About Us |
Contact Us |
LexisNexis Business Solutions
Without question, companies’ global supply chains and third-party networks increase their risk exposure. Yet, according to a recently-released benchmark report, approximately one-third of organizations lack a cohesive risk mitigation process —relying instead on a manual process or traditional word processing and spreadsheet software. Due diligence and ongoing risk monitoring technology can help.
Benchmark report reveals risk management short-comings
The same third-party risk report assessed multiple factors to determine the maturity level of organizational ethics, compliance and third-party risk management programs:
The number of respondents determined to have advanced risk mitigation processes in place was astonishingly low at 17 percent. Another 41 percent were deemed to have ‘maturing’ programs in place—certainly an improvement over those with manual or fragmented processes.
But since 58 percent of respondents engage 100+ third parties and 29 percent engage more than 1,000, the shortage of advanced, technology-driven, risk mitigation programs leaves many organizations vulnerable to a laundry list of reputational, regulatory, financial and strategic risks posed by business partners, suppliers and other third-party agents acting on their behalf.
Michael Volkov, CEO of The Volkov Law Group, notes that “There’s a growing realization that third-party risk management should operate within an organization’s larger ethics and compliance program.” He further points out that in the event of a compliance failure, regulators do consider “good-faith efforts to manage third-party risk through use of available technologies” which can lead to significantly lower penalties or even declinations to prosecute.
Monitoring for third-party risk a growing priority
While more than half (53 percent) of the companies surveyed indicated monitoring third parties as a top concern, nearly as many (45 percent) cited a lack of internal resources as a barrier to effective risk management. And that’s where risk mitigation technology can make a huge difference. Automated risk assessments can accelerate on-boarding processes, freeing up internal resources to conduct enhanced due diligence as warranted.
Risk monitoring technology also conserves internal resources while offering an ongoing view of risk post-due diligence. This is particularly important since many compliance violations are uncovered AFTER due diligence is complete. Moreover, with growing ethical expectations from investors and consumers, companies that fail to spot emerging environmental, human rights or corporate governance issues that crop up in their supply chains and third-party networks can face serious reputational and financial repercussions.
Rather than allotting internal resources to hours of daily monitoring across a limited field of sources, technology enables proactive monitoring across thousands of sources in real time. A risk visualization dashboard then surfaces emerging threats, allowing risk management professionals to quickly assess each risk and determine the best approach to address them.
Where would your own risk mitigation program fall in the basic-to-advanced scale and what technology do you need to take it to the next level?
Next steps for improved risk mitigation