Anti-Corruption and Anti-Bribery

Printer Friendly, PDF & Email

APPENDIX 5-C: Checklist for Managing Third-Party Risk

Third parties are under formal contractual agreement with company and management has contract on file.
Regular audits are conducted by company to ensure third-party contractual agreements are managed and enforced as agreed.
Contractual agreements with third parties clearly set forth expectations regarding the relation­ship and adherence to specific company standards and policies.
Third-party contracts prohibit third-parties from unilaterally sub-contracting its contractual responsibilities with other entities.
Nature of relationship clearly identifies legal status of entity, place of incorporation.
Third party conducts background checks on all employees, contractors, associates and others working on its behalf.
Company has a Code of Conduct in place applicable to third parties or requirement that third parties have own Code. Company addresses how the Code is formally applied and enforced with third parties.
Third parties certify that they have read and understood the company’s Code of Conduct or their own substantially similar Code.
Third parties receive periodic, effective training and communications (in local language) on standards, culture, compliance, and other legal requirements.
Company has a widely publicized and readily available global reporting mechanism and pro­cess where employees, contractors, third parties, agents, etc., can seek guidance, report con­cerns and ask questions (anonymously if desired).
Anti-bribery/anti-corruption standards and training are effectively communicated and pro­vided to everyone in the organization to include employees, third parties, contractors, etc.
Third parties are required to certify that they have received, completed, understand and will comply with anti-corruption/anti-bribery policy and training.
Third-party is NOT a current or former government official, employee or agent or a relative.
Clearly defined and legitimate business purpose exists for engaging third parties.
Third party is qualified and experienced to engage in the service or activity he or she was retained to undertake.
Third parties paid via standard payment protocols established by company (ex. direct deposit).
Employees working with third parties are knowledgeable of applicable anti-bribery, anti-corruption, and U.S. FCPA compliance standards.
Third-party activities are closely monitored by company management in all operating locations.
Third parties are directly supervised and managed by company employees in high-risk operating locations.
Supply chain, procurement, accounting, senior and local management, legal and compliance trained on third-party compliance standards and can readily identify red flags.
New third-party relationships in high risk countries or where activities involve regulated or high risk operations are reviewed and approved by the company’s CECO or other designated company official.
Conflict of interest check completed.
Third party subject to any past, current and/or pending legal issues, lawsuits, government investigations, inquiries, etc. If so, describe the nature and disposition of these actions.
Company actively assists third parties in mitigating compliance risks.
Regular and ongoing audits are conducted at third-party sites and operating locations for all business activities. Includes risks assessment, site visits, and management and employee inter­views, document review.
Company performs due diligence efforts on third parties prior to entering into business relationships.
This document is only available to subscribers. Please log in or purchase access.