SlideShare a Scribd company logo

June 2016 - By Michael Heller

M
Michael Heller
1 of 6
Download to read offline
Third Party Risk Management— WHAT TO CONSIDER
1 The generally accepted U.S. and international guidelines for conducting anti-corruption reviews on third parties have not changed significantly since the U.S. Department of Justice and the Securities and Exchange Commission released its Resource Guide to the U.S. Foreign Corrupt Practices Act in November 2012. Nonetheless, recent trends indicate stricter scrutiny of supplier and customer relationships thus requiring some level of due diligence. Figure 1 below highlights a significant increase after 2014 in the requirement of due diligence reviews of suppliers, customers/ clients and third party agents or consultants. In addition to anti- corruption compliance, potential drivers of this trend could be due to an increased recognition of the value of due diligence in managing sanctions, supply chain and reputational risk. Third Party Risk Management —What to Consider M I C H A E L H E L L E R D I R E C T O R , R I S K A N D C O M P L I A N C E Figure 1. Source: 2016 Dow Jones Risk and Compliance Global Anti-Corruption Survey More than 65% of respondents claim that M&A targets “always” require due diligence, followed by senior level executives, sales agents and customers/ clients. 66% 60% 59% 58% 56% 50% 63% 57% 60% 63% 62% 51% 70% 52% 47% 43% 43% 28% M&A targets Senior level executives/ board members Sales agents Customers/clients Third party agents or consultants Suppliers % Mentioning Each as Always Requiring Due Diligence 2016 2015 2014 T A R G E T S R E Q U I R I N G D U E D I L I G E N C E
As additional stakeholders adopt due diligence procedures to manage third party risk, it is worth revisiting how to properly identify and weigh different factors to achieve a tailored and efficient approach. R I S K R A N K I N G There is no expectation that every due diligence review requires the same depth of effort— not all third parties are created equal. As noted in the Resource Guide, “DOJ and SEC will give meaningful credit to a company that implements in good faith a comprehensive, risk-based compliance program, even if that program does not prevent an infraction in a low risk area because greater attention and resources had been devoted to a higher risk area.” While there is of course no ‘one size fits all’ model for companies to follow, the factors below could influence the allocation of time, budget, and resources to the process. 1 . S I Z E O F O P P O R T U N I T Y How much is the company willing to spend on the opportunity and how much revenue will it generate? For example, is the contract for $5,000 or $5,000,000? The business endeavor would not make sense if the cost of due diligence outweighs the opportunity or revenue gain (this includes intangible advantages). The amount at stake can impact how thorough the investigation should be and how much to invest in the review. 2 . P R O X I M I T Y T O T H E G O V E R N M E N T Identify whether the relationship involves a government agency or determine how much ownership, influence or control, if any, can be attributed to the government. Independently identifying this type of information can be challenging, though fortunately, there are databases that contain lists of state-owned enterprises, which are typically defined by percentage of government ownership or other measures of influence such as control of the board of directors. Strategic and heavily regulated industries tend to be the subject of greater influence by the state. The Resource Guide notes factors to consider include “level of involvement with governments, amount of government regulation and oversight and exposure to customs and immigration in conducting business affairs.” 3 . C O U N T R Y R I S K The corruption risk in the country or countries of the transaction or relationship should also play a significant role in the calculation. Seen in the 2016 Annual Anti- Corruption Survey conducted by Dow Jones, 83% of respondents risk-rank the countries of their third parties as part of their review process—a 10% increase from 2015. The survey found that 72% of corporate compliance staffers use Transparency International’s Corruption Perception Index, and 56% use a compilation of internal data. 4. A COMBIN AT ION T HEREOF Government regulators are pretty clear that the risk rating for all three of the aforementioned factors (size of opportunity, proximity to the government, and country risk) should have a significant bearing on the requisite due diligence. According to the Resource Guide, “a $50 million contract with a government agency in a high-risk country warrants greater scrutiny than modest and routine gifts and entertainment.” 5. T Y P E S OF T HIR D PA R T IE S The nature of the third party relationship should also factor into the risk ranking equation. For instance, corruption and other risk exposure can be different when dealing with customers, vendors, agents, channel partners, acquisitions, joint ventures or other business relationships. Bear in mind that the FCPA “was enacted for the purpose of making it unlawful for certain classes of persons and entities to make payments to foreign government officials to assist in obtaining or retaining business.” Accordingly, it is important to ask what types of relationships play the most direct role in achieving this result. Seen in the 2016 Annual Anti-Corruption Survey conducted by Dow Jones, 83% of respondents risk-rank the countries of their third parties as part of their review process— a 10% increase from 2015. 2
I N D U S T R Y Certain industries, for a variety of different factors, can require additional due diligence measures to manage third party risk. Recent enforcement trends in a particular sector as well as high risk industries such as defense and oil and gas can indicate the need for stricter scrutiny of third party relationships. O T H E R C O N S I D E R AT I O N S Any legal, regulatory, or reputational information already known about the third party or uncovered during the relationship and the questionnaire process should also be taken into account. Another risk factor includes payment requests in countries not related to the jurisdiction where the transaction takes place or where the third party is based, which is especially an issue when that country has lax anti-money laundering controls in the banking sector or is a tax haven. T H E “ R I G H T ” L E V E L O F D U E D I L I G E N C E Risk ranking driven by the variables outlined above, as well as the organization’s risk tolerance, will dictate the time, budget and resources allocated to investigative due diligence. As seen in the 2016 Annual Anti- Corruption Survey, investigative due diligence typically can uncover information including beneficial ownership, negative news, financial stability and performance, reputation, regulatory issues, and information on senior executives (including political affiliation) to name a few (for details, see Figure 3.) 3 72% 73% 83% 0% 20% 40% 60% 80% 100% Currently Risk-Rank Countries 72% 56% 33% 10% 67% 61% 40% 8% 75% 49% 30% 9% Transparency International CPI Country risk data compiled internally Subscription to country risk data Other Information Sources Used To Risk-Rank Countries (among companies that risk-rank countries) 2016 2015 20142014 2015 2016 72% 73% 83% 0% 20% 40% 60% 80% 100% Currently Risk-Rank Countries 72% 56% 33% 10% 67% 61% 40% 8% 75 49% 30% 9% Transparency International CPI Country risk data compiled internally Subscription to country risk data Other Information Sources Used To Risk-Rank Countries (among companies that risk-rank countries) 2016 2015 20142014 2015 2016 86% 79% 76% 70% 64% 62% 59% 42% 81% 73% 76% 71% 63% 65% 64% 43% 85% 79% 76% 79% 71% 59% 58% 44% Company ownership Financial stability/performance Media search for negative news Reputation Senior executives Government connections Involvement in regulatory issues Use of third parties 2016 2015 2014 The proportion of respondents from companies that risk-rank countries increases to more than 80%. Transparency International’s Index continues to be the most-used information source for risk-ranking countries, followed by internally compiled risk data. Research on company ownership, financial performance, negative news and reputation continue to be the types of preliminary due diligence conducted most often. C O U N T R Y R I S K R A N K I N G R E S E A R C H T Y P I C A L LY C O N D U C T E D I N P R E L I M I N A R Y D U E D I L I G E N C E Figure 2. Source: 2016 Dow Jones Risk and Compliance Global Anti-Corruption Survey Figure 3. Source: 2016 Dow Jones Risk and Compliance Global Anti-Corruption Survey
Information is often obtained from the third party via a questionnaire process before being independently verified or developed during the subsequent diligence process. There are multiple ways to identify this information through simple screening against structured risk data to conducting desktop research in-house or outsourcing that research. In certain high-risk scenarios, it might be necessary to conduct an in-depth active investigation in-country. R I S K M O N I T O R I N G A N D U P D AT I N G Risk ranking also drives the type and frequency of monitoring and updating of due diligence on third parties. The graphic above provides insight to the different approaches. C O N C L U S I O N Risk ranking, at the very least, shows the regulators that time and thought went into a third party diligence program and, as stated in the Resource Guide, meaningful credit will be given for a good faith, comprehensive effort. B I O G R A P H Y Michael Heller Director, Risk and Compliance Michael has held multiple consulting roles focused on risk management and enhanced due diligence over his career. He worked as a consultant with the Business Intelligence Group, the Anti-Money Laundering Group at Goldman Sachs & Co in New York City, and served as CCO and Internal Counsel at Abacus Wealth Partners. Michael holds a Juris Doctor from the University of San Diego School of Law and is a member of the State Bar of California. 4% 4% 6% 35% 36% 37% 15% 9% 10% 6% 4% 5% 9% 9% 7% 28% 38% 34% Annually Every two years Every three years Event-driven Varies by target risk Other Never 2014 2015 2016 Nearly 35% of respondents report their companies conduct annual due diligence updates; a similar proportion bases the frequency of updates on target risk levels. F R E Q U E N C Y O F D U E D I L I G E N C E U P D A T I N G Figure 4. Source: 2016 Dow Jones Risk and Compliance Global Anti-Corruption Survey
Dow Jones Risk and Compliance Dow Jones Risk and Compliance is a global provider of risk management and regulatory compliance information, delivering targeted content to organizations around the world. Our market-leading data helps financial institutions and businesses have greater control managing Anti-Money Laundering, Anti-Bribery and Corruption, Economic Sanctions, Third Party Due Diligence and Commercial Risk operations. With a global team of expert researchers covering more than 60 languages, our risk and compliance data is information rich, accurate and timely, enabling our clients to make better quality decisions faster and with greater confidence. For more information, visit www.dowjones.com/risk RISK AND COMPLIANCE

Recommended

FCR Report 2017
FCR Report 2017FCR Report 2017
FCR Report 2017Gillian Faichnie
 
Definitive guide to third-party risk management - how to successfully mitigat...
Definitive guide to third-party risk management - how to successfully mitigat...Definitive guide to third-party risk management - how to successfully mitigat...
Definitive guide to third-party risk management - how to successfully mitigat...Kyiv National Economic University
 
Всемирный обзор экономических преступлений за 2016 год
Всемирный обзор экономических преступлений за 2016 годВсемирный обзор экономических преступлений за 2016 год
Всемирный обзор экономических преступлений за 2016 годPwC Russia
 
ethiXbase-Anti-Corruption-Compliance-Achieving-100-percent-third-party-due-di...
ethiXbase-Anti-Corruption-Compliance-Achieving-100-percent-third-party-due-di...ethiXbase-Anti-Corruption-Compliance-Achieving-100-percent-third-party-due-di...
ethiXbase-Anti-Corruption-Compliance-Achieving-100-percent-third-party-due-di...Leas Bachatene
 
Первый выпуск PwC Индекса противодействия коррупции
Первый выпуск PwC Индекса противодействия коррупцииПервый выпуск PwC Индекса противодействия коррупции
Первый выпуск PwC Индекса противодействия коррупцииPwC Russia
 
Global economic crime and fraude survey 2018
Global economic crime and fraude survey 2018Global economic crime and fraude survey 2018
Global economic crime and fraude survey 2018Paperjam_redaction
 
CostofCompliance_2016.compressed
CostofCompliance_2016.compressedCostofCompliance_2016.compressed
CostofCompliance_2016.compressedConor Coughlan
 
201206 Tech Decisions: Finding Profits
201206 Tech Decisions: Finding Profits201206 Tech Decisions: Finding Profits
201206 Tech Decisions: Finding ProfitsSteven Callahan
 

Recommended

FCR Report 2017
FCR Report 2017FCR Report 2017
FCR Report 2017Gillian Faichnie
 
Definitive guide to third-party risk management - how to successfully mitigat...
Definitive guide to third-party risk management - how to successfully mitigat...Definitive guide to third-party risk management - how to successfully mitigat...
Definitive guide to third-party risk management - how to successfully mitigat...Kyiv National Economic University
 
Всемирный обзор экономических преступлений за 2016 год
Всемирный обзор экономических преступлений за 2016 годВсемирный обзор экономических преступлений за 2016 год
Всемирный обзор экономических преступлений за 2016 годPwC Russia
 
ethiXbase-Anti-Corruption-Compliance-Achieving-100-percent-third-party-due-di...
ethiXbase-Anti-Corruption-Compliance-Achieving-100-percent-third-party-due-di...ethiXbase-Anti-Corruption-Compliance-Achieving-100-percent-third-party-due-di...
ethiXbase-Anti-Corruption-Compliance-Achieving-100-percent-third-party-due-di...Leas Bachatene
 
Первый выпуск PwC Индекса противодействия коррупции
Первый выпуск PwC Индекса противодействия коррупцииПервый выпуск PwC Индекса противодействия коррупции
Первый выпуск PwC Индекса противодействия коррупцииPwC Russia
 
Global economic crime and fraude survey 2018
Global economic crime and fraude survey 2018Global economic crime and fraude survey 2018
Global economic crime and fraude survey 2018Paperjam_redaction
 
CostofCompliance_2016.compressed
CostofCompliance_2016.compressedCostofCompliance_2016.compressed
CostofCompliance_2016.compressedConor Coughlan
 
201206 Tech Decisions: Finding Profits
201206 Tech Decisions: Finding Profits201206 Tech Decisions: Finding Profits
201206 Tech Decisions: Finding ProfitsSteven Callahan
 
Global Enforcement Review 2017
Global Enforcement Review 2017Global Enforcement Review 2017
Global Enforcement Review 2017Duff & Phelps
 
Adding internal audit value: Strategically leveraging compliance activities
Adding internal audit value: Strategically leveraging compliance activitiesAdding internal audit value: Strategically leveraging compliance activities
Adding internal audit value: Strategically leveraging compliance activitiesGrant Thornton LLP
 
Etude PwC "Crime Survey 2014" sur la fraude dans le secteur pharmaceutique (o...
Etude PwC "Crime Survey 2014" sur la fraude dans le secteur pharmaceutique (o...Etude PwC "Crime Survey 2014" sur la fraude dans le secteur pharmaceutique (o...
Etude PwC "Crime Survey 2014" sur la fraude dans le secteur pharmaceutique (o...PwC France
 
Who is the Regulator?
Who is the Regulator?Who is the Regulator?
Who is the Regulator?Duff & Phelps
 
Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...
Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...
Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...EY
 
Social Media Marketing: India Trends Study 2013
Social Media Marketing: India Trends Study 2013Social Media Marketing: India Trends Study 2013
Social Media Marketing: India Trends Study 2013Vikrant Mudaliar
 
Pwc 2015 Technology Sector Sec Comment Letter Trends
Pwc 2015 Technology Sector Sec Comment Letter TrendsPwc 2015 Technology Sector Sec Comment Letter Trends
Pwc 2015 Technology Sector Sec Comment Letter TrendsPwC
 
Navigating todays complex_business_risks
Navigating todays complex_business_risksNavigating todays complex_business_risks
Navigating todays complex_business_risksntpinto
 
Modern Slavery Supply Chain
Modern Slavery Supply Chain Modern Slavery Supply Chain
Modern Slavery Supply Chain ethiXbase
 
Chief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk managementChief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk managementGrant Thornton LLP
 
Cannabis, Crypto, and Broker-Dealers in the AML hot seat
Cannabis, Crypto, and Broker-Dealers in the AML hot seatCannabis, Crypto, and Broker-Dealers in the AML hot seat
Cannabis, Crypto, and Broker-Dealers in the AML hot seatJoseph V. Moreno
 
CAEs speak out: Cybersecurity seen as key threat to growth
CAEs speak out: Cybersecurity seen as key threat to growthCAEs speak out: Cybersecurity seen as key threat to growth
CAEs speak out: Cybersecurity seen as key threat to growthGrant Thornton LLP
 
Health Services Tax Conference Day Two
Health Services Tax Conference Day TwoHealth Services Tax Conference Day Two
Health Services Tax Conference Day TwoPwC
 
Fraud Detection using Data Mining Project
Fraud Detection using Data Mining ProjectFraud Detection using Data Mining Project
Fraud Detection using Data Mining ProjectAlbert Kennedy III
 
Doing business in China – Recent anti-corruption and bribery
Doing business in China – Recent anti-corruption and briberyDoing business in China – Recent anti-corruption and bribery
Doing business in China – Recent anti-corruption and briberyGrant Thornton LLP
 
Valuation Insights - Q4 2016
Valuation Insights - Q4 2016Valuation Insights - Q4 2016
Valuation Insights - Q4 2016Duff & Phelps
 
Detecting and Preventing Payroll Fraud
Detecting and Preventing Payroll FraudDetecting and Preventing Payroll Fraud
Detecting and Preventing Payroll FraudCase IQ
 
2016 cost of data breach study brasil
2016 cost of data breach study brasil2016 cost of data breach study brasil
2016 cost of data breach study brasilJoão Rufino de Sales
 
Accounts Payable Fraud: Keys to Detection and Prevention
Accounts Payable Fraud: Keys to Detection and PreventionAccounts Payable Fraud: Keys to Detection and Prevention
Accounts Payable Fraud: Keys to Detection and PreventionCase IQ
 
Financial Services Barometer 2016
Financial Services Barometer 2016Financial Services Barometer 2016
Financial Services Barometer 2016Brunswick Group
 
Mi ple (mi entorno personal de aprendizaje
Mi ple (mi entorno personal de aprendizajeMi ple (mi entorno personal de aprendizaje
Mi ple (mi entorno personal de aprendizaje07129008
 
Anatomía de mi PLE
Anatomía de mi PLE Anatomía de mi PLE
Anatomía de mi PLEcoronadomedina
 

More Related Content

What's hot

Global Enforcement Review 2017
Global Enforcement Review 2017Global Enforcement Review 2017
Global Enforcement Review 2017Duff & Phelps
 
Adding internal audit value: Strategically leveraging compliance activities
Adding internal audit value: Strategically leveraging compliance activitiesAdding internal audit value: Strategically leveraging compliance activities
Adding internal audit value: Strategically leveraging compliance activitiesGrant Thornton LLP
 
Etude PwC "Crime Survey 2014" sur la fraude dans le secteur pharmaceutique (o...
Etude PwC "Crime Survey 2014" sur la fraude dans le secteur pharmaceutique (o...Etude PwC "Crime Survey 2014" sur la fraude dans le secteur pharmaceutique (o...
Etude PwC "Crime Survey 2014" sur la fraude dans le secteur pharmaceutique (o...PwC France
 
Who is the Regulator?
Who is the Regulator?Who is the Regulator?
Who is the Regulator?Duff & Phelps
 
Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...
Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...
Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...EY
 
Social Media Marketing: India Trends Study 2013
Social Media Marketing: India Trends Study 2013Social Media Marketing: India Trends Study 2013
Social Media Marketing: India Trends Study 2013Vikrant Mudaliar
 
Pwc 2015 Technology Sector Sec Comment Letter Trends
Pwc 2015 Technology Sector Sec Comment Letter TrendsPwc 2015 Technology Sector Sec Comment Letter Trends
Pwc 2015 Technology Sector Sec Comment Letter TrendsPwC
 
Navigating todays complex_business_risks
Navigating todays complex_business_risksNavigating todays complex_business_risks
Navigating todays complex_business_risksntpinto
 
Modern Slavery Supply Chain
Modern Slavery Supply Chain Modern Slavery Supply Chain
Modern Slavery Supply Chain ethiXbase
 
Chief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk managementChief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk managementGrant Thornton LLP
 
Cannabis, Crypto, and Broker-Dealers in the AML hot seat
Cannabis, Crypto, and Broker-Dealers in the AML hot seatCannabis, Crypto, and Broker-Dealers in the AML hot seat
Cannabis, Crypto, and Broker-Dealers in the AML hot seatJoseph V. Moreno
 
CAEs speak out: Cybersecurity seen as key threat to growth
CAEs speak out: Cybersecurity seen as key threat to growthCAEs speak out: Cybersecurity seen as key threat to growth
CAEs speak out: Cybersecurity seen as key threat to growthGrant Thornton LLP
 
Health Services Tax Conference Day Two
Health Services Tax Conference Day TwoHealth Services Tax Conference Day Two
Health Services Tax Conference Day TwoPwC
 
Fraud Detection using Data Mining Project
Fraud Detection using Data Mining ProjectFraud Detection using Data Mining Project
Fraud Detection using Data Mining ProjectAlbert Kennedy III
 
Doing business in China – Recent anti-corruption and bribery
Doing business in China – Recent anti-corruption and briberyDoing business in China – Recent anti-corruption and bribery
Doing business in China – Recent anti-corruption and briberyGrant Thornton LLP
 
Valuation Insights - Q4 2016
Valuation Insights - Q4 2016Valuation Insights - Q4 2016
Valuation Insights - Q4 2016Duff & Phelps
 
Detecting and Preventing Payroll Fraud
Detecting and Preventing Payroll FraudDetecting and Preventing Payroll Fraud
Detecting and Preventing Payroll FraudCase IQ
 
2016 cost of data breach study brasil
2016 cost of data breach study brasil2016 cost of data breach study brasil
2016 cost of data breach study brasilJoão Rufino de Sales
 
Accounts Payable Fraud: Keys to Detection and Prevention
Accounts Payable Fraud: Keys to Detection and PreventionAccounts Payable Fraud: Keys to Detection and Prevention
Accounts Payable Fraud: Keys to Detection and PreventionCase IQ
 
Financial Services Barometer 2016
Financial Services Barometer 2016Financial Services Barometer 2016
Financial Services Barometer 2016Brunswick Group
 

What's hot (20)

Global Enforcement Review 2017
Global Enforcement Review 2017Global Enforcement Review 2017
Global Enforcement Review 2017
 
Adding internal audit value: Strategically leveraging compliance activities
Adding internal audit value: Strategically leveraging compliance activitiesAdding internal audit value: Strategically leveraging compliance activities
Adding internal audit value: Strategically leveraging compliance activities
 
Etude PwC "Crime Survey 2014" sur la fraude dans le secteur pharmaceutique (o...
Etude PwC "Crime Survey 2014" sur la fraude dans le secteur pharmaceutique (o...Etude PwC "Crime Survey 2014" sur la fraude dans le secteur pharmaceutique (o...
Etude PwC "Crime Survey 2014" sur la fraude dans le secteur pharmaceutique (o...
 
Who is the Regulator?
Who is the Regulator?Who is the Regulator?
Who is the Regulator?
 
Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...
Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...
Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...
 
Social Media Marketing: India Trends Study 2013
Social Media Marketing: India Trends Study 2013Social Media Marketing: India Trends Study 2013
Social Media Marketing: India Trends Study 2013
 
Pwc 2015 Technology Sector Sec Comment Letter Trends
Pwc 2015 Technology Sector Sec Comment Letter TrendsPwc 2015 Technology Sector Sec Comment Letter Trends
Pwc 2015 Technology Sector Sec Comment Letter Trends
 
Navigating todays complex_business_risks
Navigating todays complex_business_risksNavigating todays complex_business_risks
Navigating todays complex_business_risks
 
Modern Slavery Supply Chain
Modern Slavery Supply Chain Modern Slavery Supply Chain
Modern Slavery Supply Chain
 
Chief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk managementChief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk management
 
Cannabis, Crypto, and Broker-Dealers in the AML hot seat
Cannabis, Crypto, and Broker-Dealers in the AML hot seatCannabis, Crypto, and Broker-Dealers in the AML hot seat
Cannabis, Crypto, and Broker-Dealers in the AML hot seat
 
CAEs speak out: Cybersecurity seen as key threat to growth
CAEs speak out: Cybersecurity seen as key threat to growthCAEs speak out: Cybersecurity seen as key threat to growth
CAEs speak out: Cybersecurity seen as key threat to growth
 
Health Services Tax Conference Day Two
Health Services Tax Conference Day TwoHealth Services Tax Conference Day Two
Health Services Tax Conference Day Two
 
Fraud Detection using Data Mining Project
Fraud Detection using Data Mining ProjectFraud Detection using Data Mining Project
Fraud Detection using Data Mining Project
 
Doing business in China – Recent anti-corruption and bribery
Doing business in China – Recent anti-corruption and briberyDoing business in China – Recent anti-corruption and bribery
Doing business in China – Recent anti-corruption and bribery
 
Valuation Insights - Q4 2016
Valuation Insights - Q4 2016Valuation Insights - Q4 2016
Valuation Insights - Q4 2016
 
Detecting and Preventing Payroll Fraud
Detecting and Preventing Payroll FraudDetecting and Preventing Payroll Fraud
Detecting and Preventing Payroll Fraud
 
2016 cost of data breach study brasil
2016 cost of data breach study brasil2016 cost of data breach study brasil
2016 cost of data breach study brasil
 
Accounts Payable Fraud: Keys to Detection and Prevention
Accounts Payable Fraud: Keys to Detection and PreventionAccounts Payable Fraud: Keys to Detection and Prevention
Accounts Payable Fraud: Keys to Detection and Prevention
 
Financial Services Barometer 2016
Financial Services Barometer 2016Financial Services Barometer 2016
Financial Services Barometer 2016
 

Viewers also liked

Mi ple (mi entorno personal de aprendizaje
Mi ple (mi entorno personal de aprendizajeMi ple (mi entorno personal de aprendizaje
Mi ple (mi entorno personal de aprendizaje07129008
 
Construyendo mi entorno personal de aprendizaje (PLE)
Construyendo mi entorno personal de aprendizaje (PLE)Construyendo mi entorno personal de aprendizaje (PLE)
Construyendo mi entorno personal de aprendizaje (PLE)Pablo García
 
Pull Production & Kanban Implementation Throughout the Supply
Pull Production & Kanban Implementation Throughout the SupplyPull Production & Kanban Implementation Throughout the Supply
Pull Production & Kanban Implementation Throughout the Supplyarsin1975
 
Production planning and control
Production planning and controlProduction planning and control
Production planning and controlSimran Kaur
 
Principles of Kanban - November 2016
Principles of Kanban - November 2016Principles of Kanban - November 2016
Principles of Kanban - November 2016W3 Group Canada Inc.
 
Lean production System - TPS
Lean production System - TPSLean production System - TPS
Lean production System - TPSPrakash Prakash
 
Production planning & control & Forecasting
Production planning & control & ForecastingProduction planning & control & Forecasting
Production planning & control & ForecastingJenıstön Delımä
 
The New Features and Enhancements in CA Workload Control Center (WCC) r11.4 S...
The New Features and Enhancements in CA Workload Control Center (WCC) r11.4 S...The New Features and Enhancements in CA Workload Control Center (WCC) r11.4 S...
The New Features and Enhancements in CA Workload Control Center (WCC) r11.4 S...Extra Technology
 
Production planning & control
Production planning & controlProduction planning & control
Production planning & controlamirthakarthi
 

Viewers also liked (14)

Mi ple (mi entorno personal de aprendizaje
Mi ple (mi entorno personal de aprendizajeMi ple (mi entorno personal de aprendizaje
Mi ple (mi entorno personal de aprendizaje
 
Anatomía de mi PLE
Anatomía de mi PLE Anatomía de mi PLE
Anatomía de mi PLE
 
Anatomía de mi ple
Anatomía de mi pleAnatomía de mi ple
Anatomía de mi ple
 
Construyendo mi entorno personal de aprendizaje (PLE)
Construyendo mi entorno personal de aprendizaje (PLE)Construyendo mi entorno personal de aprendizaje (PLE)
Construyendo mi entorno personal de aprendizaje (PLE)
 
OPC-TWS - Módulo 01
OPC-TWS - Módulo 01OPC-TWS - Módulo 01
OPC-TWS - Módulo 01
 
Pull Production & Kanban Implementation Throughout the Supply
Pull Production & Kanban Implementation Throughout the SupplyPull Production & Kanban Implementation Throughout the Supply
Pull Production & Kanban Implementation Throughout the Supply
 
Production planning and_control-an_introduction
Production planning and_control-an_introductionProduction planning and_control-an_introduction
Production planning and_control-an_introduction
 
0201B Lean Production
0201B Lean Production0201B Lean Production
0201B Lean Production
 
Production planning and control
Production planning and controlProduction planning and control
Production planning and control
 
Principles of Kanban - November 2016
Principles of Kanban - November 2016Principles of Kanban - November 2016
Principles of Kanban - November 2016
 
Lean production System - TPS
Lean production System - TPSLean production System - TPS
Lean production System - TPS
 
Production planning & control & Forecasting
Production planning & control & ForecastingProduction planning & control & Forecasting
Production planning & control & Forecasting
 
The New Features and Enhancements in CA Workload Control Center (WCC) r11.4 S...
The New Features and Enhancements in CA Workload Control Center (WCC) r11.4 S...The New Features and Enhancements in CA Workload Control Center (WCC) r11.4 S...
The New Features and Enhancements in CA Workload Control Center (WCC) r11.4 S...
 
Production planning & control
Production planning & controlProduction planning & control
Production planning & control
 

Similar to June 2016 - By Michael Heller

Anti-Bribery and Corruption Compliance for Third Parties
Anti-Bribery and Corruption Compliance for Third PartiesAnti-Bribery and Corruption Compliance for Third Parties
Anti-Bribery and Corruption Compliance for Third PartiesDun & Bradstreet
 
GRC15620_Report_-_Third_party_risk_exposing_the_gaps
GRC15620_Report_-_Third_party_risk_exposing_the_gapsGRC15620_Report_-_Third_party_risk_exposing_the_gaps
GRC15620_Report_-_Third_party_risk_exposing_the_gapsKate Tomlinson
 
The risk executive agenda -- A compendium of Deloitte insights
The risk executive agenda -- A compendium of Deloitte insights The risk executive agenda -- A compendium of Deloitte insights
The risk executive agenda -- A compendium of Deloitte insights Deloitte United States
 
Big risks require big data thinking, Global Forensic Data Analytics Survey 2014
Big risks require big data thinking, Global Forensic Data Analytics Survey 2014Big risks require big data thinking, Global Forensic Data Analytics Survey 2014
Big risks require big data thinking, Global Forensic Data Analytics Survey 2014EY
 
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...Ethisphere
 
JPMorgan Chase & Co. -Risk Assessment Report
JPMorgan Chase & Co. -Risk Assessment ReportJPMorgan Chase & Co. -Risk Assessment Report
JPMorgan Chase & Co. -Risk Assessment ReportDivya Kothari
 
Red Storm Rising
Red Storm RisingRed Storm Rising
Red Storm RisingJohn Bonora
 
UW - IMT 552-JPMorgan Chase & Co. Risk Assessment
UW - IMT 552-JPMorgan Chase & Co. Risk AssessmentUW - IMT 552-JPMorgan Chase & Co. Risk Assessment
UW - IMT 552-JPMorgan Chase & Co. Risk AssessmentAkshay Ajgaonkar
 
EY FIDS GLOBAL FORENSIC DATA ANALYTICS SURVEY 01142016
EY FIDS GLOBAL FORENSIC DATA ANALYTICS SURVEY 01142016EY FIDS GLOBAL FORENSIC DATA ANALYTICS SURVEY 01142016
EY FIDS GLOBAL FORENSIC DATA ANALYTICS SURVEY 01142016Harmaldeep Cassam
 
Risk Monitoring and Management Trends In Commodities
Risk Monitoring and Management Trends In CommoditiesRisk Monitoring and Management Trends In Commodities
Risk Monitoring and Management Trends In CommoditiesCTRM Center
 
IMT 552-JPMorgan Chase & Co. Risk Assessment v05
IMT 552-JPMorgan Chase & Co. Risk Assessment v05IMT 552-JPMorgan Chase & Co. Risk Assessment v05
IMT 552-JPMorgan Chase & Co. Risk Assessment v05Daniel Kapellmann Zafra
 
smartKYC&EYReportFeb2016wb
smartKYC&EYReportFeb2016wbsmartKYC&EYReportFeb2016wb
smartKYC&EYReportFeb2016wbHugo Chamberlain
 
_EY_smartKYC-Technological Innovations in KYC_3-16
_EY_smartKYC-Technological Innovations in KYC_3-16_EY_smartKYC-Technological Innovations in KYC_3-16
_EY_smartKYC-Technological Innovations in KYC_3-16Alessandro Tonchia
 
Survey report-dow-jones-metric stream-anti-corruption
Survey report-dow-jones-metric stream-anti-corruptionSurvey report-dow-jones-metric stream-anti-corruption
Survey report-dow-jones-metric stream-anti-corruptionKim Sherwood
 
Life Sciences 2016 (3)
Life Sciences 2016 (3)Life Sciences 2016 (3)
Life Sciences 2016 (3)hldorfman
 
PwC 2016 CEO Survey Insurance report
PwC 2016 CEO Survey Insurance report PwC 2016 CEO Survey Insurance report
PwC 2016 CEO Survey Insurance report PwC
 
Let me guess covid will be in all top risk studies this year
Let me guess covid will be in all top risk studies this yearLet me guess covid will be in all top risk studies this year
Let me guess covid will be in all top risk studies this yearHernan Huwyler, MBA CPA
 
Dr haluk f gursel, verifying the accountability of public servants
Dr haluk f gursel, verifying the accountability of public servantsDr haluk f gursel, verifying the accountability of public servants
Dr haluk f gursel, verifying the accountability of public servantsHaluk Ferden Gursel
 

Similar to June 2016 - By Michael Heller (20)

Anti-Bribery and Corruption Compliance for Third Parties
Anti-Bribery and Corruption Compliance for Third PartiesAnti-Bribery and Corruption Compliance for Third Parties
Anti-Bribery and Corruption Compliance for Third Parties
 
GRC15620_Report_-_Third_party_risk_exposing_the_gaps
GRC15620_Report_-_Third_party_risk_exposing_the_gapsGRC15620_Report_-_Third_party_risk_exposing_the_gaps
GRC15620_Report_-_Third_party_risk_exposing_the_gaps
 
The risk executive agenda -- A compendium of Deloitte insights
The risk executive agenda -- A compendium of Deloitte insights The risk executive agenda -- A compendium of Deloitte insights
The risk executive agenda -- A compendium of Deloitte insights
 
My slides
My slidesMy slides
My slides
 
Big risks require big data thinking, Global Forensic Data Analytics Survey 2014
Big risks require big data thinking, Global Forensic Data Analytics Survey 2014Big risks require big data thinking, Global Forensic Data Analytics Survey 2014
Big risks require big data thinking, Global Forensic Data Analytics Survey 2014
 
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
 
Economic-Crime-Thailand-PwC-Consulting
Economic-Crime-Thailand-PwC-ConsultingEconomic-Crime-Thailand-PwC-Consulting
Economic-Crime-Thailand-PwC-Consulting
 
JPMorgan Chase & Co. -Risk Assessment Report
JPMorgan Chase & Co. -Risk Assessment ReportJPMorgan Chase & Co. -Risk Assessment Report
JPMorgan Chase & Co. -Risk Assessment Report
 
Red Storm Rising
Red Storm RisingRed Storm Rising
Red Storm Rising
 
UW - IMT 552-JPMorgan Chase & Co. Risk Assessment
UW - IMT 552-JPMorgan Chase & Co. Risk AssessmentUW - IMT 552-JPMorgan Chase & Co. Risk Assessment
UW - IMT 552-JPMorgan Chase & Co. Risk Assessment
 
EY FIDS GLOBAL FORENSIC DATA ANALYTICS SURVEY 01142016
EY FIDS GLOBAL FORENSIC DATA ANALYTICS SURVEY 01142016EY FIDS GLOBAL FORENSIC DATA ANALYTICS SURVEY 01142016
EY FIDS GLOBAL FORENSIC DATA ANALYTICS SURVEY 01142016
 
Risk Monitoring and Management Trends In Commodities
Risk Monitoring and Management Trends In CommoditiesRisk Monitoring and Management Trends In Commodities
Risk Monitoring and Management Trends In Commodities
 
IMT 552-JPMorgan Chase & Co. Risk Assessment v05
IMT 552-JPMorgan Chase & Co. Risk Assessment v05IMT 552-JPMorgan Chase & Co. Risk Assessment v05
IMT 552-JPMorgan Chase & Co. Risk Assessment v05
 
smartKYC&EYReportFeb2016wb
smartKYC&EYReportFeb2016wbsmartKYC&EYReportFeb2016wb
smartKYC&EYReportFeb2016wb
 
_EY_smartKYC-Technological Innovations in KYC_3-16
_EY_smartKYC-Technological Innovations in KYC_3-16_EY_smartKYC-Technological Innovations in KYC_3-16
_EY_smartKYC-Technological Innovations in KYC_3-16
 
Survey report-dow-jones-metric stream-anti-corruption
Survey report-dow-jones-metric stream-anti-corruptionSurvey report-dow-jones-metric stream-anti-corruption
Survey report-dow-jones-metric stream-anti-corruption
 
Life Sciences 2016 (3)
Life Sciences 2016 (3)Life Sciences 2016 (3)
Life Sciences 2016 (3)
 
PwC 2016 CEO Survey Insurance report
PwC 2016 CEO Survey Insurance report PwC 2016 CEO Survey Insurance report
PwC 2016 CEO Survey Insurance report
 
Let me guess covid will be in all top risk studies this year
Let me guess covid will be in all top risk studies this yearLet me guess covid will be in all top risk studies this year
Let me guess covid will be in all top risk studies this year
 
Dr haluk f gursel, verifying the accountability of public servants
Dr haluk f gursel, verifying the accountability of public servantsDr haluk f gursel, verifying the accountability of public servants
Dr haluk f gursel, verifying the accountability of public servants
 

June 2016 - By Michael Heller

  • 2. 1 The generally accepted U.S. and international guidelines for conducting anti-corruption reviews on third parties have not changed significantly since the U.S. Department of Justice and the Securities and Exchange Commission released its Resource Guide to the U.S. Foreign Corrupt Practices Act in November 2012. Nonetheless, recent trends indicate stricter scrutiny of supplier and customer relationships thus requiring some level of due diligence. Figure 1 below highlights a significant increase after 2014 in the requirement of due diligence reviews of suppliers, customers/ clients and third party agents or consultants. In addition to anti- corruption compliance, potential drivers of this trend could be due to an increased recognition of the value of due diligence in managing sanctions, supply chain and reputational risk. Third Party Risk Management —What to Consider M I C H A E L H E L L E R D I R E C T O R , R I S K A N D C O M P L I A N C E Figure 1. Source: 2016 Dow Jones Risk and Compliance Global Anti-Corruption Survey More than 65% of respondents claim that M&A targets “always” require due diligence, followed by senior level executives, sales agents and customers/ clients. 66% 60% 59% 58% 56% 50% 63% 57% 60% 63% 62% 51% 70% 52% 47% 43% 43% 28% M&A targets Senior level executives/ board members Sales agents Customers/clients Third party agents or consultants Suppliers % Mentioning Each as Always Requiring Due Diligence 2016 2015 2014 T A R G E T S R E Q U I R I N G D U E D I L I G E N C E
  • 3. As additional stakeholders adopt due diligence procedures to manage third party risk, it is worth revisiting how to properly identify and weigh different factors to achieve a tailored and efficient approach. R I S K R A N K I N G There is no expectation that every due diligence review requires the same depth of effort— not all third parties are created equal. As noted in the Resource Guide, “DOJ and SEC will give meaningful credit to a company that implements in good faith a comprehensive, risk-based compliance program, even if that program does not prevent an infraction in a low risk area because greater attention and resources had been devoted to a higher risk area.” While there is of course no ‘one size fits all’ model for companies to follow, the factors below could influence the allocation of time, budget, and resources to the process. 1 . S I Z E O F O P P O R T U N I T Y How much is the company willing to spend on the opportunity and how much revenue will it generate? For example, is the contract for $5,000 or $5,000,000? The business endeavor would not make sense if the cost of due diligence outweighs the opportunity or revenue gain (this includes intangible advantages). The amount at stake can impact how thorough the investigation should be and how much to invest in the review. 2 . P R O X I M I T Y T O T H E G O V E R N M E N T Identify whether the relationship involves a government agency or determine how much ownership, influence or control, if any, can be attributed to the government. Independently identifying this type of information can be challenging, though fortunately, there are databases that contain lists of state-owned enterprises, which are typically defined by percentage of government ownership or other measures of influence such as control of the board of directors. Strategic and heavily regulated industries tend to be the subject of greater influence by the state. The Resource Guide notes factors to consider include “level of involvement with governments, amount of government regulation and oversight and exposure to customs and immigration in conducting business affairs.” 3 . C O U N T R Y R I S K The corruption risk in the country or countries of the transaction or relationship should also play a significant role in the calculation. Seen in the 2016 Annual Anti- Corruption Survey conducted by Dow Jones, 83% of respondents risk-rank the countries of their third parties as part of their review process—a 10% increase from 2015. The survey found that 72% of corporate compliance staffers use Transparency International’s Corruption Perception Index, and 56% use a compilation of internal data. 4. A COMBIN AT ION T HEREOF Government regulators are pretty clear that the risk rating for all three of the aforementioned factors (size of opportunity, proximity to the government, and country risk) should have a significant bearing on the requisite due diligence. According to the Resource Guide, “a $50 million contract with a government agency in a high-risk country warrants greater scrutiny than modest and routine gifts and entertainment.” 5. T Y P E S OF T HIR D PA R T IE S The nature of the third party relationship should also factor into the risk ranking equation. For instance, corruption and other risk exposure can be different when dealing with customers, vendors, agents, channel partners, acquisitions, joint ventures or other business relationships. Bear in mind that the FCPA “was enacted for the purpose of making it unlawful for certain classes of persons and entities to make payments to foreign government officials to assist in obtaining or retaining business.” Accordingly, it is important to ask what types of relationships play the most direct role in achieving this result. Seen in the 2016 Annual Anti-Corruption Survey conducted by Dow Jones, 83% of respondents risk-rank the countries of their third parties as part of their review process— a 10% increase from 2015. 2
  • 4. I N D U S T R Y Certain industries, for a variety of different factors, can require additional due diligence measures to manage third party risk. Recent enforcement trends in a particular sector as well as high risk industries such as defense and oil and gas can indicate the need for stricter scrutiny of third party relationships. O T H E R C O N S I D E R AT I O N S Any legal, regulatory, or reputational information already known about the third party or uncovered during the relationship and the questionnaire process should also be taken into account. Another risk factor includes payment requests in countries not related to the jurisdiction where the transaction takes place or where the third party is based, which is especially an issue when that country has lax anti-money laundering controls in the banking sector or is a tax haven. T H E “ R I G H T ” L E V E L O F D U E D I L I G E N C E Risk ranking driven by the variables outlined above, as well as the organization’s risk tolerance, will dictate the time, budget and resources allocated to investigative due diligence. As seen in the 2016 Annual Anti- Corruption Survey, investigative due diligence typically can uncover information including beneficial ownership, negative news, financial stability and performance, reputation, regulatory issues, and information on senior executives (including political affiliation) to name a few (for details, see Figure 3.) 3 72% 73% 83% 0% 20% 40% 60% 80% 100% Currently Risk-Rank Countries 72% 56% 33% 10% 67% 61% 40% 8% 75% 49% 30% 9% Transparency International CPI Country risk data compiled internally Subscription to country risk data Other Information Sources Used To Risk-Rank Countries (among companies that risk-rank countries) 2016 2015 20142014 2015 2016 72% 73% 83% 0% 20% 40% 60% 80% 100% Currently Risk-Rank Countries 72% 56% 33% 10% 67% 61% 40% 8% 75 49% 30% 9% Transparency International CPI Country risk data compiled internally Subscription to country risk data Other Information Sources Used To Risk-Rank Countries (among companies that risk-rank countries) 2016 2015 20142014 2015 2016 86% 79% 76% 70% 64% 62% 59% 42% 81% 73% 76% 71% 63% 65% 64% 43% 85% 79% 76% 79% 71% 59% 58% 44% Company ownership Financial stability/performance Media search for negative news Reputation Senior executives Government connections Involvement in regulatory issues Use of third parties 2016 2015 2014 The proportion of respondents from companies that risk-rank countries increases to more than 80%. Transparency International’s Index continues to be the most-used information source for risk-ranking countries, followed by internally compiled risk data. Research on company ownership, financial performance, negative news and reputation continue to be the types of preliminary due diligence conducted most often. C O U N T R Y R I S K R A N K I N G R E S E A R C H T Y P I C A L LY C O N D U C T E D I N P R E L I M I N A R Y D U E D I L I G E N C E Figure 2. Source: 2016 Dow Jones Risk and Compliance Global Anti-Corruption Survey Figure 3. Source: 2016 Dow Jones Risk and Compliance Global Anti-Corruption Survey
  • 5. Information is often obtained from the third party via a questionnaire process before being independently verified or developed during the subsequent diligence process. There are multiple ways to identify this information through simple screening against structured risk data to conducting desktop research in-house or outsourcing that research. In certain high-risk scenarios, it might be necessary to conduct an in-depth active investigation in-country. R I S K M O N I T O R I N G A N D U P D AT I N G Risk ranking also drives the type and frequency of monitoring and updating of due diligence on third parties. The graphic above provides insight to the different approaches. C O N C L U S I O N Risk ranking, at the very least, shows the regulators that time and thought went into a third party diligence program and, as stated in the Resource Guide, meaningful credit will be given for a good faith, comprehensive effort. B I O G R A P H Y Michael Heller Director, Risk and Compliance Michael has held multiple consulting roles focused on risk management and enhanced due diligence over his career. He worked as a consultant with the Business Intelligence Group, the Anti-Money Laundering Group at Goldman Sachs & Co in New York City, and served as CCO and Internal Counsel at Abacus Wealth Partners. Michael holds a Juris Doctor from the University of San Diego School of Law and is a member of the State Bar of California. 4% 4% 6% 35% 36% 37% 15% 9% 10% 6% 4% 5% 9% 9% 7% 28% 38% 34% Annually Every two years Every three years Event-driven Varies by target risk Other Never 2014 2015 2016 Nearly 35% of respondents report their companies conduct annual due diligence updates; a similar proportion bases the frequency of updates on target risk levels. F R E Q U E N C Y O F D U E D I L I G E N C E U P D A T I N G Figure 4. Source: 2016 Dow Jones Risk and Compliance Global Anti-Corruption Survey
  • 6. Dow Jones Risk and Compliance Dow Jones Risk and Compliance is a global provider of risk management and regulatory compliance information, delivering targeted content to organizations around the world. Our market-leading data helps financial institutions and businesses have greater control managing Anti-Money Laundering, Anti-Bribery and Corruption, Economic Sanctions, Third Party Due Diligence and Commercial Risk operations. With a global team of expert researchers covering more than 60 languages, our risk and compliance data is information rich, accurate and timely, enabling our clients to make better quality decisions faster and with greater confidence. For more information, visit www.dowjones.com/risk RISK AND COMPLIANCE