No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights

Checking in on “The Year of Third-Party Due Diligence”

by Michael Volkov
April 13, 2016
in Uncategorized
Risk ranking is imperative to effective third-party due diligence

This article was republished with permission from Michael Volkov’s blog, Corruption, Crime & Compliance.

Hui Chen, the Department of Justice’s Compliance Counsel, recently stated that 2015 was the year of due diligence and third-party compliance. A recent survey conducted by Kroll and Ethisphere provided a status check on how the due diligence compliance effort is going.

Many companies have heard the message about the importance of due diligence compliance and instituted due diligence systems, hopefully using automated programs. Companies that continue to rely on paper due diligence systems are only asking for trouble, or better have a small population of third parties.

Recently, Kroll and Ethisphere came out with an interesting survey on third-party due diligence. A copy is available here.

Companies continue to rely on third parties – nearly half of all companies responding to the survey have more than 1,000 third parties, and almost 20 percent deal with more than 25,000. Risk-ranking systems are the only way to survive when handling this large a third-party population. Interestingly, one in four companies lack confidence that their company’s controls could identify potential third-party violations of anti-corruption laws.

Almost half of the respondents conceded that they lack adequate resources to support their company’s anti-corruption compliance program. With increasing growth and lack of adequate resources, companies have to redouble their efforts in due diligence and managing third-party risk.

To do so, automation is essential, coupled with risk-ranking strategies to justify allocation of resources to higher-risk third parties. For many companies, due diligence is a time- and resource-intensive process, especially considering the numbers of third parties companies are using. Compliance has to reach out and rely on business staff to gather additional information from the proposed third party.

The key to making any due diligence system work is risk-ranking based on documentation and a legal analysis of the proposed strategy for allocating resources. When combined with an advice of counsel memorandum, the company can demonstrate its good faith to review the riskiest third parties using the most efficient allocation of resources.

Interestingly, the Kroll/Ethisphere survey found that the most significant reason for third-party malfeasance was a failure to conduct enough due diligence (48 percent). This may reflect perfect hindsight, but it raises a question as to whether enough due diligence is being conducted based on the assigned risk and whether the candidates are withholding important information needed for due diligence. If companies are cutting corners in the due diligence process, this is bound to come back and bite them for failing to act.

The three most common reasons for rejecting a proposed third party were consistent with the prior year’s survey: reputational concerns, questionable relationships with government officials and unusual contract and payment terms.

The survey noted a positive development – almost three-quarters of companies were relying on contractual provisions to communicate and enforce compliance expectations. I have always maintained that contractual provisions can be used as an effective tool to ensure third-party compliance with specific compliance requirements.

A little over half of all companies require third parties to acknowledge a third-party code, and a similar percentage require acknowledgment of the company’s code of conduct. This represents a new and welcome development: companies are adopting third-party codes of conduct and imposing the requirements on their third parties as a condition to doing business.

Training third parties continues to be a challenge. Only one-third of companies reported training third parties. I would expect that number to increase in the coming years as companies employ web-based training systems that provide easy access for third parties.


Tags: Tone at the Top
Previous Post

LockPath Announces Expansion of Patented Dynamic Content Framework in Keylight 4.4

Next Post

Avoiding Risks in New Hire Onboarding

Michael Volkov

Michael Volkov

Michael-Volkov-leclairryan Michael Volkov is the CEO of The Volkov Law Group LLC, where he provides compliance, internal investigation and white collar defense services.  He can be reached at mvolkov@volkovlaw.com. Michael has extensive experience representing clients on matters involving the Foreign Corrupt Practices Act, the UK Bribery Act, money laundering, Office of Foreign Asset Control (OFAC), export controls, sanctions and International Traffic in Arms, False Claims Act, Congressional investigations, online gambling and regulatory enforcement issues. Michael served for more than 17 years as a federal prosecutor in the U.S. Attorney’s Office in the District of Columbia; for five years as the Chief Crime and Terrorism Counsel for the Senate Judiciary Committee, and Chief Crime, Terrorism and Homeland Security Counsel for the Senate and House Judiciary Committees; and as a Trial Attorney in the Antitrust Division of the U.S. Department of Justice. Michael also maintains a well-known blog: Corruption Crime & Compliance, which is frequently cited by anti-corruption professionals and professionals in the compliance industry.

Related Posts

personnel management

Preparing for Budget Cuts in 2023? Be Sure Personnel Management Isn’t on the Chopping Block

by Vera Cherepanova
March 1, 2023

For compliance departments that need to do more with less, it’s tempting to lean into automated systems. Compliance and ethics...

boris johnson resigns as UK prime minister

Them’s the Breaks: What Companies Can Learn From Boris Johnson’s Downfall

by Miller & Chevalier
July 27, 2022

Embattled Prime Minister Boris Johnson resigned after a revolt in his own party. While the political repercussions of Johnson’s tenure,...

Corporate Liability Reform in the UK is Accelerating: Your GRC Teams Need to Future-Proof Compliance  

Corporate Liability Reform in the UK is Accelerating: Your GRC Teams Need to Future-Proof Compliance  

by Fabio Feretti and Sarah Wrigley
March 30, 2022

The UK’s just-enacted corporate crime legislation is a step in the right direction but failed to address a wide range...

Making Money Is Not a Mission: 10 Essays on the Compliance Culture Revolution From Michael Volkov

Making Money Is Not a Mission: 10 Essays on the Compliance Culture Revolution From Michael Volkov

by Corporate Compliance Insights
February 11, 2022

As broad terms like "culture" continue to gain devotees, it may seem natural to conclude that more businesses and organizations...

Next Post
Key strategies for minimizing onboarding risks, reducing costs, and delivering all required notifications to new hires

Avoiding Risks in New Hire Onboarding

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT