In this episode of Signals, Nick Mazing sits down with Parth Chanda from Lextegrity. They dive deep into data and its role in preventing corruption in global organizations. Experts estimate that 5% of an organization’s revenue is lost to fraud and corruption. Data, as they discuss, is a powerful tool to combat this.
The conversation then shifts to the Foreign Corrupt Practices Act (FCPA), a fundamental US law prohibiting transnational corruption. Its enforcement has far-reaching implications, affecting US-based companies and those interacting with US capital markets.
With his rich experience as a white-collar defense attorney, Parth Chanda brings unique insights into FCPA-related laws. His expertise adds depth to the discussion, making this episode a must-listen for anyone interested in data, corruption, and the law.
💡 Name: Parth Chanda
💡What he does: Founder and CEO
💡Noteworthy: Parth is a lawyer by training with 20 years of experience in compliance work, particularly related to the FCPA and anti-corruption. He has a rich background, starting as an intern at the World Bank, becoming a white-collar litigator, and later an in-house anti-corruption lawyer at large global companies. Now, he leads Lextegrity, a compliance data analytics and workflow platform that helps international organizations prevent and detect corruption and fraud.
💡 Where to find Parth: LinkedIn
Harnessing Data Analytics for Effective Compliance
Parth emphasizes data analytics to ensure effective compliance. He differentiates between traditional metrics and the insights that can be drawn from deep financial data. For example, organizations can prioritize high-risk transactions for review by risk-scoring every transactional line item in real time. Such an approach reduces false positives and provides a multi-dimensional view of every transaction. Notably, the components of the risk algorithm should be customizable to cater to each organization’s unique risks and historical patterns.
The Changing Landscape of Anti-Corruption Measures
The podcast highlights the evolution of anti-corruption measures over the past two decades. Parth Chanda points out that 20 years ago, organizations could deduct bribe payments on their taxes in many countries. Today, the focus on governance has increased significantly, and the traditional approach of process checks and balances, while necessary, is not sufficient. The challenge lies in identifying the small percentage of employees who may bypass the process or collude with vendors, making data analytics a crucial tool in modern compliance programs.
Data-Driven Compliance: The Future of Anti-Corruption Efforts
Parth predicts a more data-driven future for compliance. Traditional approaches may not provide sufficient comfort to leaders about the effectiveness of their compliance programs. However, data-driven strategies, which involve comprehensive testing of all transactions, can provide more objective comfort about the level of compliance or non-compliance in an organization. The shift towards data-driven compliance is good news for leaders, as it promises more effective anti-corruption efforts.
Parth Chanda: A Journey from White-Collar Defense Attorney to CEO of Lextegrity
The episode starts with Parth sharing his impressive professional journey and the experience he gained prior to opening a company.
“I’m the founder and CEO of Lextegrity. I am a lawyer by training, as you’ve mentioned. And I’ve been doing compliance work, particularly related to the FCPA and anti-corruption, for the past 20 years. I started as an intern at the World Bank in their internal investigations group, then became a white-collar litigator. I went in-house for about a decade to very large global companies, and now I’m the CEO of RegTech Legal Tech company, providing organizations with data analytics and workflow technology to prevent and detect corruption, fraud, sanctions, conflicts of interest, and other financial-related risks.”
The Impact of the Foreign Corrupt Practices Act
Host, Nick Mazing, introduces the Foreign Corrupt Practices Act (FCPA). As one of the most significant aspects, Nick discusses the law’s range of influence.
“FCPA stands for Foreign Corrupt Practices Act, which is the main US law which prohibits transnational corruption. And it’s important to know that the enforcement doesn’t affect just you as domicile companies, at least historically. Almost anybody that touches us capital markets such as a stock market listing in the US or the bonds are traded do in the US and in some cases, even using US domicile banks to facilitate those payments have been affected by FCPA enforcement.”
Understanding the High Stakes of Fraud and Corruption
Parth touches on the stakes of fraud and corruption. Despite his tenure in the field and experience that allows him to give an objective opinion, Parth supports the argument with available statistics.
“Experts estimate that approximately 5% of a typical organization’s revenue is lost to fraud and corruption. So there’s real dollars and cents involved here. And as you mentioned, layer on top of that, reputational hit brand equity, and all of the losses there are multiplied, the long-term effects on an organization.”
Unpacking the Common Risks Related to Corruption
Nick and Parth discuss the scenarios in which corruption commonly occurs.
“The clearest ones are sales, public tenders, where ultimately your sales team, your marketing team, et cetera, potentially could be trying to influence the decision maker, the ministry, the officials, or even at a private company, buyers and procurement, et cetera, to award that business to your organization, not based on your technical or commercial superiority, but on the basis of some sort of personal gain to that decision maker. And that can happen in all sorts of other arenas as well, beyond sales.”
[00:00:00] Parth Chanda: first off, maybe to take a big step back, I think it’s important to define kind of what’s at stake here. So I think. Experts estimate that approximately 5% of a typical organization’s revenue is lost to fraud and corruption. So there’s real dollars and cents involved here. And as you mentioned, layer on top of that, reputational hit brand equity, and all of the losses there are multiplied, the long-term effects on an organization.
[00:00:34] Nick Mazing: Hello and welcome. You listen to Signals by Officers, and I’m your host, Nick Mazing. Today we’re going to talk about using data to prevent and detect incidences of corruption for global organizations. Almost every month now it seems there is a new DOJ or SCC case in the United States alleging FCPA violations or outside of the us.
[00:00:56] we are alleging violations of similar laws such as the UK Bribery Act, or its equivalent in France and, and other geographies. So for our non-US viewers and listeners, FCPA stands for Foreign Corrupt Practices Act, which is the main US law, which prohibits transnational corruption. And it’s important to know that the enforcement doesn’t affect just you as domicile companies, at least historically, almost anybody that.
[00:01:25] Touches us capital markets such as a stock market listing in the US or the bonds are traded do in the US and in some cases, even using US domicile banks to facilitate those payments have been affected by FCPA enforcement and obviously it’s a very big issue for corporations in some of the fines are.
[00:01:45] Very eye-popping. There was a $650 million, north Korean sanction violation that came out in the last couple of weeks. investigation costs have been also very high and that they can drag on for years and from. An investor perspective when there is a situations like this, it really affects the, security around, let’s say a long-term mining concession, which could be a 20 year contract in some geography, somewhere that where there may have been corruption involved.
[00:02:15] Our guest today, Parth Chanda has many years of executive experience with FCPN related laws. First as a white collar defense attorney, and then as an in-house anti-corruption lawyer at large global companies such as Pfizer and A One Cosmetics. Parth is currently the founder and CEO of Lextegrity, which is a compliance data analytics and workflow platform, which helps global organizations of all sizes implement advanced technology and prevent and detect corruption and fraud, sanction violations, and other counterparty related spending risk. Parth,
[00:02:55] welcome. And can you tell us a little bit more about you and about Lextegrity?
[00:02:59] Parth Chanda: Great. Thank you so much Nick for that introduction. thank you for having me on the podcast. as you mentioned, I’m the founder and CEO of Lextegrity. I am a lawyer by training, as you’ve mentioned. and I’ve been doing compliance work, particularly related to the FCPA and anti-corruption for the past 20 years.
[00:03:14] And I actually started as an intern at the World Bank in their internal investigations group, then became a white collar litigator. Went in-house for about a decade, to very large global companies, and now I’m the CEO of RegTech Legal Tech company, providing organizations with data analytics and workflow technology to prevent and detect corruption, fraud, sanctions, conflicts of interest, and other financial related risks.
[00:03:37] Since 2017, when we were founded about six years ago, we’ve helped many global organizations, US, Brazilian, European, including a dozen companies who’ve called us after being in front of enforcement agencies, whether the DOJ, SCC, and I believe in five other countries, facing corruption related matters, investigations, settlements.
[00:03:57] So, you know, we’ve had a real front row seat. Um, well I’ve had a front row seat my entire career, but since founding Lextegrity of front row seat into implementing best-in-class solutions for companies that are battle tested in front of enforcers. So really excited to talk to you today about that.
[00:04:13] Nick Mazing: Now, let’s start with a very basic question. For any global organization, what are some of the common ways that, there are risks? Related to corruptions that are rising now everybody knows, you know, you wanna sell to, the military of country A, you have to hire the cousin of the Prime Minister as a consultant or something like that.
[00:04:32] So can you walk us through that?
[00:04:33] Parth Chanda: Yeah, no, definitely. So yeah, first off, maybe to take a big step back, I think it’s important to define kind of what’s at stake here. So I think. Experts estimate that approximately 5% of a typical organization’s revenue is lost to fraud and corruption. So there’s real dollars and cents involved here. And as you mentioned, layer on top of that, reputational hit brand equity, and all of the losses there are multiplied, the long-term effects on an organization.
[00:04:59] But really what is corruption and how does it manifest itself? It’s really varied, but at its core, corruption is really, Defined as the abuse of entrusted power for private gain. And so in the corporate context, that typically means some sort of decision maker or power holder on the one side of the coin, you know, whether it’s the government or a private company who’s making a buying decision.
[00:05:20] And on the other side of the coin is the giver who’s providing something of value. To improperly influence that decision maker for purposes of that private gain, whether directly or importantly, indirectly. So how does that actually happen? So for global organizations, there’s really. All sorts of, context in which this could arise.
[00:05:38] I think some of the clearest ones are sales public tenders, where ultimately your sales team, your marketing team, et cetera, potentially could be trying to influence the decision maker, the ministry, the officials, or even at a private company, buyers and procurement, et cetera, to award that business.
[00:05:56] To your organization, not based on your technical or commercial superiority, but on the basis of some sort of personal gain to that decision maker. And that can happen in all sorts of other arenas as well, beyond sales. So if you think about licensing, permitting, marketing authorization, you know your organization, even having access to a market or the license to sell your products.
[00:06:19] That’s a big decision that a government could hold over your organization. So, you know, you may make some sort of benefit or payment, possible for an individual to, to have that decision be made in your favor. Beyond that kind of day-to-day operational risks around customs, logistics. So if you’re a company that works with product has to move equipment and things like that where you have to clear customs, and, and handle logistics through, some pretty.
[00:06:46] Difficult environments. there may be demands for payments to be made there as well. And then kind of in the more, you know, fringe side, where, you know, these things could pop up or things like legal proceedings, patent issuances, you know, the list goes on and on. You could find a way for, a decision maker to have some influence over your business, and you can find a waySBF make that corrupt.
[00:07:07] I mean, even taking. SBS and, you know, all of the problems that, at FTX you know, the DOJ is now alleging that, SBF authorized the 40 million bribe to a Chinese government official to unfreeze a crypto account in ChiSo you could just see see all the different ways that this could come up. and then maybe beyond that, uh, if you could just talk for a few minutes about how, so, you know, those are the goals, but how do these things happen?
[00:07:31] They can happen from the most simple things like cash. Gifts, gift cards, lavish meals, lavish travel that you give to a government official to, as you mentioned, more complex things like hiring a sham vendor who’s owned or related to a government official inflating expenses to an otherwise legitimate vendor where you’re paying them 20% over what fair market value, and then they’re kicking back 10% of that to, to a government official inflating a margin to your distributor or sales partner.
[00:08:01] again, you’re them at an. 20% discountdiscount on your list price and they’re kicking back 10% of that, to the government official to much more. complex things like ownership stakes in businesses, joint ventures, donations to charities, favored by the government, et cetera. So all sorts of different ways.
[00:08:18] And then you layer on top of that complexities by industry and geography, and it gets even more complex. So a life sciences company, pharma company, med device company might have very different exposure than a consumer products company in a country and even within a country. Two companies in the same industry might have a very different risk profile because one is selling directly and one is selling through a distributor.
[00:08:41] So, you know, my, my final point would be all of these different vectors of risk exposure. and different ways in which you can generate proceeds out of an organization, make the life of a compliance officer very difficult. And when you take highly regulated industries like pharma, extractive industries, mining, et cetera, as you mentioned, it is a huge challenge.
[00:09:03] I mean, you are dealing with, you know, potentially sales reps, dealing with government officials. Government doctors, multiple times a day, thousands, tens of thousands of them around the globe in very difficult jurisdictions. How do you ensure that every single one of those interactions are above board and don’t raise risks?
[00:09:21] It’s, it’s a huge challenge, and that’s one I’ve kind of devoted my life to trying to help organizations solve.
[00:09:27] Nick Mazing: So traditionally, What has been the approach now you’ve been literally sitting in New York at the headquarters and you were in charge of actually making sure that stuff like this actually doesn’t go on, and what are the more modern approaches?
[00:09:44] Parth Chanda: Yeah, we’ve really seen an evolution of this. You know, 20 years ago you could deduct bribe payments on your taxes as an organization in many countries, you know, so there’s been a real sea change in the last 20 years and, you know, particularly with, you know, E S G and all sorts of other, focus on governance is becoming more and more, important, but really ultimately, To pay a bribe or something of benefit, you have to generate some sort of money or benefit out of the company.
[00:10:08] So something has to flow out of the company. And so, you know, the traditional approach to this has been. You know, process checks and balances, a lot of controls. You know, are you doing, are you implementing due diligence and approvals on your third parties to make sure that they’re not sham third parties, that they’re actually legitimate, you know, looking at,Politically exposed persons data on top of that to make sure that they’re not owned.
[00:10:32] These, third parties are not owned or related to government officials, you know, having approvals for your gifts and charitable donations, et cetera. So that, all of those things, I think, have established themselves is kind of the bare minimum table stakes. You know, they’re, they’re still gonna be in place.
[00:10:46] they’re important, but they’re not, they’re necessary but not sufficient to really prevent these types of things fundamentally. Because, you know, from my experience, The people using these tools and using them correctly are the 99% of your employees who are trying to do the right thing. And so you’ve layered all this bureaucracy on them.
[00:11:03] you know the 1% or whatever number that is for your organization that may not be doing the right thing purposefully or not. They may be skipping the process, bypassing it in some way, lying, colluding with the vendors to lie in this process. And so, you know, how do you really find those needles in the haystack, where your process is probably not gonna be enough?
[00:11:24] And so the traditional approach to that has very much focused on whistleblowers. so, first whistleblowers. So we’re gonna, you know, hope. That people report wrongdoing when they see it. And then we’re also going to monitor and audit on a sample basis. We’re gonna look at, we’re gonna go to markets, we’re gonna visit, we’re gonna pick transactions.
[00:11:44] So maybe we’ll go to China every year, but we’ll go to Romania every three years. We’ll take a small sample of third party invoices and. Test them and see if we find any issues with them, check the contracts, talk to people. and then, you know, again, wait for a hotline report to come in. And again, the research shows that typically hotline reports come in 18 months or so after, behavior has begun if they come in at all.
[00:12:08] So, That traditional approach, sample-based monitoring, whistleblower, reliance on whistleblowers. Also quite limited in terms of, of,coverage as well as the exhaustive of, of the detection. So, you know, a modern approach really relies more on. bringing in more data into that process. So when you’re approving a gift, can you see data around that besides what the piece of paper you have in front of you or the workflow form you have in front of you?
[00:12:35] Can you see how much this person has given government officials outside of this one request? Can you link those approvals into your purchase requisition process it even a tighter control? and then can you monitor? More than on a, more frequently than on a sample basis, really using more advanced data analytics to monitor and risk score your transactions.
[00:12:58] You know, ideally a hundred percent of your transactions. So you know, ultimately what that gives you is, is just a constant temperature check on your risk in real time. So not sample based, looking at everything real time and ultimately catching any non-compliance that happens. Any fraud. Corruption or suspicious payments that happen, catching them in real time.
[00:13:20] and, and fixing the problem before it becomes broader. And, and, you know, the last point I make is last year in particular, the US Department of Justice has really doubled down on this. They, they’ve made it very clear in their statements, public statements, that they expect companies to be immediately, I mean, they’ve used that word immediately.
[00:13:39] Detecting issues and fixing them so they don’t happen again. So one instance of non-compliance, not months of instances of non-compliance. And the only way to meet that standard, you know, in my opinion, is to use these types of realtime analytics and really think the U S D OJ in particular and, and more, more countries will start following that lead put in a stake in the ground that this is the new kind of table stakes for organizations to, that every company has to have these types of advanced, data analytics.
[00:14:09] Nick Mazing: Can you dive in further on your use of data analytics in the space? So because data analytics can mean a lot of things. And what does good mean to you in terms of using analytics to proactively fight corruption?
[00:14:22] Parth Chanda: Yeah, no, that’s, I love that point. cuz data analytics is, is, is such a nebulous term and it’s just thrown around in such a generic way. So I think, you know, it’s really important to kind of drill down one level further. So in this anti-corruption space, anti-fraud space, you know what data analytics is not, is kind of visualizing.
[00:14:40] The traditional data that you have, so, you know, visualizing your process data. So how many metrics do you have on third parties that are actually approved versus rejected? You know, or visualizing your actual spend data. You know, how, you know who’s spending the most money in China, who’s spending the most money in Romania, by role, et cetera.
[00:14:59] Those in my mind are metrics. and you could even say the same thing about hotline reports. You know, how many whistleblower reports have we gotten? How many are substantiated and found to be true issues or not? You know, those things are metrics. It’s very hard to necessarily draw insights from that.
[00:15:15] Now, whistleblower data, you could draw an insight that your compliance program is not effective. You know, if you have a lot of whistleblower complaints and they’re all being substantiated as fraud corruption. You could say my program is not effective. I know that for a fact. But can you say, based on those kind of traditional quote unquote analytics or metrics?
[00:15:34] more. More, specifically, can you say your program is actually effective? I don’t think so. So instead, no. At Lextegrity, we kind of, we focus on taking. Deep financial data, rich, you know, large financial data sets from, you know, systems e r P systems, like S A P and Oracle,expense systems like Concur, transparency Systems for life sciences companies.
[00:15:56] We take that data, we connect that data real time, via adapters or APIs. And then once we have that data, We do a lot of data validation because there’s, there’s often gaps in the data. data needs to be mapped, et cetera, to allow you to reach those insights.
[00:16:11] But then ultimately what we do is we risk score, Every single transactional line item on a real time basis. So every, payment, and we capture it from purchase requisition PO to invoice to payment, that’s one transaction as a whole. We, risk score that, or risk score every single line item in an expense report.
[00:16:30] Using a mix of behavioral, statistical policy-based, data analytics, and we layer those analytics on top of one another. So you’re getting an aggregated view and your highest risk,transactions are gonna be flagged at the top of your list. So you take a vendor payment, you know, you might have an offshore bank implicated.
[00:16:50] The payment itself might be expedited. It was paid in, two days after the invoice came in, as opposed to net 60 days. It’s also, there’s,potential duplicate payment made, and then you have a potential conflict of interest on this payment as well because the vendor’s address or, phone number matches,an employee’s address or phone number.
[00:17:08] So it’s layering on those multiple key risk indicators that one, reduces the number of false positives that you’re chasing, but then gives you an aggregated, kind of multi-dimensional view of every transaction and lifts to the top of your to-do list for your humans, to review those highest risk transactions.
[00:17:25] But importantly, all of that. components of that risk algorithm should be fully customizable because as I mentioned, every company, even within the same industry, will have different risks, different historical patterns, different investigations, et cetera. And then ideally, having some sort of no code platform to continually configure those risk algorithms without having to go to SQL or have any specialized experience will be important cuz a compliance officer is usually a lawyer or an accountant.
[00:17:54] Not an engineer. Very hard to find, engineers. And so if a lawyer can configure these things, when they get a new investigation that pops up related to, you know, offshore bank payments to Cyprus, that are manual, they can put that into their, analytics engine and then ultimately, Because we, many of us still are lawyers.
[00:18:13] You need to document, document, document everything. So, you know, having a tool that also allows you to do follow up remediation and document that all in one place, ultimately what that all gets you is, A much more real time. Again, comprehensive testing of a hundred percent of your transactions that can tell you that your program is actually effective.
[00:18:35] Cuz again, you’re testing holistically, you’re, you’re not just testing your sales agents and your, you know, high spenders, you’re testing your low spenders. You’re testing your caterer, you’re testing everything to, to ensure that there’s no gaps in your coverage. And so, you know, ultimately for your listeners out there who are compliance officers, some of this will be,pretty well-trodden ground cause there’s a lot of talk about this, but, you know, if you have listeners who are in upper management of an organization or in the board, and their organizations have invested millions into compliance programs, There often can be pretty uncertain ROI on those investments.
[00:19:11] Like do we, at the end of the day, in my heart of hearts, as a board member or a C-suite member, do I and my heart of hearts really have comfort that my compliance program is actually effective, given how much money we’ve put into, into the program. And I think the reality for many of those leaders is not really because of, again, the limitations of these traditional approaches.
[00:19:31] So, you know, I think the future is much more data driven, which is good news for for leaders. And then ultimately, I think these types of approaches based more around data and stronger processes will give leaders more objective comfort on the level of true compliance or non-compliance in their organization.
[00:19:52] Nick Mazing: Thank you for joining us today.
[00:19:54] Parth Chanda: Thank you so much, Nick. It was a pleasure.
[00:19:56] Nick Mazing: Today we spoke with Parth Chanda, founder and CEO of Lextegrity about using modern data analytics for FCPA and anti-corruption compliance. This was another episode of Signals by AlphaSense. My name is Nick Mazing, and you can find us on all the major platforms. Thank you for watching or listening.