Have summaries of our latest blogs delivered to your inbox, so you can stay up to date on the topics and current events that matter to your business.
What’s your strategy for uncovering intelligence that can give you an edge in the market? We’ve all experienced the transformative power of data and algorithms when using Google, streaming...
In 2021, a McKinsey survey revealed that 80% of organizations were prioritizing new business building to better adapt to disruption and shifts in demand. Market intelligence metrics play a crucial role...
For businesses in the nonprofit industry that rely on donor funding, one of the biggest hurdles can be finding donors in the first place. While your institution may have a set group of reliable givers...
Distinguishing between brand identity and corporate identity can be challenging, as the average retail consumer may not be aware of (or interested in) the corporate ownership of products they use every...
Recent years have shed light on the criticality (and fragility) of the global supply chain , due to the pandemic, geopolitical tensions, and economic repercussions of inflation, to name a few. Maintaining...
Only have a minute? Watch this quick video for a summary of the key points of the article.
Third parties help companies to deliver their products and services, but they also expose them to regulatory, financial, strategic, and reputational risks.
In this blog, we look at five key third party risks facing your company. Then, we explain how companies can mitigate them by investing in the right data and technology to support an effective compliance operation.
Perhaps the most obvious risk to your company is that global regulators have introduced new and more stringent requirements to manage third party risks. This takes two main forms: firstly, legislation that specifies how to manage bribery, corruption, and financial crime risk. This includes regulations designed to incentivize good practice in compliance. For example, the US Corporate Enforcement Policy was updated in 2023 to offer more lenient sentences to companies that voluntarily disclose evidence of wrongdoing and subsequently improve their compliance procedures.
Secondly, the dominant legislative trend of last three years has been to mandate companies to monitor third parties for Environmental, Social and Governance (ESG) risks such as human rights violations or environmental damages. The latest such regulation to come into force (in January 2023) was Germany’s Supply Chain Due Diligence Act. A poll on the law’s impact by the Institute of the German Economy found that 18% of companies planned to change their sourcing practices so they only use third parties in countries with high standards on human rights and environment practices.
These twin trends require companies to carry out thorough due diligence on third parties and suppliers before and during the business relationship to ensure they are compliant with regulations. This screening should cover ESG factors as well as bribery and corruption risks.
MORE: Nine steps for better third party anti-bribery and corruption due diligence
These new laws have led to global regulators becoming more willing and able to take action against alleged compliance breaches by companies. Third parties are frequently cited in these cases. For example, a chemicals firm was fined $218 million by US regulators in September 2023 over its alleged use of third parties to bribe government officials in Vietnam, Indonesia, and India.
There is growing evidence that, even if a company has not broken the law, the business will still suffer if it fails to exercise due concern for ESG factors. Significantly, younger people tend to be particularly concerned about ESG, so companies should ensure their third parties have a positive ESG record–or risk losing the next generation of customers, investors, and employees. A survey by Harris Poll in summer 2023 found that young people expect to see “meaningful evidence of business ethics” by a company, and only 6% considered statements from the CEO to count as meaningful evidence.
It has become clear that companies can thrive if they demonstrate a transparent and positive ESG record in their activities and those of their third parties. A paper in the Harvard Business Review in 2023 found that many companies have recognised this shift by carrying out a “rapid and dramatic transformation” of the role of the Chief Sustainability Officer (CSO). Until recently, the role typically focused on communicating about their firm’s corporate social responsibility activities. Now, many CSOs sit on a company’s board and are charged with integrating ESG into the business’ core strategy.
MORE: Why ESG risk should be at the top of your due diligence agenda
Unforeseen events in recent years–such as the COVID-19 pandemic, the conflict in Ukraine and the blockage of the Suez Canal–have wreaked havoc on supply chains. Meanwhile, rising inflation and energy prices and a cost-of-living crisis have dampened consumer spending and raised the risk that third parties and suppliers go out of business. It is therefore unsurprising that BDO’s recent poll of 500 medium-sized businesses found supply chain disruption was their primary concern heading into winter 2023.
Carrying out effective due diligence on third parties and suppliers can help to establish whether your third parties are in jurisdictions with a likelihood of conflict, human rights violations, bribery and corruption, or extreme weather. Understanding third parties’ financial health can also predict how resilient they would be to economic shocks.
The four risks above show how important it is that firms prioritize the development of an effective compliance and due diligence operation which gives them an unvarnished view of the activities of their third parties.
Yet recent evidence suggests companies are not always making the necessary investments, and in fact some are reducing their compliance budgets. A 2023 survey by Compliance Week and Morgan Lewis found that 29% of respondents said their investment in anti-bribery and corruption was below average, while 37% said their investment in technology to combat this risk was below average.
MORE: Seven ways companies can respond to global financial crime regulations
Technological solutions can help firms to make their compliance processes more efficient and effective. In the past, compliance officers had to manually search through thousands of sources for references to current and prospective third parties. Moreover, regulators now expect companies to carry out ongoing monitoring, which would mean staff constantly repeating these manual searches.
Instead, platforms like LexisNexis bring together a vast range of data sources in one place. Companies can upload a spreadsheet of all their third parties and the platform will surface the relevant mentions across the data. A risk score for a third party will then be provided, and automatically updated when new information comes to light in future.
Companies should respond to these five risks by upgrading their approach to due diligence and compliance. This involves screening third parties and customers against a very broad range of reliable and authoritative data sources, including:
Looking for more tips on how to implement an effective due diligence operation to help identify and manage third party risks? Our new e-book identifies the ten main trends companies need to understand and respond to. Download it for free today.