Third parties (3Ps) can be valuable partners, providing competitive advantage through the supply chain and access to opportunities and markets. However, it is well known that 3Ps can expose businesses to bribery and other regulatory risks, with the OECD’s 2014 Foreign Bribery Report stating that 75% of the bribery cases it examined were carried out by third party intermediaries. Whilst most legal and compliance professionals, and to varying extents our business colleagues, understand this risk, managing 3Ps is a daunting task for those implementing a new 3P risk management process, and an on-going and challenging one for those further along the journey.
REUTERS | Global Creative Services (no copyright)
March 25, 2019
How to eat the ‘Third Party Elephant’: the first step in effective third party risk management
REUTERS | Nikola Solic
March 21, 2019
Combating bullying in the legal workplace
At LawCare we often receive calls to our helpline from lawyers who are being bullied at work. Calls about bullying and harassment nearly doubled last year. This is not to say that more bullying is taking place, it’s more likely that there is greater awareness about unacceptable workplace behaviour.
REUTERS |
March 18, 2019
Whistleblowing: value in the voice
Services of all types are increasingly moving to digital focused offerings. It is a trend that has reached the world of whistleblowing across many companies, with employees now being offered the opportunity to speak-up via digital platforms such as email, a website or using apps on their mobile phones.
Having a variety of whistleblowing routes available is a good thing; however, with the offering of these digital platforms it is important to remember that there is still ‘value in the voice’. Telephone reporting still has its place and a shift to digital-only reporting could have a negative impact not only on the quality of reports but also on the willingness of employees to speak-up.
REUTERS | Kevin Lamarque
March 4, 2019
Brexit: February 2019 round-up
On 26 February 2019, the Prime Minister gave a statement to the House of Commons (HoC) in which she confirmed that a second meaningful vote on her Brexit deal would take place no later than 12 March 2019. Guidance on no-deal Brexit planning continued to be published throughout February.
REUTERS | Vasily Fedosenko
March 1, 2019
Privacy and cybersecurity: Spring agenda 2019
We have had a blockbuster twelve months in privacy and cybersecurity which saw the arrivals of the General Data Protection Regulation (GDPR), Data Protection Act 2018 (DPA 2018) and the Network and Information Security Directive (NIS Directive).
As we approach the first anniversaries of those transformative pieces of regulation, the horizon is now dominated by the confusion and complexity of Brexit. Continue reading
REUTERS | Phil Noble
February 25, 2019
What’s on the agenda for in-house lawyers in March 2019?
With the UK scheduled to leave the EU on 29 March 2019, Brexit planning remains paramount for in-house lawyers this month. Nevertheless, they should also be keeping abreast of developments in corporate governance, environmental reporting and gender pay gap reporting.
REUTERS | Kai Pfaffenbach
PLC Magazine recently published a thought-provoking article, Data protection: privacy by (re)design, by Sylvain Magdinier and Claire Walsh of Marshall Denning. The piece provides a thorough analysis of one of the most challenging concepts of the EU General Data Protection Regulation (GDPR), privacy by design (PbD) under Article 25. Continue reading
REUTERS | Global Creative Services (no copyright)
February 11, 2019
5 critical questions to ask about your third-party management system
When was the last time you thought through your third-party management and due diligence process? Perhaps you inherited a system that was in place when you arrived, and you’ve never changed it. Perhaps you’re trying to manage it on an Excel sheet. Perhaps you know it’s a problem, but you’ve never actually done anything about it…
Considering that the vast majority of bribery cases involve a third-party intermediary, and one-in-two global enforcement actions involved a third-party, your third-party risk management programme is a crucial part of your compliance programme.
Is your current third-party risk management and due diligence system up-to-scratch? Here are five questions you should be asking yourself to find out.
REUTERS | Corbis
February 7, 2019
A mouse’s tale of a whistleblower
A long time ago there was a mouse living comfortably in the land of cheese. He was employed by a big multinational. The mouse was hard working and valued integrity, loyalty and respect most. The mouse was a real stand-up mouse, a mouse prepared to go the extra mile.
The mouse was consistently trying to maintain the integrity of his company, an important aspect of his job and his character. To his shock, he became aware of a serious wrong doing. This wrong doing was so far reaching, it was sure to lead to imprisonment and/or severe monetary penalties. This was a key part of the mouse’s obligatory compliance training, which included fraud, bribery, corruption and money laundering.
What should the mouse do? Continue reading
REUTERS | Mike Blake
February 6, 2019
Collapse of Patisserie Valerie offers some key lessons for non-executive directors and board members
On 22 January 2019, Patisserie Valerie announced that it had failed to secure an extension to its lending facilities and that it was to enter administration. Patisserie Valerie is the latest high-profile company to collapse because of fraud and inaccurate data. The case raises some of the same issues as the failure of Carillion, namely:
- Quality of the audit work performed by the external auditors.
- Lack of strong internal controls.
- Poor governance.