Click here to subscribe to an e-mail digest of The Forensic Brief blog.
By Ted Acosta
One of the most significant developments in FCPA compliance for life sciences companies is the broadening of expectations on the part of government prosecutors and regulators of the level of compliance due diligence and oversight that companies need to exercise over the third parties with whom they do business around world.
Specifically, companies appear to be increasingly asked to look more closely at the degree of inquiry they perform on the third parties that they intend to retain, but also at the third parties’ own capability to do business in a manner that resembles the company’s compliance standards and obligations under FCPA. In practice, this can be even a larger undertaking because it may typically necessitate a look at not just new third parties, but the entire existing portfolio of relationships. For life sciences companies, the number of third parties is often in the tens of thousands. If one includes health care professionals (HCPs), the numbers rise quickly into the millions of third parties.
Having a sound, comprehensive methodology to assess the population of third parties that should come within the scope of such a project is essential. Bringing together the expertise and resources even at major companies is not simple, however. A project of this nature can take a few months to kick off and implement, but it does not have to tie down the organization or require a prohibitive investment. Using the data and tools already in existence, a company can handle this task somewhat swiftly and effectively. It just need to know where to look and how to assess the relationships. A company must also engage the business from inception, as it is the people around the world who rely upon and utilize these third parties. Thus, change management is, too, essential to the process.
The views expressed herein are those of the author and do not necessarily reflect the views of Ernst & Young.