reporting Across Multiple JurisdictionsBest Practices for Integrated Regulatory Reporting Across Multiple Jurisdictions
Best Practices for Integrated Regulatory Reporting Across Multiple JurisdictionsLeigh Hill
 
Middle East Summit on Anti-Corruption
Middle East Summit on Anti-CorruptionMiddle East Summit on Anti-Corruption
Middle East Summit on Anti-CorruptionRachel Hamilton
 
TI Managing Third Party Risk
TI Managing Third Party RiskTI Managing Third Party Risk
TI Managing Third Party RiskThe Business Council of Mongolia
 
Investigating and dealing with bribery
Investigating and dealing with briberyInvestigating and dealing with bribery
Investigating and dealing with briberyPECB
 
A compliance officer's guide to third party risk management
A compliance officer's guide to third party risk managementA compliance officer's guide to third party risk management
A compliance officer's guide to third party risk managementSALIH AHMED ISLAM
 
Use of Advanced Technology in Procurement
Use of Advanced Technology in ProcurementUse of Advanced Technology in Procurement
Use of Advanced Technology in ProcurementDr Mark Lovatt
 
Remedies and Cooperation: What Have we Learned – R. Damtoft USFTC – 2017 Lati...
Remedies and Cooperation: What Have we Learned – R. Damtoft USFTC – 2017 Lati...Remedies and Cooperation: What Have we Learned – R. Damtoft USFTC – 2017 Lati...
Remedies and Cooperation: What Have we Learned – R. Damtoft USFTC – 2017 Lati...OECD Directorate for Financial and Enterprise Affairs
 
Hot topics in financial crime - Singapore
Hot topics in financial crime - SingaporeHot topics in financial crime - Singapore
Hot topics in financial crime - SingaporeBovill
 
Third-party Governance and Risk Management - 2018
Third-party Governance and Risk Management - 2018Third-party Governance and Risk Management - 2018
Third-party Governance and Risk Management - 2018Deloitte UK
 
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...LexisNexis Benelux
 
2015 WACHA Hot Regulatory Exam Issues 03202015
2015 WACHA Hot Regulatory Exam Issues 032020152015 WACHA Hot Regulatory Exam Issues 03202015
2015 WACHA Hot Regulatory Exam Issues 03202015Brent Siegel
 
TechExecs Optimizing Outsourcing Linked In
TechExecs Optimizing Outsourcing Linked InTechExecs Optimizing Outsourcing Linked In
TechExecs Optimizing Outsourcing Linked Inbrookstutor
 
The Future of Transaction Reporting
The Future of Transaction ReportingThe Future of Transaction Reporting
The Future of Transaction ReportingAntreas Artemiou
 
Legal Governance, Risk Management and Compliance
Legal Governance, Risk Management and ComplianceLegal Governance, Risk Management and Compliance
Legal Governance, Risk Management and ComplianceEffacts
 
NICSA Webinar | SEC Transfer Agent Rule Revamp
NICSA Webinar | SEC Transfer Agent Rule RevampNICSA Webinar | SEC Transfer Agent Rule Revamp
NICSA Webinar | SEC Transfer Agent Rule RevampNICSA
 
Last minute preparations for SFTR: What still needs to be done and are we ready?
Last minute preparations for SFTR: What still needs to be done and are we ready?Last minute preparations for SFTR: What still needs to be done and are we ready?
Last minute preparations for SFTR: What still needs to be done and are we ready?Leigh Hill
 
Doculabs 2014 risk and compliance practice introduction finance
Doculabs 2014 risk and compliance practice introduction financeDoculabs 2014 risk and compliance practice introduction finance
Doculabs 2014 risk and compliance practice introduction financeScott Swanson , CFE, CFCI
 
2016 SEC & FINRA exam priorities for asset managers
2016 SEC & FINRA exam priorities for asset managers2016 SEC & FINRA exam priorities for asset managers
2016 SEC & FINRA exam priorities for asset managersGrant Thornton LLP
 
Third Party Risk Management Introduction
Third Party Risk Management IntroductionThird Party Risk Management Introduction
Third Party Risk Management IntroductionNaveen Grover
 
4. op risk and aml
4. op risk and aml4. op risk and aml
4. op risk and amlcrmbasel
 
2016 fca look ahead bovill briefing
2016 fca look ahead bovill briefing2016 fca look ahead bovill briefing
2016 fca look ahead bovill briefingBovill
 
652L17_S Anti- Corruption ZUR
652L17_S Anti- Corruption ZUR652L17_S Anti- Corruption ZUR
652L17_S Anti- Corruption ZURHumera Akram
 
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...Ethisphere
 

More Related Content

What's hot

Middle East Summit on Anti-Corruption
Middle East Summit on Anti-CorruptionMiddle East Summit on Anti-Corruption
Middle East Summit on Anti-CorruptionRachel Hamilton
 
Investigating and dealing with bribery
Investigating and dealing with briberyInvestigating and dealing with bribery
Investigating and dealing with briberyPECB
 
A compliance officer's guide to third party risk management
A compliance officer's guide to third party risk managementA compliance officer's guide to third party risk management
A compliance officer's guide to third party risk managementSALIH AHMED ISLAM
 
Use of Advanced Technology in Procurement
Use of Advanced Technology in ProcurementUse of Advanced Technology in Procurement
Use of Advanced Technology in ProcurementDr Mark Lovatt
 
Hot topics in financial crime - Singapore
Hot topics in financial crime - SingaporeHot topics in financial crime - Singapore
Hot topics in financial crime - SingaporeBovill
 
Third-party Governance and Risk Management - 2018
Third-party Governance and Risk Management - 2018Third-party Governance and Risk Management - 2018
Third-party Governance and Risk Management - 2018Deloitte UK
 
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...LexisNexis Benelux
 
2015 WACHA Hot Regulatory Exam Issues 03202015
2015 WACHA Hot Regulatory Exam Issues 032020152015 WACHA Hot Regulatory Exam Issues 03202015
2015 WACHA Hot Regulatory Exam Issues 03202015Brent Siegel
 
TechExecs Optimizing Outsourcing Linked In
TechExecs Optimizing Outsourcing Linked InTechExecs Optimizing Outsourcing Linked In
TechExecs Optimizing Outsourcing Linked Inbrookstutor
 
The Future of Transaction Reporting
The Future of Transaction ReportingThe Future of Transaction Reporting
The Future of Transaction ReportingAntreas Artemiou
 
Legal Governance, Risk Management and Compliance
Legal Governance, Risk Management and ComplianceLegal Governance, Risk Management and Compliance
Legal Governance, Risk Management and ComplianceEffacts
 
NICSA Webinar | SEC Transfer Agent Rule Revamp
NICSA Webinar | SEC Transfer Agent Rule RevampNICSA Webinar | SEC Transfer Agent Rule Revamp
NICSA Webinar | SEC Transfer Agent Rule RevampNICSA
 
Last minute preparations for SFTR: What still needs to be done and are we ready?
Last minute preparations for SFTR: What still needs to be done and are we ready?Last minute preparations for SFTR: What still needs to be done and are we ready?
Last minute preparations for SFTR: What still needs to be done and are we ready?Leigh Hill
 
Doculabs 2014 risk and compliance practice introduction finance
Doculabs 2014 risk and compliance practice introduction financeDoculabs 2014 risk and compliance practice introduction finance
Doculabs 2014 risk and compliance practice introduction financeScott Swanson , CFE, CFCI
 
2016 SEC & FINRA exam priorities for asset managers
2016 SEC & FINRA exam priorities for asset managers2016 SEC & FINRA exam priorities for asset managers
2016 SEC & FINRA exam priorities for asset managersGrant Thornton LLP
 
Third Party Risk Management Introduction
Third Party Risk Management IntroductionThird Party Risk Management Introduction
Third Party Risk Management IntroductionNaveen Grover
 
4. op risk and aml
4. op risk and aml4. op risk and aml
4. op risk and amlcrmbasel
 
2016 fca look ahead bovill briefing
2016 fca look ahead bovill briefing2016 fca look ahead bovill briefing
2016 fca look ahead bovill briefingBovill
 

What's hot (20)

Middle East Summit on Anti-Corruption
Middle East Summit on Anti-CorruptionMiddle East Summit on Anti-Corruption
Middle East Summit on Anti-Corruption
 
TI Managing Third Party Risk
TI Managing Third Party RiskTI Managing Third Party Risk
TI Managing Third Party Risk
 
Investigating and dealing with bribery
Investigating and dealing with briberyInvestigating and dealing with bribery
Investigating and dealing with bribery
 
A compliance officer's guide to third party risk management
A compliance officer's guide to third party risk managementA compliance officer's guide to third party risk management
A compliance officer's guide to third party risk management
 
Use of Advanced Technology in Procurement
Use of Advanced Technology in ProcurementUse of Advanced Technology in Procurement
Use of Advanced Technology in Procurement
 
Remedies and Cooperation: What Have we Learned – R. Damtoft USFTC – 2017 Lati...
Remedies and Cooperation: What Have we Learned – R. Damtoft USFTC – 2017 Lati...Remedies and Cooperation: What Have we Learned – R. Damtoft USFTC – 2017 Lati...
Remedies and Cooperation: What Have we Learned – R. Damtoft USFTC – 2017 Lati...
 
Hot topics in financial crime - Singapore
Hot topics in financial crime - SingaporeHot topics in financial crime - Singapore
Hot topics in financial crime - Singapore
 
Third-party Governance and Risk Management - 2018
Third-party Governance and Risk Management - 2018Third-party Governance and Risk Management - 2018
Third-party Governance and Risk Management - 2018
 
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
 
2015 WACHA Hot Regulatory Exam Issues 03202015
2015 WACHA Hot Regulatory Exam Issues 032020152015 WACHA Hot Regulatory Exam Issues 03202015
2015 WACHA Hot Regulatory Exam Issues 03202015
 
TechExecs Optimizing Outsourcing Linked In
TechExecs Optimizing Outsourcing Linked InTechExecs Optimizing Outsourcing Linked In
TechExecs Optimizing Outsourcing Linked In
 
The Future of Transaction Reporting
The Future of Transaction ReportingThe Future of Transaction Reporting
The Future of Transaction Reporting
 
Legal Governance, Risk Management and Compliance
Legal Governance, Risk Management and ComplianceLegal Governance, Risk Management and Compliance
Legal Governance, Risk Management and Compliance
 
NICSA Webinar | SEC Transfer Agent Rule Revamp
NICSA Webinar | SEC Transfer Agent Rule RevampNICSA Webinar | SEC Transfer Agent Rule Revamp
NICSA Webinar | SEC Transfer Agent Rule Revamp
 
Last minute preparations for SFTR: What still needs to be done and are we ready?
Last minute preparations for SFTR: What still needs to be done and are we ready?Last minute preparations for SFTR: What still needs to be done and are we ready?
Last minute preparations for SFTR: What still needs to be done and are we ready?
 
Doculabs 2014 risk and compliance practice introduction finance
Doculabs 2014 risk and compliance practice introduction financeDoculabs 2014 risk and compliance practice introduction finance
Doculabs 2014 risk and compliance practice introduction finance
 
2016 SEC & FINRA exam priorities for asset managers
2016 SEC & FINRA exam priorities for asset managers2016 SEC & FINRA exam priorities for asset managers
2016 SEC & FINRA exam priorities for asset managers
 
Third Party Risk Management Introduction
Third Party Risk Management IntroductionThird Party Risk Management Introduction
Third Party Risk Management Introduction
 
4. op risk and aml
4. op risk and aml4. op risk and aml
4. op risk and aml
 
2016 fca look ahead bovill briefing
2016 fca look ahead bovill briefing2016 fca look ahead bovill briefing
2016 fca look ahead bovill briefing
 

Similar to Third Party Compliance: Issues and Strategies to Mitigate Corruption Related Risk

652L17_S Anti- Corruption ZUR
652L17_S Anti- Corruption ZUR652L17_S Anti- Corruption ZUR
652L17_S Anti- Corruption ZURHumera Akram
 
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...Ethisphere
 
ACI's FCPA & Anti-Corruption for the Life Sciences Industry
ACI's FCPA & Anti-Corruption for the Life Sciences IndustryACI's FCPA & Anti-Corruption for the Life Sciences Industry
ACI's FCPA & Anti-Corruption for the Life Sciences IndustryRachel Hamilton
 
E-book: How to manage Anti-Money Laundering and Counter Financing of Terroris...
E-book: How to manage Anti-Money Laundering and Counter Financing of Terroris...E-book: How to manage Anti-Money Laundering and Counter Financing of Terroris...
E-book: How to manage Anti-Money Laundering and Counter Financing of Terroris...Jitske de Bruijne
 
AML Meets ABC Webinar Deck 2-19-14
AML Meets ABC Webinar Deck 2-19-14AML Meets ABC Webinar Deck 2-19-14
AML Meets ABC Webinar Deck 2-19-14ACFCS
 
Understanding the linkages between corruption, taxation and illicit financial...
Understanding the linkages between corruption, taxation and illicit financial...Understanding the linkages between corruption, taxation and illicit financial...
Understanding the linkages between corruption, taxation and illicit financial...Lyla Latif
 
Thomson Reuters Third Party Risk Solutions
Thomson Reuters Third Party Risk SolutionsThomson Reuters Third Party Risk Solutions
Thomson Reuters Third Party Risk SolutionsPaul Authachinda
 
Anti-Bribery and Corruption Compliance for Third Parties
Anti-Bribery and Corruption Compliance for Third PartiesAnti-Bribery and Corruption Compliance for Third Parties
Anti-Bribery and Corruption Compliance for Third PartiesDun & Bradstreet
 
CFATF Mutual Evaluation Report of Barbados - 2018
CFATF Mutual Evaluation Report of Barbados - 2018CFATF Mutual Evaluation Report of Barbados - 2018
CFATF Mutual Evaluation Report of Barbados - 2018Clare O'Hare
 
Entrepreneurship Chap 5
Entrepreneurship Chap 5Entrepreneurship Chap 5
Entrepreneurship Chap 5Umair Arain
 
2015 EastPay Info Exchange - Best Supporting Actor is Vendor Management
2015 EastPay Info Exchange - Best Supporting Actor is Vendor Management2015 EastPay Info Exchange - Best Supporting Actor is Vendor Management
2015 EastPay Info Exchange - Best Supporting Actor is Vendor ManagementBrent Siegel
 
Fraud Control Framework
Fraud Control FrameworkFraud Control Framework
Fraud Control FrameworkRavi Nayak
 
Forensic Accounting An Ex Ante Ex post Evaluation for India
Forensic Accounting An Ex Ante Ex post Evaluation for IndiaForensic Accounting An Ex Ante Ex post Evaluation for India
Forensic Accounting An Ex Ante Ex post Evaluation for Indiaijtsrd
 
2016 - IQPC - The key to raising awareness and comprehension
2016 - IQPC - The key to raising awareness and comprehension2016 - IQPC - The key to raising awareness and comprehension
2016 - IQPC - The key to raising awareness and comprehensionDr Darren O'Connell AGIA
 

Similar to Third Party Compliance: Issues and Strategies to Mitigate Corruption Related Risk (20)

652L17_S Anti- Corruption ZUR
652L17_S Anti- Corruption ZUR652L17_S Anti- Corruption ZUR
652L17_S Anti- Corruption ZUR
 
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
 
ACI's FCPA & Anti-Corruption for the Life Sciences Industry
ACI's FCPA & Anti-Corruption for the Life Sciences IndustryACI's FCPA & Anti-Corruption for the Life Sciences Industry
ACI's FCPA & Anti-Corruption for the Life Sciences Industry
 
CFATF Mutual Evaluation Republic of Haiti 2019 - Ratings
CFATF Mutual Evaluation Republic of Haiti 2019 - RatingsCFATF Mutual Evaluation Republic of Haiti 2019 - Ratings
CFATF Mutual Evaluation Republic of Haiti 2019 - Ratings
 
E-book: How to manage Anti-Money Laundering and Counter Financing of Terroris...
E-book: How to manage Anti-Money Laundering and Counter Financing of Terroris...E-book: How to manage Anti-Money Laundering and Counter Financing of Terroris...
E-book: How to manage Anti-Money Laundering and Counter Financing of Terroris...
 
AML Meets ABC Webinar Deck 2-19-14
AML Meets ABC Webinar Deck 2-19-14AML Meets ABC Webinar Deck 2-19-14
AML Meets ABC Webinar Deck 2-19-14
 
Mutual Evaluation Report of China, 2019 - Ratings
Mutual Evaluation Report of China, 2019 - RatingsMutual Evaluation Report of China, 2019 - Ratings
Mutual Evaluation Report of China, 2019 - Ratings
 
Brooks
BrooksBrooks
Brooks
 
Understanding the linkages between corruption, taxation and illicit financial...
Understanding the linkages between corruption, taxation and illicit financial...Understanding the linkages between corruption, taxation and illicit financial...
Understanding the linkages between corruption, taxation and illicit financial...
 
Thomson Reuters Third Party Risk Solutions
Thomson Reuters Third Party Risk SolutionsThomson Reuters Third Party Risk Solutions
Thomson Reuters Third Party Risk Solutions
 
Anti-Bribery and Corruption Compliance for Third Parties
Anti-Bribery and Corruption Compliance for Third PartiesAnti-Bribery and Corruption Compliance for Third Parties
Anti-Bribery and Corruption Compliance for Third Parties
 
Mutual Evaluation Report of Samoa
Mutual Evaluation Report of SamoaMutual Evaluation Report of Samoa
Mutual Evaluation Report of Samoa
 
CFATF Mutual Evaluation Report of Barbados - 2018
CFATF Mutual Evaluation Report of Barbados - 2018CFATF Mutual Evaluation Report of Barbados - 2018
CFATF Mutual Evaluation Report of Barbados - 2018
 
APG's Mutual Evaluation Report Palau 2018
APG's Mutual Evaluation Report Palau 2018APG's Mutual Evaluation Report Palau 2018
APG's Mutual Evaluation Report Palau 2018
 
Entrepreneurship Chap 5
Entrepreneurship Chap 5Entrepreneurship Chap 5
Entrepreneurship Chap 5
 
2015 EastPay Info Exchange - Best Supporting Actor is Vendor Management
2015 EastPay Info Exchange - Best Supporting Actor is Vendor Management2015 EastPay Info Exchange - Best Supporting Actor is Vendor Management
2015 EastPay Info Exchange - Best Supporting Actor is Vendor Management
 
APG Mutual Evaluation of Fiji - 2016
APG Mutual Evaluation of Fiji - 2016APG Mutual Evaluation of Fiji - 2016
APG Mutual Evaluation of Fiji - 2016
 
Fraud Control Framework
Fraud Control FrameworkFraud Control Framework
Fraud Control Framework
 
Forensic Accounting An Ex Ante Ex post Evaluation for India
Forensic Accounting An Ex Ante Ex post Evaluation for IndiaForensic Accounting An Ex Ante Ex post Evaluation for India
Forensic Accounting An Ex Ante Ex post Evaluation for India
 
2016 - IQPC - The key to raising awareness and comprehension
2016 - IQPC - The key to raising awareness and comprehension2016 - IQPC - The key to raising awareness and comprehension
2016 - IQPC - The key to raising awareness and comprehension
 

Third Party Compliance: Issues and Strategies to Mitigate Corruption Related Risk

  • 1. THIRD PARTY COMPLIANCE: ISSUES AND STRATEGIES TO MITIGATE CORRUPTION-RELATED RISK MATTHEW RUBLE, SENIOR MANAGER DAN REYNOLDS, MANAGER GRANT THORNTON, LLP Institute of Internal Auditors- Philadelphia Chapter 2015 Spring Conference – Internal Audit 2020 APRIL 20, 2015
  • 2. The Philadelphia Chapter was established in 1943, and is the 5th affiliate chapter of The Institute of Internal Auditors (IIA). The Philadelphia Chapter, its board of governors, its officers, The IIA , and today’s presenters are not responsible or liable for any acts or omissions and specifically disclaim any and all responsibility or liability for acts or omissions. The material contained herein or communicated is for informational purposes only and should not be construed as accounting, financial, tax, or legal advice. Please seek guidance specific to your questions or concerns from qualified advisors. All content including graphics or art work is protected by law and may not be duplicated in any form with out the express written permission from the Philadelphia Chapter. © 2014 Philadelphia Chapter of the IIA Disclaimer, Trademark, and Copyright Notice Philadelphia Chapter of the IIA IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
  • 3. AGENDA 3 • Corruption and Bribery • Foreign Corrupt Practices Act • Third Parties • Key Components of an Effective Third Party Program • Role of Internal Audit IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
  • 4. 4 CORRUPTION: • Abuse of entrusted power for private gain BRIBE: • Something valuable (such as money) that is given in order to get someone to do something IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
  • 5. BRIBERY AND CORRUPTION ARE GLOBAL CHALLENGES 5 Source: 2014 Corruption Perception Index (Transparency International) IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
  • 6. BRIBERY AND CORRUPTION ARE GLOBAL CHALLENGES 6 Source: 2013 Global Corruption Barometer (Transparency International) IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
  • 7. 7 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
  • 8. 8 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
  • 9. Social EconomicPolitical THE IMPACT OF CORRUPTION IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
  • 10. FOREIGN CORRUPT PRACTICES ACT (FCPA) 10 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE Anti-Bribery Provision • Prohibit offering or promising anything of value to a foreign government official to obtain or retain business. Books and Records Provision • Must maintain books and records that accurately and fairly reflect the entities transactions. • Must maintain a system of internal accounting controls.
  • 11. FCPA APPLIES TO: 11 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE Issuers Individuals in U.S. U.S. Citizens Entities with U.S. Presence Traded on U.S. Exchange
  • 12. BRIBERY – NOT JUST CASH… 12 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
  • 13. …ANYTHING OF VALUE 13 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
  • 14. FLIR SYSTEMS, INC. 14 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE Casablanca Paris Dubai Beirut New York City 20 Days 12 Hours $7 Million
  • 15. LARGEST FCPA ENFORCEMENT ACTIONS COMPANY COUNTRY PENALTY (Millions) YEAR Siemens Germany $800 2008 Alstom France $772 2014 KBR/Halliburton USA $579 2009 BAE UK $400 2010 Total SA France $398 2013 Alcoa USA $384 2014 Snamprogetti Netherlands B.V/ ENI S.p.A Netherlands /Italy $365 2010 Technip SA France $338 2010 JGC Corporation Japan $219 2011 Daimler AG Germany $185 2010 15 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
  • 16. 16 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE Reported FCPA cases involve third parties Companies that do not perform due diligence on their third parties Source: 12th Global Fraud Survey - 2013 THIRD PARTY RISK
  • 17. 17 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE THIRD PARTY RISK
  • 18. THIRD PARTY RISK 18 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE Third Party Population Third Party Representatives A third party is any entity or person providing goods and/or services to an organization. A third party representative is any entity or person that acts on behalf of an organization.
  • 19. KEY COMPONENTS OF A SUCCESSFUL PROGRAM 19 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
  • 20. 20 IIA PHILADELPHIA CHAPTER 20134 SPRING CONFERENCE OPERATING MODEL COMPONENTS CORPORATE OBJECTIVES KEY RISK DOMAINS THIRD PARTY RISK LIFECYCLE Text Text Third Party Risk Framework Governance Policies & standards Business processes Tools & technology Risk metrics & dashboard Risk culture Contractual risk Continuity of service/product risk Financial viability risk Transactional / Operational risk Credit risk Reputational risk Legal / regulatory risk Geo-political risk Information security risk Strategic risk Planning, risk identification Due, diligence, 3rd party selection Contract negotiation & on boarding Termination & off-boarding Growth/innovation (products/services) Improved client experience Cost optimization Improved time to market Risk & compliance mgmt On-going monitoring & mitigation Continuous improvement
  • 21. THIRD PARTY MANAGEMENT LIFECYCLE 21 • Develop and implement a new, well- governed process to manage on-boarding of third parties – Confirm to whom/where they are doing business, and the means by which they conduct business, etc. • Conduct due diligence on third parties to assign levels of risk which determine the level of monitoring required • Train the workforce and third parties on the rules and risk of fraud and corruption • Monitor and detect transactions identify and act upon potential threats Risk Model Certification & Training Verification & Updates Reporting & Analytics Financial Controls Transaction Monitoring Onboarding IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
  • 22. 22 Services to be provided Transaction Level Geographic Risk Interactions with govt. officials Input From Business IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE RISK MODEL DEVELOPMENT High Risk Low Risk Moderate Risk
  • 23. 23 IIA PHILADELPHIA CHAPTER 20134 SPRING CONFERENCE STRONG TONE AT THE TOP SUPPORTING TONE AT THE MIDDLE PROPER STRATEGY & GOVERNANCE NETWORK OF SUPPPORT UTILIZE REPORTING AND ANALYTICS COMPREHENSIVE TRAINING THIRD PARTY MANAGEMENT: KEYS TO SUCCESS • Build and drive culture of compliance • Communicate often • Reinforce culture set forth by leaders • Conduct discussion-based programs • Don’t boil the ocean – take a risk based approach • Make training relevant • Train third parties on what is expected of them • Identify critical influencers across the globe • Develop regional/location champions • Develop robust reporting • Dashboards by region or business
  • 24. THIRD PARTY DUE DILIGENCE: MITIGATING RISKS 24 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
  • 25. THIRD PARTY DUE DILIGENCE 25 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE Due Diligence Process Third Party Recommendation
  • 26. DUE DILIGENCE PROCEDURES 26 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE Third Party Questionnaire Background/ Ownership Policies Business References Open Source Investigations Enforcement Action Databases Sanctions/ Watchlists Civil and Criminal Prosecutions Due Diligence Reports Negative Media (Local Language) Political Exposure State-Owned Entities
  • 27. 27 THIRD PARTY DUE DILIGENCE: MITIGATING RISK IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE Contract Terms • Anti-bribery language • Right to audit clause Anti- Corruption/Anti- Bribery Training • Local language Transaction Testing • Review internal books and records for transactions with third party Exercising Audit Rights • Review third party's books and records. Review Third Party's Compliance Program • Code of Conduct • Policies • Training
  • 28. COLLABORATION BETWEEN COMPLIANCE AND INTERNAL AUDIT 28 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE
  • 29. 29 IIA PHILADELPHIA CHAPTER 20134 SPRING CONFERENCE Third Party Program Audit Third Party Program can : - provide "of interest" third parties by region/country - share investigation findings and recommendations for "of interest" third parties - provide a random sample third parties Audit can: - share audit findings of third party investigations - gather and provide contracts, written agreements, other relevant data - request investigations on third parties COLLABORATION BETWEEN AUDIT AND COMPLIANCE • To maintain independence, Audit should not be part of day-to-day management of the program • Audit can provide an opinion on the compliance program
  • 30. THIRD PARTY AUDITS 30 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE Review due diligence performed by compliance Level 1: Internal Books and Records Review Level 2: Third Party Books and Records Review (Exercise Right to Audit Clause) Level 3: Third Party Compliance Program Review
  • 31. OUTLOOK AND RESOURCES IIA PHILADELPHIA CHAPTER 20134 SPRING CONFERENCE 31
  • 32. CORRUPTION OUTLOOK 32 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE • Prosecution of individuals (FCPA) • DOJ tripled their task force 10 to 30 • Continued Industry sweeps • More countries developing similar legislation – Brazilian clean company act January 2014
  • 33. RESOURCES 33 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE • FCPA (legislation): http://www.justice.gov/criminal/fraud/fcpa/ • "A Resource Guide to the U.S. Foreign Corrupt Practices Act" http://www.justice.gov/criminal/fraud/fcpa/guidance/guid e.pdf • Transparency International http://www.transparency.org/
  • 34. LET'S KEEP THE CONVERSATION GOING 34 IIA PHILADELPHIA CHAPTER 2015 SPRING CONFERENCE • Matthew Ruble – Matthew.Ruble@us.gt.com – linkedin.com/in/matthewruble • Dan Reynolds – Dan.Reynolds@us.gt.com – Twitter: @DanReynoldsCFE – linkedin.com/in/dreynoldscfe