News & Insights

Current Third-party Risk Management Trends and Pitfalls

2020 exposed businesses to many weaknesses, but in particular all eyes were on supply chains. The recent Suez Canal blockage was a vivid reminder to businesses that building a resilient but agile supply chain is vital to continue to meet customer expectations. A recent McKinsey survey highlighted that, as an average across industries, businesses can now expect supply chain disruptions lasting a month or more to occur every 3.7 years. In a post-COVID world, organizations must prepare for further disruptions well into 2021 — whether that relates to environmental disasters, geopolitical conflicts, or resource shortages – causing interruptions of supplies and services. 

Re-evaluating suppliers, logistics partners and third-party risk management ensures businesses have the structures in place to respond and react to potential changes in their supply chains while maintaining robust levels of compliance. We take a look at the key third party risk management trends your business needs to be aware of to build a more resilient supply chain.

1. Multisourcing – Opportunity And Risk

Sixty percent of organizations work with over a thousand third parties, so it’s no wonder that working with a sole supplier was a favored approach, bringing many cost-saving and logistical benefits. But the nature of the pandemic and recent natural disasters has exposed the inherent risk of relying on this approach. Multisourcing mitigates this risk by removing the reliance on single producers, diversifying the third-party network through multiple locations or agents.

Unfortunately, multi-sourcing can also create compliance headaches, further expanding third party networks. Seventy-one percent of organizations report that their third party network already contains more vendors than it did three years ago. With the trend for multi-sourcing continuing, businesses must be prepared to mitigate this growing risk with comprehensive, and ongoing, screening of their third parties.

2. Managing A Shift From China

The expanding US/China trade war and the growing impetus toward localization and near-shoring has resulted in many businesses looking for alternatives to their Chinese supply chains. Political risk as well as rising labor costs in China have also accelerated the decoupling process.

Managing the reduction of China-based capabilities will require businesses to make evidence-based impact risk assessments. Through focused due diligence and investigations, firms can fully identify risks relating to local labor resources including strikes or other potential disruptions.

3. Compliance Roadblocks to Choosing an Alternative to China

Businesses have many viable options of supply chain alternatives to China. India is favored by many firms with its established and highly-skilled English-speaking workforce. Closer to home, Brazil, Mexico, and Canada offer firms significant opportunities – especially in light of the United States-Mexico-Canada Agreement – but a lack of productivity and embedded corrupt practices are areas of serious concern.

Southeast Asian countries, including Indonesia, Cambodia, Thailand, and Vietnam, also have great potential for many businesses. With a growing middle class, a well-educated population, and an expanding business sector, they offer a low-cost alternative to many Chinese manufacturers. Once again, corruption is endemic in many industries and can be difficult to avoid without robust third party supply chain screening and risk-based ongoing monitoring.

4. Building Sustainable Supply Chains

Environmental, social and governance (ESG) issues remain a top priority for business, as growing regulation pushes this to the top of the business agenda. Investors and stakeholders also expect businesses to ‘walk the talk’ when it comes to sustainability. Investigations of modern slavery, forced labor, human trafficking, working conditions, and pollution in the supply chain are among the issues compliance teams must now incorporate into their third party screening to meet these requirements, ensuring there are no compliance blind spots.

While this might feel overwhelming at the outset, taking the first step is often the hardest. From a compliance perspective, organizations should take a holistic approach to ESG strategy and third party risk management, looking for overlaps in processes and metrics.

5. FCPA Considerations In Third Party Risk Management

While the Biden administration continues to develop its priorities, one thing is looking increasingly likely: continued aggressive enforcement of the Foreign Corrupt Practices Act (FCPA). While fewer FCPA-related investigations were launched year over year between 2017 and 2020, many observers expect a reversal of that trend under the Biden administration. Moreover, the new US administration’s FCPA enforcement agenda may be magnified by new tools authorized by Congress, notably the Corporate Transparency Act (CTA). Businesses can expect continued scrutiny by the regulators, particularly in relation to third party risk management. Ensuring FCPA compliance programs reflect changes to the supply chain is critical particularly in relation to new jurisdictions or new types of third parties.

Third party supply chain screening must form the backbone of a successful compliance program that meets FCPA requirements. Checks on new employees and vendors will identify red flags such as political connections, allegations of corruption and sanctions exposure. Additional research of extended ownership structures will also throw up potentially damaging issues around third party beneficial ownership structures.

Staying Ahead Of Risk

An external review of the supply chain, diligence and regulation of the company’s program provides outside guidance and insights that can reinforce strengths and reveal areas that need improvement. A well thought out plan that can help the lines of production to continue to operate without interruption. This review can be done through the lens of FCPA, ESG and other current considerations. This can help to guide future initiatives and provide insights that can reinforce good practices.

IntegrityRisk has extensive experience helping businesses to manage third party screening around the world, meeting – and exceeding- regulatory standards. We position our clients ahead of risk so that no matter how global supply chains evolve, they always have the right information to hand to make better decisions.

Contact us today to discuss your third party risk management requirements and we’ll help your business build a more resilient supply chain, whatever the circumstances.