Tagged: due diligence

Kinross Gold Mining FCPA Settlement: SEC Continues Internal Controls Focus

The SEC continues to exercise its powerful enforcement tool – internal controls violations – in FCPA enforcement actions against public companies.  Kinross Gold Corporation is the latest company to enter into an FCPA settlement. Kinross agreed to pay $950,000 for inadequate internal controls and books and records violations centered on the activities of two mining companies Kinross acquired.  The SEC cited no evidence of any...

Episode 28 — Due Diligence and Third Party Risk Management (Part I of III)

Companies continue to face significant risks from their third parties.  In response, companies are implementing sophisticated due diligence and third party risk management systems.  FCPA enforcement risks are only one of several risks created by a company’s third parties.  Companies have to screen and review their third parties for corruption, sanctions, money laundering, antitrust, human trafficking, child labor and reputational risks. In this three-part series,...

Update on The Volkov Law Group

The Volkov Law Group continues to offer innovative legal services focused on ethics and compliance programs, enforcement defense, and internal investigations. See Firm website here. The Volkov Law Group team includes talented professionals: Lauren Connell, Managing Associate; Jacqui Martin (formerly Merrill), Senior Associate; Susan Simpson, Associate; Matt Stankiewicz, Associate; and Vincent Ruiz, Counsel. See Firm profiles here. The Volkov Law Group believes that every company...

ISO 37001: Risk Assessments, Employees, and Due Diligence Requirements (Part IV of V)

In Part IV of my series on ISO 37001, I examine requirements relating to risk assessments, design of policies and procedures, and due diligence requirements. Section 4.5 sets out requirements for conducting risk assessments. ISO 37001 requires companies to conduct regular risk assessments in order to identify the bribery risks the company might reasonably anticipate; analyze, assess and prioritize the identified bribery risks; and evaluate...

ISO 37001: The Good, The Bad and the Ugly (Part II of V)

In Part II of my continuing series, I identify in broad strokes some of the more significant positive and negative aspects of ISO 37001. While it is easy to second-guess the ISO 37001 authors, there are some interesting issues that are addressed and some missed opportunities to advance ethics and compliance systems. On the positive side, ISO 37001 is keyed to a valuable concept of...

The Objective of Due Diligence: To Protect Your Culture

There has been so much attention paid to due diligence. We have reams and reams of articles highlighting the importance of due diligence. In addition, numerous vendors of due diligence services and technologies fill the marketplace with whitepapers, articles and information underscoring the importance of due diligence and advising on how to conduct effective due diligence. There is nothing wrong with the attention paid to...

Retaining a “Risky” Third-Party

Every company has done it. Chief Compliance Officers have had to hold their respective noses and push forward with due diligence to retain a risky third party. Rather than reject the third party, a CCO convinces him or herself that the company can mitigate the risks by contract representations and warranties, annual certifications, and a plan to monitor and audit the third party in the...

Welcome to New Sponsor: Exiger, a Global Governance, Risk and Compliance Leader

I am proud to announce a new sponsor, Exiger, a well-known leader in governance, risk management and compliance services. Exiger assists organizations worldwide with practical advice and technology solutions to prevent compliance breaches, respond to risk, remediate major issues and monitor ongoing business activities. Exiger’s unique blend of industry expertise in financial crime compliance, diligence, and investigations uniquely positions Exiger to help organizations with actionable...

DOJ’s Compliance Program Evaluation: Risk Assessment, Policies and Procedures and Third-Party Risk Management (Part III of IV)

To design and implement an effective ethics and compliance program, companies have to conduct a risk assessment and tailor its policies and programs to its risk profile. DOJ’s Compliance Evaluation reinforces this framework for a compliance program. Risk Assessment At the outset, a company has adopt a specific methodology for its risk assessment, the types of information it will collect and analyze, and the metrics...

Coordinating Third Party Due Diligence and Procurement

Third party risk management is easily one of the most challenging risks for compliance officers. With all the attention and hype surrounding third party risk, companies have marshaled attention and resources to mitigate the risk created by third party intermediaries. In the last five years, companies have embraced new technologies to automate their third party screening and monitoring programs. Companies are slowly but steadily replacing...