Workshop sessions on the 3rd party Governance, Due Diligence and Compliance
Moderated and conducted by Henrik Frøssling
, ex. Risk and Compliance Manager of Volvo.
During the workshop we examine the different consequences of third party non-compliance and find sustainable solutions to the GRC business opportunities, direct and indirect cost and reputation risk so that these risks are not to be underestimated nor neglected.
Part A: Do we always know whom we do business with?
Continued media exposure on third party compliance defaults reminds us of the importance of knowing whom we choose to do business with and the dire consequences related to bad publicity, directly impact brand and reputation. At the first part of the workshop we focus on;
We take a risk-based approach, using own resources on the biggest third party risks, various background checks and preventive actions. The financial upside of these activities should not be underrated.
- It is not only of interest to know whom we choose to do business with and who are behind the companies.
- What are the compliance, circumstantial preventive actions, due diligence and controls?
- What are the global ethical standards of the business partners, and their trading partners as well as potential shell companies?
- The risk exposure of corruption, fraud, money laundry or terror financing.
- How to address criminal offences when ignorance is not a viable defence. We review the standard rules and regulations.
Part B: How to ensure that our business partners are mature enough on requirements in the areas of GRC regarding Code of Conducts & Business Ethics?
The board, senior executives and management teams must be aware of the internal and external requirements on customers Code of Conduct for suppliers to establish a prudent tone-at-the-top. These requirements are more complex to have a dialogue on risks and responses so that the staff can proclaim; yes we are compliant with Code of Conducts & Business Ethics?
During both, we examine the different consequences of third party non-compliance and find sustainable solutions to the GRC business opportunities, direct and indirect cost and reputation risk so that these risks are not to be underestimated nor neglected.
- What are the mechanisms behind the enterprise' capacity to understand third party issues, requirements, best practice, risks and consequences?
- How to adopt a new or changed rationale to ensure compliance?
- How to be compliant in processes as well as practice,
- We take a risk-based approach to focus on incorporating the integrating and embedding processes to the corporate culture and structure.
- How do we find the right level of compliance and the right balance in culture, structure, processes, control environment and evidence of the compliance
- Do we have an increased level of maturity, risk governance and to measure the performance?
- We review and update the code of conduct requirements from stakeholders and regulators on burning issues.
- How to avoid that our business partners jeopardise our business.