Our third-party risk management services are designed to assist clients in identifying and prioritizing higher risk business relationships, implementing and enhancing overall due diligence processes and protocols as well as performing customized integrity due diligence on third parties based on varying levels of risk. Clients can have the additional benefit of an objective and independent perspective from an established global network of member firms that includes more than 2,500 forensic professionals. Our approach to helping organizations address third-party risk is informed by and responsive to a variety of globalization issues as well as regulatory compliance-drivers, including the U.S. Foreign Corrupt Practices Act (FCPA), the UK Anti-Bribery Act, anti-money laundering provisions of the USA PATRIOT Act, securities and exchange regulations, as well as - consumer- and data-protection regulations globally.
Failure to adequately assess agents, distributors, consultants, business partners, logistics intermediaries and other third-party intermediaries (TPIs) to identify how they operate and the individuals standing behind the organization can expose businesses to reputational damage, operational risk, and government investigations as well as significant monetary penalties and potential criminal liability.
Does your organization:
- Adequately manage the risks of increasing globalization and dependencies on distant and often unfamiliar business partners and vendors
- Struggle with the increasing complexity of supply and distribution channels
- Need help assessing reputational, regulatory and jurisdictional risk
Globalization and increasing regulatory pressures require organizations to examine their business relationships in order to assess risk, make informed decisions, and comply with laws.
A risk-based approach
KPMG International’s member firms help global companies address the risks associated with third-party intermediaries by:
- Assisting in identifying the universe of third-party relationships and bifurcating that universe based on risk to identify those that would be in scope for further evaluation and assessment.
- Advising on the implementation and enhancement of third party risk management processes and protocols for in scope TPIs (new and existing) to determine and focus on those relationships where further integrity due diligence may be required
- Performing appropriate and risk-based integrity due diligence to obtain critical information for evaluating and managing business risk related to third parties.
- Providing ongoing monitoring of certain TPIs based on certain criteria.
We provide insights to identify the appropriate level of integrity due diligence required for TPIs based on such factors as jurisdictional risk, nature of the industry and service provided, and the importance of the relationship. Our professionals can craft approaches to create cost-efficient, timely, and responsive reporting.
Web-enabled integrity due diligence
Astrus KPMG LLP's secure online integrity due diligence solution, provides a robust and cost-efficient way to obtain information and assess risks associated with customers, agents, distributors, joint venture partners, logistics intermediaries and other partners. Leveraging Astrus, clients can access data from multiple data sources in multiple jurisdictions to obtain a clear and concise summary of key findings and possible risks using indicators that are determined in consultation with member firms’ clients to help provide a consistent measurement of relevant integrity risks. By leveraging KPMG's overall approach to third-party risk management, which includes integrity due diligence, clients are able to identify non-transparent risks that may not be revealed by financial and legal due diligence alone.