• Search Results
  • Audit
    • Tax
    • Advisory (including legal)

    Sunday 18 August 2019

    Guarding your business against third-party risk

    Business partner compliance – also known as business partner due diligence or third-party risk management – can help avoid reputational and financial damage.

    Companies increasingly interact with business partners around the globe. As a result, they often need to trust suppliers, clients, partners or other third parties, without having any detailed background knowledge of the organisations concerned.

    So how well do you really know your business partners?

    Business partner compliance is about protecting your company from possible business risks arising from dealing with a third party. Without such an examination of existing and potential business partners, companies face the risk of loss of reputation or violation of regulatory requirements such as the Foreign Corrupt Practices Act (FCPA), the UK Bribery Act (UKBA) or the fourth EU Money Laundering Directive.

    Categorising risks

    Before doing business with a third party, potential risks can be classified on the basis of a number of different factors, including:

    • personnel and company history
    • products and markets
    • the countries in which the third party is located and does business
    • planned transactions 

    Companies can then allocate their various business partners to different risk categories, according to these risk factors. For example, a business partner located in an offshore tax territory might be categorised as high risk – or ‘red’, according to a ‘traffic light’ system.


    The good news is that there is a range of different providers offering technical solutions to mitigate business risks by monitoring third parties in a simple way. These enable any company to determine the potential business risks of working with a prospective business partner with just a few clicks.

    These technical solutions typically rely on monitoring of sanctions on political exposed persons (PEPs), ‘blacklists’ and watch lists, complemented by further sources like LexisNexis, info4c and Google.

    This type of automatic business partner check can offer reliable protection against corruption or payment default, significantly reduces the workload involved in fulfilling the monitoring obligations of the management team and provides appropriate documentation that can help to limit the company’s liability in the event of something going wrong. Furthermore, it enables a transparent and traceable process and prevents multiple checks of the same person or company. Depending on the setting the tool can automatically check your already approved business partner on a regular basis.

    The best tool for your company will mainly depend on the number of business partners you have. After a risk assessment you can then decide who to screen initially and then on an ongoing basis. You will also need to consider data protection issues when selecting the right tool. Some business partner compliance tools are cloud solutions, such as GAN Integrity and other tools are able to run on a company’s servers, for example Compliance Solutions.

    For more information, contact:

    Christian Parsow or Kim-Mara Flier
    Ebner Stolz Köln, Germany
    T: +49 221 20643-494
    E: christian.parsow@ebnerstolz.de
    E: kim-mara.flier@ebnerstolz.de

    Back to top