Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.


Status message

Start your free, no obligation 5-day trial to continue exploring with full access.

Evaluation of third parties

Tom Fox | July 19, 2018

An important the compliance practitioner’s duties is an evaluation of a proposed third-party relationship during the due diligence process. It is mandatory that all red flags be cleared, and there must also be evidence of the decision-making process to provide if a regulator comes knocking. The Justice Department’s “Evaluation of Corporate Compliance Program” states under Prong 10: “Real Actions and Consequences – Were red flags identified from the due diligence of the third parties involved in the misconduct, and how were they resolved?”

There is no set formula or guideline for clearing red flags or evaluating due diligence. At the 2014 SCCE Utility and Energy Conference, however, Flora Francis and Andrew Baird, compliance practitioners at GE Oil & Gas, described the process by which GE reviews the risks around each of the company’s third parties.

Some of the factors GE considers when evaluating a third party, include the following:

  • Business...
    Buy this article for $49, or subscribe to Compliance Week for a month at $149 and get unlimited article access for 30 days.