Giving third party the third degree

Third parties offer opportunities to lower costs and enhance value in your supply chain, but how will you manage the increased risk?

Third-party suppliers present opportunities to lower costs, expand product lines and engage in new markets. However, they also present increased risk. Recent high-profile cases involving large corporations such as Microsoft, Walmart and Cognizant have resulted in costly settlements for actions taken by third parties, and these type of offenses can be devastating to mid-sized companies. After an “extreme reputation event,” companies have an 80 percent chance of losing at least 20 percent of its value.”[1]

That’s why mid-sized companies need to prioritize due diligence when onboarding third parties, but how can they do so with strapped resources and less time?

Completing the necessary due diligence

Organizations can no longer afford to rely upon surface-level procedures, such as basic Internet searches and data-base checks, for due diligence. These mainly return self-reported surveys, which are not always accurate.

Big data provides real solutions to this and other due diligence problems. New technologies, including automation, can help mid-markets companies complete due diligence, a one-time labor intensive task, in a matter of hours instead of weeks. Solutions such as KPMG’s risk-based Integrity Due Diligence can be applied before or after onboarding to identify and manage risk. This reporting provides enhanced forensic investigative capabilities that can include in-country fieldwork as well as information gathered from human and other sources. Augmented with subject matter expertise, our tech-based solution delivers assessments, which organizations can use in their risk management function.

Clients also have the option to customize the approach based on a specific third party’s profile. During a recent due diligence project with a global life sciences company, we focused on adherence to ethical standards and compliance policies, and assessed the background and reputation of potentially higher-risk third-party intermediaries. Using a cloud-based solution, we helped the company to complete local language and subject-specific reviews, and quality assurance.

“If you have a solution that’s more automated, you can execute multiple risk approaches and cover the entire portfolio in a timely way,” says Anu Sandhu, Head of Solution Management, KPMG US. “[Clients] can easily add them and go through the necessary due diligence—it’s far more streamlined, as opposed to starting from zero.”
[1]Chief Executive, Know Your Third Party Risk, September 12, 2019.

Enhanced results from better due diligence

Ultimately, due diligence delivers more than better risk management. With a detailed approach, organizations can also make more informed business decisions with insights they uncover during the process. This may lead to streamlined efforts, such as the consolidation of vendors, better pricing through new vendors, and increased communication across the business.

While third parties can provide growth opportunities to the business, they also present increased risk. Completing a thorough due diligence effort may require using resources outside your mid-market business, which may also benefit the business as a whole. Therefore, it’s time to stop relying upon inadequate due diligence and start delivering a quick and cost-effective solution to risk management. It may end up not only safeguarding your business but also delivering new value.

A version of this article was published previously in Chief Executive as “Know Your Third Party Risk.”