Wrong implementation of 3rd party controls results in dangerous and messy relationships (Part I)
When business processes related to third party issues are managed in silos that are neither integrated, embedded or overviewed across the organisation, gathering risk intelligence on third party performance, enterprise risk management or the GRC impact on the organisation is extrmely hard to monitor.
Globalisation can comes at rather price, and the M&A governance can be cluttered if a comprehensive due diligence on third party activity for all joint ventures, market subsidiaries are nor conducted to identify the potential risk factors and monitor for risk on an on-going basis.
Operate successfully in today's global economy
Therefore at the 10th annual GRC and IT Security Summit on the 15-16th March 2017, we will conduct a workshop that offers guidance for establishing a better risk- mitigation and intellence processes. We will gothru a roadmap and famework that offers an overview and high perception on the third party pitfalls across the functions and organisation and automating information and technology on these issues is an uphill task.
Harm from the action (or inaction)
Some of the most recent fines and penalties are;
Based on the above examples it is evident that many global organisations are still struggling to effectively govern the risks associated with third-party business processes and relationships. These third party complications cannot be delegated and often result in bad publicity, with a direct impact on brand and reputation.
- Rolls-Royce late January 2017 had to a bribery allegation and agreed to pay us$170 Million in criminal penalty. The million dollar fine was a part of an $800 million global resolution to investigations by the department, U.K. and Brazilian authorities into a long-running scheme to bribe government officials in exchange for government contracts.
- Biomet – a global medical device manufacturer agreed to pay more than $30 million to resolve SEC and Justice Department investigations into the company's anti-bribery violations in Brazil and Mexico.
- Cadbury Limited/Mondelez International - The global goodies company agreed to pay a $13 million penalty for Bribery and Corruption violations because third parties proceeded to make illicit payments to obtain government licenses and approvals for a chocolate factory.
- AT&T had to pay $7.75 million in refunds and fines after federal investigators found it allowed unauthorized third-party charges related to phony directory-assistance service on its customers' telephone bills
Dodging third-party relationships is not an option.
Get topical and timely guidance and exchange best practices on how other companies are slashing the risks in managing third party workflows and maintaining compliance with laws and regulations. Discover how other advanced programs can solve the potential third party due diligence issues—including screening, monitoring and auditing techniques—Join the seminar to gain ideas from your peers to improve your third party outcomes.
In the next newsletter watch out for third party issues relating to;
- Oversight of interconnected third party risk in silos
- Collecting unautomated, dispersed and non-integrated third party processes and data into intelligence and technology.
- Adequate processes to monitor changing third party relationships
Register today! http://www.copenhagencompliance.com/2017/annual/register.htm