Close

Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.

×

Status message

Start your free, no obligation 5-day trial to continue exploring with full access.

Asking questions about your third-party process

Tom Fox | June 24, 2018

An important part of the job duties of any compliance practitioner is clearing red flags that might appear for a proposed third-party relationship during the due diligence process. It is mandatory all red flags be cleared  and that there is also evidence of the decision-making process to show if regulator comes knocking. What are some of the questions to ask?

  1. How much is enough? Management should have a realistic process so that it can be effectively managed and still be of sufficient value for the decision makers.
  2. How deep should management dig? How many tiers down should one go in managing third parties? Companies should manage direct contractual counterparties and down one tier. Data collection down the chain may not need to be as robust as first-tier reviews and risk assessments. For counterparties further down the chain, a list of actual and beneficial owners coupled with commitments to follow relevant anti-corruption legislation is probably enough.
  3. ...
    Buy this article for $49, or subscribe to Compliance Week for a month at $149 and get unlimited article access for 30 days.