Skip to main content

The ethiXbase Auto Bribery and Corruption Questionnaire (ABCQ)

Simon Forey
Updated

PRODUCT OVERVIEW 

Anti-Bribery & Corruption (ABAC) Due Diligence Questionnaire (DDQ) module combines the best of both worlds – a comprehensive risk assessment and an intuitive platform that automates our client’s workflows and consolidates their third-party compliance data.  

It automates the sending, receiving, interpretation of the due diligence questionnaires. It triggers processes based on the answers to the DDQ.   

The questionnaire provides a comprehensive assessment of the third party’s ownership and management, government connections, compliance history, services offered and data protection measures to ensure that the organization is able to identify any gaps in your third party’s policy, procedures, processes or documentation.  

The idea is to safeguard the organization from bribery and corruption risk as part of the holistic risk management, mitigation and monitoring offered by the ethiXbase 360 platform. 

CHALLENGES FACED BY OUR CLIENTS  

  • The time and resources required to gather evidence that the third-party entity name, management and shareholders have not been involved in bribery and corruption but more importantly are aware of how to put in place ABC standards.  
  • The manual sending of DDQs followed by the chasing and then collating of all the information is time consuming and no one in the business wants to do that work. We can automate all of that.  
  • Businesses are expected to take a consistent approach to risk, automating the interpretation of the DDQs achieves this goal. 
  • Achieving good governance at a global level is impossible when each regional team has access to a Word version of the DDQ and can send at any time. Moving to an online version corrects this situation. 

 

 

PRODUCT FEATURES  

  • Multi-lingual capabilities to cater to the different regions  
  • Customization of the DDQ 
  • Ability to configure report by questions 
  • Our questionnaire is not binary yes/no questions 

PRODUCT BENEFITS  

  • Our questionnaire is not binary yes/no questions.  This means the data is not static - and there is a follow up and ability to track progression.  This will be the biggest sales point of this aspect of the platform.  The ability to demonstrate significant reduction in manual effort. 
  • Names mentioned on the DDQ (shareholders and stakeholders) can be automatically extracted and screened against Sanctions and media as well as ongoing monitoring (OGM) 
  • Ability to follow up – for example: do you have a Code of Conduct (CoC) – if no, alert or offer a version of a CoC for the third party to download and distribute internally and then showcase to the client that they have done so  
  • Ability to configure report by questions.   
  • Governance and control – you can guarantee that all regions of your business are using the approved version of the DDQ  
  • You can automatically send it based on predefined criteria so only the relevant third parties receive it 
  • You can automatically follow up with the third parties if they don’t respond.  
  • It is all stored in a single location (our platform) for later audit and evidence.  
  • Answers can be automatically interpreted and used as a trigger for other processes in the workflow.  
  • Risk can be automatically calculated.  
  • Evidence, certificates and other documentations can all be attached to the DDQ by the third parties.  
  • The client can customise and use their own DDQ to provide flexibility for the clients and ensure the DDQ is relevant to the risk appetite.  

WHY WE WIN  

  • The DDQ provides a comprehensive assessment of the third party’s ownership and management, government connections, compliance history, services offered, and data protection measures to ensure that the organization is able to identify any gaps in their third party’s policy, procedures, processes or documentation. 
  • We have an intuitive platform that automates the end-to-end workflows and consolidates the clients’ third-party compliance data. 
  • End-to-end process of automating the sending, receiving, interpretation of due diligence questionnaires. Trigger processes based on the answers to the DDQ. 
  • The idea is to help our clients safeguard their organization from bribery and corruption risk.  
  • Can integrate the DDQ with the EDD to deliver the Executive Summary product also. 

 

OUR COMPETITION 

How our product different from our competition? What are its USPs? 

  • Our DDQs offer multi-lingual capabilities to cater to the different regions. 
  • Our questionnaire is not binary yes/no questions. 

 

Key differentiators for our solution include: 

  • Configurable, customizable  
  • Risk-Based 
  • Cost-Effective 

 

Who are the market leaders? 

Exiger, Ecovadis, Steele compliance, GAN Integrity 

 

Who is our competition? 

As per the above, different vendors provide different types of services. We have the best end-to-end platform on the market. 

 

PRODUCT WEAKNESSES & PAIN POINTS 

  • Third parties might not always respond. But ethiXbase can provide a managed service to follow up with the third parties.  
  • The client has no control of the form and questions. If they want to change anything, they have to come through us  
  • A third party that works with several of our customers might get into log in issues (email has to be unique) 
  • Too expensive if the client only wants to send a few hundred DDQs 
  • Too expensive if the client wants to do multiple languages and a customized DDQ 

What have the main issues been when our clients use this product? 

  • Not receiving the log-in credentials (the initial email was either marked as SPAM or it bounced-back); Some companies are blocking the DDQ portal internally.  
  • Unable to access the questionnaire, not using the proper internet browser. 
  • The log-in credentials are not working (the user needed to clear their browser’s cache). 
  • The users forget their password / Password incorrect (manually reset the password by clicking the “Forgot password” button). 
  • The recipient of the email with the log-in credentials is not the appropriate person to complete the DDQ (the contact needs to be changed). 
  • The options from the DDQ’s drop-down lists did not accurately reflect/did not apply to the Third Party’s business profile (we then recommend adding N/A).  
  • The users cannot submit the DDQ due to missing answers for a mandatory question/section and that respective question is not flagged/highlighted.  
  • Using a similar email address for the DDQ to multiple third parties for some of the following scenarios: tri-party agreements, organization branches, mergers and acquisitions etc. 
  • Self-service tools (ability to update e-mail, re-send DDQ, follow-up incomplete DDQs, report creation) 

Comments

0 comments

Please sign in to leave a comment.