A. The Third-Party Risk Management Process
Step 1 - Business Justification
The first step breaks down into two parts:
1. Business Sponsor
2. Business See more +
A. The Third-Party Risk Management Process
Step 1 - Business Justification
The first step breaks down into two parts:
1. Business Sponsor
2. Business Justification
Step 2 - Questionnaire
Step 3 - Due Diligence
Step 4 - The Contract
Step 5 - Management of the Relationship
The Evaluation specified the importance of this final step when it stated: Management of Relationships – How has the company considered and analyzed the third party’s incentive model against compliance risks? How has the company monitored the third parties in question? How has the company trained the relationship managers about what the compliance risks are and how to manage them? How has the company incentivized compliance and ethical behavior by third parties?
B. Managing Your Third Parties
I. Consolidate Third Parties but Retain Redundancy
II. Keep Tabs on Subcontracted Work
III. Make Sure Your Company is Legally Protected
IV. Keep Track of Your Third Parties’ Financial Stability
V. Formalize Incentives for Third Party Performance
VI. Auditing Third Parties
C. Levels of Due Diligence
Level I
First level due diligence typically consists of checking individual names and company names through several hundred Global Watch lists comprised of anti-money laundering (AML), anti-bribery, sanctions lists, coupled with other financial corruption and criminal databases.
Level II
Level II due diligence encompasses supplementing these Global Watch lists with a deeper screening of international media, typically the major newspapers and periodicals from all countries plus detailed internet searches. Such inquiries will often reveal other forms of corruption-related information and may expose undisclosed or hidden information about the company; the third party’s key executives and associated parties.
Level III
This level is the deep dive. It will require an in-country ‘boots-on-the-ground’ investigation.
See less -