Stern Advisory India Pvt. Ltd. provides third-party supplier due diligence and ethical sourcing services to help clients manage risks associated with anti-corruption laws globally. The document outlines the importance of conducting rigorous due diligence on partnerships to mitigate risks of bribery and corruption, which can have significant legal and reputational repercussions for organizations. It emphasizes the necessity of aligning compliance measures with international anti-corruption standards and offers practical recommendations for implementing effective anti-bribery policies.

1. STERN TM
ETHICALSOURCING
Third-Party
Supplier Due Diligence
Corporate
Anti-Corruption Initiative

2. TM
STERN ETHICALSOURCING
Third-Party Supplier Due Diligence
Corporate Anti-Corruption Initiative

3. Stern Advisory India Private Limited-An Introduction
TM
Stern EthicalSourcing
TM
Other EthicalSourcing Helps Clients With
Third Party Supplier Due Diligence & Screening
Major Federal Acts Practiced Around The World
Effects Of The Alleged Violation Of Anti-corruption Laws On The Business & Employees
The United Nations Convention Against Corruption Guidelines
Scope Of The Third Party Suppliers/vendors
Enhanced Due Diligence
Data Collection
Verification And Validation Of Data
Evaluation Of Results
TABLE OF CONTENTS

4. Stern Advisory India Private Limited
An introduction
a part of Stern Advisory Group, was founded in August, 2012, and began its operations in
September of that year. The primary reason behind founding the company was to aid Stern
Advisory Group's clients with all of their Indian assignments. By opening a dedicated, fully-
operational workplace in Gurgaon in the Delhi-NCR region, we have been able to facilitate
our global clients in terms of logistics, timeliness, and minimisation of expenses.
Before our first anniversary in the country, we had already been involved in various
assignments pertaining to Merger & Acquisition, investigative due diligence, employee
background screening, market research and forensics services.
Before the completion of the second year since our establishment, we have made major
breakthroughs in the domain of employee background screening, vendor due diligence,
investigative due diligence

5. The globalised business environment
of today necessitates a strong
network of global vendors that play a
critical role in the business and can
help bring considerable
opportunities.
However, this can also bring newer
risks to an organisation, which
exceed those of merely reputational
concerns. Organisations are now
being held directly accountable for
managing such risks. Hence they
must inspect and scrutinise the
efficacy of their commercial
relationships in order to remove the
risks that emanate from such
relationships. These risks range from
those of bribery, money laundering,
to more recent product recall fraud.
Stern Advisory's Ethical Sourcing will
help the client by simplifying global
anti-corruption manuals and
guidelines through a definitive
approach to gathering partner data,
verifying information, evaluating and
grading key risks, and performing
due diligence wherever appropriate -
all within a sophisticated
technological plank that can support
real-time information review,
archiving and audit thereof.
TM
Stern EthicalSourcing

6. TM
Other EthicalSourcing
Helps Clients With:
01 Profiling of the third-party relationship using 10 risk-based
attributes that includes, among others, country of operation;
type of industry; annual revenue generation and level of
oversight.
Classifying the business association in terms of the level of risk
it projects (low, medium & high).
02
03 Providing actionable plans and practical recommendations for
performing other due diligence operations customised to
client needs based on the assessment results.

7. An introduction
THIRD PARTY Suppliers
Due Diligence And Screening
The struggle against corruption has occupied a significant place over the recent years.
Governments, regardless of their polities, are taking more stringent approach, introducing
stricter laws to tackle the issue of bribery within a commercial setting. This is evident from
the rise in the number of criminal penalties being issued against the perpetrators. The
transnational nature of anti-corruption laws means that multinational organisations having
operations and raising capital in multiple geographies can be held liable for the acts of
bribery or similar wrongdoings in any part of the world. Within the purview of the rising
regulatory and law enforcement activities, companies are dedicating more resources to
establish policies, infrastructure and processes directed at combating corrupt practices
within their own businesses and through the whole of their supply chains. The focus also
remains on the indirect corruption that occurs especially through a third party, but which is
explicitly forbidden by the United Nations Convention against Corruption, the OECD Anti-
Bribery Convention and the countries which are signatory to these conventions.
Within many legal frameworks, organisations may be held accountable for the indirect acts
of corruption caused by their third parties, for e.g. their agents, vendors, suppliers,
distributors, consultants, or any individual or business entity associated with that
organisation. Thus, prior to entering the third party agreement, organisations are taking
rigorous steps to ensure that immanent corruption risks that stem from the establishment of
the relationship are carefully monitored, periodically evaluated and accordingly managed. In
actuality, conducting of risk-based due diligence on third parties has become a part of the
legal expectation in many nations that have explicitly ratified the aforementioned
conventions. Therefore conducting adequate due diligence will not only help the
organisations to decrease the level of corruption, but also, under some laws, avoid the risk of
criminal culpability arising from the legally questionable third-party conduct.

8. MAJOR FEDERAL
Acts Practiced Around The World
UK Anti-Bribery Act
Indian Laws
Foreign Corrupt Practices Act (FCPA)
(United States Of America)

9. Foreign Corrupt Practices Act (FCPA)
(United States Of America)
Within the FCPA regulations, a
business entity or an individual
may be held wholly responsible
for making any kind of payment
to a third party, whilst being
cognisant that a part of, or the
whole of, the payment will be
received by a foreign official,
whether directly or indirectly.
With regard to the FCPA, the US
Department of Justice states that
the term "knowing" includes
conscious neglect, deliberate
ignorance and intentional
blindness. In order for an
organisation to avoid being held
liable for illicit third-party
payments, the Department of
Justice recommends companies
to 'exercise due diligence and to
take all the preliminary
precautions to assure that their
business relations are formed with
partners and representatives of
repute'.

10. The UK Bribery Act is mediated by
the Adequate Procedures Guidance
of the United Kingdom. The UK
Ministry of Justice states that 'a
commercial organisation will be held
liable to legal actions if a person
associated with that organisation
bribes another person prospecting to
obtain or retain business or gain an
unfair advantage in the managing of
the business for that organisation'. In
this context, an "associated person"
is defined as an individual or an
entity who "conducts or performs
services for or on the behalf" of a
commercial organisation. The Act
further reads that in an event of
failure to forestall the bribery by an
associated person, the organisation
must prove that it had taken 'all the
necessary precautions and had in
place adequate procedures that were
designed to prevent the associated
person from undertaking such
conduct'
UK Anti-Bribery Act

11. Indian Laws
It must also be noted that the Parliament of India has more recently introduced a note on "The
Prevention of Bribery of Foreign Public Officials and Officials of Public International Organizations
Bill, 2011" to honour the country's promise as a signatory to the United Nations Convention
against Corruption. The note is being vigorously debated in the parliament.
Prevention of Corruption Act, 1988 states:
Prohibits
1acceptance,
facilitating and
giving any illegal
gratification in
respect of official
act of a public
servant;
Gratification can
2be in cash or in
kind;
Certain casual and
3social hospitality is
permissible;
Public Servants
4include
Government
officers, employees
of govt, owned
companies, govt,
aided societies /
NGOs, Judges,
arbitrators, court
appointed officers
etc.

12. EFFECTS OF THE
Alleged Violation Of Anti-corruption
Laws On The Business And Employees
® It single-handedly affects a company's reputation and brand image;
® It may incur heavy losses in form of penalties, legal fees and fines;
® It erodes customer's, employee's and investor's confidence;
® It can easily create bad public relations;
® It severely affects the organisation's business continuity plans, can lead to termination of
contracts, and, in some severe cases, blacklisting of the business;
® It may lead to the Government intervening in the conduct of the business;
® It also increases the personal liability of the directors and officers, whether directly or
vicariously;
® It can lead to a rise in the insurance premiums;
® It may result in loss of jobs and
® It may also lead to incarceration of individuals.

13. EFFECTS OF THE
Alleged Violation Of Anti-corruption
Laws On The Business And Employees
Therefore, in light of the aforementioned, we recommend the following steps:
® Sufficient representations, warranties and restitutions from the suppliers and the associated
persons.
® Inclusion of anti-bribery clauses and appropriate disclaimers in both vendor and customer
contracts. The inclusion of these clauses will help a commercial organization to
® Compel vendors and associated persons to not engage in bribery in any form.
® Obtain repudiation from vendors and associated persons that they have not engaged in an
act of bribery with the organisation.
® Designing an appropriate anti-bribery policy and compliance program for the commercial
organisation. These policies will be aligned with those of the jurisdictions of the United States
and the United Kingdom as well as the Indian anti-corruption laws
® To train employees, concerned officers, key vendors and associates on anti-bribery policies.
® Meticulous mapping and planning of the roles and responsibilities of all the senior officials in
the light of the legal repercussions of vicarious (secondary) liability in order that it does not
affect their personal liability on account of bribery allegations against the employees or the
organisation;
® To conduct regular anti-bribery compliance audits;
® To assist extensively in the investigation and evidence collection in the event of any potential
breach of the policies;
® Undertaking of apt and sufficient insurances, if any, for directors and officers from both the
past and present of the organisation to ensure that expenses and fines during the prosecution
process are covered sufficiently;
® Investors from the United Kingdom, United States and the rest of the world, who have
businesses in the United States and the United Kingdom, need to undertake thorough due
diligence before taking the investment decisions. This is to ensure that their investments are
protected and both their board representatives and shareholders are unaffected by civil and
criminal prosecutions.

14. Article 21
Bribery in the private sector
"Each State Party shall consider adopting such legislative and other measures as may be
necessary to establish as criminal offences, when committed intentionally in the course of
economic, financial or commercial activities:
THE UNITED NATIONS Conventions
Against Corruption Guidelines
The promise, offering or giving, directly
1or indirectly, of an undue advantage to
any person who directs or works, in any
capacity, for a private-sector entity, for the
person himself or herself or for another
person, in order that he or she, in breach of
his or her duties, act or refrain from acting.
The solicitation or acceptance, directly
2or indirectly, of an undue advantage by
any person who directs or works, in any
capacity, for a private-sector entity, for the
person himself or herself or for another
person, in order that he or she, in breach of
his or her duties, act or refrain from acting."

15. 01 It is critical that the third-party due diligence includes the third parties contracted in
both sales and supply chain channels. Whereas anecdotes may suggest that third
parties - e.g. agents and distributors - engaged in the sales activities of an
organisation may be more susceptible to bribery coercions, it does not discount the
vulnerability of the suppliers. Here we will define what persons should be included
under the scope of third-party due diligence. Please note that this list is not
exhaustive and some information may overlap with each other. Each organisation is
advised to develop its own list of the third parties with whom it is engaged. annual
revenue generation and level of oversight.
An individual or an organisation that has entered into an agreement with another
individual or an organisation (with a possible involvement of other parties) to create
a new business entity and manage its resources.
02
03 An individual or a cooperative pooling its resources along with another organisation
(and possibly with the involvement of multiple parties) for achieving a common
goal. A consortium is distinct in that each party maintains its separate legal status.
SCOPE OF THE Third-party
Suppliers/vendors
The first step for an effective third-party due diligence process is in the clear understanding of an
organisation's linkages with third parties and determination of who among the third parties
should be considered under the "scope" and thus subject to risk-based due diligence.
Defining third parties
Joint venture partner
Consortium partner
04 An individual or an entity authorised to act for, or in the lieu of, or to otherwise
represent, another organisation to further the latter's business interests. Agents may
be further subcategorised into the following:
® Sales agents (those needed to win a contract)
® Process agents (for e.g. visa permits agents)
Agent

16. 05 An individual or an organisation availing service or expert advice by representing an
organisation towards another person, business and/or government official. These
include legal, tax, financial advisor or consultants and lobbyists.
A contractor is a non-controlled individual or an organisation that avails goods or
services to an organisation under a contract. A subcontractor is the hired hand of
the contractor who performs specific tasks and is guided by his employer.
06
07 An individual or business entity that supplies raw materials or services to another
organisation
SCOPE OF THE Third-party
Suppliers/vendors
Advisor & other intermediaries
Contractor and subcontractor
Supplier/vendor
08 An individual or an organisation providing another organisation with major
functional support. For e.g. communications, supply and logistics, storage,
processing, etc.
Service provider
09 An individual or an organisation that purchases products from another organisation
in bulk, stores them in their own warehouse and then resells the products to the
retailers or to the end-users directly.
Distributor
10 The receiver of the end-product, service or idea which they purchase from an
organisation. They can be categorised into the following:
® A customer could be an intermediate dealer who purchases goods for
® reselling purpose
® The end customer who receives the final product or service and consumes
® them directly
Customer

17. ENHANCED
Due Diligence
Once the company has determined which third
parties are "in scope" for due diligence -
primarily by the level of risk the third-party
business relationship poses - Stern India
begins the main process of the due diligence.
For the third parties classified as "low risk", this
process is likely to take place within the
confines of business unit looking to sustain the
third party and will consist of basic internet
searches and standard database checks.
Third parties classified as medium-to-high risk
will be subject to thorough data collection and
extensive investigation. This will likely require
extensive input or overseeing from an
independent department (e.g. the legal or
compliance department).
Stern India employs three critical elements to
conduct a rigorous third-party due diligence:
® Data collection
® Verification and corroboration of data
® Evaluation of results, including
identification of the red flags

18. Data Collection
The main aim of the data collection process is to collect and preserve the relevant information
about the structure, ownership and the business activity of the third party; the third-party's
market reputation with its regard and commitment to integrity and finally its suitableness for the
type of business relationship under consideration.
Data collection that can affirm the third-party due diligence consists of the following tools:
Internet, database and internet media searches. This includes access to proprietary
databases. Shop Act, Ministry of Corporate Affairs, among others, to gather
information about the third party's integrity and to identify egregious issues visible
in the public domain.
An internal questionnaire, to be filled by the client willing to hire the third party.
An external questionnaire, to be filled by the representative of the third party.

19. After the data has been
gathered, it will need to be
corroborated and validated. The
involvement of independent
business units will be required if
the third-party business entities
have been classified as either
"medium risk" or "high risk".
The responsible parties will look
for gaps and inconsistencies
between the information filled
by the third party in the
external questionnaire with
those provided by the
concerned department in the
internal questionnaire. If the
discrepancies are rather too
glaring, we may employ the
assistance of an expert who will
assist in examining the elusive
points; in other cases phone
interviews and site visits shall
also be conducted to conclude
pending issues.
VerifiCAtion and
Validation of Data

20. Evaluation
of result
After the information has been
thoroughly examined and validated,
decision-making is left to the client
whether to go ahead with the
suggested third-party business
relationship. The "red flag" checklist
will help the client to arrive at a
conclusion. Red flag refers to scenarios
indicating a suspected risk of
corruption which will be needed to be
identified and extenuated through
sufficient measures. Some examples of
the "red flags" include:
® The third party seems to lack
adequate capabilities and staff
strength to sup port or consistently
meet the client's expectations;
® The third party insists on not
working through a contract (or it
wants to keep a highly ambiguous
contract in place);
® The third party is having second
thoughts about making anti-
corruption compliance certifications
in the agreement;
® The third party appears to be rather
forward and upfront whilst asking
for the billing procedure.
It is imperative to recognise that the
due diligence may be a cyclic process,
requiring the responsible department
to return back to the data collection
process if the problematic issues have
been identified in the examination and
validation phase or during the
evaluation of the red flags.

21. Address:
UK OFFICE:
33 St. James’s Square, London, SW1Y 4JS, U.K.
ASIA OFFICE:
Stern Advisory (India) Pvt. Ltd.
Level 12, Building No.8, Tower - C, DLF Cybercity, Phase II, Gurgaon 122002, Haryana, India