A new paper from Refinitiv unpacks the growing threat of third-party risk, outlines the full spectrum of the multi-faceted challenges organisations face, and delivers some best practice advice on developing an effective response to compliance obligations.
- With new risks emerging and existing risks and enforcements intensifying, the need for robust third-party risk management has never been stronger.
- Effective third-party risk management and compliance require a cross-functional response that involves a range of different steps.
- Companies have an opportunity to develop a holistic response to regulatory obligations and turn their compliance into a competitive advantage.
For more data-driven insights in your Inbox, subscribe to the Refinitiv Perspectives weekly newsletter.
Third-party risk is growing
Our paper delves into the issue of growing third-party risk, specifically highlighting that regulatory and reputational risks continue to increase across all sectors.
Given this, the need for robust third-party risk management has never been stronger. However, rather than viewing third-party risk compliance as a straight cost, organisations should seek to optimise their processes and turn these obligations into a competitive advantage.
The starting point is trusted data, underpinned by the right technology – a powerful combination that can help compliance teams foster better business relationships, reduce the risk of supply chain disruption in times of crisis, and remain on the right side of an evolving regulatory curve.
Those organisations that succeed in developing holistic, well designed third-party compliance frameworks – especially those that speak to environmental, social and governance (ESG) issues – will be best placed to leverage their compliance intelligence and reap rewards.
Our paper stresses that compliance is not a cost for these companies, but a much-needed competitive superpower.
Understanding the full spectrum of risk
Organisations today face a range of third-party related risks. Not only are new risks emerging, but existing risk and enforcement are intensifying.
Some notable emerging risks discussed include:
- Public pressure – public sentiment around ESG issues within the supply chains has been intensifying for several decades. With social media becoming ever-more powerful, adverse sentiment can and does go viral very fast.
- Investor pressure – investors are increasingly interested in companies’ ESG ratings.
- Online activity – the hyper-digitalisation spurred on by the Covid-19 pandemic has led to a substantial increase in online risk, extending to cyber security risks, identity theft, online fraud and more.
- Regulatory change – regulations surrounding third parties continue to evolve, with a pertinent example being the UK Modern Slavery Act of 2015, which requires compliance teams to understand if their third parties use slave labour in any part of their manufacturing networks. Moreover, Germany is focusing on a new Supply Chain Act and the European Commission and European Parliament are exploring supply chain regulation.
In addition to this range of emerging risks, companies must also not rest on their laurels when addressing the long-standing regulatory risk of broad-based corruption, which continues to intensify.
The importance of holistic compliance
Given the expansive nature of third-party risk, viewing compliance simply as a cost or box-ticking exercise is counter-intuitive. Rather companies have an opportunity to develop a holistic response to regulatory obligations and turn their compliance into a competitive advantage.
As risk continues to evolve, successful organisations will need to develop systems and processes that are rigorous, flexible and based on trusted, complete data.
Effective compliance requires a cross-functional response that involves a range of different steps, including gathering information, screening for potential risk and undertaking adequate due diligence if screening highlights potentially heightened risk.
Moreover, truly effective compliance can no longer be undertaken through manual processes alone. While invaluable human intelligence should never be removed from the equation, successful compliance requires a firm foundation in leading-edge technology that leverages artificial intelligence (AI), automation, machine learning and more. These tools speed up processes and cut through growing complexity.
Watch: Creating a 360-degree view of third-party risk
Tangible help when you need it
Refinitiv helps our customers across the entire third-party relationship lifecycle.
Our industry-leading global database World-Check Risk Intelligence delivers unsurpassed depth and breadth of data to enable efficient screening to pinpoint potential risk.
Where heightened risk is suspected, our due diligence reports deliver tangible insights that optimise decision making. Our in-house analyst team is supported by a global network of trusted professionals and creates detailed reports covering the full spectrum of risk, including ESG, cybercrime, operational and quality, identity and financial risk.
All of the above is underpinned by leading-edge technology. Our proprietary workflow Refinitiv Due Diligence Centre (RDDC) is an industry-leading platform that centralises third-party risk management across the lifecycle of the relationship.
“Our third-party risk management toolkit delivers a powerful combination of data, technology and trusted human expertise, with hundreds of specialist researchers and analysts across the globe providing top-quality insights and local knowledge.”
– Refinitiv paper: How an effective third-party risk strategy can be key to survival in uncertain times
We can offer further help and support via our third-party onboarding programmes and managed screening services. These solutions allow you to outsource your needs to our teams.
As a trusted partner with substantial global experience, underpinned by industry-leading data and advanced technology, Refinitiv continues to innovate, offering tangible help that can transform compliance from a straight cost to a valuable competitive advantage.