1 / 42

Advanced Case Studies in Large-scale Contract Remediation

Advanced Case Studies in Large-scale Contract Remediation. What is contract remediation? Company has a problem involving a lot of contracts Contracts must be reviewed to determine if they are affected by the problem If affected, an action must be taken to remedy the problem

ssantiago
Download Presentation

Advanced Case Studies in Large-scale Contract Remediation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Advanced Case Studies in Large-scale Contract Remediation

  2. What is contract remediation? • Company has a problem involving a lot of contracts • Contracts must be reviewed to determine if they are affected by the problem • If affected, an action must be taken to remedy the problem • For new contracts, processes must be put in place to ensure new contracts are not affected by the problem Now lets hear some real life stories . . .

  3. Contracts Remediation in the Aftermath of an FCPA Investigation Laurence Houlbert Senior Manager and Leader, Third Party ProgramPentair

  4. AGENDA • Presentation of Pentair • Third-Party Program Background & Context (Tyco days) • Third-Party Program Design • Third-Party Program Implementation – Must-Dos, Challenges, & Statistics • Contracting Remediation Process – Phases & Challenges

  5. An S&P 500 Diversified Industrial Company PENTAIR – A FEW NUMBERS ~28,000 60+ 6 $6.4 Billion ANNUAL REVENUE EMPLOYEES SERVICE CENTERS CONTINENTS ~100 500+ MANUFACTURINGFACILITIES PRODUCT LINES

  6. FOUR GLOBAL OPERATING SEGMENTS VALVES & CONTROLS FLOW & FILTRATION SOLUTIONS WATER QUALITY SYSTEMS TECHNICAL SOLUTIONS Designs, manufactures, markets, and services solutions for the toughest filtration, separation, flow, and fluid management challenges in agriculture, food and beverage processing, water supply and disposal, and a variety of industrial applications. Designs, manufactures, markets, and services valves, fittings, automation and controls, and actuators for the Energy and Industrial verticals. Designs, manufactures, markets, and services innovative water system products and solutions to meet filtration and fluid management challenges in food and beverage, water, swimming pools, and aquaculture applications. Designs, manufactures, markets, and services products that guard and protect some of the world’s most sensitive electronics and electronic equipment, as well as heat management solutions designed to provide thermal protection to temperature sensitive fluid applications, and engineered electrical and fastening products for electrical, mechanical and civil applications. 2015 SALES (BILLIONS) $1.8 2015 SALES (BILLIONS) $1.4 2015 SALES (BILLIONS) $1.4 2015 SALES (BILLIONS) $1.8

  7. FOUR GLOBAL OPERATING SEGMENTS 29% Valves & Controls 22% Flow & Filtration Solutions 21% Water Quality Systems 28% Technical Solutions $6.4B PENTAIR 2015 SALES 2015 SALES BY VERTICAL 2015 SALES BY REGION 30Residential & Commercial 27Industrial 25Energy 10 Food & Beverage 08 Infrastructure 54US & Canada 22Developing 18Western Europe 06 Other developed

  8. DELIVERING VALUE ACROSS FIVE GROWTH VERTICALS ENERGY INDUSTRIAL FOOD & BEVERAGE INFRASTRUCTURE RESIDENTIAL & COMMERCIAL We Combine Our Global Perspective and Product Expertise to Serve Customers Across Five Verticals Through Which We Go to Market • Oil & Gas • Power • Mining • Chemical/Process • Pharmaceutical • Manufacturing • Agriculture • Aquaculture • Food & Beverage Processing • Food Service • Municipal • Telecommunications & Networks • Transportation • Residential • Commercial • Recreation & Leisure

  9. Tyco scandals in early 2000 – CEO and CFO stole millions + $50m SEC settlement around FCPA violations by newly acquired company in 2003. • DOJ requirements to strengthen internal Ethics & Compliance programs. • Third Party Management Program at Tyco: • Designed by a team of dedicated employees; efforts led by the Chief Compliance Counsel. • Objective: “a comprehensive program to gain better control over the activities of third parties”. • Key to success? Top-level support from CEO, board and audit committee. • Step 1: Existing population - Assess current 3P relationships, identify high risk relationships, go through 7 qualifying steps. • Step 2: 3P Program launched in August 2009 across the company, implementation of financial controls. THIRD-PARTY PROGRAM CONTEXT

  10. October 2012 merger between Tyco Flow Control & Pentair. • DOJ non-prosecution agreement in place for Flow Control business. Due to expire Sep 2015. • Pentair’s decision to implement 3rd Party Program for Pentair globally. Program implementation date for Pentair Global: July 2013. • Program objectives for Pentair – strengthened preventive controls: • Due-Diligence – compliance risk mitigation, increased likelihood of working with ethical partners • Strong contract management – Alignment across corporate functions & operations, better protection for Pentair, reduced litigation risks THIRD-PARTY PROGRAM CONTEXT

  11. 3 determinants of risk that drive program requirements THIRD-PARTY PROGRAM DESIGN RISK PROFILE DRIVES QUALIFICATION REQUIREMENTS

  12. Steps required are defined by a Third-Party’s risk profile THIRD-PARTY PROGRAM DESIGN – RETENTION STEPS Step 1 Business Sponsor and Third Party provide retention and business information Step 3 Complete third-party training and written agreements Step 2 Third party risk assessed. If needed, investigative due diligence is performed 90 days to complete 1a – Business Sponsor form 2a – Level 1: Risk Scoring or Media Assessment 3a – Third-Party Training If required 1b – 3P questionnaire & compliance certification 2b – Level 2: Enhanced Due Diligence (EDD) 3b – Third-Party Contract Ok to transact

  13. December 2014 July 2013 July 2014 PROGRAM IMPLEMENTATION – NEW vs. EXISTING Train Business Sponsors Confirm document templates, optimize process timing Launch NEW financial controls New Train Controllers Launch EXISTING financial controls Business Sponsors / Third parties complete Written Agreements (if required) Third parties complete Anti-Bribery Certification & Training (if required) Business Sponsors confirm ownership and data in Tool Existing Remaining high-risk third parties undergoing Due Diligence investigation 100 high risk third parties were inactivated during Rationalization Forensics partner scored third parties. 664 scored high risk. Businesses identified 20,835 third parties Underway Complete

  14. Program Management/Support Infrastructure PROGRAM IMPLEMENTATION MUST-DO's • Clear communications about expectations, Tone at the Top. • Strong Training programs: • Aligned with implementation phases • On-site training sessions, target material to audience • Focus on WHY then WHAT then HOW • Active support function – Helpdesk, local 3PP resources • Alignment with each stakeholder – Business, Finance, Legal and Compliance teams: • Across GBUs, across regions • Critical during contract remediation phase • Existing third party data gathering – rationalization process: • Clear instructions, close monitoring/support to local team • Inaccurate / incomplete data may lead to incorrect evaluation of risk • In-Scope decision • IT Management: • Adequate tool to support the Program: Approval workflows, data & document tracking, reporting, data analysis • Support from IT / Database team

  15. Large scale remediation challenges • Continued awareness around the Program: • Ongoing training, address recurring issues, Helpdesk support • Leadership support vs Business and third-party push-backs • Process alignment - Each GBU operating independently; different business models, structure and leadership • Miscommunication and/or misunderstanding risk & relationships: • Relationship misclassification • Out of scope third parties submitted • Change Management process: • Correction of risk vs non-risk information (relationship, legal name) • Change of situation (business sponsors, volume of transaction, status, legal structure) • IT / Database support: • Ongoing improvement and maintenance efforts (Change Management tool) • IT Controls - user management, backup and recovery plan • Ongoing Program Maintenance: • Improvement opportunities - Alignment with business needs, simplified instructions PROGRAM CONTINUITY - CHALLENGES

  16. December 2014 PROGRAM IMPLEMENTATION - NUMBERS Today (August 2016) • Number of Active third parties decreased significantly: • Inactivation, incorrectly classifications • Evolution of Contract scope & completion %

  17. PHASES & CHALLENGES • Phase 1 – Document Collection Efforts • Identify existing contracts in place. Where are they, how do we collect them? • Identify accountable owners for contracts. • Phase 2 – Identify third parties in scope for contract • Risk focused determination, relationship types & standard agreements review • Decision to exempt some populations of third parties • Phase 3 – Scope and steps for remediation • Identify scope for remediation and wanted outcome, build workflow together with Legal • Focus on commercial, compliance risk & DOJ requirements • Phase 4 – Localization Efforts • Identify regional/country specific needs, including specific Legal requirements • Draft new agreements and/or compliance addendums, upon alignment with Legal • Phase 5 – Put in place Remediation team • Identify resources needed – internal vs external, based on available skills

  18. PHASES & CHALLENGES (Cont’d) • Phase 6 – Monitor Progress • Monitor each step, discuss progress on a regular basis, with all team members • Identify potential road blocks, address immediately (see “Challenges” below) • Discuss and re-evaluate timeline, as needed • Ongoing communications • Communicate progress & due dates to all people directly or indirectly impacted • Request active support from leadership • Challenges • Delay in sponsor’s action, particular focus on due dates • Contract language (legal entity country vs third-party country) • External partners communications & push-backs • Reconsideration of compliance verbiage needed • Ongoing change management review - ended relationships, reclassifications, etc. • Misevaluation of risk, impacting remediation scope (case by case exemption requests) • Misevaluation or disregard for GBU contracting policies

  19. 6,600 active third parties (new and existing) have a valid contract in place • Contract templates covering 12 relationship types • Standard approved templates available in 19 languages, for 42 jurisdictions • 193 standard templates in dual languages (local language & English) • Contract negotiations managed through escalation guidelines & push back options for compliance verbiage • Close collaboration between Compliance teams, regional & GBU counsels & Operations teams. CONTRACTING PROCESS - TODAY

  20. http://fcpacompliancereport.com/2011/12/tycos-seven-step-process-for-third-party-qualification/http://fcpacompliancereport.com/2011/12/tycos-seven-step-process-for-third-party-qualification/ • http://www.navigant.com/~/media/WWW/Site/Insights/Disputes%20Investigations/Tyco_Third_Party_Risk_Disputes_Investigations.pdf (Sep 2011) • http://blogs.wsj.com/riskandcompliance/2014/01/16/the-business-of-risk-scandal-prompted-tycos-compliance-turnaround/ • http://mydigimag.rrd.com/article/How+Compliance,+Ethics+%26+Leadership+Saved+Tyco/1439064/0/article.html • DOJ non-prosecution agreement: http://www.gibsondunn.com/publications/Documents/Tyco_2012_NPA.pdf AVAILABLE RESOURCES

  21. The Rules of the Game Have Changed– Now What?A Post Safe-Harbor Contract Remediation Project Jacqueline Davis Vice President & Deputy General Counsel VMware, Inc.

  22. Breaking News . . . 6 October 2015 The European Court of Justice declares “Safe Harbor” to be an invalid mechanism to protect the transfer of personal data outside of the European Economic Area Safe Harbor

  23. Inside the VMware Situation Room • End of JANUARY 2016: After this date, US companies that relied on Safe Harbor could face enforcement risk (per Article 29 Working Party) DECISION: EU Model Clauses • Like 5000+ other US companies, VMware opted for Safe-Harbor certification • Unclear if/when we’d see a Safe Harbor 2.0 (now known as Privacy Shield), leaving two choices: • EU Model Contract Clauses OR Binding Corporate Rules • Clock is ticking . . .

  24. Big Picture: A Vendor Contract Remediation Project And finally HOW? This is where the fun really begins . . .

  25. Big Picture: The Project Plan • Phased approach • Phase 1: Assessment, across all lines of business • Phase 2: Update selected vendor contracts, via amendment • Resource strategy • A combination of in house, outside counsel, and LPO resources • For external resources, leverage efficiencies from existing relationships (access, knowledge, existing team) • Heavy emphasis on LPO (extended “in house bench”) • Assign end-to-end responsibility • Goal • A comprehensive remediation effort – to serve multiple objectives

  26. Phase 1 Preparation: The In House Counsel “To-Do” List Client Focus Contract Team (or LPO) Focus Develop instructions Draft EU Model Clause Checklist Develop spreadsheet for use by reviewers Coordinate resourcing with other Legal teams (shared resources) Set project timeline (sign SOW, if applicable) Prepare & deliver training Kick-off with internal Business Clients • Identify Business Units • Secure point of contact and driverfrom each BU • Compile list of vendors, by BU (hint: leverage Finance) • With BU, identify the EU personal data each vendor is processing and how it is handled – and winnowlist • Gather relevant contracts

  27. Phase 1: Contract Review Workflow No No • Assign Vendor to “DPA/EUMC” list • No further action Yes • 2 • Are data protection terms adequate? • Review Vendor contract for data protection terms (EUMC Checklist) and complete spreadsheet • 1 • Does Vendor handle personal data? • With BU compile list of Vendors Yes • No further action • 4 • Is EUMC signed & up to date? • 3 • Determine data export mechanism vendor used • Review EUMC for compliance • (EUMC template) Yes • Assign Vendor to “EUMC” list EUMC No Safe Harbor

  28. Phase 2 Preparation: Contract Update Workflow

  29. VENDOR PROJECT Tracking Report

  30. What We Delivered # of Vendors Engaged for Amendments (Phase 2): 342 Total Time (Phases 1 & 2): 16 Weeks • Post Project Follow Ups: • Close out letters to Vendors • Repository cleanup • Contract cleanup • Vendor cleanup • Revamp new vendor process & existing vendor management process

  31. Biggest Challenges

  32. What We Learned Follow the money Anticipate the “cleanup” activities – and fold into the project plan End-to-end management by the front line team (whether LPO or internal contracts team) creates great efficiencies Critical to have an early checkpoint to assess / recalibrate With high volume, multi-phase project, it helps to break down steps into more discrete tasks (dashboard friendly), to manage tracks in parallel, and apply checkpoints and reassess priorities

  33. Managing Supplier Mergers, Spinoffs and Other Supplier Transitions Suchitra Narayen VP, Legal and Associate General Counsel Oracle

  34. Establishing a Supplier Relationship • Legal/Financial: • Financial “health check” • Contract • Legal entity structure • Tax ID • Business: • Qualifying products/services • Systems set up • Engagement between account teams, business reviews etc.

  35. Why Can’t Things Stay the Same? • Example: Avago • 1961 HP semiconductor division • 1999 spun off as part of Agilent • 2005 • Agilent division sold to form Avago Technologies • Avago I/0 division sold to PMC-Sierra • 2009 Avago buys division of Infineon • 2009 Avago acquires CynOptics • 2013 Avago acquires LSI

  36. Why Can’t Things Stay the Same? • Example: Avago cont’d • 2014 • LSI SSD controller division sold to Seagate • LSI networking division sold to Intel • Avago acquires PLX • 2015 Avago acquires Emulex • 2016 • Avago acquires Broadcom + name change • Microsemi acquires PMC-Sierra • Avago sells Emulex division to Aspeed • And this is just ONE example!

  37. Managing Supplier Transitions • Must identify and manage supplier transitions proactively • Oracle legal team and LPO monitor news/public announcements • Status updates included in regular contract updates prepared by LPO • Need to start planning BEFORE you (customer) get the formal consent to assignment from the supplier • Need to analyze and manage legal and business impact of transition

  38. Managing Supplier Transitions cont’d • 1. Whoare we dealing with • Competitor • Foreign ownership • Corporate structure and contracting entity • 2. When: Effective date for merger/spinoff • 3. How: structure of acquisition/spinoff • Is aspun off business going to be a standalone entity or is it being acquired by another company? • Who will be responsible for issues (warranty/IP etc.) arising from products and services provided before the transaction closes?

  39. Managing Supplier Transitions cont’d • 4. Which contract(s) potentially apply after the transaction closes • Coverage for supplier, supplier affiliates, customer and customer affiliates • Consent/listing/acknowledgment requirements to add entities • Coverage for current portfolio of products and services provided by that supplier • Alignment to your (customer’s) current policies and business requirements

  40. Managing Supplier Transitions cont’d • 5. Steps to be Taken • Analyze impact on overall relationship (see prior slides) • Analyze impact on pending transactions: for example, confirm contracting entity • Identify and implement actions to provide contract coverage for supplier, supplier affiliates, customer and customer affiliates • Consent/listing/acknowledgment requirements to add entities • Managing assignments in partial spinoffs • Stock vs. asset transfers

  41. Managing Supplier Transitions cont’d • Update contract repository • Update entity designations • Consolidate or separate contracts and related records • Clearly identify currently operative contract(s) vs. legacy contracts • Provide legal support as needed to manage business changes • Contract obligation to provide EOL notice • Right to change products, pricing etc. • Termination and post-termination rights • Identify required contract changes to align with current products/services/business requirements

  42. Lessons Learned • Know the business and context in which you provide legal support: Both legal team and LPO must know the supplier base and actively follow business news about suppliers • Be proactive and consistent in analyzing and managing supplier transitions • Clear roles and responsibilities between legal team and LPO • Emphasize to legal team that “ownership” of a supplier relationship or contract includes ongoing lifecycle management • LPO can assist per established process and roles and responsibilities but is not independently responsible for managing the transition • Change management issues for both internal business clients and legal team relating to “loss” of supplier responsibility

More Related