Strategies for Conducting Due Diligence on
Third-Parties
Key Questions to Be Addressed:
• How to construct effective global due diligence programs across both
developing and emerging markets
• Evaluate best practices for the authentication and monitoring of third-party
individuals and entities
• Examine best practices for investigating reports of compliance violations by
third parties, or their sub-contractors
1
Why the concern with third parties?
• Less control and visibility of their work and records
• May not have strong internal controls
• Potentially divergent business interests
• Potential conflicts of interest (e.g., former employee owned)
• May delegate work to a sub-contractor
• Direct interactions with government officials (esp. ex-U.S.)
• Easier to disclaim knowledge of wrongdoing
• Limited options for third parties in riskier markets & specialized
businesses
2
Which third parties should I be concerned about?
•
•
•
•
•
•
Distributors/Wholesalers (including Specialty Pharmacies)
Travel Agencies
HCPs/Professional Service Providers
Clinical Research Organizations
Manufacturers/Suppliers
Vendors
3
Top Ten Third Party Due Diligence Program Needs :
 Support and Buy-In of Senior Executives and the Board
 Internal Due Diligence Policy & Forms
• Business justification
• Statement of Work
• Proposed Relationship
• Proposed Compensation Structure (retainer, success fee, commission)
 Due Diligence Questionnaire for Third Parties (to be discussed)
 Risk Ranking Based on Assessment (low, medium, high) (to be discussed)
 Basic versus Enhanced Review
 Due Diligence Investigation of Red Flags (to be discussed)
4
Top Ten Third Party Due Diligence Program Needs (cont’d):
 Protective Contracting Terms
•
•
•
•
•
ABAC Provisions
Monitoring & Auditing Rights
Training
Code of Conduct, Policies & Procedures
Certifications
 Documented Paper Trail (records)
 Third Party Monitoring & Auditing
 Ongoing Evaluation & Improvement
5
Key Elements of the Third Party Due Diligence Questionnaire:
1.
2.
3.
4.
5.
6.
7.
8.
Ownership & Management
Relationship with Government Officials (ex-US, could include any HCP)
Type of Services Provided (Straight buy-sell vs. Contracted Sales Force)
Location of Services to be Provided
Extent of Services (to what degree, autonomy, etc)
Business Background/Experience
Business References
Conflicts of Interest (Competitors; Family Ownership)
6
Risk Factors
1.
2.
3.
4.
5.
6.
7.
8.
9.
Geographic location (High corruption index; Advanced regulation/enforcement)
Industry
Distribution to Government Officials/Agencies (directly? Indirectly?)
Value of contract (high dollar amount)
Proposed Compensation Structure (fee-for-service, commission, salary)
Financial Irregularities (Typical? Cash vs. Pre-Pay? Higher than usual? Transfer to a third party
accounts or different country)
Adverse Media Reports/Prior History (prior corruption, scandal, civil/criminal prosecutions,
media search)
Unwillingness to include contract protections (audit rights; indemnity; certifications; ABAC
provisions)
Strength of Ethics & Compliance Program (what is in place)
7
Follow up on Red Flags – Investigating Reports of Compliance Findings
•
•
•
•
•
•
•
Interviews or Follow up Questions
Enhanced Due Diligence
Contractual Provisions Addressing Red Flags to Mitigate Risks
Modification of Proposed Agreement (limit scope, adjust compensation)
Control Parties involvement
Additional anti-corruption training and Certifications
Do not commence or terminate relationship (if already hired), if needed
8
Questions?
Sumita Ray, Esquire
Former Chief Compliance Officer, Pharmacyclics
FifthRay Consulting, LLC (regulatory & compliance)
[email protected]
9