Home – 3 reasons to add ongoing monitoring to address third-party risk

3 reasons to add ongoing monitoring to address third-party risk

Posted on 09-20-2019 by Lisa Thompson

 How confident are you that a supplier you vetted two years ago hasn’t seen a change in financial stability that might lead to supply chain disruption?  Or that a reseller isn’t putting you in danger of an FCPA violation? Or that a disgruntled customer’s online tweet hasn’t been picked up by mainstream media and turned into a reputational nightmare?

The days when a company could protect against financial, regulatory, strategic and reputational risk with a one-and-done process are long over. The global nature of business, the speed of communication and reliance on extensive third-party networks means that companies need a more proactive approach to risk management—and for many, ongoing risk monitoring is the answer.

What’s Third-Party Monitoring Got to Do with It?

Recently, we partnered with RIMS to talk about how a risk management workflow can be enhanced by continuous monitoring. It starts with understanding the influence that third parties have on your organization. We’re not talking about employees—the people inside the four walls of a business. Yes, they can expose an organization to risk, but most companies set clear ethical and compliance standards to manage internal workforces. Instead, we’re using the ISO definition of third parties which classifies them as persons or entities that are independent of the organization.

  • Customers
  • Vendors and Suppliers
  • Shipping Companies
  • Business Partners
  • Sales Agents
  • M&A Targets

So, what are the three reasons you need ongoing monitoring of third parties?

Regulatory landscape is broad and complex.

Some industries are more alert to the potential risks posed by third parties. Banks and other financial services organizations, for example, must address Know Your Customer requirements to meet anti-money laundering and terrorist financing laws. Likewise, companies in the extractives industry are well-acquainted with the need for the third parties they rely on to adhere to a variety of regulations—from sanctions or anti-bribery and corruption compliance to environmental standards.

However, you need only look at recent FCPA enforcement actions to see that regulatory risk has become more prevalent across many industries and companies of varying sizes. And the same holds true for other types of risk. No business is immune in the digital age, where bad news can spread like wildfire.

The world has gotten smaller.

Another factor that should be considered is location—whether it's the location of the third party or where the location where a transaction will occur. High-speed travel and communications have empowered companies to expand into emerging markets and build out global supply chains. But operating across borders means companies need to stay alert to a variety of Political, Economic, Socio-Cultural, Technological, Legal and Environmental considerations.

The more you depend on third parties, the bigger your exposure.

Think about the money a company may spend with a third party. If an organization is highly-dependent on a third party—doing a large volume of purchasing from a vendor, for example—then the risk exposure is higher because the potential for disruption if the third party fails to deliver as promised due to financial instability or violates regulations while conducting business on your behalf.

Ready to learn even more about third-party risk? Check out the on-demand recording of the RIMS webinar for an informative look at the current risk landscape and how LexisNexis Entity Insight makes it easy to continuously monitor for threats that could impact your business.

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close