The Man From FCPA has long advocated knowing who you are going into business with from the anti-corruption perspective. The FCPA requires a sufficient level of due diligence to initiate a business relationship and then updating the due diligence at regular intervals. These steps are required no matter the type of the business relationship; whether it be sales agent, distributor, joint venture partner or some other type of business relationship.
In addition to the due diligence requirement, a company should have ongoing monitoring of not only who you are doing business with but how your third party conducts that business. Usually this is more critical on the sales side than the supply chain but it is becoming more clear that the supply chain can become a very large source of risk as well. This final point was driven home in a recent article in the New York Times about the trouble Prudential now finds itself in as a result of conduct by Wells Fargo.
Prudential had a business relationship with the disgraced bank, which was designed to allow Wells Fargo employees to refer customers to Prudential to obtain low-cost Prudential insurance products. However it turns out that Wells Fargo employees, employing the same fraudulent sales tactics they used internally, “opened sham accounts in their customer’s names and had premiums withdrawn from their accounts without their consent or knowledge.” In most jurisdictions that is more than simple unethical conduct; that is called theft.
It is not clear whether how this information came to Prudential; whether via whistleblower (internal or external), information from Wells Fargo or another external sources or through an internal review of accounts by Prudential. It also appears that other insurance companies had referral relationships with Wells Fargo as well. They may equally be at risk.
This story drives home the clear import that not only must your company know with whom you are doing business but equally importantly how they are doing business. Oversight, monitoring and auditing are required in any business relationship. Even if Prudential did not engage in any civil or criminal conduct, the company certainly takes a very black eye for allowing its products to be sold without the customers’ consent or even knowledge.