Third Party Due Diligence
Reason for organization's drive to conduct Third Party due diligence is because you want to know your business affiliates and assess its financial stability in order to determine if it will be able to comply with contractual arrangements.
Consequences of incidents connected to bribery, corruption, money laundering and terrorist financing can be tremendous, even when your Third Party has committed the offense.
Regarding anti-money laundering and anti-terrorist financing laws, your organization may not hide illicit money or funds and therefore your organization may need to track the source of money and funds.
Regarding anti-bribery and anti-corruption laws, your organization can be held liable for bribes paid by its distributors, agents and other intermediaries if it knew or could have known that bribes are involved. Conscious disregard, willful blindness or deliberate ignorance of the facts can be sufficient to establish a violation. It is essential that your Third Parties also comply with anti-bribery and anti-corruption laws and therefore your organization needs to know what your Third Party does.
Third Party Due Diligence means that you know your business affiliates over which your organization has effective control, by screening them prior to starting a business relationship and re-screening your current business affiliates. Your organization should undertake properly documented, reasonable and proportionate due diligence.
When starting a new business relationship, every entrepreneur does some form of due diligence, even when it is just based on ‘blue eyes’ and trust. The extent to which your organization conducts Third Party Due Diligence depends on your line of business and it’s related risks.
When developing a Third Party Due Diligence strategy and process you need to take into consideration:
- applicable laws and regulations. This depends on the country(s) in which your business is conducted and the industry in which you operate
- risks associated with your business and your Third Parties. Do you conduct business with governments, other businesses and/ or end customers?
- what financial risks you need to consider: financial stability, solvability?
- which Third Parties you will screen: suppliers, distributors, agents, consultants, other subcontractors?
- depending on the size of your organization, if you will make use of thresholds?
- with which time intervals the screening will be conducted? In other words, how will the Third Party be monitored and will this include the right of inspection of books and records?
- if re-screening will be event-driven and what constitutes an adverse event?
GRCMD provides you
Third Party Due Diligence solution to effectively manage your Third Party risks. You will not only be able to monitor the effectiveness of your Third Party procedure and due diligence activities, but actually monitor and detect anomalies in behavioral patterns of your Third Parties.
GRCMD uses its advanced software which enables you to monitor and track your Third Party Due Diligence activities and test the effectiveness of it, by detecting anomalies, such as risk taking language and deviant behavior, and red flags that warn you of possible breaches and organizational weaknesses. GRCMD combines the data of your organization (such as contracts, commissions and other fees, discounts, related gifts, entertainment and travel expenses, payments into offshore accounts) with various public information, such as PEP lists, public registers and social media, and generates reports on any detected anomalies. GRCMD will also provide feedback on possible weak internal controls and can initiate a workflow to review and improve internal controls.
GRCMD offers you tools to:
- analyze any gaps in your Third Party Due Diligence program and enhance it by adding latest laws, regulations and best practices;
- manage the implementation of your Third Party Due Diligence program;
- organize and maintain your central policy library;
- document and monitor the implementation of mitigating measures;
- conduct risk assessments customized for your market, industry and country, and produce an impact analyses and prioritize your mitigating activities;
- link training, e-learnings and awareness sessions to HR files;
- add predictive value by detecting (signs of) bribery, corruption, money laundering and/ or terrorist financing at an early stage;
- manage any incidents connected to bribery, corruption, money laundering and/ or terrorist financing;
- get feedback on possible weak internal controls;
- initiate a workflow to review and improve internal controls;
- produce automated and real time status reports on any level, such as business unit, country or corporate, and any topic;
- produce not only backward-looking but also forward-looking reports, helpful for your organization's efforts towards integrated reporting.