The Red Flag Group®
Change management for CCOs

Managing the business and legal risks of working with third parties

Managing the business and legal risks of working with third parties

MedTech Strategist Article - Juliet Lui, The Red Flag Group and Mark Farrar, Thomas Hauser, Guidehouse

In the eyes of the law, third parties - suppliers, distributors, and other business partners - are considered an extension of your company, so it's in your company's best interest to build third-party due diligence into your compliance programme.

Right now, every business story is a COVID-19 story; the pandemic has called into question business models from higher education to healthcare (do we ever need to go to the doctor's office again for routine things, or will telehealth suffice?) and has disrupted day to day business operations.

Business travel has largely ceased and entire countries remain closed to travelers. Suppliers have temporarily shut down, and companies are casting about for alternative supply chains, while the pandemic-related high demand of some categories (ventilators and other respiratory equipment, for example) has companies and providers looking to new sources to augment supplies.

Some companies serving healthcare segments where there is, currently, little demand (elective orthopedic procedures, for example) are temporarily switching their manufacturing operations in order to provide items vital to pandemic patients. This all represents rapid change and new kinds of risk.

No matter what size a company is, chances are that it is engaging with some third-party partners such as business consultants, distributors, sales agents, custom agents, contractors, or others. Ethically and legally, organisations are held responsible for the compliance of third-party partners as an extension of the company that has hired them.

Even without the threat of headline-rocking scandals, as part of your supply chain, third parties can significantly jeopardize your business and interests - and potentially the healthcare system, or worse, patient lives.

In fact, in the past three decades, most of the high-profile corruption cases in which life sciences corporations faced serious indictment charges - and hundreds of millions, even billions of dollars in fines and penalties - involved third parties that performed the majority of the wrongdoing. (Editor's note: To name only one example among many, perhaps the most significant in the healthcare space, third parties acting on behalf of Siemens around the world were involved in paying bribes and inflating prices. Siemens was prosecuted under the Foreign Corruption Practice Act, and paid more than $1.6 billion in fines, penalties and disgorgement of profits.)

Whether your entire team is unaware of the unethical practices of third parties, or someone internally is directing them, your management and executive team will be held accountable for their transgressions.

Download this paper to read more on best practices and key considerations for creating and managing a third-party due diligence programme.