Compliance audits: Rethinking the typical audit

Georgia White

From a business perspective standard right to audit clauses add little value; they are rarely utilised, financially-focused and typically only enlivened following an allegation of some description. From a compliance perspective, however, reworking these clauses to include proactive compliance obligations can be an effective and valuable way to positively manage relationships with distributors and resellers.

A typical audit clause reads something like the following:

 

Clause 1: Right to Audit

The Distributor/Reseller shall maintain proper records and accounts in relation to Distributor’s/Reseller’s use of product X. Upon seven (7) days written notice, Supplier Y (or its authorised agent) may conduct an inspection and audit all relevant facilities and records of the Distributor/Reseller to verify compliance with obligations under this Agreement. Such audit is to be conducted in business hours at Supplier Y’s own expense and in such a manner as not to unreasonably interfere with Distributor’s/Reseller’s normal business activity.

 

Some of the reasons distribution channels push back on compliance audit provisions include that they are insufficiently tailored and poorly defined, or they are ‘catch-all’ audit provisions that include a client’s right to examine every record the distributor or reseller maintains. These types of clauses represent little value for both the client and the business partner.

Taking a step back, this is inconsistent with the objectives of a compliance audit. Compliance audits should be aimed at engaging business partners to participate in compliance initiatives proactively, whether by way of interview or discussion, integrity circles or forums, or health checks or periodic reviews. They should be supplemented by the occasional sample transaction analysis involving the business partner’s dealings on behalf of the client.

An effective compliance audit clause could read:

 

Clause 2: Right to Audit and Compliance Engagement

In addition to maintaining proper records and accounts in relation to Distributor’s/Reseller’s use of product X, Distributor/Reseller will participate in compliance health checks and periodic reviews, and attend integrity circles and forums on a regular basis as required by Supplier Y. In the event of an allegation of misconduct, upon seven (7) days written notice Supplier Y (or its authorised agent) may conduct an inspection and audit all relevant facilities and records of the Distributor/Reseller to verify compliance with obligations under this Agreement. Such audit is to be conducted in business hours at Supplier Y’s own expense and in such a manner as not to unreasonably interfere with Distributor’s/Reseller’s normal business activity.

 

In the event of an allegation of misconduct, it is important to keep the ability to access records

While some distributors and resellers may view this obligation as a mild annoyance, honest and compliant business partners will support such an initiative because they too appreciate the risks associated with product diversion and unethical behaviour. Proactively engaging in compliance is win–win for your company and your distributors and resellers. This approach to channel management can help maintain the integrity of relationships with your distributors and resellers and facilitate open and transparent lines of communication.

Proactive engagement with compliance audits can actually help protect margins and grow profit by mitigating risk and ensuring vigilance from all parties about counterfeit and grey market channels. Compliant distributors and resellers can in turn benefit from this process by receiving valuable feedback about any gaps or shortcomings in their internal operations and using the audit to openly communicate any concerns in the relationship.

How do I gain buy-in from business partners?

While new partners may readily accept compliance audit provisions in order to win your business, it is likely that you will face resistance from existing business partners, particularly larger partners, about inserting additional obligations into your contractual agreements. For an effective distributor and reseller risk-management programme, compliance audits should apply to new and existing partners alike.

In order to gain buy-in, it is important to communicate clearly with your business partners and educate them on the value of this kind of proactive exchange on compliance issues during business planning sessions. This might involve incorporating a compliance health check or integrity circle component to your annual business discussions with distributors and resellers.

In addition, any change to contract documentation should be accompanied by an explanation to the business partner that clearly sets out what the change means and what is expected of the partner.

When should I add compliance obligations to existing contracts?

To maintain positive relationships with existing business partners it is important to consider the timing of any proposed changes to existing contractual provisions. The below list provides some suggested opportunities to start discussions with your existing business partners.

Contract renewal cycles

It is likely that there will be several terms up for discussion during the renegotiation of a contract. This is a good opportunity to raise compliance obligations into your audit provisions as business partners are less likely to invoke suspicion that this is a ‘targeted’ requirement if it is part of the larger contract-negotiation process.

Annual business-planning sessions

A business-planning session with your business partner provides a good chance to discuss best-practice strategy and introduce the possibility of proactive compliance auditing for the relationship going forward, as the relationship will be up for discussion in any case.

Company-wide annual distributor or reseller meetings

Inviting all your distributors or resellers together to initiate enterprise-wide change reduces the likelihood of business partners perceiving that they are being targeted for misbehaviour. The chance of buy-in is increased if it is perceived that other competitors are already actively engaging with you in this manner.

 

If you are particularly concerned about the high risk presented by one of your business partners or the environment they are operating in and you don’t feel comfortable waiting for one of the above opportunities, consider introducing the proposed change in tandem with a benefit that is being rolled out to the business partner (for example marketing funds, a discount or extra support) so that there is a perceived mutual benefit arising out of the proposed change.

It is valuable for both you and your business partners to engage in open dialogue on compliance issues. It is even more valuable if this occurs early on between business executives, rather than between lawyers after something has gone wrong.

It is also important to scale your expectations around engagement with compliance audits in accordance with the maturity of the particular business partner’s compliance programme (if they have one), their size and location, and the role they perform on behalf of your company as a member of your distribution channel.

Need help?

Effective compliance audits require resources. For particularly-sensitive or larger distributors and resellers it is often easier and more economical to engage the assistance of a third-party specialist to carry out compliance audits on your behalf. This allows the third party to play ‘bad cop’ and point out any shortcomings within the distributor or reseller programme without jeopardising your hard-earned good relationship with business partners.

In today’s world it is possible to outsource almost everything except your own risk. Regulators are increasingly attributing liability for third-party actions back to companies, and this risk needs to be managed. Developing a robust distributor and reseller risk-management programme through due diligence and vigorous on-boarding procedures is a good start. However, to ensure best-practice results you should also think about monitoring relationships through proactive compliance audits.

 

Georgia White, Consultant – Due Diligence at The Red Flag Group, is an Australian corporate and commercial lawyer who manages complex bespoke due diligence projects. Georgia’s expertise includes providing advice on third party risk-management solutions, investigations, due diligence analyses, and risk recommendations and remediation steps.

 

 

Previous Article
Investigations: getting on the front foot
Investigations: getting on the front foot

Companies involved in consumer-focused products or that have well-known brands need to change the way that ...

Next Article
Employee candidate integrity – do you know who you are hiring?
Employee candidate integrity – do you know who you are hiring?

Finding such people can be a drawn-out process and can also be extremely costly. Considering the effort put...

×

Subscribe to The Red Flag Group Insights

First Name
Last Name
Job Title
Company
!
Thanks for subscribing
Error - something went wrong!