This year’s Kroll Fraud and Financial Crime Report found companies are growing increasingly concerned that third parties are driving a higher risk of financial crime. We read through the report to pull...
Millions of companies around the world have been impacted by regulations which mandate them to carry out ESG and human rights due diligence (HRDD in the last few years–or they soon will be. These regulations...
From Stricter Sanctions to Broken Supply Chains: What the Ukrainian War has Meant for Third Party Risk Management February 2024 will mark two years since the latest conflict in Ukraine began. As well...
Third parties help companies to deliver their products and services, but they also expose them to regulatory, financial, strategic and reputational risks. In the latest blog in our third party risk series...
Financial crimes such as bribery, corruption and money laundering are becoming more common and more complex. One of the most common reasons for a company becoming implicated in alleged financial crime...
February 2024 will mark two years since the latest conflict in Ukraine began. As well as its tragic impact on so many lives, the war has also brought new third party risks which companies need manage–or face supply chain interruptions or even enforcement action by regulators. In this blog, we look at the main risks for companies and suggest how they should respond.
Away from the battlefield, the conflict in Ukraine has also been fought with the imposition of economic sanctions targeting individuals and companies associated with Russia and Ukraine. Moreover, numerous other countries (like the US, UK and UAE) and supranational entities (such as the European Union) have levied sanctions aimed at encouraging the end of the conflict or cutting off military supplies.
The pace of change in sanctions regimes has increased the legal, financial and even reputational risks companies are exposed to. If a company is found to be doing business with a third party which has been sanctioned, the firm is likely to face enforcement action by a regulator and a heavy fine. Moreover, it could suffer reputational damage with negative newspaper articles connecting the firm to the conflict which has taken so many lives.
Companies doing business in Ukraine, Russia and these other countries must ensure they stay up to date with changes to sanctions lists. For example:
Both Russia and Ukraine are important links in global supply chains for products and services in sectors which constitute high volumes of global companies. Combined, Russia and Ukraine are the source of around 30% of global supplies of wheat, 35% of barley and 75% of sunflower oil, according to Accenture data. Major food and beverage companies have long-established links into both countries.
Ukraine is also a significant supplier of raw materials like neon and palladium which are used in the manufacture of semiconductors. Major retail companies in technology, automotives and medical devices rely on the supply of semiconductors to develop and power their products. The conflict has led to a shortage in the supply, which has affected many entities in these industries.
In fact, many of the world’s biggest companies have had to pause or cease the sale of certain products because their third parties can no longer deliver the materials required. The cost of these materials has also increased due to the reduced supply. Accountants at KPMG have warned that “if the war continues, companies should be prepared for more severe supply-chain impacts” and “companies are advised to review all their business continuity plans.”
Many companies are also involved in, or rely on, the flow of trade between Ukraine, Russia and other major countries. For example, billions of dollars in imports and exports are exchanged between these three countries every year. The conflict has placed these ties under threat, with devastating impacts on the many companies involved in this trade, which can hit their bottom line or even put them out of business.
The financial risks of these developments are obvious: companies can no longer sell their profitable products and services if a third party cannot deliver a critical part of that service. Companies also face significant strategic risks, because the C-Suite must allocate considerable time and resource to finding alternative options to a broken supply chain, rather than growing the business.
Aside from sanctions and supply chain risks, companies around the world have come under scrutiny for any connection to the conflict, or perceived association with military action. Large cohorts of their customers, investors and employees have taken to social media, the mainstream media and even direct action to criticize the company, call for change, or even boycott them and their products. This reflects the growing expectations from society at large that companies demonstrate high ethical and ESG standards.
In western countries in particular, we have seen companies come under pressure for not cutting ties with the Russian regime. For example, Accenture reported that within three months of the start of hostilities, over 1,000 global companies had announced full or partial withdrawal of business from Russia. While many firms that continue to do business in Russia and the wider region are having to carry out enhanced due diligence to ensure their third parties’ activities are not directly supporting military action.
The conflict in Ukraine has raised the third party risks which companies operating globally face. Firms therefore need to increase their efforts to manage these risks, with a specific focus on activities and sectors which relate to Ukraine and Russia.
There are a number of steps companies should take to mitigate these risks, including:
Overall, the best strategy for companies is to acquire the most accurate and trustworthy data, and use technology to sift through vast datasets to surface relevant third party risks. Data sources which can shed light on third party risks related to the conflict in Ukraine include:
Manually reviewing all these datasets for potential risks is an extremely labour-intensive task, if not impossible, given regulators’ expectations that companies carry out ongoing due diligence. Technology solutions can remove this burden from compliance teams by rapidly screening company names against large datasets; assessing the risk of third party; and producing reports which can be sent to management, or even regulators.
LexisNexis can help companies respond to the threats covered in this blog by upgrading their approach to due diligence and compliance. We bring together all these data sources and more in one place, and leverage technology to surface relevant mentions of third parties and devise a risk score based on that analysis. A third party’s risk profile will be updated automatically when new information comes to light, allowing you to stay ahead of rapidly emerging risks in this changing and unpredictable conflict.