third party compliance in india
play

THIRD PARTY COMPLIANCE IN INDIA Red Flags, Cultural Hurdles & - PowerPoint PPT Presentation

Dun & Bradstreet presents: THIRD PARTY COMPLIANCE IN INDIA Red Flags, Cultural Hurdles & Emerging Best Practices Manish Sinha Managing Director India Satyajit Nandi Abhay Bhat Senior Manager, Third Party Compliance Head, Legal


  1. Dun & Bradstreet presents: THIRD PARTY COMPLIANCE IN INDIA Red Flags, Cultural Hurdles & Emerging Best Practices Manish Sinha Managing Director – India Satyajit Nandi Abhay Bhat Senior Manager, Third Party Compliance Head, Legal & Compliance Date: November 14, 2017 Venue: St. Regis

  2. “It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you'll do things differently.” WARREN B UFFET Compliance as an Essential Element of an Organization’s Culture 2

  3. The Third Party Landscape Continues to Grow Source: NAVEX Global Survey, 2016 Source: Fraud and Corruption – Driving Away Talent – Asia Pacific Fraud Survey, 2015 - EY Compliance as an Essential Element of an Organization’s Culture 3

  4. D&B’s Third Party Compliance Program D&B uses an Engagement Based Approach in which each individual engagement is risk-assessed and screened. Broad scope to include all third-parties such as agents, distributors, JV Partners etc. Engagement Based Approach D&B Tiers the Third-Parties across D&B proactively audits some of the Proactive Risk Engagement Risk and Market Risk high-risk third-parties Audit and Tiering and then applies a risk-based D&B also has Real-Time, Ongoing Ongoing and screening methodology across the alert and monitoring of the on 01 Monitoring Screening value chain boarded Third-Parties 08 02 D&B uses our own ownership data Internal and Third Party The Third Party Compliance Program Locally as well as our own internal External Skill and Expertise 07 03 is implemented regionally with platforms such Compliance Check, Global Compliance Central Direction, Control and On-Board in partnership with Oversight and local, on-ground appropriate External Partners to knowledge and market expertise reinforce and supplement the program 06 04 05 Cross- D&B trains the Third-Parties using on- Training D&B applies a Cross-Functional Risk line, training courses on D&B’s Functional Assessment and Mitigation to the Partner Code of Conduct; which has View Third-Parties across other areas been specifically designed for Third- including but not limited to the Leverage Parties business, IT Security, Data Privacy etc. Technology D&B utilizes Technology across the Value Chain to deliver efficiency as well as scalability across markets; Compliance as an Essential Element of an Organization’s Culture 4

  5. D&B’s Third Party Compliance Program – Tools & Sources Beneficial Ownership Compliance Check On-Site Audits and Verification Master Data Third d Party ty Entity and Principal / Shareh reholde der r 1 Inform rmati tion Ultimate te Benef efici cial Owners ershi hip – Upto 4 level els; s; 2 includi ding g Domes esti tic and Globa bal Ultimate te Entity and Shareh reholde ders rs Adverse rse Media, , Sanctions s Lists, s, Litiga gati tion 3 Searche rches, s, Human Traffick cking g Index, Compliance ce Verifica cati tions and Backgrou ground d Check ecks s 4 . On On-Site te Audits s and Verificati tions On On-goi going, g, Real-Time e Monitori ring g and Alert rt 5 Reporti rting Compliance as an Essential Element of an Organization’s Culture 5

  6. What are some of the largest risks that we have seen in India Supply Chain? LEGAL & COMPLIANCE FINANCIAL VIABILITY RISK Risk that the customer is not in compliance Risk of disruption to the customer’s with laws, ethical standards, or its own operations due to a third party no longer policies/standards/ procedures because a being a going concern third party does not have adequate compliance management processes/controls over its products/services/systems REPUTATIONAL INFORMATION SECURITY RISK Risk of brand damage to the customer Risk of inappropriate disclosure, due to a third party’s inability to meet the corruption, or destruction of the requirements customer’s information due to a third party’s failure to provide appropriate security and privacy controls OPERATIONAL DELIVERY CONTRACTUAL RISK Risk of a financial loss to the customer Risk of the third- party’s inability to meet and/or an adverse impact to the contractual terms or and/or a risk of customer’s product/service delivery due incomplete or inadequate contractual to inadequacies in a third party’s internal provisions processes/people/systems and/or other third-party issues Compliance as an Essential Element of an Organization’s Culture 6

  7. Red Flags – What are some of the Red Flags that D&B has seen in India across the Third-Party Landscape? • Third Parties using family members as front-person(s) to avoid taxation • Use of intermediaries to liaise and/or coordinate with Government Official for issuance of licenses and/or permits • Conflict of Interest with D&B Team-Members • Hesitation to comply with on-boarding process • Demands cash payment , or other special arrangement, or receives or requests unusual bonuses or commissions • Does not disclose the use of Sub-Contractors (4th and 5th Party Compliance) • Politically Exposed Person (PEP) at the Third Party Compliance as an Essential Element of an Organization’s Culture 7

  8. Emerging Best Practices: What is Coming Next?

  9. Emerging Best Practices Across Third Party Compliance • Convergence of Procurement and Third Party Compliance • Rapid Move toward End-To-End Automation Using Software and Workflow Solutions to enable development of scalable, risk-based program with the resources being focussed on risk mitigation rather than manual, transactional activities (Competitive Advantage – Best-In-Class Programs) • Best in Class programs will need to become more data-driven with metrics to measure impact on company culture and growth and to provide ROI to the organizational leadership • Expansion of the Third-Party definition beyond traditional suppliers to include Partners, Distributors, Alliances, Joint Venture Partners etc as well as scope expansion of the Third-Party Compliance Program to review deeper down within supply chains to include 4th and 5th parties more effectively and relying more on data to drive due diligence and risk mitigation • Implementation of real-time, continuous monitoring to enable move away from a static, one-time approval based process • Cross-Functional Third-Party Process to ensure implementation of a multi-faceted approach to Risk Assessment and Mitigation (Compliance, Legal, Commercial, Privacy, Information Security, Data Governance etc.) Compliance as an Essential Element of an Organization’s Culture 9

  10. Thank You.

Recommend


More recommend