leveraging innovation and technology to enhance your ...€¦ · leveraging innovation and...
Post on 19-Aug-2020
2 Views
Preview:
TRANSCRIPT
1©2016 TRACE International, Inc.
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide
Leveraging Innovation and Technology to Enhance Your
Compliance Program and Manage Third Party Risk
Pia ViningSenior Director, Due Diligence
TRACE International
2017 SCCE Compliance & Ethics Institute
16 October 2017
Gregory BatesCounsel
Miller & Chevalier
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 210/13/2017
About TRACE
• The world’s leading anti-bribery standard setting organization.
• Internationally recognized and respected provider of third party due diligence and shared-cost anti-bribery compliance solutions.
• Hundreds of multinational members and thousands of TRACE Certified small & medium-sized enterprises around the world.
• Continuously benchmarking to provide actionable information.
2©2016 TRACE International, Inc.
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 310/13/2017
About Miller & Chevalier
• Global reach�Miller & Chevalier has been involved in client projects in more
than 60 countries across the globe�Our attorneys speak and work in 13 languages
• Our clients�Over the past three years, Miller & Chevalier has represented
approximately 40 percent of the Fortune 100, about one-quarter of the Fortune 500, and approximately 30 percent of the Global 100
• Industry leaders�Miller & Chevalier is consistently recognized as a top-tier firm
in many leading publications, including Chambers and Partners (Global, USA, and Latin America editions), Global Investigations Review, Legal 500, International Tax Review, and Best Lawyers in America, among others.
BASED IN
Washington, DC
FOUNDED IN
1920
SHARPLY FOCUSED FIRM WITH
LEADING PRACTICES IN
TaxLitigation
InternationalEmployee Benefits
White Collar DefenseGovernment Affairs
@millerchevalier
/company/miller-&-
chevalier
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 410/13/2017
A Quick Overview of the Anti-Bribery Elements of the FCPA
• No issuer, domestic concern, or person with a U.S. nexus
• May corruptly
• Take any action in furtherance of payment or a promise, offer, or authorization of payment
• Of a bribe or anything of value
• Directly or indirectly (while knowing)
• To a foreign official
• To obtain or retain business or improper advantage
3©2016 TRACE International, Inc.
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 510/13/2017
Directly or Indirectly
• Officers, directors, and employees are prohibited from making an illegal payment or providing anything of value to the official directly or through a third party
• Covered persons may be liable for a third party’s action, if the covered person:�Authorized the payment
�Paid the third party “while knowing” there is a “high probability” that the payment will pass through to an official
�Failed to investigate third party risks and ignored “red flags”
�Hired a third party who was likely to pay
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 610/13/2017
Risk-Based Review – Generally
• Federal Sentencing Guidelines�Periodically assess the risk of criminal conduct
�Take appropriate steps to design, implement, or modify each requirement set forth in the Guidelines
�With the goal of reducing the risk of criminal conduct
4©2016 TRACE International, Inc.
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 710/13/2017
Risk-Based Review – Bribery
• U.K. Adequate Procedures Guidance �Assesses the nature and extent of exposure to
potential external and internal risks of bribery by persons associated with organization
�The assessment is periodic, informed and documented
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 810/13/2017
Risk-Based Review – Bribery
• DOJ Evaluation of Corporate Compliance Programs�Risk management process
� What methodology has the company used to identify, analyze, and address the particular risks it faced?
�Information gathering and analysis � What information or metrics has the
company used to help detect misconduct?
� How has it informed the compliance program?
�Manifested risks� How has the company’s risk assessment
accounted for manifested risks?
5©2016 TRACE International, Inc.
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 910/13/2017
Risk-Based Review – Bribery
• DOJ Evaluation of Corporate Compliance Programs�Risk-based and integrated processes
� How does the third-party management process correspond to the nature and level of the enterprise risk identified?
� How has this process been integrated into the relevant procurement and vendor management processes?
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 1010/13/2017
Risk-Based Review – Bribery
• DOJ Evaluation of Corporate Compliance Programs�Appropriate controls
� What was the business rationale for the use of the third parties in question?
� What mechanisms existed to ensure
� The contract terms specifically described the services to be performed?
� The payment terms are appropriate?
� The described contractual work is performed?
� The compensation is commensurate with the services rendered?
�Management of relationships � How has the company analyzed the third party’s incentive model against compliance
risks?
� How has the company monitored the third parties in question?
� How has the company trained the relationship managers about what the compliance risks are and how to manage them?
� How has the company incentivized compliance and ethical behavior by third parties?
6©2016 TRACE International, Inc.
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 1110/13/2017
Risk-Based Review: DOJ Evaluation of Corporate Compliance Programs
• Real actions and consequences �Were red flags identified from the due diligence of the third parties involved in
the misconduct and how were they resolved?
�Has a similar third party been audited, suspended, or terminated, as a result of compliance issues?
�How has the company monitored these actions (e.g., ensuring that the vendor is not used again in case of termination)?
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 1210/13/2017
What do you view as your company’s most significant anti-bribery compliance challenge?
7©2016 TRACE International, Inc.
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide
Sample Supplier Master Data Management Process Map
Start
Requestor creates a
New/Update Supplier
Request using New
Supplier Request Form
Requestor
submits Request
Form to Sourcing
for review and
request type
approval
Sourcing
reaches out
to requestor
to discuss
further
Sourcing submits
request to Source
Creator
Source Creator
determines the
type of request
New Supplier Creation
Supplier Update
(Includes reactivating
inactive suppliers)
Source Creator
submits Supplier
Form to the
supplier
Supplier completes and
returns Supplier Form
Creator enters data into eSim
based on completed Supplier
Form
Does supplier
require Due
Diligence?
Does supplier
require Payment
Terms Exception
(PTE) Approval?
Notification(s) sent
to Due Diligence
Owners for
approval(s)
Due Diligence Owner
works with Sourcing,
Requestor, and supplier
to approve Due Diligence
Has Due
Diligence
been
satisfied?
Notification(s)
routed to Head of
Finance for
approval(s)
Head of Finance
approves PTE in eSim
Source Review and
Finance Review
completed and
validated by Source
in eSim
Source Approver
approves record in
eSim
Complete and approved
records from to eSim to E1/
Concur for invoice and
payment processing
If rejectedIf approved
Yes
Yes
Yes
NoNo
No
Legal ensures
necessary language
included in agreement
and finalizes contract
in system
Contract executed and
recorded in contract
management system
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 1410/13/2017
How much diligence is “due”?
• Finite resources - identify consistent risk categories
• Verifying and collecting information
• Red flags and deal breakers
• Documented process
Risk Assessment:
• Countries of operation
• Services performed
• Governmental interaction
• Amount & type of compensation
• Contract with/ invoice customer
• Sole product source
• Industry trends
• Other?
Customised & Consistent
Simple Interface
Automation
8©2016 TRACE International, Inc.
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 1510/13/2017
Third Party Management System (TPMS)
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 1610/13/2017
Automated Third Party Risk Assessment
• Sort through third party vendors and business partners to separate those that are innocuous and flag higher risk relationships that will require additional attention and resources.
• The process of collecting and processing risk information can be cumbersome and expensive without the right system in place.
9©2016 TRACE International, Inc.
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 1710/13/2017
Keys to a Successful Review
Third party should know that:
1. We are not questioning your integrity
2. We know this is a burden on you
3. Resisting slows things down and may make it seem like you have something to hide
4. There is a business advantage to handling compliance well
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 1810/13/2017
• First-global business bribery risk index for the compliance community
• Helps companies assess the propensity for public-sector bribery and its associated business risks
• Provides actionable intelligence to inform a company’s compliance procedures
10©2016 TRACE International, Inc.
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 1910/13/2017
Portable Due Diligence
• “Portable” reporting represents an evolution in due diligence.
• Third parties complete due diligence process – to a high standard – one time per year at the entity’s expense.
• Monitors and certifies entities for transparent conduct.
• Achieves collective action goal of finding practical and standard-setting solutions.
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 2010/13/2017
Duplication of Effort
11©2016 TRACE International, Inc.
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 2110/13/2017
No Duplication of Effort
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 2210/13/2017
Intermediary Directory
12©2016 TRACE International, Inc.
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide 2310/13/2017
Ownership Register
Visit us online at
www.TRACEinternational.org
facebook.com/TRACEinternational
linkedin.com/company/
TRACE-international-inc-
twitter.com/TRACE_inc
youtube.com/TRACEinternational
©2017 TRACE International, Inc.Raising the Standard of Anti-Bribery Compliance Worldwide
Questions?pvining@traceinternational.org
2410/13/2017
top related