For many international organisations, the complex web of third parties, fundamental to any global operation, presents significant challenges to effective due diligence. With much anti-bribery legislation dictating that companies must implement thorough and effective due diligence procedures, this presents a significant problem.
So, how can businesses get this right?
Companies need to take a proportional and risk-based approach to anti-corruption due diligence. This means understanding the risk profile of different suppliers or third parties and establishing a system for both prioritising and implementing due diligence.
Contact Chloé Blais
GoodCorporation offers a due diligence design service which enables our clients to carry out risk-appropriate and robust due diligence on even the most complex supply chains. Use our service to identify high, medium and low-risk third parties and the subsequent level of due diligence required. This involves:
Our due diligence services are tailor-made to suit the risks and needs of each organisation and its different operating units.
Implementing adequate procedures to prevent bribery is vital if companies are to be properly protected from the risk of corruption and prosecution
Having adequate procedures to prevent corruption is vital, not only to mitigate the risk of bribery occurring, but also to ensure an effective defence, should prosecution arise. GoodCorporation's report into the effectiveness of anti-corruption procedures found that while almost 70 percent of procedures met our criteria for adequate, when it came to anti-corruption due diligence over 50 percent of the controls tested were found to be too weak.
From our study we can see that anti-corruption due diligence is the hardest anti-corruption practice to get right, particularly when it comes to checking the ethical practices of third parties such as agents, intermediaries, suppliers and distributors. Businesses also struggle with deciding which third parties need to undergo due diligence checks.
Once the design process is complete there are three key steps that need to be implemented.
Step 1: Identify the third parties that pose a real risk and outline due diligence requirements. This allows organisations to build a manageable due diligence programme, directing resources where the effort is needed and dispensing with due diligence for low risk third parties.
Step 2: Issue a tailored questionnaire to obtain reliable data. This provides organisations with detailed information on their high-risk suppliers, including ownership, management structure, policies, corruption mitigation controls and other responsible business information. All information is reviewed, verified and references obtained to identify any red flags.
Step 3: Deal with red flags. Effective due diligence will almost always raise a few red flags. Once any areas of concern have been identified we are able to advise on whether appropriate mitigation measures can be put in place and whether it is possible to manage the relationship moving forwards.
Our due diligence services are tailor-made to suit the risks and needs of each organisation and its different operating units. We can advise on the design and implementation or can be contracted to carry out the due diligence on your behalf.
GoodCorporation were more thorough than we could have been. They really cared about getting the information we needed to have assurances about our third parties.
GoodCorporation due diligence client
Browse our frameworks and request your copy