By Mark Dorosz
VP of Compliance Learning, Interactive Services
Being cautious is a critical aspect of Anti-Bribery and Corruption compliance training, and is important for both internal and external parties. Third-party diligence and comprehensive vetting processes are some of the best ways to avoid DOJ and SEC investigations and penalties. When planning and developing training content, it may help to incorporate risk assessments that identify vulnerabilities in third-parties.
Internal Assessments
Researching and documenting the current state of compliance and training will help identify weak processes and knowledge gaps. An internal audit or assessment will benchmark how closely rules are followed, how risks are evaluated and how departments are different. Employees should learn what is required to generate payments and how any due diligence may be bypassed. How payments are tracked to match the consistency with intended purposes or recipients during the transaction process is important. Employees should know what criteria are in place to measure the risks associated with third-parties, professional intermediaries and indirect commodity suppliers.
Risk Controls
The content and focus of anti-bribery and corruption compliance training may depend on how the organization currently controls, mitigates and responds to risks. During training, employees should be introduced to the reporting, documenting and decision-making tools and processes that are proportionate to different risk levels. Training may start out by reviewing environmental factors, such as direct selling to countries with high corruption levels or indirectly selling to sales agents and redistributors who may work with unknown third-parties. Key factors of calculating risks may include the geographic location, business intelligence, vendor questionnaire and scope of service.
Risk Factors
Understanding the four basic risk factors that may make an organization more susceptible to corruption and financial abuse will help employees make the right decisions. First, the scope of service is one of the most fundamental keys of assessing the potential risks. Second, geographic risk management may involve local laws, research, languages, cultural nuances and business affairs bureaus. Third, business intelligence may include cost comparisons, vetting data, referral approvals and suitability and qualification validations. Fourth, third-party questionnaires may yield valuable information about due diligence, codes of conduct and internal controls.
[clickToTweet tweet=”Being Cautious with Risks: Anti-Bribery and Corruption Training” quote=”Being Cautious with Risks: Anti-Bribery and Corruption Training” theme=”style3″]