The third party assessment module acts as a control center and automatically highlights the appropriate process to apply to different third parties.
The new third party is qualified in advance (company name, type of third party, SIRET number, information on the proposed contract, etc.). This information can be entered manually or automatically populated through integration with another tool in your organization. A deduplication process ensures that no similar third party is already registered in the database.
A first level of analysis categorizes the third party's risk level. This pre-analysis takes into account the specificities of your organization.
Ensure regular communication with all stakeholders through indicators and reporting covering the different stages of your third party integrity assessment system and enabling you to evaluate and manage the risk levels of your organization's third parties.
When more advanced due diligence is required, a screening of the third party is performed, compatible with various market screening providers.
Through an API connection system, a large amount of data on the third party is retrieved, particularly regarding its beneficial owners and executives.
A questionnaire can also be sent directly to the third party, in a completely secure manner. This questionnaire is 100% customizable to adapt to your organization's context (questions, useful attachments, signatures, etc.), the type of third party (supplier, customer, sponsorship or patronage beneficiary, etc.), and their language.
The requester verifies the information and can implement mitigation measures. Depending on the case, requests are escalated to compliance teams so they can decide on the validation or rejection of the third party.
Ensure the centralization of information and documents relating to a third party, from the main documents submitted by the requester, information requested from the third party (K-Bis, organizational chart, etc.), analyses and evidence attesting to the compliance review performed by the Compliance team, to the results of screenings performed by external tools automatically retrieved via API.
Configurez votre espace de travail en personnalisant les champs, la confidentialité et le niveau d’information, avec la possibilité d’ajouter, de supprimer ou de renommer des champs décrivant les évaluations de l’intégrité de vos tiers, tout en définissant des champs obligatoires et en créant des liens avec des référentiels (niveaux de risques, type de tiers, pays sous sanctions économiques,..).
"Une excellente coordination pour atteindre nos objectifs"
"It is a real pleasure to work with you"
"The team stands out for its great responsiveness"
"Responsive and flexible"
"The flexibility of their solution and the quality of their support"
"Values Associates was able to provide a response tailored to our needs"
"Extremely satisfied"
The recommendations of the French Anti-Corruption Agency provide an important clarification, in point 48, indicating that “the nature and depth of the assessments to be performed and the information to be collected are predetermined based on different homogeneous groups of third parties, i.e., presenting comparable risk profiles, as the corruption risk mapping allows them to be established. Thus, groups of third parties deemed low-risk or risk-free may not be subject to an assessment or may be subject to a simplified assessment, while the highest-risk groups require an in-depth assessment.”
In short, the AFA indicates that common sense recommends categorizing these third parties and, once this is done, then and only then, a technical solution can be applied.
Rather than systematically and unreasonably resorting to a screening solution, it is therefore appropriate to establish a form of control center that would determine, particularly in light of the corruption risk mapping, whether a given third party presents a low, medium, or major risk. Consequently, based on this classification, you can choose, for each third party, to apply no particular verification, to perform screening, or in an even more thorough manner, to conduct a specific audit carried out by specialists.
Company name, type of third party, SIRET number, etc., while avoiding duplicates through a deduplication process. A first level of analysis pre-categorizes the risk, taking into account the specificities of your organization.
This module, part of our Sapin 2 software suite, also facilitates system management with dynamic and real-time reporting, enabling effective communication with all stakeholders. All information and documents relating to third parties are centralized, ensuring complete and up-to-date documentation.
The third party assessment module also enables you to automatically indicate the applicable procedure for each category and to monitor the proper implementation of required due diligence.
Implementation of the solution is facilitated by bulk integration of third parties present in your databases, allowing you to subsequently make it a mandatory checkpoint for the creation of any new third party.
Benefit from a flat rate, regardless of the number of third parties to be processed and for an unlimited number of users.
Limit the use of screening tools to only situations that require it. These tools, which collect a large amount of information, are billed per query or on a flat-rate basis. However, regardless of the payment method, their cost remains relatively high. And beyond this cost, the time required to process the information provided by the screening solution must be taken into account.
The Sapin 2 law aims to prevent corruption and ensure business transparency by requiring organizations to demonstrate that they have taken reasonable measures to assess and mitigate corruption risks associated with their third parties.
The assessment criteria are linked to the specificities of each organization’s corruption risk mapping. They include by default the third party’s history regarding ethical and legal practices, relationships with public officials and the degree of interaction with government entities, as well as judicial history and verification of past litigation or convictions for financial or ethical offenses.
Specialized software exists that automates the organization’s assessment process, from data collection internally or via external databases, risk analysis based on this data, complete traceability of decisions, as well as reporting functionalities providing a consolidated and always up-to-date view of the situation within the organization.
The standard process is structured in 3 main stages:
An innovative digitalization of your third party integrity assessment system.
It all starts with a series of questions for each third party: either about fifteen standardized questions, delivered by default with the solution, or a list of customized questions, for example based on your corruption risk mapping.
The questionnaire enables automatic pre-qualification of third parties, for example into 3 categories: the least risky, to which you apply minimum due diligence: collection of K-Bis, beneficial owner, IBAN, URSSAF declaration, etc.; the moderately risky, for which you launch screening such as Refinitiv, DDIQ, etc., or to whom you send an Anti-corruption/AML/CFT questionnaire; or finally the highest risk, those for which you would perform specific due diligence, such as specialized audits.
The Values Associates third party integrity assessment module enables you to monitor your assessment process in an optimized, intuitive, collaborative, and secure manner.
