SlideShare une entreprise Scribd logo

Third Party Due Diligence - Know Your Third Party - EY India

Ernst & Young
Ernst & Young

This document discusses key components of an effective third-party due diligence program to manage compliance risks. It recommends taking a risk-based approach, with varying levels (I, II, III) of investigation based on perceived risk. Level I involves open-source checks, Level II adds localized records searches and reference calls, and Level III includes on-site inspections. An effective program incorporates consistency, management oversight, objectivity, and reasonableness. Management should establish standards, provide oversight, and take appropriate actions. Due diligence procedures should be documented, centralized, and follow predictable rules to reduce ambiguity and demonstrate a fact-based, defensible process.

Business
1  sur  8
Télécharger pour lire hors ligne
Third-party due diligence Key components of an effective, risk-based compliance program
The economic crisis, vigorous governmental enforcement activity and the increased focus on enterprise risk are causing global corporations and their audit committees to take a closer look at how they manage and conduct their due diligence around vendor, distributor, joint venture and customer organizations — defined broadly as third parties. Those with existing due diligence programs are finding they have not kept up with the increased global risks of third-party vendors — particularly in the areas of anti- bribery and corruption — leaving many companies to wonder what constitutes a reasonable due diligence program and how much research and documentation are enough. We help companies facing this issue and assist them in building compliance programs that aim to address vendor corruption risk. In this paper, we share some of the leading practices for building an effective vendor due diligence program and suggest steps that companies could consider to improve their current processes and technologies to address the global regulatory environment. While the discipline around supply chain and vendor management is relatively mature, third-party risk, from a regulatory management perspective, is in its infancy with little guidance available and no standards established. Perhaps this is because most third-party management programs were developed decades ago when the focus of the due diligence tasks were around “operational” and “financial” criteria and were typically only done once during the on-boarding process. Operational and financial criteria often included verifying that the third-party was in good corporate standing; reviewing audited financial statements to ensure financial stability; and perhaps calling upon a few references. Documentation rarely included due diligence activities related to adverse media searches, criminal history, government sanctions or queries to identify politically exposed individuals. From a regulatory perspective, neither the U.S. Department of Justice (DOJ) nor the U.S. Securities and Exchange Commission (SEC) provide specific guidance on the components of an effective third-party due diligence program. However, the U.S. Sentencing Commission voted unanimously on April 7, 2010, to modify the Federal Sentencing Guidelines for organizations, including the provisions that set forth the attributes of an effective compliance and ethics program. The guidelines provide some high-level components that should be integrated into your third-party due diligence and compliance programs. These components, which took effect November 1, 2010, suggest that management should: 1) Establish standards and procedures to prevent and detect criminal conduct. 2) Be knowledgeable about the content and operation of the program and exercise reasonable oversight with respect to the implementation and effectiveness of the compliance program. 3) Make reasonable efforts not to include within the substantial authority personnel of the organization any individual whom the organization knew, or should have known through the exercise of due diligence, or has engaged in illegal activities or other conduct inconsistent with an effective compliance and ethics program. 4) Take steps to communicate the program’s standards and procedures throughout the organization and provide training tailored for various audiences. 5) Take reasonable steps to ensure that the program is followed, including monitoring and auditing to detect criminal conduct, periodically evaluating the program’s effectiveness and publicizing a system that allows reporting potential and actual criminal conduct without fear of retaliation. 6) Consistently promote and enforce the program with appropriate incentives for proper performance and appropriate disciplinary measures for those who engage in criminal conduct or fail to take reasonable steps to prevent or detect it. 7) Take reasonable steps to respond appropriately to criminal conduct when detected and prevent further similar criminal conduct, including making any necessary changes to the program. “Third-party due diligence must be robust, thorough, impeccably documented and preserved.” — Former U.S. Department of Justice Fraud Section Deputy Chief Mark Mendelsohn (2005–2010), FCPA Conference, November 2009 Third-party due diligence2
One may also look to the Organisation for Economic Co-operation and Development (OECD) for its February 18, 2010, adoption of “Good Practice Guidance on Internal Controls, Ethics and Compliance.” This Good Practice Guidance was adopted by the OECD Council as an integral part of the “Recommendation of the Council for Further Combating Bribery of Foreign Public Officials in International Business Transactions,” dated November 26, 2009. The guidance provides for the following leading practices for ensuring effective internal controls, ethics and compliance programs or measures for the purpose of preventing and detecting foreign bribery. As it relates to third-party due diligence, the guidance includes the following points: • Strong, explicit and visible support and commitment from senior management • Ethics and compliance programs or measures designed to prevent and detect foreign bribery applicable, where appropriate and subject to contractual arrangements, to third parties such as agents and other intermediaries, consultants, representatives, distributors, contractors and suppliers, consortia and joint venture partners (hereinafter, “business partners”), including, among other things, the following essential elements: • Properly documented, risk-based due diligence pertaining to the hiring, as well as the appropriate and regular oversight of business partners • Informing business partners of the company’s commitment to abiding by laws on the prohibitions against foreign bribery, and of the company’s ethics and compliance program or measures for preventing and detecting such bribery • Seeking a reciprocal commitment from business partners • Effective measures for: • Providing guidance and advice to directors, officers, employees and, where appropriate, business partners on complying with the company’s ethics and compliance program or measures, including when they need urgent advice on difficult situations in foreign jurisdictions. • Internal and, where possible, confidential reporting by, and protection of, directors, officers, employees and, where appropriate, business partners not willing to violate professional standards or ethics under instructions or pressure from hierarchical superiors, as well as for directors, officers, employees and, where appropriate, business partners willing to report breaches of the law or professional standards or ethics occurring within the company, in good faith and on reasonable grounds. • Undertaking appropriate action in response to such reports. • Periodic reviews of the ethics and compliance programs or measures designed to evaluate and improve their effectiveness in preventing and detecting foreign bribery, taking into account relevant developments in the field, and evolving international and industry standards Finally, the UK Bribery Act effective July 1, 2011, mentions due diligence as one of its six principles for anti-bribery compliance and stresses the importance that companies should focus their third- party due diligence resources using a “risk- based” approach. The Act creates four offenses, one of which is failing to prevent bribery, which covers the activities of any person or third-party acting on behalf of a business (for example, employees, agents or subsidiaries). “… due diligence procedures should be proportionate to the identified risk. ‘Due diligence’ … should be conducted using a risk- based approach.” — Bribery Act 2010 Guidance UK Ministry of Justice Key components of an effective, risk-based compliance program 3
Key components of an effective program Taking the existing guidance into consideration, four key principles become apparent, which serve as a strong frame of reference for incorporating the multiple guidelines and legal rulings previously discussed into an effective global due diligence program. These guidelines are consistency, management oversight, objectivity and reasonableness. Consistency — Automating the process and developing standard templates for vetting third parties, especially overseas, will help drive consistency across the company. A robust platform allows a company to effectively and efficiently manage a decentralized program. The goals that companies should be to have one system that everyone uses on a consistent basis. Management oversight — It is important that management’s intent and actions provide for a robust third-party due diligence process. Is management doing the best they can based on their perceived risk and limited resources or are they choosing to look the other way? Objectivity — Are the due diligence procedures objective and performed separately from the requestor, which could contain inherent conflicts of interest? Each due diligence investigation should be independently performed with its own case file, notifications, investigative findings, remediation actions, education and representations between the company and its agent, partner, distributor, third parties and others. Having a defined case management work flow integrating people, process and technology can be particularly useful to ensure an objective process. Evaluating your program Questions to ask Consider your current anti-corruption vendor on-boarding process and ask tough questions about consistency, management oversight, objectivity and reasonableness. Consistency. Is the process followed consistently? Can you audit or tie back vendor request forms to each vendor in the vendor master? Is there training around the process? Is it globally deployed? Is the process repeatable — i.e., would you arrive at the same conclusion if you were to run a selection of new vendor setup forms through the same process? Are the rules and contract language around FCPA and anti-corruption consistent from country to country? Management oversight. When was the last global training program on anti- corruption, due diligence or compliance? When did you last update your new vendor setup form or procedures? Does your company use software tools for case management to manage and document the vendor setup process? What database and due diligence steps does accounts payable take to categorize new vendor submissions received from the requestor? Is the right person making the decision? Once accepted, is it rechecked annually or on an ongoing basis? During the escalation process, who is responsible for making the tough calls? How robust is the vendor “vetting report”? Does it incorporate public database checks, include the officers of a company and search for “politically exposed persons,” adverse media, country-specific sanctions and more? Who is made aware of a new vendor once approved — is it communicated to the corporate office and centrally managed, or is it handled and decided by the local office? Objectivity. Given so many decision-makers at the country or subsidiary level, can the current process stand up to independence scrutiny from an outside (or DOJ) perspective? For example, can the accounts payable clerk processing the original new vendor setup form be forced to designate a form as “low risk” from the requestor in order to avoid additional scrutiny from upper management? Reasonableness. Is the process reasonable? Does the process generate too much paperwork that may not get reviewed or too little paperwork where rogue third parties or necessary contract terms might be missed? Does the process incorporate leading practices, including the criteria set forth in the U.S. Sentencing Guidelines and OECD? “Put simply, the prospect of significant prison sentences for individuals should make clear to every corporate executive, every board member and every sales agent that we will hold you personally accountable for FCPA violations.” — Assistant Attorney General for the Criminal Division, Lanny Breuer, Feb. 2010 Third-party due diligence4
The supplier vetting activities Approve Total supplier universe Develop supplier category and geographicfiltering criteria* Develop detailed filtering criteriaon supplier relationshipand natureof contract Develop supplier vetting protocolsto effectively document legal, regulatory and reputational risks Develop decision criteriafor acceptance, denial or specificcontract modifications, based on risk profile 80,000 third parties 10,000 moderate risk 1,000 high risk 250 negative hits 150 denied DeniedApprove with restrictions *Geographic filtering will include Transparency International’s Global Corruption Perception’s Index, among other criteria. Filtering criteria example: of thousands. Filtering them down to a management population is a critical first step before deciding which due diligence procedures to conduct as demonstrated by the diagram above. As it relates to actually conducting regulatory related due diligence activities for those higher risk third parties, we see the process broken down into three general levels of investigation: Level I: open source background checks Level I analysis includes a comprehensive check of available sanctions and embargo and watch lists. It also includes internet and media search inquires. These searches use open source databases and public information to search a wide range of business journals, websites, industry publications and mainstream media. When these processes are streamlined through the use of case management software, online databases and internet searching, a Level I analysis can be accomplished by an investigator in three to five hours; and given its streamlined, repeatable nature, it is ideal for centralization and perhaps even outsourcing. Reasonableness — Given limited company resources, taking a risk-based, tiered approach to third-party due diligence helps management to allocate resources accordingly. Reasonableness addresses the question, “How much is enough?” In your efforts to avoid doing business with the wrong people, a prudent and well thought-out process is important. A thoughtful and reasonable compliance program that is risk based is the best preventive strategy for making sure that compliance is both practical and defensible. Taking a risk-based approach The four components described above are predicated on a critical first step: a credible, risk-based assessment of a company’s third parties. Many corporate compliance departments we observe conduct their due diligence programs based on deploying multiple levels of investigation based on the perceived or known risks. Many global corporations have vendor masters and third-party databases spanning in the tens of thousands, even the hundreds Level II: enhanced due diligence Based on the Level I analysis, Level II analysis involves additional public database searches with a specific focus on localized public records databases, such as court filings. A Level II analysis may also incorporate phone interviews, reference checks and research into potentially vulnerable corporate relationships with a deeper dive into public records and media searches. A Level II analysis often requires local country presence to gain access to local records and contacts and typically requires significantly more hours (between 20 to 40 hours) of local, in-country investigator time to research and report. Level III: deep dive As the risk level dictates, a Level III analysis may be further warranted. This may include on-site inspections; interviewing associates in political, business and social circles to uncover reputation; reviewing corporate, civil and criminal documents; and validating financial records. Key components of an effective, risk-based compliance program 5
Consistency — Management oversight — Objectivity — Reasonableness Businessunitriskprofile Third party Extreme Moderate Low High Integrated due diligence program (insourced or outsourced) Vendors, agents and consultants Resellers Customers Acquisition targets Robust,opensourcedatabases Displays negative coverage Possibly displays negative coverage Political affiliations indentified Level I entity analysis No negative coverage Cleared Unrestricted business Restricted business Denied business Business unit Level II entity analysis Unclear Management decision Entity cannot be identified Localized,targeteddatabases Special contract or or Level III entity analysis or or Ernst & Young’s open source third-party due diligence methodology y _ Standardized business risk assessment documented. While the rules to getting to an “approval” are always unique to the business, the key point of the analysis phase is to centralize and document the process. Depending on the business rules set, a third-party may be approved with “unrestricted business” (e.g., no issues), semi-approved with either specific contract language or other limiting conditions or denied entirely. Company management plays a key role in decision-making; however, its burden is reduced as its decisions follow a predictable rules-based methodology in a documented, consistent format that reduces ambiguity and helps provide for more “fact-based” decision-making. Recommended next steps Here’s how you can get started on your own assessment. • Ask those tough questions about consistency, management oversight, objectivity and reasonableness • Evaluate the current process map in the context of Ernst & Young’s methodology and conduct a gap analysis • Determine if your company’s best option is to insource or outsource key processes such as Level I and Level II analyses • Develop categorization and decision rules as part of the data-gathering process • Seek assistance from outside advisors and legal resources who are specialists in the areas of third-party due diligence and FCPA Conclusion Today’s global companies should evaluate their current third-party, anti-corruption due diligence programs in the context of a risk-based framework that incorporates attributes of consistency, management oversight, objectivity and reasonableness. The economic crisis, recent governmental enforcements and the increased focus on enterprise risk are causing global corporations and their audit committees to take a closer look at how they manage their vendor and customer compliance relations. While several corporations are still grappling with what processes represent an effective due diligence program, incorporating the attributes above can go a long way in demonstrating an effective, risk-based vetting program. Process examples By incorporating the attributes of consistency, management oversight, objectivity and reasonableness, we have developed a third-party due diligence framework that seeks to provide adequate risk-based categorization, appropriate levels of data analysis, ongoing monitoring and effective communication. The framework starts with the business unit, where adequate training and communication are essential. Business units interact with multiple parties, so the framework must be flexible to accommodate vendors, resellers, customers and acquisition targets. Through standardization and a risk-based set of questions, we have worked with companies to develop a standardized business risk assessment that categorizes each third-party into categories such as low, moderate, high or extreme risk groups. Based on the risk assessment categorization, the analysis phase is represented by the integrated due diligence program as set forth in the next phase. Typically, the majority of third parties, regardless of the categorization, are run through a battery of Level I public database checks, as previously defined. This starts the case management file for each third-party where all decisions, tests and outputs are centralized and Third-party due diligence6
About the authors This paper was written by Steven Kuzma and Vince Walden. Steven is a partner and the leader of Ernst & Young LLP’s Corporate Compliance team within its Fraud Investigation & Dispute Services practice. He can be reached at steven.kuzma@ey.com or +1 404 817 4280. Vince is a partner in Ernst & Young LLP’s Forensic Technology and Discovery Services team. He can be reached at vincent.walden@ey.com or +1 214 754 3941. Steven Kuzma Vince Walden “We recognize the issues of costs to companies to implement robust compliance programs, to hire outside counsel to conduct in-depth internal investigations and to forego certain business opportunities that are tainted with corruption. Those costs are significant, and we are very aware of that fact. The cost of not being FCPA compliant, however, can be far higher.” — Lanny Breuer, Assistant Attorney General, Nov. 17, 2009 Key components of an effective, risk-based compliance program 7
Ernst & Young Assurance | Tax | Transactions | Advisory About Ernst & Young Ernst & Young is a global leader in assurance, tax, transaction and advisory services. Worldwide, our 141,000 people are united by our shared values and an unwavering commitment to quality. We make a difference by helping our people, our clients and our wider communities achieve their potential. Ernst & Young refers to the global organization of member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit www.ey.com. Ernst & Young LLP is a client-serving member firm of Ernst & Young Global and of Ernst & Young Americas operating in the US. About Ernst & Young’s Fraud Investigation & Dispute Services Dealing with complex issues of fraud, regulatory compliance and business disputes can detract from efforts to achieve your company’s potential. Better management of fraud risk and compliance exposure is a critical business priority — no matter the industry sector. With our more than 1,000 fraud investigation and dispute professionals around the world, we assemble the right multidisciplinary and culturally aligned team to work with you and your legal advisors. And we work to give you the benefit of our broad sector experience, our deep subject matter knowledge and the latest insights from our work worldwide. It’s how Ernst & Young makes a difference. © 2011 Ernst & Young LLP. All Rights Reserved. SCORE No. WW0234 This publication contains information in summary form and is therefore intended for general guidance only. It is not intended to be a substitute for detailed research or the exercise of professional judgment. Neither EYGM Limited nor any other member of the global Ernst & Young organization can accept any responsibility for loss occasioned to any person acting or refraining from action as a result of any material in this publication. On any specific matter, reference should be made to the appropriate advisor.

Recommandé

Fraud Investigation
Fraud InvestigationFraud Investigation
Fraud InvestigationSalih Islam
 
Fraud risk management and interrogation techniques part ii
Fraud risk management and interrogation techniques part iiFraud risk management and interrogation techniques part ii
Fraud risk management and interrogation techniques part iiEMAC Consulting Group
 
Fraud prevention detection control fuh 12
Fraud prevention detection control fuh 12Fraud prevention detection control fuh 12
Fraud prevention detection control fuh 12Fuh George Cheo
 
Who Commits Fraud
Who Commits Fraud Who Commits Fraud
Who Commits Fraud Gelman, Rosenberg & Freedman CPAs
 
Creating A Due Diligence Framework
Creating A Due Diligence Framework Creating A Due Diligence Framework
Creating A Due Diligence Framework Now Dentons
 
Employee Fraud Prevention and Remedies
Employee Fraud Prevention and RemediesEmployee Fraud Prevention and Remedies
Employee Fraud Prevention and RemediesSSDlaw
 
Fraud risk management in banks
Fraud risk management in banksFraud risk management in banks
Fraud risk management in bankssathyananda prabhu
 
Fraud embezzlement
Fraud embezzlementFraud embezzlement
Fraud embezzlementFerdousa Khanam
 

Recommandé

Fraud Investigation
Fraud InvestigationFraud Investigation
Fraud InvestigationSalih Islam
 
Fraud risk management and interrogation techniques part ii
Fraud risk management and interrogation techniques part iiFraud risk management and interrogation techniques part ii
Fraud risk management and interrogation techniques part iiEMAC Consulting Group
 
Fraud prevention detection control fuh 12
Fraud prevention detection control fuh 12Fraud prevention detection control fuh 12
Fraud prevention detection control fuh 12Fuh George Cheo
 
Who Commits Fraud
Who Commits Fraud Who Commits Fraud
Who Commits Fraud Gelman, Rosenberg & Freedman CPAs
 
Creating A Due Diligence Framework
Creating A Due Diligence Framework Creating A Due Diligence Framework
Creating A Due Diligence Framework Now Dentons
 
Employee Fraud Prevention and Remedies
Employee Fraud Prevention and RemediesEmployee Fraud Prevention and Remedies
Employee Fraud Prevention and RemediesSSDlaw
 
Fraud risk management in banks
Fraud risk management in banksFraud risk management in banks
Fraud risk management in bankssathyananda prabhu
 
Fraud embezzlement
Fraud embezzlementFraud embezzlement
Fraud embezzlementFerdousa Khanam
 
9-22-11 Anti-Bribery and Corruption Prevention
9-22-11 Anti-Bribery and Corruption Prevention9-22-11 Anti-Bribery and Corruption Prevention
9-22-11 Anti-Bribery and Corruption PreventionKendal Peterson
 
Presentation on fraud prevention, detection & control
Presentation on fraud prevention, detection & controlPresentation on fraud prevention, detection & control
Presentation on fraud prevention, detection & controlDominic Sroda Korkoryi
 
Due Diligence for Merger & Acquisition, Corporate Restructuring and Takeover
Due Diligence for Merger & Acquisition, Corporate Restructuring and TakeoverDue Diligence for Merger & Acquisition, Corporate Restructuring and Takeover
Due Diligence for Merger & Acquisition, Corporate Restructuring and TakeoverPavan Kumar Vijay
 
Chapter 6 aml compliance programme
Chapter 6 aml compliance programmeChapter 6 aml compliance programme
Chapter 6 aml compliance programmeQuan Risk
 
The Fraud Diamond
The Fraud DiamondThe Fraud Diamond
The Fraud DiamondAshraf Zabidi
 
7 keys to fraud prevention
7 keys to fraud prevention7 keys to fraud prevention
7 keys to fraud preventionRon Steinkamp
 
Red Flags of Money Laundering
Red Flags of Money LaunderingRed Flags of Money Laundering
Red Flags of Money Launderingcomplianceonline123
 
Chapter 8 aml and ctf
Chapter 8 aml and ctfChapter 8 aml and ctf
Chapter 8 aml and ctfQuan Risk
 
Fraud Risk Assessment
Fraud Risk AssessmentFraud Risk Assessment
Fraud Risk AssessmentTahir Abbas
 
Chapter 5:Recognizing the symptoms of fraud
Chapter 5:Recognizing the symptoms of fraudChapter 5:Recognizing the symptoms of fraud
Chapter 5:Recognizing the symptoms of fraudVidaB
 
AML Training uba capital
AML Training uba capitalAML Training uba capital
AML Training uba capitalSEGUN AREMU B.sc Banking and Finance (ACIB)
 
BMR Advisors - Anti-Money Laundering Compliance
BMR Advisors - Anti-Money Laundering ComplianceBMR Advisors - Anti-Money Laundering Compliance
BMR Advisors - Anti-Money Laundering ComplianceAbhishek Bali
 
Business Ethics And Corporate Governance
Business Ethics And Corporate GovernanceBusiness Ethics And Corporate Governance
Business Ethics And Corporate GovernanceDivanshu Pahwa
 
Due diligence
Due diligenceDue diligence
Due diligenceRajiv Padia
 
Aml cft training programme
Aml cft training programmeAml cft training programme
Aml cft training programmeSubhalakshmi Girish
 
The Stakeholder approach to Business , society, and Ethics
The Stakeholder approach to Business , society, and EthicsThe Stakeholder approach to Business , society, and Ethics
The Stakeholder approach to Business , society, and EthicsIsmail Hossain
 
Ethics in finance
Ethics in financeEthics in finance
Ethics in financekvaastav
 
Presentation: Compliance & Third Party Due Diligence
Presentation: Compliance & Third Party Due DiligencePresentation: Compliance & Third Party Due Diligence
Presentation: Compliance & Third Party Due DiligenceethiXbase
 
Understanding Financial Statement fraud- Forensic Accounting Perspective
Understanding Financial Statement fraud- Forensic Accounting PerspectiveUnderstanding Financial Statement fraud- Forensic Accounting Perspective
Understanding Financial Statement fraud- Forensic Accounting PerspectiveGodwin Emmanuel Oyedokun MBA MSc ACA ACIB FCTI FCFIP CFE
 
Fraud risk management training - Elsam Management Consultants
Fraud risk management training - Elsam Management ConsultantsFraud risk management training - Elsam Management Consultants
Fraud risk management training - Elsam Management ConsultantsEMAC Consulting Group
 
Legal Due Diligence: Integrating the Legal and Business Parts of the Process
Legal Due Diligence: Integrating the Legal and Business Parts of the ProcessLegal Due Diligence: Integrating the Legal and Business Parts of the Process
Legal Due Diligence: Integrating the Legal and Business Parts of the ProcessNow Dentons
 
M&A Law: The Lawyer's Role; Recent Delaware Developments
M&A Law: The Lawyer's Role; Recent Delaware DevelopmentsM&A Law: The Lawyer's Role; Recent Delaware Developments
M&A Law: The Lawyer's Role; Recent Delaware DevelopmentsStephen Bainbridge
 

Contenu connexe

Tendances

9-22-11 Anti-Bribery and Corruption Prevention
9-22-11 Anti-Bribery and Corruption Prevention9-22-11 Anti-Bribery and Corruption Prevention
9-22-11 Anti-Bribery and Corruption PreventionKendal Peterson
 
Presentation on fraud prevention, detection & control
Presentation on fraud prevention, detection & controlPresentation on fraud prevention, detection & control
Presentation on fraud prevention, detection & controlDominic Sroda Korkoryi
 
Due Diligence for Merger & Acquisition, Corporate Restructuring and Takeover
Due Diligence for Merger & Acquisition, Corporate Restructuring and TakeoverDue Diligence for Merger & Acquisition, Corporate Restructuring and Takeover
Due Diligence for Merger & Acquisition, Corporate Restructuring and TakeoverPavan Kumar Vijay
 
Chapter 6 aml compliance programme
Chapter 6 aml compliance programmeChapter 6 aml compliance programme
Chapter 6 aml compliance programmeQuan Risk
 
7 keys to fraud prevention
7 keys to fraud prevention7 keys to fraud prevention
7 keys to fraud preventionRon Steinkamp
 
Chapter 8 aml and ctf
Chapter 8 aml and ctfChapter 8 aml and ctf
Chapter 8 aml and ctfQuan Risk
 
Fraud Risk Assessment
Fraud Risk AssessmentFraud Risk Assessment
Fraud Risk AssessmentTahir Abbas
 
Chapter 5:Recognizing the symptoms of fraud
Chapter 5:Recognizing the symptoms of fraudChapter 5:Recognizing the symptoms of fraud
Chapter 5:Recognizing the symptoms of fraudVidaB
 
BMR Advisors - Anti-Money Laundering Compliance
BMR Advisors - Anti-Money Laundering ComplianceBMR Advisors - Anti-Money Laundering Compliance
BMR Advisors - Anti-Money Laundering ComplianceAbhishek Bali
 
Business Ethics And Corporate Governance
Business Ethics And Corporate GovernanceBusiness Ethics And Corporate Governance
Business Ethics And Corporate GovernanceDivanshu Pahwa
 
The Stakeholder approach to Business , society, and Ethics
The Stakeholder approach to Business , society, and EthicsThe Stakeholder approach to Business , society, and Ethics
The Stakeholder approach to Business , society, and EthicsIsmail Hossain
 
Ethics in finance
Ethics in financeEthics in finance
Ethics in financekvaastav
 
Presentation: Compliance & Third Party Due Diligence
Presentation: Compliance & Third Party Due DiligencePresentation: Compliance & Third Party Due Diligence
Presentation: Compliance & Third Party Due DiligenceethiXbase
 
Fraud risk management training - Elsam Management Consultants
Fraud risk management training - Elsam Management ConsultantsFraud risk management training - Elsam Management Consultants
Fraud risk management training - Elsam Management ConsultantsEMAC Consulting Group
 

Tendances (20)

9-22-11 Anti-Bribery and Corruption Prevention
9-22-11 Anti-Bribery and Corruption Prevention9-22-11 Anti-Bribery and Corruption Prevention
9-22-11 Anti-Bribery and Corruption Prevention
 
Presentation on fraud prevention, detection & control
Presentation on fraud prevention, detection & controlPresentation on fraud prevention, detection & control
Presentation on fraud prevention, detection & control
 
Due Diligence for Merger & Acquisition, Corporate Restructuring and Takeover
Due Diligence for Merger & Acquisition, Corporate Restructuring and TakeoverDue Diligence for Merger & Acquisition, Corporate Restructuring and Takeover
Due Diligence for Merger & Acquisition, Corporate Restructuring and Takeover
 
Chapter 6 aml compliance programme
Chapter 6 aml compliance programmeChapter 6 aml compliance programme
Chapter 6 aml compliance programme
 
The Fraud Diamond
The Fraud DiamondThe Fraud Diamond
The Fraud Diamond
 
7 keys to fraud prevention
7 keys to fraud prevention7 keys to fraud prevention
7 keys to fraud prevention
 
Red Flags of Money Laundering
Red Flags of Money LaunderingRed Flags of Money Laundering
Red Flags of Money Laundering
 
Chapter 8 aml and ctf
Chapter 8 aml and ctfChapter 8 aml and ctf
Chapter 8 aml and ctf
 
Fraud Risk Assessment
Fraud Risk AssessmentFraud Risk Assessment
Fraud Risk Assessment
 
Chapter 5:Recognizing the symptoms of fraud
Chapter 5:Recognizing the symptoms of fraudChapter 5:Recognizing the symptoms of fraud
Chapter 5:Recognizing the symptoms of fraud
 
AML Training uba capital
AML Training uba capitalAML Training uba capital
AML Training uba capital
 
BMR Advisors - Anti-Money Laundering Compliance
BMR Advisors - Anti-Money Laundering ComplianceBMR Advisors - Anti-Money Laundering Compliance
BMR Advisors - Anti-Money Laundering Compliance
 
Business Ethics And Corporate Governance
Business Ethics And Corporate GovernanceBusiness Ethics And Corporate Governance
Business Ethics And Corporate Governance
 
Due diligence
Due diligenceDue diligence
Due diligence
 
Aml cft training programme
Aml cft training programmeAml cft training programme
Aml cft training programme
 
The Stakeholder approach to Business , society, and Ethics
The Stakeholder approach to Business , society, and EthicsThe Stakeholder approach to Business , society, and Ethics
The Stakeholder approach to Business , society, and Ethics
 
Ethics in finance
Ethics in financeEthics in finance
Ethics in finance
 
Presentation: Compliance & Third Party Due Diligence
Presentation: Compliance & Third Party Due DiligencePresentation: Compliance & Third Party Due Diligence
Presentation: Compliance & Third Party Due Diligence
 
Understanding Financial Statement fraud- Forensic Accounting Perspective
Understanding Financial Statement fraud- Forensic Accounting PerspectiveUnderstanding Financial Statement fraud- Forensic Accounting Perspective
Understanding Financial Statement fraud- Forensic Accounting Perspective
 
Fraud risk management training - Elsam Management Consultants
Fraud risk management training - Elsam Management ConsultantsFraud risk management training - Elsam Management Consultants
Fraud risk management training - Elsam Management Consultants
 

En vedette

Legal Due Diligence: Integrating the Legal and Business Parts of the Process
Legal Due Diligence: Integrating the Legal and Business Parts of the ProcessLegal Due Diligence: Integrating the Legal and Business Parts of the Process
Legal Due Diligence: Integrating the Legal and Business Parts of the ProcessNow Dentons
 
M&A Law: The Lawyer's Role; Recent Delaware Developments
M&A Law: The Lawyer's Role; Recent Delaware DevelopmentsM&A Law: The Lawyer's Role; Recent Delaware Developments
M&A Law: The Lawyer's Role; Recent Delaware DevelopmentsStephen Bainbridge
 
The Six Highest Performing B2B Blog Post Formats
The Six Highest Performing B2B Blog Post FormatsThe Six Highest Performing B2B Blog Post Formats
The Six Highest Performing B2B Blog Post FormatsBarry Feldman
 
Ey top-10-risks-in-telecommunications-2014
Ey top-10-risks-in-telecommunications-2014Ey top-10-risks-in-telecommunications-2014
Ey top-10-risks-in-telecommunications-2014CMR WORLD TECH
 
EY Analyse Gewinnwarnungen 2011-2016.pptx
EY Analyse Gewinnwarnungen 2011-2016.pptxEY Analyse Gewinnwarnungen 2011-2016.pptx
EY Analyse Gewinnwarnungen 2011-2016.pptxEY
 
Sample due diligence checklist
Sample due diligence checklistSample due diligence checklist
Sample due diligence checklistLuis Espinosa
 
Wharton School - Overview of Sub Saharan Tax
Wharton School - Overview of Sub Saharan TaxWharton School - Overview of Sub Saharan Tax
Wharton School - Overview of Sub Saharan TaxJames Deiotte
 
Due Diligence - What You Don’t Find Out Will Hurt You
Due Diligence - What You Don’t Find Out Will Hurt YouDue Diligence - What You Don’t Find Out Will Hurt You
Due Diligence - What You Don’t Find Out Will Hurt YouNow Dentons
 
EY activities and solutions for insurers focusing on the emerging consumers
EY activities and solutions for insurers focusing on the emerging consumersEY activities and solutions for insurers focusing on the emerging consumers
EY activities and solutions for insurers focusing on the emerging consumersEY
 
Successful Legal Due Diligence Strategies
Successful Legal Due Diligence StrategiesSuccessful Legal Due Diligence Strategies
Successful Legal Due Diligence StrategiesLawPlus Ltd.
 
EY Valuation & Business Modelling - Luxembourg office
EY Valuation & Business Modelling - Luxembourg officeEY Valuation & Business Modelling - Luxembourg office
EY Valuation & Business Modelling - Luxembourg officeeyluxembourg
 
Browne Jacobson - Education Law Conference 2016 - Workshop stream 1, Efficien...
Browne Jacobson - Education Law Conference 2016 - Workshop stream 1, Efficien...Browne Jacobson - Education Law Conference 2016 - Workshop stream 1, Efficien...
Browne Jacobson - Education Law Conference 2016 - Workshop stream 1, Efficien...Browne Jacobson LLP
 
Counter intelligence reading list
Counter intelligence reading listCounter intelligence reading list
Counter intelligence reading listJonathan S.
 
The impact of innovation on the future of IVD
The impact of innovation on the future of IVDThe impact of innovation on the future of IVD
The impact of innovation on the future of IVDEY
 
EY-introducing-EYs-advisory-services
EY-introducing-EYs-advisory-servicesEY-introducing-EYs-advisory-services
EY-introducing-EYs-advisory-servicesEric Vastag
 
Legal Due Diligence (LDD) - EMLI Training
Legal Due Diligence (LDD) - EMLI TrainingLegal Due Diligence (LDD) - EMLI Training
Legal Due Diligence (LDD) - EMLI TrainingEMLI Indonesia
 
Dealing in a digital world - strategies to future-proof your business
Dealing in a digital world - strategies to future-proof your businessDealing in a digital world - strategies to future-proof your business
Dealing in a digital world - strategies to future-proof your businessEY
 
Technical Due Diligence
Technical Due DiligenceTechnical Due Diligence
Technical Due Diligenceargentieri
 

En vedette (20)

Legal Due Diligence: Integrating the Legal and Business Parts of the Process
Legal Due Diligence: Integrating the Legal and Business Parts of the ProcessLegal Due Diligence: Integrating the Legal and Business Parts of the Process
Legal Due Diligence: Integrating the Legal and Business Parts of the Process
 
M&A Law: The Lawyer's Role; Recent Delaware Developments
M&A Law: The Lawyer's Role; Recent Delaware DevelopmentsM&A Law: The Lawyer's Role; Recent Delaware Developments
M&A Law: The Lawyer's Role; Recent Delaware Developments
 
The Six Highest Performing B2B Blog Post Formats
The Six Highest Performing B2B Blog Post FormatsThe Six Highest Performing B2B Blog Post Formats
The Six Highest Performing B2B Blog Post Formats
 
Ey top-10-risks-in-telecommunications-2014
Ey top-10-risks-in-telecommunications-2014Ey top-10-risks-in-telecommunications-2014
Ey top-10-risks-in-telecommunications-2014
 
EY Analyse Gewinnwarnungen 2011-2016.pptx
EY Analyse Gewinnwarnungen 2011-2016.pptxEY Analyse Gewinnwarnungen 2011-2016.pptx
EY Analyse Gewinnwarnungen 2011-2016.pptx
 
Sample due diligence checklist
Sample due diligence checklistSample due diligence checklist
Sample due diligence checklist
 
Wharton School - Overview of Sub Saharan Tax
Wharton School - Overview of Sub Saharan TaxWharton School - Overview of Sub Saharan Tax
Wharton School - Overview of Sub Saharan Tax
 
Due Diligence - What You Don’t Find Out Will Hurt You
Due Diligence - What You Don’t Find Out Will Hurt YouDue Diligence - What You Don’t Find Out Will Hurt You
Due Diligence - What You Don’t Find Out Will Hurt You
 
EY activities and solutions for insurers focusing on the emerging consumers
EY activities and solutions for insurers focusing on the emerging consumersEY activities and solutions for insurers focusing on the emerging consumers
EY activities and solutions for insurers focusing on the emerging consumers
 
Successful Legal Due Diligence Strategies
Successful Legal Due Diligence StrategiesSuccessful Legal Due Diligence Strategies
Successful Legal Due Diligence Strategies
 
EY Valuation & Business Modelling - Luxembourg office
EY Valuation & Business Modelling - Luxembourg officeEY Valuation & Business Modelling - Luxembourg office
EY Valuation & Business Modelling - Luxembourg office
 
Browne Jacobson - Education Law Conference 2016 - Workshop stream 1, Efficien...
Browne Jacobson - Education Law Conference 2016 - Workshop stream 1, Efficien...Browne Jacobson - Education Law Conference 2016 - Workshop stream 1, Efficien...
Browne Jacobson - Education Law Conference 2016 - Workshop stream 1, Efficien...
 
Counter intelligence reading list
Counter intelligence reading listCounter intelligence reading list
Counter intelligence reading list
 
Arcelor Mittal
Arcelor Mittal Arcelor Mittal
Arcelor Mittal
 
The impact of innovation on the future of IVD
The impact of innovation on the future of IVDThe impact of innovation on the future of IVD
The impact of innovation on the future of IVD
 
EY-introducing-EYs-advisory-services
EY-introducing-EYs-advisory-servicesEY-introducing-EYs-advisory-services
EY-introducing-EYs-advisory-services
 
Legal Due Diligence (LDD) - EMLI Training
Legal Due Diligence (LDD) - EMLI TrainingLegal Due Diligence (LDD) - EMLI Training
Legal Due Diligence (LDD) - EMLI Training
 
Dealing in a digital world - strategies to future-proof your business
Dealing in a digital world - strategies to future-proof your businessDealing in a digital world - strategies to future-proof your business
Dealing in a digital world - strategies to future-proof your business
 
Technical Due Diligence
Technical Due DiligenceTechnical Due Diligence
Technical Due Diligence
 
Aldrich aimes
Aldrich aimesAldrich aimes
Aldrich aimes
 

Similaire à Third Party Due Diligence - Know Your Third Party - EY India

Anti-Bribery and Corruption Compliance for Third Parties
Anti-Bribery and Corruption Compliance for Third PartiesAnti-Bribery and Corruption Compliance for Third Parties
Anti-Bribery and Corruption Compliance for Third PartiesDun & Bradstreet
 
1082018 Printhttpscontent.ashford.eduprintAUOMM640..docx
1082018 Printhttpscontent.ashford.eduprintAUOMM640..docx1082018 Printhttpscontent.ashford.eduprintAUOMM640..docx
1082018 Printhttpscontent.ashford.eduprintAUOMM640..docxdrennanmicah
 
SAI-GLOBAL-whitepaper-program-assessment-maturity-curve
SAI-GLOBAL-whitepaper-program-assessment-maturity-curveSAI-GLOBAL-whitepaper-program-assessment-maturity-curve
SAI-GLOBAL-whitepaper-program-assessment-maturity-curveJames D. Meacham, CCEP, CRISC
 
GP_for_Third_Party_Anti-Corruption_product_sheet
GP_for_Third_Party_Anti-Corruption_product_sheetGP_for_Third_Party_Anti-Corruption_product_sheet
GP_for_Third_Party_Anti-Corruption_product_sheetMarco Villacorta Olano
 
ComplianceGuidelinesUploaded6.14PDF
ComplianceGuidelinesUploaded6.14PDFComplianceGuidelinesUploaded6.14PDF
ComplianceGuidelinesUploaded6.14PDFPaulette Wunsch
 
5 steps to a comprehensive aml programme
5 steps to a comprehensive aml programme5 steps to a comprehensive aml programme
5 steps to a comprehensive aml programmeSILO Compliance Systems
 
theprinciplesmaturitymodel
theprinciplesmaturitymodeltheprinciplesmaturitymodel
theprinciplesmaturitymodelDavid Vickers
 
Explanatory Note for the Internal Control and Risk Management Project of the ...
Explanatory Note for the Internal Control and Risk Management Project of the ...Explanatory Note for the Internal Control and Risk Management Project of the ...
Explanatory Note for the Internal Control and Risk Management Project of the ...OECD Governance
 
Life Sciences 2016 (3)
Life Sciences 2016 (3)Life Sciences 2016 (3)
Life Sciences 2016 (3)hldorfman
 
The New Finmeccanica Compliance- Finmeccanica at Paris Air Show 2013
The New Finmeccanica Compliance- Finmeccanica at Paris Air Show 2013The New Finmeccanica Compliance- Finmeccanica at Paris Air Show 2013
The New Finmeccanica Compliance- Finmeccanica at Paris Air Show 2013Leonardo
 
White Paper: A summary of the FSA thematic review
White Paper: A summary of the FSA thematic reviewWhite Paper: A summary of the FSA thematic review
White Paper: A summary of the FSA thematic reviewLexisNexis Benelux
 
Whistleblower Best Practices: What Do Compliance and Business Leaders Need to...
Whistleblower Best Practices: What Do Compliance and Business Leaders Need to...Whistleblower Best Practices: What Do Compliance and Business Leaders Need to...
Whistleblower Best Practices: What Do Compliance and Business Leaders Need to...Ethisphere
 
How to Assess Integrity Risks for a Company ?
How to Assess Integrity Risks for a Company ?How to Assess Integrity Risks for a Company ?
How to Assess Integrity Risks for a Company ?iohann Le Frapper
 
Seven Elements Of Effective Compliance Programs
Seven Elements Of Effective Compliance ProgramsSeven Elements Of Effective Compliance Programs
Seven Elements Of Effective Compliance ProgramsMaria Macri
 
Best practice for anti corruption
Best practice for anti corruptionBest practice for anti corruption
Best practice for anti corruptionEthical Sector
 

Similaire à Third Party Due Diligence - Know Your Third Party - EY India (20)

Anti-Bribery and Corruption Compliance for Third Parties
Anti-Bribery and Corruption Compliance for Third PartiesAnti-Bribery and Corruption Compliance for Third Parties
Anti-Bribery and Corruption Compliance for Third Parties
 
Hassan Qaqaya
Hassan QaqayaHassan Qaqaya
Hassan Qaqaya
 
1082018 Printhttpscontent.ashford.eduprintAUOMM640..docx
1082018 Printhttpscontent.ashford.eduprintAUOMM640..docx1082018 Printhttpscontent.ashford.eduprintAUOMM640..docx
1082018 Printhttpscontent.ashford.eduprintAUOMM640..docx
 
SAI-GLOBAL-whitepaper-program-assessment-maturity-curve
SAI-GLOBAL-whitepaper-program-assessment-maturity-curveSAI-GLOBAL-whitepaper-program-assessment-maturity-curve
SAI-GLOBAL-whitepaper-program-assessment-maturity-curve
 
Expert Answers
Expert AnswersExpert Answers
Expert Answers
 
GP_for_Third_Party_Anti-Corruption_product_sheet
GP_for_Third_Party_Anti-Corruption_product_sheetGP_for_Third_Party_Anti-Corruption_product_sheet
GP_for_Third_Party_Anti-Corruption_product_sheet
 
ComplianceGuidelinesUploaded6.14PDF
ComplianceGuidelinesUploaded6.14PDFComplianceGuidelinesUploaded6.14PDF
ComplianceGuidelinesUploaded6.14PDF
 
5 steps to a comprehensive aml programme
5 steps to a comprehensive aml programme5 steps to a comprehensive aml programme
5 steps to a comprehensive aml programme
 
FCPA Boot Camp
FCPA Boot CampFCPA Boot Camp
FCPA Boot Camp
 
theprinciplesmaturitymodel
theprinciplesmaturitymodeltheprinciplesmaturitymodel
theprinciplesmaturitymodel
 
Integrity framework
Integrity frameworkIntegrity framework
Integrity framework
 
Explanatory Note for the Internal Control and Risk Management Project of the ...
Explanatory Note for the Internal Control and Risk Management Project of the ...Explanatory Note for the Internal Control and Risk Management Project of the ...
Explanatory Note for the Internal Control and Risk Management Project of the ...
 
Life Sciences 2016 (3)
Life Sciences 2016 (3)Life Sciences 2016 (3)
Life Sciences 2016 (3)
 
The New Finmeccanica Compliance- Finmeccanica at Paris Air Show 2013
The New Finmeccanica Compliance- Finmeccanica at Paris Air Show 2013The New Finmeccanica Compliance- Finmeccanica at Paris Air Show 2013
The New Finmeccanica Compliance- Finmeccanica at Paris Air Show 2013
 
White Paper: A summary of the FSA thematic review
White Paper: A summary of the FSA thematic reviewWhite Paper: A summary of the FSA thematic review
White Paper: A summary of the FSA thematic review
 
Whistleblower Best Practices: What Do Compliance and Business Leaders Need to...
Whistleblower Best Practices: What Do Compliance and Business Leaders Need to...Whistleblower Best Practices: What Do Compliance and Business Leaders Need to...
Whistleblower Best Practices: What Do Compliance and Business Leaders Need to...
 
How to Assess Integrity Risks for a Company ?
How to Assess Integrity Risks for a Company ?How to Assess Integrity Risks for a Company ?
How to Assess Integrity Risks for a Company ?
 
ANTI-CORRUPTION CHARTER
ANTI-CORRUPTION CHARTERANTI-CORRUPTION CHARTER
ANTI-CORRUPTION CHARTER
 
Seven Elements Of Effective Compliance Programs
Seven Elements Of Effective Compliance ProgramsSeven Elements Of Effective Compliance Programs
Seven Elements Of Effective Compliance Programs
 
Best practice for anti corruption
Best practice for anti corruptionBest practice for anti corruption
Best practice for anti corruption
 

Plus de Ernst & Young

Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeCyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeErnst & Young
 
Regulatory Compliance: Adapting to a Pressurized Environment
Regulatory Compliance: Adapting to a Pressurized EnvironmentRegulatory Compliance: Adapting to a Pressurized Environment
Regulatory Compliance: Adapting to a Pressurized EnvironmentErnst & Young
 
Step up to Ind AS 115
Step up to Ind AS 115Step up to Ind AS 115
Step up to Ind AS 115Ernst & Young
 
Guide to First Time Adoption of Ind AS 109
Guide to First Time Adoption of Ind AS 109Guide to First Time Adoption of Ind AS 109
Guide to First Time Adoption of Ind AS 109Ernst & Young
 
Fraud Risk Management | Fraud Risk Assessment - EY India
Fraud Risk Management | Fraud Risk Assessment - EY IndiaFraud Risk Management | Fraud Risk Assessment - EY India
Fraud Risk Management | Fraud Risk Assessment - EY IndiaErnst & Young
 
New Companies Act 2013 Highlights
New Companies Act 2013 HighlightsNew Companies Act 2013 Highlights
New Companies Act 2013 HighlightsErnst & Young
 
Union Budget 2016 Highlights & Impact – EY India
Union Budget 2016 Highlights & Impact – EY IndiaUnion Budget 2016 Highlights & Impact – EY India
Union Budget 2016 Highlights & Impact – EY IndiaErnst & Young
 

Plus de Ernst & Young (7)

Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeCyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
 
Regulatory Compliance: Adapting to a Pressurized Environment
Regulatory Compliance: Adapting to a Pressurized EnvironmentRegulatory Compliance: Adapting to a Pressurized Environment
Regulatory Compliance: Adapting to a Pressurized Environment
 
Step up to Ind AS 115
Step up to Ind AS 115Step up to Ind AS 115
Step up to Ind AS 115
 
Guide to First Time Adoption of Ind AS 109
Guide to First Time Adoption of Ind AS 109Guide to First Time Adoption of Ind AS 109
Guide to First Time Adoption of Ind AS 109
 
Fraud Risk Management | Fraud Risk Assessment - EY India
Fraud Risk Management | Fraud Risk Assessment - EY IndiaFraud Risk Management | Fraud Risk Assessment - EY India
Fraud Risk Management | Fraud Risk Assessment - EY India
 
New Companies Act 2013 Highlights
New Companies Act 2013 HighlightsNew Companies Act 2013 Highlights
New Companies Act 2013 Highlights
 
Union Budget 2016 Highlights & Impact – EY India
Union Budget 2016 Highlights & Impact – EY IndiaUnion Budget 2016 Highlights & Impact – EY India
Union Budget 2016 Highlights & Impact – EY India
 

Dernier

Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadIslamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadAyesha Khan
 
Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Seta Wicaksana
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCRashishs7044
 
Innovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfInnovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfrichard876048
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03DallasHaselhorst
 
Digital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfDigital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfJos Voskuil
 
Call Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any TimeCall Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any Timedelhimodelshub1
 
The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024christinemoorman
 
Investment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy CheruiyotInvestment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy Cheruiyotictsugar
 
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...lizamodels9
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCRashishs7044
 
8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCRashishs7044
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfpollardmorgan
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...lizamodels9
 
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In.../:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...lizamodels9
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfRbc Rbcua
 
Marketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent ChirchirMarketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent Chirchirictsugar
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaoncallgirls2057
 
Kenya’s Coconut Value Chain by Gatsby Africa
Kenya’s Coconut Value Chain by Gatsby AfricaKenya’s Coconut Value Chain by Gatsby Africa
Kenya’s Coconut Value Chain by Gatsby Africaictsugar
 

Dernier (20)

Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadIslamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
 
Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
 
Innovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfInnovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdf
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03
 
Digital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfDigital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdf
 
Call Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any TimeCall Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any Time
 
The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024
 
Investment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy CheruiyotInvestment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy Cheruiyot
 
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
 
8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR
 
Japan IT Week 2024 Brochure by 47Billion (English)
Japan IT Week 2024 Brochure by 47Billion (English)Japan IT Week 2024 Brochure by 47Billion (English)
Japan IT Week 2024 Brochure by 47Billion (English)
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
 
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In.../:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdf
 
Marketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent ChirchirMarketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent Chirchir
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
 
Kenya’s Coconut Value Chain by Gatsby Africa
Kenya’s Coconut Value Chain by Gatsby AfricaKenya’s Coconut Value Chain by Gatsby Africa
Kenya’s Coconut Value Chain by Gatsby Africa
 

Third Party Due Diligence - Know Your Third Party - EY India

  • 1. Third-party due diligence Key components of an effective, risk-based compliance program
  • 2. The economic crisis, vigorous governmental enforcement activity and the increased focus on enterprise risk are causing global corporations and their audit committees to take a closer look at how they manage and conduct their due diligence around vendor, distributor, joint venture and customer organizations — defined broadly as third parties. Those with existing due diligence programs are finding they have not kept up with the increased global risks of third-party vendors — particularly in the areas of anti- bribery and corruption — leaving many companies to wonder what constitutes a reasonable due diligence program and how much research and documentation are enough. We help companies facing this issue and assist them in building compliance programs that aim to address vendor corruption risk. In this paper, we share some of the leading practices for building an effective vendor due diligence program and suggest steps that companies could consider to improve their current processes and technologies to address the global regulatory environment. While the discipline around supply chain and vendor management is relatively mature, third-party risk, from a regulatory management perspective, is in its infancy with little guidance available and no standards established. Perhaps this is because most third-party management programs were developed decades ago when the focus of the due diligence tasks were around “operational” and “financial” criteria and were typically only done once during the on-boarding process. Operational and financial criteria often included verifying that the third-party was in good corporate standing; reviewing audited financial statements to ensure financial stability; and perhaps calling upon a few references. Documentation rarely included due diligence activities related to adverse media searches, criminal history, government sanctions or queries to identify politically exposed individuals. From a regulatory perspective, neither the U.S. Department of Justice (DOJ) nor the U.S. Securities and Exchange Commission (SEC) provide specific guidance on the components of an effective third-party due diligence program. However, the U.S. Sentencing Commission voted unanimously on April 7, 2010, to modify the Federal Sentencing Guidelines for organizations, including the provisions that set forth the attributes of an effective compliance and ethics program. The guidelines provide some high-level components that should be integrated into your third-party due diligence and compliance programs. These components, which took effect November 1, 2010, suggest that management should: 1) Establish standards and procedures to prevent and detect criminal conduct. 2) Be knowledgeable about the content and operation of the program and exercise reasonable oversight with respect to the implementation and effectiveness of the compliance program. 3) Make reasonable efforts not to include within the substantial authority personnel of the organization any individual whom the organization knew, or should have known through the exercise of due diligence, or has engaged in illegal activities or other conduct inconsistent with an effective compliance and ethics program. 4) Take steps to communicate the program’s standards and procedures throughout the organization and provide training tailored for various audiences. 5) Take reasonable steps to ensure that the program is followed, including monitoring and auditing to detect criminal conduct, periodically evaluating the program’s effectiveness and publicizing a system that allows reporting potential and actual criminal conduct without fear of retaliation. 6) Consistently promote and enforce the program with appropriate incentives for proper performance and appropriate disciplinary measures for those who engage in criminal conduct or fail to take reasonable steps to prevent or detect it. 7) Take reasonable steps to respond appropriately to criminal conduct when detected and prevent further similar criminal conduct, including making any necessary changes to the program. “Third-party due diligence must be robust, thorough, impeccably documented and preserved.” — Former U.S. Department of Justice Fraud Section Deputy Chief Mark Mendelsohn (2005–2010), FCPA Conference, November 2009 Third-party due diligence2
  • 3. One may also look to the Organisation for Economic Co-operation and Development (OECD) for its February 18, 2010, adoption of “Good Practice Guidance on Internal Controls, Ethics and Compliance.” This Good Practice Guidance was adopted by the OECD Council as an integral part of the “Recommendation of the Council for Further Combating Bribery of Foreign Public Officials in International Business Transactions,” dated November 26, 2009. The guidance provides for the following leading practices for ensuring effective internal controls, ethics and compliance programs or measures for the purpose of preventing and detecting foreign bribery. As it relates to third-party due diligence, the guidance includes the following points: • Strong, explicit and visible support and commitment from senior management • Ethics and compliance programs or measures designed to prevent and detect foreign bribery applicable, where appropriate and subject to contractual arrangements, to third parties such as agents and other intermediaries, consultants, representatives, distributors, contractors and suppliers, consortia and joint venture partners (hereinafter, “business partners”), including, among other things, the following essential elements: • Properly documented, risk-based due diligence pertaining to the hiring, as well as the appropriate and regular oversight of business partners • Informing business partners of the company’s commitment to abiding by laws on the prohibitions against foreign bribery, and of the company’s ethics and compliance program or measures for preventing and detecting such bribery • Seeking a reciprocal commitment from business partners • Effective measures for: • Providing guidance and advice to directors, officers, employees and, where appropriate, business partners on complying with the company’s ethics and compliance program or measures, including when they need urgent advice on difficult situations in foreign jurisdictions. • Internal and, where possible, confidential reporting by, and protection of, directors, officers, employees and, where appropriate, business partners not willing to violate professional standards or ethics under instructions or pressure from hierarchical superiors, as well as for directors, officers, employees and, where appropriate, business partners willing to report breaches of the law or professional standards or ethics occurring within the company, in good faith and on reasonable grounds. • Undertaking appropriate action in response to such reports. • Periodic reviews of the ethics and compliance programs or measures designed to evaluate and improve their effectiveness in preventing and detecting foreign bribery, taking into account relevant developments in the field, and evolving international and industry standards Finally, the UK Bribery Act effective July 1, 2011, mentions due diligence as one of its six principles for anti-bribery compliance and stresses the importance that companies should focus their third- party due diligence resources using a “risk- based” approach. The Act creates four offenses, one of which is failing to prevent bribery, which covers the activities of any person or third-party acting on behalf of a business (for example, employees, agents or subsidiaries). “… due diligence procedures should be proportionate to the identified risk. ‘Due diligence’ … should be conducted using a risk- based approach.” — Bribery Act 2010 Guidance UK Ministry of Justice Key components of an effective, risk-based compliance program 3
  • 4. Key components of an effective program Taking the existing guidance into consideration, four key principles become apparent, which serve as a strong frame of reference for incorporating the multiple guidelines and legal rulings previously discussed into an effective global due diligence program. These guidelines are consistency, management oversight, objectivity and reasonableness. Consistency — Automating the process and developing standard templates for vetting third parties, especially overseas, will help drive consistency across the company. A robust platform allows a company to effectively and efficiently manage a decentralized program. The goals that companies should be to have one system that everyone uses on a consistent basis. Management oversight — It is important that management’s intent and actions provide for a robust third-party due diligence process. Is management doing the best they can based on their perceived risk and limited resources or are they choosing to look the other way? Objectivity — Are the due diligence procedures objective and performed separately from the requestor, which could contain inherent conflicts of interest? Each due diligence investigation should be independently performed with its own case file, notifications, investigative findings, remediation actions, education and representations between the company and its agent, partner, distributor, third parties and others. Having a defined case management work flow integrating people, process and technology can be particularly useful to ensure an objective process. Evaluating your program Questions to ask Consider your current anti-corruption vendor on-boarding process and ask tough questions about consistency, management oversight, objectivity and reasonableness. Consistency. Is the process followed consistently? Can you audit or tie back vendor request forms to each vendor in the vendor master? Is there training around the process? Is it globally deployed? Is the process repeatable — i.e., would you arrive at the same conclusion if you were to run a selection of new vendor setup forms through the same process? Are the rules and contract language around FCPA and anti-corruption consistent from country to country? Management oversight. When was the last global training program on anti- corruption, due diligence or compliance? When did you last update your new vendor setup form or procedures? Does your company use software tools for case management to manage and document the vendor setup process? What database and due diligence steps does accounts payable take to categorize new vendor submissions received from the requestor? Is the right person making the decision? Once accepted, is it rechecked annually or on an ongoing basis? During the escalation process, who is responsible for making the tough calls? How robust is the vendor “vetting report”? Does it incorporate public database checks, include the officers of a company and search for “politically exposed persons,” adverse media, country-specific sanctions and more? Who is made aware of a new vendor once approved — is it communicated to the corporate office and centrally managed, or is it handled and decided by the local office? Objectivity. Given so many decision-makers at the country or subsidiary level, can the current process stand up to independence scrutiny from an outside (or DOJ) perspective? For example, can the accounts payable clerk processing the original new vendor setup form be forced to designate a form as “low risk” from the requestor in order to avoid additional scrutiny from upper management? Reasonableness. Is the process reasonable? Does the process generate too much paperwork that may not get reviewed or too little paperwork where rogue third parties or necessary contract terms might be missed? Does the process incorporate leading practices, including the criteria set forth in the U.S. Sentencing Guidelines and OECD? “Put simply, the prospect of significant prison sentences for individuals should make clear to every corporate executive, every board member and every sales agent that we will hold you personally accountable for FCPA violations.” — Assistant Attorney General for the Criminal Division, Lanny Breuer, Feb. 2010 Third-party due diligence4
  • 5. The supplier vetting activities Approve Total supplier universe Develop supplier category and geographicfiltering criteria* Develop detailed filtering criteriaon supplier relationshipand natureof contract Develop supplier vetting protocolsto effectively document legal, regulatory and reputational risks Develop decision criteriafor acceptance, denial or specificcontract modifications, based on risk profile 80,000 third parties 10,000 moderate risk 1,000 high risk 250 negative hits 150 denied DeniedApprove with restrictions *Geographic filtering will include Transparency International’s Global Corruption Perception’s Index, among other criteria. Filtering criteria example: of thousands. Filtering them down to a management population is a critical first step before deciding which due diligence procedures to conduct as demonstrated by the diagram above. As it relates to actually conducting regulatory related due diligence activities for those higher risk third parties, we see the process broken down into three general levels of investigation: Level I: open source background checks Level I analysis includes a comprehensive check of available sanctions and embargo and watch lists. It also includes internet and media search inquires. These searches use open source databases and public information to search a wide range of business journals, websites, industry publications and mainstream media. When these processes are streamlined through the use of case management software, online databases and internet searching, a Level I analysis can be accomplished by an investigator in three to five hours; and given its streamlined, repeatable nature, it is ideal for centralization and perhaps even outsourcing. Reasonableness — Given limited company resources, taking a risk-based, tiered approach to third-party due diligence helps management to allocate resources accordingly. Reasonableness addresses the question, “How much is enough?” In your efforts to avoid doing business with the wrong people, a prudent and well thought-out process is important. A thoughtful and reasonable compliance program that is risk based is the best preventive strategy for making sure that compliance is both practical and defensible. Taking a risk-based approach The four components described above are predicated on a critical first step: a credible, risk-based assessment of a company’s third parties. Many corporate compliance departments we observe conduct their due diligence programs based on deploying multiple levels of investigation based on the perceived or known risks. Many global corporations have vendor masters and third-party databases spanning in the tens of thousands, even the hundreds Level II: enhanced due diligence Based on the Level I analysis, Level II analysis involves additional public database searches with a specific focus on localized public records databases, such as court filings. A Level II analysis may also incorporate phone interviews, reference checks and research into potentially vulnerable corporate relationships with a deeper dive into public records and media searches. A Level II analysis often requires local country presence to gain access to local records and contacts and typically requires significantly more hours (between 20 to 40 hours) of local, in-country investigator time to research and report. Level III: deep dive As the risk level dictates, a Level III analysis may be further warranted. This may include on-site inspections; interviewing associates in political, business and social circles to uncover reputation; reviewing corporate, civil and criminal documents; and validating financial records. Key components of an effective, risk-based compliance program 5
  • 6. Consistency — Management oversight — Objectivity — Reasonableness Businessunitriskprofile Third party Extreme Moderate Low High Integrated due diligence program (insourced or outsourced) Vendors, agents and consultants Resellers Customers Acquisition targets Robust,opensourcedatabases Displays negative coverage Possibly displays negative coverage Political affiliations indentified Level I entity analysis No negative coverage Cleared Unrestricted business Restricted business Denied business Business unit Level II entity analysis Unclear Management decision Entity cannot be identified Localized,targeteddatabases Special contract or or Level III entity analysis or or Ernst & Young’s open source third-party due diligence methodology y _ Standardized business risk assessment documented. While the rules to getting to an “approval” are always unique to the business, the key point of the analysis phase is to centralize and document the process. Depending on the business rules set, a third-party may be approved with “unrestricted business” (e.g., no issues), semi-approved with either specific contract language or other limiting conditions or denied entirely. Company management plays a key role in decision-making; however, its burden is reduced as its decisions follow a predictable rules-based methodology in a documented, consistent format that reduces ambiguity and helps provide for more “fact-based” decision-making. Recommended next steps Here’s how you can get started on your own assessment. • Ask those tough questions about consistency, management oversight, objectivity and reasonableness • Evaluate the current process map in the context of Ernst & Young’s methodology and conduct a gap analysis • Determine if your company’s best option is to insource or outsource key processes such as Level I and Level II analyses • Develop categorization and decision rules as part of the data-gathering process • Seek assistance from outside advisors and legal resources who are specialists in the areas of third-party due diligence and FCPA Conclusion Today’s global companies should evaluate their current third-party, anti-corruption due diligence programs in the context of a risk-based framework that incorporates attributes of consistency, management oversight, objectivity and reasonableness. The economic crisis, recent governmental enforcements and the increased focus on enterprise risk are causing global corporations and their audit committees to take a closer look at how they manage their vendor and customer compliance relations. While several corporations are still grappling with what processes represent an effective due diligence program, incorporating the attributes above can go a long way in demonstrating an effective, risk-based vetting program. Process examples By incorporating the attributes of consistency, management oversight, objectivity and reasonableness, we have developed a third-party due diligence framework that seeks to provide adequate risk-based categorization, appropriate levels of data analysis, ongoing monitoring and effective communication. The framework starts with the business unit, where adequate training and communication are essential. Business units interact with multiple parties, so the framework must be flexible to accommodate vendors, resellers, customers and acquisition targets. Through standardization and a risk-based set of questions, we have worked with companies to develop a standardized business risk assessment that categorizes each third-party into categories such as low, moderate, high or extreme risk groups. Based on the risk assessment categorization, the analysis phase is represented by the integrated due diligence program as set forth in the next phase. Typically, the majority of third parties, regardless of the categorization, are run through a battery of Level I public database checks, as previously defined. This starts the case management file for each third-party where all decisions, tests and outputs are centralized and Third-party due diligence6
  • 7. About the authors This paper was written by Steven Kuzma and Vince Walden. Steven is a partner and the leader of Ernst & Young LLP’s Corporate Compliance team within its Fraud Investigation & Dispute Services practice. He can be reached at steven.kuzma@ey.com or +1 404 817 4280. Vince is a partner in Ernst & Young LLP’s Forensic Technology and Discovery Services team. He can be reached at vincent.walden@ey.com or +1 214 754 3941. Steven Kuzma Vince Walden “We recognize the issues of costs to companies to implement robust compliance programs, to hire outside counsel to conduct in-depth internal investigations and to forego certain business opportunities that are tainted with corruption. Those costs are significant, and we are very aware of that fact. The cost of not being FCPA compliant, however, can be far higher.” — Lanny Breuer, Assistant Attorney General, Nov. 17, 2009 Key components of an effective, risk-based compliance program 7
  • 8. Ernst & Young Assurance | Tax | Transactions | Advisory About Ernst & Young Ernst & Young is a global leader in assurance, tax, transaction and advisory services. Worldwide, our 141,000 people are united by our shared values and an unwavering commitment to quality. We make a difference by helping our people, our clients and our wider communities achieve their potential. Ernst & Young refers to the global organization of member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit www.ey.com. Ernst & Young LLP is a client-serving member firm of Ernst & Young Global and of Ernst & Young Americas operating in the US. About Ernst & Young’s Fraud Investigation & Dispute Services Dealing with complex issues of fraud, regulatory compliance and business disputes can detract from efforts to achieve your company’s potential. Better management of fraud risk and compliance exposure is a critical business priority — no matter the industry sector. With our more than 1,000 fraud investigation and dispute professionals around the world, we assemble the right multidisciplinary and culturally aligned team to work with you and your legal advisors. And we work to give you the benefit of our broad sector experience, our deep subject matter knowledge and the latest insights from our work worldwide. It’s how Ernst & Young makes a difference. © 2011 Ernst & Young LLP. All Rights Reserved. SCORE No. WW0234 This publication contains information in summary form and is therefore intended for general guidance only. It is not intended to be a substitute for detailed research or the exercise of professional judgment. Neither EYGM Limited nor any other member of the global Ernst & Young organization can accept any responsibility for loss occasioned to any person acting or refraining from action as a result of any material in this publication. On any specific matter, reference should be made to the appropriate advisor.