What you don’t know about your business partners can hurt you

By Bob Yelland, UKI Big Data Marketing Manager

Globalisation and the increase in regulatory pressures are requiring organisations to examine their business relationships and supply chains with levels of scrutiny unsurpassed so that high standards of business integrity can be maintained. Failure to adequately assess agents, distributors, consultants, business partners, logistics intermediaries and other third-party intermediaries (TPIs) to identify how they operate and the individuals standing behind the organisation can expose businesses to reputational damage, operational risk, and government investigations as well as significant monetary penalties and potential criminal liability. Ignorance is no defence – and what you don’t know about your business partners can hurt you.

Many laws and regulations require organisations to “know” their TPIs. The majority of recent enforcements under the US Foreign Corrupt Practices Act (FCPA) have involved acts carried out by agents or TPIs, which have had serious repercussions for the organisations employing them. The FCPA guidance issued by the Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) in 2012 noted that the following guiding principles always apply when evaluating TPIs:

  • First, as part of risk-based due diligence, an organisation should understand certain information about its TPIs including their qualifications, reputation and relationship with foreign government officials.
  • Second, organisations should understand the business rationale for the inclusion of the TPI in the transaction.
  • Third, organisations should perform some form of ongoing monitoring of the TPIs.

Avoiding the often substantial impact of legal, financial, regulatory and reputation risk isn’t trivial. In the best scenario, managing risk is supposed to prevent bad things from happening. The next best outcome is to reduce the impact when a collision of a threat and its intended target prove unavoidable. In the worst case, managing risk is about recovering from an event that proved to be, for whatever reason, both unpreventable and highly effective, translation: expensive.

As organisations enter and operate in new markets, they are likely to have to rely on third parties, many of whom operate far from headquarters, in a foreign language, with different customs and ways of conducting business. KPMG has launched some potentially ground breaking analysis into the risks companies face when they enter into new business relationships using a web-enabled integrity due diligence solution.

Rana Ghosh-Roy, Director of Big Data & Analytics will be presenting their KPMG case study at BDA15 at 14:30hrs, illustrating how their solution uses advanced search technology to cover an extensive range of on-line public data sources including global sanctions and regulatory enforcement lists, corporate records, court filings, and press and media archives to help clients assess reputational, regulatory and jurisdictional risk.

When it comes to managing risk, no company is perfect; but in this scenario knowledge really is power.