Tagged: due diligence

ISO 37001: The Good, The Bad and the Ugly (Part II of V)

In Part II of my continuing series, I identify in broad strokes some of the more significant positive and negative aspects of ISO 37001. While it is easy to second-guess the ISO 37001 authors, there are some interesting issues that are addressed and some missed opportunities to advance ethics and compliance systems. On the positive side, ISO 37001 is keyed to a valuable concept of...

The Objective of Due Diligence: To Protect Your Culture

There has been so much attention paid to due diligence. We have reams and reams of articles highlighting the importance of due diligence. In addition, numerous vendors of due diligence services and technologies fill the marketplace with whitepapers, articles and information underscoring the importance of due diligence and advising on how to conduct effective due diligence. There is nothing wrong with the attention paid to...

Retaining a “Risky” Third-Party

Every company has done it. Chief Compliance Officers have had to hold their respective noses and push forward with due diligence to retain a risky third party. Rather than reject the third party, a CCO convinces him or herself that the company can mitigate the risks by contract representations and warranties, annual certifications, and a plan to monitor and audit the third party in the...

Welcome to New Sponsor: Exiger, a Global Governance, Risk and Compliance Leader

I am proud to announce a new sponsor, Exiger, a well-known leader in governance, risk management and compliance services. Exiger assists organizations worldwide with practical advice and technology solutions to prevent compliance breaches, respond to risk, remediate major issues and monitor ongoing business activities. Exiger’s unique blend of industry expertise in financial crime compliance, diligence, and investigations uniquely positions Exiger to help organizations with actionable...

DOJ’s Compliance Program Evaluation: Risk Assessment, Policies and Procedures and Third-Party Risk Management (Part III of IV)

To design and implement an effective ethics and compliance program, companies have to conduct a risk assessment and tailor its policies and programs to its risk profile. DOJ’s Compliance Evaluation reinforces this framework for a compliance program. Risk Assessment At the outset, a company has adopt a specific methodology for its risk assessment, the types of information it will collect and analyze, and the metrics...

Coordinating Third Party Due Diligence and Procurement

Third party risk management is easily one of the most challenging risks for compliance officers. With all the attention and hype surrounding third party risk, companies have marshaled attention and resources to mitigate the risk created by third party intermediaries. In the last five years, companies have embraced new technologies to automate their third party screening and monitoring programs. Companies are slowly but steadily replacing...

Due Diligence Basics – Beneficial Ownership

I hate to be the harbinger of bad news; that is against my nature; I am naturally an optimistic person. As I always say, there are solutions to every problem. Many companies have responded to third party risks and built effective risk management programs. It is perhaps one of the most significant changes in the compliance landscape – third parties create significant risks and companies...

NAVEX Global Webinar: Benchmarking Your Third Party Risk Management Program in 2016

Wednesday, October 26, 2016 10:00 AM PT / 1:00 PM ET Register HERE Join Randy Stephens, Vice President, Advisory Services, NAVEX Global, and me for this free webinar to discuss NAVEX Global’s  2016 Third Party Risk Management Benchmark Report. Register to hear information on: Common challenges other organizations face when addressing third party risk Which screening and monitoring methods are most powerful How to measure...

DOJ and SEC Raising the Stakes on Third Party Risk Management

If you review the last ten years of FCPA enforcement, the unmistakable pattern is rising expectations with regard to corporate compliance programs, particularly with regard to third party due diligence and risk management. Over the course of numerous enforcement actions, DOJ and the SEC have reached the point now where they are questioning not just the conduct of due diligence but the quality of due...

FCPA Enforcement Ramping Up Against Private Equity and Hedge Funds (Part III)

The Och-Ziff settlement has now set the stage for the Justice Department and the SEC to focus its enforcement eye on the private equity and hedge fund industry. The Och-Ziff action was initiated in response to the SEC’s industry inquiry launched in 2011. The SEC issued inquiry letters to approximately 10 separate private equity/hedge funds, and investment banks. The results of these inquiries are unknown...