An essential piece of third-party risk management is “the questionnaire,” which companies should garner on behalf of all their third-party relationships at the start of the union in order to move forward with all the anwers.
Tom Fox
Thomas Fox has practiced law for over 40 years. Tom writes the daily award-winning blog, the FCPA Compliance and Ethics blog and founded the Compliance Podcast Network. Tom leads the discussion on AI in compliance through his best-selling book Upping Your Game. He has 38 other books on the use of AI in compliance and business ethics, leadership including the seminal work, The Compliance Handbook, with its 7th edition coming out in 2025. He is the founder of the award-winning Compliance Podcast Network.
LinkedIn: Follow
Posted inRegulatory Enforcement
What is due diligence?
Due diligence is key to getting your third-party risk management program off the ground.
Posted inEurope
It could get messy for U.S. companies doing business in EU
Don’t be surprised if the EU uses new data privacy laws to combat any secondary sanctions it might face by the Trump administration for continuing to do business in Iran.
Posted inEurope
Executives behaving badly—at what cost?
FCPA violations from SocGen and Legg Mason may point to a new trend of holding the C-Suite accountable, but will voluntary resignations be seen as enough of a penalty?
Posted inTechnology
The ZTE Department of Commerce Monitor: uncharted waters
As part of the resolution to free itself from a U.S. sanction, ZTE has agreed to the unique position of having a court-appointed monitor and one from the Department of Commerce, leading to concerns of a clash of ideas and authority.
Posted inAnti-Bribery
Best practices: Hiring a business sponsor for third-party relationships
A significant piece of the compliance regime is overseeing third-party business relationships, and the best way to keep them on track is to employ the business sponsor.
Posted inRisk Management
Business justification for the use of third parties
Why is business justification for third parties so important? With the Department of Justice, Securities and Exchange Commission, and Internal Revenue Service all seeking such justification, companies should definitely make it part of the compliance process.
Posted inAccounting & Auditing
What changed? FRC brings action in Autonomy scandal
The Financial Reporting Council has brought long-awaited charges against Autonomy executives for their role in the massive accounting fraud uncovered when Hewlett-Packard attempted to purchase the software firm in 2011.
Posted inEthics & Culture
Tom Fox podcast: Importance of code of conduct, policies and procedures, and internal controls
In the second of a series on the 10 hallmarks of an effective compliance program, Compliance Week columnist Tom Fox discusses the three components of written standards of a best-practices compliance program: the code of conduct, policies and procedures, and internal controls.
Posted inEthics & Culture
Tom Fox podcast: Setting the right tone at the top
In the first of a weekly series on the 10 hallmarks of an effective compliance program, Compliance Week columnist Tom Fox discusses the importance of senior leadership in setting the tone for the company.
