MENLO PARK, Calif.
July 9, 2014
/PRNewswire/ -- Protiviti (
), a global consulting firm, has released the Protiviti
Governance Portal for Third-Party Anti-Corruption
, enabling companies to develop and manage a risk-based, third-party anti-corruption program that supports compliance with the U.S. Foreign Corrupt Practices Act (FCPA) and other anti-corruption laws. The Governance Portal for Third-Party Anti-Corruption v4.1 is a new module of the
Protiviti Governance Portal
, a GRC (governance, risk and compliance) platform that helps organizations efficiently support multiple GRC activities. With the new module, companies can manage corruption risk across their third-party ecosystem from a single, centralized platform. Protiviti also provides consulting services to support anti-corruption programs with anti-corruption strategy, due diligence and remediation activities.
"For large companies, the most common source of FCPA violations comes from third parties acting on their behalf," said
, managing director and global lead of Protiviti's Investigations and Fraud Risk Management practice and former FBI special agent. "Acknowledging the unique risks these 'intermediaries' present and having a well-conceived policy to combat them simply aren't enough. To fully operationalize an anti-corruption program, organizations must have the technology and content to manage the underlying processes and align them with their internal controls and audit programs."
Third-party Due Diligence
, the Criminal Division of the U.S. Department of Justice along with the U.S. Securities and Exchange Commission jointly released "
A Resource Guide to the Foreign Corrupt Practices Act
." The guide outlines 10 "Hallmarks of an Effective Compliance Program," one of which relates to third-party due diligence and payments. According to the guide, "DOJ's and SEC's FCPA enforcement actions demonstrate that third parties, including agents, consultants, and distributors, are commonly used to conceal the payment of bribes to foreign officials in international business transactions. Risk-based due diligence is particularly important with third parties and will also be considered by the DOJ and SEC in assessing the effectiveness of a company's compliance program."
The Protiviti Governance Portal for Third-Party Anti-Corruption enables companies to:
- Create a centralized repository for all program data and activity.
- Gather responses to third-party anti-corruption questionnaires prior to contract approval.
- Establish a risk-scoring model that aligns with the company's overall anti-corruption policy and create scorecards for its vendors and business partners.
- Identify third parties with heightened risk, allowing organizations to allocate resources on a risk basis for additional investigation and follow-up.
- Manage overall workflow, investigative cases and approvals.
- Maintain a complete audit trail of activities.
- Continuously monitor third parties against watch lists
"The Protiviti Governance Portal for Third-Party Anti-Corruption provides an easy and cost-effective way for large organizations to create a sustainable, consistent process for evaluating and managing the risks associated with their agents and third-party business partners scattered around the world," said
, managing director of Protiviti's Risk Technologies group. "It also helps companies to develop a standardized risk-scoring methodology based on their unique requirements and risk scorecards, allowing them to more easily identify and take action against the entities that present the highest risk to their organizations."
Complimentary Webinar on July 15
Protiviti will conduct a complimentary webinar to explore effective third-party anti-corruption programs on
10:00 a.m. PDT
. The 60-minute webinar is eligible for CPE credit* and will feature Protiviti's Moritz and guest speaker
, principal analyst and research director with Forrester Research, Inc. Please register for the webinar at:
The Governance Portal is a flexible technology solution that provides the visibility and oversight organizations need to manage enterprise and operational risks, optimize internal audit processes, monitor compliance risk, reduce the cost of financial controls management and improve IT governance.