Greater enforcement of Anti-Bribery and Anti- Corruption (ABAC) laws around the world have increased the scope of corporate compliance department responsibilities. A major element of any corporate ABAC program involves the performance of due diligence on third-party intermediaries. And for good reason, regulators routinely uncover evidence that a corrupt act was committed by an intermediary acting on the company’s behalf, both with and without the company’s knowledge. According to an analysis conducted by Foreign Corrupt Practices Clearing House, more than 90% of investiga-tions and enforcement activity related to FCPA bribery cases over the past ten years involved a third-party.

Performing risk-based due diligence on intermediaries has become a critical practice for companies to confidently mitigate third-party risks. While all misconduct cannot be eliminated through a compliance program, ABAC enforcement entities consistently emphasize that due diligence is key to a well-designed and effective compliance program. Assigning the appropriate level of due diligence for the company’s third parties requires assessing risks objectively and systematically. In order to build a credible and practical risk model, company executives must understand concretely how the company operates across its business units, regions, and subsidiaries.