Fraud doesn’t take a break in times of crisis – in fact, that’s often when it thrives. And the same is true for supplier fraud. Unethical business practices by third-party partners can directly impact your organisation in all sorts of ways. This type of fraud can cause financial, logistical, and reputational harm. Managing Third-Party Risks Checklist
Locked in the grips of the COVID-19 pandemic, New York City found itself desperately in need in medical supplies. In particular, the city that has been hit hard by the pandemic was in need of millions of 3M-brand N95 respirators, the type that keep health care workers, police, paramedics and others safe.
A supplier emerged to potentially fill this need. Unfortunately, he had a scheme to defraud the city of $45 million through price-gouging and by fraudulently posing as a 3M- dealer. The fraudster, a former used car dealer in New Jersey, now faces charges of wire fraud and wire fraud conspiracy in a three-count criminal complaint unsealed in U.S. District Court in Manhattan (New York Times, 2020).
The case is an unfortunate reminder of what type of fraud and corruption lurks in supply chains. While a crisis presents new vulnerabilities – often, safeguards are bypassed for urgency – companies have to be on guard for third-party fraud at all times. Due diligence isn’t just a corporate buzzword, nor is it a concept to keep compliance officers happy. It must be an integral part of every organisation’s core business model.
The following are some key third-party due diligence measures every organisation can do to stay better protected from supplier or contractor fraud.
Before evaluating its third-party partners, an organisation should look inward and measure its own risk management tools. These include the following:
- Audit and supervision functions
- Business continuity plans, supply chain alternatives (very critical would considering third-party contracts)
- Jurisdictional considerations
- Data and IP protection
- Whistleblower policies
Conduct due diligence
The organisation should engage a risk management process on all current and potential suppliers and contractors. For each third party, the following should be evaluated:
- Business and operations
- Financial condition and reputation
- Experience, culture, vision and business style
- References and government records (including any legal action, bankruptcies, structure changes)
- Background checks (including ownership and key personnel)
- Insurance and certifications
Maintain management oversight
Proper due diligence is only worthwhile if appropriate action is taken in response to its findings. Once third-party partnerships have been evaluated and approved, the organisation should continue to manage, monitor and maintain these relationships. Risk management is not a one-time process. It should be scheduled on a regular bases (yearly at minimum) to ensure the proper standards are maintained for the organisation.
Not every company or government organisation is ordering emergency supplies due to COVID-19 or other crises. With proper third-party due diligence, however, organisations can be protected year-round from the risk of any of the following serious pitfalls:
- Merging with an international business embroiled in behind-the-scenes legal battles.
- Getting caught up in making procurement decisions involving the inappropriate influence of government officials who were slated to receive kickbacks.
- Partnering with organisations that are potential credit risks, have claimed bankruptcy, have dissolved stated companies or are faced with debtor filing
- Awarding work to an overseas contractor with absolutely no prior experience
- Affiliating with a contracting company owned by a politician with significant influence on future awards
For many organisations, it is recommended and necessary to have a team of professionals guide you through the process of implementing a comprehensive program for third-party due diligence. That’s where CRI Group comes in. We have one of the largest, most experienced and best-trained integrity due diligence teams in the world. With multi-lingual teams that have conducted assignments on thousands of subjects in over 80 countries, CRI Group’s due diligence experts are committed to maintaining and constantly evolving our global network.
Our 3PRM™ service is flexible and we tailor our scope to address an organisation’s specific concerns and risk areas. Our extensive solutions include due diligence, employee pre- and post-background screening, business intelligence and compliance, facilitating any decision-making across your business no matter what area or department.
Get ahead of any potential problems down the road with suppliers, contractors, and other third-party partners. Contact CRI Group today and learn more about our third-party due diligence and risk management solutions.
If you have any further questions or interest in implementing compliance solutions, please contact us.