What is FCPA third-party vetting — and when do you actually need it?
A short, jargon-free guide to FCPA third-party vetting: when the Foreign Corrupt Practices Act applies to your brokers / agents / consultants, what the 16 red flags actually look like, and the difference between a one-off compliance check and a monitored program.
The Foreign Corrupt Practices Act of 1977 makes it illegal for US-issuers and any company touching US soil to bribe a foreign official. The catch — and the part that bites most compliance teams — is that "you" includes anyone you hire as a third party. If your local broker in São Paulo greases a customs official without ever telling you, the DOJ can come after your company.
When the FCPA applies to you
- You are a US-listed issuer, or your stock has any ADR exposure.
- You touch US banking, ports, or domiciled subsidiaries.
- You are buying from / partnering with / paying anyone who in turn deals with foreign government officials.
- You operate in higher-risk jurisdictions (you are not exempt from FCPA there — quite the opposite).
The 16 red flags we screen for
DueVestor Type D — Third-Party Vetting bakes the canonical 16-item FCPA red-flag taxonomy into every report. Four of them (a PEP UBO, prior FCPA enforcement, refused anti-bribery clause, World Bank debarment) force a DENIED verdict regardless of the composite risk score. The other twelve are weighted into a 0–100 score that drives a CLEAR / PROCEED_WITH_NOTES / DENIED recommendation.
One-off check vs continuous monitoring
Onboarding is step one. Two months later your "clean" broker might land on a sanctions list or get named in an ICIJ leak. DueVestor monitoring subscribes a subject for 50 credits per 30-day cycle and pushes high-severity delta alerts to Telegram the moment the world changes.
Start with a Type D report on your highest-risk intermediary; subscribe the survivors to monitoring; sleep better.