February 25, 2010

Transparency in Due Diligence: The Argument for Cooperative Background Checks

Posted by wrageblog under Due diligence, TRACE | Tags: , , , |
Leave a Comment 

Due diligence on commercial intermediaries is a critical part of any anti-bribery program, but the debate continues over whether to conduct diligence openly and transparently, with the knowledge and cooperation of the intermediary, or in a covert fashion, without the intermediary’s participation or awareness. Companies that conduct due diligence in-house generally do so with some involvement from the intermediary under review, together with many external checks and balances, including business references, media searches, denied party searches, embassy consultations and/or public records verifications. Outside due diligence providers generally take an exclusively covert approach, arguing that information obtained this way will be more arms’-length and so more reliable. Avoiding the involvement of the intermediary can also help providers control cost and delay as the process is entirely within their control.

Due diligence is one the key anti-bribery compliance services that TRACE provides to its members. As such, we’ve done a great deal of research and given this a lot of thought. With commercial transparency at the heart of our mission, we have found that due diligence is most effective when conducted in a robust and meaningful but open and transparent manner with the intermediaries’ participation and consent. This approach will yield, in most circumstances, more accurate information and a better, more cooperative business relationship. It also mitigates some of the data privacy and related confidentiality concerns surrounding collection of due diligence materials covertly.

The most common question we get from new member companies is whether an intermediary can deliberately withhold or fabricate information during a TRACE review. Of course they can, which is why the intermediary can never be the sole source of the information gathered. On the other hand, certain critical information related to the intermediary’s business – such as audited financial statements or the names of the employees assigned to a company’s account – can only be obtained from the intermediary. (And wouldn’t it be embarassing to uncover negative information years into the relationship and have the intermediary shrug and say: “you never asked”?) Numerous independent external checks can be built into a due diligence system to provide a full and robust picture. If an intermediary deliberately provides false information and your company learns of the misrepresentation through these external checks, the decision about whether you want to work with the person or entity will be a simple one. They’ve been caught “red-handed”. The process is cumulative and the intermediaries’ own disclosures was an important starting point. If the right cross-checks are in place, dishonest intermediaries will be uncovered and challenged quickly.

On the other hand, if the covert approach turns up worrying information, it can be extremely difficult and expensive to confirm it and more difficult still to lay it to rest. Typically, the source of such covert information won’t be revealed. Well-meaning sources can easily provide inexact information simply because they are one or more steps removed from the people or entity at issue. In some cases, the information comes from competitors, who often will have little incentive to provide accurate information to the questioner. No matter what, the information compiled will be less thorough and there is no place to go with it.

Like transparent due diligence, covert due diligence also includes information from local and international data bases and media searches. The problem here, too, is that media reports can be unreliable, if not actually malicious. Even when this is not the case, the media often report a dispute or allegation, but not the ultimate resolution. We have seen companies spend tens of thousands of dollars chasing media reports down rabbit holes. When the more transparent approach is taken, the simpler resolution is to ask the intermediary about the report. In some cases, they’ll be able to provide a rationale explanation and often documentary proof: summary judgments resolving litigation in their favor, evidence that the report was about another individual with the same or a similar name, etc. If they can’t refute the story, you still have the information you need to support a decision not to proceed.

There will always be situations in which approaching an intermediary directly simply isn’t possible, at least initially: certain M&A activity, follow-up to serious allegations on current business partners, etc. TRACE undertakes arms’-length due diligence too.  But in most cases, intermediaries will provide timely, accurate and thorough information to satisfy potential business partners. Explaining the purpose and process behind the due diligence at the outset of the relationship, especially in conjunction with a high level of engagement and commitment by the local business staff, will go a long way toward ensuring “buy-in” from the intermediary. This will generally ensure that the intermediary is also more open to training, which most companies will want to provide, and updates to or audits of the due diligence process. From the outset, the relationship can be based on respect and trust and the intermediary can be integrated into the company’s compliance program quickly and effectively.

Companies must take all reasonable steps to guard against the potential both for false disclosures by the intermediary and false disclosures about the intermediary; the company will have more options when they are already in communication with the intermediary. Any discrepancies, inconsistencies or “red flags” can be pursued rigorously. If the intermediary is found to have misrepresented information in light of this, the resolution will be equally clear. Either way, transparency wins out.

 

September 21, 2009

The Anonymous Court: When Due Diligence Services Get it Wrong

Posted by wrageblog under Due diligence, FCPA | Tags: , |
Leave a Comment 

FCPA articles often highlight the risk posed to companies by the company they keep: consultants, sales representatives, joint venture partners. But there’s another side to this story that is rarely told. These third parties can be destroyed by shoddy due diligence as readily as they can be exonerated by responsible background checks. At the heart of FCPA due diligence is an assessment of a third party’s reputation. Assessing reputation can be a difficult task. How much weight should be given to the opinions of competitors? To the comments of former employees? Or to others in the business community who have heard rumors from these sources? Anyone who has had to run a reputational concern to ground knows how difficult it is to prove a negative. It can be easier and less expensive to walk away from questionable due diligence results than to invest the time and expense in helping the intermediary to refute the negative information and restore their reputation.

TRACE members fall into two categories: member companies (the multinationals that use our compliance services) and member intermediaries (the entities we investigate and which become, if all goes well, members of TRACE upon completion of our thorough, collaborative due diligence review process.) We’re the only organization working to promote transparency in both communities and it is important, at times, to recognize that the expense, frustration and loss of business occasionally associated with anti-bribery compliance effects both groups. With that in mind, we invited one company that voluntarily submitted to a TRACE review to tell their story.

* * *

“I have become an expert in a subject that never held any interest for me. Like you, I suspect, I took for granted that it was the fiduciary responsibility of major global financial institutions to perform background checks on business partners before they entered into important contracts with them. The practice has become a standard “check the box” due diligence procedure that investors expect of their fund managers, much like investors expect fund managers to complete appropriate financial, legal and other due diligence before entering into a transaction. There are a number of potential firms that will happily provide these background checks for a fee. Unlike financial audits that follow national or international guidelines and have their own professional certification procedures, due diligence companies have no such professional standards, nor are they regulated by any guild or authority. As a result they have no higher body to which they are accountable. Hence, they are free to report true, false or simply unsubstantiated information to their clients knowing that they will never have to justify what they have written. They have no incentive to make sure their reports are correct. Indeed, they have great incentive to throw in anything they come across, rather than have to make judgment calls about the value of the information. Let me share with you my story and what I have learned over the past three years. My goal is not to ask for you to judge if the background check companies got my story right, but rather to point out failings in the process.

Before I begin I should tell you that I am an American working in fairly challenging markets in Europe. I am an Eagle Scout, Fulbright Scholar, graduate of one of America’s leading business schools, and alumni of both McKinsey & Company and Goldman Sachs. For over a decade I have run my own consultancy in Central Europe. We work for major multinationals and private equity funds after they buy companies in the region; these are frequently former state owned companies. Our job is to manage and restructure these businesses with the goal of creating profitable and efficient companies, a process that takes about a year to complete. After successfully turning around some 15 enterprises it probably comes as no surprise that as part of executing operating costs reductions and renegotiating supply and sales agreements in companies that used to be run by state appointed “apparatchiks” I have curtailed the livelihood of a number of those “managers” and their friends. On the other hand I have made my Western clients very happy; my team generally doubles the profitability of the businesses we acquire in a short period of time.

About three years ago I decided with one of my partners that instead of working as a consultant to private equity funds, we should try to partner with a major private equity fund and become their local operating arm. Given our track record, we didn’t have any problem finding interested partners. The process that ensued generally included some four months of developing a common strategy and operating vision for the new fund. We then negotiated a term sheet for our cooperation. We consistently received enthusiastic preliminary approval of the new investment platform from our partners and then, moments before final contracts were to be signed, received disappointing calls saying things like “we decided to change our strategy,” or “we decided to put off investing in Central Europe for a while.” Each time, we were surprised and frustrated, but picked ourselves up and set off to find a new partner. We finally got lucky. Instead of silence, our third potential partner honestly told us that our background checks were “terrible” and they couldn’t work with us.

We were shocked. We eventually were able to get this third potential partner to explain what exactly the background checks reported. I was apparently accused of embezzling over $100 million, and of supposedly being in conflict with some of my best clients. None of the charges was remotely true. I presented documents and statements from former clients to prove the background report was completely wrong and libelous. The problem is that background check companies require their clients to sign confidentiality agreements that not only forbid their clients from revealing any of the contents of the reports they prepare, but also prohibit the client from disclosing the identity of the background check company that prepared the report.

So, to this day, I have no idea who wrote the report or reports that have kept three global private equity funds from working with me, nor do I have any way of correcting these reports to make sure that in the future they aren’t sent out to some other potential business partner I would like to work with.

It appears that many due diligence companies hire or work with former intelligence officers in the various countries they operate. In Central Europe the former intelligence professionals who are looking for work are likely to have worked for the previous regime. Due to the nature of the charges made against me it is easy for me to identify which former communist CEO is the source of many of the charges. He was fired as part of one of our turnaround projects. Apparently, the author of the background check was content to report all of the false and unsubstantiated charges made by this disgruntled former CEO against me. The lack of any verification or quality control process means that sheer fabrication was given the weight of “truth” by a background check company. As a result, three years of my hard work have been wasted, and three global funds (and perhaps more) that might have benefited from our support weren’t able to.

I find it terribly ironic that the background check process could be corrupted from the inside by former agents of the communist regime. In Central Europe these agents frequently have ulterior motives. It is also extremely troubling that these anonymous reports cannot be found, reviewed or corrected given the impenetrable and anonymous veil of secrecy that Western background check companies maintain. They are able to stand behind this veil and ruin companies by giving rumors the weight of truth and the companies that hire them don’t dare work with the tainted entity thereafter.”

 

September 2, 2009

Caveat Emptor: Getting a Grip on Pre-M&A Due Diligence

Posted by wrageblog under Due diligence, FCPA | Tags: , , , , , , |
1 Comment 

It’s been a busy year for Billy Jacobson. Last year, he was working FCPA cases as Assistant Chief of the Fraud Section at the Department of Justice. More recently, he became a partner in the Washington office of Fulbright & Jaworski. And then, to complete the hat-trick, he joined Weatherford International as Vice President and Chief Compliance Officer. It’s safe to conclude that he has seen most FCPA challenges from all angles. We asked Billy to talk about due diligence specifically in the context of international mergers and acquisitions and he sent this summary of a recent article posted here.

* * *

“In today’s increasingly aggressive enforcement climate, it is a legal and business imperative for entities to conduct thorough due diligence prior to consummating a merger or acquisition. Due diligence should further two primary, related goals: (1) learning as much as possible about the target in order to properly evaluate and address any anti-corruption risks and (2) creating a due diligence file sufficient to withstand later scrutiny. That is easy in theory, but how much diligence is enough? Based upon how FCPA liability may be imposed on acquirers, significant applicable enforcement actions, recent DOJ guidance, and practical experience, I’ve attempted to answer that question in the article “Caveat Emptor: Why and How FCPA Due Diligence Should Be Conducted Prior to Mergers and Acquisitions.” The article is summarized below.

The threshold step of any pre-merger or acquisition due diligence is to identify risk areas. The risk areas can be categorized as environmental considerations, including the level of corruption in the country where the target is based, and specific organizational considerations, including the target’s anti-corruption policies, procedures, and internal controls. Early identification of these risk areas facilitates the identification of initial red flags and further serves as a guidepost for ongoing fact-finding.

Fact-finding, the most expensive and time-consuming portion of due diligence, should consists of several steps. First, the acquirer should conduct initial, high-level and in-person interview(s) with target management before a review of documents and accounting records to understand the target’s operational and financial structure and to learn of potential problem areas. Second, the acquirer should examine and assess the target’s anti-corruption compliance procedures and internal controls. The lack of anti-corruption compliance procedures and/or internal controls speaks volumes about the potential risk. The existence of anti-corruption policies and/or internal controls is great, but an acquirer should conduct an assessment of whether and how they actually work. Third, unless the target has no, or minimal, business with government customers, the acquirer should conduct a forensic review of the target’s books to identify suspicious payments to third parties. The forensic review should cover, among other areas, petty cash accounts, travel and expense records, and approved vendor lists for potential red flags including, but not limited to, large and/or round-dollar payments, patterns of recurring payments, payments to employees outside of the payroll system, third-country payments, and payments with unacceptable descriptors.

Depending on the nature of the questions and/or red flags raised during the fact-finding steps described above, the acquirer should follow-up as needed with supplemental interviews, additional review of accounting records, or even selected searches of electronic and hard copy data. The acquirer should then evaluate the facts and judge whether a potential risk should be classified as a yellow light or a roadblock, depending on the anticipated nature, likelihood, and severity of consequences associated with the risk. If the anticipated risk is low, the acquirer may decide to proceed with the transaction. If the risk is high, the acquirer should think long and hard before proceeding with the transaction.

If problems are discovered within the target, the acquirer should consider whether to alert the government prior to the acquisition in an effort to avoid liability flowing to the acquirer. The acquirer must also, of course, consider how to remediate the problems found within the target if the acquisition proceeds. Additionally, the acquirer should integrate its anti-corruption policies, procedures, and accounting controls into the former target. This includes training personnel of the former target as quickly and as extensively as practicable, and where necessary, completing due diligence on any issues not finalized in the pre-acquisition due diligence. The acquirer should also continue to monitor the former target’s compliance with its representations and warranties and the acquirer’s anti-corruption policies, procedures and internal controls by, among other methods, conducting reviews or audits, requiring personnel to annually certify their compliance, and where needed, appropriately disciplining rogue personnel.

While the above-summarized steps are neither convenient nor inexpensive, acquirers must adapt to the current enforcement environment. Conducting robust due diligence demonstrates adherence to applicable anti-corruption laws and will more than pay for itself if the acquirer is able to avoid buying itself a big legal liability.”

 

August 13, 2009

Transparency in Due Diligence: Secret Squirrel vs. Open Kimono

Posted by wrageblog under Due diligence | Tags: , |
Leave a Comment 

Due diligence on commercial intermediaries is a critical part of any anti-bribery program, but there is a lot of debate over the best approach to take. At the center of this debate is whether to conduct the diligence openly and transparently, with the knowledge and cooperation of the intermediary, or in a covert fashion, without the intermediary’s participation or awareness. Companies that conduct due diligence in-house generally do so with some involvement from the intermediary under review, together with many external checks and balances, including business references, media searches and denied party searches. Outside due diligence providers generally take an exclusively “secret squirrel” or “dumpster diving” approach, arguing that information obtained this way will be more arms’-length and so more reliable.

In the interest of our own transparency, due diligence is one the key anti-bribery compliance services that TRACE provides to its members. As such, we’ve done a great deal of research and given this a lot of thought. With commercial transparency at the heart of our mission, we have found that due diligence is most effective when conducted in an open and transparent manner with the intermediaries’ participation and consent. This approach will yield, in most circumstances, more accurate information and a better, more cooperative business relationship. It also mitigates some of the confidentiality concerns surrounding collection of due diligence materials.

The most common question we get from new member companies is whether an intermediary can deliberately withhold or fabricate information during a TRACE review. Of course they can. But careful external checks are built into the system to improve the chances of detection and member companies and our partner law firms in 95 countries can, at times, serve an important verification role. If an intermediary deliberately provides false information and your company learns of the misrepresentation through external checks, the decision about whether you want to work with the person or entity should be a simple one. They’ve been caught “red-handed”.

On the other hand, if the “secret squirrel” approach turns up worrying information, it can be extremely difficult and expensive to confirm it and more difficult still to lay it to rest. We saw this situation recently with due diligence undertaken by a global due diligence firm. The firm had done a thorough job and had “uncovered” information indicating that the principal of the entity had been a senior government official. Typically, the source of such covert information can’t be revealed by due diligence providers, who seek to protect their informants. Well-meaning sources can easily provide inexact information simply because they are one or more steps removed from the people or entity at issue. In some cases, the information comes from competitors, who often will have little incentive to provide accurate information to the questioner and may, in fact, have a contrary motive. No matter what, the information compiled will be less thorough and there is no place to go with it.

Because the intermediary in this situation was also a TRACE member and so had undergone our due diligence review the company asked us to verify the new and conflicting information. We were able to approach the intermediary with the allegation, which contradicted the information they had provided to us previously, and the confusion was readily resolved. (The principal was able to provide meticulous documentation that he had briefly held a position that sounded governmental, but was actually related to a brief, honorary role with an independent business association.) The red flag was resolved without ill-will or damage to the business relationship because the initial, cooperative review had been frank and transparent and had resulted in the intermediary’s understanding of the purpose and scope of a robust due diligence review. They were invested in the process and in the accuracy of their due diligence file.

Like transparent due diligence, covert due diligence also includes information from local and international media searches. The problem here, too, is that media reports can be unreliable, if not actually malicious. Even when this is not the case, the media often report a dispute or allegation, but not the ultimate resolution. We have seen companies spend tens of thousands of dollars chasing media reports down rabbit holes. When the more transparent approach is taken, the simpler resolution is to ask the intermediary about the report. In many cases, they’ll be able to provide a rationale explanation and often documentary proof: summary judgments resolving litigation in their favor, evidence that the report was about another individual with the same or a similar name, etc.

In any event, in the end, the intermediary being vetted usually learns about the covert due diligence effort, which can create distrust and be an immediate strain on the potential business relationship before it has even begun.

There will always be situations in which approaching an intermediary directly simply isn’t possible, at least initially: certain M&A activity, follow-up to serious allegations on current business partners, etc. But in most cases, intermediaries will provide timely, accurate and thorough information to satisfy potential business partners. Explaining the purpose and process behind the due diligence at the outset of the relationship, especially in conjunction with a high level of engagement and commitment by the local business staff, will go a long way toward ensuring “buy-in” from the intermediary. From the outset, the relationship can be based on respect and trust and the intermediary can be integrated into the company’s compliance program quickly and effectively.

Companies must take all reasonable steps to guard against the potential both for false disclosures by the intermediary and false disclosures about the intermediary; the company will have more options when they are already in communication with the intermediary. Any discrepancies, inconsistencies or “red flags” can be followed-up on scrupulously. If the intermediary is found to have misrepresented information in light of this, the resolution will be equally clear. Either way, transparency wins out.

 

July 21, 2009

Due Diligence: the Principle Behind The Process

Posted by wrageblog under Due diligence, commercial intermediaries | Tags: , , , , |
1 Comment 

Continuing our discussion of the importance of a meaningful due diligence process, Brady Long, VP – Compliance, Deputy General Counsel & Secretary, Pride International, Inc., describes  below some aspects of their very robust program.

*           *           *

The discussion on managing intermediaries tends to center around substance – diligence, certifications, training, contracts, invoices, and monitoring/auditing. The process for accomplishing this is typically given less attention, presumably on the theory that each company is unique and should customize its roles, responsibilities and sequencing. While I generally agree with that theory, I believe there is a principle that should inform the process of managing intermediaries – a principle that is reflected in the design, administration and enforcement of my company’s intermediary management program. It is the principle that each intermediary works for the company, not the person or department that hired them. 

As a technical matter, this is true of all vendors – e.g., their contract lies with the entity, they are processed through vendor set-up, they are paid through treasury. However, vendors understandably recognize allegiances to people over organizations, and they are loyal to the employee who gives them work, not necessarily the accountant who reviews their invoices. If this loyalty goes unchecked, the consequent risks, which are numerous and well-documented, include joining a rogue employee in a bribery scheme. In terms of process, though, the critical risk is that the intermediary will be unresponsive to other compliance-related requirements – e.g., completion of training, submission to an audit. If the intermediary doesn’t “answer to” your compliance team, for instance, why should they bother responding to that team’s requests for diligence? While this risk seems to pale in comparison to the actual commission of a felony offense, it may have the effect of concealing or even perpetuating one. Deadlines for diligence, certifications, training and clarification of invoices must be met, and intermediaries understand this best when they know that they don’t just work for the employee who “feeds” them – they also work for the employees who administer the process.

We’ve communicated this principle to our intermediaries through, first, subjecting them to the prior review and approval of the Antibribery Committee. This committee consists of at least one representative of senior management in all departments and meets regularly to discuss intermediaries. Our policies require, and our employee training reiterates, that an employee who wishes to hire a proposed intermediary (the employee being internally referred to as the “sponsor”) must satisfy the committee that the intermediary shares our values. Part of that is accomplished through the “Sponsor Memorandum,” in which the employee justifies the need for the intermediary and vouches for its reputation and compliance with antibribery laws, among other things. The sponsor also participates in the committee meeting at which the intermediary is reviewed, answering questions from the committee and hearing the committee’s concerns, if any. The effect of this is to create accountability, which increases the likelihood that the sponsor will communicate that the intermediary’s contractual requirements (which include diligence, training, etc.) are not “dead letters” but, instead, represent the company’s actual expectations for the intermediary.

Further, after the intermediary has been hired, it is subject to suspension by the committee for any “red flags” that arise, in accordance with the antibribery provisions of the contract. Avoidable delays can rise to the level of a “red flag,” and this is communicated to the sponsor and the intermediary. This further sensitizes the sponsor and the intermediary to requests that arise in the intermediary management program – they are to be satisfied, not put off or even ignored.

Second, we channel requirements for diligence, certifications and training through the sponsors, in recognition of the familiarity the intermediary has with the sponsor and the likelihood that the call, letter or email will be reviewed more promptly as a result. This requires working closely with the sponsors to explain to them the need for the requirements. However, it is an aspect of “imbedding compliance in the field,” which is the ideal. Further, when approached from the perspective of quality control, it is consistent with what the sponsor may already see as his or her traditional duties – ensuring that our vendors provide goods and services that meet our high expectations.

Third, all of our sponsors (along with all management and anyone else who has approval authority) receive annual in-person antibribery training, and a portion of the training focuses on (i) the risks associated with using intermediaries; and (ii) the process through which intermediaries are vetted and, if appropriate, approved.

Fourth, whenever I travel to the field, I make it a point to meet with as many sponsors and intermediaries as possible – not only to interview the intermediaries on, and remind them of, our policies, but also to ensure that they know that the sponsor and I, as an officer of the company and as Chairman of the Antibribery Committee, require them to uphold the company’s ideals. This invariably gives rise to a dialogue on the local landscape in terms of corruption and focuses them on the risks they should be anticipating.

 

June 23, 2009

Making Due Diligence Palatable

Posted by wrageblog under Due diligence, commercial intermediaries | Tags: , , |
1 Comment 

When conducting anti-bribery training for TRACE member companies, the most common question we hear is: how can companies persuade commercial intermediaries to participate in due diligence reviews? This is a concern for all companies, but especially for small and medium-sized companies or companies partnering with state-owned entities. These companies are often less confident about their ability to impose requirements on their third parties. Anne Richardson, Director of Member Services, offers some advice on how to overcome resistance and make the process more collaborative:

* * *

As those in this field know well, a host of compliance “basics” make up a solid and effective anti-bribery compliance program: “tone at the top,” clear and consistent policies and procedures, reporting mechanisms, and training … training … training. Another of these essential elements, of course, is due diligence. As the majority of FCPA cases make clear, third party intermediary relationships carry a high level of risk for bribery. Not that these sales agents or distributors, who are usually small and based in developing countries, deserve all the blame when it comes to corrupt business practices – the small time intermediary making an improper payment to a foreign official in the typical FCPA case often does so at the behest, either explicit or implicit, of a large multinational. Regardless, due diligence has become a key ingredient of prudent anti-bribery compliance for companies working with intermediaries internationally. The flip side of this enforcement trend is equally potent – neither the DOJ nor SEC has brought an FCPA action against a company that had, in fact, conducted meaningful due diligence on its overseas partners. The due diligence process cannot guarantee that an intermediary will not engage in illegal business practices, but having the process in place as part of a compliance program goes a long way toward convincing prosecutors that a company takes anti-bribery compliance seriously.

Due diligence, whether done in-house or through a third party provider, can be a hard sell both within a company, particularly to local business people, and outside a company, to the distributors and agents a company seeks to put through the process. If a compliance officer thinks engaging hundreds (or thousands) of employees and agents in anti-bribery training is tough enough, imagine trying to pitch an intrusive, months-long process that may threaten to delay urgent business transactions. Despite these difficulties, however, there are some strategies and approaches that can help bring everyone on-board.

Potential intermediaries should be educated about the due diligence requirement from the outset; this is where local or regional business people play a crucial role. Candidates should be introduced to the due diligence process at the beginning of the relationship, along with the company’s anti-bribery policy and contractual certification requirements. Explaining the purpose and role of due diligence from the beginning can go a long way toward encouraging mutual transparency once the process begins. Treating the intermediary as a partner at this stage lays the groundwork for respect and accountability going forward, with all parties committing themselves to commercial transparency and appropriate business practices, — and with all parties invested in promoting the company’s reputation in the local market. Having the local marketing team deliver and reinforce the anti-bribery message and play a role in implementing the due diligence process can help establish legitimacy and credibility among the intermediaries a company is seeking to vet. In addition, clear support from the local business staff, including support in enforcing deadlines, will help ensure that intermediaries are responsive during the review process.

The message to intermediaries should assure them that they are not being singled out for due diligence and that the process does not reflect on their business ethics. Instead, due diligence reviews should be explained as a cost-effective and prudent risk-mitigation tool for companies doing business internationally. Intermediaries that are new to the company are likely to accept this more readily than those that have represented the company for many years. For the latter, an extra effort should be made to explain that a compliance program is stronger when the same policies are rolled-out worldwide, without regard to the intermediaries’ country of residence or the longevity of the relationship. When engaging intermediaries in due diligence, a professional, respectful and cordial approach can work wonders. Your company and your intermediaries are, after all, on the same side.

 

April 28, 2009

Due Diligence: Centralized or Local Review?

Posted by wrageblog under Due diligence, commercial intermediaries | Tags: , , , |
Leave a Comment 
In the important – if not very glamorous — world of due diligence, there are still some unsettled issues.   Although we often hear debates about “whether, when and what”, we rarely hear anyone ask where.   Nancy Etzwiler of 3M’s Office of General Counsel sums the issue up nicely.
 
*          *          *
 
“A multinational company establishing its internal anti-bribery compliance program must consider whether to centralize its review and approval process of third party due diligence, permit localized review and approval, or establish a hybrid approval structure.   A number of factors should be considered in tailoring a program to best fit the business and risk profile of a company.

 

One advantage of a centralized review process, often at corporate headquarters, may be a greater concentration of anti-bribery compliance staff, typically with more extensive experience in the scrutiny of due diligence and assessment of red flags.   Centralized review may be more appropriate for a company whose non-U.S. subsidiaries review due diligence only sporadically and do not regularly follow compliance and enforcement developments to enable it to robustly scrutinize due diligence. 

 

A centralize model may also afford greater opportunity to include senior level executives in the review process.  Senior executive presence can elevate the awareness of anti-bribery risks in an organization generally; centralized review may also offer easier access to other senior executives for consultation in difficult decisions, as well as engender faster support (and at times a more elastic budget) for internal compliance staffing or the use of outside resources when needed.  

 

Finally, centralized review also permits a company to calibrate among its global organizations the nature and amount of risk it is willing to accept, and avoid the appearance of inconsistent review standards.

 

Pitfalls of centralized review can be a lack of in-depth cultural awareness, language limitations, and difficulty in completing a review in a timely manner to meet local needs.  Local reviewers are better positioned to assess cultural aspects of due diligence such as the interviewee’s demeanor, local market conditions and practices, and typical fee structures.  Document review as well as interviews of the third parties and their references in the local language can afford more accurate assessments.  Further, unless a centralized review system ensures efficient, electronic due diligence circulation to reviewers, local assessment may be less hamstrung by frequent executive travel and competing priorities that can significantly delay review and result in missed local opportunities.

 

At the same, responsibility for any local review and approvals must be placed where approvers will not succumb to supervisor pressure to deploy risky agents, or where the elevation of any issue to more senior approvers is not thwarted.  In a decentralized model, corporate country directors may be more immune from these pressures, and local in-house corporate counsel can provide a solid complement to this local review.  The requirement of additional reviews, often at the central office, in higher risk circumstances can also undergird a local review structure, such as when proposed commission exceed 10%, certain commission thresholds could be attained (e.g. $100,000 or more),  the total sales opportunity for the company is extraordinary, or if operating in the most risky countries.   This sort of hybrid model can tap the best of both models.

 

Against these considerations, no one model fits all organizations.  The most effective system for an organization will be that which places the review and approval process where the most reliable information can be timely and effectively assessed, and the review decisions supported.”