Tagged: Risk

Third Party Risk Management Not Just Due Diligence

The term “due diligence” is an overused expression in the compliance world. It has become a term to mean heightened concern or investigation. No one can really define what it means except to say it has different meanings in different contexts. Some would say it is a term of art in the legal and compliance world. It is misleading to add the term “investigation” to...

Applying Practical Strategies to Supply Chain Risk

A Chief Compliance Officer can get so overwhelmed with risks that it is hard to keep their focus on priorities. Risks are everywhere and no compliance program can address every risk – the trick is keeping your eye on the ball and focusing on the significant risk. There are lots of risks surrounding a company’s supply chain. Unfortunately, vendors, suppliers and their respective vendors and...

Building a Due Diligence Infrastructure (Part IV of IV)

A due diligence infrastructure is designed to demonstrate a company’s good faith commitment to compliance with anti-corruption laws by: identifying corruption risks; and mitigating such risks to ensure that the company does not violate the law. A much simpler way to put it is – a company’s due diligence system is designed to negate any inference of intent to violate the FCPA.   A due diligence...

Due Diligence and Risk Priorities (Part III of IV)

Believe it or not, life principles can be used in compliance, especially in due diligence. I always tell my kids that life has a way of setting priorities. As you get older, life becomes simpler and your priorities become clearer. Now watch this transition – the same goes for due diligence, not the age part but the priorities part. Once you assemble information and data...

Getting Started on Due Diligence of Third Parties (Part I of IV)

This week I am posting a series on due diligence.  Also, I just released a new e-book on due diligence which can be downloaded here. There are basically two types of people. People who accomplish things, and people who claim to have accomplished things. The first group is less crowded. – Mark Twain In a former life (or even present life), Mark Twain had to...

Compliance Fatigue — A Dangerous Concept

I have a lot of pet peeves, especially when it comes to lawyers and compliance professionals. Do not worry — this is a not a column about all of my pet peeves; I would never bore you with all those issues. My current pet peeve in the compliance field is the expression “compliance fatigue.” I am not a paranoid person but anyone who claims that...

Taking Charge of a Company’s Reputation: Assign a Single Person to Manage Reputational Risks (Part III of III)

One person who does not have a conflict in evaluating a company’s reputational risks should manage a company’s reputation. This approach starts with one basic requirement – the board and the CEO have to agree that a company’s reputational risks should be managed and mitigated. As an initial step, the company has to assign responsibility for reputational risk to a senior executive responsible for risk...

Calculating the Incalculable: Reputational Damage (Part I of III)

Today I begin a three-part series on reputational damage. The first part tries to define the term “reputational damage;” the second part focuses on managing threats to a company’s reputation; and the final posting proposes creation of a senior risk manager in a corporate leadership team. If you ask CEOs and board members about the threats to a company resulting from a DOJ enforcement action,...

AML Risks and Compliance for Non-Financial Institutions

Consider yourself lucky if you work at a company that does not fall within the Title 31 of the US Code definition of a “financial institution.” I am being somewhat dramatic but it is important for every company to have an anti-money laundering compliance program. My suggestion is not designed to promote business or even “scare” companies into addressing this issue – it makes sense...

Warning: Keeping Compliance Simple

If you can’t explain it to a six-year-old, you don’t understand it yourself. — Albert Einstein Compliance professionals are in a heady state these days. Their stock is rising; they are gaining influence and authority, and even some additional resources. When given the time, compliance professionals can come up with new and innovative strategies for compliance programs. But I see a danger lurking in the...