Richard L. Cassin Publisher and Editor

Andy Spalding Senior Editor

Jessica Tillipman Senior Editor

Elizabeth K. Spahn Editor Emeritus

Cody Worthington Contributing Editor

Julie DiMauro Contributing Editor

Thomas Fox Contributing Editor

Marc Alain Bohn Contributing Editor

Bill Waite Contributing Editor

Shruti J. Shah Contributing Editor

Russell A. Stamets Contributing Editor

Richard Bistrong Contributing Editor 

Eric Carlson Contributing Editor

Bill Steinman Contributing Editor

Aarti Maharaj Contributing Editor

FCPA Blog Daily News

« SEC files amicus brief to expand employee whistleblower protection | Main | Official Trailer -- In Plain Sight: Stories of Hope and Freedom »

Parental controls: Anti-corruption compliance programs for joint ventures, subsidiaries and franchisees (Part 4)

In this fourth of eight installments, we look at risk assessments and mitigation measures for joint venture (JV) interests. You can find Parts One, Two, and Three here.

Risk assessments are an important tool for JVs to understand their compliance risks better and for parent companies to monitor those risks and mitigation measures.

Some companies find it useful to consider risk in terms of the following four steps:

  • Inherent/gross risk to JV (based mostly on the JV's industry and geography).
  • Mitigated/net risk to JV (based on the JV's controls).
  • Inherent risk to the parent company.
  • Mitigated risk to the parent.

Ultimately, only the last one matters to the parent, but understanding the first three can be critical to assessing and controlling risk to the parent effectively.

The first two of these steps essentially involve traditional risk assessment. The third -- the inherent risk the parent company faces –- is  much less traditional in nature, and we recommend that you consider the following types of risk:

  • Reputational impact, which can vary by the nature of the business, including risks arising from the possibility that the parent can be seen as controlling the JV, even where it doesn’t.
  • Amount of investment.
  • Strategic importance (e.g., is the subsidiary part of the parent’s supply or distribution chain?)

The outcome of this assessment guides the fourth step, both in terms of designing appropriate measures at the parent level (e.g., mitigating the strategic importance of a JV for high-risk entities) and those at the JV level (i.e., the second step).

With respect to the latter, a parent company might assist the JV with recommended action items, which can be general (e.g., senior management compliance and ethics training, due diligence on the JV's third parties) or risk-area specific (e.g., safety, corruption, responsible sourcing).  

Parents should also consider annual certifications from the JVs and following up with audits. Where a parent has a large number of JVs, technology can help manage these processes.

Parent companies should consider periodically training board members and seconded employees on key compliance and ethics issues, including regarding overall C&E processes and those risk areas that are of particular significance to the JV. 

Where a parent company is assisting JVs with compliance, it is important that the individuals involved in this work (e.g., from the parent’s compliance, law or finance departments) have clearly defined responsibilities and (possibly) incentives.

Otherwise, their JV-related duties might be neglected in favor of their "day jobs."


Jeffrey M. Kaplan and Rebecca Walker are partners in Kaplan & Walker LLP.