MANAGING THIRD-PARTY AND COUNTERPARTY RELATIONSHIP RISKS

RC: Could you outline some of the major risks that can emerge from third party and counterparty relationships in today’s business world? What red flags should firms try to identify?

Murphy: In today’s environment, companies have an increased focus on third party risks arising from anti-bribery and corruption regulations, which present companies with a range of compliance issues. As a result of working with the wrong third parties, companies have incurred increased costs due to fines, penalties and investigations, damage to their brand and in some cases debarment. Companies need to be on the lookout for red flags which might indicate such risks. One red flag might be an arrangement with a third party in which payments for goods or services are excessive, or where there is insufficient evidence that the goods or services were actually supplied. Another red flag might be a situation where the description of a third party’s business, as outlined on its website, is inconsistent with the services rendered. Discrepancies in commissions paid to or excessive pricing to a third party might be indicative of a fraud aimed at moving money outside the company. This may be indicative of outright theft or it may be part of a scheme to create a slush fund to facilitate illicit payments. Procurement processes are also open to abuse. Companies should be concerned when there is no evidence of any competing bids when there should be, or there is an absence of documentation detailing the approval process for selecting a third party supplier. Payments made to foreign charities should be closely monitored. We have seen situations where charitable payments have been made where the principle sponsor of the charity was the spouse of a prominent government official, which can obviously be inappropriate. For financial institutions, third party risks also arise from other regulations and legislation designed to protect consumers and prevent money laundering and terrorist financing. Banks need to have Know Your Customer (KYC) programs in place to ensure they understand who their customers are and the source of their deposits. Having a customer make a significant deposit or transaction without the apparent means to support it, is certainly a red flag.

Jan-Mar 2015 Issue

KPMG