Recent enforcement actions have highlighted the bribery risk inherent in retaining third parties in foreign countries. To adequately address such risks, companies need more than a compliance manual sitting on the shelf – they need a culture of compliance that pervades the organization. Drafting a thorough and customized compliance manual is the first step in this process. But how can companies bring a complete compliance program to life? A recent webinar tackled this hard question head on, incorporating the long and relevant experience of the webinar participants, as well as lessons from the recently-issued FCPA Guidance. This is the first article in a two-part series summarizing the key takeaways from the webinar. This article discusses: how the hypotheticals in the Guidance provide insight into the government’s enforcement strategy and what the “flavor of the month” FCPA cases are; six ways to ensure an FCPA compliance program is best-in-class; and integral steps to take when conducting risk assessments of third parties. The second article will address: steps to take after a risk score is assigned to a third party, including details about a “boots-on-the-ground” approach; ways to monitor third parties on an ongoing basis; compliance advice for smaller companies; and how to incentivize employees to report complaints internally before going to the government. See also “Five Themes for General Counsel to Monitor with Respect to Dodd-Frank Whistleblowers and the FCPA” (Oct. 3, 2012).