One area that has bedeviled CCOs and compliance practitioners is how to determine the ROI for your compliance program regarding third-parties. While it is still clear that third-parties are the greatest risk in FCPA enforcement actions, senior management often wants to know what is the monetary benefit to the company for this type of risk management.
When you couple the request for ROI with the 2020 Update, it may seem like a doubly daunting task. However, the requirement for operationalization of your compliance program actually lends itself to formulating ROI around the risk management of third-parties. This is because if you move third-party compliance into the organization as a business process, with a technological solution, the ROI becomes not only clearer but easier to calculate going forward.
Three key takeaways:
- Why is it important to demonstrate ROI on your third-party risk management program?
- Determining ROI helps to demonstrate operationalizing your compliance program.
- Determining third-party management program ROI can help to tear down compliance siloes.