For large companies, the most common source of anti-corruption law violations comes from third parties acting on their behalf.
To address this issue, Protiviti has released the Protiviti Governance Portal for Third-Party Anti-Corruption, enabling companies to develop and manage a risk-based, third-party anti-corruption program that supports compliance with the U.S. Foreign Corrupt Practices Act (FCPA) and other anti-corruption laws.
The Governance Portal for Third-Party Anti-Corruption v4.1 is a new module of the Protiviti Governance Portal, a GRC (governance, risk and compliance) platform that helps organizations efficiently support multiple GRC activities.
With the new module, companies can manage corruption risk across their third-party ecosystem from a single, centralized platform, says a statement released by Proviti.
"Acknowledging the unique risks these ‘intermediaries’ present and having a well-conceived policy to combat them simply aren't enough," said Scott Moritz, managing director and global lead of Protiviti’s Investigations and Fraud Risk Management practice and former FBI special agent.
Moritz notes that to fully operationalize an anti-corruption program, organizations must have the technology and content to manage the underlying processes and align them with their internal controls and audit programs.”
Third-party due diligence
In November 2012, the Criminal Division of the U.S. Department of Justice along with the U.S. Securities and Exchange Commission jointly released “A Resource Guide to the Foreign Corrupt Practices Act.”
The guide outlines 10 “Hallmarks of an Effective Compliance Program,” one of which relates to third-party due diligence and payments.
According to the guide, “DOJ’s and SEC’s FCPA enforcement actions demonstrate that third parties, including agents, consultants, and distributors, are commonly used to conceal the payment of bribes to foreign officials in international business transactions.
"Risk-based due diligence is particularly important with third parties and will also be considered by the DOJ and SEC in assessing the effectiveness of a company’s compliance program.”