Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
Third Party: How to negotiate Compliance clauses and requirements
Croatia East Europe Ethics and Compliance 2019
Giovanna Feres Crotti
Brazilian lawyer living in Lisbon, Portugal.
Specialized in Data Protection by Lisbon U; Corporate Law byFGV; Compliance and Corporate Governance by INSPERInstitute; and Compliance Professional with the CCEP-I(Certified Compliance & Ethics Professional International).
I have worked as Latin America Compliance Specialist at 3Mand now I´m a Data Protection and Compliance Consultantat WeEthic.
Agenda
1. Third Party Relations
2. Third Party Due Diligence
3. Third Party Requirements and Clauses
4. Best Practices
Agenda
1. Third Party Relations
2. Third Party Due Diligence
3. Third Party Requirements and Clauses
4. Best Practices
Third Party Relations
Company
Customers
Distributors
Sales Represent
ativesVendors
Key OpinionLeaders(KOL)
Sub contracto
r
Sub distributo
r
OECD Corruption Trends
Source: OECD Foreign Bribery Report 2014
Payment through
intermediares; 75%
Companies own payment; 25%
1. Petrobras (Brazil): $1.78 billion in 2018.
2. Telia Company AB (Sweden): $965 million in 2017.
3. MTS (Russia): $850 million in 2019.
4. Siemens (Germany): $800 million in 2008.
5. VimpelCom (Holland): $795 million in 2016.
6. Alstom (France): $772 million in 2014.
7. Société Générale S.A. (France): $585 million in 2018.
8. KBR / Halliburton (United States): $579 million in 2009.
9. Teva Pharmaceutical (Israel): $519 million in 2016.
10. Keppel Offshore & Marine Ltd. (Singapore): $422 million in 2017.
Top Ten FCPA Cases
70% involved
ThirdParties
Agenda
1. Third Party Relations
2. Third Party Due Diligence
3. Third Party Requirements and Clauses
4. Best Practices
What
It is a process to know your business partners (Third Parties) and the
risks involving your relationship with them.
Why
Know your TPsKnow the risks
involvedMitigate risks
foundBe prepared
Act preventiveProtect your
companyMake sure TPs
act with integrity
Make sure TPs know your company’s
policies
Reduce/ eliminate liability
from TP’s conduct
Reduce / eliminate fines
Your Company may will be liable
FCPA: prohibits any payments made tointermediaries with the knowledge that suchpayment will be channeled to foreign publicofficials for corrupt purposes. Theknowledge requirement includes situationswhere the company should have known therelevant acts.
• Labor• Business• Corruption/Frauds• Money laundering• Terrorism• Environment• PEP
How
List all types of TPs
• Government nexus
• CPI• Known red
flags• Size of
opportunity
RENEW PROCESS
Divide into categories
and prioritize risky ones
Media research for
red flags
Document red flags
and create mitigation
plans
Implement plan and archive
evidences
Case Scenario
• Old Health Care Distributors• Special discounts for public bids
• Due diligence • New Corruption Red Flag Found• Meeting to understand red flag
• Request of explanatory documents
A B
Case Scenario
A B
• Corruption INVESTIGATION• Company A confirmed unethical
actions during public bids• Company A did not have
Compliance Program• Company A did not cooperate with
documents and explanations
• Corruption GUILTY SENTENCE• Company B confirmed situation and
explained with details• Guilty employee was dismissed • Company B adopted a Compliance
Program• Company B shared all documents
related to the case• Company B committed to our Code
Case Scenario
A B
• Corruption INVESTIGATION• Company A confirmed unethical
actions during public bids• Company A did not have
Compliance Program• Company A did not cooperate with
documents and explanations
TERMINATED
• Corruption GUILTY SENTENCE• Company B confirmed situation and
explained with details• Guilty employee was dismissed • Company B adopted a Compliance
Program• Company B shared all documents
related to the case• Company B committed to our Code
BUSINESS RELATION CONTINUED WITH RESTRICTIONS
Agenda
1. Third Party Relations
2. Third Party Due Diligence
3. Third Party Requirements and Clauses
4. Best Practices
Usual Requirements
• Compliance Clauses
• Audits/Investigations
• Adhere TP’s Code of Conduct – Be flexible
– Compare codes
• Share internal documents– Be aware of confidential documents
• Training – Types (online, in person, during business
meetings, etc)
– Signature of certifications
– Training to all employees doing business with your company
Agreement
Terms
✓ Comply to Laws
✓ Audit / Investigation
✓ Due Diligence
✓ Code of Conduct / Policies
✓ Report illegal situation
✓ Trainings
Agenda
1. Third Party Relations
2. Third Party Due Diligence
3. Third Party Requirements and Clauses
4. Best Practices
✓ Include TP due diligence as part of the process to register new TPs;
✓ Make decisions together with the business area;
✓ In acquisitions always consider the acquired company’s
TPs;
✓ Create metrics and a dashboard to follow up;
✓ Nominate champions in each area;
✓ Do the TP due diligence before you start the
relationship;
✓ Include recipients of donations/sponsorships in the due diligence process.
Due diligence cannot be an obstacle to the business! It is easier to say NO, but your job is to help find POSSIBLE ways!
Best Practices
Compliance is a team work!
Make sure your work colleagues feel as
included and responsible as you
are!
• Review your compliance procedures keeping the GDPR in mind;
• Be aware that GDPR may affect the due diligence process whenconsidering personal data from employees or partners;
• Take close look into document/information saving time limit.
GDPR’s Impact
Thank youObrigada
Hvala
Giovanna Carbonezze Feres Crotti
+351 910490460
Lisbon, Portugal