Have summaries of our latest blogs delivered to your inbox, so you can stay up to date on the topics and current events that matter to your business.
If you’re writing a novel, you need to know the audience you’re writing for. Your story and tone will be different if you’re writing a fantasy novel for pre-teens versus a historical...
Environmental, social and governance (ESG) performance plays a critical role in how consumers, employees and investors are making business decisions. In fact, When Edelman released its 22 nd annual Trust...
Some have decried social media as the “death of journalism,” but this isn’t a new complaint. In fact, the downfall of “traditional journalism” has been a point of contention...
A PR campaign is like the most magnificent tree you’ve ever seen, and if it’s done correctly, you can build a whole content forest. But you need a solid foundation from which the tree (the...
Podcasts, blogs and social media sites make it easy for anyone to share their thoughts—who among us hasn’t sent a hastily-typed missive into the ether for our friends and followers to enjoy...
When the FCPA Blog looked back at the enforcement actions during 2020, it noted, “In some cases, the agencies reinforced long-standing expectations, and severely punished companies that strayed from them—something old. In other cases, the agencies used enforcement actions to stake out new compliance requirements, causing entire industries to reevaluate their existing anti-corruption programs—something new.” Given this combination of robust enforcement and expanding requirements—as well as the complexity of organizations’ global third-party networks—it’s more critical than ever for you to have an effective strategy for evaluating and monitoring third-party risk. Below we've outlined nine steps for a risk-aligned due diligence process based on guidance from regulators to help companies mitigate financial and reputational harm due to third-party relationships. Take a closer look.
The global nature of business today subjects your enterprise to a growing number of regulations and a greater need to mitigate risk exposure through partners and third parties—regardless of where your enterprise is located.
Your due diligence process needs to align with the strategic, financial, regulatory, and reputational risks your organization may face. This is especially true for organizations doing business with third parties in countries that attract high levels of regulatory scrutiny.
For a corporate entity, organizations need to collect basic information including:
For an individual, organizations need to focus on gathering:
Once a basic level of vetting has taken place, prospective third parties—both companies and individuals—should be subjected to a watchlist screening process. By conducting watchlist and politically exposed persons (PEP) checks early in the process, you can quickly determine if the potential third-party relationship poses a significant risk. Names of companies, individuals, NGOs and, if applicable, assets such as vessels should be checked against:
After preliminary information collection and watchlist screening has taken place, it’s time for you to perform a risk assessment. Considerations should include:
Following the risk assessment, your due diligence process should include multi-source verification of the information that has been accrued.
Throughout the due diligence process, your organization needs to maintain a comprehensive record of relevant documents, assessment, and decisions to ensure you can demonstrate ROI and prove that decisions to engage with partners or third parties were made in good faith.
Once a third party has been vetted, you still need to conduct ongoing monitoring of the relationship to provide visibility into emerging red flags that could put your organization at risk.
Business needs change. Commit to periodic reviews with stakeholders to ensure that your due diligence process is always aligned with those needs over time.
Finding gaps in your process? Find out how the enhanced data and intelligent technologies in Nexis Diligence enable comprehensive, risk-aligned due diligence.