Categories
31 Days to More Effective Compliance Programs

Day 16 | The third-party risk management process


As every compliance practitioner is well aware, third parties still present the highest risk under the FCPA. The Evaluation of Corporate Compliance Programs – Guidance Document (2019 Guidance) devotes an entire prong to third-party management. It begins with the following: A well-designed compliance program should apply risk-based due diligence to its third-party relationships.  Although the degree of appropriate due diligence may vary based on the size and nature of the company or transaction, prosecutors should assess the extent to which the company has an understanding of the qualifications and associations of third-party partners, including the agents, consultants, and distributors that are commonly used to conceal misconduct, such as the payment of bribes to foreign officials in international business transactions. 
This clearly specifies that the DOJ expects an integrated approach that is operationalized throughout the company. This means you must have a process for the full life cycle of third-party risk management. There are five steps in the life cycle of third-party risk management, which will fulfill the DOJ requirements as laid out in the 2012 FCPA Guidance and in the Ten Hallmarks of an Effective Compliance Program. They five steps in the lifecycle of third-party management are:

  1. Business Justification;
  2. Questionnaire to Third-party;
  3. Due Diligence on Third-party;
  4. Compliance Terms and Conditions, including payment terms; and
  5. Management and Oversight of Third Parties After Contract Signing.

Three key takeaways:

  1. Use the full 5-step process for third party management.
  2. Make sure you have business development involvement and buy-in.
  3. Operationalize all steps going forward by including business unit representatives.
Categories
12 O’Clock High-a podcast on business leadership

Trifecta of Failed Leadership


Richard Lummis and I are back. Today, we take a look at leadership lessons from a trifecta of failed leaders, including Adam Neumann, the founder and former CEO of WeWork, Elizabeth Holmes, founder and former CEO of Theranos and Travis Kalanick, founder and former CEO of Uber.
Highlights of this podcast include:

  1. What happens when charismatic leaders have disruptive visions?
  2. What happens when a brilliant jerk is a CEO?
  3. They all had and maintained asymmetrical power, total control and maintained dual-class ownership structures.
  4. What happens when the CEO creates a cult of personality?
  5. All three valued opaqueness over transparency so that they could control the flow of information.
  6. Where was the Board of Directors?

Resources
Is Your CEO Brilliant, a Jerk or Both?
When to fire the boss?
CEOs are not here to save us

Categories
Daily Compliance News

January 16, 2020, Trump Tried to Repeal FCPA edition

 
In today’s edition of the Daily Compliance News:

  • We always knew he believed in bribery but Trump tried to unilaterally repeal the FCPA. (NYT)
  • Goldman stock falls as 1MDB settlement nears. (WSJ)
  • Red Sox fire Alex Cora, wait for MLB to drop the hammer. (WSJ)
  • What’s wrong with keeping petty cash at home? (Daily Mail)