Organisations Must Better Regulate their Channel Partner’s Sales
Having spent the last fifteen years in the compliance industry offering companies solutions to complete their due diligence, I came to the realisation that compliance around channel partners’ sales methods has to be more of a focus for most companies. There have been far too many occasions where I have seen and spoken to compliance officers who were satisfied with receiving 10 clean reports of their 10 highest risk intermediaries. I believe that all these reports provide is a false sense of security due to their reliance on public databases. Unfortunately, even though many CCOs realise that the main risk channel partners pose is selling their products or services in a non-compliant way, not much time is dedicated to reducing it.
If this is your biggest risk, do you spend the most amount of your time trying to address it?
How most compliance teams are managing their channel partners’ sales methods?
Even after witnessing harsh penalties being handed down by governments throughout the world the past few years for negligence, many companies still rely on basic public information when conducting their due diligence. While they may pay for more in-depth standard due diligence reports on high-risk intermediaries, they very often don't provide this same level of effort or attention to their channel partners. Yet the way that these channel partners interact with your customers is typically the largest risk to any company.
I have often found that organisations which do put forth the required effort to pay for the higher costing standard due diligence reports, very rarely conduct truly effective testing of their channel partners in the form of independent auditing. How would an organisation know how their channel partners are running their business, particularly in areas like their sub dealers and sub-contractors, by relying on reports that gather their information solely from public sources? The only way to truly gauge the risk a channel partner is posing to your organisation it by putting feet on the ground in their office, getting a handle on their financials, and testing them on their compliance expertise, knowledge and focus.
Why organisations need to be auditing their channel partners
Ask any compliance officer of a company that has a large sales force, what presents the largest risk to their organisation? I am certain they will respond to you that it’s sales compliance. This is mostly because it is the area where there is the largest risk of undue solicitations from external parties. This risk obviously applies to your channel partners as well, who are essentially acting as sales intermediaries. They present even more risk than your internal team though because they are not under your control, are typically payed commission fees, and the same level of effort to ensure that they are compliant with your organisation’s code of conduct does not exist.
Sales also have a large list of obligations to comply with that further increase their risk such as internal policies, best practices, laws, regulations, the company code of conduct and their channel contracts. These specific obligations can extend to cover various activities including:
~ selling in ways that are misrepresentative
~ selling outside the jurisdiction
~ selling products to the wrong people
~ selling products or providing services with unexplained and unwarranted discounts
~ selling products in ways with inflated pricing determined to adjust a market
~ selling products on the condition that another product is bundled and purchased
~ selling products with a side letter promising something of value
These are just a few of the many concerns that companies in sales and the channels have around compliance. But it begs the question, if it is your biggest risk doesn't validating compliance with an independent audit seem like a fundamental obligation?
Including independent audits in your due diligence
I am not here to advocate against the use of standard due diligence, in fact I think that they are a great tool for gauging broader risk to your organisations from low to medium risk channel partners. However, the strategy for high-risk partners needs to be reviewed because these reports simply cannot gauge the most critical risk factors, like how these partners are selling your products or services.
Organisations have to make sure they actually understand and test the compliance knowledge and programmes of their partners. This can be done through audits that not only review procedures, but also interview key staff members and analyse critical records.
In my experience, cases will arise where your intermediary pushes back against your audit, refusing to give you access to such procedures or interviews with top management representatives. You must realise as compliance officer though that if they are not willing to provide such minimal effort, then you should seriously re-think whether they are worth the risk as a channel partner.
Re-thinking compliance best practices
I believe that conducting audits of your most at-risk channel partners needs to become the new industry standard and not just something supplementary that organisations may choose to do. This becomes all the more obvious when considering the high risks that they pose (particularly in relation to their sales methods) and the lack of information depth that the widely adopted standard due diligence can truly provide. Though it might be easier to continue with the same annual due diligence plan which offers little in terms of insights, doing so is just plain negligent.
by Scott Lane
President, ETHIC Intelligence®