Panama Papers Scandal Puts Third Party Risk in Focus

randy-stephens.png

The Panama Papers scandal should serve as a wake-up call for every organization—and it should prompt compliance officers to closely scrutinize the third party vendors they do business with.

The Panama Papers are made up of millions of documents pulled from the law firm Mossack Fonseca files and leaked to the media. While it may seem like “karma” for Mossack’s clients who may have been trying to obscure shadowy financial transactions, it’s a catastrophic breach for the firm—and for its clients, many of whom may be ethical, law-abiding organizations that have also had their confidential information compromised.

As I recently wrote in reviewing our Third Party Risk Management Benchmark Report, released in March, compliance officers are struggling to deal with the risk of third party misconduct. In the wake of the Panama Papers, the compliance lesson for organizations is that it is more important than ever to take steps to ensure you’re managing that risk.

In any relationship with a third party organization, risk management should begin before engagement and it should begin with due diligence. When an organization considers engaging a third party to represent it, the mindset should be that the third party often stands in for an employee.

A risk-based due-diligence evaluation will include looking for past issues, such as negative publicity, placement on a watch list or other publicly discoverable information. If your organization values and maintains strong compliance and training programs (especially around anti-bribery and corruption) any third party you engage should also be expected to support and visibly demonstrate a similar commitment.


What do you have to say? Share your thoughts in the comments below or join a discussion group on Compliance Next.


Is the DOJ’s New FCPA Pilot Program an Offer You Can’t Refuse?

A new pilot program from the US Department of Justice’s Criminal Division Fraud Section offers companies incentives to self-report potential FCPA issues. Learn more about potential implications for your program in this blog post.

Previous/Next Article Chevron Icon of a previous/next arrow. Previous Post

Reports Reveal Four Cyber Security Trends—and the Need for Better Cyber Security Training & Awareness

Learn about several emerging cyber security trends and how they may impact your compliance program.

Next Post Previous/Next Article Chevron Icon of a previous/next arrow.

Comments