Getting Third-Party Agents Under "Control"

You would think that knowing the corruption risks created by use of third-party agents that every company — big and small — would focus on due diligence and anti-corruption compliance for its third-party consultants and agents.   But that is not the case. 

Numerous companies have faced the daunting task of applying anti-corruption controls to its third-party agents.  It takes perseverance and commitment.  A dedicated compliance or legal staff member usually has to devote full time to such a project. 

There are ten basic questions which need to be addressed as a starting point to compliance.

1.  Who are your third-party agents and in what countries do they operate?

2.  What services does each agent provide?

3.  How much is each agent paid and how are such payments made?

4.  Did the company execute a written contract with the third-party agent? 

5.  What specific anti-corruption controls are included in the written contract?

6.  Who reviewed and approved the third-party relationship and the written contract (if it exists)?

7.  What due diligence has been conducted of the agent?

8.  What record, if any, exists as to the reasons for approval?

9.  How much has the company paid the third-party agent and what services has the third party-agent provided?

10.  How does the company monitor the third-party agent’s activities and payments made to the agent?

Many companies do not even know who, how many, and what their third party agents have been hired to do and the services they have provided.  The initial step is to identify who the agents are, what services they have provided (if any), and how much they have been paid.

 Many companies are surprised to find that they are using a large number of  agents, the agents do not have a written contract and the agents have received large payments for unspecified services.  These are not just red flags — they are screaming red banners of corruption.  These agents need to be terminated as quickly as possible, and eventually reviewed as part of a retrospective audit.

After the initial triage of ongoing agents, the remaining agents need to be ranked based on risk.  For each, a package of materials responding to the questions above needs to be assembled and reviewed.  A third party review committee should be established, consisting of personnel from senior management, auditing, compliance and legal.

The objective of the review is to bring the use of third parties under control.  In carrying out the task, the need for due diligence procedures and the design of such procedures will become clear.  The information learned during the review will guide the future compliance plan.  The review cannot be derailed into a retrospective review of possible violations.  That can be done later.  The forward-looking process is aimed at gathering the necessary information, and implementing new compliance procedures.  A retrospective review would be delayed until the information is gathered and a new program is implemented.  The retrospective audit can then be used to tweak the existing compliance program to address risks and issues which have not been identified.

You may also like...

1 Response

  1. Ben Hogan says:

    Mike, thanks for discussing this important topic.

    KYP – Know Your Partners is all about understanding the risks associated with the relationships of employees.

    In financial services, there is KYC – Know Your Customers – banks are held responsible for the actions of their customers as they relate to services provided.

    In the same way, multinational corporations are held responsible for the actions of their agents, which is an enormous risk as the SEC and DoJ have become more aggressive with both FCPA and Cartel Prosecutions.

    With the new Whistleblower provisions, companies cannot afford to not have a proactive plan for understanding their partners.

    KYP is key for foreign supply chains, but it does not end with the supply chain. Companies need the ability to understand all company relationships and touch points – Press, Webmail, Government Agencies, Competitors, etc…

    You are familiar with Catelas, but it is worth mentioning to your readers — Catelas is the first solution to provide comprehensive analysis of relations across 100% of corporate communications – email, telephony, social media, instant messenger, etc…

    Catelas is powerful for reactive investigations and for proactive relationship surveillance and risk identification.