Regulators are looking for inconsistencies
Having recently attended the European Compliance & Ethics Institute event in London, it’s very apparent that global corporations still have a long journey ahead to attain the utopia of a compliant community and culture.
A key aspect to uncovering and managing compliance breaches is to ensure any compliance programme created is consistent. One of the major challenges - and recommended actions - for organisations is to ‘join up the dots’, not only concerning their current compliance programme but also across the wider business functions. However many organisations operate in silos so this is easier said than done.
Another key focus from the event was to implement effective risk-based due diligence. I found this session particularly insightful and left with the following takeaways:
- The need to have a robust third party due diligence process with audit capabilities is a must have for modern corporations
- Most companies have a compliance programme but how consistent and effective is it?
- Inconsistent due diligence is a big problem and, in the eyes of the regulators, it is a short coming which will be used against companies
- Understanding who your third parties are, and the beneficial ownership, is paramount and facilitates denied party screening, adverse media checks and enhanced deep dive due diligence which is a fundamental aspect to any compliance programme
- Many organisations check third parties at the beginning of the engagement but do not monitor changes, risks or issues on an ongoing basis
- Compliance functions need greater assistance and collaboration from other business units i.e. finance, HR, and IT to minimise duplication and free up resources
- 2014 is looking like a big year for the regulators with more fines and investigations due
- A robust programme is a consistent programme which provides a greater defence when bribery and corruption occurs
- Often, due to the cost of lawyers and forensic investigators, the total cost of compliance breeches far outweighs the fine from the regulator
- Due diligence programmes should cover suppliers as well as third parties
- Corporations are looking to create open compliant cultures whereby employees feel comfortable to speak up and unmask unethical behaviour; however the current reality is far from this
Joining the dots
So how should a company go about creating a consistent process for denied party/sanctions screening and due diligence reporting? The methodology you employ will often be driven by your company’s budget (which might be small) and internal processes (which will be multidisplinary). Technology should also play a big part in your in-depth transactional due diligence reports. There are a range of tools available for finding information on people, companies and countries and for satisfying regulators that appropriate – and consistent – checks have been carried out.
LexisNexis offer a suite of online tools that can easily help you create a consistent process for denied party/sanctions screening and due diligence reporting. For more information:
020 7400 2809