No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

Star Wars and Levels of Due Diligence

by Thomas Fox
December 18, 2015
in Compliance
Star Wars and Levels of Due Diligence

 

We continue our celebration of all things Star Wars, at least as they pertain to the original trilogy, as today we honor Episode V – The Empire Strikes Back, which is my personal favorite of the original three movies. The film begins with a cool battle on the ice planet of Hoth; has some great HR lessons as Darth Vader executes officers for workplace errors; demonstrates some dangers involving ineffective training for Luke Skywalker on the tropical plant of Dagobah, where he travels to learn under the Jedi master Yoda, who utters the immortal line “Try not! Do, or do not. There is no try;” and ends in Cloud City, a floating gas mining colony in the skies of the planet Bespin run by Han Solo’s old buddy, Lando Calrissian. It also has one of the greatest movie lines of all-time, thundered by Darth Vader to Luke Skywalker, “I AM YOUR FATHER,” toward the end of the film.

Solo and Calrissian go way back, and Solo trusts him. Of course, Solo won his starship, the Millennium Falcon, from him, but they are still good friends.  This friendship is sorely tested when Vader and his Imperial Troops arrive to entice Luke to come to save his friends and battle Vader, which is where the reveal of fatherhood occurs.

I thought about these last two points in the context of knowing who you are doing business with under the Foreign Corrupt Practices Act (FCPA) or UK Bribery Act. I once heard a company President say he did not need to perform due diligence because he looked a man in the eyes and that was enough to know if he was honest. (I should add, this President also evaluated the strength of a handshake as an additional level of due diligence.) Hopefully we have moved past this level of sophistication for due diligence and its evaluation thereof.

One of the areas I still receive questions about are the different levels of due diligence. Based upon the information provided by the Department of Justice (DOJ) over the years, from deferred prosecution agreements (DPAs) to opinion releases and enforcement actions, I break due diligence down into three stages: Level I, Level II and Level III. Candice Tal, Founder and Chief Executive Officer (CEO) of Infortal Worldwide, in an article entitled “Deep Level Due Diligence: What You Need to Know,” laid out some of these concepts.

Level I

First-level due diligence typically consists of checking individual names and company names through several hundred global watch lists comprised of anti money laundering (AML), anti-bribery, sanctions lists and other financial corruption and criminal databases. These global lists create a useful first-level screening tool to detect potential red flags for corrupt activities. It is also a very inexpensive first step in compliance from an investigative viewpoint. This basic Level I due diligence is extremely important for companies to complement their compliance policies and procedures, demonstrating a broad intent to actively comply with international regulatory requirements.

Level II

Level II due diligence encompasses supplementing Level I due diligence with a deeper screening of international media, typically the major newspapers and periodicals from all countries, plus detailed Internet searches. Such inquiries will often reveal other forms of corruption-related information and may expose undisclosed or hidden information about the company, the third party’s key executives and associated parties. I believe that Level II should also include an in-country database search regarding the third party. Some of the other types of information that you should consider obtaining are country of domicile and international government records, use of in-country sources to provide assessments of the third party, a check for international derogatory electronic and physical media searches and English and foreign-language repositories searches in its country of domicile; if you are in a specific industry using technical specialists, you should also obtain information from sector-specific sources.

Level III

This level is the deep dive. It will require an in-country “boots-on-the-ground” investigation and is designed to supply your company “with a comprehensive analysis of all available public records data, supplemented with detailed field intelligence to identify known and — more importantly — unknown conditions. Seasoned investigators who know the local language and are familiar with local politics bring an extra layer of depth assessment to an in-country investigation.” Further, the “direction of the work and analyzing the resulting data is often critical to a successful outcome … and key to understanding the results both from a technical perspective and understanding what the results mean in plain English. Investigative reports should include actionable recommendations based on clearly defined assumptions or preferably well-developed factual data points.”

But more than simply an investigation of the company, critically including a site visit and coupled with on-site interviews, Tal says that some other things you investigate should include “an in-depth background check of key executives or principal players. These are not routine employment-type background checks, which are simply designed to confirm existing information; but rather executive due diligence checks designed to investigate hidden, secret or undisclosed information about that individual.” Tal believes that such “reputational information, involvement in other businesses, direct or indirect involvement in other law suits, history of litigious and other lifestyle behaviors which can adversely affect your business and public perceptions of impropriety should they be disclosed publicly.”

Further, you may need to engage a foreign law firm to investigate the third party in its home country to determine the third party’s compliance with its home country’s laws, licensing requirements and regulations. Lastly, and perhaps most importantly, you should use a Level III to look the proposed third party in the eye and get a firm idea of his or her cooperation and attitude towards compliance, as one of the most important inquiries is not legal, but based upon the response and cooperation of the third party. More than simply trying to determine if the third party objected to any portion of the due diligence process or if they objected to the scope, coverage or purpose of the FCPA, you can use a Level III to determine if the third party is willing to stand up under the FCPA and if you are willing to partner with them.

The Risk Advisory Group created a handy chart of its Level I, II and III approaches to integrity and due diligence. I have found it useful in explaining the different scopes and focuses of the various levels of due diligence.

tom fox table
May the force be with you. If Han Solo had done a deep dive into his friend Lando Calrrisian, he might have well determined that the Empire had arrived at the Cloud City before he and his team did. Then again, we might not have heard that seminal line, “I AM YOUR FATHER.”

 


Previous Post

The Dangers of Letting Bribery Go Undetected

Next Post

Who Should Regulate GMOs?

Thomas Fox

Thomas Fox

Thomas Fox has practiced law in Houston for 25 years. He is now assisting companies with FCPA compliance, risk management and international transactions. He was most recently the General Counsel at Drilling Controls, Inc., a worldwide oilfield manufacturing and service company. He was previously Division Counsel with Halliburton Energy Services, Inc. where he supported Halliburton’s software division and its downhole division, which included the logging, directional drilling and drill bit business units. Tom attended undergraduate school at the University of Texas, graduate school at Michigan State University and law school at the University of Michigan. Tom writes and speaks nationally and internationally on a wide variety of topics, ranging from FCPA compliance, indemnities and other forms of risk management for a worldwide energy practice, tax issues faced by multi-national US companies, insurance coverage issues and protection of trade secrets. Thomas Fox can be contacted via email at tfox@tfoxlaw.com or through his website www.tfoxlaw.com. Follow this link to see all of his articles.

Related Posts

Fox_DOJ Speeches_f

Analysis of Recent DOJ Statements

by Corporate Compliance Insights
March 23, 2023

DOJ leaders provide insight into agency's plans. Analysis of Recent Statements DOJ Shaping the Future of Corporate Criminal Enforcement What’s...

Fox_2023 ECCP Update_f

2023 Evaluation of Corporate Compliance Programs

by Corporate Compliance Insights
March 23, 2023

Keeping up with 2023 changes to DOJ guidelines. Additions, Deletions & Changes From 2020 2023 Evaluation of Corporate Compliance Programs...

encompass update

Encompass Launches pKYC Maturity Model

by Corporate Compliance Insights
March 22, 2023

KYC automation platform Encompass has unveiled a new perpetual Know Your Customer (pKYC) maturity model designed to help banks improve...

consilio onna partnership

Consilio, Onna Seek to Streamline eDiscovery for Cloud Apps

by Corporate Compliance Insights
March 22, 2023

Legal technology provider Consilio has launched a new platform, Sightline Collect, powered by data management supplier Onna. The platform is...

Next Post
Who Should Regulate GMOs?

Who Should Regulate GMOs?

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT