As regulators like the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) gear up to require companies to understand more detailed information about their third parties, experts in third-party risk management (TPRM) are being asked to better recognize the risks posed by their company’s partners and vendors.

Third parties pose great risks for violations of the Foreign Corrupt Practices Act (FCPA), said Charles Duross, partner at law firm Morrison Foerster and former head of the FCPA Unit within the DOJ’s Fraud Section, as part of a panel Wednesday at Compliance Week’s virtual TPRM and Oversight Summit. Ninety percent of all FCPA cases involve third parties, he said, usually as part of a scheme to make bribe payments look like legitimate business expenses or to provide layers between the bribe and bribe-taker.

The recent $327 million coordinated settlement Swiss technology company ABB reached with the DOJ, SEC, and other global agencies contained lessons for compliance departments seeking to learn how to guard themselves against bad actors within their own firms.