Batman Premiers and the ‘How’ Question in 3rd Party Risk Management

Thomas Fox

Compliance Evangelist

On this date in 1989, Tim Burton’s noir spin on the well-known story of the DC Comics heroBatman is released in theaters. I still remember the buzz surrounding this film. It was the Batman series, started here, which laid the foundation of the X-Men, Marvel Cinematic Universe and the DC Universe as well. Michael Keaton starred in the film as the multimillionaire Bruce Wayne, who has transformed himself into the crime-fighting Batman after witnessing his parents’ brutal murder as a child. As the film’s action begins, mob henchman Jack Napier played deliciously by Jack Nicholson, is gruesomely disfigured after Batman inadvertently drops him in a vat of acid during a stand-off in a chemical factory. After killing his boss played by the great noir villain, Jack Palance, Napier—AKA the Joker—breaks on the loose in Gotham City, wreaking havoc and trying to turn its people against the caped crusader. When Batman’s affection for a beautiful newspaper reporter, Vicki Vale played by Kim Basinger, is revealed, the Joker uses her to draw his rival out into the open, with dramatic results.

For me, two of the top highlights were the Batmobile and the dark, cavernous Gotham City, Batman’s production designer, Anton Furst, won an Oscar for Best Art Direction – Set Decoration. It was the set and costume design which inform today’s topic, What is satisfactory due diligence under the FCPA? That question seems to be more important after the story on Unaoil S.A.M. and the subsequent release of the Panama and Paradise Papers. However, both events largely focused on the “who” part of due diligence and the need to know with whom you are doing business with going forward. However, there is another important question which does not come up as often in due diligence, which is how?

How does a third-party perform its services with or for your company? If it is on the sales side of things, howcan a third-party help you make sales? If a third-party comes through the supply chain, how do their products or services meet the needs of your company? If the third-party has a closer business relationship, such as a JV, teaming agreement or other similar arrangement, you may well need a much deeper understand of how this third-party does business because the relationship may well become so close you will be intertwined with the party. It may mean more than simply how does their product work but how does this third-party conduct themselves and their business?

The questions beyond simply who were made clear in a Wall Street Journal from the Theranos scandal, about how Theranos defrauded Walgreen Company (Walgreens) . It turns out that Walgreens left a gap in its due diligence on Theranos by “never fully validating the startup’s technology or thoroughly evaluating its capabilities.” The clear message is if you are going to partner with a technology company which is going to change your business model, you best make sure the technology works. Moreover, if a potential JV partner refuses to show you its technology, how it keeps records, its financials relating to the products and services you are contracting for and generally tries to hide from you the very thing you are buying into; you should not walk but run away from the deal.

The article detailed the lack of steps and miss-steps by Walgreens when entering its partnership with Theranos Inc. and how these actions caused Walgreens to lose its full investment in Theranos as something it will never recoup, caused reputational damage and subjected it to civil liability. One might think that if you are investing in a technology company that provides medical testing, the investor would want to see the laboratory where the testing is performed. It turns out that Walgreens representatives were never allowed to tour, let alone review the labs where the results of Theranos pinprick blood tests were run. A Walgreens consultant, Paul Rust, who was sent to Theranos to do a quality control data review said, “It was a very strange situation. The results were actually really good, but I was never allowed to go into the lab. I have no idea that the results I saw were run on the Edison devices or not.” He went on to say that he was “led to believe that they were being run on the Edison.” Yet, even Rust was surprised no Walgreens representatives had been allowed to view Theranos’ labs.

Interestingly, when Theranos did provide the test results to Walgreens representatives, the results came back with “low” and “high” values rather than numeric values. As a result, Walgreens couldn’t compare results from the Theranos machine to any commercially available tests.” Once again, this was something which Walgreens should have sought additional information on.

Yet even when Walgreens’ consultants, assisting the company in evaluating Theranos and the proposed transaction, voiced and wrote up their concerns, they were not passed along to Walgreens management. The article reported, “the consultants concluded Walgreens needed more information to assess the partnership. Those findings and reports by other consultants were kept from many Walgreens officials, including some directly involved in the negotiations with Theranos.”

Walgreens made another classic mistake in the due diligence process; they took comfort when a competitor was allegedly considering a similar venture with Theranos. The article said, “Some executives were comforted when Theranos said Safeway Inc. had agreed to host blood-drawing sites at some of its supermarkets. If Safeway trusted Theranos, then Walgreens could, too, the Walgreens officials believed.” How often have your heard that some other company is considering or has approved them through due diligence and a decision was based on the alleged actions of an alleged party?

Walgreens hamstrung itself from managing the relationship after the contract was signed by agreeing to contract terms that prevented Walgreens from auditing or even viewing “Theranos clinical data or financial records.” Finally, and perhaps most damagingly, there was a complete lack of communications between the two companies about the issues that have bedeviled Theranos. The article concluded, “Walgreens shelved the expansion plans after the Journal reported in October that Theranos did the vast majority of tests it offered to consumers on traditional lab machines. The Journal also reported that some former employees doubted the accuracy of a small number of tests run on Edison devices. One of the most recent setbacks came in mid-April when the Journal reported that regulators had 3½ weeks earlier proposed banning Ms. Holmes from the lab-testing industry. The drugstore chain’s senior executives found out from the news report.”

Under the FCPA, most companies understand the need to know with whom they contract for sales or vendor services. They also understand the need to know why they should do business with a proposed third-party (i.e., a business justification). However, the need to perform an investigation into how the third-party can actually deliver the contracted services is equally important.

The Walgreens imbroglio around Theranos points out why such clauses are mandatory. If you do not have them, you do not have the ability verify what you may or may not have been told in due diligence. Finally, managing the relationship after the contract is signed is where the rubber hits the road. If you only obtain a due diligence report and insert compliance terms and conditions, you will have done nothing to test whether the third-party is performing as it has agreed to under the terms of the contract.

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Thomas Fox, Compliance Evangelist | Attorney Advertising

Written by:

Thomas Fox

Compliance Evangelist on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.