Breathing life into even a comprehensive compliance manual is a challenge for most companies.  How can a company ensure that its program is proactive and dynamic, and that it is working at every level of the company?  How can the company ensure that third parties are being vetted at every stage of the process?  A recent webinar featuring H. David Kotz, Director at Berkeley Research Group and former Inspector General of the SEC, and Paul Zikmund, Director of Global Ethics and Compliance at Bunge Limited, tackled these and other hard questions head on, incorporating their long and relevant experience, as well as lessons from the recently-issued FCPA Guidance.  This article, the second in a two-part series, discusses the panelists’ advice regarding the best path forward after a risk score is assigned to a third party, including details about a “boots-on-the-ground” approach to due diligence; ways to monitor third parties on an ongoing basis; compliance advice for smaller companies; and how to incentivize employees to report complaints internally before going to the government.  The first article in the series discussed how the hypotheticals in the Guidance provide insight into the government’s enforcement strategy and what the “flavor of the month” FCPA cases are; six ways to ensure an FCPA compliance program is best-in-class; and integral steps to take when conducting risk assessments of third parties.  See “Six Steps for Converting a ‘Paper’ FCPA Compliance Program into a Pervasive Culture of Anti-Bribery Compliance (Part One of Two)” (Feb. 20, 2013).