Are you establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business?
Discover how to demonstrate a resilient and defensible Third-Party Risk Management Compliance Program with “3PRM™” A “Third-Party Risk Management” Strategy.
It’s highly probable that, at some point, organisations that affiliate with outside providers will eventually have to deal with an operational interruption resulting from third-party related issues and inappropriate conduct. The risks involved in partnering with outsiders hasn’t changed over the centuries. It’s the potential liability that’s been ratcheted up several notches. International boarders have been ripped down. Technology has improved the way businesses communicate. Easy access to data and information enables the media to report on business news before a business can properly respond. And the markets are quick to form opinions based on a 24/7 on-demand news cycle.
The result of this increased liability is problematic. Business litigation has skyrocketed. Corporate reputations are constantly being assaulted. Business strategies are forever shifting. Board members are becoming increasingly subjected to intense scrutiny from outside critics and a highly educated market responds immediately with their pocketbooks.
CRI Group has a network of local subject specialist operatives across the Middle East, Europe, South American and Asian regions to extend a helping hand and offer enhanced integrity due diligence being preemptive measures against:
- Experiencing financial loss when a third-party provider failed.
- Losing customers because of poor-quality service from a third-party.
- Exposing breaches to data systems because of poor information security practices by a third-party.
- Experiencing supply chain issues due to poor disaster recovery procedures by the third-party.
- Being exposed to litigation because of relationships with an outside provider that significantly violated contractual terms, potentially resulting in regulatory exposure.
When Working with third-party providers, CRI Group designed a solution: “3PRM™” A “Third-Party Risk Management” Strategy. This proactive approach includes Integrity Due Diligence, Enhanced Due Diligence, Anti-Bribery and Anti-Corruption Compliance Solutions (incorporating ISO 37001 Anti-Bribery Management System accredited certification and training) to mitigating the risks involved with third-party affiliations to protect the organisation from liability, business interruption and brand damage.
Regulatory action is not a US or UK phenomenon alone but is increasingly becoming a global issue. Regulatory thinking around third-party risks in some other jurisdictions is highlighted below:
Singapore: The Monetary Authority of Singapore (MAS) has stated that it “is particularly interested in material outsourcing which, if disrupted, has the potential to significantly impact an institution’s business operations, reputation or profitability and which may have systemic implications.”
Australia: The Australian Prudential Regulatory Authority (APRA) aims to ensure that all outsourcing arrangements involving material business activities entered into by a regulated institution are subject to appropriate due diligence, approval, and ongoing monitoring.
Hong Kong: The Hong Kong Monetary Authority (HKMA) states that institutions “should not enter into, or continue, any outsourcing arrangements [that] may result in their internal control systems or business conduct being compromised or weakened after the activity has been outsourced.”
Source: Deloitte Report
December 2013: Over US$2.8 million for failing to have in place appropriate checks and controls to guard against the risk of bribery or corruption when making payments to overseas third-parties, breaching the FCA’s principle on management and control. Between 19th February 2009 and 9th May 2012, the organisation received almost $33 million in gross commission from business provided by overseas introducers and paid them over $18 million in return. Inadequate systems around these payments created an unacceptable risk that overseas introducers could use the payments made for corrupt purposes, including paying bribes to people connected with the insured clients and/or public officials.