How can data analytics be used for continuous improvement where the primary sales force used by a company is third-parties? A clear majority of FCPA violations and related enforcement actions have come from the use of third-parties. While sham contracting (i.e., using a third-party to conduit the payment of a bribe) has lessened in recent years, there are related data analysis that can be performed to ascertain whether a third-party is likely performing legitimate services for your company. There are several more analytics that can be run in combination to identify suspicious third-parties and some of the simplest can be to look for duplicate or erroneous payments, all of which can lead to continuous improvement. Here we focus on the question posed by the 2019 Guidance, How does the company monitor its third parties?
The final concept of finding patterns that can be discerned through the aggregation of huge amounts of transactions, is the next step for compliance functions. Yet data analysis does far more than simply allow you to follow the money. It can be a part of your third-party ongoing monitoring as well by allowing you to partner the information on third-parties who might come into your company where there was no proper compliance vetting. The opportunity for continuous improvement through a feedback loop is obvious and a clear step you should take going forward.
Three key takeaways:
- Always remember to follow the money to see where a pot of money could be created to fund a bribe.
- Transaction monitoring techniques around fraud monitoring translate to data analysis for compliance.
- Do not forget to check names against known PEP and SDN lists.